last executing test programs:

5m24.349913697s ago: executing program 3 (id=1387):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040)=0x3, 0x4)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000080))
ioctl$MEDIA_REQUEST_IOC_REINIT(r1, 0x7c81, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000200)={&(0x7f0000001000)={[{&(0x7f00000000c0)="f4b4429febc5f01130a296886f3c97a50ce9ce638b2793aa16ee154007c91cd6c9fa0ad2b1547896c5fca49c43c6fcf0ae33dec02570d0be2ba5be8066d287556f040254ec66cdf9389d7caa71f4cec84993d3fea0c08f5bfd1ed9a83cc2be666a170dc5308abbdaa08d491a", 0x6c, 0x2}, {&(0x7f0000000140)="3f070810a48ad494255eacb3876b1b3bb43f941812c143706865b966b614e626d794a2e5", 0x24, 0x3}, {&(0x7f0000000180)="fed42db41211870866d057c598d3cfdf810fb5ab27ff4ad28460ccc1a9e5a9d3ef4d162879c0a878f58aeeebfd488f430aa62eff0e25b36bc7fc74935f3f3a95afde3226c358ca1587dada9eebe17c9c8159e0ce81e4c3c93c0460ec42238a21207092e3d3114be29527", 0x6a}]}, 0x3}, 0x1)
add_key$fscrypt_v1(&(0x7f0000000240), &(0x7f0000000280)={'fscrypt:', @desc3}, &(0x7f00000002c0)={0x0, "b05808f4e90648ba2352dedc0044f948020da7e76110613a9e7995d4fb25902fde48dcb0c6e12e304800ead14e9103f826a4dc980aece9426d76068739f7a943", 0x22}, 0x48, 0xfffffffffffffff9)
ioctl$INCFS_IOC_FILL_BLOCKS(r1, 0x80106720, &(0x7f0000000700)={0x5, &(0x7f0000000640)=[{0xcb, 0x1000, &(0x7f0000002000)="a0c074aa6dd8512eecd74d86b47f0cea79d9087f2bc370af7684fb524123c6d6091cdd5b473b1dbb3150a2d5a32397d647ffd75f218505cc68b130847499364e4277833905816a55897b716ab715acf7f9b869a68f639ac587c029e07e791d0af83e079f32e6e77cb7c06b8f289d1225c821f71ddcec46c7a8f2dca9688aeaf0b287da11c4aa264ecc2eaf5c60df11cfa6f852b7eabc9c6ea5719c24a1ba79d6877c0899c58584b76815678f1f06c912969b1adc42687dbef121299c8bf351a4208366993fd3f91b7e6cf32e2fa9450c81dc1ca64d22e48aa0d6973fa2349abd2d4cd4a191f62b3cd991afcca1c03289444fc399212aec1afe314b08bd839677749fc48be64cfc0b56bdb4c8023444fc190692fcffdddd5382d93d1a80ed1d8995ebced648755644ae17458bae3e429f7f46df9cc2b1522a8062da5eaf43b0e1f191f39e0f3510ac9b8df0388d843ec123d69ce2e6b808d571c530b0fecf286e3b6a21cf5ff51aafacad97be8363f08624e9bf8e929250e550e4757ea1b0a578f620e790f0abcbc8d75e9d04a8b25d6f517e4983f66e7e159ce256291c0957065a94e450ff7affa715d471ab49552640d2fc0f67d8ff1a34959a3b2ae8ea1c50ed703a06bdbf05fe17d1f0ab814ebd8da9806fa9bccaf5198b1050c73f7b8cdb33715b27020f242d4be80e733ff8ddd8647dc3f61a33f896ee8e82ee7051183a7e2e550c54457dcaf6fe764551bf913d5ed6af25c585c591e052e344f7e07d21ace0e8c12c48ddc725d16a4112a692f9219fd7b718b6ec5dcbe80eeece22428a99fb913f8ed1dcd221108899f7821c0dde808791663ccca8f093d1f9d7cb1ede8197800aba37e7f5acbe4be5300bb9a14743ea4d93d0a59033a700d8e1493afaa3024506cab04d8236f2b918a23987ed78cd7f0815f578347907e2129ddf019fe6d5b74e0560c408910d4d0d3ec90051bfc33b73b39a3f87673eb4ef25675f1e7fd99b424dc07cd1f4012a64c7fa10e572e48d17f30487adf1f37b59366c3f6f1483923353e318c1483b6cb1a6504a33d3862846e39f7eca9fe70caf2db8ce65546c16887c9eea60ac551ea2f53964afd6990a9875d2036eec209a0138a263b1c0c46feff9bea043fed48012ee3decfffdc98635e411d27e9dbc110d76ad64bf46f64168ad44f2c5ef7bb5b0ae00ac87d95d95b2697becda046c18451d8df991aca20b6ddd62482366a45cd42d1cc738e5149480e7988b6acfead9cbd24d944e8d151a33c2e91553a87833ae1723e9b940829e07b71cdacee41050685c521a787f6c6b8e3e26a214c16a3f7097dca0247583b79d060d3635cdc2be4cdd66373cbce0939b68ce49ec34fefc375315ee84083e682ed49ea6ccb5697fcc146d73060559757ec3becd5e0b8ff7230c94db91ed5d0788a2d2f9b4a49e6489bafe57a4c7b8d728c0e346939f1093560553f9a06164d4ef8896d380fbe780068d128a521f109fc8587ad11a40ddcc1c50f6300c32306d2cb9eed82b534f9bc08d7b18207058f08945093e1e66ac2f50055386c83c09ed5c9ba6dae15472692502c73b2ab52f6ae9f7e745e2d97bb16905aecb57675cc8d1f3a2f4287549e854b5aa3d7418cdd5c0c8c560b03c3a2ceb726447b6ee64cd32e9af47e13cb76702d159ad83b5d2c22dd994effcde6daa48ea7860f8f906fdd2cb0acf92a89363173bb5bb22bcf68d72d4ed03e3f419a7ee5896087e7fa62d266b0d5f7c9435d7de818d1091864d4432de2120dcbf6f8221059b5bebd384628a733bf34665eea295020d33c266a5ac0ce967da8bc2f1aca352bb501668022b8ac2006aadd25300b8be6472797afda622af0467c781264c47019df7fc37ad2792cddf27c30ebb3602888f654590c464c110d2b02067bf004111d8aeeca7989fd429c3d3de05735c5d09d4b8db34529269fb8607863773145f5f677611c3bfc7dfbcfb553203747cea0b68608c1bd74bc19093e6f3fcf65bd691a2a93b3d9f03b9d29b43fe6d4d48a299d6238dad30cd7b76dc74365cf16715037de087e04a842ca8c56ff468f7b2c7d6e4090d9b0474da35132d35360467913303eda0365176740a6058d2cdcde5793bece595949ad9f010806107f5c7e3ee026a4651142555fc4fb9f005ed10d8de741f14da583f13a0b11550b5b0a55e3971a332a9451d42b2191f9ca84e803e890a89f70cf6fc9d94590bec9facce8b53cdace87ab7e22b7ac055d01d3100f260b574a4fc56ac2bea519a3d325206df4397642053a3974d06940a8654bfcb49bb3f687d75a47ec05fb8705672ee98ca61b103741a3f09421b00ce06026eb779a271e9b9962263881f598d15950fcf90cce03c7592bc890405b068bf394298b7e951a9c21a942e2849c211b9aaaa9d9e4ef61f9e5f979a8c692151bec9a8c6176adc3ea895b64a347c13eea8486f1a60b775a13b716a63d5677d293ca37e1e591c3c7177066e0c123f396b10940dfab957de83a3d4fa61ccc39f57619ebe5ccab447b0edfb23d7532f903eb5ce729758c356d5180de15511deab80a8f94814bc9aee2dc5ef9fd29017a01d0391c1f66e9620120877b2242209a2b88880d483ad0de0de3e6ec8fc140a9ce131908db322f7fc10607881b8379f2645e1a320f49be250ca2687f84fa3366d6f9549466b6f9b778f7fe678cf09835f231d28c6ee5088c5237cef17e62bf21f67968728bbff7b4068e5f0434af655fe8050245146d2185c45810557204b14d7608826f942d9c8c2ff9569b23303520c96efbf1d07fba722affbd3b22a0487ef28d8f63cbd2576d253506b557e2af0776920acbcec046c20d52e5749b52565fb631c399adaf5eabee6adb5a572c6e4da7d697ee1559c532e01115004c7dd43a0148dbe8f2672cd312837ce45a804fcf5ff331ec6255e2ea760e2b411553046f2d9b5defeb0a5f09edccdfb4016479b77f8efd15fa76faa8306a89d118c14328a04c07e48b872af77262f53941ef863c38ce71ea06692971710eab8b79559e8b577fb92487f2d0d8583736ca43b01bd550a17e4ca84f579246f9c75e21664628e4cc2caf752411e35ae9e33d14260eb48f085c7881a1cb4f0e4653c9c6f3548f03cb3a32a3089697c7d99249da427e01f5eb547f242fe19303f753ae87393bbc26309dd58e868acab97c93adcf4450455f62b47adb65f975f8be973cfdd9e837d8dff307c4cb9e5a99668eae14dbbd5ceba9d5fd151c44794810042e4cebb89f59427131c80a39373cd61a9eb9030fe955edd3684a7914f0bdabdee19792518ea9e48a23826ddd4d0e2d24c17e7bdad702e7c34fd57cde26216e33c0852558106888cfdcb18ff4e2e26dba2ffde50b48aeca27eda126cb9606521532ae74d89a2795b59b6f929e96c2f1ecc0dc87404685d7043a6051a1c3a4a72133f3553a2da589cd9da381b168c2de64f9a0420061a17cc974ea55f22fd731d6630e54cfdcd7a80137bab1218c4505ce6f5d40f5c8dd1dfd397c612da34a304927340da944fb5a7fcb361de75a9b025ee0af1f6f2dee08bd0cca9702ed02786e02007e7646ceb7e5402ad319f00457c2dbdc5339d03ceb250764f65152a2a9cc00b2c62923656e197a1ab1986462aebb276e720c820e553451a1727c5426ea013d3ef1820276d551af3aa1d63a25c45136c436a9d810b4a048f3d93fea9fe391b023c4db8118d67170ef3418cc810cb88aece362ffe6f076e52686c2d4f3f77df69dc22f0c817aa32a54ddf9ee2983467fb2ee34289d597217f1428d1494fe330213d0f66dd1e3c6ef44cf6b8f90846b22986d0cb9aca29fb804ae39e1c34caf8dbae37aa0ada95154fc054d7482dc6b1842949108ab49921790d432929af08147c4fbcc4d388632853c5d4985da80fa9cd75fe309f67997180a8da02e4452507046e53853fa1aa83230ec8a6dc6f5b572381f32f55f2b3066e1e6121846582199df20d23d9b771dc81ffb9e293c44e3965320d81f0eb9ed3da9fc44ac5bc64d32609a2e22b29c2ac2d83c4d35d0ca87d0818f46d1653b502d053417def8ccf15f00bc7e82a803bc65148223c9412e91a69bd121b72aeec3968d23ad50dc852b0576a572cc4258323eef5fbdffbb1e862709adbb74fa54e2ed9369ceb789f864ee12047cee0d278d0485de8f8b41b9bfb17dfeb7f955a523ac5c12e59cedc444e047e07d65427c7f5137f9811c5f7d6c9d72c62c196ad597027bc7ab53d6a80f198d2b3eb89e50e4f1aa3f6af59487c16dcf054252144cc0a2d6de20fe3cfbb4ede2017d8893b4073aa9cbe6730cb94c00c24756e9c0b38f8288330c519fad68b3d707fc0a9d5052fb281372672e14c77edac4f9bf4b98a09a294d9ed859756c27a40c75c3798e75134b8156efaebab6ec51cfc80c2b6fa8f559eb195fae3ecc985ef7d605994a7b8af02f341c26cba8ddb23a8cbb6ddd1b116b75e4d6731d3f447cb4f487254468ee482598100f97bc99777327711176b9e3b16bb3e4d9cc4bb5288bb0225a4c042d9f69a3e47beb2f3924bbdc8d92bd7070edc5b92f7ee379e386597fc0dfc71612d074ef7699a65f31c3bae05455b951a5d7fade8513dd740a5f91d2bd941dfffbd075b5c4d72d17c207c153cc121078d63427440fe3d789d54ec5631445eb3c1562425db172982e4d5aeecb1a3b336c0bd8e3adb9bfac3706f44cf8049312188b97d5a78f2e0ab5bb58780097542f77f3df5ab61d67bf5c8c6aa70232357e1ddce772c379695402337787166c3d00968fa0fbbf9b320f3b0dc18a13b226d391e9d1d448e04563b104a781fd2530d9b16d6112477a744855780e847828227b952b1cf99f111b56a3826544d40341127202ea9cc1e3e64cca1d2395a5da1d4c49821ffe9194af619cdd447f6d256daa790951a738acb17d4a3ff5933e84915f228503019f0a5e109a05b4a810aaaf936da3368dd5bc0bc4abc5e7467722bc97f840f585fa8993a9f47db80b06cd12870b83659f2d4fcd4c0b39d674af60f3af150eb4c3b285c9a38907d406beb8c96987983857df4b85c788763dc8440d96aa84a4056a000d372c49b9cd206662da3a14845333298e373d1442d68730aef8391112234a504a95291d1b81acf9267f0620f4bb1860f0651e31f444e50faa10444b404b976ebc448e0ffd552873d475a6662a1cde35e88dae27980c939c8a8583c4e970e379658f3bc7304cf843b3b0c305ce68abd1f896877e478edb184d81c635cd94317c70ae9d391beceba1d149b631937d394e4fc37bf9ebd51a75067fd925793885b36f685a4afc7a724eac51ac708dfae7e802178d5506bab93f35ef1881a5c8ce9dd543b86e23490eb798a9667ba9acb96ac445df6f2d09783d611916a49afd0983a93afc852ff5b2f2321e642ff2c46df3316943870f5143c78e8fef7c680d17ce78f1e5095c211e2ca9b6e8406caed3ef23daab26995b9fddfa70ca25e4fa190800ab5eff2c042a5352bf611f5539774a34121f0e6be0f4c13f11ab1b833708d9d398936b9cd3000f3aed8c502423f9512e688b95044a4d2d16f68e31fdffc46d53e3435970000d3ae0a9fd77943426f0d114dbc831d75f2a7931ceaffd313c253b4c98baf5de9547555e2845d6c943dcbe8fd99afaa5f0adc8a4eb901377c62993a38470a17dc24fb5e02136968b7ff037b7cdc25970e29a6117f6d78d779a090368cb0fca5b9ecc7048611b6c329ab284121dd581c8fee8c4d4e2f89ba84e5e1a35e2bca39c769d9b0b821ff63235a63516753c7", 0x1}, {0x9, 0x34, &(0x7f0000000340)="94bb771fe7721ed82b2f5d2c3ca4dadbae092a830e931bf2945e2996d72cddf28eea4526ce0717c5d8b842758c54cb688d590a39", 0x0, 0x1}, {0x1a7, 0xaa, &(0x7f0000000380)="8a94343eb16546fab21099955270d95e57220558e3406884aa2456224a0aff7411b0295311942949107963ff730ac2329cb0faaee8471960a31f749ded075a98f52b35b15923c9a498e8d0fdade4f67999968917e37f0114c9fd6f01329d5137f0b05acf1adaeb731cb1c7d451a4cc539a50ab78a04d58f637f0e1f41c4a65b342dc5403949829f8ae7029ea573ec4e368e2eafadbf0b61114b39b27d7ac0228b167665c4e68e11863fc", 0x1}, {0x9, 0xf6, &(0x7f0000000440)="161a6fcf1d0a93001bee41aec658fde971a0404e6a7ed8fa3934b8193a81782abc103ff4a30da5fbd58d60f5d6da3522d0c3256e1b375f726074a9507c083c1d1d67e8892e5a9ab21c724321c2d66576eba88263a2e3d7a2501405bb99f4644a47d3ab781d0c48e35dedf397d57d133713b90f1f29b20c177000cae4929fde390239a6a4a836b843910491238c893b508add84ea00f97549ae5fa63ef75d52db51b601fda193ce3f9bd9c9acf5658acd194113d4030db91b0f8f5715f0191fa9b4b1c8a700af6c2b1494ede8ae5fa5b2ba0d56e7c4de819d42af67c5e74cf3845dcd133fcd93a667c54e7f37a6d9b3abc45efb31b436", 0x0, 0x1}, {0x5a, 0xd3, &(0x7f0000000540)="eaac786c87c2d4cdc51bae2999762f890178f367e13ffce4aee616592c156f04eab1fc5e64417ca35683d89f2d81f15bd4848f1145d77a3861ed098a8e48ccf08171c49704b3ce6f8fe4c99a2d02676da9454db87aa5d6f69a0ba61fa14b1502afcd807132f83dce3ff851fd2f87b1273b77bc16896e015b05c5feff36ed31c9d1ef28423f70e76a47c65c44df591853ff40d39351f4ca03edbdb1077fc3ab83097eed100c84f10f6275e70971d700eaf144f4bd0914790fae233b8b1ed3771e6a4463a1eb3f392a980db325d26a324c1c26c3"}]})
ioctl$VT_ACTIVATE(r1, 0x5606, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0)
r2 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000740)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x9c, &(0x7f00000007c0)={[{0x95, 0x4e00, "2419b9e0b90cbda610ca74fe297165557c87ff0b37ab55d7d16e98f0f8d7e6d4abd84e1a539057f1aab04b30a9a2c33be1de7a27efdd35490aeba25e1f0f0036f983f1559cc486aa5499b7379668899886fc7fd2a2c0673a4bf48a1f23103be48699acb470688b4f3846a13c2cacfdc8d8b2ed64a4242bc9eb6d1b6e4da32a469978be48ad0488aeafe57339f3ca707283f556285a"}]})
sendfile(r0, r1, &(0x7f0000000880)=0x8000000000000001, 0xfffffffffffffffb)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f00000008c0)=0x8, 0x4)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x1b8, &(0x7f0000000900)={[{0xd2, 0x4e00, "b358ce092276de21b7e60abe3c5e8ca2ab43fb57b7a6830c7a3100e8e167359255591d8a0485c817bb892764c388bbf32f9a94a73c0636919498a9d7c905747cefeb66197a5c25b8830cc718856bc7cbfdf78e537fc7b315bc426f4cfebb0823ea103b2b97609d3553e27e28ceff55b6eddc6482818b55621ea0c61d414f4c4a0e4bc818320abc79a28146c62262e034d4ed0fe6c097e07cff683b7bb750a77e947709fa240dc13842eada2857c6eb64ef66c7929801318dda1d89679c051135537ab5e75ece15eede9d2c8db73ce95249dc"}, {0xdb, 0x4e00, "a79d0fbd2afe9a2c1ef44c94b5e15fbf654b1a548fb6a0e7cf2934a9334fe6d7a65a5b04f5c1fa94e22d7722666948e79ab17eb6ad4db81bf66539881792b1e75c21b6b1b508dad5c22a1c3da92a07a7dac024701d87b6f1f844dc1c9bc7301d75f6cabdd4c59da17472abf77f4d6e0cc5a74b9a3380d7e301621228a2c25598659783e835b80ed61b4b931fc65b39ea272d9ba71e48d1fb30da10649fe2468258d5527a68521b39ca801a1c47875f4fa983c8d81bdc4a22de0c768fb07859f92955a0e0925c61ffd2e009f1fe48eb395826ec5d03ff7372260d28"}]})
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r1, 0x29, 0x37, &(0x7f0000000ac0)={0x6, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x6}, @hao={0xc9, 0x10, @private0}, @ra={0x5, 0x2, 0xfff7}]}, 0x28)
socket$isdn(0x22, 0x3, 0x2)
r3 = syz_open_dev$evdev(&(0x7f0000000b00), 0xffffffffffffad04, 0x101002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x26, &(0x7f0000000b40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ldst={0x1, 0x0, 0x2, 0xa, 0x4, 0x10c, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3c0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0xb}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xe}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @alu={0x7, 0x0, 0xb, 0x9, 0x8, 0x18, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000c80)='GPL\x00', 0x8, 0xa6, &(0x7f0000000cc0)=""/166, 0x40f00, 0x2e, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000d80)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000dc0)={0x0, 0x5, 0x8, 0x1ff}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000e00)=[r3, r0, r1], &(0x7f0000000e40)=[{0x5, 0x5, 0xd, 0x2}, {0x0, 0x4, 0x6, 0xb}], 0x10, 0x80000000, @void, @value}, 0x94)
r4 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000f40), 0x2, 0x0)
ioctl$VIDIOC_S_EDID(r4, 0xc0285629, &(0x7f0000000fc0)={0x0, 0x8001, 0x2, '\x00', &(0x7f0000000f80)=0x24})
iopl(0x8)
ioctl$EVIOCSCLOCKID(r3, 0x400445a0, &(0x7f0000003880)=0x2)
r5 = openat2(r1, &(0x7f00000038c0)='./file0\x00', &(0x7f0000003900)={0xa0800, 0x80, 0x35}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000003a80)=@security={'security\x00', 0xe, 0x4, 0x320, 0xffffffff, 0x0, 0x188, 0xb8, 0xffffffff, 0xffffffff, 0x288, 0x288, 0x288, 0xffffffff, 0x4, &(0x7f0000003a40), {[{{@ip={@multicast1, @local, 0xffffffff, 0x0, 'veth1_to_bridge\x00', 'team_slave_1\x00', {}, {0xff}, 0x89, 0x4, 0x8}, 0x0, 0x90, 0xb8, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x4}}}, {{@ip={@remote, @loopback, 0xff, 0xffffffff, 'veth1\x00', 'pimreg1\x00', {}, {0xff}, 0x11, 0x1, 0x4e}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @remote, 0x9, 0x6, [0xe, 0x30, 0x16, 0xe, 0x3c, 0x9, 0x33, 0xe, 0x3, 0x1b, 0xd, 0x1e, 0x26, 0x3, 0x25, 0x3c], 0x2, 0x1, 0x4}}}, {{@ip={@local, @dev={0xac, 0x14, 0x14, 0x2b}, 0xff, 0xff, 'macvlan1\x00', 'bridge_slave_1\x00', {0xff}, {}, 0x2f, 0xd5022c0d22e8e326}, 0x0, 0xc0, 0x100, 0x0, {}, [@common=@inet=@dscp={{0x28}, {0x10, 0x1}}, @common=@icmp={{0x28}, {0x3, "b032", 0x1}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x1, 0x3d, "151804bec38c87d5dc11b1050a897ca5a020677c86572c5c254c7fe4421c"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x380)
syz_usb_ep_write(r2, 0xe4, 0xd4, &(0x7f0000003e00)="80c5ed42a2aa8a754cb06a82b3e7aba70583c9b87ea9a33f98cc0363a2ad53b7650bb093986e4ea767142a65242387888c44cb2b35687950339afa16d253fef4d48449cda984b2315acf6d7e6785b404792ce858a3a8b65fb40c3528c550b1f3e6df19128572ece90c4a404136701b9602fbccc3a68e7c5e6e9ab87f83f211ccd1e113f840df76529d5b9da8f598131aeaf8bd44cbab7aeda2ab5d1f28aa211898b4deee57bf34a6766d6bd4f07ab0ab61db4f6edddd5990c7961e8735ec421ab95fb3896e1c10196ba296418e74c2db50f57f55")
mount_setattr(0xffffffffffffffff, &(0x7f0000003f00)='./file0\x00', 0x100, &(0x7f0000003f40)={0x3, 0x8, 0x80000, {r0}}, 0x20)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000003f80)={{<r6=>0x0, 0x680, 0x1, 0xbe29, 0x7, 0x81, 0x1, 0xc0, 0x6, 0xffff, 0x10000, 0x7, 0x200, 0xfffffffffffffffd, 0x4}, 0x30, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r5, 0xc0709411, &(0x7f0000004040)={{r6, 0x5, 0x4, 0x9, 0x6, 0x5, 0x5, 0xa632, 0xe, 0x80000001, 0x9, 0x4, 0x100000001, 0x7, 0x5}, 0x50, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

5m20.28664111s ago: executing program 3 (id=1399):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
r2 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
read$msr(r3, &(0x7f000001b000)=""/102400, 0x19000)
rseq(0x0, 0x0, 0x0, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x106f)
r6 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip6_flowlabel\x00')
read$FUSE(r6, &(0x7f0000006440)={0x2020}, 0x27)
preadv(r6, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x114a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0xfffffffffffffecf, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x60, 0x0, 0x0, r8, {0x0, 0xf}, {0xffff, 0xffff}, {0x9}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000800)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
r9 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, 0x0)
sendto$packet(r9, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @random="b6ca7038c7e8"}, 0x14)
openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/access2\x00', 0x2, 0x0)

5m14.248113004s ago: executing program 3 (id=1413):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
syz_usb_connect(0x1, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x46, 0x36, 0x56, 0x8, 0x4b4, 0x8613, 0x958f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xd1, 0x6e, 0xa5}}]}}]}}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050014000900010073797a3000000000400000001b0a01030000000000000000050080000900010073797a3000000000090003"], 0x9c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xfff7fffffffffff5}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
migrate_pages(0x0, 0x8, &(0x7f0000000100)=0x7cd, &(0x7f0000000180)=0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{}, {@in6=@loopback, 0x0, 0x33}, @in=@local, {}, {0x400000000000000}, {}, 0x0, 0x0, 0x2, 0x1, 0x0, 0x60}, [@algo_auth={0x48, 0x1, {{'digest_null\x00'}}}]}, 0x138}}, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000080)=0x7f)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r8, &(0x7f0000000580)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0x5}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000340)="f2", 0x1}], 0x1}}], 0x1, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache'])

5m7.856376823s ago: executing program 3 (id=1426):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000480)='./file0\x00', 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000a80)={0x1, 0x0, 0x0, 0x0, 'syz0\x00'})
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0xc1105511, &(0x7f00000007c0)={0x1, 0x0, 0x0, 0x0, 'syz0\x00'})
syz_usb_connect(0x0, 0x2c, &(0x7f0000000940)={{0x12, 0x1, 0x110, 0x7, 0xdb, 0xe2, 0x8, 0xb48, 0x2003, 0xd41b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x49, 0x2, 0x5, 0x9, 0x30, 0x2, [{{0x9, 0x4, 0x23, 0xa, 0x2, 0x2e, 0xb9, 0x69, 0x0, [@uac_control={{0xa, 0x24, 0x1, 0x6, 0x52}, [@mixer_unit={0x5, 0x24, 0x4, 0x4, 0x9}, @selector_unit={0x7, 0x24, 0x5, 0x1, 0xc3, "451d"}, @extension_unit={0x7, 0x24, 0x8, 0x3, 0xd9c, 0x8}]}], [{{0x9, 0x5, 0xa, 0x10, 0x8, 0x0, 0x8, 0xf8}}, {{0x9, 0x5, 0x5, 0x3, 0x200, 0x40, 0xbf, 0x8}}]}}, {{0x9, 0x4, 0x4, 0xc0, 0x0, 0xe6, 0x63, 0xe8, 0x80}}]}}]}}, 0x0)
r2 = openat$smackfs_netlabel(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='mpol=default='])
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = gettid()
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r3, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r5], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
write$smackfs_netlabel(r2, 0x0, 0x57)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x8}, 0x18)

5m0.443904538s ago: executing program 3 (id=1443):
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22000d0, 0x0)
r0 = syz_io_uring_setup(0xa0, &(0x7f0000000640)={0x0, 0x105cc6, 0x400, 0xfffffffc, 0x207}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000080)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

4m59.480718158s ago: executing program 3 (id=1445):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$unix(0x1, 0x2, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000940), 0x0, 0x101000)
ioctl$CEC_ADAP_G_CAPS(r2, 0xc04c6100, &(0x7f0000000980))
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x897, 0x0, 0x0, &(0x7f0000000280))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
munmap(&(0x7f000093a000/0x3000)=nil, 0x3000)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
r4 = openat$nvme_fabrics(0xffffff9c, 0x0, 0x20a83, 0x0)
connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x8080)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

4m57.801636432s ago: executing program 32 (id=1445):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$unix(0x1, 0x2, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000940), 0x0, 0x101000)
ioctl$CEC_ADAP_G_CAPS(r2, 0xc04c6100, &(0x7f0000000980))
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x897, 0x0, 0x0, &(0x7f0000000280))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
munmap(&(0x7f000093a000/0x3000)=nil, 0x3000)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
r4 = openat$nvme_fabrics(0xffffff9c, 0x0, 0x20a83, 0x0)
connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x8080)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2m44.921215796s ago: executing program 2 (id=1766):
gettid()
timer_create(0x0, &(0x7f0000001100)={0x0, 0x21, 0x1, @thr={&(0x7f0000000500)="e81035c0717831dbb46e9b88443469d4e1c32a044fff0cfc502f46b1ad3db291ef21fe8318c9d8820621cdbf13ccbd981b995273f810ca0c37d8f4f8edcab855903e16eef7db3435551d39c1e80e163bce", &(0x7f0000000580)="c3351288d2add045264e33209f371754211d986e307067f82d56e85f4fec5ae748e814910e000a89360625e2b22d82a24518bacf7722c734ba39f489652ebfadb94e1ecefee4206631f1087c8f0f411404e08f324ea67c50c6b350840190003541c7188d3530257934874d07391ebe76467a94576e4dae70784ea54f4390ff959603f88105e7388eb58c618f03096556f80ad71b345b4153dc840c33ae0a885c86f1c7206274334c112894c2ff3a63eeea243c17cceea33fc9de503e382e1105aaee0c05873188e265b302d56e07e9d11c78d7905b69a948e4d6170df1e46a9db57435cc2fc1e58e8f33234a0ac94b"}}, &(0x7f0000bbdffc))
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mkdir(&(0x7f0000005740)='./file0\x00', 0x3b)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000300)=""/132, 0x84)
lseek(0xffffffffffffffff, 0x1, 0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='cramfs\x00', 0x8000, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x44080)

2m43.855003231s ago: executing program 2 (id=1770):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x41, 0x3f, 0x5f, 0x20, 0x61d, 0xc150, 0xce6f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x1, 0x18, 0x70, 0xfd, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x4}}]}}]}}]}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000540)=0x401, 0x4)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100003f7a7e40720c860097220102010104"], 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x2000c090, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x4020744f, &(0x7f00000003c0)=0xc446806)
write$binfmt_aout(r4, &(0x7f0000000280)=ANY=[], 0xfce1)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000e40)={0x2c, &(0x7f0000000d00)={0x0, 0x7, 0x16, {0x16, 0x1, "5cd361119508687c0df6f679aa34272ba5ce66be"}}, &(0x7f0000000d40)={0x0, 0x3, 0x9, @string={0x9, 0x3, "0228b8b7ae0fad"}}, &(0x7f0000000d80)={0x0, 0xf, 0x27, {0x5, 0xf, 0x27, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x2, 0x0, 0xb, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x0, 0x9, 0xfffa}, @ss_container_id={0x14, 0x10, 0x4, 0x4, "dd02eeb45475333ca89ad86166bf38a9"}]}}, &(0x7f0000000dc0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9, 0x18, 0xf3, 0x4, "3c5adc7f", "9f8f67ee"}}, &(0x7f0000000e00)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x8, 0x4, 0x7f, 0x0, 0x6, 0xfafb, 0x5}}}, &(0x7f0000001300)={0x84, &(0x7f0000000840)=ANY=[@ANYBLOB="00038b000000d03a7f6b86057d9b7f4bd3ae6271821bb9af167f94fbc18f4084dc179d4eb051553c04f2265b64512821e9f27d55aa44b3e0052f99bb3fd3fb8a27c3086f884cebb79eea6d823c5fdb7ab2af21e50d31a3ed54d4877896d66f14a62576d4cf8c433e7e1019c8781d2c7be6d9155cc59ebe68852625eb38ed43baca0a8d578ae8e6f846eea800"/151], &(0x7f0000000f40)={0x0, 0xa, 0x1, 0xe5}, &(0x7f0000000f80)={0x0, 0x8, 0x1}, &(0x7f0000000fc0)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000001000)={0x20, 0x0, 0x4, {0x80, 0x2}}, &(0x7f0000001040)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000001080)={0x40, 0x9, 0x1, 0x9}, &(0x7f00000010c0)={0x40, 0xb, 0x2, '8B'}, &(0x7f0000001100)={0x40, 0xf, 0x2, 0x7fff}, 0x0, &(0x7f0000001180)={0x40, 0x17, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, &(0x7f00000011c0)={0x40, 0x19, 0x2, "e33d"}, &(0x7f0000001200)={0x40, 0x1a, 0x2, 0x2}, 0x0, &(0x7f0000001280)={0x40, 0x1e, 0x1, 0x7}, &(0x7f00000012c0)={0x40, 0x21, 0x1, 0x7}})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x1}, 0x6)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000000)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b"])
getpid()
syz_usb_control_io(r2, &(0x7f0000000240)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="400138000000381c168f68f834aeb5f5d389f361b8622d0af5253be5d85a1e2b56e7f2d06581e851ca9e2699d2b96b106eb9cb8bcd014539000000000000"], &(0x7f0000000580)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x416}}, &(0x7f0000000980)={0x0, 0xf, 0x183, {0x5, 0xf, 0x183, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x1a, 0xa, 0x5, 0x6}, @generic={0x103, 0x10, 0x2, "e27c674fb55e1159a0cc0075eeaa21d92f779219793c73f2e28665fa9b2dcc5c7c5264bf2fa9fdcf45d19975f09f17cc53c581d97dc5b6b4456d4c312c5d7f1a02271d2247694588b4b2c673ec75c6d1c7969cbef1a19ba2a18dda4d750a3dcfdcfcf31ffaae6245b07f415be6531001df0088d13e54b95e452153ba928bdb790a7a08dda3de36056beaa483d9b323cd661a458e82867b18dedd4ebd53402443b272516ccd8c71196966dba401da5454364508e4dff4664c2b008d4c0db4f03cdde6e09271a645c924feaaa8ede1e2fa955c74fed31401000000dca6b712fe21638213269fc7da9c6500916146327b101747cc486fb45042c978ded0dc8da900"}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0xa, 0xc, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0x5, 0x7, 0x2}, @ptm_cap={0x3}, @generic={0x60, 0x10, 0xb, "f29e081502bf12740f502d26621856224c923b5d86edb669a1ed91da5ce03e55c59e0a394342fe39eda0c4c8be9e06bad9cebd1e1d38a02aff727d9ff6e0684cdd612c7e0ba71b3106defb77f5a342010c064a632de2efab814ac84f0d"}]}}, &(0x7f00000000c0)={0x20, 0x29, 0xffffffffffffff38, {0xf, 0x29, 0x5a, 0x10, 0x80, 0x11, "cb9617be", "bc9011b9"}}, &(0x7f0000000100)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x7, 0x2, 0x2, 0x7, 0x6, 0x8a0, 0x2}}}, &(0x7f0000000700)={0x84, &(0x7f0000000280)={0x40, 0xf, 0x7b, "f9f617262ccacc6756fd4b80a807a7a312352926193f7d6168124801faaffac3b12bfd25184f0210e449799104ad2f88150ce38b51850df9984351e3364ef716eb7ba98f464fa2b2f54f173ed7927242e9c8f866a386a0ae58be159bfadb920e4029ef8f0ddb7afc08d6bf3cbd1ee8f5c974ccda92f6ae54aaa61a"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0xf}, &(0x7f00000003c0)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000400)={0x20, 0x0, 0x8, {0xc0, 0x2, [0x0]}}, &(0x7f0000000440)={0x40, 0x7, 0x2, 0x9}, &(0x7f0000000480)={0x40, 0x9, 0x1, 0xf7}, &(0x7f00000004c0)={0x40, 0xb, 0x2}, &(0x7f0000000500)={0x40, 0xf, 0x2}, &(0x7f0000000540)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000800)={0x40, 0x17, 0x6, @broadcast}, &(0x7f00000005c0)={0x40, 0x19, 0x2, "ec60"}, &(0x7f0000000600)={0x40, 0x1a, 0x2, 0xff}, &(0x7f0000000640)={0x40, 0x1c, 0x1, 0x4}, &(0x7f00000007c0)={0x40, 0x1e, 0x1, 0x6}, &(0x7f00000006c0)={0x40, 0x21, 0x7, 0x2}})

2m39.100539008s ago: executing program 2 (id=1784):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
socket(0x1e, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0x20002078)

2m37.056206426s ago: executing program 2 (id=1785):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x1c, 0xf, &(0x7f00000011c0)=ANY=[@ANYBLOB="180000005e000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000008b7000000000000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0xe, &(0x7f0000000100)=""/14, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)

2m35.718749704s ago: executing program 2 (id=1788):
inotify_init1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe2(&(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84080)
getsockname$packet(r3, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
ioctl$SIOCAX25CTLCON(r4, 0x89e8, &(0x7f0000000040)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x5, 0x5, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r6=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r6}, 0x14)

2m34.641940444s ago: executing program 2 (id=1792):
r0 = syz_open_dev$ndb(&(0x7f0000000500), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x80000000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x582)

2m17.679148988s ago: executing program 33 (id=1792):
r0 = syz_open_dev$ndb(&(0x7f0000000500), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x80000000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x582)

1m55.126908039s ago: executing program 5 (id=1903):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00"/13], 0x48)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000a, 0x13, r0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)

1m54.656709745s ago: executing program 5 (id=1907):
mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140), 0x3200841, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e725f626c6f636b733d742c00160ca6bbfbd9b5d23e247b3654274e3ffafd579b415b3fb09c69679b7301910c7bf5bf20eb1392ff25e2c4d278be5d0363ea3826a6cbc205cf87ad06db1a601a749554c413e0997a880c3975f121ff962c663f89fe4f4a"])
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setrlimit(0x4, &(0x7f0000000100)={0xffff, 0x7})
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
open$dir(0x0, 0x40000, 0x10a)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, r2, 0x1, 0x70bd2c, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004859}, 0x4000)

1m53.368763648s ago: executing program 5 (id=1910):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000000)={0x0})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, 0xffffffffffffffff, 0x0)
chdir(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_submit(0x0, 0x0, &(0x7f0000000440))
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r2, 0x701}, 0x14}, 0x1, 0x2403}, 0x0)

1m43.497169697s ago: executing program 5 (id=1935):
socket$netlink(0x10, 0x3, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$inet6_icmp(0xa, 0x2, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000340)={0x1, @pix_mp={0x0, 0x0, 0x34324258, 0x0, 0x0, [{}, {0x1}, {}, {0xfffffffe}]}})
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xd)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
bind$tipc(r3, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x0, 0x0, &(0x7f0000000b80)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r6, 0x29, 0x11, &(0x7f0000000040)=0x5, 0x4)

1m40.321016528s ago: executing program 5 (id=1942):
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x5}, {0x1, [{0xc9, 0x8001}]}}}, 0x8)
sched_setscheduler(0x0, 0x1, 0x0)

1m38.332017223s ago: executing program 5 (id=1945):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000000)={0x0})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, 0xffffffffffffffff, 0x0)
chdir(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_submit(0x0, 0x0, &(0x7f0000000440))
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r2, 0x701}, 0x14}, 0x1, 0x2403}, 0x0)

1m23.228566301s ago: executing program 34 (id=1945):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000000)={0x0})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, 0xffffffffffffffff, 0x0)
chdir(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_submit(0x0, 0x0, &(0x7f0000000440))
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r2, 0x701}, 0x14}, 0x1, 0x2403}, 0x0)

23.622229441s ago: executing program 0 (id=2116):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
listen(r1, 0xfffffffd)
r3 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001000), 0x581, 0x40000000, 0x0)
keyctl$reject(0x13, 0x0, 0x80000000, 0x1856, 0x0)
syz_create_resource$binfmt(0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x10, 0x2, 0xff, 0x5a, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x22, 0x20}, 0xe)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r5 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, r5, 0x0, 0x7, 'syz1\x00', 0x0})
sched_setattr(r5, &(0x7f0000000100)={0x38, 0x3, 0x10000004, 0x9, 0x9, 0x4, 0x5, 0x7, 0x7f, 0x40}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000080)="a0ba0041e10b8d60ba44709ef438b323df357759", 0x14}, {&(0x7f00000000c0)="3f4d1d6c8eed634643f06a52a9365ee5a0937e7b02ceda6a2e7ee6438b5dbb", 0x1f}, {0x0}, {&(0x7f0000000200)="5681c9635e158b8bd54a4b4e400b3fd9e6eb5676b61b9c6aeb389f7994947ad225c93a4186e2c76551cf7fd7c08ab8b3cac862261da810e4adea397eb9b96fc541e530bfe0669a3064490aa3df4ca0d7bd24910f1f18ef1242a2650d12d71a8d69d51831d4e8d2fec6ef543bd753caf7aa944b9e769fa5cd302994ac50ced144d25eb6e5930a2e9c7da6dc673693e93fea023192ed702c6d522888c9934545afbcb2880fc37f633a4e5663da8db4dbc647f71ce185404009cb96529da69390dcdb07", 0xc2}, {&(0x7f0000000300)="33df77a45eaf94603464522cbe310d1ae65feffaaf0b0191d058cd3bf8100203fe51ebb6aeb1b23f4ce875f2f3b586e57568b58ecca298e798defa7dbb7201b65c29b584db6f2c87b8658cd085530ec615dfa93f3ac51e2c6a4d314f0ffbcbda451e3b27f94ab8a4805a91618b2c85cf7a0f3f1a429817e6ed554b741a6cb132d722c1d76e0da04fa1c99b49246a2c16d273c3ee225a37f495660656653f6d413bf6d5478be277d2c7cd38c42c8971a14a9b95850c355481459546071930377ae58cfba9119d0de9d2641ab61f868d73042f13168100d59964afc7086c057c2768f77334f01ed90b4c00492f0e24628b60476457d15f7704b2ca167002fe0cd0b593738a6792d0b2464e901ebc13dabf89785015999763b83f69dcacf7f8514c6704cb7de8135144813aaa777256f6a2977ccdee84891ce0be332b0150afc9023b1adfe124b8ff4457638c58cef734ace225fa7ef0e377b5c257ad2381ee16c27e88a08c078ed95f8a08d8472c9d9e8098b68d25b4bf906b305f23c06f420493ab8cd8f31ff6489648b139d0e6243eb0cd9de5515a530ffc4f641f1d1387c842a15e480e3a709a42336f4df2acdbf589dea5e20de704770c4d9af302ff6e105468afec6404e3f5df3af95f0e6a404ee08ac93ae6e38f56c65998a6ffe7df67f30d34935c2025e022393c6dec997b2595177b3a169afe30b125da691e473ff84a5e5f0e54ab0d36cacfa974aabba075ab7682c39c1f13e29e838b20efd4a2a6e4ee26f5f6f200cdf6a27e54dedd8ae5c278d556f306b2a6978a31f75cff821a7506d1cb23525e16d0bc847a231d3135094345e57533c25e93d5343e94a42dc6678c59ca592e8543ac1a15836c558e08fc216d834f970820a9b85744d1582ea19cd2836c3cd767fedc53a6521776f6287afc601ba596b7dde175422ff543e8da9bda8222c1c087dbc862dc34a471224ede214b9d83d3589c059065be5ded78b63aa71acddb57a0a9f766defc7e2e843d8a64a8c92efd1cc9e334856d7a7a1c7226034ba0a8f384dff88ff4e2ca6a13f63a66d123b5b7581976894093d22b07bd618becc3c5f812d0f87e5d9e96a8b9e042e5f3e41a89ff8e7c6015b18edbf31b5a38712cd53a2cfdb5039d4140766215aa13013c77f7c79a32a66986c0e45ab14eb9ec0a4712e0bdf397d4610581610d7abd6b299d82c963c99bd2f57d212902ea9db6cf4c080374a5e16653fba77eed4fe0dc6f63f0913d8216f6c17b64a7db7001ecea6c62e94da1e462cfb6284ed13819a072f0c5f348bc0f7ea7a2c73ff96395db41405d95fc3544029afdec7795bcc1d50112a4383c9d1f1000b59387e4cc67c2d7a511adb8270e69acebfb8cf94ef03540829ae70bda578a9e6cc13318e9173d9be92546b312956e56539eb9cc3fc4e89cfafc03802f5caf12f65133559898afdf5d25529b4ce5d6333fae21919c076ef9aaca6f1e1d93715f9d04b80e49f2d258e9fe7fdfc875c0231bce29d4a52372580f6591f2564ea99d281fde5523dfa65e5d9cd7ead36f1455203b0af0c9c9f303a4454291e2cd01f3a9457aac6cdacbbfd4aab9943272107cb11e96d5796c6152ee60eba2f8300255289d4e62dc75d5d36164be88df016ad59e064969544557e0f11e0981d8d3dcbfce3842c3d70ae4c3c44fdcc304418aa1c5d3fc493ca97b517502bc29d16983973f2bb2df21168b2e3097e7e456b2a37c56439b840539eb116fad3157707e523a05199c28ccd25d7117e999c45e80a9a21462eaad144a32e331a003272854c4649a3c7954a6c2e6aa5c81d7cce30c905383189f1177e33632b3b6c2572bb1a43321b8645b38b6d449514b746784fc8ff08e22424373f1bc015605c862134de23a9d374150d7f0c31b4c944589814b3074073b1518bcf5035b15b5b54e731402e68128f96b7cb58db9fbb6153b0f406c979c6226bd9260bee649d43835f448249e58a539f00eeb99368d1b5da0a5967142cc8ab3f976ddb14cca29fef02f49882ab9f9b8972241509ff2d1dbfc19ac35e2403046bd80433381468eb3a55fd63708c3eed6e6e6f279c8597977610a38bc7f3ebe1902c0fe85ef1ec1d56afa4c741fe0fd1f0c86f224577459fad33bd34e096253ebd5426c444e370a3156d4dd284b69545b4e43ef8b7240c79d386c2befc25112d136167bc4f84e95be75ebf30d46e70bfc6b7939badb44606fe966955e8f2fadb2b24c6df656e439564ebe0f9bfbb1c13b2b5ab08da5269cb8daf782a336d956048014c08dbe184f1474e6305d26c63a90adb06cd56180675002334a474295a2b99572eaaf37846bd533ce80a0099c55716faf64b8a7e5c8b300aab56b3f6d8279de148143a89b1e0db3ef4f339962aae0d6d81c3c0ee9a113d260439ea866c4e981611644f4e43562bec91aa0de27bbddb2974c02082cff22e5186f53e82659c44f5347456828441b6f910d8de51c8c21f57895d1e653dc4ab46b6422132529677352ddd215757edad3a718921c41a517c3df2730089e14ce35975e7fed1f659d97f7be400175fcf06ea2f0c22eed03f2f24ca2aaf490367914288f6f638a829002a5644a2a8876b7df68b9cf63a9cbd57e85aadf0e3f7dfdb5cf68b1af5e9b6f4f758d93bf4529c4e12fbbe63e7253abab43fa6aea40f01bf8817784e03f654c0891e69f881742bf7cb4d87d68fbf9fef24c46330183f8d25a2f5d702f2cde98e4616b660eadad2ac74e8cef0977aed251cfd79d8f3ce0a88ffe20c43bd577c29ccbdc7751c49ff087e6632920d15f2f6537eecf3fabfa7172ff36b13c414d786f1255334bdc6435172d3d0eab8d604ad33aec7dd28385e5c105034f596fd08697d329e29b0f52cd79fdf48fdb0cdec18ab4a27dc5e7517bf37fdcfbd34d8862980612a9779751ba2d0bce6642dcf64b848970869a7aec5efba75f6f01ec0606b2f0d292c8b666a174619caf4f61a98f16f4c9bbbf838349f3b2b6c232b794a018ebc9f8171870d3d193f8b41a04b9e9b23f01ffd487e362310d1e7d3750438ac22707f3b97ffe6507eb8ebd6beb3bd1c5414bc1e3e8862c25111268ad15adac4b60439d183ada469169ca5922f0670af295ee108cab6687224af2c3c95f7c2fe6115d96b5df51558ec05b478a7666257209a03df8b814a123d12da5bfc38bf5a24fe72653ab812d3ff29f404e91b2bd28d4cbfd18149065dfcc997d7b2d073f5e547e9519f19039d411399db1034fa65eb30f38cb3d23242dbc9c9df5a0f65f22a0f89761fb490f450e20ba228e2a3afae4081bd577b937d39d5fb78d9ca1469fcbced8afde965bef0834448c8d0efc7e47c1b8e5a5001a0dd883afd479c81de1f4c7de313d5e56f10b45d303d8ce57803f1bd2962be6a56b3013e6d47fa251e171800374d177520421cf4d6b3b4236d664d1fb84f0f8138e975bf147ee7b3d76298c764a599f6694dfe1761178eb2c31f54051dc95379015fa1a7ab8be60b7807f29ae56b67047b7dd3130351c0b2772e17c47d6a6fb4ad605453c86f0c26eb759a829543b789056fc4f95a0b9c27e41e883e8a94c7edb5d9d62ce6c2d29971e933bdaabc63e58b36cbca2f42a00580f36f20dd2fa991f38f5d5747229c6ec723a2b60fc6b2daa0a91e6bd6e55cf5c97107038435b6cbb0f7bbf5cfb70079a4d501854f839acd16510ab0a45ede674818c49a15b35c35761f3588eb35c13a5cfa82a5cc83872791801675fbcb23a52d184718cc583b851d6cd0618208b3b675e93e89269e8e614b13a9656c2cacb26db51f71a7d612f73f96391d03a7242f426a9f699b1ea916c752b46ab53f17e92323fe54bfacea393184aa1132ea6190317fbee57694d6909230dae357f72a813f6817ffd353918a154d55b688079a6ce4e79d436c6d40c033565c3b128c1c188af031b8b11db679ea26864fcaa4e650dde84869c228392104427f785bfd4371c2c0da4c785114e60a2a63085027059e76a6ccca8ed244f28e0943c5febd84f38f513782419110c507b3836a580fa4a71ab7e37c4e4c488abaeaebb0eedae2e2f6f194e3169889e8c9efe8d26384c2d45c9ff216392ec6e98689a900a9202037258dee0f699eb5ca036b49e5dffb2125cf3ca1cd2870f93fe5ff68829a74bc6354c67aebd09231fb9b110f124f264116bf2aa29a6f813bc1f7c2ea71e5e486ec03ce861dc3fb2049e45f8da1b241b0e6086f91e17895824949f5e1da5ebfdfe9a4232ce858350f2d53937f382b521c389847784f4cead8b1cc22422c7a4c3af7d331f755826bfe89a9a91570ba0a4ff38b23b7965e5b141fb7d83df7675957a97031fd562325a13a80a5fa2af43208cb79c56bcfb7ef559053ed3d665a20d98cbc8e7b3a34ee86e262e25d1c24fae4606929d3ccc5f91a2624ccacdd75e42788b5a2f66e010629fe549117d273b17454dc3aaf3f9f7a8e152f85aa0825138a53c7cbb0df35d2b0ca78d3d0f023458ee75ad843edd61c69567311d720db2cf0ea96d63035f2ef3cba2791f53849aaee5148564bca6f7b5f484c95c1b3712d9d892f73b4b85dbbc6b1d12d4bc5b7a72ed3d6966452a15b12c1da0ad5897ce5f6ddfe4f886e49a42aafb62a6763e3126645c2d2bc5386d6964a40fd08db64d80489eda7c910255fe20858053f45c39e7b7d6272ab92743b72c5dc5e13caafc1e3632789787733388445a461e960d1c8e999293f2773faf9b6337b5b8942121eb3383391b54f1359696aeda9a3c57df49dce6459d1d7a785aeba48bf1d6f9841136f509ad284ea8c72f44cbb1c67826c4505710e0cb8964a372e40d40963dfc7233725b6772790b450983f928e0a2f3aa2010a84963fa17ad53ec3cca9dfada8391e38825a857ee6e17119f68c2f207fc41ba28a428e724b69f7951342d4032c9dd542dd395252f96429282578354843f1fa192189edd714a55d3b8a2df4f5e7ee5461b4a5ddf15725262d23e0b5849e1bc61aa01ca0df32d400af2ebcf1d89f75cb0c3dce9ce5b8c2316b501f47f1a5fec3a4804238a16121d9db3287153a5a8a8f3be8806f8d948567256a0fc60c50a7ebd2c97ae10cb581de3b864c3820b1b28dcc46178fa90a2709d6ea93b4943e574b8fabe10239ec1b359d3fd61e11b8ec70f06baf6433a60f58535e2fc769d844ae83183120dffe9c3adc7ab273b0ea15c5476e543fee3784b7c43b0efda5e892acfc81762f06f644a4757d08e83b08b75e8f75cecb1e286d381110d8deda9208a2381c5f208e990d164db6d4021357f889bea8e85384ac39ce88acf5c68587716a0ff21cd8ccd10e83aed23d9d48d2a7c9b5d9f0cfc097df2e311c7a413a84df492ca5a27bea6abd9847f444bbd27588a29c5ad60f801becfb929456f6acc6e0ce1147f82e0845011ed72d1380758f3f1e376948aff4781302f727083ecc592e5115a03b31caa0565f620af37cbbf33e963b5b27b4853755480892ea2f4a96f7856088a99e564f547806dfb6089ca8b834f348bc06621bf4634adc85a9bc8d264ee39bfe139fa67bebb67718df894d3b6c380b8f64696444409cb5eb943caa733ef46ed25f39947af0135d8d211c5910c63eb1d089887051325e294276dcc8d72bb8514d7640cce2a5f73e70611fee01694d1a9139acf19d49d15a2e566e685d6987cb617eadbbca8aa29210c59db8bea7108729ad8d2d694e263cdc6cd7ead3a24e4c09a24a95c692eadafc27f963a317db873b2162dbdbc79ec423653ba6813b2ceed9585afa13820ed5786a134a9c33ab5aa", 0x1000}, {&(0x7f0000001300)="c6e39344f625bd46779584fc1571fb4a9c55e8d151bfe26baad8015bb8e2c88efc6837342b0781ac7b9494647fbf6e76937f466b594c2bec051f3b32f158f572870bfd81627b7be8b7c6cc545816d7783e5cf95c1f1bff4371c6227740b7bb8151da145b63d152021390e25a2ec9c29fb428fc6d8fe0", 0x76}, {0x0}, {&(0x7f0000001480)="c0e747fac3932e9186ec774595d5771c37f334b22b0f848a34d7498c82eaa44dabdd8a521a0bfaeca17a8a7f92e26262669f6f0cae7ddf3f156083d53757b5537983bcbbd0cf68f2774d0b49000d2a4e57c89c92fa0280a89b3b32203ba4b34e41", 0x61}, {&(0x7f0000001500)="c32c2ac1fcee6846d09103ea0f51420080da601d04cbb01b4658357f4bd4dc5162434c9a4cb7b52f5b55464bb57b9b383acb934af1a9db81b3593e029bf1f7b3e4fca39b6903bc5235f55b09495741659e7deb4a6021e7f7b3be2dbbd7e2", 0x5e}], 0x9}}], 0x1, 0x4001c00)

22.157154663s ago: executing program 0 (id=2119):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x401, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

21.169847082s ago: executing program 0 (id=2122):
mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140), 0x3200841, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e725f626c6f636b733d742c00160ca6bbfbd9b5d23e247b3654274e3ffafd579b415b3fb09c69679b7301910c7bf5bf20eb1392ff25e2c4d278be5d0363ea3826a6cbc205cf87ad06db1a601a749554c413e0997a880c3975f121ff962c663f89fe4f4a"])
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setrlimit(0x4, &(0x7f0000000100)={0xffff, 0x7})
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
open$dir(0x0, 0x40000, 0x10a)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, r3, 0x1, 0x70bd2c, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004859}, 0x4000)

10.835953665s ago: executing program 0 (id=2147):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
listen(r1, 0xfffffffd)
r3 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001000), 0x581, 0x40000000, 0x0)
keyctl$reject(0x13, 0x0, 0x80000000, 0x1856, 0x0)
syz_create_resource$binfmt(0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x10, 0x2, 0xff, 0x5a, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x22, 0x20}, 0xe)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r5 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, r5, 0x0, 0x7, 'syz1\x00', 0x0})
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000080)="a0ba0041e10b8d60ba44709ef438b323df357759", 0x14}, {&(0x7f00000000c0)="3f4d1d6c8eed634643f06a52a9365ee5a0937e7b02ceda6a2e7ee6438b5dbb", 0x1f}, {0x0}, {&(0x7f0000000200)="5681c9635e158b8bd54a4b4e400b3fd9e6eb5676b61b9c6aeb389f7994947ad225c93a4186e2c76551cf7fd7c08ab8b3cac862261da810e4adea397eb9b96fc541e530bfe0669a3064490aa3df4ca0d7bd24910f1f18ef1242a2650d12d71a8d69d51831d4e8d2fec6ef543bd753caf7aa944b9e769fa5cd302994ac50ced144d25eb6e5930a2e9c7da6dc673693e93fea023192ed702c6d522888c9934545afbcb2880fc37f633a4e5663da8db4dbc647f71ce185404009cb96529da69390dcdb07", 0xc2}, {&(0x7f0000000300)="33df77a45eaf94603464522cbe310d1ae65feffaaf0b0191d058cd3bf8100203fe51ebb6aeb1b23f4ce875f2f3b586e57568b58ecca298e798defa7dbb7201b65c29b584db6f2c87b8658cd085530ec615dfa93f3ac51e2c6a4d314f0ffbcbda451e3b27f94ab8a4805a91618b2c85cf7a0f3f1a429817e6ed554b741a6cb132d722c1d76e0da04fa1c99b49246a2c16d273c3ee225a37f495660656653f6d413bf6d5478be277d2c7cd38c42c8971a14a9b95850c355481459546071930377ae58cfba9119d0de9d2641ab61f868d73042f13168100d59964afc7086c057c2768f77334f01ed90b4c00492f0e24628b60476457d15f7704b2ca167002fe0cd0b593738a6792d0b2464e901ebc13dabf89785015999763b83f69dcacf7f8514c6704cb7de8135144813aaa777256f6a2977ccdee84891ce0be332b0150afc9023b1adfe124b8ff4457638c58cef734ace225fa7ef0e377b5c257ad2381ee16c27e88a08c078ed95f8a08d8472c9d9e8098b68d25b4bf906b305f23c06f420493ab8cd8f31ff6489648b139d0e6243eb0cd9de5515a530ffc4f641f1d1387c842a15e480e3a709a42336f4df2acdbf589dea5e20de704770c4d9af302ff6e105468afec6404e3f5df3af95f0e6a404ee08ac93ae6e38f56c65998a6ffe7df67f30d34935c2025e022393c6dec997b2595177b3a169afe30b125da691e473ff84a5e5f0e54ab0d36cacfa974aabba075ab7682c39c1f13e29e838b20efd4a2a6e4ee26f5f6f200cdf6a27e54dedd8ae5c278d556f306b2a6978a31f75cff821a7506d1cb23525e16d0bc847a231d3135094345e57533c25e93d5343e94a42dc6678c59ca592e8543ac1a15836c558e08fc216d834f970820a9b85744d1582ea19cd2836c3cd767fedc53a6521776f6287afc601ba596b7dde175422ff543e8da9bda8222c1c087dbc862dc34a471224ede214b9d83d3589c059065be5ded78b63aa71acddb57a0a9f766defc7e2e843d8a64a8c92efd1cc9e334856d7a7a1c7226034ba0a8f384dff88ff4e2ca6a13f63a66d123b5b7581976894093d22b07bd618becc3c5f812d0f87e5d9e96a8b9e042e5f3e41a89ff8e7c6015b18edbf31b5a38712cd53a2cfdb5039d4140766215aa13013c77f7c79a32a66986c0e45ab14eb9ec0a4712e0bdf397d4610581610d7abd6b299d82c963c99bd2f57d212902ea9db6cf4c080374a5e16653fba77eed4fe0dc6f63f0913d8216f6c17b64a7db7001ecea6c62e94da1e462cfb6284ed13819a072f0c5f348bc0f7ea7a2c73ff96395db41405d95fc3544029afdec7795bcc1d50112a4383c9d1f1000b59387e4cc67c2d7a511adb8270e69acebfb8cf94ef03540829ae70bda578a9e6cc13318e9173d9be92546b312956e56539eb9cc3fc4e89cfafc03802f5caf12f65133559898afdf5d25529b4ce5d6333fae21919c076ef9aaca6f1e1d93715f9d04b80e49f2d258e9fe7fdfc875c0231bce29d4a52372580f6591f2564ea99d281fde5523dfa65e5d9cd7ead36f1455203b0af0c9c9f303a4454291e2cd01f3a9457aac6cdacbbfd4aab9943272107cb11e96d5796c6152ee60eba2f8300255289d4e62dc75d5d36164be88df016ad59e064969544557e0f11e0981d8d3dcbfce3842c3d70ae4c3c44fdcc304418aa1c5d3fc493ca97b517502bc29d16983973f2bb2df21168b2e3097e7e456b2a37c56439b840539eb116fad3157707e523a05199c28ccd25d7117e999c45e80a9a21462eaad144a32e331a003272854c4649a3c7954a6c2e6aa5c81d7cce30c905383189f1177e33632b3b6c2572bb1a43321b8645b38b6d449514b746784fc8ff08e22424373f1bc015605c862134de23a9d374150d7f0c31b4c944589814b3074073b1518bcf5035b15b5b54e731402e68128f96b7cb58db9fbb6153b0f406c979c6226bd9260bee649d43835f448249e58a539f00eeb99368d1b5da0a5967142cc8ab3f976ddb14cca29fef02f49882ab9f9b8972241509ff2d1dbfc19ac35e2403046bd80433381468eb3a55fd63708c3eed6e6e6f279c8597977610a38bc7f3ebe1902c0fe85ef1ec1d56afa4c741fe0fd1f0c86f224577459fad33bd34e096253ebd5426c444e370a3156d4dd284b69545b4e43ef8b7240c79d386c2befc25112d136167bc4f84e95be75ebf30d46e70bfc6b7939badb44606fe966955e8f2fadb2b24c6df656e439564ebe0f9bfbb1c13b2b5ab08da5269cb8daf782a336d956048014c08dbe184f1474e6305d26c63a90adb06cd56180675002334a474295a2b99572eaaf37846bd533ce80a0099c55716faf64b8a7e5c8b300aab56b3f6d8279de148143a89b1e0db3ef4f339962aae0d6d81c3c0ee9a113d260439ea866c4e981611644f4e43562bec91aa0de27bbddb2974c02082cff22e5186f53e82659c44f5347456828441b6f910d8de51c8c21f57895d1e653dc4ab46b6422132529677352ddd215757edad3a718921c41a517c3df2730089e14ce35975e7fed1f659d97f7be400175fcf06ea2f0c22eed03f2f24ca2aaf490367914288f6f638a829002a5644a2a8876b7df68b9cf63a9cbd57e85aadf0e3f7dfdb5cf68b1af5e9b6f4f758d93bf4529c4e12fbbe63e7253abab43fa6aea40f01bf8817784e03f654c0891e69f881742bf7cb4d87d68fbf9fef24c46330183f8d25a2f5d702f2cde98e4616b660eadad2ac74e8cef0977aed251cfd79d8f3ce0a88ffe20c43bd577c29ccbdc7751c49ff087e6632920d15f2f6537eecf3fabfa7172ff36b13c414d786f1255334bdc6435172d3d0eab8d604ad33aec7dd28385e5c105034f596fd08697d329e29b0f52cd79fdf48fdb0cdec18ab4a27dc5e7517bf37fdcfbd34d8862980612a9779751ba2d0bce6642dcf64b848970869a7aec5efba75f6f01ec0606b2f0d292c8b666a174619caf4f61a98f16f4c9bbbf838349f3b2b6c232b794a018ebc9f8171870d3d193f8b41a04b9e9b23f01ffd487e362310d1e7d3750438ac22707f3b97ffe6507eb8ebd6beb3bd1c5414bc1e3e8862c25111268ad15adac4b60439d183ada469169ca5922f0670af295ee108cab6687224af2c3c95f7c2fe6115d96b5df51558ec05b478a7666257209a03df8b814a123d12da5bfc38bf5a24fe72653ab812d3ff29f404e91b2bd28d4cbfd18149065dfcc997d7b2d073f5e547e9519f19039d411399db1034fa65eb30f38cb3d23242dbc9c9df5a0f65f22a0f89761fb490f450e20ba228e2a3afae4081bd577b937d39d5fb78d9ca1469fcbced8afde965bef0834448c8d0efc7e47c1b8e5a5001a0dd883afd479c81de1f4c7de313d5e56f10b45d303d8ce57803f1bd2962be6a56b3013e6d47fa251e171800374d177520421cf4d6b3b4236d664d1fb84f0f8138e975bf147ee7b3d76298c764a599f6694dfe1761178eb2c31f54051dc95379015fa1a7ab8be60b7807f29ae56b67047b7dd3130351c0b2772e17c47d6a6fb4ad605453c86f0c26eb759a829543b789056fc4f95a0b9c27e41e883e8a94c7edb5d9d62ce6c2d29971e933bdaabc63e58b36cbca2f42a00580f36f20dd2fa991f38f5d5747229c6ec723a2b60fc6b2daa0a91e6bd6e55cf5c97107038435b6cbb0f7bbf5cfb70079a4d501854f839acd16510ab0a45ede674818c49a15b35c35761f3588eb35c13a5cfa82a5cc83872791801675fbcb23a52d184718cc583b851d6cd0618208b3b675e93e89269e8e614b13a9656c2cacb26db51f71a7d612f73f96391d03a7242f426a9f699b1ea916c752b46ab53f17e92323fe54bfacea393184aa1132ea6190317fbee57694d6909230dae357f72a813f6817ffd353918a154d55b688079a6ce4e79d436c6d40c033565c3b128c1c188af031b8b11db679ea26864fcaa4e650dde84869c228392104427f785bfd4371c2c0da4c785114e60a2a63085027059e76a6ccca8ed244f28e0943c5febd84f38f513782419110c507b3836a580fa4a71ab7e37c4e4c488abaeaebb0eedae2e2f6f194e3169889e8c9efe8d26384c2d45c9ff216392ec6e98689a900a9202037258dee0f699eb5ca036b49e5dffb2125cf3ca1cd2870f93fe5ff68829a74bc6354c67aebd09231fb9b110f124f264116bf2aa29a6f813bc1f7c2ea71e5e486ec03ce861dc3fb2049e45f8da1b241b0e6086f91e17895824949f5e1da5ebfdfe9a4232ce858350f2d53937f382b521c389847784f4cead8b1cc22422c7a4c3af7d331f755826bfe89a9a91570ba0a4ff38b23b7965e5b141fb7d83df7675957a97031fd562325a13a80a5fa2af43208cb79c56bcfb7ef559053ed3d665a20d98cbc8e7b3a34ee86e262e25d1c24fae4606929d3ccc5f91a2624ccacdd75e42788b5a2f66e010629fe549117d273b17454dc3aaf3f9f7a8e152f85aa0825138a53c7cbb0df35d2b0ca78d3d0f023458ee75ad843edd61c69567311d720db2cf0ea96d63035f2ef3cba2791f53849aaee5148564bca6f7b5f484c95c1b3712d9d892f73b4b85dbbc6b1d12d4bc5b7a72ed3d6966452a15b12c1da0ad5897ce5f6ddfe4f886e49a42aafb62a6763e3126645c2d2bc5386d6964a40fd08db64d80489eda7c910255fe20858053f45c39e7b7d6272ab92743b72c5dc5e13caafc1e3632789787733388445a461e960d1c8e999293f2773faf9b6337b5b8942121eb3383391b54f1359696aeda9a3c57df49dce6459d1d7a785aeba48bf1d6f9841136f509ad284ea8c72f44cbb1c67826c4505710e0cb8964a372e40d40963dfc7233725b6772790b450983f928e0a2f3aa2010a84963fa17ad53ec3cca9dfada8391e38825a857ee6e17119f68c2f207fc41ba28a428e724b69f7951342d4032c9dd542dd395252f96429282578354843f1fa192189edd714a55d3b8a2df4f5e7ee5461b4a5ddf15725262d23e0b5849e1bc61aa01ca0df32d400af2ebcf1d89f75cb0c3dce9ce5b8c2316b501f47f1a5fec3a4804238a16121d9db3287153a5a8a8f3be8806f8d948567256a0fc60c50a7ebd2c97ae10cb581de3b864c3820b1b28dcc46178fa90a2709d6ea93b4943e574b8fabe10239ec1b359d3fd61e11b8ec70f06baf6433a60f58535e2fc769d844ae83183120dffe9c3adc7ab273b0ea15c5476e543fee3784b7c43b0efda5e892acfc81762f06f644a4757d08e83b08b75e8f75cecb1e286d381110d8deda9208a2381c5f208e990d164db6d4021357f889bea8e85384ac39ce88acf5c68587716a0ff21cd8ccd10e83aed23d9d48d2a7c9b5d9f0cfc097df2e311c7a413a84df492ca5a27bea6abd9847f444bbd27588a29c5ad60f801becfb929456f6acc6e0ce1147f82e0845011ed72d1380758f3f1e376948aff4781302f727083ecc592e5115a03b31caa0565f620af37cbbf33e963b5b27b4853755480892ea2f4a96f7856088a99e564f547806dfb6089ca8b834f348bc06621bf4634adc85a9bc8d264ee39bfe139fa67bebb67718df894d3b6c380b8f64696444409cb5eb943caa733ef46ed25f39947af0135d8d211c5910c63eb1d089887051325e294276dcc8d72bb8514d7640cce2a5f73e70611fee01694d1a9139acf19d49d15a2e566e685d6987cb617eadbbca8aa29210c59db8bea7108729ad8d2d694e263cdc6cd7ead3a24e4c09a24a95c692eadafc27f963a317db873b2162dbdbc79ec423653ba6813b2ceed9585afa13820ed5786a134a9c33ab5aa", 0x1000}, {&(0x7f0000001300)="c6e39344f625bd46779584fc1571fb4a9c55e8d151bfe26baad8015bb8e2c88efc6837342b0781ac7b9494647fbf6e76937f466b594c2bec051f3b32f158f572870bfd81627b7be8b7c6cc545816d7783e5cf95c1f1bff4371c6227740b7bb8151da145b63d152021390e25a2ec9c29fb428fc6d8fe0", 0x76}, {0x0}, {&(0x7f0000001480)="c0e747fac3932e9186ec774595d5771c37f334b22b0f848a34d7498c82eaa44dabdd8a521a0bfaeca17a8a7f92e26262669f6f0cae7ddf3f156083d53757b5537983bcbbd0cf68f2774d0b49000d2a4e57c89c92fa0280a89b3b32203ba4b34e41", 0x61}, {&(0x7f0000001500)="c32c2ac1fcee6846d09103ea0f51420080da601d04cbb01b4658357f4bd4dc5162434c9a4cb7b52f5b55464bb57b9b383acb934af1a9db81b3593e029bf1f7b3e4fca39b6903bc5235f55b09495741659e7deb4a6021e7f7b3be2dbbd7e2", 0x5e}], 0x9}}], 0x1, 0x4001c00)

9.843095075s ago: executing program 1 (id=2148):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)

9.646420266s ago: executing program 6 (id=2150):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast1, 0x5}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x400a101)

8.268103016s ago: executing program 0 (id=2151):
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2)
r0 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000200)={0x8e, "00005c02ac56f967e45706449300004ed82ff400"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x101, "7bb9595931028deda525e19bdeffafde2500f6d15c9e31df9454310ad7c18e65"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x400000000, 0x4, 0x7fffffff}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x1e4011, 0x0)

8.24253561s ago: executing program 1 (id=2153):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001f00), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
unshare(0x2c020400)
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x1, 0x3}, 0xfe}, 0x18)

8.115138158s ago: executing program 7 (id=2154):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = socket(0x10, 0x3, 0x0)
syncfs(r1)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
munlockall()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, &(0x7f00000001c0)={0x6c, 0x2, 0xa, 0x8, 0x80})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0x54, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@broadcast, 0x0, 0x0, 0x0, 0x1, 0xa, 0x0, 0xa0}}, [@migrate={0x4}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = open(0x0, 0x0, 0x0)
read$msr(r5, &(0x7f0000000240)=""/11, 0xb)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000200)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100), &(0x7f0000000180)=[0x0], 0x8, 0x6, 0x0, 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r6 = io_uring_setup(0x7691, &(0x7f0000000140)={0x0, 0x58fb, 0x10, 0x801, 0x23f})
close_range(r6, 0xffffffffffffffff, 0x0)

8.049481786s ago: executing program 6 (id=2155):
r0 = syz_open_dev$video4linux(&(0x7f0000000240), 0xc, 0x20400)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000040)={0x1, 0x0, 0x3, 0x4, {0x7fffffff, 0x2, 0x10000, 0x59}})

6.915309666s ago: executing program 0 (id=2157):
mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140), 0x3200841, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e725f626c6f636b733d742c00160ca6bbfbd9b5d23e247b3654274e3ffafd579b415b3fb09c69679b7301910c7bf5bf20eb1392ff25e2c4d278be5d0363ea3826a6cbc205cf87ad06db1a601a749554c413e0997a880c3975f121ff962c663f89fe4f4a"])
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setrlimit(0x4, &(0x7f0000000100)={0xffff, 0x7})
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
open$dir(0x0, 0x40000, 0x10a)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, r4, 0x1, 0x70bd2c, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004859}, 0x4000)

6.787804224s ago: executing program 1 (id=2158):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0x18, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r5, 0x3b82, &(0x7f00000000c0)={0x18, 0x0, 0x1, 0x0, &(0x7f0000000280)=[{0x0, 0x1542}]})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000000)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1})

6.75235672s ago: executing program 6 (id=2159):
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[], 0x80}, 0x1, 0x7}, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x4, &(0x7f0000000180), 0x4)

6.751739201s ago: executing program 7 (id=2160):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, &(0x7f0000000340)={{0x8, @loopback, 0x4e2c, 0x1, 'ovf\x00', 0x14, 0x2, 0x19}, {@empty, 0x4e22, 0x3, 0x10001, 0x400fc1a, 0x8}}, 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
socket$inet_udplite(0x2, 0x2, 0x88)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x81c0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x50)
r2 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f00000002c0)={0x4000, r1}, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180))
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)

5.734939473s ago: executing program 1 (id=2162):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x6)
syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\n\b0', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000000140600fe8000000000000000000000000000bbfe800000001d00000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='T'], 0x0)

5.557883017s ago: executing program 7 (id=2163):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)

5.537055606s ago: executing program 1 (id=2164):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0xff, 0x0, 0x0, 0x40, 0x572, 0xcb01, 0x2665, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xaa, 0x75, 0xb7}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="000304000000d403"]}, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000500)={0x14, 0x0, &(0x7f00000004c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x2d, @string={0x2d, 0x3, "fff7b790e99277cdb04ddda6e769dfb184f2d92378b84ee1f9906b65715279b98174973f8a0f2ee8c091a2"}}}, 0x0)

5.006540362s ago: executing program 7 (id=2165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendto$packet(r1, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100}, 0x14)

4.630791898s ago: executing program 4 (id=2166):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0x18, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r6, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000000)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x148, r7, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_FRAME={0x124, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @device_b, @device_a, @initial, {0xf, 0x5}}, 0xffffffffffffffff, @default, 0x1000, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0x2c}, @void, @val={0x6, 0x2, 0x1ff}, @val={0x5, 0xb3, {0x5, 0x97, 0x5, "840713d363c6724d98bf35001c09bfc3ef576ef4cbdedd44f1719d86e7202598ad5ab2b4e5dff62ed61751909b8422ef7be7fa9aeee03cce1881434df3bc53402458604b55890de2298e22ae5eb55d3e14358d8172d3caffea4c3165a9936a26aa4560071601df38cfb687a86ed61c704879c02c575dcc5f792ca84bd70fc9a24035370ffe3e5d14541c8831eed97732a996891591391a05b51387596e4634cf9ec3255fc6c4d68b86c2b73f110f4dc0"}}, @void, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x400, 0x2, 0x5, 0x0, {0x2, 0xb7b, 0x0, 0x347, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x100, 0x1}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0x69, 0x0, 0x1, 0x0, 0xfd, 0x7, 0x20}}, @val={0x76, 0x6, {0x3, 0x0, 0x2f, 0x6}}}}]}, 0x148}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

4.423882048s ago: executing program 7 (id=2167):
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2)
r0 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000200)={0x8e, "00005c02ac56f967e45706449300004ed82ff400"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x101, "7bb9595931028deda525e19bdeffafde2500f6d15c9e31df9454310ad7c18e65"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x400000000, 0x4, 0x7fffffff}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x1e4011, 0x0)

3.581970367s ago: executing program 4 (id=2168):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001f00), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
unshare(0x2c020400)
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x1, 0x3}, 0xfe}, 0x18)

2.716042906s ago: executing program 4 (id=2169):
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x40187013, &(0x7f0000000040))

2.671056006s ago: executing program 7 (id=2170):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xcc, 0x2c, 0xdf, 0x40, 0x763, 0x2030, 0x7979, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5f, 0x65, 0x60, 0x70, [{{0x9, 0x4, 0x1, 0x8, 0x0, 0xff, 0xa2, 0x7d, 0x9}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000002800)={0x84, &(0x7f0000002380)={0x0, 0x7}, 0x0, 0x0, &(0x7f00000024c0)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000002500)={0x20, 0x0, 0x4, {0x140, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)={0x40, 0x17, 0x6}, 0x0, &(0x7f0000002700)={0x40, 0x1a, 0x2, 0x9}, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001080)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x820000, 0x0)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
close_range(r2, r3, 0x0)

2.487984828s ago: executing program 4 (id=2171):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x1, 0x20}, 0xc)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)

2.394983336s ago: executing program 6 (id=2172):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0x18, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r6, 0x3b82, &(0x7f00000000c0)={0x18, 0x0, 0x1, 0x0, &(0x7f0000000280)=[{0x0, 0x1542}]})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000000)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1})

2.255544134s ago: executing program 4 (id=2173):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, &(0x7f0000000340)={{0x8, @loopback, 0x4e2c, 0x1, 'ovf\x00', 0x14, 0x2, 0x19}, {@empty, 0x4e22, 0x3, 0x10001, 0x400fc1a, 0x8}}, 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
socket$inet_udplite(0x2, 0x2, 0x88)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x81c0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x50)
r2 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f00000002c0)={0x4000, r1}, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180))
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)

1.25212552s ago: executing program 6 (id=2174):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x2000009, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)

1.171158324s ago: executing program 4 (id=2175):
syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x11c)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r4, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
socket(0x5, 0x80000, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4553, 0xa2ae, 0x1, &(0x7f0000000000), 0x8)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10)

1.163789858s ago: executing program 1 (id=2176):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
listen(r1, 0xfffffffd)
r3 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001000), 0x581, 0x40000000, 0x0)
keyctl$reject(0x13, 0x0, 0x80000000, 0x1856, 0x0)
syz_create_resource$binfmt(0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x10, 0x2, 0xff, 0x5a, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x22, 0x20}, 0xe)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r5 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, r5, 0x0, 0x7, 'syz1\x00', 0x0})
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000080)="a0ba0041e10b8d60ba44709ef438b323df357759", 0x14}, {&(0x7f00000000c0)="3f4d1d6c8eed634643f06a52a9365ee5a0937e7b02ceda6a2e7ee6438b5dbb", 0x1f}, {0x0}, {&(0x7f0000000200)="5681c9635e158b8bd54a4b4e400b3fd9e6eb5676b61b9c6aeb389f7994947ad225c93a4186e2c76551cf7fd7c08ab8b3cac862261da810e4adea397eb9b96fc541e530bfe0669a3064490aa3df4ca0d7bd24910f1f18ef1242a2650d12d71a8d69d51831d4e8d2fec6ef543bd753caf7aa944b9e769fa5cd302994ac50ced144d25eb6e5930a2e9c7da6dc673693e93fea023192ed702c6d522888c9934545afbcb2880fc37f633a4e5663da8db4dbc647f71ce185404009cb96529da69390dcdb07", 0xc2}, {&(0x7f0000000300)="33df77a45eaf94603464522cbe310d1ae65feffaaf0b0191d058cd3bf8100203fe51ebb6aeb1b23f4ce875f2f3b586e57568b58ecca298e798defa7dbb7201b65c29b584db6f2c87b8658cd085530ec615dfa93f3ac51e2c6a4d314f0ffbcbda451e3b27f94ab8a4805a91618b2c85cf7a0f3f1a429817e6ed554b741a6cb132d722c1d76e0da04fa1c99b49246a2c16d273c3ee225a37f495660656653f6d413bf6d5478be277d2c7cd38c42c8971a14a9b95850c355481459546071930377ae58cfba9119d0de9d2641ab61f868d73042f13168100d59964afc7086c057c2768f77334f01ed90b4c00492f0e24628b60476457d15f7704b2ca167002fe0cd0b593738a6792d0b2464e901ebc13dabf89785015999763b83f69dcacf7f8514c6704cb7de8135144813aaa777256f6a2977ccdee84891ce0be332b0150afc9023b1adfe124b8ff4457638c58cef734ace225fa7ef0e377b5c257ad2381ee16c27e88a08c078ed95f8a08d8472c9d9e8098b68d25b4bf906b305f23c06f420493ab8cd8f31ff6489648b139d0e6243eb0cd9de5515a530ffc4f641f1d1387c842a15e480e3a709a42336f4df2acdbf589dea5e20de704770c4d9af302ff6e105468afec6404e3f5df3af95f0e6a404ee08ac93ae6e38f56c65998a6ffe7df67f30d34935c2025e022393c6dec997b2595177b3a169afe30b125da691e473ff84a5e5f0e54ab0d36cacfa974aabba075ab7682c39c1f13e29e838b20efd4a2a6e4ee26f5f6f200cdf6a27e54dedd8ae5c278d556f306b2a6978a31f75cff821a7506d1cb23525e16d0bc847a231d3135094345e57533c25e93d5343e94a42dc6678c59ca592e8543ac1a15836c558e08fc216d834f970820a9b85744d1582ea19cd2836c3cd767fedc53a6521776f6287afc601ba596b7dde175422ff543e8da9bda8222c1c087dbc862dc34a471224ede214b9d83d3589c059065be5ded78b63aa71acddb57a0a9f766defc7e2e843d8a64a8c92efd1cc9e334856d7a7a1c7226034ba0a8f384dff88ff4e2ca6a13f63a66d123b5b7581976894093d22b07bd618becc3c5f812d0f87e5d9e96a8b9e042e5f3e41a89ff8e7c6015b18edbf31b5a38712cd53a2cfdb5039d4140766215aa13013c77f7c79a32a66986c0e45ab14eb9ec0a4712e0bdf397d4610581610d7abd6b299d82c963c99bd2f57d212902ea9db6cf4c080374a5e16653fba77eed4fe0dc6f63f0913d8216f6c17b64a7db7001ecea6c62e94da1e462cfb6284ed13819a072f0c5f348bc0f7ea7a2c73ff96395db41405d95fc3544029afdec7795bcc1d50112a4383c9d1f1000b59387e4cc67c2d7a511adb8270e69acebfb8cf94ef03540829ae70bda578a9e6cc13318e9173d9be92546b312956e56539eb9cc3fc4e89cfafc03802f5caf12f65133559898afdf5d25529b4ce5d6333fae21919c076ef9aaca6f1e1d93715f9d04b80e49f2d258e9fe7fdfc875c0231bce29d4a52372580f6591f2564ea99d281fde5523dfa65e5d9cd7ead36f1455203b0af0c9c9f303a4454291e2cd01f3a9457aac6cdacbbfd4aab9943272107cb11e96d5796c6152ee60eba2f8300255289d4e62dc75d5d36164be88df016ad59e064969544557e0f11e0981d8d3dcbfce3842c3d70ae4c3c44fdcc304418aa1c5d3fc493ca97b517502bc29d16983973f2bb2df21168b2e3097e7e456b2a37c56439b840539eb116fad3157707e523a05199c28ccd25d7117e999c45e80a9a21462eaad144a32e331a003272854c4649a3c7954a6c2e6aa5c81d7cce30c905383189f1177e33632b3b6c2572bb1a43321b8645b38b6d449514b746784fc8ff08e22424373f1bc015605c862134de23a9d374150d7f0c31b4c944589814b3074073b1518bcf5035b15b5b54e731402e68128f96b7cb58db9fbb6153b0f406c979c6226bd9260bee649d43835f448249e58a539f00eeb99368d1b5da0a5967142cc8ab3f976ddb14cca29fef02f49882ab9f9b8972241509ff2d1dbfc19ac35e2403046bd80433381468eb3a55fd63708c3eed6e6e6f279c8597977610a38bc7f3ebe1902c0fe85ef1ec1d56afa4c741fe0fd1f0c86f224577459fad33bd34e096253ebd5426c444e370a3156d4dd284b69545b4e43ef8b7240c79d386c2befc25112d136167bc4f84e95be75ebf30d46e70bfc6b7939badb44606fe966955e8f2fadb2b24c6df656e439564ebe0f9bfbb1c13b2b5ab08da5269cb8daf782a336d956048014c08dbe184f1474e6305d26c63a90adb06cd56180675002334a474295a2b99572eaaf37846bd533ce80a0099c55716faf64b8a7e5c8b300aab56b3f6d8279de148143a89b1e0db3ef4f339962aae0d6d81c3c0ee9a113d260439ea866c4e981611644f4e43562bec91aa0de27bbddb2974c02082cff22e5186f53e82659c44f5347456828441b6f910d8de51c8c21f57895d1e653dc4ab46b6422132529677352ddd215757edad3a718921c41a517c3df2730089e14ce35975e7fed1f659d97f7be400175fcf06ea2f0c22eed03f2f24ca2aaf490367914288f6f638a829002a5644a2a8876b7df68b9cf63a9cbd57e85aadf0e3f7dfdb5cf68b1af5e9b6f4f758d93bf4529c4e12fbbe63e7253abab43fa6aea40f01bf8817784e03f654c0891e69f881742bf7cb4d87d68fbf9fef24c46330183f8d25a2f5d702f2cde98e4616b660eadad2ac74e8cef0977aed251cfd79d8f3ce0a88ffe20c43bd577c29ccbdc7751c49ff087e6632920d15f2f6537eecf3fabfa7172ff36b13c414d786f1255334bdc6435172d3d0eab8d604ad33aec7dd28385e5c105034f596fd08697d329e29b0f52cd79fdf48fdb0cdec18ab4a27dc5e7517bf37fdcfbd34d8862980612a9779751ba2d0bce6642dcf64b848970869a7aec5efba75f6f01ec0606b2f0d292c8b666a174619caf4f61a98f16f4c9bbbf838349f3b2b6c232b794a018ebc9f8171870d3d193f8b41a04b9e9b23f01ffd487e362310d1e7d3750438ac22707f3b97ffe6507eb8ebd6beb3bd1c5414bc1e3e8862c25111268ad15adac4b60439d183ada469169ca5922f0670af295ee108cab6687224af2c3c95f7c2fe6115d96b5df51558ec05b478a7666257209a03df8b814a123d12da5bfc38bf5a24fe72653ab812d3ff29f404e91b2bd28d4cbfd18149065dfcc997d7b2d073f5e547e9519f19039d411399db1034fa65eb30f38cb3d23242dbc9c9df5a0f65f22a0f89761fb490f450e20ba228e2a3afae4081bd577b937d39d5fb78d9ca1469fcbced8afde965bef0834448c8d0efc7e47c1b8e5a5001a0dd883afd479c81de1f4c7de313d5e56f10b45d303d8ce57803f1bd2962be6a56b3013e6d47fa251e171800374d177520421cf4d6b3b4236d664d1fb84f0f8138e975bf147ee7b3d76298c764a599f6694dfe1761178eb2c31f54051dc95379015fa1a7ab8be60b7807f29ae56b67047b7dd3130351c0b2772e17c47d6a6fb4ad605453c86f0c26eb759a829543b789056fc4f95a0b9c27e41e883e8a94c7edb5d9d62ce6c2d29971e933bdaabc63e58b36cbca2f42a00580f36f20dd2fa991f38f5d5747229c6ec723a2b60fc6b2daa0a91e6bd6e55cf5c97107038435b6cbb0f7bbf5cfb70079a4d501854f839acd16510ab0a45ede674818c49a15b35c35761f3588eb35c13a5cfa82a5cc83872791801675fbcb23a52d184718cc583b851d6cd0618208b3b675e93e89269e8e614b13a9656c2cacb26db51f71a7d612f73f96391d03a7242f426a9f699b1ea916c752b46ab53f17e92323fe54bfacea393184aa1132ea6190317fbee57694d6909230dae357f72a813f6817ffd353918a154d55b688079a6ce4e79d436c6d40c033565c3b128c1c188af031b8b11db679ea26864fcaa4e650dde84869c228392104427f785bfd4371c2c0da4c785114e60a2a63085027059e76a6ccca8ed244f28e0943c5febd84f38f513782419110c507b3836a580fa4a71ab7e37c4e4c488abaeaebb0eedae2e2f6f194e3169889e8c9efe8d26384c2d45c9ff216392ec6e98689a900a9202037258dee0f699eb5ca036b49e5dffb2125cf3ca1cd2870f93fe5ff68829a74bc6354c67aebd09231fb9b110f124f264116bf2aa29a6f813bc1f7c2ea71e5e486ec03ce861dc3fb2049e45f8da1b241b0e6086f91e17895824949f5e1da5ebfdfe9a4232ce858350f2d53937f382b521c389847784f4cead8b1cc22422c7a4c3af7d331f755826bfe89a9a91570ba0a4ff38b23b7965e5b141fb7d83df7675957a97031fd562325a13a80a5fa2af43208cb79c56bcfb7ef559053ed3d665a20d98cbc8e7b3a34ee86e262e25d1c24fae4606929d3ccc5f91a2624ccacdd75e42788b5a2f66e010629fe549117d273b17454dc3aaf3f9f7a8e152f85aa0825138a53c7cbb0df35d2b0ca78d3d0f023458ee75ad843edd61c69567311d720db2cf0ea96d63035f2ef3cba2791f53849aaee5148564bca6f7b5f484c95c1b3712d9d892f73b4b85dbbc6b1d12d4bc5b7a72ed3d6966452a15b12c1da0ad5897ce5f6ddfe4f886e49a42aafb62a6763e3126645c2d2bc5386d6964a40fd08db64d80489eda7c910255fe20858053f45c39e7b7d6272ab92743b72c5dc5e13caafc1e3632789787733388445a461e960d1c8e999293f2773faf9b6337b5b8942121eb3383391b54f1359696aeda9a3c57df49dce6459d1d7a785aeba48bf1d6f9841136f509ad284ea8c72f44cbb1c67826c4505710e0cb8964a372e40d40963dfc7233725b6772790b450983f928e0a2f3aa2010a84963fa17ad53ec3cca9dfada8391e38825a857ee6e17119f68c2f207fc41ba28a428e724b69f7951342d4032c9dd542dd395252f96429282578354843f1fa192189edd714a55d3b8a2df4f5e7ee5461b4a5ddf15725262d23e0b5849e1bc61aa01ca0df32d400af2ebcf1d89f75cb0c3dce9ce5b8c2316b501f47f1a5fec3a4804238a16121d9db3287153a5a8a8f3be8806f8d948567256a0fc60c50a7ebd2c97ae10cb581de3b864c3820b1b28dcc46178fa90a2709d6ea93b4943e574b8fabe10239ec1b359d3fd61e11b8ec70f06baf6433a60f58535e2fc769d844ae83183120dffe9c3adc7ab273b0ea15c5476e543fee3784b7c43b0efda5e892acfc81762f06f644a4757d08e83b08b75e8f75cecb1e286d381110d8deda9208a2381c5f208e990d164db6d4021357f889bea8e85384ac39ce88acf5c68587716a0ff21cd8ccd10e83aed23d9d48d2a7c9b5d9f0cfc097df2e311c7a413a84df492ca5a27bea6abd9847f444bbd27588a29c5ad60f801becfb929456f6acc6e0ce1147f82e0845011ed72d1380758f3f1e376948aff4781302f727083ecc592e5115a03b31caa0565f620af37cbbf33e963b5b27b4853755480892ea2f4a96f7856088a99e564f547806dfb6089ca8b834f348bc06621bf4634adc85a9bc8d264ee39bfe139fa67bebb67718df894d3b6c380b8f64696444409cb5eb943caa733ef46ed25f39947af0135d8d211c5910c63eb1d089887051325e294276dcc8d72bb8514d7640cce2a5f73e70611fee01694d1a9139acf19d49d15a2e566e685d6987cb617eadbbca8aa29210c59db8bea7108729ad8d2d694e263cdc6cd7ead3a24e4c09a24a95c692eadafc27f963a317db873b2162dbdbc79ec423653ba6813b2ceed9585afa13820ed5786a134a9c33ab5aa", 0x1000}, {&(0x7f0000001300)="c6e39344f625bd46779584fc1571fb4a9c55e8d151bfe26baad8015bb8e2c88efc6837342b0781ac7b9494647fbf6e76937f466b594c2bec051f3b32f158f572870bfd81627b7be8b7c6cc545816d7783e5cf95c1f1bff4371c6227740b7bb8151da145b63d152021390e25a2ec9c29fb428fc6d8fe0", 0x76}, {0x0}, {&(0x7f0000001480)="c0e747fac3932e9186ec774595d5771c37f334b22b0f848a34d7498c82eaa44dabdd8a521a0bfaeca17a8a7f92e26262669f6f0cae7ddf3f156083d53757b5537983bcbbd0cf68f2774d0b49000d2a4e57c89c92fa0280a89b3b32203ba4b34e41", 0x61}, {&(0x7f0000001500)="c32c2ac1fcee6846d09103ea0f51420080da601d04cbb01b4658357f4bd4dc5162434c9a4cb7b52f5b55464bb57b9b383acb934af1a9db81b3593e029bf1f7b3e4fca39b6903bc5235f55b09495741659e7deb4a6021e7f7b3be2dbbd7e2", 0x5e}], 0x9}}], 0x1, 0x4001c00)

0s ago: executing program 6 (id=2177):
r0 = syz_open_dev$media(&(0x7f0000002340), 0xa, 0xed07983fff27406c)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xca, 0x9b, 0xd4, 0x10, 0x1199, 0xb000, 0xa898, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x30, 0x2, 0x2, 0x17, 0xb5, 0x1b, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0x3)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x40)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x2000000000000088}}, 0x40)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x6, 0x5, 0x1}}, 0x30)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES32=0x1, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRESOCT=r5, @ANYBLOB="0100070000800000020000000000000100"/28], 0x50)
r7 = fcntl$dupfd(r6, 0x0, r0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, 0x0)
pwritev(r7, &(0x7f00000024c0), 0x0, 0x7f, 0x10)
geteuid()

kernel console output (not intermixed with test programs):

1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  591.335123][ T5886] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  591.376719][ T5886] usb 1-1: Product: syz
[  591.415856][ T5886] usb 1-1: Manufacturer: syz
[  591.426117][ T5886] usb 1-1: SerialNumber: syz
[  591.468127][ T5878] usbhid 3-1:0.1: can't add hid device: -71
[  591.496568][ T5878] usbhid 3-1:0.1: probe with driver usbhid failed with error -71
[  591.565475][ T5878] usb 3-1: USB disconnect, device number 41
[  591.664709][ T5886] usb 1-1: Invalid connection information received from device
[  591.921236][ T5877] libceph: connect (1)[c::]:6789 error -101
[  591.943439][ T5877] libceph: mon0 (1)[c::]:6789 connect error
[  592.579661][ T5930] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  592.756908][ T5930] usb 5-1: Using ep0 maxpacket: 32
[  592.828536][ T5930] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  592.869001][ T5930] usb 5-1: config 0 has no interface number 0
[  592.895619][ T5930] usb 5-1: config 0 interface 12 has no altsetting 0
[  592.897043][ T5886] libceph: connect (1)[c::]:6789 error -101
[  592.924544][ T5886] libceph: mon0 (1)[c::]:6789 connect error
[  592.931622][ T5930] usb 5-1: New USB device found, idVendor=2c42, idProduct=1222, bcdDevice=85.40
[  592.962022][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.976951][ T5930] usb 5-1: Product: syz
[  592.981167][ T5930] usb 5-1: Manufacturer: syz
[  592.981622][T10532] ceph: No mds server is up or the cluster is laggy
[  592.994376][ T5930] usb 5-1: SerialNumber: syz
[  593.007396][ T5930] usb 5-1: config 0 descriptor??
[  593.311073][   T10] usb 1-1: USB disconnect, device number 46
[  593.317454][ T5930] usb 5-1: USB disconnect, device number 37
[  593.780384][   T24] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  594.663952][   T24] usb 3-1: Using ep0 maxpacket: 8
[  594.784208][   T24] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  594.804797][   T24] usb 3-1: config 179 has no interface number 0
[  594.812309][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  594.823551][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  594.840662][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  594.866450][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  594.907761][   T24] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  594.943926][   T24] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  594.961053][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.183470][T10593] ptrace attach of "./syz-executor exec"[5820] was attempted by "                                                                                                                                                                                                                                                                                                                                eth0 #®uŕűu0*óiÝŮƇ޿_ ößkż.\x22¦Ŕ#pÍ/¦ňĽyL…aµ»~+>Ľ“ř«š3…l{@!2¶!®÷9k��\x0b8I$ýQ�=rŘŔŘ\x09/ŤvÓ§ŘJý”#KTÝÓáľ_$A=zî˝/XľmOX)s”Ţľ_�N¸Ţë)ÍĹ6m\x0a\x0b
ľë»‘zÂ|d\x1bŇůyx˛\x1bLTrw�|0\x09Ćâśí\x5cŘ[Č ó¬]V:üĂž\x07xďţ.TTĎżő€a%ÜQłCuTĚę‘čŘ
YZyć!‰śŃ¦7Švs˛\x07ţłj*­IĚéŞ{]ď·ňî*ů5JtĐsÄŞČ~˛ň0˝fŰ®Găűď”ď:Q\x1b㣤}ď`eÍL«Ű\x0dňyźg1ô\x09i/!ń,ŚuŞż~)”\x1b2“†çšňj¨–¦˘üN�ŻThł\x1bo:č\x0bq7SäHóL ś—BťŞqą(ö�±[„aF›ÚëÄ*q˛’ Śv¬ ANąŞŕť—Te��Lţ—+uÓ^±đŕ˝\x07»ĺťsha ë„™ĆńŐLD¨7 DQŠ2!8,Ľ%$ńňÖśyěKÚĹÜúÝöĆ´ś’…°˘%:đô0´¦d´äLWŐ�÷l\x1bţŢ\x0bh—=m‚.¬\x0bhţ„Q}�8/�ëPľÖ+:ÎE\x5c•Ô¬’‡×�—ăě­Ő¬€C„R�r^gşQ(š>⺨=\x0c04Źň�*@vçŃîłÂŤTÚ�gŮ:hzW6s)x®ňÍ\x
[  595.436562][T10478] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  595.924185][T10566] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  596.187801][T10566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  596.237447][T10566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  596.248814][T10478] usb 4-1: Using ep0 maxpacket: 32
[  596.265886][T10478] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  596.274662][T10478] usb 4-1: config 0 has no interface number 0
[  596.300792][T10478] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  596.316727][ T5879] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input42
[  596.385640][T10478] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  596.438788][T10478] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  596.492718][T10478] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  596.519714][   T10] usb 3-1: USB disconnect, device number 42
[  596.519743][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  596.534354][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  596.549073][   T10] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  596.610010][T10478] usb 4-1: config 0 descriptor??
[  596.694463][T10605] FAULT_INJECTION: forcing a failure.
[  596.694463][T10605] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  596.751537][T10605] CPU: 0 UID: 0 PID: 10605 Comm: syz.1.1319 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  596.751564][T10605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  596.751573][T10605] Call Trace:
[  596.751580][T10605]  <TASK>
[  596.751588][T10605]  dump_stack_lvl+0x189/0x250
[  596.751617][T10605]  ? __pfx____ratelimit+0x10/0x10
[  596.751645][T10605]  ? __pfx_dump_stack_lvl+0x10/0x10
[  596.751668][T10605]  ? __pfx__printk+0x10/0x10
[  596.751695][T10605]  should_fail_ex+0x414/0x560
[  596.751717][T10605]  _copy_to_user+0x31/0xb0
[  596.751742][T10605]  simple_read_from_buffer+0xe1/0x170
[  596.751771][T10605]  proc_fail_nth_read+0x1df/0x250
[  596.751792][T10605]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  596.751813][T10605]  ? rw_verify_area+0x258/0x650
[  596.751835][T10605]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  596.751854][T10605]  vfs_read+0x1fd/0x980
[  596.751888][T10605]  ? __pfx___mutex_lock+0x10/0x10
[  596.751906][T10605]  ? __pfx_vfs_read+0x10/0x10
[  596.751928][T10605]  ? __fget_files+0x2a/0x420
[  596.751948][T10605]  ? __fget_files+0x3a0/0x420
[  596.751962][T10605]  ? __fget_files+0x2a/0x420
[  596.751984][T10605]  ksys_read+0x145/0x250
[  596.752008][T10605]  ? __pfx_ksys_read+0x10/0x10
[  596.752027][T10605]  ? rcu_is_watching+0x15/0xb0
[  596.752051][T10605]  ? do_syscall_64+0xbe/0x3b0
[  596.752071][T10605]  do_syscall_64+0xfa/0x3b0
[  596.752086][T10605]  ? lockdep_hardirqs_on+0x9c/0x150
[  596.752101][T10605]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  596.752117][T10605]  ? clear_bhb_loop+0x60/0xb0
[  596.752139][T10605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  596.752155][T10605] RIP: 0033:0x7f30fdb8d37c
[  596.752170][T10605] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  596.752182][T10605] RSP: 002b:00007f30fe957030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  596.752200][T10605] RAX: ffffffffffffffda RBX: 00007f30fddb5fa0 RCX: 00007f30fdb8d37c
[  596.752212][T10605] RDX: 000000000000000f RSI: 00007f30fe9570a0 RDI: 0000000000000004
[  596.752221][T10605] RBP: 00007f30fe957090 R08: 0000000000000000 R09: 0000000000000000
[  596.752230][T10605] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  596.752239][T10605] R13: 0000000000000000 R14: 00007f30fddb5fa0 R15: 00007ffc97955e68
[  596.752264][T10605]  </TASK>
[  596.989232][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.776786][ T5878] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  597.956570][ T5878] usb 3-1: Using ep0 maxpacket: 16
[  597.978849][ T5878] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  598.009102][ T5878] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  598.048303][ T5878] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  598.072066][ T5878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.108025][ T5878] usb 3-1: Product: syz
[  598.122117][ T5878] usb 3-1: Manufacturer: syz
[  598.134513][ T5878] usb 3-1: SerialNumber: syz
[  598.317638][ T5886] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  598.335839][T10478] usbhid 4-1:0.1: can't add hid device: -71
[  598.353992][T10478] usbhid 4-1:0.1: probe with driver usbhid failed with error -71
[  598.386879][ T5878] usb 3-1: 0:2 : does not exist
[  598.391907][ T5878] usb 3-1: unit 9 not found!
[  598.395975][T10478] usb 4-1: USB disconnect, device number 39
[  598.434744][ T5878] usb 3-1: 4:0: cannot get min/max values for control 1 (id 4)
[  598.656553][ T5886] usb 1-1: Using ep0 maxpacket: 8
[  598.667367][ T5886] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  598.685615][ T5878] usb 3-1: USB disconnect, device number 43
[  599.314648][ T5886] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  599.324760][ T5886] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  599.352117][ T5886] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  599.480108][ T6771] udevd[6771]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  599.511158][ T5886] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  599.546464][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.816723][ T5886] usb 1-1: GET_CAPABILITIES returned 0
[  599.946901][ T5886] usbtmc 1-1:16.0: can't read capabilities
[  600.023447][T10623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1325'.
[  600.362207][T10623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1325'.
[  601.156343][ T5886] usb 1-1: USB disconnect, device number 47
[  601.313859][T10657] netlink: 'syz.4.1333': attribute type 10 has an invalid length.
[  601.322101][T10657] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1333'.
[  601.331911][T10657] bond0: entered promiscuous mode
[  601.337989][T10657] bond_slave_0: entered promiscuous mode
[  601.344060][T10657] bond_slave_1: entered promiscuous mode
[  601.368989][T10657] bridge0: port 3(bond0) entered blocking state
[  601.375619][T10657] bridge0: port 3(bond0) entered disabled state
[  601.386933][T10657] bond0: entered allmulticast mode
[  601.392230][T10657] bond_slave_0: entered allmulticast mode
[  601.398727][T10657] bond_slave_1: entered allmulticast mode
[  601.411799][T10657] bridge0: port 3(bond0) entered blocking state
[  601.418407][T10657] bridge0: port 3(bond0) entered forwarding state
[  604.599874][T10692] FAULT_INJECTION: forcing a failure.
[  604.599874][T10692] name failslab, interval 1, probability 0, space 0, times 0
[  604.850179][T10692] CPU: 0 UID: 0 PID: 10692 Comm: syz.1.1346 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  604.850209][T10692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  604.850221][T10692] Call Trace:
[  604.850230][T10692]  <TASK>
[  604.850239][T10692]  dump_stack_lvl+0x189/0x250
[  604.850274][T10692]  ? __pfx____ratelimit+0x10/0x10
[  604.850307][T10692]  ? __pfx_dump_stack_lvl+0x10/0x10
[  604.850335][T10692]  ? __pfx__printk+0x10/0x10
[  604.850361][T10692]  ? __pfx___might_resched+0x10/0x10
[  604.850391][T10692]  should_fail_ex+0x414/0x560
[  604.850430][T10692]  should_failslab+0xa8/0x100
[  604.850464][T10692]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  604.850496][T10692]  ? __alloc_skb+0x112/0x2d0
[  604.850533][T10692]  __alloc_skb+0x112/0x2d0
[  604.850563][T10692]  netlink_sendmsg+0x5c6/0xb30
[  604.850601][T10692]  ? __pfx_netlink_sendmsg+0x10/0x10
[  604.850637][T10692]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  604.850657][T10692]  ? __pfx_netlink_sendmsg+0x10/0x10
[  604.850683][T10692]  __sock_sendmsg+0x219/0x270
[  604.850708][T10692]  ____sys_sendmsg+0x505/0x830
[  604.850742][T10692]  ? __pfx_____sys_sendmsg+0x10/0x10
[  604.850781][T10692]  ? import_iovec+0x74/0xa0
[  604.850814][T10692]  ___sys_sendmsg+0x21f/0x2a0
[  604.850844][T10692]  ? __pfx____sys_sendmsg+0x10/0x10
[  604.850911][T10692]  ? __fget_files+0x2a/0x420
[  604.850930][T10692]  ? __fget_files+0x3a0/0x420
[  604.850960][T10692]  __x64_sys_sendmsg+0x19b/0x260
[  604.850992][T10692]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  604.851031][T10692]  ? __pfx_ksys_write+0x10/0x10
[  604.851056][T10692]  ? rcu_is_watching+0x15/0xb0
[  604.851085][T10692]  ? do_syscall_64+0xbe/0x3b0
[  604.851111][T10692]  do_syscall_64+0xfa/0x3b0
[  604.851133][T10692]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.851152][T10692]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  604.851170][T10692]  ? clear_bhb_loop+0x60/0xb0
[  604.851196][T10692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.851219][T10692] RIP: 0033:0x7f30fdb8e969
[  604.851237][T10692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  604.851255][T10692] RSP: 002b:00007f30fe957038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  604.851277][T10692] RAX: ffffffffffffffda RBX: 00007f30fddb5fa0 RCX: 00007f30fdb8e969
[  604.851293][T10692] RDX: 0000000000004054 RSI: 00002000000002c0 RDI: 0000000000000003
[  604.851305][T10692] RBP: 00007f30fe957090 R08: 0000000000000000 R09: 0000000000000000
[  604.851317][T10692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  604.851329][T10692] R13: 0000000000000000 R14: 00007f30fddb5fa0 R15: 00007ffc97955e68
[  604.851361][T10692]  </TASK>
[  605.119106][    C0] vkms_vblank_simulate: vblank timer overrun
[  605.697759][T10693] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1338'.
[  605.749309][T10693] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1338'.
[  605.764100][T10693] tipc: MTU too low for tipc bearer
[  606.096694][ T5878] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  606.179977][T10710] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1351'.
[  606.267302][ T5878] usb 4-1: Using ep0 maxpacket: 8
[  606.281157][ T5878] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  606.466259][ T5878] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  606.476804][ T5878] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  606.487111][ T5878] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  606.503600][ T5878] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  606.505871][T10715] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1352'.
[  606.513200][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.543120][T10717] FAULT_INJECTION: forcing a failure.
[  606.543120][T10717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  606.610628][T10717] CPU: 0 UID: 0 PID: 10717 Comm: syz.0.1353 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  606.610657][T10717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  606.610670][T10717] Call Trace:
[  606.610678][T10717]  <TASK>
[  606.610687][T10717]  dump_stack_lvl+0x189/0x250
[  606.610725][T10717]  ? __pfx____ratelimit+0x10/0x10
[  606.610758][T10717]  ? __pfx_dump_stack_lvl+0x10/0x10
[  606.610787][T10717]  ? __pfx__printk+0x10/0x10
[  606.610807][T10717]  ? __might_fault+0xb0/0x130
[  606.610850][T10717]  should_fail_ex+0x414/0x560
[  606.610878][T10717]  _copy_from_user+0x2d/0xb0
[  606.610907][T10717]  ___sys_sendmsg+0x158/0x2a0
[  606.610940][T10717]  ? __pfx____sys_sendmsg+0x10/0x10
[  606.611008][T10717]  ? __fget_files+0x2a/0x420
[  606.611027][T10717]  ? __fget_files+0x3a0/0x420
[  606.611057][T10717]  __x64_sys_sendmsg+0x19b/0x260
[  606.611088][T10717]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  606.611126][T10717]  ? __pfx_ksys_write+0x10/0x10
[  606.611152][T10717]  ? rcu_is_watching+0x15/0xb0
[  606.611195][T10717]  ? do_syscall_64+0xbe/0x3b0
[  606.611220][T10717]  do_syscall_64+0xfa/0x3b0
[  606.611239][T10717]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.611258][T10717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.611277][T10717]  ? clear_bhb_loop+0x60/0xb0
[  606.611301][T10717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.611319][T10717] RIP: 0033:0x7f531598e969
[  606.611336][T10717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.611353][T10717] RSP: 002b:00007f53168a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  606.611375][T10717] RAX: ffffffffffffffda RBX: 00007f5315bb5fa0 RCX: 00007f531598e969
[  606.611389][T10717] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  606.611402][T10717] RBP: 00007f53168a4090 R08: 0000000000000000 R09: 0000000000000000
[  606.611414][T10717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  606.611426][T10717] R13: 0000000000000000 R14: 00007f5315bb5fa0 R15: 00007fffbf6cdcf8
[  606.611457][T10717]  </TASK>
[  606.818771][    C0] vkms_vblank_simulate: vblank timer overrun
[  607.085310][ T5878] usb 4-1: GET_CAPABILITIES returned 0
[  607.123536][ T5878] usbtmc 4-1:16.0: can't read capabilities
[  607.657667][T10703] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1347'.
[  607.725717][T10703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1347'.
[  608.536946][ T5879] usb 4-1: USB disconnect, device number 40
[  609.268682][T10746] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1360'.
[  609.301295][T10743] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1359'.
[  610.157723][T10754] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1363'.
[  610.551338][T10762] netlink: 'syz.2.1366': attribute type 5 has an invalid length.
[  610.624813][T10762] netlink: 'syz.2.1366': attribute type 7 has an invalid length.
[  612.116357][T10762] : entered promiscuous mode
[  612.281353][T10767] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1367'.
[  618.748112][T10834] netlink: 'syz.4.1383': attribute type 21 has an invalid length.
[  618.758275][T10834] netlink: 'syz.4.1383': attribute type 1 has an invalid length.
[  618.773395][T10834] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1383'.
[  618.821937][T10834] 9pnet_fd: Insufficient options for proto=fd
[  618.945457][T10838] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1382'.
[  619.486578][ T5879] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  619.664034][ T5879] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  619.686315][ T5879] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  619.705206][ T5879] usb 1-1: Product: syz
[  619.724329][ T5879] usb 1-1: Manufacturer: syz
[  619.789404][ T5879] usb 1-1: SerialNumber: syz
[  619.797706][ T5879] usb 1-1: config 0 descriptor??
[  620.359849][ T5879] hso 1-1:0.0: Failed to find BULK IN ep
[  620.388183][ T5879] usb-storage 1-1:0.0: USB Mass Storage device detected
[  620.851215][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  620.851233][   T30] audit: type=1326 audit(1748766345.535:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  620.955140][   T30] audit: type=1326 audit(1748766345.585:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  620.976778][   T10] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  620.986618][T10842] fuse: Bad value for 'user_id'
[  621.020574][   T30] audit: type=1326 audit(1748766345.585:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.060468][T10842] fuse: Bad value for 'user_id'
[  621.063757][T10869] 9pnet_fd: Insufficient options for proto=fd
[  621.087211][ T5877] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  621.117519][  T977] usb 1-1: USB disconnect, device number 48
[  621.171935][   T30] audit: type=1326 audit(1748766345.585:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.205147][   T10] usb 3-1: config 6 has an invalid interface number: 57 but max is 0
[  621.223221][   T10] usb 3-1: config 6 has no interface number 0
[  621.265939][   T10] usb 3-1: config 6 interface 57 has no altsetting 0
[  621.378088][ T5877] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  621.386644][   T30] audit: type=1326 audit(1748766345.585:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.424842][T10875] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1390'.
[  621.522361][   T30] audit: type=1326 audit(1748766345.585:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.526723][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.546826][   T30] audit: type=1326 audit(1748766345.585:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.557365][   T10] usb 3-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 0.00
[  621.882401][   T30] audit: type=1326 audit(1748766345.585:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.886873][ T5877] usb 4-1: Product: syz
[  621.912548][   T30] audit: type=1326 audit(1748766345.585:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  621.916516][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.988495][ T5877] usb 4-1: Manufacturer: syz
[  621.993167][ T5877] usb 4-1: SerialNumber: syz
[  622.009934][   T10] usb 3-1: Product: syz
[  622.022095][   T10] usb 3-1: Manufacturer: syz
[  622.033746][   T30] audit: type=1326 audit(1748766345.585:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10860 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc81d32ab39 code=0x7ffc0000
[  622.035278][ T5877] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  622.077298][   T10] usb 3-1: SerialNumber: syz
[  622.108111][  T977] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  622.348753][   T10] usb-storage 3-1:6.57: USB Mass Storage device detected
[  622.531927][   T10] usb 3-1: USB disconnect, device number 44
[  623.006492][ T5879] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  623.207017][  T977] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  623.388423][  T977] ath9k_htc: Failed to initialize the device
[  623.579308][T10478] usb 4-1: USB disconnect, device number 41
[  623.639741][T10478] usb 4-1: ath9k_htc: USB layer deinitialized
[  623.699012][ T5879] usb 5-1: Using ep0 maxpacket: 16
[  623.763314][ T5879] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  623.796482][ T5879] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  623.856482][ T5879] usb 5-1: config 0 has no interface number 0
[  623.871428][ T5879] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  623.891051][ T5879] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.917760][T10903] FAULT_INJECTION: forcing a failure.
[  623.917760][T10903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  623.941664][ T5879] usb 5-1: Product: syz
[  623.945902][ T5879] usb 5-1: Manufacturer: syz
[  623.956540][ T5879] usb 5-1: SerialNumber: syz
[  623.965922][ T5879] usb 5-1: config 0 descriptor??
[  623.966566][T10903] CPU: 0 UID: 0 PID: 10903 Comm: syz.1.1396 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  623.966595][T10903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  623.966609][T10903] Call Trace:
[  623.966618][T10903]  <TASK>
[  623.966628][T10903]  dump_stack_lvl+0x189/0x250
[  623.966666][T10903]  ? __pfx____ratelimit+0x10/0x10
[  623.966701][T10903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  623.966731][T10903]  ? __pfx__printk+0x10/0x10
[  623.966753][T10903]  ? __might_fault+0xb0/0x130
[  623.966799][T10903]  should_fail_ex+0x414/0x560
[  623.966829][T10903]  _copy_to_iter+0x1db/0x16f0
[  623.966867][T10903]  ? __pfx_call_rcu+0x10/0x10
[  623.966894][T10903]  ? __pfx__copy_to_iter+0x10/0x10
[  623.966918][T10903]  ? _raw_spin_lock_irq+0xae/0xf0
[  623.966959][T10903]  ? _raw_spin_unlock_irq+0x23/0x50
[  623.966990][T10903]  ? lockdep_hardirqs_on+0x9c/0x150
[  623.967014][T10903]  seq_read_iter+0xbeb/0xe10
[  623.967065][T10903]  proc_reg_read_iter+0x1b7/0x280
[  623.967096][T10903]  do_iter_readv_writev+0x518/0x6e0
[  623.967132][T10903]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  623.967176][T10903]  ? rw_verify_area+0x258/0x650
[  623.967210][T10903]  vfs_readv+0x253/0x850
[  623.967239][T10903]  ? __pfx_vfs_readv+0x10/0x10
[  623.967278][T10903]  ? __fget_files+0x2a/0x420
[  623.967305][T10903]  ? __fget_files+0x3a0/0x420
[  623.967323][T10903]  ? __fget_files+0x2a/0x420
[  623.967354][T10903]  __x64_sys_preadv+0x197/0x2a0
[  623.967391][T10903]  ? __pfx___x64_sys_preadv+0x10/0x10
[  623.967421][T10903]  ? rcu_is_watching+0x15/0xb0
[  623.967459][T10903]  ? do_syscall_64+0xbe/0x3b0
[  623.967487][T10903]  do_syscall_64+0xfa/0x3b0
[  623.967508][T10903]  ? lockdep_hardirqs_on+0x9c/0x150
[  623.967527][T10903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.967549][T10903]  ? clear_bhb_loop+0x60/0xb0
[  623.967575][T10903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.967596][T10903] RIP: 0033:0x7f30fdb8e969
[  623.967617][T10903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.967635][T10903] RSP: 002b:00007f30fe957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  623.967659][T10903] RAX: ffffffffffffffda RBX: 00007f30fddb5fa0 RCX: 00007f30fdb8e969
[  623.967676][T10903] RDX: 0000000000000001 RSI: 0000200000004ec0 RDI: 0000000000000006
[  623.967690][T10903] RBP: 00007f30fe957090 R08: 0000000000000000 R09: 0000000000000000
[  623.967702][T10903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.967714][T10903] R13: 0000000000000000 R14: 00007f30fddb5fa0 R15: 00007ffc97955e68
[  623.967749][T10903]  </TASK>
[  624.086572][ T5877] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  624.194827][ T5879] usb 5-1: Found UVC 0.00 device syz (046d:08f3)
[  624.313376][ T5879] usb 5-1: No valid video chain found.
[  624.462657][  T977] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  624.520048][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.789395][   T10] usb 5-1: USB disconnect, device number 38
[  624.801713][  T977] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  624.816672][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.840154][  T977] usb 1-1: config 0 descriptor??
[  624.846700][ T5877] usb 3-1: Using ep0 maxpacket: 32
[  624.865932][ T5877] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  624.877727][ T5877] usb 3-1: config 0 has no interface number 0
[  624.911376][  T977] gspca_main: cpia1-2.14.0 probing 0813:0001
[  624.923728][ T5877] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  624.936543][ T5877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  624.949723][ T5877] usb 3-1: Product: syz
[  624.956252][ T5877] usb 3-1: Manufacturer: syz
[  624.963962][ T5877] usb 3-1: SerialNumber: syz
[  624.972930][ T5877] usb 3-1: config 0 descriptor??
[  624.984463][ T5877] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  625.012197][ T5877] usb 3-1: selecting invalid altsetting 1
[  625.022198][ T5877] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  625.051114][ T5877] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  625.131593][ T5877] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  625.162894][ T5877] usb 3-1: media controller created
[  625.338418][  T977] gspca_cpia1: usb_control_msg 03, error -71
[  625.356673][T10911] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1399'.
[  625.370201][  T977] gspca_cpia1: usb_control_msg 01, error -71
[  625.452002][T10915] rdma_op ffff8880241ba9f0 conn xmit_rdma 0000000000000000
[  625.478863][T10915] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[10915]
[  625.497033][T10915] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1400'.
[  625.866672][ T5879] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  626.013045][  T977] cpia1 1-1:0.0: only firmware version 1 is supported (got: 0)
[  626.021852][ T5877] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  626.035986][  T977] usb 1-1: USB disconnect, device number 49
[  626.233298][ T5879] usb 2-1: too many configurations: 69, using maximum allowed: 8
[  626.261018][ T5879] usb 2-1: unable to read config index 0 descriptor/start: -61
[  626.478955][ T5877] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  627.415034][ T5879] usb 2-1: can't read configurations, error -61
[  627.556548][ T5879] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  627.716816][ T5877] usb 3-1: USB disconnect, device number 45
[  628.001804][ T5879] usb 2-1: too many configurations: 69, using maximum allowed: 8
[  628.066814][ T5879] usb 2-1: unable to read config index 0 descriptor/start: -61
[  628.111346][ T5879] usb 2-1: can't read configurations, error -61
[  628.115530][T10935] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1403'.
[  628.262626][ T5879] usb usb2-port1: attempt power cycle
[  630.536612][T10957] netlink: 'syz.4.1411': attribute type 2 has an invalid length.
[  630.720095][T10959] netlink: 'syz.4.1412': attribute type 2 has an invalid length.
[  630.911313][T10961] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1414'.
[  631.055218][T10961] bond1: entered promiscuous mode
[  631.106529][T10961] bond1: entered allmulticast mode
[  631.256624][ T5879] usb 4-1: new low-speed USB device number 42 using dummy_hcd
[  632.229609][T10974] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1417'.
[  632.297027][ T5879] usb 4-1: string descriptor 0 read error: -22
[  632.303294][ T5879] usb 4-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  632.323677][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.357506][ T5879] usb 4-1: config 0 descriptor??
[  632.417144][ T5879] usbtest 4-1:0.0: FX2 device
[  632.464964][ T5879] usbtest 4-1:0.0: low-speed {control intr-in intr-out} tests (+alt)
[  632.478336][T10974] bond1: entered promiscuous mode
[  632.483396][T10974] bond1: entered allmulticast mode
[  632.535173][T10978] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  632.586948][T10978] bond1: (slave vcan1): Error -95 calling set_mac_address
[  632.650176][T10964] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1413'.
[  636.877145][ T5879] usb 4-1: USB disconnect, device number 42
[  637.119409][T10478] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  637.135202][T11001] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1425'.
[  637.155686][T11002] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1423'.
[  637.265022][T11001] bond4: entered promiscuous mode
[  637.273149][T11001] bond4: entered allmulticast mode
[  637.356838][T10478] usb 3-1: Using ep0 maxpacket: 8
[  637.377487][T10478] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  637.399999][T10478] usb 3-1: config 0 has no interface number 0
[  637.432566][T10478] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  637.484102][T10478] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  637.503476][T10478] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  637.515483][T10478] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  637.530311][ T5879] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  637.552646][T10478] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  637.562721][T10478] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.631523][T10478] usb 3-1: config 0 descriptor??
[  637.702737][ T5879] usb 4-1: Using ep0 maxpacket: 8
[  637.738478][T10478] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  637.791933][ T5879] usb 4-1: config index 0 descriptor too short (expected 73, got 26)
[  637.845453][ T5879] usb 4-1: config 5 has an invalid interface number: 35 but max is 1
[  637.866309][ T5879] usb 4-1: config 5 has an invalid descriptor of length 10, skipping remainder of the config
[  637.904035][ T5879] usb 4-1: config 5 has 1 interface, different from the descriptor's value: 2
[  637.948187][ T5879] usb 4-1: config 5 has no interface number 0
[  637.963247][ T5877] usb 3-1: USB disconnect, device number 46
[  637.976934][ T5879] usb 4-1: config 5 interface 35 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  638.031226][ T5879] usb 4-1: config 5 interface 35 has no altsetting 0
[  638.032151][ T5877] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  638.075022][ T5879] usb 4-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=d4.1b
[  638.115551][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.522362][ T5879] usb 4-1: Product: syz
[  639.538032][ T5879] usb 4-1: Manufacturer: syz
[  639.569855][ T5879] usb 4-1: SerialNumber: syz
[  642.409238][ T5930] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  642.594597][ T5930] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  642.624544][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  642.633771][ T5877] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  642.661735][ T5930] usb 5-1: Product: syz
[  642.664248][ T5879] ttusbir 4-1:5.35: cannot find expected altsetting
[  642.673105][ T5930] usb 5-1: Manufacturer: syz
[  642.837086][ T5930] usb 5-1: SerialNumber: syz
[  642.864152][ T5930] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  642.886717][ T5879] usb 4-1: USB disconnect, device number 43
[  643.649729][  T977] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  643.710410][ T5877] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  643.742331][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  643.757198][ T5877] usb 2-1: Product: syz
[  643.785183][ T5877] usb 2-1: Manufacturer: syz
[  643.790972][ T5877] usb 2-1: SerialNumber: syz
[  644.398512][ T5877] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  644.457049][ T5930] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  644.573749][T11061] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  644.587253][T11061] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  644.642557][ T5879] usb 5-1: USB disconnect, device number 39
[  644.882790][  T977] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  644.893846][  T977] ath9k_htc: Failed to initialize the device
[  644.912058][ T5879] usb 5-1: ath9k_htc: USB layer deinitialized
[  645.132643][T11053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  645.168196][T11053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  645.371922][   T24] usb 2-1: USB disconnect, device number 37
[  645.517238][ T5930] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  645.567499][ T5930] ath9k_htc: Failed to initialize the device
[  645.732555][   T24] usb 2-1: ath9k_htc: USB layer deinitialized
[  645.839445][T11068] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1444'.
[  646.167066][ T1043] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  646.870866][ T1043] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.119120][ T1043] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.621093][ T1043] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.315178][T11083] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  648.325015][T11083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  648.333406][T11083] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  648.342067][T11083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  648.349901][T11083] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  648.523036][ T1043] bridge_slave_1: left allmulticast mode
[  648.538243][ T1043] bridge_slave_1: left promiscuous mode
[  648.545824][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  648.595946][ T1043] bridge_slave_0: left allmulticast mode
[  648.608301][ T1043] bridge_slave_0: left promiscuous mode
[  648.614127][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  648.756599][  T977] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  649.253821][  T977] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  649.272481][  T977] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  649.308004][  T977] usb 5-1: Product: syz
[  649.312870][  T977] usb 5-1: Manufacturer: syz
[  649.330157][  T977] usb 5-1: SerialNumber: syz
[  649.413835][  T977] usb 5-1: config 0 descriptor??
[  649.797360][  T977] hso 5-1:0.0: Failed to find BULK IN ep
[  649.865638][  T977] usb-storage 5-1:0.0: USB Mass Storage device detected
[  650.047543][T11087] fuse: Bad value for 'user_id'
[  650.080808][T11087] fuse: Bad value for 'user_id'
[  650.125574][T11087] 9pnet_fd: Insufficient options for proto=fd
[  650.278348][  T977] usb 5-1: USB disconnect, device number 40
[  650.396502][   T51] Bluetooth: hci0: command tx timeout
[  650.689751][ T1043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  650.716752][ T1043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  650.761795][ T1043] bond0 (unregistering): Released all slaves
[  650.845062][T11090] netlink: 'syz.1.1452': attribute type 29 has an invalid length.
[  652.480257][   T51] Bluetooth: hci0: command tx timeout
[  654.607819][   T51] Bluetooth: hci0: command tx timeout
[  654.785156][  T977] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  655.086814][  T977] usb 2-1: Using ep0 maxpacket: 8
[  655.518656][  T977] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  655.549237][T11080] chnl_net:caif_netlink_parms(): no params data found
[  655.556343][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  655.586507][  T977] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  655.616559][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  655.676772][ T1043] hsr_slave_0: left promiscuous mode
[  655.691251][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  655.784743][  T977] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  655.837199][ T1043] hsr_slave_1: left promiscuous mode
[  655.843464][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  656.010712][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  656.031262][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  656.041379][  T977] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  656.710505][   T51] Bluetooth: hci0: command tx timeout
[  656.716025][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  656.727349][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  656.773018][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  656.806536][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  656.811898][  T977] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  656.822338][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  656.837178][  T977] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  656.851412][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  656.882603][  T977] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  656.902583][  T977] usb 2-1: string descriptor 0 read error: -22
[  657.048973][  T977] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  657.069837][  T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.096932][  T977] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  658.234138][ T5879] usb 2-1: USB disconnect, device number 38
[  658.669720][T11172] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1470'.
[  660.299575][ T1043] team0 (unregistering): Port device team_slave_1 removed
[  660.425426][ T1043] team0 (unregistering): Port device team_slave_0 removed
[  661.270671][T11158] smc: net device bond0 applied user defined pnetid SYZ0
[  663.438625][T11080] bridge0: port 1(bridge_slave_0) entered blocking state
[  663.482141][T11080] bridge0: port 1(bridge_slave_0) entered disabled state
[  663.514334][T11080] bridge_slave_0: entered allmulticast mode
[  663.558914][T11080] bridge_slave_0: entered promiscuous mode
[  663.597776][T11080] bridge0: port 2(bridge_slave_1) entered blocking state
[  663.635376][T11080] bridge0: port 2(bridge_slave_1) entered disabled state
[  663.922517][T11080] bridge_slave_1: entered allmulticast mode
[  664.775622][T11213] serio: Serial port ptm0
[  664.831848][T11080] bridge_slave_1: entered promiscuous mode
[  665.470659][T11223] ptrace attach of "./syz-executor exec"[5835] was attempted by ""[11223]
[  666.055583][T11215] geneve2: entered promiscuous mode
[  666.060972][T11215] geneve2: entered allmulticast mode
[  666.254480][T11080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  666.391132][T11080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  666.961250][ T5877] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  667.135935][ T5877] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  667.278110][T11080] team0: Port device team_slave_0 added
[  667.328384][T11080] team0: Port device team_slave_1 added
[  667.435876][T11248] Bluetooth: MGMT ver 1.23
[  667.687851][T11241] fido_id[11241]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  668.486471][ T5886] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  668.746198][ T5886] usb 1-1: Using ep0 maxpacket: 8
[  669.497935][T11267] input: syz1 as /devices/virtual/input/input46
[  669.523763][ T5886] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 17
[  669.548027][ T5886] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07
[  669.557424][ T5886] usb 1-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60
[  669.565987][ T5886] usb 1-1: Product: syz
[  669.572393][ T5886] usb 1-1: Manufacturer: syz
[  669.578403][ T5886] usb 1-1: SerialNumber: syz
[  669.697139][T11080] batman_adv: batadv0: Adding interface: batadv_slave_0
[  669.765660][ T5886] usb 1-1: config 0 descriptor??
[  669.787026][T11080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  669.829694][T11080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  669.907315][T11080] batman_adv: batadv0: Adding interface: batadv_slave_1
[  669.914572][T11080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  670.014100][ T5886] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  670.038747][T11080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  670.884180][T11080] hsr_slave_0: entered promiscuous mode
[  670.891234][T11080] hsr_slave_1: entered promiscuous mode
[  670.899515][T11080] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  670.909556][T11080] Cannot create hsr debugfs directory
[  671.537469][ T5886] gspca_sunplus: reg_w_riv err -110
[  671.796848][ T5886] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[  672.089773][ T5886] usb 1-1: USB disconnect, device number 50
[  674.092400][T11304] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1499'.
[  674.119487][T11080] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  674.343259][T11080] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  674.435058][T11080] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  674.555898][T11080] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  675.442591][T11080] 8021q: adding VLAN 0 to HW filter on device bond0
[  675.553890][T11080] 8021q: adding VLAN 0 to HW filter on device team0
[  675.629609][ T6784] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.636837][ T6784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  676.349677][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state
[  676.356898][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  678.181759][T11354] fuse: Bad value for 'fd'
[  680.139306][T11080] 8021q: adding VLAN 0 to HW filter on device batadv0
[  680.377034][T11387] Invalid ELF header type: 0 != 1
[  682.146840][T11394] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  682.172241][T11394] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  682.251631][T11394] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  682.999445][T11080] veth0_vlan: entered promiscuous mode
[  683.168833][T11080] veth1_vlan: entered promiscuous mode
[  684.156545][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  684.177094][T11080] veth0_macvtap: entered promiscuous mode
[  684.472072][T11080] veth1_macvtap: entered promiscuous mode
[  684.787700][T11080] batman_adv: batadv0: Interface activated: batadv_slave_0
[  684.812411][T11080] batman_adv: batadv0: Interface activated: batadv_slave_1
[  684.820267][T11426] input: syz0 as /devices/virtual/input/input48
[  684.842700][T11080] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  684.854781][T11080] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  684.871075][T11080] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  684.880655][T11080] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  685.567337][ T5879] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  685.847087][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  685.877934][ T5879] usb 3-1: Using ep0 maxpacket: 32
[  686.236496][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  686.649585][ T5879] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  686.658076][ T5879] usb 3-1: config 0 has no interface number 0
[  686.670477][ T5879] usb 3-1: config 0 interface 184 has no altsetting 0
[  686.699414][ T5879] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  686.996467][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.395044][T11451] overlayfs: overlapping lowerdir path
[  687.510931][T11452] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  688.012132][ T5879] usb 3-1: Product: syz
[  688.092498][ T5879] usb 3-1: Manufacturer: syz
[  688.324960][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  688.401012][ T5879] usb 3-1: SerialNumber: syz
[  688.435705][ T6784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.473977][ T5879] usb 3-1: config 0 descriptor??
[  688.499407][ T6784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.524165][ T5879] smsc75xx v1.0.0
[  688.658741][ T8193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.727452][ T5879] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  688.756616][ T8193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.826700][ T5879] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  688.921168][ T5879] usb 3-1: USB disconnect, device number 47
[  689.267978][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1447'.
[  689.296889][ T5878] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  689.346262][T11465] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1447'.
[  689.470240][ T5878] usb 5-1: Using ep0 maxpacket: 16
[  689.482841][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  689.555651][ T5878] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  689.598286][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  689.612438][ T5878] usb 5-1: Product: syz
[  689.618116][ T5878] usb 5-1: Manufacturer: syz
[  689.622861][ T5878] usb 5-1: SerialNumber: syz
[  689.644835][ T5878] usb 5-1: config 0 descriptor??
[  689.673215][ T5878] hub 5-1:0.0: bad descriptor, ignoring hub
[  689.710668][ T5878] hub 5-1:0.0: probe with driver hub failed with error -5
[  689.733566][ T5878] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input49
[  690.463278][T11458] overlayfs: failed to resolve './file0': -2
[  691.300349][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  691.300367][   T30] audit: type=1326 audit(1748766415.985:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  691.426615][   T30] audit: type=1326 audit(1748766415.985:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  691.448219][    C0] vkms_vblank_simulate: vblank timer overrun
[  691.468943][   T30] audit: type=1326 audit(1748766416.025:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  691.677731][   T30] audit: type=1326 audit(1748766416.025:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  691.699383][    C0] vkms_vblank_simulate: vblank timer overrun
[  691.707334][   T30] audit: type=1326 audit(1748766416.035:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  691.728894][    C0] vkms_vblank_simulate: vblank timer overrun
[  692.502267][   T30] audit: type=1326 audit(1748766416.035:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  692.528894][   T30] audit: type=1326 audit(1748766416.035:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  692.584359][   T30] audit: type=1326 audit(1748766416.035:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  693.737845][   T30] audit: type=1326 audit(1748766416.035:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  694.589460][   T30] audit: type=1326 audit(1748766416.035:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  694.611124][    C0] vkms_vblank_simulate: vblank timer overrun
[  694.761688][T11507] netlink: 'syz.1.1534': attribute type 10 has an invalid length.
[  694.770352][T11507] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1534'.
[  694.820693][T11508] CUSE: unknown device info "˙
"
[  694.825707][T11508] CUSE: zero length info key specified
[  696.677093][   T30] audit: type=1326 audit(1748766416.035:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  696.703657][   T30] audit: type=1326 audit(1748766416.035:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  696.951631][   T30] audit: type=1326 audit(1748766416.035:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  696.974951][   T30] audit: type=1326 audit(1748766416.035:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  697.661431][   T30] audit: type=1326 audit(1748766416.035:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  697.697693][T11507] team0: Port device geneve0 added
[  697.714012][   T30] audit: type=1326 audit(1748766416.035:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  697.761902][   T30] audit: type=1326 audit(1748766416.035:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  697.803219][   T30] audit: type=1326 audit(1748766416.035:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  698.057665][   T30] audit: type=1326 audit(1748766416.055:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  698.283532][   T30] audit: type=1326 audit(1748766416.135:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81d38e969 code=0x7ffc0000
[  698.414479][T11530] hub 8-0:1.0: USB hub found
[  698.422616][T11530] hub 8-0:1.0: 1 port detected
[  701.258406][T11527] kvm: kvm [11521]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1a1000075f7
[  701.346601][T11527] kvm: kvm [11521]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x1a1000035f7
[  701.394113][T11527] kvm: kvm [11521]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x1ed00005900
[  701.757028][ T5886] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  701.803993][T11527] kvm: kvm [11521]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x1ed00001900
[  702.015345][ T5886] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  702.065236][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  702.119396][ T5886] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  702.146451][ T5886] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  702.184980][ T5886] usb 3-1: Manufacturer: syz
[  702.210783][ T5886] usb 3-1: config 0 descriptor??
[  703.257047][T11578] Bluetooth: MGMT ver 1.23
[  703.436872][ T5886] rc_core: IR keymap rc-hauppauge not found
[  703.442873][ T5886] Registered IR keymap rc-empty
[  703.491763][ T5886] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  703.576664][ T5886] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input50
[  703.680313][ T5878] usb 5-1: USB disconnect, device number 41
[  704.166719][    C1] igorplugusb 3-1:0.0: Error: urb status = -32
[  704.174770][    C1] igorplugusb 3-1:0.0: Error: urb status = -32
[  704.469172][T10478] usb 3-1: USB disconnect, device number 48
[  704.578500][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  706.091406][T11609] ptrace attach of "./syz-executor exec"[11610] was attempted by "./syz-executor exec"[11609]
[  708.377570][T11601] syz.1.1557 (11601): drop_caches: 2
[  708.403299][T11601] syz.1.1557 (11601): drop_caches: 2
[  712.782349][ T5886] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  713.104054][ T5886] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  713.117101][ T5886] usb 6-1: config 0 has no interface number 0
[  713.285905][ T5886] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  713.311803][ T5886] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  713.367478][  T977] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  713.431490][T11658] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  714.006511][ T5886] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  714.025889][ T5886] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.037098][ T5886] usb 6-1: config 0 descriptor??
[  714.043853][T11643] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  714.061796][ T5886] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  714.220210][  T977] usb 1-1: Using ep0 maxpacket: 16
[  714.243602][  T977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  714.255139][  T977] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  714.284356][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.328377][  T977] usb 1-1: config 0 descriptor??
[  714.335671][ T5886] usb 6-1: USB disconnect, device number 2
[  714.806715][T11671] IPv6: sit1: Disabled Multicast RS
[  714.820437][T11671] sit1: entered allmulticast mode
[  715.610731][  T977] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0
[  715.619180][  T977] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0
[  715.626276][  T977] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0
[  715.634995][  T977] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0
[  715.642390][  T977] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0
[  715.688179][  T977] mcp2221 0003:04D8:00DD.0009: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  716.381814][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  716.381833][   T30] audit: type=1326 audit(1748766441.045:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  716.469129][T11679] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  716.678352][   T30] audit: type=1326 audit(1748766441.045:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  717.369060][   T30] audit: type=1326 audit(1748766441.155:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  717.474928][ T5878] usb 1-1: USB disconnect, device number 51
[  717.665971][   T30] audit: type=1326 audit(1748766441.155:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  718.469234][   T30] audit: type=1326 audit(1748766441.155:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  718.593755][   T30] audit: type=1326 audit(1748766441.155:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  719.238404][   T30] audit: type=1326 audit(1748766441.155:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  719.261323][   T30] audit: type=1326 audit(1748766441.155:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  719.283453][   T30] audit: type=1326 audit(1748766441.155:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  719.623804][   T30] audit: type=1326 audit(1748766441.155:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.1.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  720.181105][   T51] Bluetooth: hci0: unexpected event for opcode 0x080d
[  720.382983][ T5886] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  720.986507][ T5886] usb 3-1: Using ep0 maxpacket: 8
[  721.135631][ T5886] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  721.145311][ T5886] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  721.155881][ T5886] usb 3-1: config 0 has no interface number 0
[  721.165639][ T5886] usb 3-1: config 0 interface 122 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[  721.194479][ T5886] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  721.232771][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.298346][ T5886] usb 3-1: Product: syz
[  721.332169][ T5886] usb 3-1: Manufacturer: syz
[  721.353028][ T5886] usb 3-1: SerialNumber: syz
[  721.377547][ T5886] usb 3-1: config 0 descriptor??
[  721.636979][ T5886] usb 3-1: NFC: intf ffff888011e58000 id ffffffff8eb3e480
[  721.679715][ T5886] usb 3-1: USB disconnect, device number 49
[  723.912767][T11740] tmpfs: Bad value for 'mpol'
[  725.146530][T10478] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  725.478110][T10478] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  725.489548][T10478] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  725.516412][T10478] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  725.529734][T10478] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  725.551538][T10478] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.292883][T10478] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  726.329316][T11790] hfs: unable to load iocharset "io#harset"
[  726.418316][T11792] netlink: 'syz.0.1604': attribute type 10 has an invalid length.
[  726.426291][T11792] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1604'.
[  726.502752][T10478] usb 2-1: invalid MIDI out EP 0
[  726.666783][T11792] team0: Port device geneve0 added
[  728.176866][   T43] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  728.592591][   T43] usb 6-1: Using ep0 maxpacket: 32
[  728.820875][   T43] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  729.022174][   T43] usb 6-1: config 0 has no interface number 0
[  729.208509][   T43] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  729.390352][T10478] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[  729.422099][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.639620][   T43] usb 6-1: Product: syz
[  729.643851][   T43] usb 6-1: Manufacturer: syz
[  729.649932][T10478] usb 2-1: USB disconnect, device number 39
[  729.663463][   T43] usb 6-1: SerialNumber: syz
[  730.466932][   T43] usb 6-1: config 0 descriptor??
[  730.475871][   T43] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  731.121948][   T43] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  731.127002][T11805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  731.293699][   T43] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  731.349674][T11805] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  734.574548][    C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  734.796030][  T977] usb 6-1: USB disconnect, device number 3
[  735.477578][  T977] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  736.337173][  T977] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  736.419628][  T977] quatech2 6-1:0.51: device disconnected
[  737.019310][T11866] ubi31: attaching mtd0
[  737.057166][T11875] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1620'.
[  737.863936][   T30] kauditd_printk_skb: 40 callbacks suppressed
[  737.863976][   T30] audit: type=1800 audit(1748766462.545:198): pid=11887 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1623" name="[kvm-gmem]" dev="anon_inodefs" ino=30885 res=0 errno=0
[  738.860013][T11902] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1630'.
[  738.946594][ T2097] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[  740.279770][ T2097] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  740.289083][ T2097] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  740.300438][ T2097] usb 3-1: config 0 descriptor??
[  740.308861][ T2097] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  740.598182][ T2097] usb 3-1: Detected FT232B
[  741.142382][ T2097] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  741.347139][ T2097] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  741.413617][ T2097] usb 3-1: USB disconnect, device number 50
[  741.478087][ T2097] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  741.507131][ T2097] ftdi_sio 3-1:0.0: device disconnected
[  741.626570][   T10] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  742.231734][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  742.260071][   T10] usb 2-1: unable to read config index 0 descriptor/start: -71
[  742.296745][   T10] usb 2-1: can't read configurations, error -71
[  742.631574][ T5879] IPVS: starting estimator thread 0...
[  742.767829][T11947] IPVS: using max 38 ests per chain, 91200 per kthread
[  744.282171][T11972] Invalid ELF header type: 0 != 1
[  747.601091][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  748.237516][T11992] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1653'.
[  748.675384][T12007] netlink: 'syz.2.1659': attribute type 1 has an invalid length.
[  749.296543][ T5879] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  749.297304][T12012] bond3: entered promiscuous mode
[  749.387086][T12012] 8021q: adding VLAN 0 to HW filter on device bond3
[  749.464848][T12012] bond2: (slave bond3): making interface the new active one
[  749.474945][T12012] bond2: (slave bond3): Enslaving as an active interface with an up link
[  749.622027][ T5879] usb 5-1: Using ep0 maxpacket: 32
[  749.648344][ T5879] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  749.686930][ T5879] usb 5-1: config 0 has no interface number 0
[  749.706724][ T5879] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  749.751837][ T5879] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.810228][ T5879] usb 5-1: Product: syz
[  749.845052][ T5879] usb 5-1: Manufacturer: syz
[  749.866177][ T5879] usb 5-1: SerialNumber: syz
[  749.898052][ T5879] usb 5-1: config 0 descriptor??
[  749.919285][ T5879] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  750.197889][ T5879] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  750.295946][T12030] Invalid ELF header type: 0 != 1
[  750.811530][T12017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  750.842459][ T5879] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  750.852966][T12017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  751.617274][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  751.627390][ T5879] usb 5-1: USB disconnect, device number 42
[  751.664798][ T5879] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  751.742885][T12038] netlink: 'syz.0.1665': attribute type 1 has an invalid length.
[  751.833135][ T5879] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  752.672508][ T5879] quatech2 5-1:0.51: device disconnected
[  753.805592][T12038] 8021q: adding VLAN 0 to HW filter on device bond2
[  753.910811][T12049] bond2: (slave veth0_to_bond): making interface the new active one
[  753.973594][T12049] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  754.213621][T12052] vlan2: entered allmulticast mode
[  754.226736][T12052] veth1: entered allmulticast mode
[  754.233781][T12052] veth1: entered promiscuous mode
[  754.244900][T12052] veth1: left promiscuous mode
[  754.421055][T12052] bond2: (slave vlan2): Enslaving as an active interface with an up link
[  754.460206][T12080] input: syz1 as /devices/virtual/input/input51
[  756.260264][T12091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1675'.
[  756.274748][T12087] Invalid ELF header type: 0 != 1
[  757.176855][   T30] audit: type=1326 audit(1748766481.865:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12089 comm="syz.5.1677" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e5758e969 code=0x0
[  757.235569][T12095] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  757.242214][T12095] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  757.287779][T12095] vhci_hcd vhci_hcd.0: Device attached
[  757.455739][T12099] vhci_hcd: connection closed
[  757.467154][ T2972] vhci_hcd: stop threads
[  757.754060][ T2972] vhci_hcd: release socket
[  757.904292][   T10] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  758.092638][ T5878] vhci_hcd: vhci_device speed not set
[  758.187320][ T5878] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[  758.259656][ T2972] vhci_hcd: disconnect device
[  758.390459][ T5878] usb 43-1: enqueue for inactive port 0
[  758.398205][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  758.407418][   T10] usb 2-1: unable to read config index 0 descriptor/start: -71
[  758.415123][   T10] usb 2-1: can't read configurations, error -71
[  758.482324][ T5878] vhci_hcd: vhci_device speed not set
[  766.207209][T12210] block nbd0: shutting down sockets
[  768.657882][T12236] hugetlbfs: Unknown parameter 'nrGs'
[  768.903198][T12257] fuse: Unknown parameter 'fd0x0000000000000003'
[  769.036437][ T5886] usb 3-1: new full-speed USB device number 51 using dummy_hcd
[  769.046902][ T5878] usb 5-1: new full-speed USB device number 43 using dummy_hcd
[  769.232143][ T5878] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  769.262330][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  769.268696][ T5886] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  769.340707][ T5886] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  769.363051][ T5886] usb 3-1: config 0 has no interface number 0
[  769.399457][ T5886] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  769.429418][ T5878] usb 5-1: config 0 descriptor??
[  770.048996][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.095901][ T5886] usb 3-1: Product: syz
[  770.528405][ T5878] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  770.532262][ T5886] usb 3-1: Manufacturer: syz
[  770.532282][ T5886] usb 3-1: SerialNumber: syz
[  770.573724][ T5878] usb 5-1: Detected FT232B
[  770.597654][ T5886] usb 3-1: config 0 descriptor??
[  770.663888][ T5886] usb 3-1: can't set config #0, error -71
[  770.713593][ T5886] usb 3-1: USB disconnect, device number 51
[  771.806718][ T5878] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  771.824198][ T5878] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  771.912670][ T5878] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  771.961240][ T5878] usb 5-1: USB disconnect, device number 43
[  772.165732][ T5878] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  772.223247][ T5878] ftdi_sio 5-1:0.0: device disconnected
[  772.506513][ T5886] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  772.606543][ T5878] IPVS: starting estimator thread 0...
[  772.837957][ T5886] usb 3-1: Using ep0 maxpacket: 8
[  773.006633][T12303] IPVS: using max 25 ests per chain, 60000 per kthread
[  773.016933][ T5886] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  773.038495][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.056388][ T5886] usb 3-1: Product: syz
[  773.067104][ T5886] usb 3-1: Manufacturer: syz
[  773.111248][ T5886] usb 3-1: SerialNumber: syz
[  773.687265][ T5886] usb 3-1: config 0 descriptor??
[  773.916626][ T5886] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  773.986753][ T5879] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  774.958979][ T5879] usb 5-1: Using ep0 maxpacket: 32
[  775.917591][T12331] serio: Serial port ptm0
[  776.010602][ T5886] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  776.555034][ T5879] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  776.985847][ T5879] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.002044][ T5886] usb 3-1: USB disconnect, device number 52
[  777.087014][ T5879] usb 5-1: config 0 descriptor??
[  777.118151][ T5879] usb 5-1: can't set config #0, error -71
[  777.143181][T12345] orangefs_mount: mount request failed with -4
[  777.318173][ T5879] usb 5-1: USB disconnect, device number 44
[  780.040068][ T5886] usb 1-1: new full-speed USB device number 52 using dummy_hcd
[  780.235334][ T5886] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  780.255253][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.468095][ T5886] usb 1-1: config 0 descriptor??
[  780.527070][ T5886] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  781.147594][ T5886] usb 1-1: Detected FT232A
[  781.217197][ T5886] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  781.326479][ T5886] usb 1-1: USB disconnect, device number 52
[  781.541415][ T5886] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  781.578735][ T5886] ftdi_sio 1-1:0.0: device disconnected
[  781.679297][T12405] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  781.691052][T12405] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  782.346434][ T5878] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  782.512903][ T5878] usb 3-1: Using ep0 maxpacket: 32
[  782.559189][ T5878] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  782.577894][ T5878] usb 3-1: config 0 has no interface number 0
[  782.595982][ T5878] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  782.622237][ T5878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.671197][ T5878] usb 3-1: Product: syz
[  782.685784][ T5878] usb 3-1: Manufacturer: syz
[  782.723213][ T5878] usb 3-1: SerialNumber: syz
[  782.750424][ T5878] usb 3-1: config 0 descriptor??
[  782.761527][ T5878] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  783.819689][ T5878] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  783.894586][ T5878] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  784.065074][T12401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  784.126958][T12401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  784.882713][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  784.886828][   T43] usb 3-1: USB disconnect, device number 53
[  784.935550][   T43] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  785.082908][   T43] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  785.119931][   T43] quatech2 3-1:0.51: device disconnected
[  786.186414][ T5878] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  786.385514][T12449] IPv6: sit1: Disabled Multicast RS
[  786.391995][T12449] sit1: entered allmulticast mode
[  787.228954][ T5878] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  787.372479][T12451] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  787.384290][T12451] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  787.748940][ T5878] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.773536][ T5878] usb 6-1: config 0 descriptor??
[  787.804201][ T5878] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  788.025383][ T5878] usb 6-1: Detected FT232B
[  788.245569][ T5878] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  788.305842][ T5878] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  788.488927][ T5878] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  788.517988][ T5878] usb 6-1: USB disconnect, device number 4
[  788.527025][ T5878] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  789.141205][ T5878] ftdi_sio 6-1:0.0: device disconnected
[  790.498725][T12484] nbd2: detected capacity change from 0 to 4294967296
[  790.792185][T12489] nbd2: detected capacity change from 4294967296 to 2820
[  791.365405][   T51] block nbd2: Receive control failed (result -104)
[  792.644135][T12504] IPv6: sit1: Disabled Multicast RS
[  792.650636][T12504] sit1: entered allmulticast mode
[  800.775204][T12580] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1823'.
[  800.786990][T12580] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1823'.
[  804.216220][T12609] ubi31: attaching mtd0
[  808.201360][T12627] tmpfs: Bad value for 'mpol'
[  808.777392][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  809.985187][T12656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1850'.
[  810.031458][ T5877] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  810.837943][T11083] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  810.866702][T11083] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  810.920252][T11083] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  810.928535][T11083] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  810.937805][T11083] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  810.966568][ T5877] usb 5-1: Using ep0 maxpacket: 32
[  811.099981][   T51] Bluetooth: hci0: connection err: -111
[  811.186803][ T5877] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  811.418687][ T5877] usb 5-1: config 0 has no interface number 0
[  811.578635][ T5877] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  811.602978][T12650] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1849'.
[  811.630365][ T5877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.870367][ T5877] usb 5-1: Product: syz
[  811.874608][ T5877] usb 5-1: Manufacturer: syz
[  811.882810][ T5877] usb 5-1: SerialNumber: syz
[  812.567245][ T5877] usb 5-1: config 0 descriptor??
[  812.648900][ T5877] usb 5-1: can't set config #0, error -71
[  812.782836][ T5877] usb 5-1: USB disconnect, device number 45
[  812.967473][T12678] smc: net device bond0 erased user defined pnetid SYZ0
[  813.037037][ T5886] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  813.046405][   T51] Bluetooth: hci5: command tx timeout
[  813.078547][T12658] chnl_net:caif_netlink_parms(): no params data found
[  813.198530][ T5886] usb 1-1: Using ep0 maxpacket: 16
[  813.306005][ T5886] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  813.316825][ T5886] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  813.328183][ T5886] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  813.339649][ T5886] usb 1-1: config 0 interface 0 has no altsetting 0
[  813.347478][ T5886] usb 1-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  813.357308][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  813.373601][ T5886] usb 1-1: config 0 descriptor??
[  813.496134][T12658] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.540931][T12658] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.569547][T12658] bridge_slave_0: entered allmulticast mode
[  813.591633][T12658] bridge_slave_0: entered promiscuous mode
[  813.605187][T12658] bridge0: port 2(bridge_slave_1) entered blocking state
[  813.615739][T12658] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.665500][T12658] bridge_slave_1: entered allmulticast mode
[  813.693179][T12658] bridge_slave_1: entered promiscuous mode
[  813.853125][ T5886] kye 0003:0458:0153.000A: unexpected long global item
[  813.883785][ T5886] kye 0003:0458:0153.000A: parse failed
[  813.903185][T12658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  813.912061][ T5886] kye 0003:0458:0153.000A: probe with driver kye failed with error -22
[  813.924996][T12658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  814.051859][ T5886] usb 1-1: USB disconnect, device number 53
[  814.462413][T12658] team0: Port device team_slave_0 added
[  815.116473][   T51] Bluetooth: hci5: command tx timeout
[  815.147944][T12658] team0: Port device team_slave_1 added
[  815.308909][T12658] batman_adv: batadv0: Adding interface: batadv_slave_0
[  815.342394][T12658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  815.368323][    C0] vkms_vblank_simulate: vblank timer overrun
[  815.438686][T12658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  815.457537][T12658] batman_adv: batadv0: Adding interface: batadv_slave_1
[  815.465922][T12658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  815.529390][T12658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  815.680571][T12658] hsr_slave_0: entered promiscuous mode
[  815.697338][T12658] hsr_slave_1: entered promiscuous mode
[  815.715492][T12658] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  815.716420][ T5879] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  815.735951][T12658] Cannot create hsr debugfs directory
[  815.977927][ T5879] usb 1-1: Using ep0 maxpacket: 16
[  816.007807][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  816.275824][T12727] Invalid ELF header type: 0 != 1
[  816.283979][   T10] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  816.516767][   T10] usb 5-1: Using ep0 maxpacket: 8
[  816.687140][ T5879] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  816.713434][ T5879] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.736424][ T5879] usb 1-1: Product: syz
[  816.746669][ T5879] usb 1-1: Manufacturer: syz
[  816.764224][ T5879] usb 1-1: SerialNumber: syz
[  816.822495][   T10] usb 5-1: config 2 has an invalid interface number: 31 but max is 0
[  816.822859][ T5879] usb 1-1: config 0 descriptor??
[  816.833619][   T10] usb 5-1: config 2 has no interface number 0
[  816.842838][   T10] usb 5-1: config 2 interface 31 has no altsetting 0
[  816.857630][   T10] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  816.867162][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.875232][   T10] usb 5-1: Product: syz
[  816.880405][   T10] usb 5-1: Manufacturer: syz
[  816.886507][   T10] usb 5-1: SerialNumber: syz
[  816.913673][ T5879] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  817.139112][ T5879] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  817.208721][   T51] Bluetooth: hci5: command tx timeout
[  817.894919][ T5879] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  818.437282][   T10] ch9200 5-1:2.31: probe with driver ch9200 failed with error -22
[  818.681979][   T10] usb 5-1: USB disconnect, device number 46
[  818.701659][T12658] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  818.743315][T12658] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  818.779270][ T5879] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  818.809099][T12658] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  818.811934][ T5879] em28xx 1-1:0.0: board has no eeprom
[  818.826108][T12658] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  818.897843][ T5879] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  818.926242][ T5879] em28xx 1-1:0.0: dvb set to bulk mode.
[  818.944547][ T5886] em28xx 1-1:0.0: Binding DVB extension
[  818.977670][ T5879] usb 1-1: USB disconnect, device number 54
[  818.997970][ T5879] em28xx 1-1:0.0: Disconnecting em28xx
[  819.034736][ T5886] em28xx 1-1:0.0: Registering input extension
[  819.092039][ T5879] em28xx 1-1:0.0: Closing input extension
[  819.125251][T12658] 8021q: adding VLAN 0 to HW filter on device bond0
[  819.178538][ T5879] em28xx 1-1:0.0: Freeing device
[  819.199720][T12658] 8021q: adding VLAN 0 to HW filter on device team0
[  819.244071][ T6187] bridge0: port 1(bridge_slave_0) entered blocking state
[  819.251331][ T6187] bridge0: port 1(bridge_slave_0) entered forwarding state
[  819.276414][   T51] Bluetooth: hci5: command tx timeout
[  819.324885][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  819.332131][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  819.708581][T12658] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  820.879904][   T94] block nbd2: Possible stuck request ffff888026085080: control (read@0,4096B). Runtime 30 seconds
[  822.168909][T12785] Invalid ELF header type: 0 != 1
[  824.235027][T12658] 8021q: adding VLAN 0 to HW filter on device batadv0
[  824.484562][T12806] 9pnet_virtio: no channels available for device syz
[  826.078752][T12824] Invalid ELF header type: 0 != 1
[  828.728595][T12840] vivid-007: =================  START STATUS  =================
[  828.736530][T12840] vivid-007: Generate PTS: true
[  828.742062][T12840] vivid-007: Generate SCR: true
[  828.747497][T12840] tpg source WxH: 320x240 (Y'CbCr)
[  828.752756][T12840] tpg field: 1
[  828.756417][T12840] tpg crop: (0,0)/320x240
[  828.760897][T12840] tpg compose: (0,0)/320x240
[  828.765635][T12840] tpg colorspace: 8
[  828.769632][T12840] tpg transfer function: 0/0
[  828.774396][T12840] tpg Y'CbCr encoding: 0/0
[  828.779168][T12840] tpg quantization: 0/0
[  828.783594][T12840] tpg RGB range: 0/2
[  828.788397][T12840] vivid-007: ==================  END STATUS  ==================
[  829.883491][T12658] veth0_vlan: entered promiscuous mode
[  829.943621][T12658] veth1_vlan: entered promiscuous mode
[  830.081060][T12658] veth0_macvtap: entered promiscuous mode
[  830.125909][T12658] veth1_macvtap: entered promiscuous mode
[  830.207854][T12658] batman_adv: batadv0: Interface activated: batadv_slave_0
[  830.283721][T12658] batman_adv: batadv0: Interface activated: batadv_slave_1
[  830.360166][T12658] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  830.511048][T12853] hub 8-0:1.0: USB hub found
[  830.517306][T12853] hub 8-0:1.0: 1 port detected
[  831.141267][T12658] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  831.150824][T12658] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  831.159730][T12658] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  831.724094][T12864] Invalid ELF header type: 0 != 1
[  832.539006][   T30] audit: type=1326 audit(1748766557.225:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  833.015736][   T30] audit: type=1326 audit(1748766557.245:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  833.266793][   T30] audit: type=1326 audit(1748766557.495:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  834.006921][   T30] audit: type=1326 audit(1748766557.495:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  834.118787][ T6187] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  834.167468][   T30] audit: type=1326 audit(1748766557.505:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  834.171738][ T6187] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  834.402459][T12878] vivid-007: =================  START STATUS  =================
[  834.410524][T12878] vivid-007: Generate PTS: true
[  834.415587][T12878] vivid-007: Generate SCR: true
[  834.421115][T12878] tpg source WxH: 320x240 (Y'CbCr)
[  834.426568][T12878] tpg field: 1
[  834.430106][T12878] tpg crop: (0,0)/320x240
[  834.434507][T12878] tpg compose: (0,0)/320x240
[  834.439327][T12878] tpg colorspace: 8
[  834.446990][T12878] tpg transfer function: 0/0
[  834.451684][T12878] tpg Y'CbCr encoding: 0/0
[  834.456161][T12878] tpg quantization: 0/0
[  834.460650][T12878] tpg RGB range: 0/2
[  834.464676][T12878] vivid-007: ==================  END STATUS  ==================
[  834.747847][   T30] audit: type=1326 audit(1748766557.505:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  834.796541][   T30] audit: type=1326 audit(1748766557.515:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  834.920530][   T30] audit: type=1326 audit(1748766557.515:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  834.982733][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  835.014561][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  835.048308][T12880] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1914'.
[  835.085195][   T30] audit: type=1326 audit(1748766557.525:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  835.085343][T12880] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1914'.
[  835.223046][   T30] audit: type=1326 audit(1748766557.525:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12867 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531598e969 code=0x7ffc0000
[  837.645035][T12911] Invalid ELF header type: 0 != 1
[  838.416434][T12912] vivid-007: =================  START STATUS  =================
[  838.424198][T12912] vivid-007: Generate PTS: true
[  838.429505][T12912] vivid-007: Generate SCR: true
[  838.441688][T12912] tpg source WxH: 320x240 (Y'CbCr)
[  838.447191][T12912] tpg field: 1
[  838.450702][T12912] tpg crop: (0,0)/320x240
[  838.455136][T12912] tpg compose: (0,0)/320x240
[  838.459963][T12912] tpg colorspace: 8
[  838.463811][T12912] tpg transfer function: 0/0
[  838.469780][T12912] tpg Y'CbCr encoding: 0/0
[  838.474560][T12912] tpg quantization: 0/0
[  838.479378][T12912] tpg RGB range: 0/2
[  838.483630][T12912] vivid-007: ==================  END STATUS  ==================
[  839.967857][T12918] program syz.1.1926 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  841.183121][T12933] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1931'.
[  841.635699][   T10] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  841.837349][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  841.862177][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  841.947514][   T10] usb 5-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  841.974191][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.162199][T12955] Invalid ELF header type: 0 != 1
[  842.948817][   T10] usb 5-1: config 0 descriptor??
[  843.056594][T12956] vivid-007: =================  START STATUS  =================
[  843.064511][T12956] vivid-007: Generate PTS: true
[  843.070125][T12956] vivid-007: Generate SCR: true
[  843.075225][T12956] tpg source WxH: 320x240 (Y'CbCr)
[  843.081084][T12956] tpg field: 1
[  843.086504][T12956] tpg crop: (0,0)/320x240
[  843.091279][T12956] tpg compose: (0,0)/320x240
[  843.096714][T12956] tpg colorspace: 8
[  843.100852][T12956] tpg transfer function: 0/0
[  843.113382][T12956] tpg Y'CbCr encoding: 0/0
[  843.119869][T12956] tpg quantization: 0/0
[  843.124513][T12956] tpg RGB range: 0/2
[  843.129023][T12956] vivid-007: ==================  END STATUS  ==================
[  843.397125][T12933] tmpfs: Unknown parameter 'grp˙˙'
[  843.574024][T12961] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  843.681207][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  843.681238][   T30] audit: type=1326 audit(1748766568.285:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12959 comm="syz.6.1938" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd0cf8e969 code=0x0
[  844.624987][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  844.850892][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  845.232331][   T10] usb 5-1: USB disconnect, device number 47
[  848.431455][T12999] Invalid ELF header type: 0 != 1
[  849.013077][   T30] audit: type=1800 audit(1748766573.105:224): pid=12996 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1947" name="[kvm-gmem]" dev="anon_inodefs" ino=36154 res=0 errno=0
[  850.248947][T13007] vivid-007: =================  START STATUS  =================
[  850.256956][T13007] vivid-007: Generate PTS: true
[  850.262085][T13007] vivid-007: Generate SCR: true
[  850.267341][T13007] tpg source WxH: 320x240 (Y'CbCr)
[  850.272676][T13007] tpg field: 1
[  850.276121][T13007] tpg crop: (0,0)/320x240
[  850.280607][T13007] tpg compose: (0,0)/320x240
[  850.285328][T13007] tpg colorspace: 8
[  850.289406][T13007] tpg transfer function: 0/0
[  850.294126][T13007] tpg Y'CbCr encoding: 0/0
[  850.298778][T13007] tpg quantization: 0/0
[  850.303067][T13007] tpg RGB range: 0/2
[  850.307154][T13007] vivid-007: ==================  END STATUS  ==================
[  850.957315][   T94] block nbd2: Possible stuck request ffff888026085080: control (read@0,4096B). Runtime 60 seconds
[  852.938003][T13035] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  854.308377][T13048] Invalid ELF header type: 0 != 1
[  855.456260][   T30] audit: type=1800 audit(1748766580.125:225): pid=13051 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.1962" name="[kvm-gmem]" dev="anon_inodefs" ino=37104 res=0 errno=0
[  856.478020][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  861.583611][T13092] Invalid ELF header type: 0 != 1
[  862.208411][   T30] audit: type=1800 audit(1748766586.825:226): pid=13100 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.1976" name="[kvm-gmem]" dev="anon_inodefs" ino=37228 res=0 errno=0
[  865.578584][T13128] serio: Serial port ptm0
[  867.216840][T11083] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  867.276913][T11083] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  867.285500][T11083] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  867.295565][T11083] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  867.304865][T11083] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  867.756425][   T43] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  867.801026][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  868.011166][   T43] usb 7-1: Using ep0 maxpacket: 32
[  868.053839][   T43] usb 7-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  868.097450][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.098884][ T3009] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.144825][   T43] usb 7-1: config 0 descriptor??
[  868.178918][   T43] gspca_main: sq930x-2.14.0 probing 041e:403c
[  868.248122][T13101] usb 1-1: new full-speed USB device number 55 using dummy_hcd
[  868.318996][ T3009] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.396425][T13101] usb 1-1: device descriptor read/64, error -71
[  868.435492][T13137] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1987'.
[  868.558339][ T3009] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.646474][T13101] usb 1-1: new full-speed USB device number 56 using dummy_hcd
[  868.722423][ T3009] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.791204][T13139] chnl_net:caif_netlink_parms(): no params data found
[  868.796627][T13101] usb 1-1: device descriptor read/64, error -71
[  868.910709][T13101] usb usb1-port1: attempt power cycle
[  869.078524][T13137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  869.129215][T13137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  869.186829][T13137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  869.196463][T13137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  869.518238][T11083] Bluetooth: hci6: command tx timeout
[  869.546545][T13101] usb 1-1: new full-speed USB device number 57 using dummy_hcd
[  869.821680][T13101] usb 1-1: device descriptor read/8, error -71
[  870.050593][T13139] bridge0: port 1(bridge_slave_0) entered blocking state
[  870.066382][   T43] gspca_sq930x: reg_w 0105 bf00 failed -71
[  870.101506][T13139] bridge0: port 1(bridge_slave_0) entered disabled state
[  870.119339][T13101] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[  870.136788][   T43] sq930x 7-1:0.0: probe with driver sq930x failed with error -71
[  870.139780][T13139] bridge_slave_0: entered allmulticast mode
[  870.166967][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  870.186669][   T43] usb 7-1: USB disconnect, device number 2
[  870.197078][T13101] usb 1-1: device descriptor read/8, error -71
[  870.220896][T13139] bridge_slave_0: entered promiscuous mode
[  870.409246][T13101] usb usb1-port1: unable to enumerate USB device
[  870.492810][T13139] bridge0: port 2(bridge_slave_1) entered blocking state
[  870.652730][T13139] bridge0: port 2(bridge_slave_1) entered disabled state
[  870.727745][T13139] bridge_slave_1: entered allmulticast mode
[  870.764081][T13139] bridge_slave_1: entered promiscuous mode
[  870.979331][T13139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  871.023226][ T3009] bridge_slave_1: left allmulticast mode
[  871.119111][ T3009] bridge_slave_1: left promiscuous mode
[  871.125856][ T3009] bridge0: port 2(bridge_slave_1) entered disabled state
[  871.217371][   T10] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  871.596495][T11083] Bluetooth: hci6: command tx timeout
[  871.954917][ T3009] bridge_slave_0: left allmulticast mode
[  871.976520][ T3009] bridge_slave_0: left promiscuous mode
[  871.997190][ T3009] bridge0: port 1(bridge_slave_0) entered disabled state
[  872.095253][   T10] usb 5-1: Using ep0 maxpacket: 16
[  872.155096][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  872.190838][   T10] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  872.224460][   T10] usb 5-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  872.296774][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.561009][   T10] usb 5-1: config 0 descriptor??
[  873.181462][   T43] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  873.346432][   T43] usb 7-1: Using ep0 maxpacket: 32
[  873.384204][   T43] usb 7-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  873.419571][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.430994][   T43] usb 7-1: config 0 descriptor??
[  873.463126][   T43] gspca_main: sq930x-2.14.0 probing 041e:403c
[  873.676759][T11083] Bluetooth: hci6: command tx timeout
[  873.927015][ T3009] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  873.959394][ T3009] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  873.991295][ T3009] bond0 (unregistering): Released all slaves
[  874.052722][T13139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  874.184053][ T5878] usb 5-1: USB disconnect, device number 48
[  874.284330][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2006'.
[  874.374332][T13213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  874.428544][T13213] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  874.725404][T13213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  874.739347][T13213] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  874.747290][   T43] gspca_sq930x: reg_w 0105 bf00 failed -110
[  874.817287][   T43] sq930x 7-1:0.0: probe with driver sq930x failed with error -110
[  875.170681][T13139] team0: Port device team_slave_0 added
[  875.231695][T13139] team0: Port device team_slave_1 added
[  875.419143][ T5878] usb 7-1: USB disconnect, device number 3
[  875.481806][T13139] batman_adv: batadv0: Adding interface: batadv_slave_0
[  875.525456][T13139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  875.635407][T13139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  875.762373][T11083] Bluetooth: hci6: command tx timeout
[  875.859460][   T30] audit: type=1800 audit(1748766600.545:227): pid=13245 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.2014" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  875.942522][T13139] batman_adv: batadv0: Adding interface: batadv_slave_1
[  875.969392][T13139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  876.006104][T13139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  876.265343][ T3009] hsr_slave_0: left promiscuous mode
[  876.296055][ T3009] hsr_slave_1: left promiscuous mode
[  876.327577][ T3009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  876.335049][ T3009] batman_adv: batadv0: Removing interface: batadv_slave_0
[  876.474245][ T3009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  876.492188][ T3009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  876.769059][ T3009] veth1_macvtap: left promiscuous mode
[  876.782135][ T3009] veth0_macvtap: left promiscuous mode
[  876.818211][ T3009] veth1_vlan: left promiscuous mode
[  876.823767][ T3009] veth0_vlan: left promiscuous mode
[  877.230550][T13274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2021'.
[  878.186928][ T5877] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  878.378882][ T5877] usb 7-1: Using ep0 maxpacket: 32
[  878.393134][ T5877] usb 7-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  878.410990][ T5877] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  878.485475][ T5877] usb 7-1: config 0 descriptor??
[  878.500725][ T5877] gspca_main: sq930x-2.14.0 probing 041e:403c
[  879.409479][T13289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  879.441173][T13289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  879.462517][T13289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  879.484215][T13289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  879.832618][ T5877] gspca_sq930x: reg_w 0105 bf00 failed -110
[  879.896490][ T5877] sq930x 7-1:0.0: probe with driver sq930x failed with error -110
[  880.712991][ T3009] team0 (unregistering): Port device team_slave_1 removed
[  880.763450][T13308] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  880.770086][T13308] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  880.798258][T13308] vhci_hcd vhci_hcd.0: Device attached
[  880.834541][ T3009] team0 (unregistering): Port device team_slave_0 removed
[  881.081758][   T94] block nbd2: Possible stuck request ffff888026085080: control (read@0,4096B). Runtime 90 seconds
[  881.341284][ T5877] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  881.572575][T13309] vhci_hcd: connection reset by peer
[  881.589297][ T6187] vhci_hcd: stop threads
[  881.632423][ T6187] vhci_hcd: release socket
[  881.643086][ T6187] vhci_hcd: disconnect device
[  882.752888][T13139] hsr_slave_0: entered promiscuous mode
[  882.760057][T13139] hsr_slave_1: entered promiscuous mode
[  882.766777][T13139] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  882.775425][T13139] Cannot create hsr debugfs directory
[  882.782183][T13280] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2022'.
[  882.827064][T10478] usb 7-1: USB disconnect, device number 4
[  882.973380][T13308] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2031'.
[  886.397588][   T43] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  886.536724][ T5877] vhci_hcd: vhci_device speed not set
[  886.696528][   T43] usb 2-1: Using ep0 maxpacket: 32
[  886.739674][   T43] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  886.758416][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  886.809694][   T43] usb 2-1: config 0 descriptor??
[  886.871134][   T43] gspca_main: sq930x-2.14.0 probing 041e:403c
[  887.121850][T13363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2045'.
[  888.078338][   T43] gspca_sq930x: reg_r 001f failed -110
[  888.167816][T13139] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  888.236444][   T43] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[  888.300414][T13139] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  888.871648][T13139] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  888.947050][T13139] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  889.076732][T13395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  889.187149][T13395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  889.335096][T13395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  889.389195][T13395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  889.544958][T13139] 8021q: adding VLAN 0 to HW filter on device bond0
[  889.587589][T13139] 8021q: adding VLAN 0 to HW filter on device team0
[  889.646466][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  889.653759][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  890.305275][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  890.312530][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  890.426721][   T43] usb 1-1: new full-speed USB device number 59 using dummy_hcd
[  890.726462][   T43] usb 1-1: device descriptor read/64, error -71
[  891.026604][   T43] usb 1-1: new full-speed USB device number 60 using dummy_hcd
[  891.237244][T10478] usb 2-1: USB disconnect, device number 44
[  891.326809][   T43] usb 1-1: device descriptor read/64, error -71
[  891.706446][   T43] usb usb1-port1: attempt power cycle
[  893.141797][T13139] 8021q: adding VLAN 0 to HW filter on device batadv0
[  893.741816][T13444] ubi31: attaching mtd0
[  893.786498][T10478] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  893.946865][T10478] usb 7-1: Using ep0 maxpacket: 16
[  893.962123][T10478] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  893.979210][T10478] usb 7-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  894.033247][T10478] usb 7-1: config 0 interface 0 has no altsetting 0
[  894.075050][T10478] usb 7-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  894.133847][T10478] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  894.202017][T10478] usb 7-1: config 0 descriptor??
[  894.757589][T10478] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  894.773985][T13460] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  897.058271][T13101] usb 7-1: USB disconnect, device number 5
[  898.212772][T13139] veth0_vlan: entered promiscuous mode
[  898.316669][T13139] veth1_vlan: entered promiscuous mode
[  903.678317][T13512] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2080'.
[  904.338415][T13512] vlan3: entered promiscuous mode
[  904.343515][T13512] veth0_virt_wifi: entered promiscuous mode
[  904.409877][T13139] veth0_macvtap: entered promiscuous mode
[  904.572493][T13139] veth1_macvtap: entered promiscuous mode
[  904.704616][   T30] audit: type=1326 audit(1748766629.375:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  904.740512][T13139] batman_adv: batadv0: Interface activated: batadv_slave_0
[  904.823744][T13139] batman_adv: batadv0: Interface activated: batadv_slave_1
[  904.837282][   T30] audit: type=1326 audit(1748766629.375:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  904.890702][T13139] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  904.958190][T13139] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  904.972011][   T30] audit: type=1326 audit(1748766629.465:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  904.987313][T13139] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  905.005924][T13139] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  905.065776][   T30] audit: type=1326 audit(1748766629.465:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  905.113415][   T30] audit: type=1326 audit(1748766629.465:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  905.221261][   T30] audit: type=1326 audit(1748766629.465:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  905.343588][   T30] audit: type=1326 audit(1748766629.465:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13516 comm="syz.1.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30fdb8e969 code=0x7ffc0000
[  905.576388][   T43] usb 5-1: new low-speed USB device number 49 using dummy_hcd
[  905.619915][ T7485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  905.689143][ T7485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  905.759362][   T43] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  905.775264][T13531] bond_slave_0: entered promiscuous mode
[  905.781459][T13531] bond_slave_1: entered promiscuous mode
[  905.796500][   T43] usb 5-1: config 0 has no interface number 0
[  905.808977][   T43] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  905.823853][T13531] vlan3: entered promiscuous mode
[  905.830014][T13531] bond0: entered promiscuous mode
[  905.835342][   T43] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  905.865131][   T43] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  905.901389][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  906.027518][   T43] usb 5-1: config 0 descriptor??
[  906.065571][   T43] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  906.177535][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  906.235712][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  906.345072][T13526] iowarrior 5-1:0.1: Error -90 while submitting URB
[  906.386659][ T5877] usb 5-1: USB disconnect, device number 49
[  906.714644][T13544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2088'.
[  907.298189][T13544] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  907.307659][T13544] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  907.317535][T13544] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  907.837452][T13546] vivid-007: =================  START STATUS  =================
[  907.849703][T13546] vivid-007: Generate PTS: true
[  907.855863][T13546] vivid-007: Generate SCR: true
[  907.866016][T13546] tpg source WxH: 320x240 (Y'CbCr)
[  907.872058][T13546] tpg field: 1
[  907.876622][T13546] tpg crop: (0,0)/320x240
[  907.883669][T13546] tpg compose: (0,0)/320x240
[  907.892573][T13546] tpg colorspace: 8
[  907.903440][T13546] tpg transfer function: 0/0
[  907.910817][T13546] tpg Y'CbCr encoding: 0/0
[  907.917693][T13546] tpg quantization: 0/0
[  907.924863][T13546] tpg RGB range: 0/2
[  907.932115][T13546] vivid-007: ==================  END STATUS  ==================
[  911.285366][   T94] block nbd2: Possible stuck request ffff888026085080: control (read@0,4096B). Runtime 120 seconds
[  912.445801][   T30] audit: type=1800 audit(1748766637.065:235): pid=13581 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.2098" name="[kvm-gmem]" dev="anon_inodefs" ino=39464 res=0 errno=0
[  913.640295][T13598] syz.0.2101: attempt to access beyond end of device
[  913.640295][T13598] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  913.680726][T13598] hpfs: hpfs_map_sector(): read error
[  915.256147][T13610] vivid-007: =================  START STATUS  =================
[  915.264142][T13610] vivid-007: Generate PTS: true
[  915.270371][T13610] vivid-007: Generate SCR: true
[  915.277929][T13610] tpg source WxH: 320x240 (Y'CbCr)
[  915.283185][T13610] tpg field: 1
[  915.286745][T13610] tpg crop: (0,0)/320x240
[  915.291178][T13610] tpg compose: (0,0)/320x240
[  915.295880][T13610] tpg colorspace: 8
[  915.299974][T13610] tpg transfer function: 0/0
[  915.304711][T13610] tpg Y'CbCr encoding: 0/0
[  915.309629][T13610] tpg quantization: 0/0
[  915.313891][T13610] tpg RGB range: 0/2
[  915.318127][T13610] vivid-007: ==================  END STATUS  ==================
[  916.094562][T13615] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  916.106518][T13615] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  919.172258][T13622] tmpfs: Bad value for 'mpol'
[  921.026392][ T5878] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  921.176557][ T5878] usb 2-1: Using ep0 maxpacket: 16
[  921.189343][ T5878] usb 2-1: config 0 has an invalid interface number: 48 but max is 0
[  921.198521][ T5878] usb 2-1: config 0 has no interface number 0
[  921.210744][ T5878] usb 2-1: config 0 interface 48 has no altsetting 0
[  921.231690][ T5878] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[  921.241870][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  921.263405][ T5878] usb 2-1: Product: syz
[  921.275267][ T5878] usb 2-1: Manufacturer: syz
[  921.291905][ T5878] usb 2-1: SerialNumber: syz
[  921.313304][ T5878] usb 2-1: config 0 descriptor??
[  922.139695][T13638] ref_ctr_offset mismatch. inode: 0x964 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6
[  922.310759][   T43] usb 2-1: USB disconnect, device number 45
[  923.251073][T13664] vivid-007: =================  START STATUS  =================
[  923.258782][T13664] vivid-007: Generate PTS: true
[  923.263683][T13664] vivid-007: Generate SCR: true
[  923.268641][T13664] tpg source WxH: 320x240 (Y'CbCr)
[  923.273750][T13664] tpg field: 1
[  923.277640][T13664] tpg crop: (0,0)/320x240
[  923.281976][T13664] tpg compose: (0,0)/320x240
[  923.286595][T13664] tpg colorspace: 8
[  923.290398][T13664] tpg transfer function: 0/0
[  923.294987][T13664] tpg Y'CbCr encoding: 0/0
[  923.299433][T13664] tpg quantization: 0/0
[  923.303584][T13664] tpg RGB range: 0/2
[  923.307511][T13664] vivid-007: ==================  END STATUS  ==================
[  924.807466][T13691] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  926.937006][T13707] hfs: unable to load iocharset "io#harset"
[  928.115260][T13726] fuse: Bad value for 'fd'
[  929.049343][T13729] vivid-007: =================  START STATUS  =================
[  929.061201][T13729] vivid-007: Generate PTS: true
[  929.066085][T13729] vivid-007: Generate SCR: true
[  929.071780][T13729] tpg source WxH: 320x240 (Y'CbCr)
[  929.076953][T13729] tpg field: 1
[  929.080320][T13729] tpg crop: (0,0)/320x240
[  929.084684][T13729] tpg compose: (0,0)/320x240
[  929.089320][T13729] tpg colorspace: 8
[  929.093130][T13729] tpg transfer function: 0/0
[  929.097820][T13729] tpg Y'CbCr encoding: 0/0
[  929.102239][T13729] tpg quantization: 0/0
[  929.106469][T13729] tpg RGB range: 0/2
[  929.110364][T13729] vivid-007: ==================  END STATUS  ==================
[  931.021000][T13752] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2140'.
[  931.602443][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  932.867348][T13762] hfs: unable to load iocharset "io#harset"
[  933.720219][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  934.931422][T13772] vivid-007: =================  START STATUS  =================
[  934.939147][T13772] vivid-007: Generate PTS: true
[  934.944013][T13772] vivid-007: Generate SCR: true
[  934.948936][T13772] tpg source WxH: 320x240 (Y'CbCr)
[  934.954048][T13772] tpg field: 1
[  934.957817][T13772] tpg crop: (0,0)/320x240
[  934.962147][T13772] tpg compose: (0,0)/320x240
[  934.966762][T13772] tpg colorspace: 8
[  934.970566][T13772] tpg transfer function: 0/0
[  934.975151][T13772] tpg Y'CbCr encoding: 0/0
[  934.979582][T13772] tpg quantization: 0/0
[  934.983732][T13772] tpg RGB range: 0/2
[  934.987669][T13772] vivid-007: ==================  END STATUS  ==================
[  936.789456][T13802] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2152'.
[  939.195672][T13827] vivid-007: =================  START STATUS  =================
[  939.204496][T13827] vivid-007: Generate PTS: true
[  939.209441][T13827] vivid-007: Generate SCR: true
[  939.214306][T13827] tpg source WxH: 320x240 (Y'CbCr)
[  939.219455][T13827] tpg field: 1
[  939.222821][T13827] tpg crop: (0,0)/320x240
[  939.227208][T13827] tpg compose: (0,0)/320x240
[  939.231790][T13827] tpg colorspace: 8
[  939.235584][T13827] tpg transfer function: 0/0
[  939.240195][T13827] tpg Y'CbCr encoding: 0/0
[  939.244600][T13827] tpg quantization: 0/0
[  939.248775][T13827] tpg RGB range: 0/2
[  939.252681][T13827] vivid-007: ==================  END STATUS  ==================
[  940.249075][ T5930] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  940.620892][ T5930] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  940.646637][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  940.654778][ T5930] usb 2-1: Product: syz
[  941.328047][ T5930] usb 2-1: Manufacturer: syz
[  941.333842][ T5930] usb 2-1: SerialNumber: syz
[  941.378579][ T5930] usb 2-1: config 0 descriptor??
[  941.838987][   T94] block nbd2: Possible stuck request ffff888026085080: control (read@0,4096B). Runtime 150 seconds
[  941.878922][ T5930] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[  942.131668][ T5930] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  942.369906][T13101] usb 2-1: USB disconnect, device number 46
[  942.703105][ T5930] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  942.892769][T13880] vivid-007: =================  START STATUS  =================
[  943.563473][T13880] vivid-007: Generate PTS: true
[  943.568483][T13880] vivid-007: Generate SCR: true
[  943.573356][T13880] tpg source WxH: 320x240 (Y'CbCr)
[  943.578503][T13880] tpg field: 1
[  943.581899][T13880] tpg crop: (0,0)/320x240
[  943.586232][T13880] tpg compose: (0,0)/320x240
[  943.590863][T13880] tpg colorspace: 8
[  943.594680][T13880] tpg transfer function: 0/0
[  943.600308][T13880] tpg Y'CbCr encoding: 0/0
[  943.604737][T13880] tpg quantization: 0/0
[  943.608927][T13880] tpg RGB range: 0/2
[  943.612845][T13880] vivid-007: ==================  END STATUS  ==================
[  943.730284][ T5930] usb 8-1: not running at top speed; connect to a high speed hub
[  943.783863][ T5930] usb 8-1: config 95 has an invalid interface number: 1 but max is 0
[  943.802482][ T5930] usb 8-1: config 95 has no interface number 0
[  943.822794][ T5930] usb 8-1: config 95 interface 1 has no altsetting 0
[  944.126663][ T5930] usb 8-1: string descriptor 0 read error: -22
[  944.132985][ T5930] usb 8-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  944.904001][ T5930] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  945.050559][   T31] INFO: task syz.2.1792:12484 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  945.156420][   T31]       Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0
[  945.201286][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  945.293945][   T31] task:syz.2.1792      state:D stack:28328 pid:12484 tgid:12483 ppid:5829   task_flags:0x400140 flags:0x00004004
[  945.584640][   T31] Call Trace:
[  945.635863][   T31]  <TASK>
[  945.665995][   T31]  __schedule+0x16a2/0x4cb0
[  945.745336][   T31]  ? __lock_acquire+0xa91/0xd20
[  945.766358][   T31]  ? schedule+0x165/0x360
[  945.770778][   T31]  ? __pfx___schedule+0x10/0x10
[  945.809195][   T31]  ? schedule+0x91/0x360
[  945.813705][   T31]  schedule+0x165/0x360
[  945.827899][   T31]  schedule_preempt_disabled+0x13/0x30
[  945.833450][   T31]  __mutex_lock+0x724/0xe80
[  945.894589][   T31]  ? __mutex_lock+0x51b/0xe80
[  945.895197][ T5930] usb 8-1: USB disconnect, device number 2
[  945.927714][   T31]  ? bdev_release+0x1a9/0x650
[  945.932496][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  945.975848][   T31]  ? __asan_memset+0x22/0x50
[  945.980790][T13374] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  945.996570][   T31]  ? __pfx___fsnotify_parent+0x10/0x10
[  946.002101][   T31]  ? do_raw_spin_lock+0x121/0x290
[  946.076341][   T31]  bdev_release+0x1a9/0x650
[  946.081054][   T31]  ? __pfx_blkdev_release+0x10/0x10
[  946.104114][   T31]  blkdev_release+0x15/0x20
[  946.109394][   T31]  __fput+0x449/0xa70
[  946.113469][   T31]  task_work_run+0x1d4/0x260
[  946.118767][   T31]  ? __pfx_task_work_run+0x10/0x10
[  946.127135][   T31]  ? __fget_files+0x2a/0x420
[  946.131833][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  946.139860][   T31]  exit_to_user_mode_loop+0xec/0x110
[  946.146551][   T31]  do_syscall_64+0x2bd/0x3b0
[  946.151245][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  946.173466][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.179777][   T31]  ? clear_bhb_loop+0x60/0xb0
[  946.184534][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.196157][   T31] RIP: 0033:0x7f5d7b38e969
[  946.200718][   T31] RSP: 002b:00007f5d7c2a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  946.209398][   T31] RAX: 0000000000000000 RBX: 00007f5d7b5b5fa0 RCX: 00007f5d7b38e969
[  946.217495][   T31] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
[  946.225711][   T31] RBP: 00007f5d7b410ab1 R08: 0000000000000000 R09: 0000000000000000
[  946.234072][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  946.242768][   T31] R13: 0000000000000000 R14: 00007f5d7b5b5fa0 R15: 00007ffe2c51c618
[  946.251049][   T31]  </TASK>
[  946.254174][   T31] 
[  946.254174][   T31] Showing all locks held in the system:
[  946.265085][   T31] 2 locks held by kworker/1:0/24:
[  946.346318][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  946.443547][   T31]  #1: ffffc900001e7bc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  946.516561][   T31] 1 lock held by khungtaskd/31:
[  946.521522][   T31]  #0: ffffffff8e13ccc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  946.600397][   T31] 2 locks held by getty/5582:
[  946.605173][   T31]  #0: ffff88803565a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  946.673487][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  946.716306][   T31] 1 lock held by syz-executor/5835:
[  946.721593][   T31] 4 locks held by kworker/0:6/5930:
[  946.766459][   T31] 1 lock held by udevd/6771:
[  946.771136][   T31]  #0: ffff888025b41358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  946.846313][   T31] 1 lock held by syz.4.1599/11778:
[  946.851628][   T31] 1 lock held by syz.2.1792/12484:
[  946.926337][   T31]  #0: ffff888025b41358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x1a9/0x650
[  946.936178][   T31] 5 locks held by kworker/1:5/13374:
[  947.026323][   T31]  #0: ffff888021a9cd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  947.086304][   T31]  #1: ffffc90003edfbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  947.156392][   T31]  #2: ffff888028f0e198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00
[  947.165508][   T31]  #3: ffff888143f41510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21a3/0x4a00
[  947.225680][   T31]  #4: ffff888143377e68 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21cb/0x4a00
[  947.276803][   T31] 2 locks held by kworker/u8:0/13856:
[  947.286922][   T31] 2 locks held by syz.1.2176/13897:
[  947.292200][   T31]  #0: ffffffff8f4f7d48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  947.366395][   T31]  #1: ffffffff8e1427f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b7/0x730
[  947.397227][   T31] 3 locks held by syz.6.2177/13900:
[  947.402502][   T31] 3 locks held by rm/13909:
[  947.420861][   T31] 
[  947.423241][   T31] =============================================
[  947.423241][   T31] 
[  947.447880][   T31] NMI backtrace for cpu 0
[  947.447905][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  947.447929][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  947.447941][   T31] Call Trace:
[  947.447950][   T31]  <TASK>
[  947.447959][   T31]  dump_stack_lvl+0x189/0x250
[  947.447991][   T31]  ? __wake_up_klogd+0xd9/0x110
[  947.448024][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  947.448053][   T31]  ? __pfx__printk+0x10/0x10
[  947.448086][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  947.448117][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  947.448142][   T31]  ? _printk+0xcf/0x120
[  947.448166][   T31]  ? __pfx__printk+0x10/0x10
[  947.448188][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  947.448212][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  947.448243][   T31]  watchdog+0xfee/0x1030
[  947.448265][   T31]  ? watchdog+0x1de/0x1030
[  947.448293][   T31]  kthread+0x711/0x8a0
[  947.448325][   T31]  ? __pfx_watchdog+0x10/0x10
[  947.448343][   T31]  ? __pfx_kthread+0x10/0x10
[  947.448373][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  947.448408][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  947.448425][   T31]  ? __pfx_kthread+0x10/0x10
[  947.448455][   T31]  ret_from_fork+0x3fc/0x770
[  947.448480][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  947.448508][   T31]  ? __switch_to_asm+0x39/0x70
[  947.448526][   T31]  ? __switch_to_asm+0x33/0x70
[  947.448542][   T31]  ? __pfx_kthread+0x10/0x10
[  947.448571][   T31]  ret_from_fork_asm+0x1a/0x30
[  947.448607][   T31]  </TASK>
[  947.448616][   T31] Sending NMI from CPU 0 to CPUs 1:
[  947.623361][    C1] NMI backtrace for cpu 1
[  947.623379][    C1] CPU: 1 UID: 0 PID: 13911 Comm: dhcpcd Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  947.623401][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  947.623413][    C1] RIP: 0010:stack_trace_save+0xa/0xe0
[  947.623445][    C1] Code: b2 09 cc 90 0f 0b 90 45 31 ed eb e0 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 41 56 <53> 48 83 e4 e0 48 81 ec 80 00 00 00 65 48 8b 05 52 92 eb 10 48 89
[  947.623461][    C1] RSP: 0018:ffffc9000422f798 EFLAGS: 00000246
[  947.623477][    C1] RAX: ffffc9000422f7b0 RBX: 0000000000000000 RCX: 0000000000000000
[  947.623490][    C1] RDX: 0000000000000000 RSI: 0000000000000040 RDI: ffffc9000422f7b0
[  947.623501][    C1] RBP: ffffc9000422f7a0 R08: 0000000000000000 R09: 0000000000000000
[  947.623513][    C1] R10: ffffc9000422f7b0 R11: ffffffff81acdea0 R12: ffffea00016e5780
[  947.623527][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffffc9000422f7b0
[  947.623539][    C1] FS:  00007fc2d1226740(0000) GS:ffff888125d99000(0000) knlGS:0000000000000000
[  947.623554][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  947.623566][    C1] CR2: 00007fff4d979f19 CR3: 0000000031a2c000 CR4: 00000000003526f0
[  947.623582][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  947.623592][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  947.623603][    C1] Call Trace:
[  947.623610][    C1]  <TASK>
[  947.623618][    C1]  kasan_save_stack+0x3e/0x60
[  947.623669][    C1]  ? __phys_addr+0xd3/0x180
[  947.623693][    C1]  ? vms_complete_munmap_vmas+0x626/0x8a0
[  947.623715][    C1]  kasan_record_aux_stack+0xbd/0xd0
[  947.623735][    C1]  kmem_cache_free+0x2f6/0x400
[  947.623763][    C1]  vms_complete_munmap_vmas+0x626/0x8a0
[  947.623793][    C1]  do_vmi_align_munmap+0x358/0x420
[  947.623824][    C1]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  947.623858][    C1]  ? mas_find+0x962/0xc10
[  947.623887][    C1]  do_vmi_munmap+0x253/0x2e0
[  947.623912][    C1]  __vm_munmap+0x23b/0x3d0
[  947.623936][    C1]  ? __pfx___vm_munmap+0x10/0x10
[  947.623973][    C1]  __x64_sys_munmap+0x60/0x70
[  947.623990][    C1]  do_syscall_64+0xfa/0x3b0
[  947.624006][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  947.624023][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.624040][    C1]  ? clear_bhb_loop+0x60/0xb0
[  947.624059][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.624076][    C1] RIP: 0033:0x7fc2d14352e7
[  947.624090][    C1] Code: 00 00 00 b8 0a 00 00 00 0f 05 48 3d 01 f0 ff ff 73 01 c3 48 8d 0d c9 3f 01 00 f7 d8 89 01 48 83 c8 ff c3 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d a9 3f 01 00 f7 d8 89 01 48 83
[  947.624116][    C1] RSP: 002b:00007fff4d9570d8 EFLAGS: 00000206 ORIG_RAX: 000000000000000b
[  947.624133][    C1] RAX: ffffffffffffffda RBX: 000055b6184264a0 RCX: 00007fc2d14352e7
[  947.624146][    C1] RDX: 0000000000000002 RSI: 0000000000061018 RDI: 00007fc2d1165000
[  947.624157][    C1] RBP: 00007fff4d9571e0 R08: 0000000000000030 R09: 000055b618427020
[  947.624170][    C1] R10: 00007fff4d957010 R11: 0000000000000206 R12: 00007fff4d957128
[  947.624182][    C1] R13: 00007fc2d1448000 R14: 000055b6184264a0 R15: 0000000000000000
[  947.624203][    C1]  </TASK>
[  947.952013][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  947.958928][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  947.970417][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  947.980496][   T31] Call Trace:
[  947.983796][   T31]  <TASK>
[  947.986748][   T31]  dump_stack_lvl+0x99/0x250
[  947.991383][   T31]  ? __asan_memcpy+0x40/0x70
[  947.996004][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  948.001244][   T31]  ? __pfx__printk+0x10/0x10
[  948.005876][   T31]  panic+0x2db/0x790
[  948.009818][   T31]  ? __pfx_panic+0x10/0x10
[  948.014277][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  948.020118][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  948.025529][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  948.031723][   T31]  watchdog+0x102d/0x1030
[  948.036083][   T31]  ? watchdog+0x1de/0x1030
[  948.040535][   T31]  kthread+0x711/0x8a0
[  948.044641][   T31]  ? __pfx_watchdog+0x10/0x10
[  948.049343][   T31]  ? __pfx_kthread+0x10/0x10
[  948.054060][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  948.059294][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  948.064513][   T31]  ? __pfx_kthread+0x10/0x10
[  948.069136][   T31]  ret_from_fork+0x3fc/0x770
[  948.073754][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  948.078897][   T31]  ? __switch_to_asm+0x39/0x70
[  948.083685][   T31]  ? __switch_to_asm+0x33/0x70
[  948.088471][   T31]  ? __pfx_kthread+0x10/0x10
[  948.093100][   T31]  ret_from_fork_asm+0x1a/0x30
[  948.097906][   T31]  </TASK>
[  948.101290][   T31] Kernel Offset: disabled
[  948.105669][   T31] Rebooting in 86400 seconds..