last executing test programs:

33.826133236s ago: executing program 3 (id=389):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000100)={0x2b, 0x4, 0x0, {0x1, 0xfffffffffffffffe, 0x3, 0x0, [0x0, 0x0, 0x0]}}, 0x2b)
syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f5050102030109022c00010000000009040000016f2bae000824020100000000092402020000000000090585da20"], 0x0)
fdatasync(r0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x183002)

29.587807087s ago: executing program 3 (id=404):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$uac1(0x0, 0xa5, &(0x7f0000000a00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x93, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0x13, 0x24, 0x6, 0x0, 0x0, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @output_terminal={0x9}, @selector_unit={0x9, 0x24, 0x5, 0x0, 0x0, "f8431cfd"}, @output_terminal={0x9, 0x24, 0x3, 0x0, 0x300, 0x0, 0x4}, @selector_unit={0x6, 0x24, 0x5, 0x4, 0x0, "fd"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)

27.321847939s ago: executing program 3 (id=414):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000140), 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, r0, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x2}, 0x10)
syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x200040)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r5, 0x2, 0x0, 0xfffffffe, &(0x7f0000000180)=[0x0, 0x0], 0x2, 0x0, 0x0, 0x0, 0x0}, 0x40)

27.183818358s ago: executing program 3 (id=417):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000500)={{0x9, 0x2, 0x1, 0xa, 'syz0\x00', 0xfff}, 0x3, 0x20000000, 0x401, r3, 0x8, 0x9, 'syz1\x00', &(0x7f00000001c0)=['mptcp_pm\x00', 'f', '#@,\x00', '!\x00', '\x00', '\x00', 'sched_switch\x00', 'GPL\x00'], 0x23})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
ioperm(0x0, 0x1, 0x1bf4)
openat2$dir(0xffffff9c, 0x0, &(0x7f0000000240)={0x111100, 0x1, 0x2}, 0x18)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r7 = memfd_create(0x0, 0x2)
r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r8, 0xc0845657, &(0x7f0000000440)={0x0, @bt={0x8001, 0x0, 0x1, 0x1, 0xf, 0x7, 0x2, 0x80000000, 0x6, 0xeb0d, 0x3, 0x5, 0x4, 0x9, 0x5, 0x10, {0xc, 0x800}, 0x3, 0x1}})
ftruncate(r7, 0xffff)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})

26.308885363s ago: executing program 3 (id=420):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_DELTABLE={0x48, 0x2, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0x70}}, 0x0)

16.541278535s ago: executing program 0 (id=445):
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
socket$inet6(0xa, 0x806, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x80000000000008, 0x20000008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x80000000, 0x0)
syz_open_procfs(r4, &(0x7f0000000040)='net/igmp\x00')
syz_open_procfs(r4, &(0x7f0000000340)='net/udp\x00')
syz_io_uring_setup(0x1e63, &(0x7f0000000000)={0x0, 0x3, 0x40, 0x2, 0x804}, &(0x7f00000011c0), &(0x7f0000019940))
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

15.042104311s ago: executing program 0 (id=450):
syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x38, r0, 0x811, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x38}}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="120100000000004079000118000000000001090224000100000000090404000203000004092100000b012207000905810300000000009cb7a54606a830ac1e4ce0c0402a0cd11955c5d49fef3bdf7293b3cebf26a4ec1de96fdcc73da0adab58d5b4620a1c502beedb0d153df81e8ffa904f34f37ccea0770a5036fa4bba23bd5eb335f81bf2ff9e44838af12aa17bf12b84d0ac919efa831f0ee3978a"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e23}, 0x45)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r9, &(0x7f0000000100)='reno\x00', 0x5)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup, 0xffffffffffffffff, 0x12, 0x0, 0x0, @prog_id}, 0x20)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000800002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0312da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a404"], &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@map=r5, 0xffffffffffffffff, 0x12, 0x0, 0x0, @link_id}, 0x30)
write$tcp_congestion(r9, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a000000090581030002"], 0x0)
sendmmsg$unix(r4, &(0x7f00000014c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1c00"/16, @ANYRES32, @ANYRES32=0xee00, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r4, @ANYBLOB], 0x38}}], 0x1, 0x0)
pipe(&(0x7f0000000080))

14.868546364s ago: executing program 2 (id=451):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r1 = dup(r0)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000080)={0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 9)

14.129014083s ago: executing program 2 (id=453):
unshare(0x60480)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a11800150006", 0x21}], 0x1}, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
unshare(0x24060400)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x0, 0x3, 0x0, 0x1}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x0, 0x0, 0x0, 0x2, 0xe9, &(0x7f0000000340)=""/233, 0x0, 0x11}, 0x90)
r1 = syz_open_dev$loop(&(0x7f0000000300), 0x1, 0x800)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000f00)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x200184c9)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="2c76657273696f6e3d3970323030302c70726976706f72742c76657273696f6e3d3970323030302e752c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d"])
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000000))
socket$packet(0x11, 0x0, 0x300)
r5 = socket(0x1e, 0x1, 0x0)
connect$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000280000000000069078ac1414bbac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c000000907800005f1f49a82621c8c6efe5e6a57527f78f51c7b58d4beaad26accad73a79fabf4b1ffda3e0338d21503c67a50a2853592d7f0a7f05c5004f6599578d779ce2633bea66"], 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000080)=0x801, 0x0, 0x4)
write$binfmt_misc(r5, &(0x7f0000000080)=ANY=[], 0x2000011a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

11.047332519s ago: executing program 2 (id=458):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000040)="af665bc9073ce5327d62e00989d56e546728469fa423f5a22098b28236", 0x1d}], 0x1, 0x0, 0x178}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
write$binfmt_aout(r2, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r2, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2718, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
read(0xffffffffffffffff, &(0x7f00000002c0)=""/212, 0xd4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f0000000100), 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f00000005c0)=ANY=[@ANYBLOB="120100009c9abc0825105f0029fe0102030109021200caa70000000904"], 0x0)
r5 = syz_clone(0x20004100, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r5, 0x0)
syz_open_procfs$namespace(r5, &(0x7f0000000140)='ns/time_for_children\x00')

10.980785027s ago: executing program 0 (id=459):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f00000001c0), 0x4)

10.880588547s ago: executing program 0 (id=460):
r0 = syz_io_uring_setup(0xe24, &(0x7f00000001c0), &(0x7f0000000240), &(0x7f0000000280))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r3, &(0x7f00000000c0)='./file0/file0\x00', 0x272)
munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=[&(0x7f0000000340)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000001e80)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xd6*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb2\x04\x00\x00\x00\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xa7d\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xd5C\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x938\xdd\xb5\xfc3\xd5a\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\x01\x00\x00\x00\x01\x00\x00\x00NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00hW\xf4\xdf\b\x04\xf1V2\x8b1\xb1/\x00j\b\x997\x01\xc0t+./\xb4\n\xadX\x99Q\xc2\xb0\x8eX\xaa^\xa5\xaf4\x8e\xac\xf5&h3\t\xdd\xc1y$F\xce\xb2\tO\xfe\xde=|>\x8a\x17\xda\b\x04B\x88\xfa<\xda\xf3J\x0e\x88\x18\xdc\x96\x95y\"\x89\xc4ZX\n\x9b\x92\x8f9:\xbb\xd4.\x1ds\xb9?\xaeE\xacPO\x99\x8e\xa5\x16\x82B\xdaONs\xd9-\x19/\xbe\xd9\x87X\xb7\xe1)l\xa1\xea\xc7\xe0K o\xbc\xf1\x01\x9a\x06\xe3\x96M\xd7\x89\x87\xf5_\xf0\x99\xdc\x8c\rw\x16-\\\xf6<B->\xc1\xf1\xda\xeb\x88\xe8l2\xbf\x92\x9b\xcex\x024\xf1\xbd\xee[\x9b\xa3\f\x87}\x8fqM\xb0\xbe\x0e\x96\xd1R\xda{\x91\xb6\xf3\xb5\x06L\x9e\xd4Gau_\xd6\xce\\\x89\xd7\xc9\a\xc8!\xc5\xfd\x1f\x99\x83b\xe79\x88a\xa4Uk\xfa8n#K\xc6\xb7\a}.7iz\xef\xb7\xd8\xe1J\x96\b\x1b\xfew\x82\v\x8a\x8a\xf5\x01\xd8\x9f\x13\xb1\x9eO.\'\xa8\xed\xc4~\xfae\x00&KD\xcf\\g(r\x94\x0e\x9c\f\xf2\xef\xc6\xc70\x178FhG3\xeby\xd7\xa21\xa8x\xb6\x10\xb7\xee\xabf\xf1', &(0x7f0000000c40)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00'], &(0x7f00000001c0)=[0x0])
migrate_pages(0x0, 0x3, &(0x7f00000002c0)=0x7f, &(0x7f0000000300)=0xa)

9.766037736s ago: executing program 4 (id=463):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r0, 0x0)
ftruncate(r0, 0x97a9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000900)=@file={0x0, '.\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000009c0), r5)
r6 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000c40), 0x310decfa, 0x0)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000080)={0x2, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r7, 0xc058565d, &(0x7f0000000240)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a950fd28"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_QBUF(r7, 0xc058560f, 0x0)
sendmmsg$inet(r6, &(0x7f0000005240), 0x4000095, 0x3a00ea60)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x505}, 0x48)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
fcntl$F_SET_RW_HINT(r8, 0x40c, 0x0)
read$FUSE(r8, &(0x7f000000e280)={0x2020}, 0x2020)

8.693189131s ago: executing program 4 (id=464):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
unshare(0x2a000400)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x1100, 0x485, 0x0, 0x0)

8.596931711s ago: executing program 0 (id=465):
syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x3, 0x1)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
ioctl$USBDEVFS_WAIT_FOR_RESUME(r4, 0x4004550c)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, 0x0)
creat(0x0, 0x0)
open(0x0, 0x14927e, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$packet(0x11, 0x3, 0x300)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000901925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4)

8.411528372s ago: executing program 1 (id=466):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002100), 0xffffffffffffffff)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
r4 = dup(r0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x1000, &(0x7f000027a000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00'})

8.13975155s ago: executing program 2 (id=467):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffff0f)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000340)={0x0, 0x0, {0x0, 0x0, 0x0, 0x5, 0x9, 0x0, 0x0, 0x8}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = fsmount(0xffffffffffffffff, 0x1, 0x80)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r3)
readv(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB], 0x7)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={r1, r4}, 0xc)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205649, &(0x7f00000001c0)={0x9f0000, 0x1, 0x8, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9b0960, 0x40008002, '\x00', @p_u8=&(0x7f0000000100)=0x3}})
socket$inet6_tcp(0xa, 0x1, 0x0)
userfaultfd(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file0\x00', 0xe)
mkdir(0x0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000cc0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000a00000008000340", @ANYRES32=r7, @ANYBLOB="10005080040006000500020004000000"], 0x2c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x62, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0486dd600a0100002c2b0000000000000000000000000000000000fe8000000000000000000000000000aa06020201"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000c40)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)

7.977528902s ago: executing program 0 (id=468):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000180), &(0x7f0000000500)={0x0, 0xfb, 0xe0, 0xf, 0x3, "a8ca6f57981fc15babbbf0888fdf4427", "fda89704feac261bdd4739e46252634f8770c98222a15f2aab957a1ff76eda16850c1ae28e13e45f68312886c7c86a4664e4f3850a4925dc0fcce96c25d3ac3769a3e96cecf51c2132cf33b084fce3b588a676a6e272785fcd3d9a0c17c96f1cb72b8117de3d44a66c998a0248b5bad915b1b3b282a64c312548488caf8bc4ee184c5b2339a74ad9bc36caf52879b207efc3ce70e05a9061e9d9daa18d9fad6eb2628f352f773ca019dda6e95acb69c4be56ead00671cece3a9e938f1843eab8223a5f0d051ee5e876b0a0"}, 0xe0, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r2, &(0x7f00000004c0)="cf", 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000080000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_clone(0x20001091, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
ptrace(0x10, r4)
ptrace$getsig(0x4202, r4, 0x4, 0x0)
r5 = add_key(&(0x7f00000003c0)='logon\x00', &(0x7f00000006c0)={'syz', 0x2}, &(0x7f0000000700)="178f1d3dd7ce11ed9e118af9e5d3355584c91aaa80ea395dda0df0e4530f72e51c7c334375f84bc82ba41f1fafb921cc80bdec829dc1cd3f49fb4d4d8b09e7cbac3af7c29be35afe293f675c07d7e9f1f0c813e90ab4a60875fa4bb677e492fa106047f5ecb028d96996450c1293278c7aaed8204e53f26160b7993db4983cfaff7c6cba5f4e487f9bed9dd760df14145d524bdca7f9ef3dab6f8ab6a27014284966af4aa6c654c7edb869f0e056c63ea7b9c4bd5184bcdfd31118d20e8d49152165e6bc47a246122f7f404eb793b72f7505bd86ca5db823e3592e6c9adb672b7968b4b429213b30e80db4938c654bc28e9cf838db158ce4a3f7c2123796d8857b2a6a51a3fd41699a1b5c4ee3560a3b2c4a5e50ee5bcaf4a327b7019fc846aeb55106b5b798b4a979913872fc324cb78b8916be46bdae05a24155d3d1325f6efda606350e4d4c922e6148a870c4b032a46971c1b8c35d0c05190236cce8317a52daa1ee8b98545477275ddbeca75bce9b2a3eedde477c929e28ed2fdc1904f65ab44d6bb06696dd1a82f2f94bb9b721e3762c0ddc6e74d616be3d8e474d90f073e2b3269d1283dcdf09dab6f10725970676aeab12f0a7a3963b47c4b496b3675a3c5b74be7edadd3b10b08882170e5b9cca5f51c6cec3721cdf142f03bd0aa0eb3d44ff80d966293acc853cb2db09f9d17b433ceaf53eba9b8fc455bb9c0d296d6810d1fd121e2fa5dde58effa2fc4de4a792c870f962c40251cef258ecb032b179305ab6adee9cb2453f71c76b1703ceee5b30820d693c51f33c0faada61817e9cde6482bf1a41e4c1f2e16131d07b0b65dedea3ccafff4c92d8b2bd8fcfc8c2c1a7488fc9b0fb1d8f12e80a023eb5436d8522d8c5f52e61680cb0eb5f8d784bce6db3e62a10a736bd479ce8fee585b34736ea2c7ea6e0d967d07d023385645cda38c7f0376c9e167e1b4565303f80b986ccbeda441bf9d62bc0529a840135f74d6b9b5b3bca113adc475a57dc222d16325ca9c7b0df3a95d54e6421bf120ed80985bf9f0e4d5e60b9b7750e17d167f2361aebf870171298c48327adc703525f81c5ea023fbd2c73047fa4ac81dab5e332256156b9f2f240beaff41b49b81db3cb64d96bb70b9243439f8686101b25376f00fab76fd1d2f5e1b2d94c2f97916c83a28451be3d514a0686c874f59cef1e77d4ba7a0fa4be38a7d3297739b74ba675b782dbe5364a1aa9e0bc09c7cafc12211295a45abe5323d590b2b050b1f30749223cbb8c6e6fc099da08e338161801618cb371942fb2e88b9019cf486ce22bb97d45387910d441210f4141b3652acdce9bf18b4d4472b719b4e72e97aa925a5a7457562f9892213306acfaf6529c5f353b4ae2d7cd6839270c24735bd27de2639e0c105e8ef9bd87cf991ed8e0f5840416612d13e5641d9e47fec39f08444aa55cb7fd7c4cf71b737b752ed35e0ac90d2dd7daaae35367bac8343a5fe935f13ea6e3df30972d02f146320b29a554e8131c2aa82e2a27725873a24390b006637b6f80d41e980c9e7a1e65b45528680cb0bf8d7a9079d8e10e5b4164821e0a582e49d2cd993e4a9b1e35d3cb73879cf3383e287b3da9389be99b39a8b9f97c75427bc94392f770996246581ec7537fe1627aa54a25c9c062fca884e244b995b4dfc60f738bd51474db6df24aa0c4784709982111e7785c671ad3ccd0117c28eb74162bbb3b496102ca01beea6c4ceeffdf7d4d1c4c5df9fb2de4f10c876e9d6bcde82174f27f032680c4f42358e186c5184eca8ab63e67618e04d1cca43c3dcfbdcc06989ab1fce238e4ad2f021fc1cb166437fc18752322dbc615f93008565835a88913a4bb1d30af1420105d8cff684de76e94bf6b2d03515667f11d377d5e6dd3bb39f68d8ae029cd82ba15f8a33d7d6668f1ec3031d122a2cb2cb8a787ead19ac2cc37bceddd60b307c33f37013c7d909f8cbf8c7f084b12501c83913b675712a9df86cfed7c3a70214ac3df31ec753d33381464ec514b3b9387b658bf0284e6cc64887714c6e9c51d7a7f34d80d899a411e184a0dbb4704e42b02ec6aedff8b73074732930547d6dd949b0d8f49fe09ba86798f6c37937db10e9b5f5338221c38da8bbb1e93d636c729239f70fff7815ab5a4a5688fb69a933d8f3b0c40435e86449b8a7f8871cf468532ce0a0b6aae5753dc0c691597201244da947a1c406eba6695ab96562888c00b4bcd688c93808b61e00df4453cd3887be2db6e63065af8cd23b928b4d2ea7540d212bc8274cf00cf1f5aab2828279021c25a4348993564e43de34ca54c97d19e8ac2719517a9746caf8b23a7a594ee67ad75283fe36170d024ec8f704e7e1d7ac1d8794e8382bad709ad4145efddb4b2faca42ac5bf61251d120036770b0f0e9b01e656fc211605cde615822222a29a098898c06565c67db5d62e62bf01bd058b39edfa32b2706b1b180cd7da1817e978d1783d1c4c84d4d7dea28ce7eeb9c79621b41b6b2c8675da34b1e1a3c5a190be3b85450c507f5e68bb91a43fca9e43301088315d8646f6dbcf8f1995c3ea058015aba7e21966a939d3e0e3417550b7f91c8945a998d8b06c48fa6c43b1a95477ae9383675b5f47ee0e433750931f7e05d69a087b1d1e5ae0b8a1ab6b9a4b7197d0fe1794f7b679b801b3ce40dd5579341842659add0327c596106276b619002a7e01ba63ea0bc1927cdbbd3bcc5a54bf3addd762752f6303b51f0e0c7b6703ab13f36e6223fbbb065948e6b137297caaa9d07c013c3e7ff8202f1250a3bdda9903709360a84de9718cb3eb8d62aee69d79ac60997f6e82667dc6a313d413754e9ee0637b5d5078c819efd08edc2cc4176be03f80ff80162b26a3c740a117352d2221ec59c7e2cefd4b71207df5ad59840bbc6ddea07250d3098756148e1d5e7206cf582a14b6cb7a050fe396f39d23b6690a4b888dc1ce3230976a2b2c964a7dee500b677d16717c2e2227cfa0244b8e7eae830b7cf6b99234873ea0f9d6e871b69a9e4e6371581398b138c860029eae8871a4c28a7cf44a8ea31d3051f1a3128bba066c86737c727f0b82eb02b6ddccf106cae26c9019d261b12f7a7454188276210e3d11f1f19e96406c2ca3df7424d6dc1abb5230eda0b10bdb693a4935925ede6a0f577a825e3cea73ebddbda676c01cd21df7ff08d233c73e34dc4919bde00d9aa6b08c60c13f64db9b05bbbf92d623d8ab970ad103ac3e4ede5a274c60cb96b5fef224ad283b6d1ac25fbfa23713792e0d7fdda0a502cda353209fa6d22ccc21d3a51e2836f16c4667d193a8886ff0f21a9a7fd1d386dcd9fbbeed05f52e9626881d52a9acd4bd8f58d4e42c7c2209bb37ede2f0b62e0fd5ed7130e28713b3aae37acb5f6533d8c7093f3d1708f9e7f814955a5d2792b256fca26582b44a2053ce3923a6c83b71f4829109eabfabc1639f4546efb56cdb4f3494573e8c50847e1641b47e2815a901b289e259ef1c8eac1b4b7ce2aa4041bc066825674522ee710261dbe8ff647f5ca8cea37d4de4b47937127f40286e9f6139f4ddd824887a80bc29c98185bde0f30a9f2108548bc7701fc6139025e03d6156f20966d3863495fc9742112a5c82ef75f7c6c1f6413797f23d722ccd575dcdbe802a48b5b7a6d9c65b595f3d68ee5b15f2073d207e8d65a142277495fd94802a7b56d24778c36c5f6b0347ebb3575bb618730471e56e272618238dd0409c0e20701a015eae0e63831abce03c375e8dcb8acab4ee3371924b55dbae58fc89fd45268dbf1dc852120ccb50d4522776595a99c61bfbce85b8e1900765d75fa59d1118eb77d90fa728d0b5b6b30dd794aaff68dfe5bd2ad39feb0cfb56b2bf5449fb8972541089aacd0f8ca3808b6b790a1c0906c3efb6d7b0fb7f562667a271bfaeaa61b60907eb110fba8ee1bf23e18a73f0d2aad92b535ced5c439bf346dd5b675eb7a37e7589f49211b7a226664c5a1526663e3dbfa0fff83d84f2c23627fc19cf2d6910d4bb46ef7cbfc059b7db399b7c26a108d289c4d1c5643b83049723375f1bb52d2e1924163da2f8a40ad92f95e63ae9a86b517ef35a4c16e41a0225b5dd64e3c008ab5d195ab54bb93d5b6e6dd0224124d7cc1bd350cb61f309eaa1ae6b319cd1aa654537698e029fc542e1ded8df161f0eba6cac8cad246b3f01720837afcb4a81f51dc64449a43a94eefe71f54567a9e2badf16c3b67ce11dad721c204b66f970d5c70ab66c508a9b766d8938907b4e0871bf5269e9cb233db275bc819bcb1e101aa5ea2f261e51d996f450a8952161ca6b8a5646aa445e9a73261edb2f5efb5d9979ae91da6bb19c489fe559b8a6cffd21a5400ef461f2781252c23a9dbb512c20a351d41684574182d0babd4c7b4dd54df2596ebcd83ee919053e79444b39735335eeab46e9e973f791c258576030e4ae38ea29cdd8d8e16c20219f4d0e6fed015e16457b66637709781d7caf5b34f7a09d8a8b7782a306fb19ee8828d808dbb192672cb008cad164f0a3a598521b6f1006976ede240024556d5d25bb169ee27b19d7bfd488d7b29ac79a8b3c21b0a8a92b35e9c219e4d6a31f6e8c069405b8464df9c3a3f2a43f9b790cd6e5399a6b13211ce664b55d0498bb9416f7be43901a8e8aa34e3bf2a9870d0f729d8789a3c90c45f1850d7df776a81d3c207e2108f33c401cf9b81be335628efeb0ec89defd848699e88d1b05e6441957adc9206aca2131f38f7fdd6b823e6bc90e7d6238ed2c22b7fa8e26c8f1217b2c73457328e65dbce8406c0c20639cf601142d768cd0408222374a20b6cf6ef07a0bd5e5cad9304aa1dbf43f154b814687cd7abe10ed098b9b483dac9b7313474ad5c02ff03e800a4a5bc13a7e309686053921ba82908357db68330d62049c4fbf5ab580348326344a57822ee943eb43980f6381f0517e6413c6b8a2d9e84094ff7efc2a5c05b275eb357b57403500ef80dd2b7bc1c4199ec525970c9ee139d43e73c6e40fb04a8a9af8f48a9ff66784633d16bd0e0cb71b27c7a96b041b9f44bf3de8198ec18f408f95cfa25cf5e89d52a3ca50ebe809fff699dac5c9654192da55aa5d5f96084ae2fa732881636f8cb9c2ebc1a21a1c8b1bbeb2bd8fd13eb007842c9d8ceec74b58c65c67bdcd51da104dd50feeb34c94573caf067f46826825600f7b1ff67ed25c9de8e67946a4b8a910cbd30760294f4f13ce6c51680dcbe4332ea6eeb43edda22f9f8f2f7c3dd083c623957de297eec7129aba53836f0fda5062951db87f2eaeb541a70503c6f4a72f9b9a2e6d7d40021320639b09657a90967f40834e67c3df8a3a3fac5205bd444aa3e3dae9904dfd6dd882526a23991868d5f72d643b464ecdf078618f84ef7c809f25f40647b958cef918dffd538d3f79cbf93817e476efb0af6bf5cba62a70d0fe80b2a9f76912a98a96456c5474a3f6a972a729e1cda3f94e1a613262287803f0156080b2eebfa84777b14d07867478068bec3094cfc947b15c449ce0b15d9f1dc0568924b8c0564453de55da8dfa8e7eedf31af3699e0f48823be1c5711911f9ee78a48d08cae9a8fecccd600c567231369d28921ccecee129fe9fd3c6ca51a567840ae6e6c82046687050f75a43c9395c7bcb9f803f231ebb1de0797013f7d6ff755e4aa165e8e6087663f431008d0566736ea82f2bf65245bf1c5ffd481b54802d9cda030c1d26d5a2cfa95093046aa4225af3da99cea856b2e8e028d23a235897a0bc06be81cb528cfddf344a3210c3b91a4", 0x1000, 0xfffffffffffffffc)
add_key(&(0x7f0000000200)='cifs.spnego\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000600)="5e6b2b3b64b582dd2d48fbc84ae04fcf4e8f5bc4b65ca01c94a1af012c55215c3c9f6fb009811286a9f96a0987202c09b095eeb50576e8bbc83e41fa0f097017e92b0e46412d91a601db8736cc1d7e6ba7b6a12710a8deabd973d8c43708a2c139eecbed6a66755e2c675e1f55648298b6b3950a085928764de6fb66bf93d1bda218b9c6cc4fbd1f390929cd55d188a879aad737dd2f34c710544ec4795c93de1e", 0xa1, r5)
sendmmsg(r1, &(0x7f0000007fc0), 0x0, 0x0)

7.696565078s ago: executing program 1 (id=470):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000000380), &(0x7f00000003c0)=0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710041000000000095000300"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async, rerun: 32)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 32)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x40, 0x0, 0x0, 0xab49}, {0x6}]}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df85000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (rerun: 32)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10) (async)
close(r7)
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[], 0xfdef) (async, rerun: 32)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0) (rerun: 32)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, 0x0, 0x0)

7.523440334s ago: executing program 4 (id=471):
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x3, 0x5, 0x2]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@local, 0x5}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x658}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x80}, 0x20000}, {@remote, 0x8}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @private=0xa010101]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000140)=0xa0000)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7aa, &(0x7f0000000080)={{@any, 0xffffffff}})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r3 = dup(r2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

7.263923302s ago: executing program 1 (id=472):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x0, &(0x7f0000000340)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0xae6)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r1], 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x28011, r4, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000000)="82", 0x1}], 0x1}}], 0x1, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/37, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x102000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000280), 0x12)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x8d28}}, 0x0)
syz_open_dev$vbi(&(0x7f0000000200), 0x1, 0x2)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x5, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4, 0x0, 0x4}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

7.034106682s ago: executing program 4 (id=473):
socket(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0xd, &(0x7f0000000500)=ANY=[@ANYBLOB='\x00\x00'], &(0x7f0000000040)='GPL\x00', 0x58, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x5, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0xffffffffffffffff], &(0x7f00000003c0)=[{0x2, 0x3, 0x4, 0x9}, {0x1, 0x3, 0x8, 0x3}, {0x4, 0x5, 0x5, 0x6}, {0x5, 0x3, 0x4, 0x6}, {0x3, 0x1, 0x9, 0x3}], 0x10, 0x3}, 0x90)
prlimit64(0x0, 0xa, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
getpid()
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8c3}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r5 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r5, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r5, 0x5)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
close_range(r5, 0xffffffffffffffff, 0x0)

5.922788697s ago: executing program 4 (id=474):
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000080)={'dummy0\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1c}}})
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0)
mkdir(&(0x7f00000002c0)='./file1/file1\x00', 0x0)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000001140)=0x8000, 0x4)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = gettid()
prlimit64(r2, 0x0, 0x0, 0x0)
r3 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x800, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_VERSION(r4, 0xc0406400, &(0x7f0000000080)={0x208, 0x4, 0x11ff, 0x1000, &(0x7f0000002280)=""/4098, 0x0, 0x0, 0xfffffffffffffd20, 0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', <r5=>0x0})
sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback}}}], 0x20}}], 0x1, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007292bd404020305582a80000000109021b0001000000000904000001df7fa900090508ffec"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x3d, 0x79, 0x40, 0x1ac7, 0x1, 0xcc19, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x93, 0x2c, 0xf4, 0x0, [], [{{0x9, 0x5, 0x88}}]}}]}}]}}, 0x0)

5.788723623s ago: executing program 2 (id=475):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000009c0)={'vcan0\x00', <r4=>0x0})
setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, 0x0, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r5, &(0x7f0000000080)={0x1d, r4}, 0x18)
sendmsg$can_j1939(r5, 0x0, 0x0)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r6, 0x1, 0x6, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
sendmmsg(r6, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
sendmsg$nl_route_sched(r8, 0x0, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
keyctl$get_persistent(0x16, 0x0, r1)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f80), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000fc0)={0x3c, r11, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x0)

5.564696539s ago: executing program 1 (id=476):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080))

5.449170759s ago: executing program 1 (id=477):
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000088c0)=[{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000000340)="2261ba0ad95a5d371f44b014bccf26ed0e891ca58628dc3f9e15b36e06b9c2a7d68f068af784357e523ad18b31b838d0c240fcdeb98221a8470bb21459e2a95690239e37721512b658d1b496bf50307469a9e3401f9c68c9944fd42947c74c82220c09ea8f318cdd43d43122113d328447f84608f6da271c63675c0a7bc2c5be0617fd2ae2682708db7ee4145c66", 0x8e}], 0x1}], 0x1, 0x48055)
r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c707fe81436b024c2574980397bc49d70c060d57bc88fbe3bbaa058b040362ab926150763fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f91b18725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982"], 0x0}, 0x90)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r3, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
io_uring_enter(r0, 0x5b43, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x1fc, &(0x7f0000000280)=ANY=[@ANYBLOB="120100004510c740cd062a01e269010203010902ea0101000000000904e000057a7afe000724060001407e05240000000d240f01ffffffff010100004806241a0000000524150c00072414090090ba0a24071006000600000009057504ff030009092421056ec02906785483f01cef83c1f238a7ed95cf94078c7bbf67097348fc44c14458370725018037070009058000ff0302037fad0f4700314c688e1472364016980d0410cf93b28df03553947cc460af9007a3392b183226c4601706a3508115968256f0bdeb82e0ae47c07ad972d6da0146cb4e15fffe46c96ebb29567ec62c0db1fe192c5a59a1b6b74991186a47efad9e73ebbb2b2a11f4344781950f574fe9256dab2c235290ae1a6cf8047cfd9b486074e2a6811fe7878f944c984a579e1072ecccb8adcc89e2807fd502229c0c13d8cb5a29f0b4aa6fa48dbd4545f8d207250100040600090501"], 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x85, &(0x7f00000005c0)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}}, &(0x7f00000001c0)=0x90)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r6, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000002e80)={0x94c, r7, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x7e}}}}, [@NL80211_ATTR_TID_CONFIG={0x4b0, 0x11d, 0x0, 0x1, [{0x208, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd3}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x138, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x24, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x40, 0x0, 0x3, 0x0, 0x1, 0x5, 0xe290]}}, @NL80211_TXRATE_HT={0xa, 0x2, [{0x0, 0x7}, {0x7, 0x3}, {0x6, 0x6}, {0x1, 0x8}, {0x5, 0x8}, {0x1, 0x3}]}]}, @NL80211_BAND_6GHZ={0xc0, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x4, 0x3, 0x6f3c, 0x6a6, 0x1, 0x9, 0xefd]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0xeb, 0x7ff, 0xfff7, 0x4, 0x5, 0x9, 0x7ff]}}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x3, 0x5}, {0x6}, {0x3, 0x1}, {0x1}, {0x2, 0x5}, {0x5, 0x1}, {0x7, 0x4}, {0x3, 0x6}, {0x1, 0xa}, {0x5, 0x7}, {0x5, 0x8}, {0x3, 0x1}, {0x4, 0xa}, {0x2, 0xa}, {0x3}, {0x3, 0x5}, {0x4, 0x2}, {0x6, 0x7}, {0x4, 0x6}, {0x4, 0x9}, {0x1, 0x3}, {0x6, 0x1}, {0x0, 0x9}, {0x7, 0x3}, {0x0, 0x9}, {0x0, 0xa}, {0x1, 0x7}, {0x3, 0x7}, {0x6, 0x1}, {0x6, 0x5}, {0x6, 0xa}, {0x3, 0x4}, {0x1, 0xa}, {0x6, 0x5}, {0x2, 0x1}, {0x2, 0x5}, {0x7, 0x1}, {0x5, 0x5}, {0x3, 0x5}, {0x3, 0x4}, {0x0, 0x6}, {0x1, 0x6}, {0x1, 0xa}, {0x0, 0x1}, {0x7, 0x9}, {0x6, 0x1}, {0x4, 0x4}, {0x3, 0x1}, {0x7, 0x6}, {0x3, 0x1}, {0x1, 0x7}, {0x5, 0x9}, {0x0, 0x4}, {0x4, 0x3}, {0x7}, {0x1, 0x6}, {0x6, 0x2}, {0x6, 0x7}, {0x1, 0x2}, {0x7, 0x2}, {0x1, 0x3}, {0x6, 0x8}, {0x4, 0xa}, {0x3, 0x9}, {0x7, 0x3}, {0x6, 0x9}, {0x6, 0x4}, {0x5, 0x2}, {0x7, 0x6}, {0x6, 0x1}, {0x3, 0x3}, {0x7, 0x3}]}, @NL80211_TXRATE_HT={0x2d, 0x2, [{0x7, 0x5}, {0x7, 0x6}, {0x0, 0x4}, {}, {0x0, 0x1}, {0x5, 0x2}, {0x0, 0x8}, {0x0, 0x1}, {0x0, 0x1}, {0x3, 0x7}, {0x5, 0x6}, {0x5, 0x3}, {0x4, 0x2}, {0x4, 0x7}, {0x2, 0x1}, {0x2, 0x2}, {0x2, 0x8}, {0x7, 0x4}, {0x5, 0x5}, {0x6, 0x9}, {0x7, 0x5}, {0x5, 0x7}, {0x7, 0x9}, {0x5, 0x6}, {0x3, 0xa}, {0x3, 0x1}, {0x3}, {0x3, 0x6}, {0x0, 0x3}, {0x0, 0x8}, {0x1, 0x8}, {0x0, 0x3}, {0x6, 0x5}, {0x3, 0x9}, {0x7, 0x5}, {0x2, 0x8}, {0x0, 0x3}, {0x0, 0xa}, {0x5}, {0x1, 0x2}, {0x0, 0x1}]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x3c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x1, 0xfff, 0x3, 0x800, 0x5, 0x9, 0x1a0e]}}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x6, 0x8}, {0x1, 0x1}, {0x0, 0x8}, {0x5}, {0x6, 0x8}, {0x0, 0x1}, {0x1, 0x8}, {0x1, 0x7}, {0x5, 0xa}, {0x3}, {0x0, 0x1}, {0x4, 0x4}, {0x2, 0x6}, {0x5, 0x2}, {0x6, 0x6}, {0x4}, {0x0, 0x5}, {0x1, 0x3}, {0x4, 0x6}, {0x7}, {0x1, 0x1}, {0x0, 0x8}, {0x2, 0x4}, {0x0, 0x2}, {}, {0x7, 0x1}, {0x4, 0x4}, {0x0, 0x4}, {0x6}, {0x4}]}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x90, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x101, 0x2, 0x401, 0x3, 0xaa2, 0x4, 0x6]}}]}, @NL80211_BAND_2GHZ={0x44, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0xd258, 0x0, 0x8, 0x6, 0xa332, 0x4, 0x5b]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x8, 0x686, 0x10, 0x73, 0xc0, 0x4, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x30, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0xf, 0x8, 0x5, 0x255, 0x2, 0x8, 0x6]}}, @NL80211_TXRATE_HT={0x10, 0x2, [{0x3, 0xa}, {0x2, 0x6}, {0x2, 0xa}, {0x0, 0xa}, {0x4, 0x5}, {0x6, 0x3}, {0x3, 0x9}, {0x6, 0x4}, {0x0, 0x9}, {0x3, 0x7}, {0x6, 0xa}, {0x6, 0x1}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x69}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xfffffffffffffffb}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc3}]}, {0x214, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xd}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x1cc, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x78, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x3, 0x7, 0xf7c6, 0xe, 0x1, 0x0, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x38, 0x2, [{0x4}, {0x6, 0x4}, {0x7, 0x1}, {0x6, 0x3}, {0x2, 0x9}, {0x4, 0x2}, {0x2, 0x3}, {0x7, 0x8}, {0x3, 0x2}, {0x0, 0x7}, {0x7, 0x7}, {0x3}, {0x5, 0x4}, {0x2}, {0x1, 0x1}, {0x4, 0x8}, {0x1, 0x9}, {0x7, 0x4}, {0x1, 0x4}, {0x7, 0x1}, {0x2, 0x9}, {0x5, 0x1}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x8}, {0x0, 0x6}, {0x5, 0x5}, {0x7, 0x7}, {0x0, 0x9}, {0x5, 0x2}, {0x4, 0x5}, {0x0, 0x4}, {0x7, 0xa}, {0x1, 0x1}, {0x6, 0x9}, {0x3, 0x4}, {0x2, 0x1}, {0x2}, {0x0, 0x6}, {0x3, 0x7}, {0x3, 0x5}, {0x4, 0x6}, {0x4}, {0x4, 0x9}, {0x3}, {0x1, 0x9}, {0x6, 0xa}, {0x2, 0x8}, {0x2, 0x5}, {0x4, 0x2}, {0x1, 0x5}, {0x5, 0x7}]}]}, @NL80211_BAND_2GHZ={0x30, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xd, 0x1, [0x5, 0x2, 0x30, 0xb, 0xc, 0x1b, 0x16, 0x1b, 0x16]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_LEGACY={0x10, 0x1, [0x60, 0x2, 0x2, 0xc, 0x1, 0x4, 0x18, 0x30, 0x2, 0x18, 0x2, 0x24]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x0, 0x9, 0x81, 0x6, 0x0, 0xc13c, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x799, 0x5, 0x4, 0x40, 0xffff, 0x2, 0x8, 0x6]}}]}, @NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x6, 0x24, 0x24, 0x60, 0x48, 0x3, 0x18, 0x1, 0x2, 0x1, 0xc, 0x63, 0x18, 0x2, 0x4afeef04b20097f5, 0x1b, 0xb]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0xc, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x3d, 0x2, [{0x7, 0xa}, {0x1, 0x3}, {0x7, 0x5}, {0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x5, 0x9}, {0x0, 0x5}, {0x1, 0x6}, {0x3, 0x9}, {0x0, 0x3}, {0x1, 0x9}, {0x5, 0x3}, {0x1, 0x9}, {0x3, 0x8}, {0x2}, {0x1}, {0x7, 0x4}, {0x6, 0x5}, {0x0, 0x1}, {0x0, 0x7}, {0x4}, {0x5, 0x2}, {0x0, 0x9}, {0x6, 0x3}, {0x1, 0xa}, {0x2, 0x5}, {0x6}, {0x4, 0x2}, {0x5, 0x4}, {0x0, 0x5}, {0x4, 0x9}, {0x3, 0x4}, {0x3, 0x6}, {0x3, 0x1}, {0x2, 0xa}, {0x1, 0x5}, {0x6}, {0x5, 0x7}, {0x7, 0x9}, {0x5}, {0x0, 0x7}, {0x5, 0x9}, {0x1, 0x8}, {0x1, 0xa}, {0x6, 0x6}, {0x1, 0x2}, {0x1, 0x7}, {0x6, 0x6}, {0x2, 0x7}, {0x2, 0x7}, {0x0, 0x1}, {0x4, 0x1}, {0x2, 0x4}, {0x6, 0x2}, {0x3, 0x5}, {0x4, 0x6}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x4, 0x4, 0x1000, 0x4, 0x9, 0x7]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1d, 0x2, [{0x1, 0xa}, {0x0, 0x3}, {0x0, 0x7}, {0x3}, {0x1, 0x2}, {0x4, 0x2}, {0x2, 0xa}, {0x4, 0x6}, {0x2, 0x3}, {0x7, 0x4}, {0x7, 0x1}, {0x4, 0x6}, {0x3, 0x4}, {0x4, 0x3}, {0x3, 0x5}, {0x5, 0x5}, {0x6, 0x6}, {0x0, 0x2}, {0x2, 0x2}, {0x1, 0xa}, {0x5, 0x1}, {0x1, 0x2}, {0x1, 0x6}, {0x4, 0x6}, {0x6, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe0, 0x6, 0x4110, 0x5, 0x4, 0x6, 0x5, 0x6]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xbf}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x10000}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x40}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x7c}]}]}, @NL80211_ATTR_TID_CONFIG={0x44, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x4d}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xe1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xf5e}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x38c, 0x11d, 0x0, 0x1, [{0xe0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x17}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xa8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xa4, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x4, 0xf4, 0x3ff, 0xfff8, 0x4, 0x4, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x4, 0xfff7, 0x3, 0x4, 0x6, 0x0, 0x6]}}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x5}, {0x6, 0x6}, {0x5, 0x8}, {0x7}, {0x1, 0x7}, {0x3, 0x6}, {}, {0x7, 0x1}, {0x0, 0x1}, {0x0, 0x5}, {0x1, 0x8}, {0x6, 0xa}, {0x6, 0x8}, {0x2, 0x8}, {0x1}, {0x7, 0xa}, {0x0, 0x2}, {}, {0x3, 0x2}, {0x1, 0x9}, {0x3, 0x8}, {0x2, 0x6}, {0x0, 0x2}, {0x0, 0x6}, {0x6, 0x5}, {0x6, 0x2}, {0x6, 0x1}, {0x6, 0x9}, {0x0, 0x7}, {0x3, 0x8}, {0x1, 0x2}, {0x0, 0x6}, {0x5, 0x4}, {0x1, 0x15}, {0x4}, {0x1, 0x2}, {0x0, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0xd41, 0x1, 0xb, 0x5, 0xfff7, 0x1, 0xfffe]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7ff, 0x1, 0x5, 0x3ff, 0x80, 0x7, 0x1, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x7, 0x5, 0x10, 0x1, 0xdf, 0x101, 0x7]}}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x15}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x52}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xdf}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x81}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x12}]}, {0x26c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1b4, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x400, 0x6, 0xb944, 0x401, 0xb65, 0x6, 0xd]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x8, 0x200, 0x0, 0xb, 0x7, 0xfff, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x2c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x7, 0xc495, 0x5, 0x5, 0x4, 0x0, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0xffff, 0x0, 0xa90, 0xfffb, 0x3ff, 0x0, 0x621]}}]}, @NL80211_BAND_60GHZ={0x6c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xe5b5, 0xfff6, 0x8, 0xbf, 0x8, 0x1, 0x6, 0x5]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x61, 0x60, 0x16, 0x16, 0x2, 0x60, 0x3, 0x1, 0x3, 0x2f, 0x18, 0x0, 0x3, 0x0, 0x24, 0x19, 0x6c, 0x30, 0x6, 0x48, 0x2, 0xc, 0x24, 0x3]}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x30, 0x36, 0x60, 0x2f, 0x2, 0x24, 0x36, 0x30, 0xb, 0x4, 0x30, 0x16, 0x24, 0x6c, 0x6c, 0x2, 0x1, 0x3f, 0x4, 0xb, 0xc, 0x36, 0x18, 0x18, 0x16, 0x30, 0x5]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_6GHZ={0x94, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x24, 0x1b, 0x2, 0x9, 0x4, 0x6, 0x6, 0x36, 0x36, 0x60, 0x701ff7afd3973e57, 0xe, 0x9, 0x4, 0x24, 0x16, 0x0, 0x48, 0x6, 0xd, 0x1b, 0x1b, 0x1, 0x16]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x3f, 0x2, [{0x3, 0x5}, {0x3, 0x6}, {0x3, 0x2}, {0x0, 0x1}, {0x7, 0xa}, {0x7, 0x3}, {0x2, 0xa}, {0x7, 0x7}, {0x4, 0x4}, {0x6, 0x5}, {0x1, 0x8}, {0x7, 0x5}, {0x0, 0xa}, {0x2, 0x3}, {0x7, 0x6}, {0x7, 0x4}, {0x1, 0x9}, {0x4}, {0x1}, {0x4, 0x6}, {0x4, 0x2}, {0x3, 0x1}, {0x6, 0xa}, {0x1, 0x7}, {0x4, 0x1}, {0x5, 0x5}, {0x4, 0xa}, {0x1}, {0x4}, {0x6, 0x7}, {0x5, 0x5}, {0x2, 0x4}, {0x0, 0x5}, {0x4, 0x3}, {0x6, 0x5}, {0x0, 0xa}, {0x3}, {0x1, 0xa}, {0x1, 0x2}, {0x5, 0x6}, {0x0, 0x6}, {0x2, 0x1}, {0x1, 0x4}, {0x1, 0x3}, {0x3}, {0x5, 0x7}, {0x2, 0xa}, {0x0, 0x8}, {0x0, 0x8}, {0x5, 0x5}, {0x0, 0x8}, {0x1, 0x1}, {0x2, 0x6}, {0x1, 0x1}, {0x1}, {0x1, 0xa}, {0x4, 0x8}, {0x2, 0x6}, {0x3, 0xa}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2b, 0x3, 0x1, 0x401, 0x10, 0x9, 0x57e7, 0x4]}}]}, @NL80211_BAND_2GHZ={0x38, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x0, 0x6}, {0x2, 0x5}, {0x6, 0x8}, {0x7, 0x1}, {0x0, 0x2}, {0x0, 0x2}, {0x4, 0x5}, {0x2, 0x6}, {0x1, 0xa}, {0x5, 0x7}, {0x6, 0x4}, {0x4, 0x7}, {0x1, 0x4}, {0x6, 0x7}, {0x5, 0x6}, {0x0, 0x7}, {0x4, 0x8}, {0x2, 0x9}, {0x4, 0x7}, {0x0, 0x6}, {0x3, 0x1}, {0x6, 0x1}, {0x1, 0x5}, {0x3, 0x1}, {0x4, 0x9}, {0x3, 0x6}, {0x0, 0x9}, {0x0, 0x7}, {0x1, 0x1}, {0x5, 0x4}, {0x4, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x13}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x74, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x70, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x0, 0x5}, {0x0, 0x9}, {0x1, 0xa}, {0x0, 0x4}, {0x6, 0x4}, {0x6, 0x1}, {0x2, 0xa}, {0x2, 0x7}, {0x5, 0x1}, {0x1, 0x8}, {0x1, 0xa}, {0x6, 0x5}, {0x2, 0xa}, {0x0, 0x6}, {0x3}, {0x3, 0x4}, {0x5, 0x9}, {0x5, 0x5}, {0x5, 0x7}, {0x7, 0x2}, {0x5, 0x9}, {0x3, 0x5}, {0x0, 0x3}, {0x4, 0x6}, {0x0, 0x7}, {0x1, 0x6}, {0x6, 0x9}, {0x2, 0xa}, {0x7, 0x4}, {0x6, 0x1}, {0x4, 0x2}, {0x4, 0x4}, {}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0xb, 0x30, 0x18, 0x4, 0x24, 0x4, 0x48, 0x18, 0x36, 0x4, 0x5, 0x12, 0x30, 0x12, 0x6, 0x1, 0x6c, 0x18, 0x18, 0x48, 0x1b, 0x9, 0x6c, 0x1b, 0x48, 0x48, 0x6c]}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xac}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0xa4, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc5}]}, {0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xff9b}]}, {0x4}, {0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}]}, 0x94c}, 0x1, 0x0, 0x0, 0x40000}, 0x881)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r8, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r8, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r9, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

4.469620577s ago: executing program 3 (id=420):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_DELTABLE={0x48, 0x2, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0x70}}, 0x0)

4.066969629s ago: executing program 4 (id=478):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x6c0102, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
unshare(0x0)
r1 = socket$inet6(0xa, 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x8000026, r2, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r5 = fanotify_init(0x222, 0x0)
fanotify_mark(r5, 0x1, 0x4800003e, r4, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0x2}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x5)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xae802, 0x186)
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r7, 0x890c, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0xa5c, '\x00', 0x0, r6, 0x0, 0x4, 0x5}, 0x48)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl2\x00', &(0x7f0000000200)={'tunl0\x00', 0x0, 0x7800, 0x8, 0x0, 0x89, {{0x6, 0x4, 0x3, 0x37, 0x18, 0x65, 0x0, 0xfe, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@end]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x94, 0x9, 0x5, 0x1012, r8, 0x63d05cc7, '\x00', 0x0, r0, 0x1, 0x3, 0x4}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000400)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r9, 0x400454d9, &(0x7f0000000340)={'vlan0\x00', 0x400})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)

3.692725993s ago: executing program 2 (id=479):
socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x6b, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x96)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0)=0x1, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r4 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000180)={r2, r3})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$pptp(0x18, 0x1, 0x2)
munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc048aeca, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r5 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0})
sendmsg$rds(r4, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0xfffffe09}], 0x1}, 0x0)
write(r4, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000500)={0x2020}, 0x2020)
read$FUSE(0xffffffffffffffff, &(0x7f0000002540)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000180)={0x50, 0xffffffffffffffda, r6, {0x7, 0x28, 0x7, 0x3800000, 0x3ff, 0x2, 0x0, 0xffffbf2f}}, 0x50)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

0s ago: executing program 1 (id=480):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='inode_switch_wbs\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r3, {0x1}}, './file0\x00'})
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000000)="48000000140081fb7059ae08060c04000aff0f03000004000011000000006fabca1b4e7d06a6bd7c493872f750375ed08a562ad6e74703c48f93b82a02000000461eb886a5e54e8f", 0x48}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

ts going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.293723][ T5266] usb 2-1: string descriptor 0 read error: -71
[  128.300248][ T5266] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  128.314536][ T5266] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  128.326796][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.340216][ T5266] usb 2-1: config 0 descriptor??
[  128.365278][ T5266] usb 2-1: can't set config #0, error -71
[  128.373193][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.398475][ T5266] usb 2-1: USB disconnect, device number 8
[  128.408671][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.528114][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.809217][ T5862] hsr_slave_0: entered promiscuous mode
[  128.827296][ T5862] hsr_slave_1: entered promiscuous mode
[  128.834156][ T5862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.848788][ T5862] Cannot create hsr debugfs directory
[  128.939501][ T5936] netlink: 5 bytes leftover after parsing attributes in process `syz.3.138'.
[  128.980204][ T5936] netlink: 5 bytes leftover after parsing attributes in process `syz.3.138'.
[  128.989849][ T5936] netlink: 24 bytes leftover after parsing attributes in process `syz.3.138'.
[  129.023697][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  129.254890][    T9] usb 5-1: Using ep0 maxpacket: 16
[  129.287117][    T9] usb 5-1: config 0 has an invalid descriptor of length 250, skipping remainder of the config
[  129.316461][ T5862] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.335918][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  129.381700][    T9] usb 5-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  129.405580][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.431530][    T9] usb 5-1: config 0 descriptor??
[  129.465300][    T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  129.473007][ T5862] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.674893][   T25] usb 5-1: USB disconnect, device number 3
[  129.682929][ T5862] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.869186][ T5862] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.153735][ T5226] Bluetooth: hci3: command tx timeout
[  130.213567][ T5862] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  130.394915][ T5862] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  130.454934][   T25] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  130.676604][   T25] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  130.727464][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  130.758242][ T5862] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  131.058702][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.093145][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.110189][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.133579][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.149315][ T5862] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  131.173546][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.197103][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.239259][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.269729][ T5974] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  131.291525][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.309639][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.328919][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.361775][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.383087][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.398860][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.428784][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[  131.444295][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.459738][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.472993][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.480177][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.491113][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.504658][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.522711][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.531738][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.546951][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.561125][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.568935][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.577220][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.595712][   T25] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.612304][   T25] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.701837][ T5326] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  131.735974][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  131.766377][   T25] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  131.776160][   T25] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  131.786862][   T25] usb 2-1: Product: syz
[  131.791161][   T25] usb 2-1: Manufacturer: syz
[  131.797012][   T25] usb 2-1: SerialNumber: syz
[  131.805657][   T25] usb 2-1: config 0 descriptor??
[  131.816867][   T25] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  131.937525][ T5326] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  131.948170][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.958136][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.971324][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  131.984331][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.008422][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.034752][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.048368][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.103710][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.159930][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.181560][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.191081][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.213735][ T5226] Bluetooth: hci3: command tx timeout
[  132.238458][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.247025][ T5266] usb 2-1: USB disconnect, device number 9
[  132.289895][ T5266] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  132.300422][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.334357][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.366624][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.379845][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.394877][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.402176][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.431996][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.469865][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.508741][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.552398][ T5989] netlink: 'syz.2.150': attribute type 5 has an invalid length.
[  132.560295][ T5989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.150'.
[  132.566452][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.573339][ T5862] veth0_vlan: entered promiscuous mode
[  132.594205][ T5326] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.603110][ T5326] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.625336][ T5326] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.630060][ T5862] veth1_vlan: entered promiscuous mode
[  132.636582][ T5326] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  132.655047][ T5326] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  132.664280][ T5326] usb 4-1: Product: syz
[  132.670974][ T5326] usb 4-1: Manufacturer: syz
[  132.693419][ T5326] usb 4-1: SerialNumber: syz
[  132.708609][ T5326] usb 4-1: config 0 descriptor??
[  132.740270][ T5326] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  132.745987][ T5862] veth0_macvtap: entered promiscuous mode
[  132.767636][ T5862] veth1_macvtap: entered promiscuous mode
[  132.820391][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.832308][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.843218][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.854195][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.864709][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.876749][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.889149][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.900155][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.910297][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.922196][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.948903][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.950366][   T25] usb 4-1: USB disconnect, device number 5
[  132.956963][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  132.971459][   T25] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  132.999742][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.013291][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.017444][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  133.037090][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.070502][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.102050][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.123149][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.136403][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.147435][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.159714][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.174004][    T9] usb 5-1: Using ep0 maxpacket: 8
[  133.185481][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.200846][    T9] usb 5-1: config 0 has an invalid descriptor of length 89, skipping remainder of the config
[  133.200993][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.234123][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  133.260615][ T5862] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.273825][    T9] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  133.282878][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.286843][ T5862] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.332097][ T5862] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.342599][    T9] usb 5-1: config 0 descriptor??
[  133.351259][ T5862] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.534158][   T58] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  133.567739][ T5850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.613779][ T5850] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.697646][ T2983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.731499][ T2983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.759013][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.802601][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.840788][   T58] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  133.877997][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.941967][   T58] usb 2-1: config 0 descriptor??
[  134.109939][    T9] usb 5-1: string descriptor 0 read error: -71
[  134.148930][    T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  134.212509][    T9] usb 5-1: USB disconnect, device number 4
[  134.399488][   T58] hid-led 0003:27B8:01ED.0004: unbalanced delimiter at end of report description
[  134.430106][   T58] hid-led 0003:27B8:01ED.0004: probe with driver hid-led failed with error -22
[  134.696675][ T6020] FAULT_INJECTION: forcing a failure.
[  134.696675][ T6020] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  134.730768][ T6020] CPU: 1 UID: 0 PID: 6020 Comm: syz.2.157 Not tainted 6.11.0-rc5-syzkaller #0
[  134.739657][ T6020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  134.749719][ T6020] Call Trace:
[  134.753004][ T6020]  <TASK>
[  134.755944][ T6020]  dump_stack_lvl+0x241/0x360
[  134.760643][ T6020]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.765853][ T6020]  ? __pfx__printk+0x10/0x10
[  134.770476][ T6020]  ? snprintf+0xda/0x120
[  134.774739][ T6020]  should_fail_ex+0x3b0/0x4e0
[  134.779433][ T6020]  _copy_to_user+0x2f/0xb0
[  134.783870][ T6020]  simple_read_from_buffer+0xca/0x150
[  134.789262][ T6020]  proc_fail_nth_read+0x1ec/0x260
[  134.794306][ T6020]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.799869][ T6020]  ? rw_verify_area+0x520/0x6b0
[  134.804739][ T6020]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.810301][ T6020]  vfs_read+0x204/0xbc0
[  134.814464][ T6020]  ? __pfx_lock_release+0x10/0x10
[  134.819503][ T6020]  ? do_sock_setsockopt+0x3e2/0x720
[  134.824714][ T6020]  ? __pfx_vfs_read+0x10/0x10
[  134.829406][ T6020]  ? __fget_files+0x29/0x470
[  134.834020][ T6020]  ? __fget_files+0x3f6/0x470
[  134.834577][ T5326] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  134.838705][ T6020]  ksys_read+0x1a0/0x2c0
[  134.850421][ T6020]  ? __pfx_ksys_read+0x10/0x10
[  134.855202][ T6020]  ? do_syscall_64+0x100/0x230
[  134.859988][ T6020]  ? do_syscall_64+0xb6/0x230
[  134.864678][ T6020]  do_syscall_64+0xf3/0x230
[  134.869191][ T6020]  ? clear_bhb_loop+0x35/0x90
[  134.873880][ T6020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.879783][ T6020] RIP: 0033:0x7fea9c7788bc
[  134.884206][ T6020] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  134.903825][ T6020] RSP: 002b:00007fea9d60c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  134.912248][ T6020] RAX: ffffffffffffffda RBX: 00007fea9c915f80 RCX: 00007fea9c7788bc
[  134.920226][ T6020] RDX: 000000000000000f RSI: 00007fea9d60c0a0 RDI: 0000000000000005
[  134.928206][ T6020] RBP: 00007fea9d60c090 R08: 0000000000000000 R09: 0000000000000000
[  134.936185][ T6020] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000001
[  134.944166][ T6020] R13: 0000000000000000 R14: 00007fea9c915f80 R15: 00007fffdd0af308
[  134.952162][ T6020]  </TASK>
[  135.150729][ T5326] usb 1-1: config 0 has an invalid interface number: 83 but max is 0
[  135.159045][ T5326] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  135.190107][ T5326] usb 1-1: config 0 has no interface number 0
[  135.205693][ T5326] usb 1-1: config 0 interface 83 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  135.384005][ T5326] usb 1-1: config 0 interface 83 altsetting 0 has an endpoint descriptor with address 0x44, changing to 0x4
[  135.384651][   T25] usb 2-1: USB disconnect, device number 10
[  136.463548][ T5326] usb 1-1: config 0 interface 83 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  136.536000][ T5326] usb 1-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[  136.649475][ T5326] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.689426][ T5326] usb 1-1: config 0 descriptor??
[  136.706753][ T5326] ttusbir 1-1:0.83: cannot find expected altsetting
[  136.902981][ T6033] fuse: Bad value for 'rootmode'
[  137.007314][ T5326] usb 1-1: USB disconnect, device number 6
[  137.132396][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  137.132413][   T29] audit: type=1326 audit(1724642750.298:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6034 comm="syz.2.162" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea9c779e79 code=0x0
[  137.185555][   T25] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  137.407058][   T25] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  137.407078][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.407090][   T25] usb 2-1: Product: syz
[  137.407098][   T25] usb 2-1: Manufacturer: syz
[  137.407107][   T25] usb 2-1: SerialNumber: syz
[  137.408933][   T25] usb 2-1: config 0 descriptor??
[  137.647396][   T25] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[  138.048923][   T25] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  138.153741][ T5273] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  138.394170][ T5273] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  138.549637][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.563188][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  139.367194][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  139.409048][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  139.458733][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  139.483886][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  139.513708][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  139.533262][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  139.566170][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  139.609530][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  139.642198][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  139.673182][ T5326] usb 2-1: USB disconnect, device number 11
[  139.825324][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  139.834088][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  139.843004][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  139.865346][ T6053] netlink: 'syz.4.168': attribute type 10 has an invalid length.
[  139.873104][ T6053] netlink: 152 bytes leftover after parsing attributes in process `syz.4.168'.
[  139.961238][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  140.008273][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.076201][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.140390][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  140.200636][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.201223][ T6055] netlink: 'syz.1.169': attribute type 1 has an invalid length.
[  140.231050][ T6055] netlink: 224 bytes leftover after parsing attributes in process `syz.1.169'.
[  140.248486][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.300330][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  140.411728][ T5273] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.454085][ T5273] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.527537][ T5273] usb 1-1: config 0 interface 0 has no altsetting 0
[  140.586134][ T5273] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  140.610050][ T5273] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  140.634615][ T5273] usb 1-1: Product: syz
[  140.638818][ T5273] usb 1-1: Manufacturer: syz
[  140.662184][ T5273] usb 1-1: SerialNumber: syz
[  140.715954][ T5273] usb 1-1: config 0 descriptor??
[  140.745261][ T5273] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  140.891016][ T5273] usb 1-1: USB disconnect, device number 7
[  140.920652][ T5273] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  141.024698][ T6074] 9p: Unknown Cache mode or invalid value f
[  141.070302][ T6073] batadv_slave_1: entered promiscuous mode
[  141.116562][ T4673] udevd[4673]: worker [5436] terminated by signal 33 (Unknown signal 33)
[  141.184682][ T6073] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  141.194043][ T6073] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  141.202849][ T6073] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  141.211690][ T6073] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  141.370907][ T6072] batadv_slave_1: left promiscuous mode
[  141.858939][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  142.043644][    T9] usb 1-1: device descriptor read/64, error -71
[  142.181793][ T6094] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  142.357687][    T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  142.625202][    T9] usb 1-1: device descriptor read/64, error -71
[  142.821659][    T9] usb usb1-port1: attempt power cycle
[  142.893241][ T5273] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  143.117796][ T5273] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.132057][ T5273] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  143.174893][ T5273] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  143.192326][ T5273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  143.223561][ T5273] usb 5-1: SerialNumber: syz
[  143.246702][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  143.278027][ T5319] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  143.286384][ T6101] FAULT_INJECTION: forcing a failure.
[  143.286384][ T6101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.300336][ T6101] CPU: 1 UID: 0 PID: 6101 Comm: syz.2.184 Not tainted 6.11.0-rc5-syzkaller #0
[  143.309204][ T6101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  143.319268][ T6101] Call Trace:
[  143.322556][ T6101]  <TASK>
[  143.325498][ T6101]  dump_stack_lvl+0x241/0x360
[  143.330199][ T6101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.335419][ T6101]  ? __pfx__printk+0x10/0x10
[  143.337043][    T9] usb 1-1: device descriptor read/8, error -71
[  143.340015][ T6101]  ? __pfx_lock_release+0x10/0x10
[  143.351171][ T6101]  should_fail_ex+0x3b0/0x4e0
[  143.355845][ T6101]  _copy_from_user+0x2f/0xe0
[  143.360431][ T6101]  copy_msghdr_from_user+0xae/0x680
[  143.365630][ T6101]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  143.371440][ T6101]  __sys_sendmsg+0x23d/0x3a0
[  143.376024][ T6101]  ? __pfx___sys_sendmsg+0x10/0x10
[  143.381125][ T6101]  ? vfs_write+0x7c4/0xc90
[  143.385559][ T6101]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  143.391880][ T6101]  ? do_syscall_64+0x100/0x230
[  143.396635][ T6101]  ? do_syscall_64+0xb6/0x230
[  143.401303][ T6101]  do_syscall_64+0xf3/0x230
[  143.405794][ T6101]  ? clear_bhb_loop+0x35/0x90
[  143.410462][ T6101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.416341][ T6101] RIP: 0033:0x7fea9c779e79
[  143.420744][ T6101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.440340][ T6101] RSP: 002b:00007fea9d60c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.448746][ T6101] RAX: ffffffffffffffda RBX: 00007fea9c915f80 RCX: 00007fea9c779e79
[  143.456705][ T6101] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000009
[  143.464664][ T6101] RBP: 00007fea9d60c090 R08: 0000000000000000 R09: 0000000000000000
[  143.472620][ T6101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.480575][ T6101] R13: 0000000000000000 R14: 00007fea9c915f80 R15: 00007fffdd0af308
[  143.488544][ T6101]  </TASK>
[  143.593556][ T5319] usb 4-1: Using ep0 maxpacket: 8
[  143.600726][ T5319] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  143.626425][ T5319] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x97, changing to 0x87
[  143.655872][ T5319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 36, changing to 9
[  143.669977][ T5319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 50274, setting to 1024
[  143.681750][ T5319] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  143.694996][ T5319] usb 4-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7
[  143.704926][ T5319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.717286][ T5319] usb 4-1: config 0 descriptor??
[  143.723262][ T6097] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  143.741943][ T5319] metro_usb 4-1:0.0: Metrologic USB to Serial converter detected
[  143.758014][ T5319] usb 4-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  143.775220][    T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  143.814290][    T9] usb 1-1: device descriptor read/8, error -71
[  143.935422][    T9] usb usb1-port1: unable to enumerate USB device
[  143.943626][ T5266] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  143.993572][ T5270] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  144.015798][ T5301] usb 4-1: USB disconnect, device number 6
[  144.027145][ T5301] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  144.037414][ T5301] metro_usb 4-1:0.0: device disconnected
[  144.135089][ T5266] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  144.144220][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.154678][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.165675][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.175529][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.184626][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.199040][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.212765][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.222928][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.228493][ T5270] usb 2-1: unable to get BOS descriptor or descriptor too short
[  144.243531][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.256097][ T5270] usb 2-1: unable to read config index 0 descriptor/start: -71
[  144.258307][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.270497][ T5270] usb 2-1: can't read configurations, error -71
[  144.281448][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.294690][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.305140][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.314193][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.331787][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.339857][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.349070][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.361861][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.370146][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.379479][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.390584][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.406221][ T5266] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.415381][ T5266] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.426476][ T5266] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.440353][ T5266] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  144.449634][ T5266] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  144.459736][ T5266] usb 3-1: Product: syz
[  144.464053][ T5266] usb 3-1: Manufacturer: syz
[  144.468735][ T5266] usb 3-1: SerialNumber: syz
[  144.494417][ T5266] usb 3-1: config 0 descriptor??
[  144.509826][ T5266] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  144.679077][ T5273] usb 5-1: 0:2 : does not exist
[  144.736261][ T5273] usb 5-1: USB disconnect, device number 5
[  144.747570][ T6115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.188'.
[  144.754004][ T5266] usb 3-1: USB disconnect, device number 9
[  144.848473][ T5266] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  144.984425][ T6124] netlink: 'syz.0.189': attribute type 10 has an invalid length.
[  145.047888][ T6124] batman_adv: batadv0: Adding interface: team0
[  145.089635][ T6124] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.157598][ T6124] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  145.190650][ T6116] netlink: 'syz.0.189': attribute type 10 has an invalid length.
[  145.206981][ T6116] netlink: 2 bytes leftover after parsing attributes in process `syz.0.189'.
[  145.829572][ T6116] team0: entered promiscuous mode
[  145.955164][ T6116] team_slave_0: entered promiscuous mode
[  145.977304][ T6116] team_slave_1: entered promiscuous mode
[  146.106029][ T6116] 8021q: adding VLAN 0 to HW filter on device team0
[  146.112881][ T6116] batman_adv: batadv0: Interface activated: team0
[  146.294574][ T6116] batman_adv: batadv0: Interface deactivated: team0
[  146.303090][ T6116] batman_adv: batadv0: Removing interface: team0
[  146.322539][ T6116] bridge0: port 3(team0) entered blocking state
[  146.341245][ T6116] bridge0: port 3(team0) entered disabled state
[  147.120704][   T29] audit: type=1326 audit(1724642759.608:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6133 comm="syz.4.192" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb062379e79 code=0x0
[  147.142960][ T6116] team0: entered allmulticast mode
[  147.183232][ T6116] team_slave_0: entered allmulticast mode
[  147.252950][ T6116] team_slave_1: entered allmulticast mode
[  147.316740][ T6116] bridge0: port 3(team0) entered blocking state
[  147.323566][ T6116] bridge0: port 3(team0) entered forwarding state
[  147.381857][ T6138] could not allocate digest TFM handle blake2s-128-arm
[  147.389018][ T5270] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  147.902270][ T6142] Bluetooth: MGMT ver 1.23
[  147.915941][ T5270] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.926503][ T5270] usb 5-1: New USB device found, idVendor=1e71, idProduct=200e, bcdDevice= 0.00
[  147.938025][ T5270] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.969200][ T5270] usb 5-1: config 0 descriptor??
[  148.967103][ T6157] syz.1.197 (6157): attempted to duplicate a private mapping with mremap.  This is not supported.
[  149.203598][  T943] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  149.284983][ T5270] usbhid 5-1:0.0: can't add hid device: -71
[  149.293161][ T5270] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  149.332289][ T5270] usb 5-1: USB disconnect, device number 6
[  149.543612][  T943] usb 1-1: Using ep0 maxpacket: 32
[  149.567781][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.610728][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.650302][  T943] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  149.669523][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.737647][  T943] usb 1-1: config 0 descriptor??
[  149.853783][ T5270] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  149.975464][ T5226] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  149.985352][ T5226] Bluetooth: hci0: command 0x0401 tx timeout
[  150.019318][ T6180] veth1: mtu less than device minimum
[  150.053907][ T5270] usb 5-1: Using ep0 maxpacket: 8
[  150.067165][ T5270] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  150.078154][ T5270] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  150.098564][ T5270] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  150.111834][ T5270] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  150.123109][ T5270] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  150.136542][ T5270] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  150.173169][ T5270] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.249003][ T6154] netlink: 16 bytes leftover after parsing attributes in process `syz.0.196'.
[  150.341833][ T6180] Process accounting resumed
[  150.436534][ T5270] usb 5-1: GET_CAPABILITIES returned 0
[  150.442547][ T5270] usbtmc 5-1:16.0: can't read capabilities
[  150.683071][ T5270] usb 5-1: USB disconnect, device number 7
[  151.300471][   T29] audit: type=1326 audit(1724642764.448:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6187 comm="syz.3.204" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x0
[  151.342057][ T6190] FAULT_INJECTION: forcing a failure.
[  151.342057][ T6190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.387009][ T5319] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  151.423551][ T6190] CPU: 1 UID: 0 PID: 6190 Comm: syz.4.205 Not tainted 6.11.0-rc5-syzkaller #0
[  151.432437][ T6190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  151.442510][ T6190] Call Trace:
[  151.445782][ T6190]  <TASK>
[  151.448715][ T6190]  dump_stack_lvl+0x241/0x360
[  151.453401][ T6190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.458590][ T6190]  ? __pfx__printk+0x10/0x10
[  151.463190][ T6190]  ? uhid_char_write+0x78/0xb50
[  151.468044][ T6190]  should_fail_ex+0x3b0/0x4e0
[  151.472735][ T6190]  _copy_from_user+0x2f/0xe0
[  151.477351][ T6190]  uhid_char_write+0x1f9/0xb50
[  151.482130][ T6190]  vfs_writev+0x5af/0xbb0
[  151.486480][ T6190]  ? __pfx_uhid_char_write+0x10/0x10
[  151.491777][ T6190]  ? __pfx_vfs_writev+0x10/0x10
[  151.496618][ T6190]  ? vfs_write+0x7c4/0xc90
[  151.501043][ T6190]  ? __fget_files+0x29/0x470
[  151.505646][ T6190]  do_writev+0x1b1/0x350
[  151.509904][ T6190]  ? __pfx_do_writev+0x10/0x10
[  151.514676][ T6190]  ? do_syscall_64+0x100/0x230
[  151.519453][ T6190]  ? do_syscall_64+0xb6/0x230
[  151.524134][ T6190]  do_syscall_64+0xf3/0x230
[  151.528629][ T6190]  ? clear_bhb_loop+0x35/0x90
[  151.533317][ T6190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.539204][ T6190] RIP: 0033:0x7fb062379e79
[  151.543616][ T6190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.563223][ T6190] RSP: 002b:00007fb06312b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  151.571654][ T6190] RAX: ffffffffffffffda RBX: 00007fb062515f80 RCX: 00007fb062379e79
[  151.579616][ T6190] RDX: 0000000000000001 RSI: 00000000200002c0 RDI: 0000000000000003
[  151.587596][ T6190] RBP: 00007fb06312b090 R08: 0000000000000000 R09: 0000000000000000
[  151.595572][ T6190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.603540][ T6190] R13: 0000000000000000 R14: 00007fb062515f80 R15: 00007fffe64bb308
[  151.611523][ T6190]  </TASK>
[  151.633423][ T5319] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  151.634057][   T58] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  151.653799][  T943] usbhid 1-1:0.0: can't add hid device: -71
[  151.694691][  T943] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  151.713570][  T943] usb 1-1: USB disconnect, device number 12
[  151.855413][   T58] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  151.867279][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.879026][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.917477][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  151.939774][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.950098][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.969094][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  151.978585][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.997671][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.015329][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.033125][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.044899][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.056415][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.064983][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.080810][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.094663][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.114490][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.136935][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.157289][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.168387][   T29] audit: type=1326 audit(1724642765.338:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6195 comm="syz.4.207" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb062379e79 code=0x0
[  152.190479][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.229672][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.282988][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.316451][   T58] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.347512][   T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.374220][   T58] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.394650][   T58] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  152.406618][   T58] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  152.419191][   T58] usb 3-1: Product: syz
[  152.423426][   T58] usb 3-1: Manufacturer: syz
[  152.428275][   T58] usb 3-1: SerialNumber: syz
[  152.570384][   T58] usb 3-1: config 0 descriptor??
[  152.580168][   T58] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  153.718443][ T5270] usb 3-1: USB disconnect, device number 10
[  153.740049][ T5270] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  153.770525][ T6211] netlink: 'syz.3.210': attribute type 1 has an invalid length.
[  153.810079][ T6211] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.210'.
[  153.842955][ T6211] netlink: 9 bytes leftover after parsing attributes in process `syz.3.210'.
[  154.674585][ T6226] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  154.873635][ T6226] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  158.743599][ T5301] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  158.946696][ T5301] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4
[  158.959147][ T5301] usb 2-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0
[  158.968605][ T5301] usb 2-1: Manufacturer: syz
[  158.989327][ T5301] usb 2-1: config 0 descriptor??
[  159.126196][   T29] audit: type=1326 audit(1724642772.288:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6246 comm="syz.3.222" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x0
[  159.313605][ T5273] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  159.441641][ T5301] gs_usb 2-1:0.0: Couldn't get device config: (err=-71)
[  159.463324][ T5301] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71
[  159.493066][ T5301] usb 2-1: USB disconnect, device number 14
[  159.544332][ T5273] usb 5-1: Using ep0 maxpacket: 32
[  159.574963][ T5273] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.596262][ T5273] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.634038][ T6258] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[  159.646941][ T5273] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  159.693264][ T5273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.740370][ T5273] usb 5-1: config 0 descriptor??
[  160.090960][ T6265] veth1: mtu less than device minimum
[  160.198741][ T6232] netlink: 16 bytes leftover after parsing attributes in process `syz.4.216'.
[  160.219984][ T6265] Process accounting resumed
[  161.164216][ T5301] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  161.404754][ T5301] usb 3-1: Using ep0 maxpacket: 32
[  161.429724][ T5301] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.607747][ T5301] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.610141][  T943] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  161.618007][ T5301] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  161.635239][ T5301] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.661235][ T5226] Bluetooth: hci4: sending frame failed (-49)
[  161.668920][ T5236] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  161.669784][ T5301] usb 3-1: config 0 descriptor??
[  163.121123][ T6284] random: crng reseeded on system resumption
[  163.186132][   T29] audit: type=1326 audit(1724642776.348:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6276 comm="syz.3.230" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x0
[  163.330675][  T943] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  163.340615][ T5301] usb 3-1: can't set config #0, error -71
[  163.450286][  T943] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.458765][ T5301] usb 3-1: USB disconnect, device number 11
[  163.467048][  T943] usb 2-1: Product: syz
[  163.471235][  T943] usb 2-1: Manufacturer: syz
[  163.476264][  T943] usb 2-1: SerialNumber: syz
[  163.509851][  T943] usb 2-1: config 0 descriptor??
[  163.600130][ T5273] usbhid 5-1:0.0: can't add hid device: -71
[  163.638091][ T6286] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  163.643880][ T5273] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  163.659352][ T5273] usb 5-1: USB disconnect, device number 8
[  163.804168][ T6288] warning: `syz.2.232' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  163.943965][  T943] usb 2-1: Firmware: major: 0, minor: 48, hardware type: UNKNOWN (48)
[  164.160110][  T943] usb 2-1: failed to fetch extended address, random address set
[  164.183975][  T943] usb 2-1: atusb_probe: initialization failed, error = -524
[  164.203970][  T943] atusb 2-1:0.0: probe with driver atusb failed with error -524
[  164.377011][  T943] usb 2-1: USB disconnect, device number 15
[  164.663620][ T5301] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  164.701690][ T6300] netlink: 'syz.0.233': attribute type 4 has an invalid length.
[  164.854311][ T5301] usb 3-1: Using ep0 maxpacket: 16
[  164.888153][ T5301] usb 3-1: config 0 has an invalid interface number: 183 but max is 0
[  164.929942][ T5301] usb 3-1: config 0 has no interface number 0
[  164.972472][ T5301] usb 3-1: config 0 interface 183 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.363807][   T29] audit: type=1107 audit(1724642778.528:54): pid=6301 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='›=½¦ÎŠ}-ÓX·ß¸™›{ÒS/×–=3êG~§½f{}yÄ}��µ;ûDÀÒdôr—psãÛÞ;1~‹/T¡,„w2�qL­b:.0y­IEý‹£™¼ý«»±tD?ôdÂ…Òyõ,B‰m½6ÓÓeÆGÀrœî¹Ó…öz›’†?=èU�ÈØ�›xhÑôø‰…-
[  165.363807][   T29] \,$§�ÐÝP@‚�ÅEìÍ”QkÂ{ÜBý�!•»ë�Y$ÁÇ|¦<³=qð°ùZùÃã
™{Àâý'
[  165.395841][ T5301] usb 3-1: config 0 interface 183 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.406250][ T5301] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  165.416537][ T5301] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.426925][ T6302] kernel read not supported for file /!selinuxwk1ÐmÃ9Éž*T“ýâ‘ïª#j—�¼ÞYÌÅmVËvm(pÉ-QZ#Ò{„¿ (pid: 6302 comm: syz.3.236)
[  165.427828][ T5301] usb 3-1: config 0 descriptor??
[  165.540101][ T6309] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  165.569184][ T6310] veth1: mtu less than device minimum
[  165.588333][ T6312] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  165.643909][ T6308] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  165.665407][ T6310] Process accounting resumed
[  165.744779][   T58] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  165.861693][ T5301] uclogic 0003:5543:0781.0006: item fetching failed at offset 2/5
[  165.880876][ T5301] uclogic 0003:5543:0781.0006: parse failed
[  166.609087][ T5301] uclogic 0003:5543:0781.0006: probe with driver uclogic failed with error -22
[  166.623597][   T58] usb 4-1: Using ep0 maxpacket: 16
[  166.662013][   T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 121, changing to 10
[  166.713944][ T5301] usb 3-1: USB disconnect, device number 12
[  166.724623][   T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1769, setting to 1024
[  166.754721][   T58] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  166.771505][   T58] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.794069][   T58] usb 4-1: Product: syz
[  166.815375][   T58] usb 4-1: Manufacturer: syz
[  166.828558][   T58] usb 4-1: SerialNumber: syz
[  166.852315][   T58] usb 4-1: config 0 descriptor??
[  166.867850][ T6302] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  166.909578][   T58] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  167.475617][ T6329] overlayfs: failed to resolve './file0': -2
[  167.809902][ T2490] usb 4-1: Failed to submit usb control message: -71
[  167.817530][   T58] usb 4-1: USB disconnect, device number 7
[  167.835981][ T2490] usb 4-1: unable to send the bmi data to the device: -71
[  167.843207][ T2490] usb 4-1: unable to get target info from device
[  167.856900][ T2490] usb 4-1: could not get target info (-71)
[  167.863104][ T2490] usb 4-1: could not probe fw (-71)
[  168.282859][ T6334] netlink: 40 bytes leftover after parsing attributes in process `syz.3.243'.
[  169.483140][ T5301] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  169.717046][ T5301] usb 5-1: not running at top speed; connect to a high speed hub
[  169.812859][ T6356] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  169.820500][ T6356] IPv6: NLM_F_CREATE should be set when creating new route
[  169.827823][ T6356] IPv6: NLM_F_CREATE should be set when creating new route
[  169.858046][ T6356] Bluetooth: MGMT ver 1.23
[  169.862666][ T6356] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  169.884141][ T6356] ubi0: attaching mtd0
[  169.894661][ T6356] ubi0: scanning is finished
[  169.899384][ T6356] ubi0: empty MTD device detected
[  170.167686][ T6359] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  170.175050][ T6359] IPv6: NLM_F_CREATE should be set when creating new route
[  170.182446][ T6359] IPv6: NLM_F_CREATE should be set when creating new route
[  170.195549][ T6359] FAULT_INJECTION: forcing a failure.
[  170.195549][ T6359] name failslab, interval 1, probability 0, space 0, times 0
[  170.208319][ T6359] CPU: 1 UID: 0 PID: 6359 Comm: syz.1.248 Not tainted 6.11.0-rc5-syzkaller #0
[  170.217186][ T6359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  170.227238][ T6359] Call Trace:
[  170.230510][ T6359]  <TASK>
[  170.233429][ T6359]  dump_stack_lvl+0x241/0x360
[  170.238111][ T6359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.243384][ T6359]  ? __pfx__printk+0x10/0x10
[  170.247970][ T6359]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  170.253944][ T6359]  ? __pfx___might_resched+0x10/0x10
[  170.259222][ T6359]  ? __lock_acquire+0x137a/0x2040
[  170.264254][ T6359]  should_fail_ex+0x3b0/0x4e0
[  170.268939][ T6359]  should_failslab+0xac/0x100
[  170.273615][ T6359]  ? __alloc_skb+0x1c3/0x440
[  170.278196][ T6359]  kmem_cache_alloc_node_noprof+0x71/0x320
[  170.283998][ T6359]  __alloc_skb+0x1c3/0x440
[  170.288403][ T6359]  ? validate_chain+0x11e/0x5900
[  170.293329][ T6359]  ? __pfx___alloc_skb+0x10/0x10
[  170.298258][ T6359]  ? __lock_acquire+0x2030/0x2040
[  170.303277][ T6359]  alloc_skb_with_frags+0xc3/0x770
[  170.308384][ T6359]  ? mark_lock+0x9a/0x350
[  170.312708][ T6359]  ? __lock_acquire+0x137a/0x2040
[  170.317731][ T6359]  sock_alloc_send_pskb+0x91a/0xa60
[  170.322934][ T6359]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  170.328642][ T6359]  ? smack_socket_sendmsg+0x172/0x540
[  170.334009][ T6359]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  170.339725][ T6359]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  170.346138][ T6359]  hci_sock_sendmsg+0x22b/0x11c0
[  170.351073][ T6359]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  170.356442][ T6359]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  170.361722][ T6359]  ? security_socket_sendmsg+0x87/0xb0
[  170.367179][ T6359]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  170.372542][ T6359]  __sock_sendmsg+0x221/0x270
[  170.377217][ T6359]  sock_write_iter+0x2dd/0x400
[  170.381977][ T6359]  ? __pfx_sock_write_iter+0x10/0x10
[  170.387259][ T6359]  ? bpf_lsm_file_permission+0x9/0x10
[  170.392708][ T6359]  ? security_file_permission+0x7f/0xa0
[  170.398251][ T6359]  vfs_write+0xa72/0xc90
[  170.402482][ T6359]  ? __pfx_sock_write_iter+0x10/0x10
[  170.407776][ T6359]  ? __pfx_vfs_write+0x10/0x10
[  170.412551][ T6359]  ksys_write+0x1a0/0x2c0
[  170.416879][ T6359]  ? __pfx_ksys_write+0x10/0x10
[  170.421718][ T6359]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  170.428044][ T6359]  ? __irq_exit_rcu+0x100/0x1c0
[  170.432893][ T6359]  ? do_syscall_64+0xb6/0x230
[  170.437561][ T6359]  do_syscall_64+0xf3/0x230
[  170.442054][ T6359]  ? clear_bhb_loop+0x35/0x90
[  170.446723][ T6359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.452602][ T6359] RIP: 0033:0x7f6224f79e79
[  170.457005][ T6359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.476610][ T6359] RSP: 002b:00007f6225df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  170.485016][ T6359] RAX: ffffffffffffffda RBX: 00007f6225116058 RCX: 00007f6224f79e79
[  170.492977][ T6359] RDX: 000000000000000d RSI: 0000000020000200 RDI: 000000000000000a
[  170.500940][ T6359] RBP: 00007f6225df5090 R08: 0000000000000000 R09: 0000000000000000
[  170.508901][ T6359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.516860][ T6359] R13: 0000000000000000 R14: 00007f6225116058 R15: 00007ffd3aaca258
[  170.524845][ T6359]  </TASK>
[  170.798540][ T5301] usb 5-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  170.827046][ T5301] usb 5-1: config 1 interface 0 has no altsetting 0
[  170.856773][ T6356] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  170.878406][ T5301] usb 5-1: New USB device found, idVendor=046d, idProduct=c29a, bcdDevice= 0.40
[  170.893558][ T5301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.901643][ T6356] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  170.920212][ T6356] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  170.933628][ T6356] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  170.949530][ T5301] usb 5-1: Product: 囋✼郓ᷣ쾽䤇Ó⯛葴�믰ꮘ�
[  170.953527][ T6356] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  170.969434][ T5301] usb 5-1: Manufacturer: Ь
[  170.982902][ T5301] usb 5-1: SerialNumber: �슣 컓鞤昜ኚ誽젋Қ嵦曂熨璊ꃎꞧ�㜶ꢒ䡔駌࠭놶昄�笑�濋筞䲵呻�橴烗际鑦��੊퓰�췭⦛炈霢⇢摸
[  170.983577][ T6356] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  171.051826][ T6356] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1342769789
[  171.099993][ T6356] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  171.128171][ T6362] ubi0: background thread "ubi_bgt0d" started, PID 6362
[  171.138579][ T6359] ubi: mtd0 is already attached to ubi0
[  171.198727][ T5301] usbhid 5-1:1.0: can't add hid device: -71
[  171.204857][ T5301] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  171.233887][ T5301] usb 5-1: USB disconnect, device number 9
[  171.359274][ T6376] FAULT_INJECTION: forcing a failure.
[  171.359274][ T6376] name failslab, interval 1, probability 0, space 0, times 0
[  171.402905][ T6369] @: renamed from vlan0 (while UP)
[  171.458775][ T6376] CPU: 0 UID: 0 PID: 6376 Comm: syz.1.252 Not tainted 6.11.0-rc5-syzkaller #0
[  171.467641][ T6376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  171.477684][ T6376] Call Trace:
[  171.480956][ T6376]  <TASK>
[  171.483880][ T6376]  dump_stack_lvl+0x241/0x360
[  171.488555][ T6376]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.493752][ T6376]  ? __pfx__printk+0x10/0x10
[  171.498360][ T6376]  ? fs_reclaim_acquire+0x93/0x140
[  171.503474][ T6376]  ? __pfx___might_resched+0x10/0x10
[  171.508763][ T6376]  should_fail_ex+0x3b0/0x4e0
[  171.513435][ T6376]  ? tomoyo_encode+0x26f/0x540
[  171.518203][ T6376]  should_failslab+0xac/0x100
[  171.522872][ T6376]  ? tomoyo_encode+0x26f/0x540
[  171.527629][ T6376]  __kmalloc_noprof+0xd8/0x400
[  171.532388][ T6376]  tomoyo_encode+0x26f/0x540
[  171.536985][ T6376]  tomoyo_realpath_from_path+0x59e/0x5e0
[  171.542619][ T6376]  tomoyo_path_number_perm+0x23a/0x880
[  171.548072][ T6376]  ? tomoyo_path_number_perm+0x208/0x880
[  171.553695][ T6376]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.559694][ T6376]  ? __fget_files+0x29/0x470
[  171.564276][ T6376]  ? __fget_files+0x3f6/0x470
[  171.568940][ T6376]  ? __fget_files+0x29/0x470
[  171.573529][ T6376]  security_file_ioctl+0x75/0xb0
[  171.578464][ T6376]  __se_sys_ioctl+0x47/0x170
[  171.583043][ T6376]  do_syscall_64+0xf3/0x230
[  171.587537][ T6376]  ? clear_bhb_loop+0x35/0x90
[  171.592217][ T6376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.598105][ T6376] RIP: 0033:0x7f6224f79e79
[  171.602509][ T6376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.622102][ T6376] RSP: 002b:00007f6225e16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.630508][ T6376] RAX: ffffffffffffffda RBX: 00007f6225115f80 RCX: 00007f6224f79e79
[  171.638472][ T6376] RDX: 0000000020000740 RSI: 00000000c2604110 RDI: 0000000000000003
[  171.646433][ T6376] RBP: 00007f6225e16090 R08: 0000000000000000 R09: 0000000000000000
[  171.654394][ T6376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.662354][ T6376] R13: 0000000000000000 R14: 00007f6225115f80 R15: 00007ffd3aaca258
[  171.670331][ T6376]  </TASK>
[  171.686488][ T6376] ERROR: Out of memory at tomoyo_realpath_from_path.
[  172.334086][ T5273] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  174.077729][ T5273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  174.110097][ T5273] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  174.275137][ T5273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  174.522564][ T5850] Bluetooth: (null): Invalid header checksum
[  174.531475][ T5850] Bluetooth: (null): Invalid header checksum
[  174.546187][ T5273] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  174.556623][ T5850] Bluetooth: (null): Invalid header checksum
[  174.605584][ T5850] Bluetooth: (null): Invalid header checksum
[  174.637271][ T6402] xt_hashlimit: overflow, try lower: 0/0
[  174.709323][ T6402] input: syz1 as /devices/virtual/input/input7
[  174.794601][ T5273] usb 2-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[  175.000077][ T5273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.000417][ T5273] usb 2-1: Product: syz
[  175.000458][ T5273] usb 2-1: Manufacturer: syz
[  175.000801][ T5273] usb 2-1: SerialNumber: syz
[  175.055741][ T5273] usb 2-1: config 0 descriptor??
[  175.317031][ T5273] usb 2-1: can't set config #0, error -71
[  175.319086][ T5273] usb 2-1: USB disconnect, device number 16
[  175.334903][ T6395] delete_channel: no stack
[  175.503765][  T943] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  175.934731][ T6413] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  176.125956][  T943] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.148750][  T943] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.166903][  T943] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  176.200305][  T943] usb 4-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  176.219154][  T943] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.303925][  T943] usb 4-1: config 0 descriptor??
[  176.508786][   T29] audit: type=1326 audit(1724642789.668:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6429 comm="syz.0.266" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed4ed79e79 code=0x0
[  177.170570][ T6436] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  177.198125][  T943] playstation 0003:054C:0BA0.0007: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.3-1/input0
[  177.264722][ T6436] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[  177.597399][ T6441] netlink: 68 bytes leftover after parsing attributes in process `syz.1.269'.
[  178.532169][  T943] playstation 0003:054C:0BA0.0007: Failed to retrieve feature with reportID 18: -71
[  178.560329][  T943] playstation 0003:054C:0BA0.0007: Failed to retrieve DualShock4 pairing info: -71
[  178.611677][  T943] playstation 0003:054C:0BA0.0007: Failed to get MAC address from DualShock4
[  178.647592][  T943] playstation 0003:054C:0BA0.0007: Failed to create dualshock4.
[  178.666066][ T5301] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  178.692261][  T943] playstation 0003:054C:0BA0.0007: probe with driver playstation failed with error -71
[  178.774298][  T943] usb 4-1: USB disconnect, device number 8
[  178.913682][ T5301] usb 5-1: Using ep0 maxpacket: 32
[  178.926758][ T6460] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  178.930338][ T5301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.935206][ T5266] usb 4-1: reset high-speed USB device number 8 using dummy_hcd
[  179.036383][ T5301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.053749][ T5301] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  179.062855][ T5301] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.108717][ T5301] usb 5-1: config 0 descriptor??
[  179.653732][ T5301] usbhid 5-1:0.0: can't add hid device: -71
[  179.685569][ T5301] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  179.714167][ T5301] usb 5-1: USB disconnect, device number 10
[  179.813870][   T29] audit: type=1326 audit(1724642792.978:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6475 comm="syz.2.281" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea9c779e79 code=0x0
[  179.909181][  T943] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  180.331739][  T943] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  180.423921][ T5266] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  180.512984][  T943] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  180.585182][ T6483] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  180.646452][ T6483] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0
[  180.721680][  T943] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  180.732032][  T943] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  180.740100][  T943] usb 4-1: SerialNumber: syz
[  180.815009][ T5266] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  180.832608][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  180.854200][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  180.868783][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  180.877197][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  180.892270][ T6494] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.895963][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  180.920737][ T6494] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.923718][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  180.965252][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  180.985682][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  181.000807][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  181.017935][  T943] usb 4-1: 0:2 : does not exist
[  181.025990][ T5274] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  181.050873][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.067803][  T943] usb 4-1: 5:0: cannot get min/max values for control 5 (id 5)
[  181.079352][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  181.092230][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  181.101453][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.113861][  T943] usb 4-1: 5:0: cannot get min/max values for control 6 (id 5)
[  181.122435][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  181.136527][  T943] usb 4-1: unit 255 not found!
[  181.144094][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  181.158870][  T943] usb 4-1: USB disconnect, device number 9
[  181.165273][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.183621][ T5236] Bluetooth: hci0: command 0x0401 tx timeout
[  181.184673][ T4611] Bluetooth: hci1: command 0x0406 tx timeout
[  181.195465][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  181.220323][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  181.233553][ T5274] usb 5-1: Using ep0 maxpacket: 8
[  181.240140][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.256251][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.279552][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  181.294507][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.311563][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  181.319799][ T5274] usb 5-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[  181.339631][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.356580][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.383816][ T5266] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  181.403031][ T5274] usb 5-1: config 0 descriptor??
[  181.438216][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0
[  181.466560][ T5266] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  181.491707][ T5266] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  181.530065][ T5266] usb 2-1: Product: syz
[  181.535304][ T5266] usb 2-1: Manufacturer: syz
[  181.539970][ T5266] usb 2-1: SerialNumber: syz
[  181.548756][ T5266] usb 2-1: config 0 descriptor??
[  181.562683][ T5266] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  181.991209][    C0] hrtimer: interrupt took 49085 ns
[  182.568775][   T58] usb 2-1: USB disconnect, device number 17
[  182.604567][   T58] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  182.669578][ T5274] usbhid 5-1:0.0: can't add hid device: -71
[  182.684862][ T5274] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  182.695079][ T5274] usb 5-1: USB disconnect, device number 11
[  183.072983][ T6525] netlink: 'syz.3.293': attribute type 12 has an invalid length.
[  183.218194][ T6525] tipc: Started in network mode
[  183.244111][ T6525] tipc: Node identity :, cluster identity 4711
[  183.391253][ T6525] tipc: Enabling of bearer <udp:@> rejected, failed to enable media
[  185.501061][   T29] audit: type=1326 audit(1724642798.668:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6541 comm="syz.2.298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea9c779e79 code=0x0
[  185.532398][   T46] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  185.623710][ T5273] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  185.867600][   T46] usb 1-1: Using ep0 maxpacket: 32
[  185.886803][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.898162][ T5273] usb 4-1: Using ep0 maxpacket: 8
[  185.905464][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.918319][ T5273] usb 4-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  186.121238][   T46] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  186.134484][ T5273] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.152051][ T5273] usb 4-1: config 0 descriptor??
[  186.157865][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.523640][ T5273] qmi_wwan 4-1:0.0: probe with driver qmi_wwan failed with error -22
[  186.533644][   T58] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  188.520943][   T46] usb 1-1: config 0 descriptor??
[  189.963614][   T46] usb 1-1: can't set config #0, error -71
[  189.973063][   T46] usb 1-1: USB disconnect, device number 13
[  190.002827][ T5266] usb 4-1: USB disconnect, device number 10
[  191.881733][   T29] audit: type=1326 audit(1724642805.048:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  191.903057][    C0] vkms_vblank_simulate: vblank timer overrun
[  191.951811][ T6616] netlink: 28 bytes leftover after parsing attributes in process `syz.4.316'.
[  191.962514][   T29] audit: type=1326 audit(1724642805.048:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  191.996693][   T29] audit: type=1326 audit(1724642805.098:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.018005][    C0] vkms_vblank_simulate: vblank timer overrun
[  192.035190][   T29] audit: type=1326 audit(1724642805.098:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.060775][   T29] audit: type=1326 audit(1724642805.098:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.169942][   T29] audit: type=1326 audit(1724642805.098:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.247025][   T29] audit: type=1326 audit(1724642805.098:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.268406][    C0] vkms_vblank_simulate: vblank timer overrun
[  192.311121][   T29] audit: type=1326 audit(1724642805.098:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.369538][   T29] audit: type=1326 audit(1724642805.098:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.433688][   T29] audit: type=1326 audit(1724642805.098:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6609 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f491d379e79 code=0x7ffc0000
[  192.455029][    C0] vkms_vblank_simulate: vblank timer overrun
[  192.516859][ T6622] program syz.0.317 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  192.540483][ T6622] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  192.863571][ T5266] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  193.385193][ T5266] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  193.394512][ T5266] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.404909][ T5266] usb 2-1: Product: syz
[  193.409333][ T5266] usb 2-1: Manufacturer: syz
[  193.414823][ T5266] usb 2-1: SerialNumber: syz
[  193.732986][ T5266] usb 2-1: config 0 descriptor??
[  193.897488][ T6635] process 'syz.4.321' launched './file1' with NULL argv: empty string added
[  193.966044][ T5266] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[  194.257426][ T6652] IPv6: NLM_F_REPLACE set, but no existing node found!
[  194.389353][ T5266] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  194.465174][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  195.591276][ T6626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.318'.
[  195.614158][ T6626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.318'.
[  195.641989][ T6626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.318'.
[  195.680720][ T6664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.329'.
[  195.902350][ T6670] netlink: 8 bytes leftover after parsing attributes in process `syz.3.329'.
[  196.773997][   T46] usb 2-1: USB disconnect, device number 18
[  196.793033][ T6682] program syz.2.333 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  196.803638][ T6687] netlink: 76 bytes leftover after parsing attributes in process `syz.0.335'.
[  197.018076][ T6701] netlink: 44 bytes leftover after parsing attributes in process `syz.1.340'.
[  197.314632][ T6713] netlink: 'syz.1.344': attribute type 3 has an invalid length.
[  197.322851][ T6713] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.344'.
[  197.566359][ T6718] netlink: 20 bytes leftover after parsing attributes in process `syz.3.341'.
[  198.928543][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  198.928561][   T29] audit: type=1326 audit(1724642812.078:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6728 comm="syz.3.348" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x0
[  199.059913][ T6735] xt_TCPMSS: Only works on TCP SYN packets
[  199.120225][ T6737] program syz.1.351 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  199.161273][ T6735] IPv6: Can't replace route, no match found
[  199.303607][ T5274] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  199.389980][ T6747] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  199.717682][ T5274] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  199.817654][ T2542] bridge_slave_1: left allmulticast mode
[  199.909421][ T5274] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.941557][ T2542] bridge_slave_1: left promiscuous mode
[  199.988696][ T2542] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.993539][ T5274] usb 4-1: Product: syz
[  200.012431][ T5274] usb 4-1: Manufacturer: syz
[  200.023616][ T5274] usb 4-1: SerialNumber: syz
[  200.099403][ T6750] overlayfs: missing 'lowerdir'
[  200.344614][ T2542] bridge_slave_0: left allmulticast mode
[  200.349163][ T5274] usb 4-1: config 0 descriptor??
[  200.362727][ T2542] bridge_slave_0: left promiscuous mode
[  200.382647][ T2542] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.465091][ T6761] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  201.933937][ T5274] cx82310_eth 4-1:0.0: probe with driver cx82310_eth failed with error -22
[  202.341099][ T5274] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[  204.139582][ T6734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'.
[  204.170363][ T6734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'.
[  204.189806][ T6734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'.
[  206.806404][ T6782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.363'.
[  206.825145][ T6782] netlink: 88 bytes leftover after parsing attributes in process `syz.0.363'.
[  206.913232][   T58] usb 4-1: USB disconnect, device number 11
[  207.381821][   T29] audit: type=1326 audit(1724642820.548:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6790 comm="syz.3.366" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f491d379e79 code=0x0
[  207.428846][ T2542] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.452751][ T2542] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.474924][ T2542] bond0 (unregistering): Released all slaves
[  207.484840][ T6796] netlink: 12 bytes leftover after parsing attributes in process `syz.4.367'.
[  207.601535][ T6797] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  207.653561][ T6797] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0
[  207.955989][ T2542] hsr_slave_0: left promiscuous mode
[  207.975117][ T2542] hsr_slave_1: left promiscuous mode
[  207.981329][ T2542] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.996278][ T2542] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.044777][ T2542] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.066480][ T5301] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  208.075851][ T2542] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.125474][ T2542] veth1_macvtap: left promiscuous mode
[  208.131122][ T2542] veth0_macvtap: left promiscuous mode
[  208.143973][ T2542] veth1_vlan: left promiscuous mode
[  208.152027][ T2542] veth0_vlan: left promiscuous mode
[  208.268957][ T5301] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  208.287038][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.302457][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.320422][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.331281][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.361055][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.386025][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.405104][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.425582][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.449302][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.484796][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.512229][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.539281][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.554679][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.575477][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.598543][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.622442][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.645463][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.659503][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.681498][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.695628][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.715497][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.732902][ T5301] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.742182][ T5301] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  208.777262][ T5301] usb 1-1: config 0 interface 0 has no altsetting 0
[  208.821464][ T5301] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  208.838798][ T5301] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  208.847460][ T5301] usb 1-1: Product: syz
[  208.860916][ T5301] usb 1-1: Manufacturer: syz
[  208.875913][ T5301] usb 1-1: SerialNumber: syz
[  208.898491][ T5301] usb 1-1: config 0 descriptor??
[  208.922938][ T5301] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  209.285088][ T5301] usb 1-1: USB disconnect, device number 14
[  209.307811][ T5301] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  210.258841][ T2542] team0 (unregistering): Port device team_slave_1 removed
[  210.324588][ T2542] team0 (unregistering): Port device team_slave_0 removed
[  210.700886][   T29] audit: type=1326 audit(1724642823.868:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6823 comm="syz.0.375" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed4ed79e79 code=0x0
[  211.094200][  T943] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  211.183618][ T5273] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  211.344424][ T6836] FAULT_INJECTION: forcing a failure.
[  211.344424][ T6836] name failslab, interval 1, probability 0, space 0, times 0
[  211.384607][  T943] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  211.404079][ T6836] CPU: 1 UID: 0 PID: 6836 Comm: syz.1.377 Not tainted 6.11.0-rc5-syzkaller #0
[  211.412947][ T6836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  211.423022][ T6836] Call Trace:
[  211.426306][ T6836]  <TASK>
[  211.429226][ T6836]  dump_stack_lvl+0x241/0x360
[  211.433898][ T6836]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.439083][ T6836]  ? __pfx__printk+0x10/0x10
[  211.443670][ T6836]  should_fail_ex+0x3b0/0x4e0
[  211.448343][ T6836]  ? dst_alloc+0x12b/0x190
[  211.452747][ T6836]  should_failslab+0xac/0x100
[  211.457410][ T6836]  ? dst_alloc+0x12b/0x190
[  211.461811][ T6836]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  211.467174][ T6836]  dst_alloc+0x12b/0x190
[  211.471407][ T6836]  xfrm_alloc_dst+0x6e/0x150
[  211.475983][ T6836]  xfrm_lookup_with_ifid+0xc16/0x1ee0
[  211.481348][ T6836]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  211.487154][ T6836]  xfrm_lookup_route+0x3c/0x1c0
[  211.491991][ T6836]  ip6_sk_dst_lookup_flow+0x819/0xa30
[  211.497350][ T6836]  ? txopt_get+0x3e0/0x4f0
[  211.501758][ T6836]  ? __pfx_ip6_sk_dst_lookup_flow+0x10/0x10
[  211.507635][ T6836]  ? udpv6_sendmsg+0x1be4/0x3270
[  211.512560][ T6836]  udpv6_sendmsg+0x201f/0x3270
[  211.517314][ T6836]  ? release_sock+0x30/0x1f0
[  211.521898][ T6836]  ? __pfx_udplite_getfrag+0x10/0x10
[  211.527177][ T6836]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  211.532282][ T6836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  211.538627][ T6836]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  211.544331][ T6836]  ? inet_send_prepare+0x1b7/0x260
[  211.549430][ T6836]  ? do_raw_spin_unlock+0x13c/0x8b0
[  211.554634][ T6836]  ? inet_send_prepare+0x1b7/0x260
[  211.559737][ T6836]  __sock_sendmsg+0xef/0x270
[  211.564324][ T6836]  ____sys_sendmsg+0x525/0x7d0
[  211.569081][ T6836]  ? __pfx_____sys_sendmsg+0x10/0x10
[  211.574363][ T6836]  __sys_sendmmsg+0x3b2/0x740
[  211.579033][ T6836]  ? __pfx___sys_sendmmsg+0x10/0x10
[  211.584237][ T6836]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  211.590123][ T6836]  ? ksys_write+0x23e/0x2c0
[  211.594613][ T6836]  ? __pfx_lock_release+0x10/0x10
[  211.599625][ T6836]  ? vfs_write+0x7c4/0xc90
[  211.604028][ T6836]  ? __mutex_unlock_slowpath+0x21d/0x750
[  211.609643][ T6836]  ? __pfx_vfs_write+0x10/0x10
[  211.614404][ T6836]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  211.620375][ T6836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  211.626701][ T6836]  ? do_syscall_64+0x100/0x230
[  211.631470][ T6836]  __x64_sys_sendmmsg+0xa0/0xb0
[  211.636313][ T6836]  do_syscall_64+0xf3/0x230
[  211.640804][ T6836]  ? clear_bhb_loop+0x35/0x90
[  211.645474][ T6836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.651354][ T6836] RIP: 0033:0x7f6224f79e79
[  211.655755][ T6836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.675348][ T6836] RSP: 002b:00007f6225df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  211.683749][ T6836] RAX: ffffffffffffffda RBX: 00007f6225116058 RCX: 00007f6224f79e79
[  211.691708][ T6836] RDX: 0000000000000300 RSI: 0000000020000740 RDI: 0000000000000004
[  211.699664][ T6836] RBP: 00007f6225df5090 R08: 0000000000000000 R09: 0000000000000000
[  211.707627][ T6836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.715597][ T6836] R13: 0000000000000000 R14: 00007f6225116058 R15: 00007ffd3aaca258
[  211.723563][ T6836]  </TASK>
[  211.731664][  T943] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.744644][  T943] usb 1-1: Product: syz
[  211.748833][  T943] usb 1-1: Manufacturer: syz
[  211.753708][  T943] usb 1-1: SerialNumber: syz
[  211.775751][  T943] usb 1-1: config 0 descriptor??
[  211.985795][ T5236] Bluetooth: hci5: command 0x0406 tx timeout
[  212.008562][  T943] cx82310_eth 1-1:0.0: probe with driver cx82310_eth failed with error -22
[  212.015991][ T5273] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  212.029299][ T5273] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.733952][ T5236] Bluetooth: hci1: command 0x0406 tx timeout
[  214.279788][ T5273] usb 4-1: config 0 descriptor??
[  218.385463][  T943] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19!
[  218.474399][  T943] usb 1-1: USB disconnect, device number 15
[  218.485526][ T5273] usb 4-1: can't set config #0, error -71
[  218.498950][ T5273] usb 4-1: USB disconnect, device number 12
[  218.620487][ T6856] netlink: 12 bytes leftover after parsing attributes in process `syz.1.382'.
[  218.935882][ T5301] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  219.044838][ T5273] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  219.149062][ T5301] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  219.181603][ T5301] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.207769][ T5301] usb 3-1: Product: syz
[  219.212163][ T5301] usb 3-1: Manufacturer: syz
[  219.221606][ T5301] usb 3-1: SerialNumber: syz
[  219.244280][ T5273] usb 5-1: Using ep0 maxpacket: 16
[  219.262356][ T5301] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  219.283607][ T5273] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  219.322012][ T5273] usb 5-1: config 0 has no interface number 0
[  219.348290][ T5273] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.368567][ T5273] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.379657][ T5273] usb 5-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  219.401249][ T5273] usb 5-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00
[  219.411966][ T5273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.430003][ T5301] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  219.458481][ T5273] usb 5-1: config 0 descriptor??
[  219.486543][ T6866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.531329][ T6866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.888183][ T5273] holtek_mouse 0003:04D9:A072.0008: unknown main item tag 0x0
[  219.907675][ T5273] holtek_mouse 0003:04D9:A072.0008: hidraw0: USB HID v0.00 Device [HID 04d9:a072] on usb-dummy_hcd.4-1/input1
[  220.688586][ T5301] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  220.691628][  T943] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  220.700345][ T5301] ath9k_htc: Failed to initialize the device
[  220.721930][ T6872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.737792][ T5319] usb 5-1: USB disconnect, device number 13
[  220.751831][ T6872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.773001][ T5301] usb 3-1: ath9k_htc: USB layer deinitialized
[  220.923713][  T943] usb 4-1: Using ep0 maxpacket: 32
[  220.968150][ T6879] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  221.015040][  T943] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  221.189886][  T943] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  221.306106][  T943] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.427493][  T943] usb 4-1: Product: syz
[  221.502499][  T943] usb 4-1: Manufacturer: syz
[  221.574155][  T943] usb 4-1: SerialNumber: syz
[  221.589867][ T5266] usb 3-1: USB disconnect, device number 13
[  221.602486][  T943] usb 4-1: config 0 descriptor??
[  221.623316][ T6868] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  221.652172][  T943] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  223.321665][ T6897] 9pnet_fd: Insufficient options for proto=fd
[  223.432607][ T6906] ax25_connect(): syz.2.399 uses autobind, please contact jreuter@yaina.de
[  223.868128][ T5266] usb 4-1: USB disconnect, device number 13
[  224.166603][   T29] audit: type=1326 audit(1724642837.338:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.0.403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed4ed79e79 code=0x0
[  224.443610][ T5266] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  224.663651][ T5266] usb 4-1: Using ep0 maxpacket: 16
[  224.713876][ T5266] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  224.743637][ T5273] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  224.756252][ T5266] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  224.767958][ T5266] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  224.779149][ T5266] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  224.805941][ T5266] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  224.815994][ T5266] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.824906][ T5266] usb 4-1: Product: syz
[  224.830208][ T5266] usb 4-1: Manufacturer: syz
[  224.838840][ T5266] usb 4-1: SerialNumber: syz
[  224.926163][ T5273] usb 3-1: device descriptor read/64, error -71
[  225.114887][ T5266] usb 4-1: USB disconnect, device number 14
[  225.223574][ T5273] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  225.579020][ T5273] usb 3-1: device descriptor read/64, error -71
[  225.743808][ T5273] usb usb3-port1: attempt power cycle
[  225.894841][ T6948] FAULT_INJECTION: forcing a failure.
[  225.894841][ T6948] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.908178][ T6948] CPU: 0 UID: 0 PID: 6948 Comm: syz.1.413 Not tainted 6.11.0-rc5-syzkaller #0
[  225.917048][ T6948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  225.927117][ T6948] Call Trace:
[  225.930405][ T6948]  <TASK>
[  225.933342][ T6948]  dump_stack_lvl+0x241/0x360
[  225.938040][ T6948]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.941111][ T6950] Driver unsupported XDP return value 0 on prog  (id 88) dev N/A, expect packet loss!
[  225.943239][ T6948]  ? __pfx__printk+0x10/0x10
[  225.943278][ T6948]  ? snprintf+0xda/0x120
[  225.961625][ T6948]  should_fail_ex+0x3b0/0x4e0
[  225.966327][ T6948]  _copy_to_user+0x2f/0xb0
[  225.970768][ T6948]  simple_read_from_buffer+0xca/0x150
[  225.976170][ T6948]  proc_fail_nth_read+0x1ec/0x260
[  225.981196][ T6948]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.986740][ T6948]  ? rw_verify_area+0x520/0x6b0
[  225.991587][ T6948]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.997129][ T6948]  vfs_read+0x204/0xbc0
[  226.001275][ T6948]  ? __pfx_lock_release+0x10/0x10
[  226.006295][ T6948]  ? do_sock_setsockopt+0x3e2/0x720
[  226.011486][ T6948]  ? __pfx_vfs_read+0x10/0x10
[  226.016153][ T6948]  ? __fget_files+0x29/0x470
[  226.020733][ T6948]  ? __fget_files+0x3f6/0x470
[  226.025408][ T6948]  ksys_read+0x1a0/0x2c0
[  226.029646][ T6948]  ? __pfx_ksys_read+0x10/0x10
[  226.034401][ T6948]  ? do_syscall_64+0x100/0x230
[  226.039155][ T6948]  ? do_syscall_64+0xb6/0x230
[  226.043823][ T6948]  do_syscall_64+0xf3/0x230
[  226.048320][ T6948]  ? clear_bhb_loop+0x35/0x90
[  226.052989][ T6948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.058873][ T6948] RIP: 0033:0x7f6224f788bc
[  226.063282][ T6948] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  226.082883][ T6948] RSP: 002b:00007f6225e16030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  226.091291][ T6948] RAX: ffffffffffffffda RBX: 00007f6225115f80 RCX: 00007f6224f788bc
[  226.099253][ T6948] RDX: 000000000000000f RSI: 00007f6225e160a0 RDI: 0000000000000004
[  226.107212][ T6948] RBP: 00007f6225e16090 R08: 0000000000000000 R09: 0000000000000000
[  226.115171][ T6948] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000001
[  226.123130][ T6948] R13: 0000000000000000 R14: 00007f6225115f80 R15: 00007ffd3aaca258
[  226.131105][ T6948]  </TASK>
[  226.193184][ T6945] 9pnet_fd: Insufficient options for proto=fd
[  226.223651][ T5273] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  226.264576][ T5273] usb 3-1: device descriptor read/8, error -71
[  226.370292][ T6961] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  226.533969][ T5273] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  226.688535][ T5273] usb 3-1: device descriptor read/8, error -71
[  226.942702][ T5273] usb usb3-port1: unable to enumerate USB device
[  227.222579][ T2983] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.253058][ T6969] debugfs: Directory 'netdev:nicvf0' with parent 'phy3' already present!
[  227.383671][ T2983] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.547414][ T2983] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.868060][ T2983] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.066423][ T4611] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  230.083385][ T4611] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  230.091446][ T4611] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  230.102569][ T4611] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  230.111136][ T4611] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  230.123283][ T4611] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  230.428455][ T7000] 9pnet_fd: Insufficient options for proto=fd
[  231.334657][ T2983] bridge_slave_1: left allmulticast mode
[  231.335671][ T2983] bridge_slave_1: left promiscuous mode
[  231.336387][ T2983] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.350671][ T2983] bridge_slave_0: left allmulticast mode
[  231.350695][ T2983] bridge_slave_0: left promiscuous mode
[  231.350870][ T2983] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.967435][ T7030] netlink: 168 bytes leftover after parsing attributes in process `syz.1.434'.
[  232.074644][ T5270] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  232.115843][ T2983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.134016][ T2983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.145954][ T2983] bond0 (unregistering): Released all slaves
[  232.217611][ T4611] Bluetooth: hci1: command tx timeout
[  232.245197][ T2983] tipc: Left network mode
[  232.255373][ T5270] usb 3-1: device descriptor read/64, error -71
[  232.261893][ T5266] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  232.313232][ T6996] chnl_net:caif_netlink_parms(): no params data found
[  232.454012][ T5266] usb 2-1: Using ep0 maxpacket: 8
[  232.484329][ T5266] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[  232.493698][ T5266] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.509444][ T5266] usb 2-1: Product: syz
[  232.514453][ T5266] usb 2-1: Manufacturer: syz
[  232.528655][ T5266] usb 2-1: SerialNumber: syz
[  232.533696][ T5270] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  232.537525][ T5266] usb 2-1: config 0 descriptor??
[  232.662022][ T6996] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.669535][ T6996] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.685440][ T6996] bridge_slave_0: entered allmulticast mode
[  232.700699][ T6996] bridge_slave_0: entered promiscuous mode
[  232.741014][ T2983] hsr_slave_0: left promiscuous mode
[  232.786041][ T2983] hsr_slave_1: left promiscuous mode
[  232.805176][ T5266] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  232.817140][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.833071][ T5266] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  232.858284][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  232.867692][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.879919][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.887676][ T5266] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  232.894231][ T5270] usb 3-1: device descriptor read/64, error -71
[  232.897775][ T5266] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  232.918879][ T5266] usb 2-1: USB disconnect, device number 19
[  232.983204][ T2983] veth1_macvtap: left promiscuous mode
[  232.991209][ T2983] veth0_macvtap: left promiscuous mode
[  233.003820][ T2983] veth1_vlan: left promiscuous mode
[  233.009165][ T2983] veth0_vlan: left promiscuous mode
[  233.448517][ T5270] usb usb3-port1: attempt power cycle
[  234.385175][ T2983] team0 (unregistering): Port device team_slave_1 removed
[  234.413704][ T4611] Bluetooth: hci1: command tx timeout
[  234.854943][ T5270] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  234.923967][ T2983] team0 (unregistering): Port device team_slave_0 removed
[  234.995610][ T5270] usb 3-1: device descriptor read/8, error -71
[  235.730858][ T6996] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.739917][ T6996] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.752437][ T6996] bridge_slave_1: entered allmulticast mode
[  235.783064][ T6996] bridge_slave_1: entered promiscuous mode
[  236.125200][ T7056] netlink: 28 bytes leftover after parsing attributes in process `syz.0.439'.
[  236.160302][ T6996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.178498][ T6996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.291613][ T6996] team0: Port device team_slave_0 added
[  236.311375][ T6996] team0: Port device team_slave_1 added
[  236.423562][ T5270] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  236.452268][ T6996] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.459951][ T4611] Bluetooth: hci1: command tx timeout
[  236.470968][ T6996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.514666][ T6996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  236.542371][ T6996] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.550379][ T6996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.580994][ T6996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.635785][ T5270] usb 2-1: Using ep0 maxpacket: 8
[  236.648624][ T5270] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  236.667194][ T5270] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  236.688310][ T5270] usb 2-1: config 0 has no interface number 0
[  236.705295][ T5270] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  236.727704][ T5270] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  236.753134][ T5270] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  236.768672][ T7064] @: renamed from vlan0 (while UP)
[  236.783536][ T5270] usb 2-1: config 0 interface 52 has no altsetting 0
[  236.792886][ T5270] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  236.810582][ T6996] hsr_slave_0: entered promiscuous mode
[  236.819676][ T5270] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.856436][ T5270] usb 2-1: config 0 descriptor??
[  236.876912][ T6996] hsr_slave_1: entered promiscuous mode
[  236.899879][ T6996] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  236.929017][ T6996] Cannot create hsr debugfs directory
[  237.070537][ T5270] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input8
[  237.113709][ T4658] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  237.167654][ T4658] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  237.199272][ T4658] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  237.219158][ T4658] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  237.237919][ T7080] netlink: 156 bytes leftover after parsing attributes in process `syz.2.447'.
[  237.272737][ T7058] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  237.497210][ T5270] usb 2-1: USB disconnect, device number 20
[  237.636961][ T7087] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  238.534457][ T5229] Bluetooth: hci1: command tx timeout
[  238.644511][ T7095] FAULT_INJECTION: forcing a failure.
[  238.644511][ T7095] name failslab, interval 1, probability 0, space 0, times 0
[  238.675276][ T7095] CPU: 0 UID: 0 PID: 7095 Comm: syz.2.451 Not tainted 6.11.0-rc5-syzkaller #0
[  238.684165][ T7095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  238.694233][ T7095] Call Trace:
[  238.697522][ T7095]  <TASK>
[  238.700472][ T7095]  dump_stack_lvl+0x241/0x360
[  238.705176][ T7095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.710391][ T7095]  ? __pfx__printk+0x10/0x10
[  238.715011][ T7095]  ? __kmalloc_node_track_caller_noprof+0xb2/0x440
[  238.721532][ T7095]  ? __pfx___might_resched+0x10/0x10
[  238.726838][ T7095]  should_fail_ex+0x3b0/0x4e0
[  238.731539][ T7095]  should_failslab+0xac/0x100
[  238.733252][ T6996] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  238.736219][ T7095]  __kmalloc_node_track_caller_noprof+0xda/0x440
[  238.736248][ T7095]  ? wakeup_source_register+0x70/0x250
[  238.754678][ T7095]  ? wakeup_source_register+0x57/0x250
[  238.760164][ T7095]  kstrdup+0x3a/0x80
[  238.764072][ T7095]  wakeup_source_register+0x70/0x250
[  238.769382][ T7095]  device_wakeup_enable+0x103/0x290
[  238.774610][ T7095]  usb_hcd_submit_urb+0xe54/0x1e80
[  238.779744][ T7095]  ? __asan_memset+0x23/0x50
[  238.784346][ T7095]  ? lockdep_init_map_type+0xa1/0x910
[  238.789738][ T7095]  ? __pfx_usb_hcd_submit_urb+0x10/0x10
[  238.795301][ T7095]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  238.801126][ T7095]  ? __pfx_lock_release+0x10/0x10
[  238.806169][ T7095]  ? usb_submit_urb+0xe85/0x1930
[  238.811119][ T7095]  usbfs_start_wait_urb+0x141/0x410
[  238.816319][ T7095]  ? __pfx_usbfs_start_wait_urb+0x10/0x10
[  238.822038][ T7095]  ? snoop_urb+0x43/0x210
[  238.826359][ T7095]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  238.831902][ T7095]  do_proc_control+0x9a4/0xfe0
[  238.836666][ T7095]  ? __pfx_do_proc_control+0x10/0x10
[  238.841966][ T7095]  ? __might_fault+0xc6/0x120
[  238.846640][ T7095]  usbdev_ioctl+0x2d17/0x6130
[  238.851306][ T7095]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  238.857456][ T7095]  ? unwind_get_return_address+0x91/0xc0
[  238.863081][ T7095]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.869145][ T7095]  ? arch_stack_walk+0x16d/0x1b0
[  238.874077][ T7095]  ? __pfx_usbdev_ioctl+0x10/0x10
[  238.879101][ T7095]  ? stack_trace_save+0x118/0x1d0
[  238.884119][ T7095]  ? __pfx_stack_trace_save+0x10/0x10
[  238.889484][ T7095]  ? stack_depot_save_flags+0x29/0x830
[  238.894942][ T7095]  ? kasan_save_track+0x51/0x80
[  238.899780][ T7095]  ? kasan_save_track+0x3f/0x80
[  238.904618][ T7095]  ? kasan_save_free_info+0x40/0x50
[  238.909809][ T7095]  ? poison_slab_object+0xe0/0x150
[  238.914908][ T7095]  ? __kasan_slab_free+0x37/0x60
[  238.919834][ T7095]  ? kfree+0x149/0x360
[  238.923893][ T7095]  ? tomoyo_path_number_perm+0x68d/0x880
[  238.929518][ T7095]  ? security_file_ioctl+0x75/0xb0
[  238.934619][ T7095]  ? __se_sys_ioctl+0x47/0x170
[  238.939367][ T7095]  ? do_syscall_64+0xf3/0x230
[  238.944032][ T7095]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.950092][ T7095]  ? do_vfs_ioctl+0xf0e/0x2e50
[  238.954851][ T7095]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  238.959878][ T7095]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  238.966197][ T7095]  ? tomoyo_path_number_perm+0x208/0x880
[  238.971824][ T7095]  ? __pfx_lock_release+0x10/0x10
[  238.976862][ T7095]  ? kfree+0x149/0x360
[  238.980929][ T7095]  ? tomoyo_path_number_perm+0x71a/0x880
[  238.986559][ T7095]  ? tomoyo_path_number_perm+0x208/0x880
[  238.992188][ T7095]  ? smack_log+0x123/0x540
[  238.996624][ T7095]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  239.002603][ T7095]  ? __pfx_smack_log+0x10/0x10
[  239.007355][ T7095]  ? smk_access+0x4ab/0x4e0
[  239.011851][ T7095]  ? smk_tskacc+0x300/0x370
[  239.016344][ T7095]  ? smack_file_ioctl+0x2fa/0x3a0
[  239.021361][ T7095]  ? __pfx_smack_file_ioctl+0x10/0x10
[  239.026733][ T7095]  ? __fget_files+0x3f6/0x470
[  239.031403][ T7095]  ? __fget_files+0x29/0x470
[  239.035986][ T7095]  ? bpf_lsm_file_ioctl+0x9/0x10
[  239.040917][ T7095]  ? security_file_ioctl+0x87/0xb0
[  239.046019][ T7095]  ? __pfx_usbdev_ioctl+0x10/0x10
[  239.051032][ T7095]  __se_sys_ioctl+0xfc/0x170
[  239.055612][ T7095]  do_syscall_64+0xf3/0x230
[  239.060107][ T7095]  ? clear_bhb_loop+0x35/0x90
[  239.064777][ T7095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.070665][ T7095] RIP: 0033:0x7fea9c779e79
[  239.075083][ T7095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.094680][ T7095] RSP: 002b:00007fea9d60c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  239.103085][ T7095] RAX: ffffffffffffffda RBX: 00007fea9c915f80 RCX: 00007fea9c779e79
[  239.111045][ T7095] RDX: 0000000020000080 RSI: 00000000c0185500 RDI: 0000000000000004
[  239.119004][ T7095] RBP: 00007fea9d60c090 R08: 0000000000000000 R09: 0000000000000000
[  239.126965][ T7095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.134927][ T7095] R13: 0000000000000000 R14: 00007fea9c915f80 R15: 00007fffdd0af308
[  239.142924][ T7095]  </TASK>
[  239.153942][ T6996] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  239.179136][ T6996] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  239.273641][ T5270] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  239.316026][ T5229] Bluetooth: hci3: command 0x1407 tx timeout
[  239.322496][ T4611] Bluetooth: hci3: Opcode 0x1407 failed: -110
[  239.355261][ T6996] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  240.155727][ T5270] usb 1-1: config 0 has an invalid interface number: 4 but max is 0
[  240.161906][ T6996] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.171735][ T5270] usb 1-1: config 0 has no interface number 0
[  240.181697][ T5270] usb 1-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.246273][ T5270] usb 1-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.392773][ T5270] usb 1-1: config 0 interface 4 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  240.406709][ T5270] usb 1-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.00
[  240.416387][ T5270] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.426752][ T6996] 8021q: adding VLAN 0 to HW filter on device team0
[  240.446109][ T5270] usb 1-1: config 0 descriptor??
[  241.465590][ T7091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  241.501350][ T7091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  241.515006][ T5270] usb 1-1: string descriptor 0 read error: -71
[  241.526093][ T2983] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.533305][ T2983] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.546050][ T5270] usbhid 1-1:0.4: can't add hid device: -71
[  241.552187][ T5270] usbhid 1-1:0.4: probe with driver usbhid failed with error -71
[  241.562021][ T5270] usb 1-1: USB disconnect, device number 16
[  241.598759][ T2983] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.605961][ T2983] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.779236][   T29] audit: type=1326 audit(1724642854.948:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7113 comm="syz.4.456" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb062379e79 code=0x0
[  242.351345][ T6996] 8021q: adding VLAN 0 to HW filter on device batadv0
[  242.504848][ T6996] veth0_vlan: entered promiscuous mode
[  242.534811][ T6996] veth1_vlan: entered promiscuous mode
[  242.604138][ T6996] veth0_macvtap: entered promiscuous mode
[  242.625734][ T6996] veth1_macvtap: entered promiscuous mode
[  242.663215][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.676542][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.687034][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.697649][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.709429][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.720015][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.731940][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.743539][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.774082][ T6996] batman_adv: batadv0: Interface activated: batadv_slave_0
[  242.798820][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.813295][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.825348][  T943] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  242.843525][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.866862][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.886854][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.900617][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.914656][ T6996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.926507][ T6996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.954669][ T6996] batman_adv: batadv0: Interface activated: batadv_slave_1
[  242.981135][ T6996] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.991742][ T7135] =======================================================
[  242.991742][ T7135] WARNING: The mand mount option has been deprecated and
[  242.991742][ T7135]          and is ignored by this kernel. Remove the mand
[  242.991742][ T7135]          option from the mount to silence this warning.
[  242.991742][ T7135] =======================================================
[  242.991866][ T6996] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  243.026682][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.041768][  T943] usb 3-1: Using ep0 maxpacket: 8
[  243.064977][  T943] usb 3-1: config 167 has too many interfaces: 202, using maximum allowed: 32
[  243.077175][  T943] usb 3-1: config 167 has 1 interface, different from the descriptor's value: 202
[  243.083269][ T6996] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  243.099777][ T6996] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  243.102765][  T943] usb 3-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29
[  243.118446][  T943] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.126941][  T943] usb 3-1: Product: syz
[  243.127728][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807c2dc400: rx timeout, send abort
[  243.131414][  T943] usb 3-1: Manufacturer: syz
[  243.141572][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff88807c2dc400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  243.144583][  T943] usb 3-1: SerialNumber: syz
[  243.216788][  T943] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[  243.287098][  T943] dvb-usb: bulk message failed: -22 (3/0)
[  243.358344][  T943] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  243.432706][  T943] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[  243.579830][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.653815][  T943] usb 3-1: media controller created
[  243.675813][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  243.715280][  T943] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  243.798061][ T2983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.942126][  T943] dvb-usb: bulk message failed: -22 (6/0)
[  243.955498][  T943] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[  243.956514][ T2983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  243.970568][  T943] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input9
[  244.448274][  T943] dvb-usb: schedule remote query interval to 150 msecs.
[  244.456048][  T943] dvb-usb: bulk message failed: -22 (3/0)
[  244.483573][  T943] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[  244.687058][  T943] usb 3-1: USB disconnect, device number 22
[  244.794491][   T29] audit: type=1326 audit(1724642857.958:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  244.884395][   T29] audit: type=1326 audit(1724642857.988:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  244.905775][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.950048][  T943] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[  244.966513][   T29] audit: type=1326 audit(1724642857.988:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  244.987876][    C0] vkms_vblank_simulate: vblank timer overrun
[  245.024683][   T29] audit: type=1326 audit(1724642857.988:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  245.076409][   T29] audit: type=1326 audit(1724642857.988:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  245.098737][   T29] audit: type=1326 audit(1724642857.988:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  245.120600][    C0] vkms_vblank_simulate: vblank timer overrun
[  245.169719][   T29] audit: type=1326 audit(1724642857.988:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  245.191076][    C0] vkms_vblank_simulate: vblank timer overrun
[  245.203639][   T29] audit: type=1326 audit(1724642857.998:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  245.292086][   T29] audit: type=1326 audit(1724642857.998:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7144 comm="syz.1.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6224f79e79 code=0x7ffc0000
[  245.514599][ T2983] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.722619][ T2983] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.860341][ T2983] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.293397][ T2983] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.333801][ T5229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  246.346460][ T5229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  246.361917][ T5229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  246.373089][ T5229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  246.382049][ T5229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  246.389452][ T5229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  247.651006][ T2983] team0: left allmulticast mode
[  247.663670][ T2983] team_slave_0: left allmulticast mode
[  247.679926][ T2983] team_slave_1: left allmulticast mode
[  247.692238][ T2983] bridge0: port 3(team0) entered disabled state
[  247.713847][ T2983] bridge_slave_1: left allmulticast mode
[  247.722354][ T2983] bridge_slave_1: left promiscuous mode
[  247.735780][ T2983] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.754225][ T2983] bridge_slave_0: left allmulticast mode
[  247.765088][ T2983] bridge_slave_0: left promiscuous mode
[  247.773280][ T2983] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.987231][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  248.193435][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  248.208440][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  248.217804][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.234326][    T9] usb 5-1: config 0 descriptor??
[  248.242026][    T9] smsusb:smsusb_probe: board id=8, interface number 0
[  248.250680][    T9] smsusb:smsusb_probe: Device initialized with return code -19
[  248.358304][   T46] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  248.420062][ T2983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  248.438711][ T2983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  248.454210][ T5229] Bluetooth: hci1: command tx timeout
[  248.472379][ T2983] bond0 (unregistering): Released all slaves
[  248.501073][ T7179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.528281][ T7179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.574799][ T5270] usb 5-1: USB disconnect, device number 14
[  248.587574][   T46] usb 2-1: config 0 has an invalid interface number: 224 but max is 0
[  248.603671][   T46] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  248.629651][   T46] usb 2-1: config 0 has no interface number 0
[  248.637491][   T46] usb 2-1: config 0 interface 224 altsetting 0 has an endpoint descriptor with address 0x75, changing to 0x5
[  248.649643][   T46] usb 2-1: config 0 interface 224 altsetting 0 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  248.650247][ T2983] IPVS: stopping backup sync thread 6258 ...
[  248.660819][   T46] usb 2-1: config 0 interface 224 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  248.678390][   T46] usb 2-1: config 0 interface 224 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  248.689911][   T46] usb 2-1: config 0 interface 224 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  248.701095][   T46] usb 2-1: config 0 interface 224 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 5
[  248.723751][ T7169] chnl_net:caif_netlink_parms(): no params data found
[  248.725544][   T46] usb 2-1: New USB device found, idVendor=06cd, idProduct=012a, bcdDevice=69.e2
[  248.744981][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.753097][   T46] usb 2-1: Product: syz
[  248.757548][   T46] usb 2-1: Manufacturer: syz
[  248.762573][   T46] usb 2-1: SerialNumber: syz
[  248.785099][   T46] usb 2-1: config 0 descriptor??
[  248.801517][   T46] keyspan 2-1:0.224: Keyspan 4 port adapter converter detected
[  248.811832][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 87
[  248.820152][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 7
[  248.837057][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 81
[  248.861767][   T46] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  248.879232][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 82
[  248.888710][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 2
[  248.917974][   T46] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  248.933577][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 83
[  248.942010][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 3
[  248.959117][   T46] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  249.004974][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 84
[  249.032051][   T46] keyspan 2-1:0.224: found no endpoint descriptor for endpoint 4
[  249.051847][   T46] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  249.075583][   T46] usb 2-1: USB disconnect, device number 21
[  249.125846][   T46] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  249.171592][   T46] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  249.239179][   T46] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  249.300394][ T2983] hsr_slave_0: left promiscuous mode
[  249.323362][   T46] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  249.355376][ T2983] hsr_slave_1: left promiscuous mode
[  249.362652][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  249.374096][   T46] keyspan 2-1:0.224: device disconnected
[  249.380448][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  249.401921][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  249.412956][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.471518][ T2983] veth1_macvtap: left promiscuous mode
[  249.482037][ T2983] veth0_macvtap: left promiscuous mode
[  249.632942][ T2983] veth1_vlan: left promiscuous mode
[  249.713760][ T2983] veth0_vlan: left promiscuous mode
[  253.353498][ T5229] Bluetooth: hci1: command tx timeout
[  253.642641][ T4611] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  253.652520][ T4611] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  253.701466][ T7210] ------------[ cut here ]------------
[  253.707361][ T7210] WARNING: CPU: 1 PID: 7210 at net/kcm/kcmsock.c:630 kcm_write_msgs+0x141d/0x15c0
[  253.717384][ T7210] Modules linked in:
[  253.721307][ T7210] CPU: 1 UID: 0 PID: 7210 Comm: syz.2.479 Not tainted 6.11.0-rc5-syzkaller #0
[  253.730681][ T7210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  253.740822][ T7210] RIP: 0010:kcm_write_msgs+0x141d/0x15c0
[  253.746572][ T7210] Code: d9 b6 c1 f6 4d 85 f6 74 60 e8 cf b6 c1 f6 48 8b 5c 24 30 48 89 df e8 42 9e ff ff eb 56 e8 bb b6 c1 f6 eb 4a e8 b4 b6 c1 f6 90 <0f> 0b 90 41 bd ea ff ff ff 49 bc 00 00 00 00 00 fc ff df eb 2f e8
[  253.766254][ T7210] RSP: 0018:ffffc90009aa76e0 EFLAGS: 00010287
[  253.772380][ T7210] RAX: ffffffff8ad1d6cc RBX: 0000000000000000 RCX: 0000000000040000
[  253.780504][ T7210] RDX: ffffc9000b01f000 RSI: 00000000000170cb RDI: 00000000000170cc
[  253.788530][ T7210] RBP: ffffc90009aa78d0 R08: ffffffff8ad1cc37 R09: 0000000000000000
[  253.797151][ T7210] R10: ffffc90009aa77e0 R11: fffff52001354f09 R12: 0000000000000140
[  253.805798][ T7210] R13: ffff88807a75b98c R14: ffff888067c18d42 R15: ffff888067c18c00
[  253.814406][ T7210] FS:  00007fea9d5eb6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  253.824419][ T7210] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  253.831022][ T7210] CR2: 00000000201a2000 CR3: 000000005b084000 CR4: 00000000003506f0
[  253.839603][ T4611] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  253.847102][ T7210] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  253.855373][ T7210] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  253.863352][ T7210] Call Trace:
[  253.866795][ T7210]  <TASK>
[  253.869711][ T7210]  ? __warn+0x163/0x4e0
[  253.873978][ T7210]  ? kcm_write_msgs+0x141d/0x15c0
[  253.878990][ T7210]  ? report_bug+0x2b3/0x500
[  253.883519][ T7210]  ? kcm_write_msgs+0x141d/0x15c0
[  253.888552][ T7210]  ? handle_bug+0x3e/0x70
[  253.892865][ T7210]  ? exc_invalid_op+0x1a/0x50
[  253.897550][ T7210]  ? asm_exc_invalid_op+0x1a/0x20
[  253.902562][ T7210]  ? kcm_write_msgs+0x987/0x15c0
[  253.907516][ T7210]  ? kcm_write_msgs+0x141c/0x15c0
[  253.912529][ T7210]  ? kcm_write_msgs+0x141d/0x15c0
[  253.917718][ T7210]  ? __pfx_kcm_write_msgs+0x10/0x10
[  253.924239][ T7210]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  253.929979][ T7210]  kcm_sendmsg+0x2330/0x29a0
[  253.934992][ T7210]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.940967][ T7210]  ? smack_socket_sendmsg+0x172/0x540
[  253.946370][ T7210]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  253.952077][ T7210]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  253.958530][ T7210]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  253.965316][ T7210]  ? try_to_wake_up+0x9a1/0x1470
[  253.970239][ T7210]  ? __pfx_kcm_sendmsg+0x10/0x10
[  253.975373][ T7210]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  253.980644][ T7210]  ? security_socket_sendmsg+0x87/0xb0
[  253.986117][ T7210]  ? __pfx_kcm_sendmsg+0x10/0x10
[  253.991040][ T7210]  __sock_sendmsg+0x221/0x270
[  253.995761][ T7210]  sock_write_iter+0x2dd/0x400
[  254.000515][ T7210]  ? __pfx_sock_write_iter+0x10/0x10
[  254.005813][ T7210]  ? bpf_lsm_file_permission+0x9/0x10
[  254.011170][ T7210]  ? security_file_permission+0x7f/0xa0
[  254.016743][ T7210]  vfs_write+0xa72/0xc90
[  254.020969][ T7210]  ? __pfx_sock_write_iter+0x10/0x10
[  254.026638][ T7210]  ? __pfx_vfs_write+0x10/0x10
[  254.031384][ T7210]  ? do_futex+0x392/0x560
[  254.035974][ T7210]  ksys_write+0x1a0/0x2c0
[  254.040291][ T7210]  ? __pfx_ksys_write+0x10/0x10
[  254.045147][ T7210]  ? do_syscall_64+0x100/0x230
[  254.049897][ T7210]  ? do_syscall_64+0xb6/0x230
[  254.054604][ T7210]  do_syscall_64+0xf3/0x230
[  254.059092][ T7210]  ? clear_bhb_loop+0x35/0x90
[  254.063789][ T7210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.069663][ T7210] RIP: 0033:0x7fea9c779e79
[  254.074083][ T7210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.093701][ T7210] RSP: 002b:00007fea9d5eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  254.102101][ T7210] RAX: ffffffffffffffda RBX: 00007fea9c916058 RCX: 00007fea9c779e79
[  254.110097][ T7210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  254.118073][ T7210] RBP: 00007fea9c7e793e R08: 0000000000000000 R09: 0000000000000000
[  254.126379][ T7210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.134656][ T7210] R13: 0000000000000000 R14: 00007fea9c916058 R15: 00007fffdd0af308
[  254.142623][ T7210]  </TASK>
[  254.146435][ T7210] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  254.153700][ T7210] CPU: 1 UID: 0 PID: 7210 Comm: syz.2.479 Not tainted 6.11.0-rc5-syzkaller #0
[  254.162526][ T7210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  254.172558][ T7210] Call Trace:
[  254.175819][ T7210]  <TASK>
[  254.178733][ T7210]  dump_stack_lvl+0x241/0x360
[  254.183390][ T7210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.188563][ T7210]  ? __pfx__printk+0x10/0x10
[  254.193139][ T7210]  ? vscnprintf+0x5d/0x90
[  254.197449][ T7210]  panic+0x349/0x860
[  254.201327][ T7210]  ? __warn+0x172/0x4e0
[  254.205496][ T7210]  ? __pfx_panic+0x10/0x10
[  254.209930][ T7210]  __warn+0x346/0x4e0
[  254.213896][ T7210]  ? kcm_write_msgs+0x141d/0x15c0
[  254.218905][ T7210]  report_bug+0x2b3/0x500
[  254.223217][ T7210]  ? kcm_write_msgs+0x141d/0x15c0
[  254.228229][ T7210]  handle_bug+0x3e/0x70
[  254.232471][ T7210]  exc_invalid_op+0x1a/0x50
[  254.236957][ T7210]  asm_exc_invalid_op+0x1a/0x20
[  254.241789][ T7210] RIP: 0010:kcm_write_msgs+0x141d/0x15c0
[  254.247405][ T7210] Code: d9 b6 c1 f6 4d 85 f6 74 60 e8 cf b6 c1 f6 48 8b 5c 24 30 48 89 df e8 42 9e ff ff eb 56 e8 bb b6 c1 f6 eb 4a e8 b4 b6 c1 f6 90 <0f> 0b 90 41 bd ea ff ff ff 49 bc 00 00 00 00 00 fc ff df eb 2f e8
[  254.266994][ T7210] RSP: 0018:ffffc90009aa76e0 EFLAGS: 00010287
[  254.273042][ T7210] RAX: ffffffff8ad1d6cc RBX: 0000000000000000 RCX: 0000000000040000
[  254.280994][ T7210] RDX: ffffc9000b01f000 RSI: 00000000000170cb RDI: 00000000000170cc
[  254.288946][ T7210] RBP: ffffc90009aa78d0 R08: ffffffff8ad1cc37 R09: 0000000000000000
[  254.296897][ T7210] R10: ffffc90009aa77e0 R11: fffff52001354f09 R12: 0000000000000140
[  254.304849][ T7210] R13: ffff88807a75b98c R14: ffff888067c18d42 R15: ffff888067c18c00
[  254.312804][ T7210]  ? kcm_write_msgs+0x987/0x15c0
[  254.317725][ T7210]  ? kcm_write_msgs+0x141c/0x15c0
[  254.322752][ T7210]  ? __pfx_kcm_write_msgs+0x10/0x10
[  254.327941][ T7210]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  254.333654][ T7210]  kcm_sendmsg+0x2330/0x29a0
[  254.338227][ T7210]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.344191][ T7210]  ? smack_socket_sendmsg+0x172/0x540
[  254.349548][ T7210]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  254.355251][ T7210]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  254.361652][ T7210]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  254.368415][ T7210]  ? try_to_wake_up+0x9a1/0x1470
[  254.373342][ T7210]  ? __pfx_kcm_sendmsg+0x10/0x10
[  254.378271][ T7210]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  254.383543][ T7210]  ? security_socket_sendmsg+0x87/0xb0
[  254.388986][ T7210]  ? __pfx_kcm_sendmsg+0x10/0x10
[  254.393903][ T7210]  __sock_sendmsg+0x221/0x270
[  254.398569][ T7210]  sock_write_iter+0x2dd/0x400
[  254.403319][ T7210]  ? __pfx_sock_write_iter+0x10/0x10
[  254.408595][ T7210]  ? bpf_lsm_file_permission+0x9/0x10
[  254.413968][ T7210]  ? security_file_permission+0x7f/0xa0
[  254.419502][ T7210]  vfs_write+0xa72/0xc90
[  254.423729][ T7210]  ? __pfx_sock_write_iter+0x10/0x10
[  254.429005][ T7210]  ? __pfx_vfs_write+0x10/0x10
[  254.433753][ T7210]  ? do_futex+0x392/0x560
[  254.438088][ T7210]  ksys_write+0x1a0/0x2c0
[  254.442400][ T7210]  ? __pfx_ksys_write+0x10/0x10
[  254.447230][ T7210]  ? do_syscall_64+0x100/0x230
[  254.451976][ T7210]  ? do_syscall_64+0xb6/0x230
[  254.456636][ T7210]  do_syscall_64+0xf3/0x230
[  254.461116][ T7210]  ? clear_bhb_loop+0x35/0x90
[  254.465775][ T7210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.471646][ T7210] RIP: 0033:0x7fea9c779e79
[  254.476048][ T7210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.495632][ T7210] RSP: 002b:00007fea9d5eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  254.504030][ T7210] RAX: ffffffffffffffda RBX: 00007fea9c916058 RCX: 00007fea9c779e79
[  254.511983][ T7210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  254.519933][ T7210] RBP: 00007fea9c7e793e R08: 0000000000000000 R09: 0000000000000000
[  254.527883][ T7210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.535838][ T7210] R13: 0000000000000000 R14: 00007fea9c916058 R15: 00007fffdd0af308
[  254.543802][ T7210]  </TASK>
[  254.547020][ T7210] Kernel Offset: disabled
[  254.551416][ T7210] Rebooting in 86400 seconds..