last executing test programs:

6m27.402855575s ago: executing program 3 (id=68):
r0 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000080)={'syztnl2\x00', &(0x7f00000002c0)={'sit0\x00', <r2=>0x0, 0x40, 0x80, 0x588, 0x6, {{0x35, 0x4, 0x1, 0x0, 0xd4, 0x65, 0x0, 0x0, 0x29, 0x0, @empty, @rand_addr=0x64010101, {[@lsrr={0x83, 0x17, 0xda, [@broadcast, @multicast1, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x2c}]}, @timestamp={0x44, 0x14, 0x77, 0x0, 0x0, [0x5, 0xffff, 0x831d, 0x10]}, @end, @ssrr={0x89, 0x1f, 0x56, [@multicast2, @dev={0xac, 0x14, 0x14, 0x23}, @dev={0xac, 0x14, 0x14, 0x3e}, @multicast1, @multicast2, @multicast1, @rand_addr=0x64010101]}, @cipso={0x86, 0x1c, 0x1, [{0x1, 0x5, "c6a6b2"}, {0x5, 0xa, "9b5bd4d0acb4fcb4"}, {0x2, 0x7, "51d9d44bad"}]}, @timestamp={0x44, 0x20, 0x2c, 0x0, 0x4, [0x1c00, 0x5, 0x200, 0x1ff, 0x1000, 0xd, 0x1313]}, @generic={0x86, 0x11, "91e7807c27d51da35cbe7a5b2ed238"}, @timestamp={0x44, 0x1c, 0x68, 0x0, 0x8, [0x7f, 0x1, 0x80000000, 0x3, 0x7, 0x6]}, @rr={0x7, 0xb, 0xd1, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010102]}]}}}}})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@getchain={0x64, 0x66, 0x400, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x10, 0xb}, {0xf, 0x1}, {0x1e, 0xffe0}}, [{0x8, 0xb, 0x1}, {0x8, 0xb, 0xe}, {0x8, 0xb, 0x1635}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0xfc3}, {0x8, 0xb, 0x5d}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0xfffffff3}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x444, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"])
timer_create(0x2, &(0x7f0000000180)={0x0, 0x4, 0x4, @tid=r0}, &(0x7f0000000140))
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)

6m25.7483225s ago: executing program 3 (id=74):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x10, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400000000000000", @ANYRES32=r2, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff050024"], 0x58}}, 0x0)

6m25.566983901s ago: executing program 3 (id=76):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000008340)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x21, 0x0, 0x128200}}, 0x50)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x1)
read$FUSE(r1, &(0x7f0000002140)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10, 0xffffffffffffffda, r3}, 0x10)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x2)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000010000000000000000000040711205000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000840)={r4, 0x0, 0x25, 0x2, @void}, 0x10)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
futex_waitv(&(0x7f0000001980)=[{0x2, &(0x7f00000018c0)=0x2, 0x82}, {0x0, &(0x7f0000001900), 0x2}, {0x2000, 0x0, 0x82}], 0x3, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee9, 0x8031, 0xffffffffffffffff, 0x0)
read(r0, 0x0, 0x0)
ioctl$KDMKTONE(r5, 0x4b30, 0x8000000000000001)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r8, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x24, r9, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', r10, 0x29, 0x87, 0x7, 0x90d7dbcc, 0xc, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x0, 0x2, 0x90000}})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x1800)

6m21.741965427s ago: executing program 3 (id=85):
socket$kcm(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f000801}, 0x0)
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x100, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r4, r4, &(0x7f0000000080), 0x7f03)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
dup2(r5, r0)
connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '$'}], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000440)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x3}}, {@default_permissions}]}})
read$FUSE(r6, &(0x7f0000009800)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000000240)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x3863116, 0x0, 0xfffe}}, 0x50)

6m20.26928063s ago: executing program 3 (id=91):
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x0, 0x403, 0x6, 0x5}], 0x10, 0x36, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}, 0x1, 0x300}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000a000100"], 0x2c}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1)
ioctl$TCXONC(0xffffffffffffffff, 0x89f1, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)

6m19.644727176s ago: executing program 3 (id=98):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x10, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/18, @ANYRES32=r2, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff050024"], 0x58}}, 0x0)

6m18.480127752s ago: executing program 32 (id=98):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x10, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/18, @ANYRES32=r2, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff050024"], 0x58}}, 0x0)

1m20.327152958s ago: executing program 0 (id=1180):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r1 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}, 0x3000000}], 0x2, 0x2004000)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x800, 0x2, "1212"}, 0xa)

1m20.185794398s ago: executing program 0 (id=1183):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f00000001c0)=0x7, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="48000000100001040000000000000f0000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008800800030001"], 0x48}}, 0x14)

1m18.447246745s ago: executing program 0 (id=1185):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x9, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "006e34e400"}, 0x28)
sendto$inet6(r1, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000980)=ANY=[], 0x210)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000040)={0x2, 'ipvlan1\x00', {}, 0x411b})

1m14.379955018s ago: executing program 0 (id=1194):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$igmp(0x2, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0xc2, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
keyctl$describe(0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip6_tables_matches\x00')
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
gettid()
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000500)={r0})
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0xfffffffffffffffe]}, 0x8, 0x0)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000200)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0xff, 0x8380, 0x1850, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xec, 0x0, 0x2, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x3, 0x1, 0x2, 0xb8, {0x9, 0x21, 0x400, 0x0, 0x1, {0x22, 0x8d9}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xcc, 0x9, 0xd}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x200, 0x81, 0xd, 0x4, 0x8, 0x4}, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="050f0fde011b1003020e0009010100bfc8181e18b030518bcbc6ac15f35f0706d6773b2c09165e98ae9ef648469031d28a0ef6007c92cc443624bf5bd6740edebe33d079c590f481ea8a4256367adb3786eb8cd840b1f056f7db8a620b213d5cda1c06bfec3ca5a90e362842fb93966edae76d7e020e5fccdf12dd1ac8a04491f3821552f978815b0a4a3e6ab47ccdb2dbe4b5388652d8"], 0x3, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x427}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x41f}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x4c0a}}]})
readv(r5, &(0x7f0000000000)=[{&(0x7f0000002480)=""/231, 0xe7}], 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x2f, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="60010000100013070000000000000000ac1e000100000000001414aa000000000000fffffffffffffffe00000000000002000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac1414bb0000000000000000000000000000000032000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000070001200726663343130362867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002001000040"], 0x160}}, 0x0)

1m10.839062755s ago: executing program 0 (id=1204):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffecd)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000b40), 0x4)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_FDB={0x4}]}, 0x1c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
sendmsg$nl_route(r4, 0x0, 0x4000)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_uring_setup(0x6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
ftruncate(r5, 0x200002)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @dev}, 0x10)
r6 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000500)})

1m10.261297339s ago: executing program 0 (id=1207):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f00000017c0), 0x180000)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000003200)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
read$FUSE(r1, &(0x7f00000048c0)={0x2020}, 0x2020)

54.694102568s ago: executing program 33 (id=1207):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f00000017c0), 0x180000)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000003200)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
read$FUSE(r1, &(0x7f00000048c0)={0x2020}, 0x2020)

18.142295624s ago: executing program 6 (id=1248):
syz_usb_connect(0x0, 0x52, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x1b, 0x19, 0xf7, 0x20, 0x471, 0x312, 0x9469, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x40, 0x1, 0x2, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xf, 0x0, 0x1, 0xb4, 0xc7, 0x6a, 0x0, [@uac_control={{0xa, 0x24, 0x1, 0x2, 0x1}, [@mixer_unit={0x5, 0x24, 0x4, 0x0, 0x5}]}], [{{0x9, 0x5, 0x7, 0x19, 0x200, 0x8, 0xc, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x1}, @generic={0x10, 0x3b, "a64ca5eab9884d11a74913391d1d"}]}}]}}]}}]}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4397a5c0115f3542, 0x4008032, 0xffffffffffffffff, 0x3ae84000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000600))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000000)={0x60, 0x0, &(0x7f000007c000/0x4000)=nil, &(0x7f0000839000/0x1000)=nil, 0x0, &(0x7f0000000700)=[{}], 0x1, 0x2, 0x0, 0x0, 0x0, 0x4})

14.684355518s ago: executing program 1 (id=1348):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'dvmrp1\x00'})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev, 0x4e24, 0x2, 'sed\x00', 0x0, 0xfffffffc}, 0x2c)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(0x0, r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, 0x0, 0x4000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x18000000000002a0, 0x1c, 0x0, &(0x7f00000011c0)="b9ffddc1ddc8cdde75537d07007e0d0000bf2dfe443b1b5e2a088137", 0x0, 0x600, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r2, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})

14.06396254s ago: executing program 1 (id=1351):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0xce9e1000)
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000900), 0x4)
r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x10, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000180))
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private0, @in6=@empty}, {@in, 0x0, 0x6c}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
write$sysctl(r7, 0x0, 0x0)

12.827443239s ago: executing program 5 (id=1354):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socket(0x21, 0x2, 0x10000000000002)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$igmp6(0xa, 0x3, 0x2)
socket$caif_stream(0x25, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000009002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

12.219447473s ago: executing program 6 (id=1355):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
unshare(0x2000400)
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x802442, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FICLONE(r4, 0x40049409, r4)
r5 = socket(0x10, 0x803, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
unshare(0x20000400)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r6, 0x6, 0x1, 0xfffffffffffffffd, &(0x7f0000000000)=0x2000000)
r7 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x0)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$SCSI_IOCTL_GET_PCI(r8, 0x2284, &(0x7f0000000000))
r9 = socket$l2tp6(0xa, 0x2, 0x73)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a09040000010209"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000400000000000000000085000000bb00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sock_ops=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$l2tp6(r9, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e23, @multicast1}}, 0x3, 0x4, 0x7fffffff, 0x1, 0xffffffff}, &(0x7f00000001c0)=0x98)

12.218854836s ago: executing program 1 (id=1356):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x6, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="190000000400000008000000020000", @ANYRESOCT=r0, @ANYBLOB="0000000000000100"/18, @ANYRES32=r0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[], 0x50}, 0x1, 0x7}, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r1, 0x0, &(0x7f0000000000)=""/10, 0x2}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000010000"], 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000029c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_open_procfs(0x0, &(0x7f00000000c0)='smaps_rollup\x00')
syz_genetlink_get_family_id$nfc(&(0x7f0000000400), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000380)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000000000000007f0000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c75737465720000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000004493000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8)
socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x2)

10.842442823s ago: executing program 5 (id=1360):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000001500000000000000000900010073797a30000000000900020073797a32"], 0x80}, 0x1, 0xfffffff5}, 0x0)

9.859864929s ago: executing program 4 (id=1362):
syz_io_uring_setup(0x1841, &(0x7f0000000480)={0x0, 0x5cdb, 0x1088, 0x0, 0x34f}, &(0x7f00000002c0), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x1841, &(0x7f0000000480)={0x0, 0x5cdb, 0x1088, 0x0, 0x34f}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f00000000c0))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58) (async)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)='l', 0x1}], 0x1}], 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x8, 0x3, 0x7f}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xf, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r6, &(0x7f0000000300), 0x20000000}, 0x20)
recvmsg$unix(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)=""/219, 0xdb}], 0x1, 0x0, 0x58}, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000100)}, 0x36) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000100)}, 0x36)
write$binfmt_script(r5, &(0x7f00000009c0), 0x75) (async)
write$binfmt_script(r5, &(0x7f00000009c0), 0x75)
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

9.859531019s ago: executing program 5 (id=1363):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x38, 0x3b, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}, @typed={0xc, 0x5, 0x0, 0x0, @u64=0xd}]}, 0x38}}, 0xc000)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0xffffffff}, {0xa, 0x0, 0xffff, @loopback={0xffffffffffffff9d}}, r1}}, 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000008000000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000060000000060a010400000000000000000100850008000b400000000038000480340001800b0001006e756d67656e00002400028008000340000000000800014000000000080004400000000008000240000000000900010073797a3000000000140000001100010000000000000000000000000a"], 0xd4}}, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r4, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'ipvlan0\x00', 0xfffffffd}, 0x18)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r5, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000600)=""/14, 0xe, 0x0, 0x3, 0x0, 0x0, 0xc07}}, 0x11c)
readv(r5, &(0x7f0000000140)=[{&(0x7f0000000380)=""/155, 0x9b}], 0x1)
write$UHID_DESTROY(r5, &(0x7f0000000200), 0x4)
recvfrom(r3, &(0x7f0000000000)=""/21, 0x15, 0x0, &(0x7f0000000100)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-twofish-avx\x00'}, 0x80)

9.652458449s ago: executing program 4 (id=1364):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r0=>0x0}, &(0x7f0000cab000)=0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-pclmul\x00'}, 0x58)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg$sock(r2, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="02", 0x1}, {&(0x7f0000000240)='f', 0x1}], 0x2}}], 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_SEND_PRIO(r6, 0x6b, 0xf, 0x0, &(0x7f0000001280))
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r7, &(0x7f0000000040)={0x24, @none={0x0, 0xffff}}, 0x14)
setregid(r0, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c90000cf47d16331aef6ee13ff7f266e13da7be839b35e9ae1a333f2d8fd8e1983903166f4d8f3d5e043b8eb3a4dd0a04b39df97c82009b793cd734558a268aac6cea0ca6aa40899810bc164d8ad6b2ce23bf4b88d9b72991218c6c68e9a992582d217f639c8ad76405b511163edb9ca95e8123830003ab82fc86a517ac2aff77866914ebb9aca4a6e530d80f19ee31eeb1e5b8139b72264f8fceb54ee9980e771c5f11155b69e12e65e6a3699d1b80648dd949081f1a612b7b5950f41554c9b832f7cf9efa4987bd88887917199318d28808204e7638ca5932c066d2a662e600ac0a8f27b86c066f2bceabd1b3af66c12fefa311c5afe0821a14432925187a05476e0a972e85f26a24832c357d70d354ade966e6963234e4956658ac9ece3780485fcb3decb69a029ffbeda1c7b27bb020f4137624286d8a2d22221028b3efd3433e7fd3ba291446947a274a748f45bb347fa49e295cfa305f5dd46b662afde61cfee33ea823d23f46a662146886c6e3c30e660d765f46dcc14914b3e342e44436410fedeb6594f37ac94cd336dea463e0541daadbe70b5b925741db16240afc85f391539569ac14e5dccb9ca5790c33f8a6cdd7abc1cb762972634968ecb9f1dff8b6b6cd6f5f56db31c24ac5b2b1bed2efea1f4e67f686a8abfa41f297a165b9fcb4800230ed07af34727fe6c2cc6daf796cc38e8f03ee4fb786a92fabfbded442086d657dec598edb21ba428d4bb28ac974c38218bcf08ad3b4f6698ae05855769dbe5693eac83a223b76a5f452195795d3d485e5c0a18caf2315c3a21acb4bb661082b1c4fccfff8f0c52c353dedd3b9e575b800cfec557e43527228abf820e16411b45c77e99f308dcc5dcd1c3b8ddb828e6481c1fc6275c3e1ed4a1f0fe6d97db39cb3ad5b08400cc990ed5797e23fcd81ee76eed1caaf2ec709c18b014dfcfac7eb658f1c07a894dca1d8e23ebbc18c7b0acefacd915235a54637d13965681a6a527325d13b4a88a21505860873038bc6ca68e25bed80496e65b53a4817e7dba3cbe31eebb770ab04202486634b7210500238707cd664735c07e539e8ccb09ec82d7fad69c4f31113b4a01089a81d4a1787d69957a2dfcf371f0c357eba5a587f0d09d64588f3fade99726d786085b513e720fd1d889104e1d98bf4fe23d6bd8c408c44fc702880e6c53a733aaafec836a80b9e69d1432225dda63a755bde5103fbba7af46f81b3b0c3457d49e187c7fa53e9410d4ff7dd1c9a954d549b49197f350e8451e850279ba4690a4ff3fa4f91ebfa4dda7d2a60257d70c09ad6520387baf2cd734bf1f993565f7ccf80f29b1414e595de79ec03faf7afbeff3daf0034aeecfe41640366ae3c1d1b9437cb7580b9a94fe71a5ffe7be4f959cc5972e1672c5f5c5d252a63804d1a292aac2582b78ac73ea143095bc1283b210c66ecc5b5b9be4d6649920118d51429328f8a983a89f8f5d6ec383c89f07e91e0726ed40776d72d7499652a84f9d0bb086e9479a6d703907ee17345ed763ae817751515c744d428ac51fb10eba495f9a477809a4c1b447a94a3f6d1a092b109478ca36c3da494552d34f30d74a32958c53ec091e32ca8aaf5c814881d4bb3add2b07f362e9e4ea17b3f8b6e7310fcbea4ea6f2d9f5505b011011b75eb4dbf2455f665027abe2bb73dd37dff9c6aab6e9454bbd7bb887aef12f19f446bcbf257ada0e5144f708ccf350f07b861b813eb4cdab02d74b660d960c737f553f84b2d027da58f02345704583717199f693c913bfc2704cfde1b31270c43f17d51c82b672796fd6e1d09e34659d7e5fd9a1a69dcdde367c074b47beeb88f374740a64d9e9a99f4fabdbfca311174da518f868704e3fe259e6069330b04d2d3804a3428d2e04a483599f5ff47ff8c877601fcae33999575180fb540ff00c55728d0ee8eb6550658c7cbc8be4f87b50a9650a33aa164c6bae4044dfc080cf43a1c80e8a8132f973faefcf2ee23f9c2f3119fa93c0e5875832d4f8b6c2a1c347d480f15ead27ba7fb6e2ba9f2204982023b15b0f9df44ce9bba765c9598810593dd32a520ba72a5bfc375f36f4ea4a55017b1494c392568ef6828c18a1f2cec1442f705687695e42f62734ac2c1b0fed399ccf29b20fccd476afc72217182a73c970029c7679dffaebfc2ab9e8d18f5e757ccde87ac69b2bb0243b2e86d225dd2edad4919977bde1806bd6305eff22f2d63646c3a856a002aaea40d96e4811fe0cf5ad942e087c55551fdccc65835686320aa635ec50872f1c30cd8a732515b4dbfa132f905205f4b2ec64d1b9a9101ee2c3d0a110e40fd40d2c0b19f9a77b43f0b14e283ad1038de31cb21c2857d278933fd4bf106a7a93e16b28d71dfa73fa0695c77c0b1236e4cc7f17837be252d1011edf8ba626315e416b2963e96172b3294ec1f087672b0fc404edb79ca9b8e7a46f69b7a6f8b0488ec6c10f937632cc29bdb6f2c0ca86b978db6ca3cb9aa9b5f253fb5ba52e5b3738468236bd3ed26da1158e14881860f37f586b3b004ff7233a7427ece1c1365bb273aa1ce801c6d61b35a247c38917df23b9f12f7e764dabf9af18885e447a952de7796c3dd27e77325be816eb82ae9026ef5a855ddfb9aaf4a0bfc153f079c95337d2ee3c2ac36e5b4e8c5da765bf5d11edcf01ef11a3748d7ca0b1fd6f8882fbfd3423bd429c8592ec28a98bba845e7fe829ae2b11f5215ce819bf777ab45d73e9afe3cc76840b7d368161ee140efdec81ca1d5716c2ea5b255fabb5a4698864c8d427738837c45f1006cbf1f68bbedbfdf70e5b65b21b1934826c06d4d3da4f08e3ad376cec5aafb2f9eae9a06cab375ef5a44f30a563e5245077d84823b88d71912f458fe17d36e4b2a88260ad121af2e5a43a555ef61ffd242c09d5011b9be422c4c310a834f664c732930c1d329212aa9f063356c85130c965d919180e62afd193224d3792db6a069ff2bc8770bd6294a6884cbfb71301859a26b7572440ee12719e8753831bf73d353a33ea64c57df0bac0cc8938ea28370724439170824d1b55d415eed14f620d3a28bb5009edd12e9322df3573bbd9b0d0ff2cbd2e48c0c297f63c100116097c48c8f4cf0a7c4fb5156723fcb615236b6db175442b2db90c3e426cca9de56f55effdbb981c75c99a8dd084a619882fb216b000cb99eae616f0b5d7a8a2cc675cbd3e0a61b6f602250b040ae57f998471095563334e165f35139ec22aabf8ada15b890e2cf038a4f40d129760e39b166f58cfb4bfee7d4455ce06ad098745e0edac9434e4c61f889cbe6d7cf74da35f1b6d2b4455abf954223d1638ff808508228a3060d390e9ce539d2dcb032ae5d6c5abcd4df4bfb63f9851e45bb961cca2150eb386abd67dab2a12c096aa8df742e41ff7718f9dd77099d9bc87a2a46d8d6ffb903b23b429747c9acb21c0e88067eb6c7fa2507ef0673e6b65a15767cfa4ef9b52adbce41ea3461f77b0e705a2d5cbcf3841bd22414f3ef2402a915705a18113d370d35619fdbbfb4fe6e1581a8520525e863d931aaaed58d06d093905b0d83dd1345f4b8213954102abf8048be627d437f267d4a0a6e6f181891562b61be55f1e646120cfe17d8d2961ad86d1575856fff39791b90ccc6895495cc0f3a1e2604f5b729aec7452b133b9c822bbc74df480670f34cf0335d42b5ad6a7009c49050d97ef8c09eff8716dbb9ce5a5d67ffad2541860017bfe982c0e48390f987f470c7b600fb29be4d3a74251d85ef1cf1fe3b5a146bb9f6fee2369cba1f2be75782b14a422b0820fa00c1250f4d437f24914a94a8564fa079fe803b39c528707dd2906120d53020000b725596b68553f1653aad2fdd23114e4a7ca3402fcdf0b060323a683a03109ffbec9627c803da8a55665e156a335528f113eb730bb28c0480daf8f2b65483d0f3805e1c512b680d8698e63a80b45aa8c7e12ad0f0e072eefc806fde42455bc4d157e402a86218896d5638f8fdadb1fbffaf4fe92f526475612980f0c5a539a9cec3c63e4efa5b893611af45c8003650888dc5b958a18848cffe11e0636f40e3ade10da702b71a69e6941e506ec3f0297349867949246310909ff445005f68910308df1e44f7ef04efbcb6ade53086aeb80b0ca96b94c9e6353c77bc1ce575edd6a1ab76e000d2ca0bc80c09d76d2bf25d90c93d5fcf6c123a9e83a3354b798356aeb2e99721732d52b1ec6c84d79d6f1237186260e7e63f29cfe8050a8fd44d57b52582b45e1fe027792c07ef33a0ac686606dd009ef3839e179190aca20d01db1d2263898a6953feb5d2e8093a4b4a2b18f6cb06a0251d3862672814b5165213c65174fe5dad7673186293e336348fc77a6d545cc07355c07a8b9a98c95d76fa5dc4c19181578a6dc4f2b29b647ab6a09f6756994c8e389c7c165766f154468b380e1e67cb2edbc7f67b6bfad1de690c3f472908b11d1c502ca61b5e869cd2cf8e11e39eceb9d31fca090fd5dd15e1f5a8c4de58531df3fa96d655653a5b99ea449d3865e07401ecb63fb4ac4042c893841c2b70b4a133937ac0dca8d6f442de175f138ab7cf19477c2483caf524fc443b3243d31f15f3f518b2d7964314d7d34754ae417dd9d46a83e443cef18eb673f46f34aeaba592a171bb4710002da17d9d6554208fc384de22bff7e05d2bfb821656e78bfa084be46fe6b0f04a06c6bc80afbd406a918a57d582345b260360cec7168142ef0e0da8ad70ac9703d6206c6da23558374ad8bc1e8fe5cdede25e8ad5d0d0741d85e86566b7b9172f457e36feabb881f14a04d182b6971bb1aa1c37a608ff0eeaba1b6c37c4bdb15696afb0e031ef8b214a7a72892593c910829c820f773135f3441afc90cadeb50f76d4a5bbd713c8b3dc441599dcae659b9ad417affde5d9ee3933f00ea69323fd33e0b9a12b1ee29b2e97c7b1db3fa0a900678c6490a847fdd85fa93bb134e3239638052359774bc22405a0abb698081ce1dce2dfe0c0430b641f00d230013944df65581f6b5f458165b16aad8b92b44bf28b3236cac5239c91fe2351c5f53359d072aa34ffee18ff275afdc0dc7b889da928fdd4e300a52699cb5a4fea8cc42f636b15e449daef52df3586d4b55fd047b04e96734aa2c45bcad8f05dbf3c97daefcd6bad396a6aed71849e484eb0e3526970973db9b268b71e726748aacb5c2203cde2992af74cac612d33cecba7f3e5d66e2a2e449eb00e770af4fe13be6d16877cfa46c108c29d8db1efff5356433fc627741d12605056ec78c02bf143afc9e2161c15ce65a0f8c9f13a6b7a9164f256301ff0ca23dfffb77ec46ddd29b63d7bcfe5ae482f76f1c0e819b24b970209058bd0c"], 0x1004)

9.030784208s ago: executing program 6 (id=1365):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fanotify_mark(0xffffffffffffffff, 0x565, 0x48000000, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r2, 0xc004562f, &(0x7f00000000c0)=0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000020610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
recvmsg$unix(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)}, 0x12)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x573, 0x1, 0x3, 0xd59f80, 0x4, 0x5, 0xb, 0x8, 0x5, 0x722, 0x6356, 0x7, 0x8001, 0x3a, 0x13, {0xffff945a, 0x1}, 0x3, 0x5}})
r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
ftruncate(0xffffffffffffffff, 0xfffc)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0, 0x1000})
ioctl$DMA_BUF_SET_NAME_A(r7, 0xc0086202, 0x0)

8.170174718s ago: executing program 6 (id=1366):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f00000005c0)=0x4)
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="021800000b0000000000000000000000030005000000000002000000e0000001000000000000000003001200000000000200000000000000000000002000000003000600000000000200"], 0x58}}, 0x24000894)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r5, 0x29, 0x5, 0x0, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x3, &(0x7f0000000100)=0x1, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, 0x0, 0x24040808)
ioprio_get$uid(0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x2, 0x0})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYRES32], 0x0)

8.165858436s ago: executing program 5 (id=1367):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0xce9e1000)
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000900), 0x4)
r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x10, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000180))
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private0, @in6=@empty}, {@in, 0x0, 0x6c}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
write$sysctl(r7, 0x0, 0x0)

8.165140445s ago: executing program 4 (id=1368):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000700), 0x0, 0x0)
readv(r1, &(0x7f0000000980)=[{&(0x7f0000000780)=""/115, 0x73}], 0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, 0x0, 0x8)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)

7.835758671s ago: executing program 1 (id=1369):
r0 = socket(0x10, 0x3, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x4b, 0x4d, 0xd, 0x40, 0x451, 0x5416, 0x100, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xeb, 0x0, 0x0, 0xde, 0x4, 0xe5}}]}}]}}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
unshare(0x2c060000)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0))
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0x8001, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f00000000c0))
write(r0, &(0x7f00000000c0)="240000001e005ff813ffffffffe2fff807000000010000000000000005000d0002000000", 0x24)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={0x0, @remote}, &(0x7f0000000080)=0xc)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f00000012c0)=0x100000001, 0x4)

5.99707352s ago: executing program 2 (id=1371):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000100)={'vlan1\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
close(0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000840)

5.979050921s ago: executing program 4 (id=1372):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xffffffff, 0xffdffffe}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x40, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

5.917832481s ago: executing program 5 (id=1373):
socket$igmp6(0xa, 0x3, 0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000140)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000bc0)={{@host, 0x80}, {@host, 0x6}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0dac6870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
r4 = gettid()
timer_create(0x0, &(0x7f0000000340)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
recvmmsg(r3, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0)
recvmmsg(r1, &(0x7f0000000000), 0x4000000000000a0, 0x40, 0x0)
capset(&(0x7f0000000300)={0x20080522}, &(0x7f0000000340))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$PIO_SCRNMAP(r5, 0x4b49, &(0x7f0000002080))
r7 = syz_open_dev$media(&(0x7f0000000f40), 0x0, 0x0)
ioctl$MEDIA_IOC_DEVICE_INFO(r7, 0xc1007c00, &(0x7f0000000f80))

5.664911223s ago: executing program 4 (id=1374):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000000)='bridge0\x00')
socket$packet(0x11, 0x3, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x19, 0x4, 0x4, 0x9, 0x8, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r4}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_freeze_timeout', 0x8000, 0x10c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x3, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x8e}, @jmp={0x5, 0x0, 0x9}], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000005c0)={&(0x7f00000006c0)={0x5c, 0x4, 0x8, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xffff7fff}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x10}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x4040)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000000380)=0x20)
write$binfmt_elf32(r8, 0x0, 0x4cd)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ffad53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa7664012d42961e1445ce83def332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5bb6f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xffcf, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(r9, 0x80087601, &(0x7f0000000540))

5.54950672s ago: executing program 2 (id=1375):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800001bc81af80000000000001e0085100000060000001800001b", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xd8, &(0x7f0000000340)=""/216, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5.15206684s ago: executing program 2 (id=1376):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xffffffff, 0xffdffffe}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x40, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_MSG_RING={0x28, 0x2, 0x0, r0, 0x0, &(0x7f00000001c0)="8c12bfc26d797388411846b23fc5108192a94ec9b82d582dfa30db605826d3fc766ed46b8c1eafc794c1556a9269fc36a72ace68188fe46c1d68bdd6e281536601596c090eb2b6cc513c22074d8a7739d9a3fd4c95bd942421090cb6a430b3ad329426f846010b29149d5970a45ef332bfe1bdf28e17fa1944c03c84c5bf534cbecab3653141a3c4ecb6a26766f564e0afee8eae27992548080e08ad61c293cfd6921e3b77bf90a4bf74e17f795106282c4a35a1", 0xb4, 0x1, 0x0, {0x0, r3}})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

5.013199753s ago: executing program 6 (id=1377):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
write$smackfs_load(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0xc162, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = io_uring_setup(0x41c3, &(0x7f00000001c0)={0x0, 0x47, 0x40, 0x0, 0x32b})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x9)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
write$P9_RVERSION(r2, 0x0, 0x15)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r7, &(0x7f0000000100)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}}, 0x12)

3.14611242s ago: executing program 2 (id=1378):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r0=>0x0}, &(0x7f0000cab000)=0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-pclmul\x00'}, 0x58)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg$sock(r2, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="02", 0x1}, {&(0x7f0000000240)='f', 0x1}], 0x2}}], 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_SEND_PRIO(r6, 0x6b, 0xf, 0x0, &(0x7f0000001280))
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r7, &(0x7f0000000040)={0x24, @none={0x0, 0xffff}}, 0x14)
setregid(r0, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c90000cf47d16331aef6ee13ff7f266e13da7be839b35e9ae1a333f2d8fd8e1983903166f4d8f3d5e043b8eb3a4dd0a04b39df97c82009b793cd734558a268aac6cea0ca6aa40899810bc164d8ad6b2ce23bf4b88d9b72991218c6c68e9a992582d217f639c8ad76405b511163edb9ca95e8123830003ab82fc86a517ac2aff77866914ebb9aca4a6e530d80f19ee31eeb1e5b8139b72264f8fceb54ee9980e771c5f11155b69e12e65e6a3699d1b80648dd949081f1a612b7b5950f41554c9b832f7cf9efa4987bd88887917199318d28808204e7638ca5932c066d2a662e600ac0a8f27b86c066f2bceabd1b3af66c12fefa311c5afe0821a14432925187a05476e0a972e85f26a24832c357d70d354ade966e6963234e4956658ac9ece3780485fcb3decb69a029ffbeda1c7b27bb020f4137624286d8a2d22221028b3efd3433e7fd3ba291446947a274a748f45bb347fa49e295cfa305f5dd46b662afde61cfee33ea823d23f46a662146886c6e3c30e660d765f46dcc14914b3e342e44436410fedeb6594f37ac94cd336dea463e0541daadbe70b5b925741db16240afc85f391539569ac14e5dccb9ca5790c33f8a6cdd7abc1cb762972634968ecb9f1dff8b6b6cd6f5f56db31c24ac5b2b1bed2efea1f4e67f686a8abfa41f297a165b9fcb4800230ed07af34727fe6c2cc6daf796cc38e8f03ee4fb786a92fabfbded442086d657dec598edb21ba428d4bb28ac974c38218bcf08ad3b4f6698ae05855769dbe5693eac83a223b76a5f452195795d3d485e5c0a18caf2315c3a21acb4bb661082b1c4fccfff8f0c52c353dedd3b9e575b800cfec557e43527228abf820e16411b45c77e99f308dcc5dcd1c3b8ddb828e6481c1fc6275c3e1ed4a1f0fe6d97db39cb3ad5b08400cc990ed5797e23fcd81ee76eed1caaf2ec709c18b014dfcfac7eb658f1c07a894dca1d8e23ebbc18c7b0acefacd915235a54637d13965681a6a527325d13b4a88a21505860873038bc6ca68e25bed80496e65b53a4817e7dba3cbe31eebb770ab04202486634b7210500238707cd664735c07e539e8ccb09ec82d7fad69c4f31113b4a01089a81d4a1787d69957a2dfcf371f0c357eba5a587f0d09d64588f3fade99726d786085b513e720fd1d889104e1d98bf4fe23d6bd8c408c44fc702880e6c53a733aaafec836a80b9e69d1432225dda63a755bde5103fbba7af46f81b3b0c3457d49e187c7fa53e9410d4ff7dd1c9a954d549b49197f350e8451e850279ba4690a4ff3fa4f91ebfa4dda7d2a60257d70c09ad6520387baf2cd734bf1f993565f7ccf80f29b1414e595de79ec03faf7afbeff3daf0034aeecfe41640366ae3c1d1b9437cb7580b9a94fe71a5ffe7be4f959cc5972e1672c5f5c5d252a63804d1a292aac2582b78ac73ea143095bc1283b210c66ecc5b5b9be4d6649920118d51429328f8a983a89f8f5d6ec383c89f07e91e0726ed40776d72d7499652a84f9d0bb086e9479a6d703907ee17345ed763ae817751515c744d428ac51fb10eba495f9a477809a4c1b447a94a3f6d1a092b109478ca36c3da494552d34f30d74a32958c53ec091e32ca8aaf5c814881d4bb3add2b07f362e9e4ea17b3f8b6e7310fcbea4ea6f2d9f5505b011011b75eb4dbf2455f665027abe2bb73dd37dff9c6aab6e9454bbd7bb887aef12f19f446bcbf257ada0e5144f708ccf350f07b861b813eb4cdab02d74b660d960c737f553f84b2d027da58f02345704583717199f693c913bfc2704cfde1b31270c43f17d51c82b672796fd6e1d09e34659d7e5fd9a1a69dcdde367c074b47beeb88f374740a64d9e9a99f4fabdbfca311174da518f868704e3fe259e6069330b04d2d3804a3428d2e04a483599f5ff47ff8c877601fcae33999575180fb540ff00c55728d0ee8eb6550658c7cbc8be4f87b50a9650a33aa164c6bae4044dfc080cf43a1c80e8a8132f973faefcf2ee23f9c2f3119fa93c0e5875832d4f8b6c2a1c347d480f15ead27ba7fb6e2ba9f2204982023b15b0f9df44ce9bba765c9598810593dd32a520ba72a5bfc375f36f4ea4a55017b1494c392568ef6828c18a1f2cec1442f705687695e42f62734ac2c1b0fed399ccf29b20fccd476afc72217182a73c970029c7679dffaebfc2ab9e8d18f5e757ccde87ac69b2bb0243b2e86d225dd2edad4919977bde1806bd6305eff22f2d63646c3a856a002aaea40d96e4811fe0cf5ad942e087c55551fdccc65835686320aa635ec50872f1c30cd8a732515b4dbfa132f905205f4b2ec64d1b9a9101ee2c3d0a110e40fd40d2c0b19f9a77b43f0b14e283ad1038de31cb21c2857d278933fd4bf106a7a93e16b28d71dfa73fa0695c77c0b1236e4cc7f17837be252d1011edf8ba626315e416b2963e96172b3294ec1f087672b0fc404edb79ca9b8e7a46f69b7a6f8b0488ec6c10f937632cc29bdb6f2c0ca86b978db6ca3cb9aa9b5f253fb5ba52e5b3738468236bd3ed26da1158e14881860f37f586b3b004ff7233a7427ece1c1365bb273aa1ce801c6d61b35a247c38917df23b9f12f7e764dabf9af18885e447a952de7796c3dd27e77325be816eb82ae9026ef5a855ddfb9aaf4a0bfc153f079c95337d2ee3c2ac36e5b4e8c5da765bf5d11edcf01ef11a3748d7ca0b1fd6f8882fbfd3423bd429c8592ec28a98bba845e7fe829ae2b11f5215ce819bf777ab45d73e9afe3cc76840b7d368161ee140efdec81ca1d5716c2ea5b255fabb5a4698864c8d427738837c45f1006cbf1f68bbedbfdf70e5b65b21b1934826c06d4d3da4f08e3ad376cec5aafb2f9eae9a06cab375ef5a44f30a563e5245077d84823b88d71912f458fe17d36e4b2a88260ad121af2e5a43a555ef61ffd242c09d5011b9be422c4c310a834f664c732930c1d329212aa9f063356c85130c965d919180e62afd193224d3792db6a069ff2bc8770bd6294a6884cbfb71301859a26b7572440ee12719e8753831bf73d353a33ea64c57df0bac0cc8938ea28370724439170824d1b55d415eed14f620d3a28bb5009edd12e9322df3573bbd9b0d0ff2cbd2e48c0c297f63c100116097c48c8f4cf0a7c4fb5156723fcb615236b6db175442b2db90c3e426cca9de56f55effdbb981c75c99a8dd084a619882fb216b000cb99eae616f0b5d7a8a2cc675cbd3e0a61b6f602250b040ae57f998471095563334e165f35139ec22aabf8ada15b890e2cf038a4f40d129760e39b166f58cfb4bfee7d4455ce06ad098745e0edac9434e4c61f889cbe6d7cf74da35f1b6d2b4455abf954223d1638ff808508228a3060d390e9ce539d2dcb032ae5d6c5abcd4df4bfb63f9851e45bb961cca2150eb386abd67dab2a12c096aa8df742e41ff7718f9dd77099d9bc87a2a46d8d6ffb903b23b429747c9acb21c0e88067eb6c7fa2507ef0673e6b65a15767cfa4ef9b52adbce41ea3461f77b0e705a2d5cbcf3841bd22414f3ef2402a915705a18113d370d35619fdbbfb4fe6e1581a8520525e863d931aaaed58d06d093905b0d83dd1345f4b8213954102abf8048be627d437f267d4a0a6e6f181891562b61be55f1e646120cfe17d8d2961ad86d1575856fff39791b90ccc6895495cc0f3a1e2604f5b729aec7452b133b9c822bbc74df480670f34cf0335d42b5ad6a7009c49050d97ef8c09eff8716dbb9ce5a5d67ffad2541860017bfe982c0e48390f987f470c7b600fb29be4d3a74251d85ef1cf1fe3b5a146bb9f6fee2369cba1f2be75782b14a422b0820fa00c1250f4d437f24914a94a8564fa079fe803b39c528707dd2906120d53020000b725596b68553f1653aad2fdd23114e4a7ca3402fcdf0b060323a683a03109ffbec9627c803da8a55665e156a335528f113eb730bb28c0480daf8f2b65483d0f3805e1c512b680d8698e63a80b45aa8c7e12ad0f0e072eefc806fde42455bc4d157e402a86218896d5638f8fdadb1fbffaf4fe92f526475612980f0c5a539a9cec3c63e4efa5b893611af45c8003650888dc5b958a18848cffe11e0636f40e3ade10da702b71a69e6941e506ec3f0297349867949246310909ff445005f68910308df1e44f7ef04efbcb6ade53086aeb80b0ca96b94c9e6353c77bc1ce575edd6a1ab76e000d2ca0bc80c09d76d2bf25d90c93d5fcf6c123a9e83a3354b798356aeb2e99721732d52b1ec6c84d79d6f1237186260e7e63f29cfe8050a8fd44d57b52582b45e1fe027792c07ef33a0ac686606dd009ef3839e179190aca20d01db1d2263898a6953feb5d2e8093a4b4a2b18f6cb06a0251d3862672814b5165213c65174fe5dad7673186293e336348fc77a6d545cc07355c07a8b9a98c95d76fa5dc4c19181578a6dc4f2b29b647ab6a09f6756994c8e389c7c165766f154468b380e1e67cb2edbc7f67b6bfad1de690c3f472908b11d1c502ca61b5e869cd2cf8e11e39eceb9d31fca090fd5dd15e1f5a8c4de58531df3fa96d655653a5b99ea449d3865e07401ecb63fb4ac4042c893841c2b70b4a133937ac0dca8d6f442de175f138ab7cf19477c2483caf524fc443b3243d31f15f3f518b2d7964314d7d34754ae417dd9d46a83e443cef18eb673f46f34aeaba592a171bb4710002da17d9d6554208fc384de22bff7e05d2bfb821656e78bfa084be46fe6b0f04a06c6bc80afbd406a918a57d582345b260360cec7168142ef0e0da8ad70ac9703d6206c6da23558374ad8bc1e8fe5cdede25e8ad5d0d0741d85e86566b7b9172f457e36feabb881f14a04d182b6971bb1aa1c37a608ff0eeaba1b6c37c4bdb15696afb0e031ef8b214a7a72892593c910829c820f773135f3441afc90cadeb50f76d4a5bbd713c8b3dc441599dcae659b9ad417affde5d9ee3933f00ea69323fd33e0b9a12b1ee29b2e97c7b1db3fa0a900678c6490a847fdd85fa93bb134e3239638052359774bc22405a0abb698081ce1dce2dfe0c0430b641f00d230013944df65581f6b5f458165b16aad8b92b44bf28b3236cac5239c91fe2351c5f53359d072aa34ffee18ff275afdc0dc7b889da928fdd4e300a52699cb5a4fea8cc42f636b15e449daef52df3586d4b55fd047b04e96734aa2c45bcad8f05dbf3c97daefcd6bad396a6aed71849e484eb0e3526970973db9b268b71e726748aacb5c2203cde2992af74cac612d33cecba7f3e5d66e2a2e449eb00e770af4fe13be6d16877cfa46c108c29d8db1efff5356433fc627741d12605056ec78c02bf143afc9e2161c15ce65a0f8c9f13a6b7a9164f256301ff0ca23dfffb77ec46ddd29b63d7bcfe5ae482f76f1c0e819b24b970209058bd0c"], 0x1004)

2.903896955s ago: executing program 5 (id=1379):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="000800000000321c0355fcf4994dff0100", 0x11)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(&(0x7f0000000400))
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r3], 0x10}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sigaltstack(0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000f1000100000000000000000020000833c3ffff000000000000000000000000020000000900020073797a317a30000000000800c100"/73], 0x64}}, 0x0)

2.765011219s ago: executing program 4 (id=1380):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)

2.136460804s ago: executing program 2 (id=1381):
socket$packet(0x11, 0x3, 0x300)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xf)
socket$inet6(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30002000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000009", @ANYRES32=r0], 0x108}}, 0x0)

1.998297112s ago: executing program 1 (id=1382):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000700), 0x0, 0x0)
readv(r1, &(0x7f0000000980)=[{&(0x7f0000000780)=""/115, 0x73}], 0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, 0x0, 0x8)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)

635.0913ms ago: executing program 6 (id=1383):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0xce9e1000)
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000900), 0x4)
r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x10, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000180))
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private0, @in6=@empty}, {@in, 0x0, 0x6c}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
write$sysctl(r7, 0x0, 0x0)

49.378525ms ago: executing program 1 (id=1384):
r0 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240), 0x17182, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000280))
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0xe, &(0x7f0000000b00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff6a0af0fff8ffff1971a400fe00000000b7060000080000002d6400000000000045040300010000001704000001000a00b7040000ff010000720af2fe000000008500000049000000b700000070b2000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d761ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a8321e056acf27c34bed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb93ce1c0983cdcb48477b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000080), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x38, r0, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_SECCTX={0xf, 0x7, 'unconfined\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev}]}, 0x38}, 0x2, 0x34005}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000cc0)=@raw={'raw\x00', 0x8, 0x3, 0x368, 0x0, 0x43, 0xa0, 0x0, 0x98, 0x2d0, 0x178, 0x178, 0x2d0, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}, {}, 0x9}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}, {[{}, {0xe}]}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe0, 0x110, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x2, 0x0, 0x1ff}}, @common=@unspec=@connlimit={{0x40}, {[0xffffff00, 0xff, 0xffffff00, 0xff000000], 0x3, 0x1, {0x4413}}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x5}, {0x1, 0x4, 0x5}, 0xb}}}], {{'\x00', 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, {0x28, '\x00', 0x4}}}}, 0x3c8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000000400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)

0s ago: executing program 2 (id=1385):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000100)={'vlan1\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
close(0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000840)

kernel console output (not intermixed with test programs):

mber=0
[  267.857394][   T29] audit: type=1326 audit(1736695736.088:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8303 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86b5384690 code=0x7ffc0000
[  267.866446][    T9] usb 6-1: config 0 descriptor??
[  267.892245][    T9] hub 6-1:0.0: USB hub found
[  267.917696][   T29] audit: type=1326 audit(1736695736.088:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8303 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f86b538592b code=0x7ffc0000
[  268.052478][ T8327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.617'.
[  269.740650][    T9] hub 6-1:0.0: config failed, can't read hub descriptor (err -22)
[  269.778644][    T9] usbhid 6-1:0.0: can't add hid device: -71
[  269.785675][    T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  270.199561][    T9] usb 6-1: USB disconnect, device number 4
[  271.551092][ T8382] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  271.958630][    T9] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  272.518564][    T9] usb 5-1: device descriptor read/64, error -71
[  272.758565][    T9] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  273.738580][    T9] usb 5-1: device descriptor read/64, error -71
[  273.848808][    T9] usb usb5-port1: attempt power cycle
[  273.858559][ T5887] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  274.028420][ T5887] usb 3-1: device descriptor read/64, error -71
[  274.218554][    T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  274.239673][    T9] usb 5-1: device descriptor read/8, error -71
[  275.229681][ T5887] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  275.295049][ T8422] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  275.301523][ T8422] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  275.307886][ T8422] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  275.314272][ T8422] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  275.320488][ T8422] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  275.326940][ T8422] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  275.671994][    T9] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  275.822420][ T8430] pim6reg: entered allmulticast mode
[  275.840364][    T9] usb 5-1: device descriptor read/8, error -71
[  275.998069][    T9] usb usb5-port1: unable to enumerate USB device
[  276.436623][ T8432] FAULT_INJECTION: forcing a failure.
[  276.436623][ T8432] name failslab, interval 1, probability 0, space 0, times 0
[  276.467104][ T8432] CPU: 1 UID: 0 PID: 8432 Comm: syz.0.650 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  276.477791][ T8432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  276.487894][ T8432] Call Trace:
[  276.491196][ T8432]  <TASK>
[  276.494157][ T8432]  dump_stack_lvl+0x241/0x360
[  276.498898][ T8432]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.504133][ T8432]  ? __pfx__printk+0x10/0x10
[  276.508790][ T8432]  ? __kmalloc_cache_noprof+0x48/0x390
[  276.514312][ T8432]  ? __pfx___might_resched+0x10/0x10
[  276.519727][ T8432]  ? arch_stack_walk+0xfd/0x150
[  276.524692][ T8432]  should_fail_ex+0x3b0/0x4e0
[  276.529439][ T8432]  should_failslab+0xac/0x100
[  276.534198][ T8432]  __kmalloc_cache_noprof+0x70/0x390
[  276.539534][ T8432]  ? rtnl_newlink+0x12e/0x2210
[  276.544427][ T8432]  rtnl_newlink+0x12e/0x2210
[  276.549074][ T8432]  ? kasan_save_track+0x51/0x80
[  276.553999][ T8432]  ? kasan_save_free_info+0x40/0x50
[  276.559248][ T8432]  ? __kasan_slab_free+0x59/0x70
[  276.564240][ T8432]  ? kmem_cache_free+0x195/0x410
[  276.569218][ T8432]  ? __pfx_rtnl_newlink+0x10/0x10
[  276.574258][ T8432]  ? __netlink_deliver_tap+0x56b/0x7f0
[  276.579752][ T8432]  ? __pfx_validate_chain+0x10/0x10
[  276.585001][ T8432]  ? __sock_sendmsg+0x221/0x270
[  276.589873][ T8432]  ? ____sys_sendmsg+0x52a/0x7e0
[  276.595026][ T8432]  ? __sys_sendmsg+0x269/0x350
[  276.599839][ T8432]  ? do_syscall_64+0xf3/0x230
[  276.605501][ T8432]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.613123][ T8432]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  276.620016][ T8432]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  276.626384][ T8432]  ? mark_lock+0x9a/0x360
[  276.630724][ T8432]  ? __lock_acquire+0x1397/0x2100
[  276.635770][ T8432]  ? rcu_read_unlock+0x87/0xa0
[  276.640717][ T8432]  ? __dev_queue_xmit+0x1775/0x3f50
[  276.645933][ T8432]  ? __pfx_lock_release+0x10/0x10
[  276.650965][ T8432]  ? cap_capable+0x1b4/0x250
[  276.655682][ T8432]  ? safesetid_security_capable+0xb2/0x1d0
[  276.661615][ T8432]  ? __pfx_rtnl_newlink+0x10/0x10
[  276.666666][ T8432]  rtnetlink_rcv_msg+0x791/0xcf0
[  276.672261][ T8432]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  276.677399][ T8432]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  276.682963][ T8432]  ? ref_tracker_free+0x643/0x7e0
[  276.689698][ T8432]  netlink_rcv_skb+0x1e3/0x430
[  276.694513][ T8432]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  276.700039][ T8432]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  276.705387][ T8432]  ? netlink_deliver_tap+0x2e/0x1b0
[  276.710602][ T8432]  netlink_unicast+0x7f6/0x990
[  276.715386][ T8432]  ? __pfx_netlink_unicast+0x10/0x10
[  276.720705][ T8432]  ? __virt_addr_valid+0x45f/0x530
[  276.725852][ T8432]  ? __phys_addr_symbol+0x2f/0x70
[  276.730909][ T8432]  ? __check_object_size+0x47a/0x730
[  276.736228][ T8432]  netlink_sendmsg+0x8e4/0xcb0
[  276.741013][ T8432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.746323][ T8432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.751622][ T8432]  __sock_sendmsg+0x221/0x270
[  276.756337][ T8432]  ____sys_sendmsg+0x52a/0x7e0
[  276.761116][ T8432]  ? __pfx_____sys_sendmsg+0x10/0x10
[  276.766416][ T8432]  ? __fget_files+0x2a/0x410
[  276.771020][ T8432]  ? __fget_files+0x2a/0x410
[  276.775697][ T8432]  __sys_sendmsg+0x269/0x350
[  276.780343][ T8432]  ? __pfx_lock_release+0x10/0x10
[  276.785424][ T8432]  ? __pfx___sys_sendmsg+0x10/0x10
[  276.790648][ T8432]  ? __pfx_vfs_write+0x10/0x10
[  276.795462][ T8432]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  276.802577][ T8432]  ? do_syscall_64+0x100/0x230
[  276.807562][ T8432]  ? do_syscall_64+0xb6/0x230
[  276.813463][ T8432]  do_syscall_64+0xf3/0x230
[  276.819409][ T8432]  ? clear_bhb_loop+0x35/0x90
[  276.824272][ T8432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.830202][ T8432] RIP: 0033:0x7f86b5385d29
[  276.834683][ T8432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.854327][ T8432] RSP: 002b:00007f86b61bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.862753][ T8432] RAX: ffffffffffffffda RBX: 00007f86b5575fa0 RCX: 00007f86b5385d29
[  276.870820][ T8432] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  276.879323][ T8432] RBP: 00007f86b61bf090 R08: 0000000000000000 R09: 0000000000000000
[  276.887419][ T8432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.895444][ T8432] R13: 0000000000000000 R14: 00007f86b5575fa0 R15: 00007ffe9f37b298
[  276.903489][ T8432]  </TASK>
[  276.906674][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.389747][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[  277.395857][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  277.404826][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  277.411539][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  277.417723][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  277.578373][   T29] kauditd_printk_skb: 34 callbacks suppressed
[  277.578402][   T29] audit: type=1400 audit(1736695747.358:222): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=8455 comm="syz.4.657" saddr=172.30.0.5 daddr=172.20.20.170 netif=wpan0
[  277.712574][ T8465] netlink: 64535 bytes leftover after parsing attributes in process `syz.5.660'.
[  278.167293][ T8480] netlink: 8 bytes leftover after parsing attributes in process `syz.5.667'.
[  278.186840][ T8480] netlink: 4 bytes leftover after parsing attributes in process `syz.5.667'.
[  279.438850][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  279.439055][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[  279.568655][ T5887] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  279.832764][ T5887] usb 6-1: config index 0 descriptor too short (expected 60187, got 27)
[  279.841429][ T5887] usb 6-1: config 0 has an invalid interface number: 83 but max is -1
[  279.900977][ T5887] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  279.908894][ T5837] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  280.019214][ T5887] usb 6-1: config 0 has no interface number 0
[  280.198786][ T5887] usb 6-1: New USB device found, idVendor=0499, idProduct=1003, bcdDevice=6a.4b
[  280.300891][ T5887] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.415800][ T5887] usb 6-1: Product: syz
[  280.489437][ T5887] usb 6-1: Manufacturer: syz
[  280.513048][ T5887] usb 6-1: SerialNumber: syz
[  280.523635][ T5887] usb 6-1: config 0 descriptor??
[  280.540466][ T5887] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  280.600954][ T5887] snd-usb-audio 6-1:0.83: probe with driver snd-usb-audio failed with error -2
[  280.846442][ T8534] netlink: 48 bytes leftover after parsing attributes in process `syz.1.681'.
[  281.463822][ T6008] udevd[6008]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.83/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  282.228846][ T5887] usb 6-1: USB disconnect, device number 5
[  282.239636][ T8547] netlink: 104 bytes leftover after parsing attributes in process `syz.1.687'.
[  283.595759][   T29] audit: type=1326 audit(1736695753.388:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  283.634829][ T8562] fuse: Bad value for 'fd'
[  283.679905][   T29] audit: type=1326 audit(1736695753.388:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  283.757122][   T29] audit: type=1326 audit(1736695753.388:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  283.975749][   T29] audit: type=1326 audit(1736695753.388:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  283.998889][   T29] audit: type=1326 audit(1736695753.388:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  285.128471][   T29] audit: type=1326 audit(1736695753.388:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  285.260466][   T29] audit: type=1326 audit(1736695753.388:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  285.356884][   T29] audit: type=1326 audit(1736695753.388:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  285.451935][   T29] audit: type=1326 audit(1736695753.388:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  285.501725][   T29] audit: type=1326 audit(1736695753.408:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8557 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  286.260035][ T8592] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  287.057003][ T8606] fuse: Bad value for 'fd'
[  287.073968][ T8603] program syz.1.705 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.248148][ T8616] afs: Unknown parameter '#ayz1:'
[  287.361210][ T8620] netlink: 60 bytes leftover after parsing attributes in process `syz.5.710'.
[  288.381726][ T8624] af_packet: tpacket_rcv: packet too big, clamped from 32820 to 3952. macoff=96
[  288.573252][ T8637] netlink: 'syz.1.711': attribute type 10 has an invalid length.
[  288.788531][ T8637] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.797982][ T8637] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.998955][ T8637] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.006143][ T8637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.014896][ T8637] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.022142][ T8637] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.221164][ T8637] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  290.278685][   T25] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  290.770309][ T8659] fuse: Bad value for 'group_id'
[  290.779004][ T8659] fuse: Bad value for 'group_id'
[  290.789529][   T25] usb 2-1: Using ep0 maxpacket: 8
[  290.802463][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  290.814894][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  290.845313][ T8659] fuse: Bad value for 'fd'
[  290.858149][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  290.925749][   T25] usb 2-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=f6.82
[  290.945619][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.954223][   T25] usb 2-1: Product: syz
[  290.968094][   T25] usb 2-1: Manufacturer: syz
[  290.978565][   T25] usb 2-1: SerialNumber: syz
[  291.019096][   T25] usb 2-1: config 0 descriptor??
[  291.556162][ T5876] usb 2-1: USB disconnect, device number 18
[  294.679223][ T5887] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  295.117644][ T5887] usb 2-1: Using ep0 maxpacket: 32
[  295.139808][ T5887] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  295.149347][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.157525][ T5887] usb 2-1: Product: 
[  295.162507][ T5887] usb 2-1: Manufacturer: Ñ™
[  295.167230][ T5887] usb 2-1: SerialNumber: 닣᪉䥜铘�⎟딹ᰵ��鴺ᖥ��꾌꺃䅒眨�ᛋ�﵌茽伓�鋧怽�⺭섊準∰핉��낡橔毙࿆쨑ꙟ�ꈵ⠓렦烗㛖臷꺘픹䶅ȡ逸�⠞摚︭ర給��麀ゲ쩧㞸ᙅ땳迺꧃康차⡤⫱糩ꈪ밉愥寈�ᄎ倅�ɘ೘硹ယǮꇄ廯넃凔⠆痕㰵鑭⚽బﴇ
[  296.747587][ T8723] netlink: 8 bytes leftover after parsing attributes in process `syz.4.741'.
[  296.759661][ T8723] netlink: 8 bytes leftover after parsing attributes in process `syz.4.741'.
[  297.627442][ T5887] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  297.633924][ T5887] usb 2-1: 2:1 : invalid channels 0
[  297.708518][ T5887] usb 2-1: USB disconnect, device number 19
[  298.870410][ T8759] netlink: 60 bytes leftover after parsing attributes in process `syz.0.751'.
[  298.884191][ T8759] netlink: 28 bytes leftover after parsing attributes in process `syz.0.751'.
[  298.947152][ T8761] netlink: 104 bytes leftover after parsing attributes in process `syz.0.752'.
[  299.061252][ T8600] udevd[8600]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  299.068441][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  299.139985][ T8764] ALSA: mixer_oss: invalid OSS volume 'ß'
[  299.242072][    T9] usb 6-1: Using ep0 maxpacket: 16
[  299.263511][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  299.284160][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  299.425142][ T8774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.754'.
[  299.983230][    T9] usb 6-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice=f4.95
[  299.996043][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.013110][    T9] usb 6-1: Product: syz
[  300.017428][    T9] usb 6-1: Manufacturer: syz
[  300.025684][ T8778] netlink: 8 bytes leftover after parsing attributes in process `syz.2.757'.
[  300.026500][    T9] usb 6-1: SerialNumber: syz
[  300.066585][    T9] usb 6-1: config 0 descriptor??
[  300.846830][ T8757] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  300.854734][ T8757] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  301.724635][ T8757] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  301.743505][ T8757] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  301.896968][ T8796] delete_channel: no stack
[  302.071391][ T8806] sp0: Synchronizing with TNC
[  302.137694][ T8808] netlink: 8 bytes leftover after parsing attributes in process `syz.0.768'.
[  302.163085][    T9] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  302.179929][    T9] asix 6-1:0.0: probe with driver asix failed with error -71
[  302.220808][    T9] usb 6-1: USB disconnect, device number 6
[  304.117344][ T8817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.770'.
[  304.126308][ T8817] netlink: 72 bytes leftover after parsing attributes in process `syz.0.770'.
[  304.149372][ T8818] Unsupported ieee802154 address type: 0
[  304.549458][ T8820] netlink: 48 bytes leftover after parsing attributes in process `syz.4.765'.
[  304.977920][ T8835] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.986754][ T8835] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.871811][ T8835] bridge_slave_1: left allmulticast mode
[  305.897000][ T8835] bridge_slave_1: left promiscuous mode
[  305.927132][ T8835] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.013376][ T8835] bridge_slave_0: left allmulticast mode
[  306.019331][ T8835] bridge_slave_0: left promiscuous mode
[  306.025172][ T8835] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.462515][ T8847] netlink: 28 bytes leftover after parsing attributes in process `syz.2.780'.
[  307.471854][ T8847] netlink: 28 bytes leftover after parsing attributes in process `syz.2.780'.
[  307.508564][ T8847] netlink: 44 bytes leftover after parsing attributes in process `syz.2.780'.
[  307.518047][ T8872] netlink: 52 bytes leftover after parsing attributes in process `syz.1.785'.
[  307.536701][ T8869] netlink: 'syz.4.786': attribute type 1 has an invalid length.
[  311.639242][ T5464] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  311.900021][ T5464] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  312.061865][ T5464] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  312.071853][ T5464] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  312.081104][ T5464] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.100554][ T8902] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  312.111017][ T5464] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  312.473547][ T5464] usb 2-1: USB disconnect, device number 20
[  312.930306][ T8910] ISOFS: Unable to identify CD-ROM format.
[  315.220098][ T8925] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  315.226492][ T8925] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  315.234730][ T8925] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  315.241478][ T8925] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  315.247579][ T8925] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  315.498818][ T8929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.803'.
[  315.763387][ T8933] netlink: 4 bytes leftover after parsing attributes in process `syz.2.804'.
[  315.826922][ T8933] netlink: 4 bytes leftover after parsing attributes in process `syz.2.804'.
[  316.327107][ T8946] netlink: 104 bytes leftover after parsing attributes in process `syz.2.809'.
[  317.038470][ T5130] Bluetooth: hci1: command 0x0c1a tx timeout
[  317.279448][ T5130] Bluetooth: hci0: command 0x0406 tx timeout
[  317.286217][ T5130] Bluetooth: hci4: command 0x0c1a tx timeout
[  317.292600][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  317.298907][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  317.484361][   T25] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  317.861075][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  317.871661][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  317.888838][   T25] usb 3-1: Using ep0 maxpacket: 16
[  317.897698][   T25] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.912539][   T25] usb 3-1: config 0 interface 0 has no altsetting 0
[  317.919661][   T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c517, bcdDevice= 0.00
[  317.929923][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.961655][   T25] usb 3-1: config 0 descriptor??
[  318.435516][   T25] logitech-djreceiver 0003:046D:C517.0005: hidraw0: USB HID v0.05 Device [HID 046d:c517] on usb-dummy_hcd.2-1/input0
[  318.497107][  T975] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  318.642148][    T9] usb 3-1: USB disconnect, device number 26
[  318.747787][  T975] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.771863][  T975] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.796377][  T975] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  318.821168][  T975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.847454][  T975] usb 5-1: config 0 descriptor??
[  319.088757][ T8977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  319.119504][ T8977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  320.287344][ T9002] netlink: 4 bytes leftover after parsing attributes in process `syz.2.830'.
[  320.616765][  T975] hid-led 0003:27B8:01ED.0006: probe with driver hid-led failed with error -71
[  320.951200][  T975] usb 5-1: USB disconnect, device number 21
[  321.398196][ T9004] netlink: 48 bytes leftover after parsing attributes in process `syz.5.831'.
[  322.506611][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  322.668433][    T9] usb 5-1: Using ep0 maxpacket: 8
[  322.686063][    T9] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  322.686487][ T9026] netlink: 12 bytes leftover after parsing attributes in process `syz.5.838'.
[  322.704641][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.860770][    T9] usb 5-1: Product: syz
[  322.865001][    T9] usb 5-1: Manufacturer: syz
[  322.869800][    T9] usb 5-1: SerialNumber: syz
[  322.879134][    T9] usb 5-1: config 0 descriptor??
[  322.899231][    T9] gspca_main: se401-2.14.0 probing 047d:5003
[  324.203410][ T9038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.842'.
[  324.240166][    T9] usb 5-1: reset high-speed USB device number 22 using dummy_hcd
[  324.268689][ T9038] team0: entered promiscuous mode
[  324.287950][ T9038] team_slave_0: entered promiscuous mode
[  324.299482][ T9038] team_slave_1: entered promiscuous mode
[  324.321308][ T9038] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  324.343529][ T9038] team0: left promiscuous mode
[  324.348888][ T9038] team_slave_0: left promiscuous mode
[  324.355635][ T9038] team_slave_1: left promiscuous mode
[  324.378724][ T5887] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  324.398892][    T9] usb 5-1: device descriptor read/64, error -71
[  324.560593][ T5887] usb 6-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f
[  324.588758][ T5887] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.612469][ T5887] usb 6-1: config 0 descriptor??
[  324.986610][ T9047] syz.1.845 (9047): drop_caches: 0
[  325.145473][ T5887] usb 6-1: string descriptor 0 read error: -71
[  325.160765][ T5887] gspca_main: pac7311-2.14.0 probing 093a:2601
[  325.177782][ T5887] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71
[  325.188590][ T5887] pac7311 6-1:0.0: probe with driver pac7311 failed with error -71
[  325.219722][ T5887] usb 6-1: USB disconnect, device number 7
[  325.455117][ T5130] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  325.522124][ T9061] netlink: 12 bytes leftover after parsing attributes in process `syz.1.849'.
[  325.563094][    T9] gspca_se401: read req failed req 0x06 error -19
[  325.588558][    T9] usb 5-1: USB disconnect, device number 22
[  327.071041][ T9073] input: syz0 as /devices/virtual/input/input25
[  327.475150][ T9084] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  328.444068][ T9089] syz.5.858 (9089): drop_caches: 0
[  330.627266][ T9102] ISOFS: Unable to identify CD-ROM format.
[  330.702288][ T9107] xt_l2tp: missing protocol rule (udp|l2tpip)
[  331.705283][ T9122] netlink: zone id is out of range
[  331.739940][ T9122] netlink: zone id is out of range
[  331.774754][ T9122] netlink: zone id is out of range
[  331.798449][ T5887] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  331.842711][ T9122] netlink: zone id is out of range
[  331.900627][ T9122] netlink: zone id is out of range
[  331.948491][ T9122] netlink: zone id is out of range
[  331.954443][ T9122] netlink: zone id is out of range
[  332.503423][ T9130] tmpfs: Unknown parameter 'qupta'
[  332.689236][ T9122] netlink: zone id is out of range
[  332.699713][ T9122] netlink: zone id is out of range
[  332.713078][ T9122] netlink: zone id is out of range
[  332.736911][ T5887] usb 3-1: config 0 has an invalid interface number: 69 but max is 0
[  332.849695][ T5887] usb 3-1: config 0 has no interface number 0
[  332.856165][ T5887] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  333.022519][ T5887] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  333.133550][ T5887] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  333.286115][ T5887] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  333.300084][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.308353][ T5887] usb 3-1: Product: syz
[  333.312557][ T5887] usb 3-1: Manufacturer: syz
[  333.317303][ T5887] usb 3-1: SerialNumber: syz
[  333.329778][ T5887] usb 3-1: config 0 descriptor??
[  333.375904][ T9119] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  333.380700][ T9146] ISOFS: Unable to identify CD-ROM format.
[  333.440254][ T5887] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  333.473127][ T5887] cyberjack ttyUSB0: usb_submit_urb(read int) failed
[  333.576939][ T5887] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  333.941142][ T9163] binder_alloc: 9152: binder_alloc_buf size 66592 failed, no address space
[  333.949939][ T9163] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[  334.787219][ T5887] usb 3-1: USB disconnect, device number 27
[  334.811193][ T5887] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  334.836779][ T5887] cyberjack 3-1:0.69: device disconnected
[  335.439050][ T5873] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  335.599132][ T5873] usb 5-1: Using ep0 maxpacket: 32
[  335.610817][ T5873] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  335.673689][ T5873] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  335.698455][ T5873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.752939][ T5873] usb 5-1: Product: syz
[  335.792125][ T5873] usb 5-1: Manufacturer: syz
[  335.827960][ T5873] usb 5-1: SerialNumber: syz
[  335.909109][ T5873] usb 5-1: config 0 descriptor??
[  335.916763][ T9192] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  336.060937][ T5873] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  336.189593][ T5873] usb 5-1: USB disconnect, device number 23
[  336.189687][   T11] usb 5-1: Failed to submit usb control message: -71
[  336.244051][   T11] usb 5-1: unable to send the bmi data to the device: -71
[  336.258384][   T11] usb 5-1: unable to get target info from device
[  336.268371][   T11] usb 5-1: could not get target info (-71)
[  336.275231][   T11] usb 5-1: could not probe fw (-71)
[  336.540543][ T5872] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  336.728451][ T5872] usb 3-1: device descriptor read/64, error -71
[  336.798392][ T5130] Bluetooth: hci2: command 0x0c1a tx timeout
[  337.105981][ T9230] netlink: 12 bytes leftover after parsing attributes in process `syz.4.901'.
[  337.860261][ T5872] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  338.599388][ T9236] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  338.605491][ T9236] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  338.620082][ T9236] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  338.626258][ T9236] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  338.632383][ T9236] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  338.702307][ T5872] usb 3-1: device descriptor read/64, error -71
[  338.820672][ T5872] usb usb3-port1: attempt power cycle
[  339.179158][ T5872] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  339.290220][ T5872] usb 3-1: device descriptor read/8, error -71
[  339.608520][ T5872] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  339.885107][ T5872] usb 3-1: device not accepting address 31, error -71
[  339.895818][ T5872] usb usb3-port1: unable to enumerate USB device
[  340.215157][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  340.215179][   T29] audit: type=1800 audit(1736695809.948:239): pid=9278 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.910" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  340.771166][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[  340.777737][ T5130] Bluetooth: hci4: command 0x0c1a tx timeout
[  340.784081][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  340.790921][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[  340.797163][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  341.940242][ T9297] syz.1.914 (9297): drop_caches: 0
[  346.549872][ T9325] syz.1.919 (9325): drop_caches: 0
[  348.000507][ T9361] netlink: 20 bytes leftover after parsing attributes in process `syz.2.928'.
[  348.082810][ T9361] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  348.090329][ T9361] IPv6: NLM_F_CREATE should be set when creating new route
[  348.097659][ T9361] IPv6: NLM_F_CREATE should be set when creating new route
[  348.448418][ T9373] binder: 9372:9373 ioctl c018620c 200001c0 returned -1
[  348.459450][ T9373] netlink: 36 bytes leftover after parsing attributes in process `syz.1.932'.
[  348.524406][ T9376] net_ratelimit: 299 callbacks suppressed
[  348.524439][ T9376] openvswitch: netlink: Tunnel attr 47 out of range max 16
[  351.368586][  T975] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  351.519202][  T975] usb 2-1: device descriptor read/64, error -71
[  351.948501][  T975] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  352.194106][ T9405] syz.0.937 (9405): drop_caches: 0
[  352.383836][  T975] usb 2-1: device descriptor read/64, error -71
[  352.542476][  T975] usb usb2-port1: attempt power cycle
[  353.044974][ T9421] tmpfs: Unknown parameter 'qf[CY'
[  353.179425][ T9421] netlink: 20 bytes leftover after parsing attributes in process `syz.0.943'.
[  354.928717][ T5876] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  355.031617][    T9] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  355.168573][ T5876] usb 3-1: device descriptor read/64, error -71
[  355.178637][    T9] usb 2-1: device descriptor read/64, error -71
[  355.662383][ T9443] syz.0.953 (9443): drop_caches: 0
[  355.683990][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  355.716565][ T5876] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  355.848456][ T5876] usb 3-1: device descriptor read/64, error -71
[  355.854847][    T9] usb 2-1: device descriptor read/64, error -71
[  355.969178][ T5876] usb usb3-port1: attempt power cycle
[  355.974949][    T9] usb usb2-port1: attempt power cycle
[  356.103103][ T9451] Non-string source
[  357.075623][    T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  357.301202][    T9] usb 2-1: device not accepting address 26, error -71
[  357.852933][ T9475] netlink: 24 bytes leftover after parsing attributes in process `syz.2.961'.
[  357.947929][ T9484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.973609][ T9484] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  358.178664][  T975] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  358.358486][  T975] usb 5-1: Using ep0 maxpacket: 8
[  358.377869][  T975] usb 5-1: unable to get BOS descriptor or descriptor too short
[  358.386021][ T5887] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  358.407285][  T975] usb 5-1: unable to read config index 0 descriptor/start: -71
[  358.423461][  T975] usb 5-1: can't read configurations, error -71
[  359.219615][ T5887] usb 3-1: Using ep0 maxpacket: 16
[  359.226908][ T5887] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.238020][ T5887] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.248119][ T5887] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  359.271089][ T5887] usb 3-1: config 0 interface 0 has no altsetting 0
[  359.277798][ T5887] usb 3-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  359.308352][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.334486][ T5887] usb 3-1: config 0 descriptor??
[  359.460155][ T9509] FAULT_INJECTION: forcing a failure.
[  359.460155][ T9509] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  359.474863][ T9509] CPU: 1 UID: 0 PID: 9509 Comm: syz.5.971 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  359.485501][ T9509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  359.495680][ T9509] Call Trace:
[  359.498980][ T9509]  <TASK>
[  359.501935][ T9509]  dump_stack_lvl+0x241/0x360
[  359.506656][ T9509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.511888][ T9509]  ? __pfx__printk+0x10/0x10
[  359.516530][ T9509]  should_fail_ex+0x3b0/0x4e0
[  359.521416][ T9509]  prepare_alloc_pages+0x1da/0x5b0
[  359.526574][ T9509]  __alloc_pages_noprof+0x16f/0x710
[  359.531815][ T9509]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  359.537604][ T9509]  alloc_pages_mpol_noprof+0x3e8/0x680
[  359.543110][ T9509]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  359.549201][ T9509]  ? __pfx_lock_release+0x10/0x10
[  359.554234][ T9509]  ? xas_start+0x3cc/0x7b0
[  359.558694][ T9509]  folio_alloc_mpol_noprof+0x36/0x50
[  359.564031][ T9509]  shmem_alloc_and_add_folio+0x4a0/0x1080
[  359.569799][ T9509]  ? __pfx_filemap_get_entry+0x10/0x10
[  359.575334][ T9509]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  359.581541][ T9509]  ? shmem_allowable_huge_orders+0x341/0x680
[  359.587574][ T9509]  shmem_get_folio_gfp+0x621/0x1840
[  359.592796][ T9509]  ? lockdep_hardirqs_on+0x99/0x150
[  359.598058][ T9509]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  359.604273][ T9509]  ? fault_in_iov_iter_readable+0x49/0x280
[  359.610132][ T9509]  ? fault_in_readable+0x169/0x2d0
[  359.615349][ T9509]  ? fault_in_readable+0x173/0x2d0
[  359.620492][ T9509]  shmem_write_begin+0x165/0x350
[  359.625457][ T9509]  ? __pfx_shmem_write_begin+0x10/0x10
[  359.630943][ T9509]  ? fault_in_iov_iter_readable+0x229/0x280
[  359.636883][ T9509]  generic_perform_write+0x346/0x990
[  359.642229][ T9509]  ? __pfx_generic_perform_write+0x10/0x10
[  359.648090][ T9509]  ? __pfx_generic_write_checks+0x10/0x10
[  359.653931][ T9509]  ? rcu_read_lock_any_held+0xb7/0x160
[  359.659415][ T9509]  ? file_update_time+0x2ab/0x450
[  359.664457][ T9509]  shmem_file_write_iter+0xf9/0x120
[  359.669684][ T9509]  vfs_write+0xaeb/0xd30
[  359.673962][ T9509]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  359.679812][ T9509]  ? __pfx_vfs_write+0x10/0x10
[  359.684644][ T9509]  ? __fget_files+0x2a/0x410
[  359.689289][ T9509]  ? __fget_files+0x2a/0x410
[  359.693979][ T9509]  ksys_write+0x18f/0x2b0
[  359.698337][ T9509]  ? __pfx_ksys_write+0x10/0x10
[  359.703242][ T9509]  ? do_syscall_64+0x100/0x230
[  359.708063][ T9509]  ? do_syscall_64+0xb6/0x230
[  359.712766][ T9509]  do_syscall_64+0xf3/0x230
[  359.717295][ T9509]  ? clear_bhb_loop+0x35/0x90
[  359.721977][ T9509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.727907][ T9509] RIP: 0033:0x7f4ac3985d29
[  359.732333][ T9509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.752138][ T9509] RSP: 002b:00007f4ac4794038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  359.760603][ T9509] RAX: ffffffffffffffda RBX: 00007f4ac3b75fa0 RCX: 00007f4ac3985d29
[  359.768610][ T9509] RDX: 000000003af4701e RSI: 0000000020000100 RDI: 0000000000000004
[  359.776716][ T9509] RBP: 00007f4ac4794090 R08: 0000000000000000 R09: 0000000000000000
[  359.784729][ T9509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.792743][ T9509] R13: 0000000000000000 R14: 00007f4ac3b75fa0 R15: 00007ffc67816e48
[  359.800952][ T9509]  </TASK>
[  361.834615][ T5887] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  361.842674][ T5887] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  361.850221][ T5887] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  361.858575][ T5887] hid-generic 0003:045E:05DA.0007: ignoring exceeding usage max
[  361.871095][ T5887] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  361.878649][ T5887] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  361.886091][ T5887] hid-generic 0003:045E:05DA.0007: unbalanced collection at end of report description
[  362.592435][ T9492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  362.851571][ T5887] hid-generic 0003:045E:05DA.0007: probe with driver hid-generic failed with error -22
[  363.718860][ T9492] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  363.946314][ T5876] usb 3-1: USB disconnect, device number 35
[  364.040573][   T29] audit: type=1326 audit(1736695833.808:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.088375][   T29] audit: type=1326 audit(1736695833.808:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.128341][   T29] audit: type=1326 audit(1736695833.808:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.178354][   T29] audit: type=1326 audit(1736695833.808:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.218341][   T29] audit: type=1326 audit(1736695833.808:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.250509][   T29] audit: type=1326 audit(1736695833.808:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.274789][   T29] audit: type=1326 audit(1736695833.808:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.297047][   T29] audit: type=1326 audit(1736695833.808:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.318947][   T29] audit: type=1326 audit(1736695833.828:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9521 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa0ef5b85e5 code=0x7ffc0000
[  364.340995][   T29] audit: type=1326 audit(1736695833.828:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9519 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0ef585d29 code=0x7ffc0000
[  364.363909][  T975] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  364.518524][  T975] usb 6-1: Using ep0 maxpacket: 16
[  364.525564][  T975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  364.548393][  T975] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  364.577128][  T975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  364.593174][  T975] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  364.606089][  T975] usb 6-1: New USB device found, idVendor=0586, idProduct=1500, bcdDevice=2e.97
[  364.616474][  T975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.660967][  T975] usb 6-1: Product: syz
[  364.670893][  T975] usb 6-1: Manufacturer: syz
[  364.678442][  T975] usb 6-1: SerialNumber: syz
[  364.739355][  T975] usb 6-1: config 0 descriptor??
[  364.773937][  T975] omninet 6-1:0.0: ZyXEL - omni.net usb converter detected
[  364.817451][  T975] usb 6-1: ZyXEL - omni.net usb converter now attached to ttyUSB0
[  366.278312][ T5876] usb 6-1: USB disconnect, device number 8
[  366.302656][ T5876] omninet ttyUSB0: ZyXEL - omni.net usb converter now disconnected from ttyUSB0
[  366.312250][ T5876] omninet 6-1:0.0: device disconnected
[  366.615317][ T9571] FAULT_INJECTION: forcing a failure.
[  366.615317][ T9571] name failslab, interval 1, probability 0, space 0, times 0
[  366.693180][ T9571] CPU: 0 UID: 0 PID: 9571 Comm: syz.5.984 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  366.703953][ T9571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  366.714068][ T9571] Call Trace:
[  366.717425][ T9571]  <TASK>
[  366.720418][ T9571]  dump_stack_lvl+0x241/0x360
[  366.725316][ T9571]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.730584][ T9571]  ? __pfx__printk+0x10/0x10
[  366.735216][ T9571]  ? __kmalloc_cache_noprof+0x48/0x390
[  366.740709][ T9571]  ? __pfx___might_resched+0x10/0x10
[  366.746049][ T9571]  should_fail_ex+0x3b0/0x4e0
[  366.750758][ T9571]  should_failslab+0xac/0x100
[  366.755483][ T9571]  __kmalloc_cache_noprof+0x70/0x390
[  366.760809][ T9571]  ? alloc_netdev_mqs+0xbc6/0x1080
[  366.765961][ T9571]  ? __xdp_rxq_info_reg+0x142/0x290
[  366.771211][ T9571]  alloc_netdev_mqs+0xbc6/0x1080
[  366.776206][ T9571]  rtnl_create_link+0x2f9/0xc20
[  366.781117][ T9571]  rtnl_newlink_create+0x210/0xa40
[  366.786269][ T9571]  ? __pfx___mutex_lock+0x10/0x10
[  366.791413][ T9571]  ? cap_capable+0x1b4/0x250
[  366.796035][ T9571]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  366.801720][ T9571]  ? ns_capable+0x8a/0xf0
[  366.806088][ T9571]  rtnl_newlink+0x1c7e/0x2210
[  366.810812][ T9571]  ? __pfx_rtnl_newlink+0x10/0x10
[  366.815878][ T9571]  ? __netlink_deliver_tap+0x56b/0x7f0
[  366.821363][ T9571]  ? __pfx_validate_chain+0x10/0x10
[  366.826733][ T9571]  ? __sock_sendmsg+0x221/0x270
[  366.831622][ T9571]  ? ____sys_sendmsg+0x52a/0x7e0
[  366.836727][ T9571]  ? __sys_sendmsg+0x269/0x350
[  366.841913][ T9571]  ? do_syscall_64+0xf3/0x230
[  366.846626][ T9571]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.852775][ T9571]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.858813][ T9571]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  366.865182][ T9571]  ? mark_lock+0x9a/0x360
[  366.869547][ T9571]  ? __lock_acquire+0x1397/0x2100
[  366.874660][ T9571]  ? __pfx_lock_release+0x10/0x10
[  366.879734][ T9571]  ? cap_capable+0x1b4/0x250
[  366.884397][ T9571]  ? __pfx_rtnl_newlink+0x10/0x10
[  366.889626][ T9571]  rtnetlink_rcv_msg+0x791/0xcf0
[  366.894644][ T9571]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  366.899832][ T9571]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.905348][ T9571]  ? ref_tracker_free+0x643/0x7e0
[  366.910416][ T9571]  netlink_rcv_skb+0x1e3/0x430
[  366.915214][ T9571]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.920710][ T9571]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  366.926144][ T9571]  ? netlink_deliver_tap+0x2e/0x1b0
[  366.931413][ T9571]  netlink_unicast+0x7f6/0x990
[  366.936315][ T9571]  ? __pfx_netlink_unicast+0x10/0x10
[  366.941644][ T9571]  ? __virt_addr_valid+0x45f/0x530
[  366.946824][ T9571]  ? __phys_addr_symbol+0x2f/0x70
[  366.951875][ T9571]  ? __check_object_size+0x47a/0x730
[  366.957214][ T9571]  netlink_sendmsg+0x8e4/0xcb0
[  366.962021][ T9571]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.967366][ T9571]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.972691][ T9571]  __sock_sendmsg+0x221/0x270
[  366.977426][ T9571]  ____sys_sendmsg+0x52a/0x7e0
[  366.982418][ T9571]  ? __pfx_____sys_sendmsg+0x10/0x10
[  366.989128][ T9571]  ? __fget_files+0x2a/0x410
[  366.995036][ T9571]  ? __fget_files+0x2a/0x410
[  367.001150][ T9571]  __sys_sendmsg+0x269/0x350
[  367.006818][ T9571]  ? __pfx_lock_release+0x10/0x10
[  367.012344][ T9571]  ? __pfx___sys_sendmsg+0x10/0x10
[  367.017998][ T9571]  ? __pfx_vfs_write+0x10/0x10
[  367.023457][ T9571]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  367.030693][ T9571]  ? do_syscall_64+0x100/0x230
[  367.036939][ T9571]  ? do_syscall_64+0xb6/0x230
[  367.042381][ T9571]  do_syscall_64+0xf3/0x230
[  367.046930][ T9571]  ? clear_bhb_loop+0x35/0x90
[  367.051637][ T9571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.057722][ T9571] RIP: 0033:0x7f4ac3985d29
[  367.062175][ T9571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.082265][ T9571] RSP: 002b:00007f4ac4794038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.090752][ T9571] RAX: ffffffffffffffda RBX: 00007f4ac3b75fa0 RCX: 00007f4ac3985d29
[  367.098759][ T9571] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  367.106783][ T9571] RBP: 00007f4ac4794090 R08: 0000000000000000 R09: 0000000000000000
[  367.114896][ T9571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  367.123003][ T9571] R13: 0000000000000000 R14: 00007f4ac3b75fa0 R15: 00007ffc67816e48
[  367.131024][ T9571]  </TASK>
[  367.842837][ T9589] cifs: Unknown parameter 'mode'
[  368.406747][ T9594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.991'.
[  368.499531][ T9587] delete_channel: no stack
[  369.729510][ T9612] 9pnet_fd: Insufficient options for proto=fd
[  370.193679][ T5874] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  370.371096][ T5874] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  370.394474][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.416959][ T5874] usb 6-1: config 0 descriptor??
[  370.449608][ T5874] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  370.480434][ T9618] netlink: 'syz.4.997': attribute type 3 has an invalid length.
[  370.520494][ T9618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.997'.
[  371.945925][ T9629] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  374.683718][ T9646] binder: 9643:9646 ioctl c018620c 20001180 returned -22
[  375.332961][ T5874] usb 6-1: USB disconnect, device number 9
[  375.503142][ T9650] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1006'.
[  375.642517][ T9641] ISOFS: Unable to identify CD-ROM format.
[  375.861552][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1009'.
[  377.103544][ T9673] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1013'.
[  377.129128][ T5876] IPVS: starting estimator thread 0...
[  377.149170][ T9673] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1013'.
[  377.219181][ T9674] IPVS: using max 20 ests per chain, 48000 per kthread
[  378.828365][ T5874] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  379.283760][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  379.298940][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  379.392100][ T5874] usb 6-1: config index 0 descriptor too short (expected 60187, got 27)
[  379.414845][ T5874] usb 6-1: config 0 has an invalid interface number: 83 but max is -1
[  379.435756][ T5874] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  379.456852][ T5874] usb 6-1: config 0 has no interface number 0
[  379.458894][ T9699] FAULT_INJECTION: forcing a failure.
[  379.458894][ T9699] name failslab, interval 1, probability 0, space 0, times 0
[  379.475022][ T5874] usb 6-1: New USB device found, idVendor=0499, idProduct=1003, bcdDevice=6a.4b
[  379.498343][ T9699] CPU: 0 UID: 0 PID: 9699 Comm: syz.2.1020 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  379.509101][ T9699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  379.519188][ T9699] Call Trace:
[  379.522499][ T9699]  <TASK>
[  379.525457][ T9699]  dump_stack_lvl+0x241/0x360
[  379.530173][ T9699]  ? __pfx_dump_stack_lvl+0x10/0x10
[  379.535402][ T9699]  ? __pfx__printk+0x10/0x10
[  379.540034][ T9699]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  379.546051][ T9699]  ? __pfx___might_resched+0x10/0x10
[  379.551382][ T9699]  should_fail_ex+0x3b0/0x4e0
[  379.556129][ T9699]  should_failslab+0xac/0x100
[  379.560876][ T9699]  kmem_cache_alloc_node_noprof+0x77/0x380
[  379.566742][ T9699]  ? __alloc_skb+0x1c3/0x440
[  379.571391][ T9699]  __alloc_skb+0x1c3/0x440
[  379.575877][ T9699]  ? __pfx___alloc_skb+0x10/0x10
[  379.580874][ T9699]  ? netlink_ack_tlv_len+0x6e/0x200
[  379.586111][ T9699]  netlink_ack+0x145/0xa50
[  379.590550][ T9699]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  379.596046][ T9699]  ? __pfx_nl802154_post_doit+0x10/0x10
[  379.601647][ T9699]  ? __pfx___might_resched+0x10/0x10
[  379.607019][ T9699]  netlink_rcv_skb+0x262/0x430
[  379.611848][ T9699]  ? __pfx_genl_rcv_msg+0x10/0x10
[  379.617479][ T9699]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  379.622865][ T9699]  genl_rcv+0x28/0x40
[  379.626918][ T9699]  netlink_unicast+0x7f6/0x990
[  379.631746][ T9699]  ? __pfx_netlink_unicast+0x10/0x10
[  379.637084][ T9699]  ? __virt_addr_valid+0x45f/0x530
[  379.642221][ T9699]  ? __phys_addr_symbol+0x2f/0x70
[  379.647276][ T9699]  ? __check_object_size+0x47a/0x730
[  379.652602][ T9699]  netlink_sendmsg+0x8e4/0xcb0
[  379.657428][ T9699]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.662853][ T9699]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.668177][ T9699]  __sock_sendmsg+0x221/0x270
[  379.672913][ T9699]  ____sys_sendmsg+0x52a/0x7e0
[  379.677981][ T9699]  ? __pfx_____sys_sendmsg+0x10/0x10
[  379.683308][ T9699]  ? __fget_files+0x2a/0x410
[  379.688027][ T9699]  ? __fget_files+0x2a/0x410
[  379.689973][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.692632][ T9699]  __sys_sendmsg+0x269/0x350
[  379.700676][ T5874] usb 6-1: Product: syz
[  379.705171][ T9699]  ? __pfx_lock_release+0x10/0x10
[  379.709438][ T5874] usb 6-1: Manufacturer: syz
[  379.714327][ T9699]  ? __pfx___sys_sendmsg+0x10/0x10
[  379.719028][ T5874] usb 6-1: SerialNumber: syz
[  379.724053][ T9699]  ? __pfx_vfs_write+0x10/0x10
[  379.733507][ T9699]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  379.739866][ T9699]  ? do_syscall_64+0x100/0x230
[  379.744663][ T9699]  ? do_syscall_64+0xb6/0x230
[  379.749355][ T9699]  do_syscall_64+0xf3/0x230
[  379.754313][ T9699]  ? clear_bhb_loop+0x35/0x90
[  379.759000][ T9699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.764936][ T9699] RIP: 0033:0x7f6ac9f85d29
[  379.769362][ T9699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.789094][ T9699] RSP: 002b:00007f6acad68038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  379.797828][ T9699] RAX: ffffffffffffffda RBX: 00007f6aca175fa0 RCX: 00007f6ac9f85d29
[  379.805935][ T9699] RDX: 0000000000000800 RSI: 00000000200013c0 RDI: 0000000000000004
[  379.813929][ T9699] RBP: 00007f6acad68090 R08: 0000000000000000 R09: 0000000000000000
[  379.822092][ T9699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  379.831340][ T9699] R13: 0000000000000000 R14: 00007f6aca175fa0 R15: 00007ffc9afaaff8
[  379.841363][ T9699]  </TASK>
[  379.864530][ T5874] usb 6-1: config 0 descriptor??
[  379.888982][ T5874] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  380.374721][ T9707] block device autoloading is deprecated and will be removed.
[  380.398980][ T9707] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  380.407185][ T9707] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  380.416356][ T9707] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  380.424423][ T9707] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  380.578928][ T5874] snd-usb-audio 6-1:0.83: probe with driver snd-usb-audio failed with error -2
[  380.834665][ T5887] usb 6-1: USB disconnect, device number 10
[  381.470722][ T8980] udevd[8980]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.83/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  381.597872][ T9724] netlink: 'syz.2.1024': attribute type 1 has an invalid length.
[  381.605747][ T9724] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1024'.
[  383.451003][ T5874] usb 6-1: new low-speed USB device number 11 using dummy_hcd
[  383.459634][ T5887] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  383.690123][ T5874] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  383.701988][ T5887] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  383.720680][ T5874] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  383.731361][ T5887] usb 3-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  383.741145][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.760714][ T5887] usb 3-1: Product: syz
[  383.765445][ T5874] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  383.780193][ T5887] usb 3-1: Manufacturer: syz
[  383.784861][ T5887] usb 3-1: SerialNumber: syz
[  383.790390][ T5874] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  383.799542][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.830045][ T5874] hub 6-1:1.0: bad descriptor, ignoring hub
[  383.836380][ T5874] hub 6-1:1.0: probe with driver hub failed with error -5
[  383.845461][ T5874] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  384.087499][ T5887] qmi_wwan 3-1:1.0: skipping garbage
[  384.088353][ T9757] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1041'.
[  384.093134][ T5887] qmi_wwan 3-1:1.0: probe with driver qmi_wwan failed with error -22
[  384.121112][ T5887] usb 3-1: USB disconnect, device number 36
[  384.366025][ T9765] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1045'.
[  384.376199][ T9765] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1045'.
[  385.299646][ T5873] usb 6-1: USB disconnect, device number 11
[  385.948576][ T5887] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  386.500288][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.574395][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  386.632988][ T5887] usb 2-1: New USB device found, idVendor=056a, idProduct=0065, bcdDevice= 0.00
[  387.214272][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.225939][ T5887] usb 2-1: config 0 descriptor??
[  388.808187][ T5887] usbhid 2-1:0.0: can't add hid device: -71
[  388.816607][ T5887] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  388.866664][ T5887] usb 2-1: USB disconnect, device number 28
[  389.269004][ T9815] input: syz1 as /devices/virtual/input/input26
[  389.305148][ T9815] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1060'.
[  391.377693][ T9831] trusted_key: encrypted_key: insufficient parameters specified
[  391.599861][ T9839] Cannot find del_set index 1 as target
[  392.379542][ T9849] FAULT_INJECTION: forcing a failure.
[  392.379542][ T9849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.415142][ T9849] CPU: 0 UID: 0 PID: 9849 Comm: syz.2.1072 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  392.425926][ T9849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  392.436044][ T9849] Call Trace:
[  392.439921][ T9849]  <TASK>
[  392.442903][ T9849]  dump_stack_lvl+0x241/0x360
[  392.444434][ T9848] input: syz0 as /devices/virtual/input/input27
[  392.447634][ T9849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.457847][ T9850] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  392.459079][ T9849]  ? __pfx__printk+0x10/0x10
[  392.459224][ T9849]  ? __pfx_lock_release+0x10/0x10
[  392.459273][ T9849]  should_fail_ex+0x3b0/0x4e0
[  392.459305][ T9849]  _copy_from_user+0x2f/0xc0
[  392.488778][ T9849]  __sys_bpf+0x1a4/0x810
[  392.488813][ T9849]  ? __pfx___sys_bpf+0x10/0x10
[  392.488845][ T9849]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  392.488869][ T9849]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  392.488889][ T9849]  ? do_syscall_64+0x100/0x230
[  392.488918][ T9849]  __x64_sys_bpf+0x7c/0x90
[  392.488943][ T9849]  do_syscall_64+0xf3/0x230
[  392.488968][ T9849]  ? clear_bhb_loop+0x35/0x90
[  392.488988][ T9849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.489014][ T9849] RIP: 0033:0x7f6ac9f85d29
[  392.489032][ T9849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.489047][ T9849] RSP: 002b:00007f6acad68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  392.489068][ T9849] RAX: ffffffffffffffda RBX: 00007f6aca175fa0 RCX: 00007f6ac9f85d29
[  392.489081][ T9849] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  392.489093][ T9849] RBP: 00007f6acad68090 R08: 0000000000000000 R09: 0000000000000000
[  392.489105][ T9849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.489117][ T9849] R13: 0000000000000001 R14: 00007f6aca175fa0 R15: 00007ffc9afaaff8
[  392.489140][ T9849]  </TASK>
[  392.489166][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.624078][ T9859] FAULT_INJECTION: forcing a failure.
[  392.624078][ T9859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.624205][ T9859] CPU: 0 UID: 0 PID: 9859 Comm: syz.0.1066 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  392.624229][ T9859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  392.624254][ T9859] Call Trace:
[  392.624262][ T9859]  <TASK>
[  392.624271][ T9859]  dump_stack_lvl+0x241/0x360
[  392.624307][ T9859]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.624335][ T9859]  ? __pfx__printk+0x10/0x10
[  392.624362][ T9859]  ? __pfx_lock_release+0x10/0x10
[  392.624387][ T9859]  ? kasan_save_stack+0x4f/0x60
[  392.624413][ T9859]  ? __kasan_record_aux_stack+0xac/0xc0
[  392.624441][ T9859]  should_fail_ex+0x3b0/0x4e0
[  392.624468][ T9859]  _copy_from_user+0x2f/0xc0
[  392.624499][ T9859]  do_tcp_getsockopt+0x20f/0x3570
[  392.624541][ T9859]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  392.624574][ T9859]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  392.624599][ T9859]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  392.624628][ T9859]  ? call_rcu+0x731/0xa70
[  392.624653][ T9859]  ? lockdep_hardirqs_on+0x99/0x150
[  392.624693][ T9859]  ? __pfx_call_rcu+0x10/0x10
[  392.624718][ T9859]  ? bpf_inode_storage_free+0x72/0x300
[  392.624747][ T9859]  ? locks_free_lock_context+0x42/0x70
[  392.624779][ T9859]  ? __destroy_inode+0x4af/0x670
[  392.624812][ T9859]  ? __pfx_sock_free_inode+0x10/0x10
[  392.624843][ T9859]  ? evict+0x836/0x9a0
[  392.624876][ T9859]  ? __pfx_evict+0x10/0x10
[  392.624906][ T9859]  ? iput+0x713/0xa50
[  392.624935][ T9859]  tcp_getsockopt+0xfb/0x1c0
[  392.624968][ T9859]  ? __pfx_tcp_getsockopt+0x10/0x10
[  392.625007][ T9859]  mptcp_getsockopt+0x169b/0x2f70
[  392.625077][ T9859]  ? mark_lock+0x9a/0x360
[  392.625106][ T9859]  ? validate_chain+0x11e/0x5920
[  392.625211][ T9859]  ? __pfx_mptcp_getsockopt+0x10/0x10
[  392.625251][ T9859]  ? __lock_acquire+0x1397/0x2100
[  392.625281][ T9859]  ? __pfx_validate_chain+0x10/0x10
[  392.625330][ T9859]  ? validate_chain+0x11e/0x5920
[  392.625360][ T9859]  ? __pfx_lock_acquire+0x10/0x10
[  392.625386][ T9859]  ? __pfx_validate_chain+0x10/0x10
[  392.625416][ T9859]  ? __pfx_lock_release+0x10/0x10
[  392.625444][ T9859]  ? unwind_next_frame+0x18e6/0x22d0
[  392.625476][ T9859]  ? __pfx_validate_chain+0x10/0x10
[  392.625509][ T9859]  ? __pfx_validate_chain+0x10/0x10
[  392.625550][ T9859]  ? _parse_integer_limit+0x1b5/0x200
[  392.625580][ T9859]  ? __pfx_validate_chain+0x10/0x10
[  392.625612][ T9859]  ? __lock_acquire+0x1397/0x2100
[  392.625649][ T9859]  ? mark_lock+0x9a/0x360
[  392.625680][ T9859]  ? __lock_acquire+0x1397/0x2100
[  392.625739][ T9859]  ? __pfx___might_resched+0x10/0x10
[  392.625774][ T9859]  ? __might_fault+0xaa/0x120
[  392.625802][ T9859]  ? __pfx_lock_release+0x10/0x10
[  392.625836][ T9859]  ? __might_fault+0xc6/0x120
[  392.625864][ T9859]  ? sock_common_getsockopt+0x2e/0xb0
[  392.625897][ T9859]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  392.625935][ T9859]  do_sock_getsockopt+0x3c4/0x7e0
[  392.625967][ T9859]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  392.625993][ T9859]  ? __fget_files+0x2a/0x410
[  392.626019][ T9859]  ? __fget_files+0x395/0x410
[  392.626040][ T9859]  ? __fget_files+0x2a/0x410
[  392.626071][ T9859]  __x64_sys_getsockopt+0x2a1/0x370
[  392.626106][ T9859]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  392.626135][ T9859]  ? do_syscall_64+0x100/0x230
[  392.626172][ T9859]  ? do_syscall_64+0xb6/0x230
[  392.626208][ T9859]  do_syscall_64+0xf3/0x230
[  392.626249][ T9859]  ? clear_bhb_loop+0x35/0x90
[  392.626275][ T9859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.626308][ T9859] RIP: 0033:0x7f86b5385d29
[  392.626340][ T9859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.626358][ T9859] RSP: 002b:00007f86b619e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  392.626383][ T9859] RAX: ffffffffffffffda RBX: 00007f86b5576080 RCX: 00007f86b5385d29
[  392.626399][ T9859] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000004
[  392.626412][ T9859] RBP: 00007f86b619e090 R08: 0000000020000040 R09: 0000000000000000
[  392.626427][ T9859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.626441][ T9859] R13: 0000000000000000 R14: 00007f86b5576080 R15: 00007ffe9f37b298
[  392.626471][ T9859]  </TASK>
[  394.210871][ T9879] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1074'.
[  394.267533][ T9878] syz.1.1078 (9878): drop_caches: 0
[  394.905996][ T9892] FAULT_INJECTION: forcing a failure.
[  394.905996][ T9892] name failslab, interval 1, probability 0, space 0, times 0
[  394.906031][ T9892] CPU: 0 UID: 0 PID: 9892 Comm: syz.0.1081 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  394.906055][ T9892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  394.906068][ T9892] Call Trace:
[  394.906077][ T9892]  <TASK>
[  394.906086][ T9892]  dump_stack_lvl+0x241/0x360
[  394.906121][ T9892]  ? __pfx_dump_stack_lvl+0x10/0x10
[  394.906149][ T9892]  ? __pfx__printk+0x10/0x10
[  394.906176][ T9892]  ? __kmalloc_cache_noprof+0x48/0x390
[  394.906199][ T9892]  ? __pfx___might_resched+0x10/0x10
[  394.906235][ T9892]  should_fail_ex+0x3b0/0x4e0
[  394.906270][ T9892]  should_failslab+0xac/0x100
[  394.906303][ T9892]  __kmalloc_cache_noprof+0x70/0x390
[  394.906323][ T9892]  ? macvlan_changelink_sources+0xa9d/0x1740
[  394.906353][ T9892]  macvlan_changelink_sources+0xa9d/0x1740
[  394.906389][ T9892]  macvlan_common_newlink+0xd3a/0x1930
[  394.906411][ T9892]  ? sized_strscpy+0x9a/0x2b0
[  394.906443][ T9892]  ? __pfx_macvlan_common_newlink+0x10/0x10
[  394.906468][ T9892]  ? rtnl_create_link+0x91c/0xc20
[  394.906494][ T9892]  ? __pfx_macvlan_newlink+0x10/0x10
[  394.906522][ T9892]  rtnl_newlink_create+0x2ee/0xa40
[  394.906561][ T9892]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  394.906597][ T9892]  ? ns_capable+0x8a/0xf0
[  394.906630][ T9892]  rtnl_newlink+0x1c7e/0x2210
[  394.906670][ T9892]  ? __pfx_rtnl_newlink+0x10/0x10
[  394.906696][ T9892]  ? __netlink_deliver_tap+0x56b/0x7f0
[  394.906719][ T9892]  ? __pfx_validate_chain+0x10/0x10
[  394.906744][ T9892]  ? __sock_sendmsg+0x221/0x270
[  394.906771][ T9892]  ? ____sys_sendmsg+0x52a/0x7e0
[  394.906793][ T9892]  ? __sys_sendmsg+0x269/0x350
[  394.906815][ T9892]  ? do_syscall_64+0xf3/0x230
[  394.906842][ T9892]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.906891][ T9892]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  394.906917][ T9892]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  394.906947][ T9892]  ? mark_lock+0x9a/0x360
[  394.906974][ T9892]  ? __lock_acquire+0x1397/0x2100
[  394.907026][ T9892]  ? __pfx_lock_release+0x10/0x10
[  394.907048][ T9892]  ? cap_capable+0x1b4/0x250
[  394.907083][ T9892]  ? __pfx_rtnl_newlink+0x10/0x10
[  394.907112][ T9892]  rtnetlink_rcv_msg+0x791/0xcf0
[  394.907137][ T9892]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  394.907168][ T9892]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  394.907202][ T9892]  ? ref_tracker_free+0x643/0x7e0
[  394.907231][ T9892]  netlink_rcv_skb+0x1e3/0x430
[  394.907259][ T9892]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  394.907288][ T9892]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  394.907333][ T9892]  ? netlink_deliver_tap+0x2e/0x1b0
[  394.907358][ T9892]  netlink_unicast+0x7f6/0x990
[  394.907397][ T9892]  ? __pfx_netlink_unicast+0x10/0x10
[  394.907425][ T9892]  ? __virt_addr_valid+0x45f/0x530
[  394.907450][ T9892]  ? __phys_addr_symbol+0x2f/0x70
[  394.907472][ T9892]  ? __check_object_size+0x47a/0x730
[  394.907507][ T9892]  netlink_sendmsg+0x8e4/0xcb0
[  394.907542][ T9892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  394.907577][ T9892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  394.907599][ T9892]  __sock_sendmsg+0x221/0x270
[  394.907631][ T9892]  ____sys_sendmsg+0x52a/0x7e0
[  394.907663][ T9892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  394.907686][ T9892]  ? __fget_files+0x2a/0x410
[  394.907710][ T9892]  ? __fget_files+0x2a/0x410
[  394.907739][ T9892]  __sys_sendmsg+0x269/0x350
[  394.907762][ T9892]  ? __pfx_lock_release+0x10/0x10
[  394.907788][ T9892]  ? __pfx___sys_sendmsg+0x10/0x10
[  394.907825][ T9892]  ? __pfx_vfs_write+0x10/0x10
[  394.907876][ T9892]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  394.907900][ T9892]  ? do_syscall_64+0x100/0x230
[  394.907933][ T9892]  ? do_syscall_64+0xb6/0x230
[  394.907966][ T9892]  do_syscall_64+0xf3/0x230
[  394.907996][ T9892]  ? clear_bhb_loop+0x35/0x90
[  394.908019][ T9892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.908049][ T9892] RIP: 0033:0x7f86b5385d29
[  394.908068][ T9892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.908086][ T9892] RSP: 002b:00007f86b61bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  394.908110][ T9892] RAX: ffffffffffffffda RBX: 00007f86b5575fa0 RCX: 00007f86b5385d29
[  394.908126][ T9892] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  394.908139][ T9892] RBP: 00007f86b61bf090 R08: 0000000000000000 R09: 0000000000000000
[  394.908154][ T9892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  394.908167][ T9892] R13: 0000000000000000 R14: 00007f86b5575fa0 R15: 00007ffe9f37b298
[  394.908197][ T9892]  </TASK>
[  396.314373][ T9848] tty tty1: ldisc open failed (-12), clearing slot 0
[  396.331334][ T9876] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  396.361568][ T9904] tty tty20: ldisc open failed (-12), clearing slot 19
[  396.422465][ T9908] ttynull ttynull: ldisc open failed (-12), clearing slot 0
[  397.151271][ T9923] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1087'.
[  397.417205][ T9941] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  398.385950][ T9962] syz.5.1099 (9962): drop_caches: 0
[  398.747577][ T9949] ISOFS: Unable to identify CD-ROM format.
[  398.978923][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  398.978976][   T29] audit: type=1326 audit(1736695868.778:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.093924][ T9974] syz.4.1105 (9974): drop_caches: 0
[  399.390292][   T29] audit: type=1326 audit(1736695868.838:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.426458][   T29] audit: type=1326 audit(1736695868.838:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.448981][   T29] audit: type=1326 audit(1736695868.838:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.470941][   T29] audit: type=1326 audit(1736695868.858:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.492880][   T29] audit: type=1326 audit(1736695868.858:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.546461][   T29] audit: type=1326 audit(1736695869.318:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  399.574124][   T29] audit: type=1326 audit(1736695869.318:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  400.539498][ T9983] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1106'.
[  401.270618][   T29] audit: type=1326 audit(1736695871.058:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  401.379469][   T29] audit: type=1326 audit(1736695871.068:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.0.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  401.503945][ T9994] vivid-007: disconnect
[  401.620321][T10004] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1114'.
[  401.634454][ T9994] vivid-007: reconnect
[  401.651066][T10004] team0: entered promiscuous mode
[  401.656153][T10004] team_slave_0: entered promiscuous mode
[  401.667583][T10004] team_slave_1: entered promiscuous mode
[  401.709259][T10004] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  401.754670][T10004] team0: left promiscuous mode
[  401.788054][T10004] team_slave_0: left promiscuous mode
[  402.238627][T10004] team_slave_1: left promiscuous mode
[  402.716834][T10010] syz.0.1116 (10010): drop_caches: 0
[  402.988030][T10022] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  403.714003][ T5876] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  403.926504][T10022] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  404.079129][ T5876] usb 2-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=f8.e9
[  404.100556][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.499574][ T5876] usb 2-1: Product: syz
[  404.503842][ T5876] usb 2-1: Manufacturer: syz
[  404.508523][ T5876] usb 2-1: SerialNumber: syz
[  404.524350][ T5876] usb 2-1: config 0 descriptor??
[  404.713020][ T5876] keyspan 2-1:0.0: Keyspan 1 port adapter converter detected
[  404.723691][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 84
[  404.732333][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81
[  404.740137][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 82
[  404.750852][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1
[  404.758746][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2
[  404.766815][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83
[  404.775265][ T5876] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3
[  405.465570][T10041] Unsupported ieee802154 address type: 0
[  405.518655][ T5876] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  405.618984][    T9] usb 2-1: USB disconnect, device number 29
[  405.630618][    T9] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  405.640814][    T9] keyspan 2-1:0.0: device disconnected
[  406.397480][ T5826] Bluetooth: hci5: sending frame failed (-49)
[  406.406850][ T5824] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  406.833000][T10065] input: syz1 as /devices/virtual/input/input28
[  406.926165][T10066] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1132'.
[  407.713984][T10068] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1130'.
[  408.040074][T10073] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1134'.
[  408.914463][T10077] syz.4.1133 (10077): drop_caches: 0
[  410.495411][T10087] Unsupported ieee802154 address type: 0
[  410.710122][T10089] FAULT_INJECTION: forcing a failure.
[  410.710122][T10089] name failslab, interval 1, probability 0, space 0, times 0
[  410.880229][T10089] CPU: 1 UID: 0 PID: 10089 Comm: syz.1.1139 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  410.891182][T10089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  410.901264][T10089] Call Trace:
[  410.904570][T10089]  <TASK>
[  410.907535][T10089]  dump_stack_lvl+0x241/0x360
[  410.912491][T10089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.917754][T10089]  ? __pfx__printk+0x10/0x10
[  410.922394][T10089]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  410.928340][T10089]  ? __pfx___might_resched+0x10/0x10
[  410.933777][T10089]  should_fail_ex+0x3b0/0x4e0
[  410.938500][T10089]  should_failslab+0xac/0x100
[  410.943221][T10089]  ? __get_vm_area_node+0x132/0x2d0
[  410.948433][T10089]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  410.954173][T10089]  __get_vm_area_node+0x132/0x2d0
[  410.959217][T10089]  __vmalloc_node_range_noprof+0x344/0x1380
[  410.965226][T10089]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  410.970956][T10089]  ? mark_lock+0x9a/0x360
[  410.975512][T10089]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  410.981875][T10089]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  410.987578][T10089]  __vmalloc_noprof+0x79/0x90
[  410.992267][T10089]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  410.997816][T10089]  bpf_prog_alloc_no_stats+0x4d/0x4d0
[  411.003198][T10089]  ? bpf_prog_alloc+0x28/0x1b0
[  411.008090][T10089]  bpf_prog_alloc+0x3a/0x1b0
[  411.012698][T10089]  bpf_prog_load+0x7f7/0x20f0
[  411.017487][T10089]  ? __pfx_bpf_prog_load+0x10/0x10
[  411.022617][T10089]  ? __pfx___might_resched+0x10/0x10
[  411.027953][T10089]  ? __might_fault+0xc6/0x120
[  411.032650][T10089]  __sys_bpf+0x4ee/0x810
[  411.036946][T10089]  ? __pfx___sys_bpf+0x10/0x10
[  411.041786][T10089]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  411.048042][T10089]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  411.054457][T10089]  ? do_syscall_64+0x100/0x230
[  411.059239][T10089]  __x64_sys_bpf+0x7c/0x90
[  411.063675][T10089]  do_syscall_64+0xf3/0x230
[  411.068203][T10089]  ? clear_bhb_loop+0x35/0x90
[  411.072920][T10089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.078857][T10089] RIP: 0033:0x7fbd51585d29
[  411.083342][T10089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.103025][T10089] RSP: 002b:00007fbd513f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  411.111746][T10089] RAX: ffffffffffffffda RBX: 00007fbd51775fa0 RCX: 00007fbd51585d29
[  411.119922][T10089] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  411.128009][T10089] RBP: 00007fbd513f9090 R08: 0000000000000000 R09: 0000000000000000
[  411.136014][T10089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.144120][T10089] R13: 0000000000000001 R14: 00007fbd51775fa0 R15: 00007ffccbbd3498
[  411.152108][T10089]  </TASK>
[  411.399001][T10089] syz.1.1139: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  411.521560][T10089] CPU: 1 UID: 0 PID: 10089 Comm: syz.1.1139 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  411.532448][T10089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  411.542713][T10089] Call Trace:
[  411.546039][T10089]  <TASK>
[  411.548984][T10089]  dump_stack_lvl+0x241/0x360
[  411.553683][T10089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  411.558928][T10089]  ? __pfx__printk+0x10/0x10
[  411.563668][T10089]  ? __rcu_read_unlock+0xa1/0x110
[  411.568723][T10089]  warn_alloc+0x278/0x410
[  411.573083][T10089]  ? __pfx_warn_alloc+0x10/0x10
[  411.577956][T10089]  ? __kasan_kmalloc+0x23/0xb0
[  411.582775][T10089]  ? __kmalloc_cache_node_noprof+0x25d/0x3a0
[  411.588981][T10089]  ? __get_vm_area_node+0x280/0x2d0
[  411.594285][T10089]  __vmalloc_node_range_noprof+0x369/0x1380
[  411.600208][T10089]  ? mark_lock+0x9a/0x360
[  411.604623][T10089]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  411.610972][T10089]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  411.616557][T10089]  __vmalloc_noprof+0x79/0x90
[  411.621299][T10089]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  411.626978][T10089]  bpf_prog_alloc_no_stats+0x4d/0x4d0
[  411.632382][T10089]  ? bpf_prog_alloc+0x28/0x1b0
[  411.637164][T10089]  bpf_prog_alloc+0x3a/0x1b0
[  411.641765][T10089]  bpf_prog_load+0x7f7/0x20f0
[  411.646462][T10089]  ? __pfx_bpf_prog_load+0x10/0x10
[  411.651589][T10089]  ? __pfx___might_resched+0x10/0x10
[  411.656990][T10089]  ? __might_fault+0xc6/0x120
[  411.661683][T10089]  __sys_bpf+0x4ee/0x810
[  411.666091][T10089]  ? __pfx___sys_bpf+0x10/0x10
[  411.670964][T10089]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  411.676964][T10089]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  411.683498][T10089]  ? do_syscall_64+0x100/0x230
[  411.688341][T10089]  __x64_sys_bpf+0x7c/0x90
[  411.692874][T10089]  do_syscall_64+0xf3/0x230
[  411.697394][T10089]  ? clear_bhb_loop+0x35/0x90
[  411.702115][T10089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.708155][T10089] RIP: 0033:0x7fbd51585d29
[  411.712597][T10089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.732522][T10089] RSP: 002b:00007fbd513f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  411.741061][T10089] RAX: ffffffffffffffda RBX: 00007fbd51775fa0 RCX: 00007fbd51585d29
[  411.749251][T10089] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  411.757431][T10089] RBP: 00007fbd513f9090 R08: 0000000000000000 R09: 0000000000000000
[  411.765427][T10089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.773418][T10089] R13: 0000000000000001 R14: 00007fbd51775fa0 R15: 00007ffccbbd3498
[  411.781447][T10089]  </TASK>
[  411.849337][T10089] Mem-Info:
[  411.852614][T10089] active_anon:324 inactive_anon:5396 isolated_anon:0
[  411.852614][T10089]  active_file:23067 inactive_file:35065 isolated_file:0
[  411.852614][T10089]  unevictable:768 dirty:158 writeback:0
[  411.852614][T10089]  slab_reclaimable:10270 slab_unreclaimable:103584
[  411.852614][T10089]  mapped:29889 shmem:1402 pagetables:1050
[  411.852614][T10089]  sec_pagetables:0 bounce:0
[  411.852614][T10089]  kernel_misc_reclaimable:0
[  411.852614][T10089]  free:1318874 free_pcp:444 free_cma:0
[  412.082428][T10089] Node 0 active_anon:1296kB inactive_anon:21784kB active_file:92196kB inactive_file:140260kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119656kB dirty:632kB writeback:0kB shmem:4072kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11456kB pagetables:4200kB sec_pagetables:0kB all_unreclaimable? no
[  412.589958][T10089] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  412.591119][T10101] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1144'.
[  412.826191][T10089] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  412.858507][T10089] lowmem_reserve[]: 0 2465 2466 0 0
[  412.864039][T10089] Node 0 DMA32 free:1346488kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:1296kB inactive_anon:21900kB active_file:91416kB inactive_file:140208kB unevictable:1536kB writepending:648kB present:3129332kB managed:2552772kB mlocked:0kB bounce:0kB free_pcp:1472kB local_pcp:1096kB free_cma:0kB
[  412.977734][T10089] lowmem_reserve[]: 0 0 0 0 0
[  412.993158][T10089] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:780kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  413.036131][T10089] lowmem_reserve[]: 0 0 0 0 0
[  413.041324][T10089] Node 1 Normal free:3912932kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB
[  413.119798][T10089] lowmem_reserve[]: 0 0 0 0 0
[  413.124760][T10089] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  413.137595][T10089] Node 0 DMA32: 544*4kB (UME) 1379*8kB (UME) 467*16kB (UME) 327*32kB (UME) 411*64kB (UME) 112*128kB (UME) 59*256kB (UM) 37*512kB (UM) 19*1024kB (UM) 19*2048kB (UME) 289*4096kB (UM) = 1347944kB
[  413.157387][T10089] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  413.169862][T10089] Node 1 Normal: 215*4kB (UME) 65*8kB (UME) 56*16kB (UME) 194*32kB (UME) 91*64kB (UME) 34*128kB (UME) 20*256kB (UM) 6*512kB (UM) 3*1024kB (UME) 4*2048kB (UE) 946*4096kB (M) = 3912932kB
[  413.201266][T10089] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  413.211073][T10089] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  413.241673][T10089] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  413.251393][T10089] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  413.288752][T10089] 60437 total pagecache pages
[  413.293527][T10089] 1 pages in swap cache
[  413.297708][T10089] Free swap  = 124260kB
[  413.348655][T10089] Total swap = 124996kB
[  413.352902][T10089] 2097051 pages RAM
[  413.356748][T10089] 0 pages HighMem/MovableOnly
[  413.368604][T10089] 427006 pages reserved
[  413.372802][T10089] 0 pages cma reserved
[  415.471736][T10128] Unsupported ieee802154 address type: 0
[  416.073578][T10144] syz.1.1153 (10144): drop_caches: 0
[  416.545046][T10135] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1157'.
[  416.559872][T10154] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  416.575388][T10135] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1157'.
[  416.594049][T10154] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  416.888845][T10161] binder: 10159:10161 ioctl 4018620d 0 returned -22
[  417.568358][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  417.568386][   T29] audit: type=1400 audit(1736695887.358:268): lsm=SMACK fn=smack_inode_setattr action=denied subject="y" object="_" requested=w pid=10172 comm="syz.1.1167" name="blkio.bfq.io_service_time_recursive" dev="tmpfs" ino=1341
[  417.891217][T10179] Unsupported ieee802154 address type: 0
[  420.152870][T10185] ISOFS: Unable to identify CD-ROM format.
[  420.318764][T10201] syz.0.1171 (10201): drop_caches: 0
[  420.795217][T10204] binder: 10202:10204 ioctl 4018620d 0 returned -22
[  422.479702][T10222] Unsupported ieee802154 address type: 0
[  422.703921][T10223] netlink: 'syz.1.1178': attribute type 10 has an invalid length.
[  423.954011][T10223] 8021q: adding VLAN 0 to HW filter on device bond0
[  423.973325][T10223] team0: Port device bond0 added
[  427.721201][   T29] audit: type=1326 audit(1736695897.298:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  427.743049][   T29] audit: type=1326 audit(1736695897.298:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  427.968188][   T29] audit: type=1326 audit(1736695897.298:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  427.990526][   T29] audit: type=1326 audit(1736695897.298:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  428.012959][   T29] audit: type=1326 audit(1736695897.298:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  428.035222][   T29] audit: type=1326 audit(1736695897.298:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  428.078754][   T29] audit: type=1326 audit(1736695897.298:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  428.241392][   T29] audit: type=1326 audit(1736695897.298:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  428.337938][T10270] binder: 10252:10270 ioctl 4018620d 0 returned -22
[  428.470654][   T29] audit: type=1326 audit(1736695897.308:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  428.560346][   T29] audit: type=1326 audit(1736695897.308:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10261 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b5385d29 code=0x7ffc0000
[  432.884204][T10314] binder: 10309:10314 ioctl 4018620d 0 returned -22
[  433.738393][ T5876] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  433.892301][T10336] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1214'.
[  433.905029][T10336] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1214'.
[  433.916785][T10336] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1214'.
[  433.931957][T10336] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1214'.
[  434.008436][ T5876] usb 3-1: Using ep0 maxpacket: 32
[  434.018923][ T5876] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  434.190790][T10344] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  434.667370][ T5876] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  434.696592][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.716662][ T5876] usb 3-1: Product: syz
[  434.721794][ T5876] usb 3-1: Manufacturer: syz
[  434.735522][ T5876] usb 3-1: SerialNumber: syz
[  434.757411][ T5876] usb 3-1: config 0 descriptor??
[  434.771356][T10333] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  435.262165][ T5876] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  435.281441][ T5876] usb 3-1: USB disconnect, device number 37
[  437.123210][T10377] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1225'.
[  440.772291][   T25] usb 5-1: new low-speed USB device number 26 using dummy_hcd
[  441.144227][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  441.150662][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  441.184672][T10379] ISOFS: Unable to identify CD-ROM format.
[  441.414587][T10391] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  441.437772][T10389] fuse: Unknown parameter 'user_id00000000000000000000'
[  441.452906][T10389] fuse: Bad value for 'fd'
[  441.624439][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  441.749722][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  441.864381][   T25] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  442.075632][   T25] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  442.171940][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.659518][   T25] hub 5-1:1.0: bad descriptor, ignoring hub
[  442.687882][   T25] hub 5-1:1.0: probe with driver hub failed with error -5
[  442.758819][   T25] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  442.973544][ T5876] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  443.358738][T10409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1234'.
[  444.008616][ T5876] usb 3-1: Using ep0 maxpacket: 32
[  444.015153][ T5876] usb 3-1: config 0 has an invalid interface number: 173 but max is 0
[  444.024298][ T5876] usb 3-1: config 0 has no interface number 0
[  444.043655][ T5876] usb 3-1: config 0 interface 173 has no altsetting 0
[  444.148547][ T5874] usb 5-1: USB disconnect, device number 26
[  444.156509][ T5876] usb 3-1: New USB device found, idVendor=1199, idProduct=900a, bcdDevice=58.bb
[  444.211840][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.228326][ T5876] usb 3-1: Product: syz
[  444.232560][ T5876] usb 3-1: Manufacturer: syz
[  444.237293][ T5876] usb 3-1: SerialNumber: syz
[  444.267608][T10414] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1236'.
[  444.282639][T10414] team0: entered promiscuous mode
[  444.288555][T10414] team_slave_0: entered promiscuous mode
[  444.294391][T10414] team_slave_1: entered promiscuous mode
[  444.301898][T10414] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  444.320057][ T5876] usb 3-1: config 0 descriptor??
[  444.366041][T10414] team0: left promiscuous mode
[  444.380307][T10414] team_slave_0: left promiscuous mode
[  444.386259][T10414] team_slave_1: left promiscuous mode
[  444.986008][T10401] @: renamed from vlan0 (while UP)
[  445.022789][T10401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.205758][T10401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.295492][ T5876] usb 3-1: USB disconnect, device number 38
[  445.501501][T10430] fuse: Unknown parameter 'user_id00000000000000000000'
[  445.940067][T10430] fuse: Bad value for 'fd'
[  446.650498][T10438] ISOFS: Unable to identify CD-ROM format.
[  446.878359][  T975] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  447.359656][  T975] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  447.488759][  T975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.943074][  T975] usb 6-1: Product: syz
[  447.947313][  T975] usb 6-1: Manufacturer: syz
[  447.960861][  T975] usb 6-1: SerialNumber: syz
[  448.004651][  T975] usb 6-1: config 0 descriptor??
[  448.936538][ T5826] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  448.995347][ T5826] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  449.040233][ T5826] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  449.050154][ T5826] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  449.059217][ T5826] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  449.066418][ T5826] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  449.240469][T10464] netlink: 277 bytes leftover after parsing attributes in process `syz.4.1253'.
[  449.907959][T10467] netlink: 'syz.1.1254': attribute type 1 has an invalid length.
[  449.916714][  T975] peak_usb 6-1:0.0: PEAK-System PCAN-USB FD v212 fw v90.0.0 (1 channels)
[  450.309838][T10467] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1254'.
[  450.977674][  T975] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  451.013213][  T975] peak_usb 6-1:0.0: unable to tell PCAN-USB FD driver is loaded (err -71)
[  451.128435][ T5826] Bluetooth: hci5: command tx timeout
[  451.346021][T10485] SET target dimension over the limit!
[  452.276911][T10489] ISOFS: Unable to identify CD-ROM format.
[  452.731467][T10504] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1265'.
[  452.866115][T10498] syz.4.1262 (10498): drop_caches: 0
[  452.901799][  T975] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[  452.926701][  T975] usb 6-1: USB disconnect, device number 12
[  453.209324][T10510] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1264'.
[  453.250810][ T5826] Bluetooth: hci5: command tx timeout
[  453.902960][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  453.902979][   T29] audit: type=1326 audit(1736695923.698:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  453.970641][T10459] chnl_net:caif_netlink_parms(): no params data found
[  454.017720][   T29] audit: type=1326 audit(1736695923.698:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.044814][T10519] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1270'.
[  454.080405][   T29] audit: type=1326 audit(1736695923.698:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.168578][   T29] audit: type=1326 audit(1736695923.698:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.398347][   T29] audit: type=1326 audit(1736695923.698:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.631851][T10517] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1268'.
[  454.641284][   T29] audit: type=1326 audit(1736695923.698:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.683918][   T29] audit: type=1326 audit(1736695923.698:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.747282][   T29] audit: type=1326 audit(1736695923.698:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.817005][T10517] ip6gretap0: entered promiscuous mode
[  454.829000][   T29] audit: type=1326 audit(1736695923.698:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  454.889731][T10517] ip6gretap0: left promiscuous mode
[  454.927812][   T29] audit: type=1326 audit(1736695923.838:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10516 comm="syz.1.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd51585d29 code=0x7ffc0000
[  455.058635][T10539] bridge2: entered promiscuous mode
[  455.216662][ T1143] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.281833][ T5826] Bluetooth: hci5: command tx timeout
[  455.397013][T10547] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1277'.
[  455.422701][T10548] netlink: 'syz.5.1278': attribute type 21 has an invalid length.
[  455.430887][T10548] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1278'.
[  455.440337][T10548] netlink: 'syz.5.1278': attribute type 4 has an invalid length.
[  455.448770][T10548] netlink: 'syz.5.1278': attribute type 3 has an invalid length.
[  455.456696][T10548] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1278'.
[  455.679224][T10554] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1279'.
[  456.152117][ T1143] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.322529][T10459] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.338483][T10459] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.345954][T10459] bridge_slave_0: entered allmulticast mode
[  456.359905][T10459] bridge_slave_0: entered promiscuous mode
[  457.388829][ T5826] Bluetooth: hci5: command tx timeout
[  457.806780][ T1143] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.828462][T10459] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.836847][T10459] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.852724][T10459] bridge_slave_1: entered allmulticast mode
[  457.866260][T10459] bridge_slave_1: entered promiscuous mode
[  458.006688][ T1143] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.225306][T10459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  458.270137][T10459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  458.421635][T10459] team0: Port device team_slave_0 added
[  458.467592][T10459] team0: Port device team_slave_1 added
[  458.806065][T10581] ISOFS: Unable to identify CD-ROM format.
[  458.943892][T10459] batman_adv: batadv0: Adding interface: batadv_slave_0
[  459.821154][T10459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.054082][T10459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  460.098036][T10459] batman_adv: batadv0: Adding interface: batadv_slave_1
[  460.107809][T10459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.136457][T10459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.168724][T10596] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1290'.
[  460.469605][ T5874] usb 5-1: new low-speed USB device number 27 using dummy_hcd
[  461.052406][ T5876] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  461.064883][ T5874] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  461.094493][ T5874] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  461.119263][ T5874] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  461.148408][ T5874] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  461.167772][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.192303][ T5874] hub 5-1:1.0: bad descriptor, ignoring hub
[  461.203966][ T5874] hub 5-1:1.0: probe with driver hub failed with error -5
[  461.296234][T10593] syz.5.1289 (10593): drop_caches: 0
[  461.347626][ T5874] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  461.362005][ T5876] usb 2-1: Using ep0 maxpacket: 32
[  461.372055][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.419250][ T1143] bridge_slave_1: left allmulticast mode
[  461.427197][ T1143] bridge_slave_1: left promiscuous mode
[  461.434995][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  461.467973][ T5876] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  461.478633][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.504250][ T1143] bridge_slave_0: left allmulticast mode
[  461.511133][ T1143] bridge_slave_0: left promiscuous mode
[  461.526600][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.526832][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.889234][ T5876] usb 2-1: config 0 descriptor??
[  462.463523][ T5876] koneplus 0003:1E7D:2D51.0008: unknown main item tag 0x0
[  462.490058][ T5876] koneplus 0003:1E7D:2D51.0008: unknown main item tag 0x0
[  462.518528][ T5876] koneplus 0003:1E7D:2D51.0008: unknown main item tag 0x0
[  462.544435][ T5876] koneplus 0003:1E7D:2D51.0008: unknown main item tag 0x0
[  462.558986][ T5876] koneplus 0003:1E7D:2D51.0008: unknown main item tag 0x0
[  462.731621][T10631] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1299'.
[  463.628016][ T5876] koneplus 0003:1E7D:2D51.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.1-1/input0
[  464.129520][T10511] usb 5-1: USB disconnect, device number 27
[  466.422977][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.436008][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.454497][ T1143] bond0 (unregistering): Released all slaves
[  466.478013][T10459] hsr_slave_0: entered promiscuous mode
[  466.485427][T10459] hsr_slave_1: entered promiscuous mode
[  466.497350][T10459] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  466.508347][T10459] Cannot create hsr debugfs directory
[  466.601235][ T5876] koneplus 0003:1E7D:2D51.0008: couldn't init struct koneplus_device
[  466.616624][ T5876] koneplus 0003:1E7D:2D51.0008: couldn't install mouse
[  466.643500][ T5876] koneplus 0003:1E7D:2D51.0008: probe with driver koneplus failed with error -71
[  466.699729][ T5876] usb 2-1: USB disconnect, device number 30
[  467.639009][T10662] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1302'.
[  467.675930][T10654] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  467.995819][  T975] usb 5-1: new low-speed USB device number 28 using dummy_hcd
[  468.340996][  T975] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  468.380213][  T975] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  468.423873][  T975] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  468.468419][  T975] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  468.507591][  T975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.581577][  T975] hub 5-1:1.0: bad descriptor, ignoring hub
[  468.617595][  T975] hub 5-1:1.0: probe with driver hub failed with error -5
[  468.659397][  T975] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  469.086446][ T1143] hsr_slave_0: left promiscuous mode
[  469.104932][ T1143] hsr_slave_1: left promiscuous mode
[  469.123118][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  469.134495][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  469.152683][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  469.194200][ T1143] veth1_macvtap: left promiscuous mode
[  469.205460][ T1143] veth0_macvtap: left promiscuous mode
[  469.218193][ T1143] veth1_vlan: left promiscuous mode
[  469.231702][ T1143] veth0_vlan: left promiscuous mode
[  469.278757][T10511] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  469.326955][T10683] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1308'.
[  469.365862][ T1143] infiniband syz2: set down
[  469.461694][T10511] usb 3-1: Using ep0 maxpacket: 32
[  469.476962][T10511] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  469.488538][T10511] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.499353][T10511] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  469.510329][T10511] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.534585][T10511] usb 3-1: config 0 descriptor??
[  469.953446][T10511] koneplus 0003:1E7D:2D51.0009: unknown main item tag 0x0
[  469.961017][T10511] koneplus 0003:1E7D:2D51.0009: unknown main item tag 0x0
[  469.968524][T10511] koneplus 0003:1E7D:2D51.0009: unknown main item tag 0x0
[  470.042031][T10706] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1313'.
[  470.359862][T10511] koneplus 0003:1E7D:2D51.0009: unknown main item tag 0x0
[  470.933481][T10511] koneplus 0003:1E7D:2D51.0009: unknown main item tag 0x0
[  471.262447][    T8] usb 5-1: USB disconnect, device number 28
[  471.350070][T10511] koneplus 0003:1E7D:2D51.0009: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.2-1/input0
[  472.766211][T10715] netlink: 277 bytes leftover after parsing attributes in process `syz.4.1315'.
[  475.031443][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  475.042993][   T35] smc: removing ib device syz2
[  475.133596][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  475.165061][T10731] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1318'.
[  476.404172][T10511] koneplus 0003:1E7D:2D51.0009: couldn't init struct koneplus_device
[  476.412508][T10511] koneplus 0003:1E7D:2D51.0009: couldn't install mouse
[  476.434653][T10511] koneplus 0003:1E7D:2D51.0009: probe with driver koneplus failed with error -110
[  476.624254][T10459] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  476.659860][  T975] usb 3-1: USB disconnect, device number 39
[  476.736421][T10459] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  476.808906][ T5874] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  476.948060][T10459] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  476.986148][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 8192, setting to 1024
[  477.115801][ T5874] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1024
[  477.233672][ T5874] usb 6-1: New USB device found, idVendor=0499, idProduct=1035, bcdDevice=56.12
[  477.322254][T10459] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  477.363036][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.404994][ T5874] usb 6-1: config 0 descriptor??
[  477.414338][ T5874] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  477.713010][T10754] Unsupported ieee802154 address type: 0
[  477.875569][T10753] ISOFS: Unable to identify CD-ROM format.
[  477.966227][T10749] usb 6-1: USB disconnect, device number 13
[  478.182073][T10459] 8021q: adding VLAN 0 to HW filter on device bond0
[  478.310603][ T5826] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  478.738151][T10459] 8021q: adding VLAN 0 to HW filter on device team0
[  478.771726][T10584] udevd[10584]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  478.805390][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.812632][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.900534][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.907693][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.258989][T10749] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  479.509661][T10749] usb 3-1: Using ep0 maxpacket: 32
[  479.608885][  T975] usb 5-1: new low-speed USB device number 29 using dummy_hcd
[  479.684237][T10749] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.690028][T10459] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  479.705589][T10459] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  479.926159][T10749] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  479.954370][T10749] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  479.966932][T10749] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.997741][T10749] usb 3-1: config 0 descriptor??
[  480.046214][  T975] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  480.085631][  T975] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  480.107830][  T975] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  480.122360][  T975] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  480.132041][  T975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.239677][  T975] hub 5-1:1.0: bad descriptor, ignoring hub
[  480.307581][  T975] hub 5-1:1.0: probe with driver hub failed with error -5
[  480.391146][  T975] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  480.507722][T10749] koneplus 0003:1E7D:2D51.000A: unknown main item tag 0x0
[  480.511197][T10459] 8021q: adding VLAN 0 to HW filter on device batadv0
[  480.515116][T10749] koneplus 0003:1E7D:2D51.000A: unknown main item tag 0x0
[  480.529113][T10749] koneplus 0003:1E7D:2D51.000A: unknown main item tag 0x0
[  480.536952][T10749] koneplus 0003:1E7D:2D51.000A: unknown main item tag 0x0
[  480.545798][T10749] koneplus 0003:1E7D:2D51.000A: unknown main item tag 0x0
[  480.565935][T10749] koneplus 0003:1E7D:2D51.000A: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.2-1/input0
[  480.598698][ T5872] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  481.729567][ T5872] usb 2-1: Using ep0 maxpacket: 8
[  481.807119][ T5872] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  482.083658][ T5872] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  482.224595][ T5876] usb 5-1: USB disconnect, device number 29
[  482.326398][ T5872] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  482.381183][ T5872] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  482.431650][ T5872] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  482.496151][ T5872] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  482.576282][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.647302][ T5872] usb 2-1: can't set config #16, error -71
[  482.695572][ T5872] usb 2-1: USB disconnect, device number 31
[  482.815124][T10749] koneplus 0003:1E7D:2D51.000A: couldn't init struct koneplus_device
[  482.815169][T10749] koneplus 0003:1E7D:2D51.000A: couldn't install mouse
[  482.829595][T10749] koneplus 0003:1E7D:2D51.000A: probe with driver koneplus failed with error -71
[  482.841718][T10749] usb 3-1: USB disconnect, device number 40
[  482.942658][T10459] veth0_vlan: entered promiscuous mode
[  482.948020][T10459] veth1_vlan: entered promiscuous mode
[  482.963450][T10459] veth0_macvtap: entered promiscuous mode
[  482.966248][T10459] veth1_macvtap: entered promiscuous mode
[  482.975195][T10459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.975244][T10459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.975270][T10459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.975285][T10459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.975315][T10459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.975331][T10459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.975358][T10459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.975372][T10459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.976282][T10459] batman_adv: batadv0: Interface activated: batadv_slave_0
[  482.978196][T10459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.978295][T10459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.978309][T10459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.978325][T10459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.979059][T10459] batman_adv: batadv0: Interface activated: batadv_slave_1
[  482.981118][T10459] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  482.981201][T10459] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  482.981240][T10459] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  482.981269][T10459] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  483.390640][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.390668][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.423439][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.423475][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.660023][T10822] Unsupported ieee802154 address type: 0
[  485.038166][T10838] overlayfs: statfs failed on './file0'
[  485.159414][ T5874] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  485.340033][ T5874] usb 7-1: Using ep0 maxpacket: 32
[  485.386216][ T5874] usb 7-1: config 2 has an invalid interface number: 15 but max is 0
[  485.404014][ T5874] usb 7-1: config 2 has 2 interfaces, different from the descriptor's value: 1
[  485.467728][ T5874] usb 7-1: config 2 has no interface number 1
[  485.504734][ T5874] usb 7-1: config 2 interface 15 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  485.633248][ T5874] usb 7-1: config 2 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  485.730608][ T5874] usb 7-1: config 2 interface 0 has no altsetting 0
[  485.793832][ T5874] usb 7-1: New USB device found, idVendor=0471, idProduct=0312, bcdDevice=94.69
[  485.804822][ T5874] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  485.824292][ T5874] usb 7-1: Product: syz
[  485.918585][ T5874] usb 7-1: Manufacturer: syz
[  485.939557][ T5874] usb 7-1: SerialNumber: syz
[  486.004262][ T5874] pwc: Philips PCVC750K (ToUCam Pro Scan) USB webcam detected.
[  486.735117][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  486.735139][   T29] audit: type=1326 audit(1736695956.528:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.768488][   T29] audit: type=1326 audit(1736695956.528:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.790078][    C0] vkms_vblank_simulate: vblank timer overrun
[  486.796776][   T29] audit: type=1326 audit(1736695956.528:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.819774][   T29] audit: type=1326 audit(1736695956.528:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.841337][    C0] vkms_vblank_simulate: vblank timer overrun
[  486.848490][   T29] audit: type=1326 audit(1736695956.528:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.871805][   T29] audit: type=1326 audit(1736695956.568:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.893572][    C0] vkms_vblank_simulate: vblank timer overrun
[  486.900776][   T29] audit: type=1326 audit(1736695956.568:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.922701][   T29] audit: type=1326 audit(1736695956.568:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.944445][    C0] vkms_vblank_simulate: vblank timer overrun
[  486.951340][   T29] audit: type=1326 audit(1736695956.568:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10857 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4ac3985d29 code=0x7ffc0000
[  486.976965][    C0] vkms_vblank_simulate: vblank timer overrun
[  487.014001][   T29] audit: type=1326 audit(1736695956.808:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10861 comm="syz.5.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4ac39b85e5 code=0x7ffc0000
[  487.796657][ T5874] pwc: Failed to set LED on/off time (-71)
[  487.807476][ T5874] pwc: send_video_command error -71
[  487.823123][ T5874] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  487.852257][ T5874] Philips webcam 7-1:2.0: probe with driver Philips webcam failed with error -71
[  487.913949][ T5874] usb 7-1: USB disconnect, device number 2
[  488.316487][T10890] Unsupported ieee802154 address type: 0
[  489.549305][T10896] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1354'.
[  489.618089][T10896] team0: entered promiscuous mode
[  489.623497][T10896] team_slave_0: entered promiscuous mode
[  489.632536][T10896] team_slave_1: entered promiscuous mode
[  489.639508][T10896] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  489.697390][T10896] team0: left promiscuous mode
[  489.703540][T10896] team_slave_0: left promiscuous mode
[  489.709512][T10896] team_slave_1: left promiscuous mode
[  490.298746][ T5464] usb 7-1: new low-speed USB device number 3 using dummy_hcd
[  490.444535][T10915] netlink: 277 bytes leftover after parsing attributes in process `syz.4.1358'.
[  490.614127][ T5464] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  490.828895][ T5464] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  490.923441][ T5464] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  490.965418][ T5464] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  490.988420][ T5464] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.010382][ T5464] hub 7-1:1.0: bad descriptor, ignoring hub
[  491.017701][ T5464] hub 7-1:1.0: probe with driver hub failed with error -5
[  491.041184][ T5464] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  491.968528][ T5464] usb 3-1: new low-speed USB device number 41 using dummy_hcd
[  492.117960][T10937] netlink: 'syz.5.1363': attribute type 5 has an invalid length.
[  492.130057][ T5464] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  492.161997][ T5464] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  492.181793][T10937] : entered promiscuous mode
[  492.197370][ T5464] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  492.234442][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.243602][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.253142][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.256411][ T5464] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  492.268716][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.288360][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.307024][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.312005][ T5464] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.323155][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.346328][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.378798][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.380573][ T5464] hub 3-1:1.0: bad descriptor, ignoring hub
[  492.397873][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.415333][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.433089][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.449605][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.512736][ T5872] hid-generic 0000:0003:0000.000B: unknown main item tag 0x0
[  492.618043][ T5464] hub 3-1:1.0: probe with driver hub failed with error -5
[  492.626648][ T5464] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  492.679695][ T5872] hid-generic 0000:0003:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  492.714612][T10951] Unsupported ieee802154 address type: 0
[  492.928556][ T5876] usb 7-1: USB disconnect, device number 3
[  494.961804][ T5876] usb 3-1: USB disconnect, device number 41
[  495.084811][T10969] syz.5.1367 (10969): drop_caches: 0
[  495.108540][ T5464] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  495.368472][ T5464] usb 7-1: device descriptor read/64, error -71
[  495.980925][ T5908] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  496.058376][ T5464] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  496.330038][ T5908] usb 2-1: config 0 has an invalid interface number: 235 but max is 0
[  496.373858][ T5908] usb 2-1: config 0 has no interface number 0
[  496.384311][ T5908] usb 2-1: New USB device found, idVendor=0451, idProduct=5416, bcdDevice= 1.00
[  496.393525][ T5464] usb 7-1: device descriptor read/64, error -71
[  496.463916][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.518844][ T5464] usb usb7-port1: attempt power cycle
[  496.535600][ T5908] usb 2-1: config 0 descriptor??
[  496.593508][ T5908] usb-storage 2-1:0.235: USB Mass Storage device detected
[  496.646002][ T5908] usb-storage 2-1:0.235: Quirks match for vid 0451 pid 5416: 2
[  497.472886][T11009] netlink: 'syz.1.1369': attribute type 13 has an invalid length.
[  499.149513][T11014] Unsupported ieee802154 address type: 0
[  499.599160][ T5876] usb 2-1: USB disconnect, device number 32
[  501.247378][T11031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1381'.
[  501.325074][T11031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1381'.
[  501.530545][T11040] syz.6.1383 (11040): drop_caches: 0
[  501.950780][T11045] xt_connbytes: Forcing CT accounting to be enabled
[  501.959313][T11045] Cannot find del_set index 1 as target
[  502.227022][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  502.292449][T11035] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  502.423511][T11035] vimc vimc.0: subdev_call error Scaler
[  502.447442][T11035] ------------[ cut here ]------------
[  502.453430][T11035] WARNING: CPU: 1 PID: 11035 at drivers/media/v4l2-core/v4l2-subdev.c:460 call_s_stream+0x222/0x280
[  502.464716][T11035] Modules linked in:
[  502.468737][T11035] CPU: 1 UID: 0 PID: 11035 Comm: syz.4.1380 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  502.479579][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  502.489715][T11035] RIP: 0010:call_s_stream+0x222/0x280
[  502.495124][T11035] Code: 64 1a fa 48 8b 7d 00 48 c7 c6 c0 c5 c9 8c 89 da e8 23 81 20 f9 48 bd 00 00 00 00 00 fc ff df e9 06 ff ff ff e8 6f 8b b6 f9 90 <0f> 0b 90 e9 de fe ff ff 89 e9 80 e1 07 38 c1 0f 8c 09 fe ff ff 48
[  502.515587][T11035] RSP: 0018:ffffc900045af980 EFLAGS: 00010287
[  502.521969][T11035] RAX: ffffffff87e8e671 RBX: 0000000000000000 RCX: 0000000000080000
[  502.530315][T11035] RDX: ffffc9000d38e000 RSI: 0000000000006fdd RDI: 0000000000006fde
[  502.538703][T11035] RBP: 0000000000000000 R08: ffffffff87e8e4b8 R09: 1ffff920008b5e94
[  502.546707][T11035] R10: dffffc0000000000 R11: ffffffff87e8e450 R12: ffff88802a3eb020
[  502.555227][T11035] R13: 0000000000000000 R14: 1ffff1100547d633 R15: 0000000000000000
[  502.563860][T11035] FS:  00007fa0f040b6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  502.573046][T11035] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  502.579800][T11035] CR2: 00007f4c1140ed50 CR3: 0000000024a3c000 CR4: 00000000003526f0
[  502.587808][T11035] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  502.595925][T11035] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  502.604054][T11035] Call Trace:
[  502.607455][T11035]  <TASK>
[  502.610602][T11035]  ? __warn+0x165/0x4d0
[  502.615021][T11035]  ? call_s_stream+0x222/0x280
[  502.619986][T11035]  ? report_bug+0x2b3/0x500
[  502.624792][T11035]  ? call_s_stream+0x222/0x280
[  502.630615][T11035]  ? handle_bug+0x60/0x90
[  502.635520][T11035]  ? exc_invalid_op+0x1a/0x50
[  502.640552][T11035]  ? asm_exc_invalid_op+0x1a/0x20
[  502.645844][T11035]  ? __pfx_call_s_stream+0x10/0x10
[  502.651095][T11035]  ? call_s_stream+0x68/0x280
[  502.656154][T11035]  ? call_s_stream+0x221/0x280
[  502.661246][T11035]  ? call_s_stream+0x222/0x280
[  502.666037][T11035]  ? __pfx_call_s_stream+0x10/0x10
[  502.671443][T11035]  ? __pfx_call_s_stream+0x10/0x10
[  502.676667][T11035]  vimc_streamer_pipeline_terminate+0x219/0x360
[  502.683028][T11035]  vimc_streamer_s_stream+0x69f/0x800
[  502.688514][T11035]  vimc_capture_start_streaming+0x230/0x440
[  502.694448][T11035]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  502.700972][T11035]  vb2_start_streaming+0x129/0x440
[  502.706468][T11035]  vb2_core_streamon+0x2b5/0x4c0
[  502.713034][T11035]  __video_do_ioctl+0xc23/0xdd0
[  502.719165][T11035]  ? __pfx___video_do_ioctl+0x10/0x10
[  502.727204][T11035]  ? smack_log+0x123/0x540
[  502.731836][T11035]  ? __might_fault+0xc6/0x120
[  502.736563][T11035]  video_usercopy+0x89b/0x1180
[  502.741489][T11035]  ? __pfx___video_do_ioctl+0x10/0x10
[  502.746919][T11035]  ? __pfx_video_usercopy+0x10/0x10
[  502.752223][T11035]  ? smack_file_ioctl+0x29e/0x3a0
[  502.757484][T11035]  ? __fget_files+0x2a/0x410
[  502.762428][T11035]  ? __fget_files+0x2a/0x410
[  502.767113][T11035]  v4l2_ioctl+0x189/0x1e0
[  502.772076][T11035]  ? __pfx_v4l2_ioctl+0x10/0x10
[  502.777256][T11035]  __se_sys_ioctl+0xf5/0x170
[  502.783173][T11035]  do_syscall_64+0xf3/0x230
[  502.787918][T11035]  ? clear_bhb_loop+0x35/0x90
[  502.792834][T11035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.799149][T11035] RIP: 0033:0x7fa0ef585d29
[  502.804448][T11035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.825262][T11035] RSP: 002b:00007fa0f040b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  502.833919][T11035] RAX: ffffffffffffffda RBX: 00007fa0ef776080 RCX: 00007fa0ef585d29
[  502.842592][T11035] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  502.851461][T11035] RBP: 00007fa0ef601b08 R08: 0000000000000000 R09: 0000000000000000
[  502.860512][T11035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  502.869267][T11035] R13: 0000000000000000 R14: 00007fa0ef776080 R15: 00007ffc183fc8b8
[  502.877293][T11035]  </TASK>
[  502.880552][T11035] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  502.887931][T11035] CPU: 1 UID: 0 PID: 11035 Comm: syz.4.1380 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  502.898707][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  502.908797][T11035] Call Trace:
[  502.912202][T11035]  <TASK>
[  502.915147][T11035]  dump_stack_lvl+0x241/0x360
[  502.920293][T11035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  502.925507][T11035]  ? __pfx__printk+0x10/0x10
[  502.930110][T11035]  ? _printk+0xd5/0x120
[  502.934289][T11035]  ? __init_begin+0x41000/0x41000
[  502.939337][T11035]  ? vscnprintf+0x5d/0x90
[  502.943777][T11035]  panic+0x349/0x880
[  502.947678][T11035]  ? __warn+0x174/0x4d0
[  502.951840][T11035]  ? __pfx_panic+0x10/0x10
[  502.956275][T11035]  __warn+0x344/0x4d0
[  502.960285][T11035]  ? call_s_stream+0x222/0x280
[  502.965183][T11035]  report_bug+0x2b3/0x500
[  502.969559][T11035]  ? call_s_stream+0x222/0x280
[  502.975089][T11035]  handle_bug+0x60/0x90
[  502.979266][T11035]  exc_invalid_op+0x1a/0x50
[  502.983781][T11035]  asm_exc_invalid_op+0x1a/0x20
[  502.988664][T11035] RIP: 0010:call_s_stream+0x222/0x280
[  502.994063][T11035] Code: 64 1a fa 48 8b 7d 00 48 c7 c6 c0 c5 c9 8c 89 da e8 23 81 20 f9 48 bd 00 00 00 00 00 fc ff df e9 06 ff ff ff e8 6f 8b b6 f9 90 <0f> 0b 90 e9 de fe ff ff 89 e9 80 e1 07 38 c1 0f 8c 09 fe ff ff 48
[  503.014308][T11035] RSP: 0018:ffffc900045af980 EFLAGS: 00010287
[  503.020416][T11035] RAX: ffffffff87e8e671 RBX: 0000000000000000 RCX: 0000000000080000
[  503.028418][T11035] RDX: ffffc9000d38e000 RSI: 0000000000006fdd RDI: 0000000000006fde
[  503.036446][T11035] RBP: 0000000000000000 R08: ffffffff87e8e4b8 R09: 1ffff920008b5e94
[  503.044548][T11035] R10: dffffc0000000000 R11: ffffffff87e8e450 R12: ffff88802a3eb020
[  503.052639][T11035] R13: 0000000000000000 R14: 1ffff1100547d633 R15: 0000000000000000
[  503.060644][T11035]  ? __pfx_call_s_stream+0x10/0x10
[  503.065781][T11035]  ? call_s_stream+0x68/0x280
[  503.070552][T11035]  ? call_s_stream+0x221/0x280
[  503.075385][T11035]  ? __pfx_call_s_stream+0x10/0x10
[  503.080801][T11035]  ? __pfx_call_s_stream+0x10/0x10
[  503.086150][T11035]  vimc_streamer_pipeline_terminate+0x219/0x360
[  503.092455][T11035]  vimc_streamer_s_stream+0x69f/0x800
[  503.097851][T11035]  vimc_capture_start_streaming+0x230/0x440
[  503.103762][T11035]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  503.110301][T11035]  vb2_start_streaming+0x129/0x440
[  503.115428][T11035]  vb2_core_streamon+0x2b5/0x4c0
[  503.120478][T11035]  __video_do_ioctl+0xc23/0xdd0
[  503.125476][T11035]  ? __pfx___video_do_ioctl+0x10/0x10
[  503.130872][T11035]  ? smack_log+0x123/0x540
[  503.135315][T11035]  ? __might_fault+0xc6/0x120
[  503.140096][T11035]  video_usercopy+0x89b/0x1180
[  503.144887][T11035]  ? __pfx___video_do_ioctl+0x10/0x10
[  503.150452][T11035]  ? __pfx_video_usercopy+0x10/0x10
[  503.155816][T11035]  ? smack_file_ioctl+0x29e/0x3a0
[  503.160882][T11035]  ? __fget_files+0x2a/0x410
[  503.165704][T11035]  ? __fget_files+0x2a/0x410
[  503.170468][T11035]  v4l2_ioctl+0x189/0x1e0
[  503.174940][T11035]  ? __pfx_v4l2_ioctl+0x10/0x10
[  503.179825][T11035]  __se_sys_ioctl+0xf5/0x170
[  503.184438][T11035]  do_syscall_64+0xf3/0x230
[  503.189050][T11035]  ? clear_bhb_loop+0x35/0x90
[  503.193862][T11035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.199989][T11035] RIP: 0033:0x7fa0ef585d29
[  503.204613][T11035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  503.224343][T11035] RSP: 002b:00007fa0f040b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  503.232873][T11035] RAX: ffffffffffffffda RBX: 00007fa0ef776080 RCX: 00007fa0ef585d29
[  503.240858][T11035] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  503.249147][T11035] RBP: 00007fa0ef601b08 R08: 0000000000000000 R09: 0000000000000000
[  503.257248][T11035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  503.265250][T11035] R13: 0000000000000000 R14: 00007fa0ef776080 R15: 00007ffc183fc8b8
[  503.273268][T11035]  </TASK>
[  503.276470][T11035] Kernel Offset: disabled
[  503.280920][T11035] Rebooting in 86400 seconds..