last executing test programs:

4m5.933042063s ago: executing program 4 (id=1019):
r0 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r0, &(0x7f00000000c0), 0x0, 0x800004, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mknod(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f0000001280)=""/4105, &(0x7f00000000c0)=0x1009)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x88, r5, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x10000040}, 0x8000)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
shutdown(r2, 0x1)
write(r2, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x2000c088}, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e24, @empty=0xe00}})

4m5.711419702s ago: executing program 4 (id=1020):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x2f126000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8)
cachestat(r2, &(0x7f0000000180)={0xff}, &(0x7f0000002280), 0x0)
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000001000000e8e187f63af5cbc371c494e9d809ff070000", @ANYRES32=r6, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000097030000040000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x34, 0xe, 0xc08}}, 0x120)
syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000000)={@empty, @empty, 0x0, "daf86eed51d59c3b227a93fc7264db425e9d015e14f17c0900497e00b3bb00", 0x7, 0x6, 0xffffff9d, 0xffffe6df}, 0x3c)
syz_emit_ethernet(0x13b, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c20000000800420c012d00680000060690780a010101ac1e0101830b9600000000ac1414bb4428fd6000008000000000780000ffff0000000600000002fffffff800000800000000810000000b004e244e23", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a180780006fe11f989fd357b00b9307614cb42af621400000022102afc78542ec522eb583ea4d9793fe0acdc26a4a58cb3ca51a705bdadf5066f01798c6e0d364c51521c69df399eff14b6572bc3f7916017396e07d09d853d0d4d331273829aa4e6ad7d0ae364b68397bb0b7e3ce085042093d365dd1b39be55575925c4b14df6175832192bbb43378827ef6d7b2d0da65ca43b6e09d4c07986640a1c4fb68bb7295340b01bcce748fcebb9d109434bbb472d3103fa8f119dee31dcb713f16f642f24be2d7c4c15e0614e7cab97281caa4fd37ae7369cb5766676300ba5bd89e651d9640301fb08c59fa3b3de57aeffbcde05083dbcb4051aa09630ef684c64f5e2d64740a9de88481c923e34169ec3d8cf482fabc812f7d72d162d46b7502fc33bff1c9d8414db2605c0f411724889ecc1c0908f69baf8ebfa3e6884f28de3c5d9da"], 0x0)

4m4.439154935s ago: executing program 4 (id=1022):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x6, 0x19, 0xd, "89753015418ab0df6afb245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b13ecab66c7d257a037d0f08e8ad896ba67a07696defa", "8b609009aaa722687f3f2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fce40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1b97448abe996b48e2b870128218a0d22915216fddb100", [0x7, 0x7]})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x2000c094)

4m2.341863704s ago: executing program 4 (id=1027):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000940)=@framed={{0x18, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000001e00)=[{0x0}, {0x0}, {&(0x7f0000003480)=""/172, 0xac}], 0x3}}], 0x1, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/108, 0x6c}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=""/99, 0x63}}, {{0x0, 0x0, &(0x7f0000001e40)=[{0x0}, {0x0}, {&(0x7f0000000340)=""/181, 0xb5}], 0x3, &(0x7f0000001e80)=""/4096, 0x1000}}], 0x3, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000007600)=[{{0x0, 0x0, &(0x7f0000003440)=[{0x0}, {0x0}, {&(0x7f0000004540)=""/240, 0xf0}], 0x3}}], 0x1, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/188, 0xbc, 0xdf0e}}], 0x1800, 0x2002, 0x0)

3m57.863776431s ago: executing program 4 (id=1035):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x13, 0x0, 0x0)

3m57.672166628s ago: executing program 4 (id=1037):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001000010700000000004000000a000000060001001800000008000a00", @ANYRES64=r2], 0x24}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x1f)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
pipe(&(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r7, 0x0, 0xf3a, 0x0)
write(r4, &(0x7f0000000240)="94", 0x1)
tee(r3, r7, 0x8f5, 0x100000000000000)
write$cgroup_type(r7, &(0x7f0000000180), 0x9)
write(r5, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x400, 0x360, 0x556, 0x2000, 0xbdf2, 0xb, 0xa, 0x1, {0x8000, 0x569, 0x1}, {0x6, 0x1}, {0x8, 0x36, 0x1}, {0x8001, 0x80000001, 0x1}, 0x1, 0x40, 0x6, 0x6, 0x0, 0xfffffff2, 0x5, 0x73a, 0x8, 0x90, 0x6, 0x3ff, 0x55, 0x200, 0x3, 0xa})

3m41.457189226s ago: executing program 32 (id=1037):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001000010700000000004000000a000000060001001800000008000a00", @ANYRES64=r2], 0x24}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x1f)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
pipe(&(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r7, 0x0, 0xf3a, 0x0)
write(r4, &(0x7f0000000240)="94", 0x1)
tee(r3, r7, 0x8f5, 0x100000000000000)
write$cgroup_type(r7, &(0x7f0000000180), 0x9)
write(r5, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x400, 0x360, 0x556, 0x2000, 0xbdf2, 0xb, 0xa, 0x1, {0x8000, 0x569, 0x1}, {0x6, 0x1}, {0x8, 0x36, 0x1}, {0x8001, 0x80000001, 0x1}, 0x1, 0x40, 0x6, 0x6, 0x0, 0xfffffff2, 0x5, 0x73a, 0x8, 0x90, 0x6, 0x3ff, 0x55, 0x200, 0x3, 0xa})

1m51.154418679s ago: executing program 0 (id=1315):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}})
syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000538acc089c0e00001e5b0102030109021b00010000000009040000014b34ef000905", @ANYBLOB='s'], 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010000304000000000000000000007400", @ANYRES32=r3, @ANYBLOB="f3ffffff031201002c0012800b00010062726964676500001c0002800800050001000000060027000000000005002d00000000003a5bfc2d0ba731dfbed45b63f9b533dcf0ffad15981631502bf44b78a4a9d5e4b123c8faace8"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$dri(&(0x7f0000000000), 0x8, 0x200000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000340)={0x3, 0x0, 0x1, 0x0, 0x7fffffff})
pwritev(r4, &(0x7f0000000080)=[{&(0x7f0000000240)="020000", 0x3}, {&(0x7f0000000000)='\x00', 0x1}], 0x2, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r7 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, r7, &(0x7f0000000240)=""/112, 0x349b7f55)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="600000000314230c2abd7000ffdbdf250900020073797a3100000000080041007369770014003300766972745f77696669300000000000000900020073797a31000000000800410073697700140002"], 0x60}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)

1m50.626327664s ago: executing program 5 (id=1318):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d01020301090212000100000000090401"], 0x0)
syz_usb_connect$printer(0x1, 0x36, &(0x7f00000002c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x9, 0x0, 0x31, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x7, 0x1, 0x2, 0x7f, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0x7, 0x7, 0x9}}, [{{0x9, 0x5, 0x82, 0x2, 0x200, 0xfd, 0x2, 0x1}}]}}}]}}]}}, &(0x7f00000007c0)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x110, 0x4, 0x84, 0x1, 0x10, 0xc8}, 0x165, &(0x7f0000000340)={0x5, 0xf, 0x165, 0x4, [@generic={0x76, 0x10, 0x28272396b000f61f, "c0400819e7131cf29bcd4530b52026bd8d275faf9b440e7de87095a0e27be068a9f3c9cc0b34af07e13715b33b034724c22a058548a2e47a4ac479d5c748064b4d45f4569febbd2765992e693f24c10013568086f0e8e2632f25fc5b9ad527e07ac3e14757a4ac7fbcfa0a15b678d660ebd084"}, @generic={0x47, 0x10, 0xa, "eaadd32ff20700a5a71a9978b20fdcbd6337e9939c504189d111615dbdac92cda2d17f364dc32e95cb243f47951e21117609be49af7b4cb44bd127cc53b353701352379d"}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "3c3cc29ef825fb40062afc8497bf4860"}, @generic={0x8f, 0x10, 0xb, "8a37e044da782ce1d0b2d448efb55ba6b849176ff429aca1a07995ece7488f287f27112f8f750d8119c2a1225498bb2763b8059ed6ceef3759d6a33af95d29ef3b454fb07b1462e7049124c205b7ca9bb6ad2641d529d111d15ffbfa1a1b2260440a45012afa2728366af0028a5decad2e9b540a6dc8f83203db4fb7b7b4ed7c0dcc8b1a8dec58fb079c4eb1"}]}, 0x5, [{0xb7, &(0x7f00000004c0)=@string={0xb7, 0x3, "c2083101f7972bf1b9705a9ca648d8022773a279eecf6488c7cd04b6996d310d0070beeeb7536203a7defa4110abe1e62ef7d735bcc16638becf47dfc99ec23f9538ce30e3e1915925b0ea481d24c65b271dd99497c954c3498885715535b8ee6cbcf720cf4c26b40ad8a27983fa0ba01b68eed302b8983283e028959d0e8ae632e81e62c451a652a7f230593f3940d096ac6bd7fc06cc8babec5b6e65864b1665803922a5513eaa4b73b2aca8c90d799c19a90302"}}, {0x11, &(0x7f0000000580)=@string={0x11, 0x3, "415ba3348ad10d1e5ec3df386b3be1"}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x1801}}, {0xc0, &(0x7f0000000600)=@string={0xc0, 0x3, "9fb182555b88e40cc889dde9133b35f2dca7211e2387b157d17c6e6fa36df180e4eaced121806cd7daaa09352b3ab5d1fbd5e37732ef9382717dd7b2f98e1366b0fe7863066dac5ee4cb0b0308acbb445e681a29019c954cbde4ba76025710aaabdfb9fb31101e1e0210be3867b4e7bf1720f18b3419691d06aa198621dd9073dd639e8c633b67631f7d1096dfd9927b75bd8e7d71343559a0473cb99314d69098815b03726d108c0c204b4d2aed7a4f31c0652b0026b2a7ccead1b97cfd"}}, {0xe8, &(0x7f00000006c0)=@string={0xe8, 0x3, "c8631dfcefa2eeb48d84e27e93a44fb920fbbf3e930b7fc013b45ac377e9e28e01484398adecaef309fe34d8f264eb624c9fcb7195792d6c6b16e8978ba4b0eb4083d0c65e3f3b9cc1a6ad6e214e402a174142d0733447b0ee18a3b04273f66ac34177206d7f3434730e7a3ce1b83ec1710b1add96c716ef59e6a74e17b9ff67073a37a75d1e282bfef3ceb7e577815d745d2188cebf28d6500432a6e36d95d30b2b8bfa82faec7f0e806f1f08dcafba08b3e8c50b9a10dd4a52f4a13fba1fbd403d3caa7f4bc5d9db8e52de870b085457fcbed70eacf88037098153814ad946564b76ebcfc6"}}]})
r1 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0xff, 0x1e7d, 0x319c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xa3, 0x40, 0x7, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x1, 0x0, 0x40, {0x9, 0x21, 0x0, 0xb7, 0x1, {0x22, 0x6b}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x8, 0x87, 0x1}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x2, 0x36, 0xd}}]}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x310, 0xb8, 0x3, 0x5, 0x40, 0x1}, 0x48, &(0x7f00000000c0)={0x5, 0xf, 0x48, 0x5, [@wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0xf4, 0xf, 0x9, 0x6e}, @ssp_cap={0x24, 0x10, 0xa, 0x3, 0x6, 0x5, 0xf, 0x200, [0xdfbf, 0xff3fc0, 0xffcf, 0x30, 0x0, 0x3e8f]}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x6, 0x4, 0xf9}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x0, 0x4, 0x80}]}, 0x4, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x340a}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x2c09}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x2809}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x3401}}]})
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

1m46.637894366s ago: executing program 1 (id=1324):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x1f)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
pipe(&(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
write(r5, &(0x7f0000000240)="94", 0x1)
tee(r4, r8, 0x8f5, 0x100000000000000)
write$cgroup_type(r8, &(0x7f0000000180), 0x9)
write(r6, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x400, 0x360, 0x556, 0x2000, 0xbdf2, 0xb, 0xa, 0x1, {0x8000, 0x569, 0x1}, {0x6, 0x1}, {0x8, 0x36, 0x1}, {0x8001, 0x80000001, 0x1}, 0x1, 0x40, 0x6, 0x6, 0x0, 0xfffffff2, 0x5, 0x73a, 0x8, 0x90, 0x6, 0x3ff, 0x55, 0x200, 0x3, 0xa})
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000100)={0x1, 'geneve0\x00', 0x2a32}, 0x18)

1m44.988024408s ago: executing program 3 (id=1327):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0xe)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040))

25.052091385s ago: executing program 0 (id=1328):
syz_usb_connect(0x3, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xa6, 0x9b, 0xbc, 0x10, 0x954f, 0x4199, 0xf76, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x4, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x33, 0x2, 0x1, 0x2, 0xc, 0x7, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
syz_usb_connect$uac1(0x4, 0x8b, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x79, 0x3, 0x1, 0xf8, 0x0, 0xbe, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xd570, 0x6c}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x0, 0x1, 0x2, 0x8, "8712", "defc"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x5, 0x9, 0x5, {0x7, 0x25, 0x1, 0x81, 0x9, 0x6}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x0, 0x4, 0x5}, @as_header={0x7, 0x24, 0x1, 0x7b}]}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x5, 0x0, 0x5, {0x7, 0x25, 0x1, 0x1, 0xf7, 0x9}}}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x300, 0x5, 0x9, 0x3, 0xff, 0x3}, 0xf, &(0x7f0000000140)={0x5, 0xf, 0xf, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x0, 0x6, 0xa, 0x6}, @ptm_cap={0x3}]}, 0x5, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x820}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x441}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x280a}}, {0x4, &(0x7f0000000240)=@lang_id={0x4}}, {0xc4, &(0x7f0000000280)=@string={0xc4, 0x3, "fc0fadf5cb1d9062096dc5a463c4137f2f48f1bf944ba71f157324664770eaa7a6cd031242e127cd3a819c6837bb787ea16fe68ee7320bc3aeb3ea0f44fae872815f378226ddba626fb2487a73b175a40ab04179cf5478baed90bc96a9021708fba05e0bf4d1bfb0e2d918dcc334cd82c00823709d1f75105fd45806a67893ac4cbc181e033bd027f6d6e04b7aebf9b0e8f28043266a4e20b0b09cbd15ae3473427561ea0b8b2c280a3e835e5a2aa2b0fd69884c5671517806889b41bd80fbd1b8e6"}}]})

25.050651416s ago: executing program 1 (id=1329):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=@base={0xa, 0x4, 0x4, 0xc}, 0x50)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x24, 0x301, 0x70bd25, 0x2, {0x1}, [@typed={0x5, 0x14e, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)

25.049115142s ago: executing program 5 (id=1330):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=@base={0xa, 0x4, 0x4, 0xc}, 0x50)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x24, 0x301, 0x70bd25, 0x2, {0x1}, [@typed={0x5, 0x14e, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r8, 0x4020aeb2, &(0x7f0000000300)={0x0, 0x45, @ioapic={0xd000, 0xfffffbff, 0x2, 0x9, 0x0, [{0x3, 0x6}, {0x6, 0xf8, 0xb, '\x00', 0xda}, {0xff, 0x9, 0x3, '\x00', 0xe2}, {0x5, 0xe, 0x7, '\x00', 0x3}, {0x8, 0x2, 0x4, '\x00', 0x40}, {0x9, 0x5, 0xd, '\x00', 0xea}, {0x9, 0x68, 0x4, '\x00', 0xe}, {0x26, 0x8, 0xa0, '\x00', 0x56}, {0x3, 0x7, 0x4, '\x00', 0x4}, {0x13, 0x10, 0x9d, '\x00', 0x1}, {0x0, 0xc2, 0x38, '\x00', 0x6}, {0x5, 0x1, 0x5, '\x00', 0x4}, {0x7, 0x2, 0x1}, {0xe, 0x0, 0x8, '\x00', 0x8}, {0xa, 0xb, 0x9, '\x00', 0x7}, {0x7f, 0x2, 0x80, '\x00', 0x65}, {0x9c, 0x3, 0x8, '\x00', 0xe}, {0x6, 0x1, 0x6, '\x00', 0x3}, {0x1, 0x9, 0x1, '\x00', 0xb}, {0x4, 0x81, 0x9, '\x00', 0xfe}, {0x2f, 0xf, 0x1c, '\x00', 0x2}, {0x6, 0x1, 0xf, '\x00', 0xfc}, {0xff, 0x1, 0x4, '\x00', 0x7}, {0x81, 0x3, 0x1, '\x00', 0x9}]}})

25.047357078s ago: executing program 2 (id=1331):
r0 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r0, &(0x7f00000000c0), 0x0, 0x800004, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mknod(0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r3=>0x0})
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000001280)=""/4105, &(0x7f00000000c0)=0x1009)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x88, r6, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x10000040}, 0x8000)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
shutdown(r4, 0x1)
write(r4, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000140009050000000000000000021f0020", @ANYRES32=r3, @ANYBLOB="08000100e0000002080002000a01010008000400ac1414aa08000400ffffffff08000a000100000008000200e000"], 0x48}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x2000c088}, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e24, @empty=0xe00}})

25.04634722s ago: executing program 1 (id=1332):
r0 = socket$alg(0x26, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff00810100000000d7eff61fe0ec933e9f78faa3853987e7a765d7b9ca04dc41dacedcd561f9d2cbc605b70b76a629eadd451a6ef60789ade7dd1291c5644f4bb6153d6ec843c935867e3718450897eabffa60e6ab53f8dbc29747864f02caed26c2334b77961f8f008c207777033a15bee736464bc5cf0f522617a8fa53b54e461fbbda42d68e42e0fa3be37fab4ea96661eb67a34fe66d864f5c66b1fc", @ANYRESOCT=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES8=r0], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000800)=ANY=[@ANYRES64, @ANYBLOB="4b8d517a9eb90a0e6c04e10757a244fffba64cf66b6c5ee045e100e364009502d1d6173e81b4cca80621a8b0d4a55907b9eb58b5c4fb3c1baa42e063395f5dd047de927774cd91d767911e0d3ed85ed87e349b7237b001ed3db00a892f61aeb7ee68e13fb37b874eb0f9a16f6063735756de64b9c772665802a0ddf226032cf7ed2f5e788ac585d68ecdc3491c560de77d960c33c8399579ba90b99bc987fc3ffbe4dc97244e3a117b343c21b8ec8c5a1a9feb9b26752ea6515cdb4c36dae9a3d338123618a50e58de789327369444b0f635c511b0c29a297e84a933e45bcdc5fd59d7b725f936d0f5ef207a844482770d1a958086cc36cdd40e3cb90d87bab15ca75138fddbe60fd5a3452babdb7ffa44679a22fbddfe72fb716e668c280cf411f084822346f1419815ab1498384060411c99e70c6be4e2bbb55f6bb1ff5213cbdc9da340ac30becf4162797220118d2822f28c4e64c4b1b754255dacb6d3015db8bc831a9c88bbb8418d4b64fe3e8318e73bac06b83292c457228c4ca67ee14d5d6712a1a585f71e67efaee9925b384e093f24cd4c7c6700da84d8868b1f50b0b31d8b6be07e9e11a44fb3fcaf325038d6a673dfaa9e3cdb685bfe5503642279a99f77bb9eec31e0661bc2837c25af73e28a384ec19f610d2cbeb2e311d61b3f3816c04c9442467728ea0a1e4cff1cab6adf26148baa32651b8898a77811a4380a9fc5cc08ca16cffea679a5b43fa786a2a56260299af3f0b3d9adfc6303e5514ac966abdd23df27e2ed16bb308c3707534117c18d2e6cb84093e83aaffd7f5489057312002d7894fb0ba5331b8749214009185563e37e83816a6396b0515c1b7a9d9146597230b5995b7cfff1b6cea7aaae28ef797ccd9cb925f24bfa010f5a3026bc61d26138b46d07f732a6ae37cda5122c0dddc02f3affcb290d4763a217e081b3f15f23e4f81fe7c3b1e4649d854b25543b6dcebb4f1b2e7f15ab6720b8191659ee66f94e367dd8bb62c85aba00de6366ea22f6efd2be5841c6b07412ded15a15fed4972e2fd075db09f0f854b14b6cdef9e20efcd631c4b4921b8bfb00870103754f9d2667a23d408433d32c4424a5c63afaae1c72aa4bdd548f5812e098d9bd076f81786c84da10424113f91b165b79284607a264d115d27289f58991de0b6711f75d235cd8bb182cbd270a99ea098b3f49cd0286d0b4182ceecce3f1737807f33c73b921c8ad153f16ab96c3b59c996e44cc6da124ffe8a50ce5c7bf2c2cd26ee0ba14e347cdbe2b8c5a422bf417322845b41cee13d8b9f784ba79146b4953d83e9c8f719d783d4a1ed48bc50a6dcf17b610db381d7c947984e6c25642ce40f0c32887fddc67927d532e8008f4c51c1221f9bea559092562e0aaa81768f0040c6f1a1457c16c42d421e9c21c1df528617b3b9808b3a8fc672841a807cfd6d8bf77801fa025e5c063c56cc3d2a7fbe0ae138c798fc2a19344e8564dd5e49b6164272b8f838e6dcf5a793ecbf56bd1277ea7d08ea52b36be21195d533231d7a80e6a8c7fca4fdc341e72a5a0f370051ff3bc2ac33fe57062903e625f1539b0d5930a5f9c012d4a5acc6b96528596d5d8308e2f636cfb76a97842fbfce18c1b48769224f4508f3abb183144ed1a0144ed5f9c4c72557630086d280cafcc30672a3355be4918f9b90cd47ecedbb91d839fb6bcbc1f11db000eee9b7aef06639bb3298ae6c575949a7c852f538d6c046abeb96c91c54122cfb28c7f6289b02eb027ef735aae2bac503bcb1017784e2a94fde2cc9f541322eb798937c400a39dd1e787855f34b7f0775ae0cbc6c7f42c2312458e33cf3bcea5fa6ccae624dce800ea47a761c2f6677e035c9fa2572b394b86845a17fd4edbcf337fce8c1d9d4f80cffc16d6005f1a0640af196d0f9e9e0fd08b1c6762b08e036e50aa6da628f4747a6f90e292657d25f496636aa684bbffebcf4226d2474d0a9ee9257e76eb5e54dd47b2069be8470bb9ea8c3b17133c06448e7e3488c56561ad440dbad5cc256855e5bdc0a94a118e5cc69433a69ad5bca7730057441acd11e5faa161bf4e312577db2a75dee8bef0402599323ea4a2fc09f7f6f788e9747c3f886bf712b999d6d99e7481740c0ee0fa3fe7c28d7dc861d86ca49048c1046548c085892be3977e6d3c7e5b10f18c5f35985dc38a0a116de99d986098513485f0dec68d1c0ac36c13d56e1530aca261224d9a4bef19a205130b4065071bff8ce0e30647bac01b3d57f59e6f6ebfba1ea4556891a93b9378e24b37aedfb408166d68f0c274de7577ce480c3b0788954f6733bc6d3f4d23d5238efb09715406106addedb0408b201c6413fbd1aa60b51c641828f173e1bd86d3851841abc61f052dd347df6d48eae514af1bfdffd7a29a801feaaead46d1455b110f81008ebb731e9b28f449e04bab4fb1d39d59726427de5190f4e756230a55050b8de2d95f686982209513cbc0ea739b1bea4717242f9470cd581113fd873675ebe6d7ea3c174e224b968ebee5f2952e2aeda8417b1139c68e61424966373529f89e6debf29a4dd1124dc9eda6c49673845dd62cebb00a203154fa2174812680663356537b55eea1af24fb1ec9caf48665ee91b46c3b58f0fb7e95e455191f2394f28390ab34a8dc196935460c7b0067aa6b66cf2b62f7392fb8b6a10187bc5c7cdc77d62d8fbb311ae14a284e0e1ccaf0bdffd9d30a6c098045db79d6a6a0bf2bf91f8530e99c33a5458ec3618d82e95b19a0c6cd5fb44641577e0c58bb7030167dae8edb10eb2a8d90d6a2bb4cb4ecf4a1e67db3af0a8205cf7804e0367b91d8a5e5a67c031103cf07df45ab0152080ba7762ae41952f5be38a950d10479f2d0a4b0ad79d174a22aa224377c536cf3369431e87999dee356f231647a8c6695866f077552610bdb274eaf746edd135f9fd6872bdc33c0e60351f16ceaafbc8c6b0c474aa82b387618440d93f84d1f9a02db4065337595d5633da2c37fa2379816adb0961ab4fbde7a27612d62c2569d7fa4e40fefe0cd06a0a37446b3f51998c843bd9a541c41bec74bc2790e145d2b72ac88193850dd567c09faed2d61195d30f7d8ff66b3ed73513a05f7b72d9b3f2e99b8daa4d43e05c54e81223b43d8ba983acda9dd3bc8a508b635f48327037d6c1e0643de4244a798ccdefa78dedbaff565f6ed8d1e8df732465a9821444a766382069ac2e11b3af543e89ccc7e866b49b76e952f11ec9ad52c819336e6b394efcf7b5248f9f15e50d8e8f67dd7657c743622ec5c983406d89fd27c0fca3d3a32dfe26c9d30b29ccf0fa5d37fc4e31fed82b0e69345b5e07c171cb2575e4ad777b3246c7a3d9b05cf29580b1b2ec30b81d9c67d7d8298e16cf2fc87b614d16286bfee2ba7547a8a3fbd71c86598ec4e3cec90d7aa3db1e0536a911a0b4a689df69e6fa94a5f3d7312c26d37fb3595c45ec900046f26f28d7b7827c4b722e87f4bc2ac443abfa4e9f1e71f5b11d6512f32b22a640f4cb1586efa948d9d3cab8326fe09f80bd475f75ebf57367b40847f59e4f533d39a745e89e3f42c0895a9cb6df53fc9f7fa270d3c0ebf313ec2037570820836845e15c08083064a2a4f68e184ea7d3cf5e4582df15338d94ea717c9129d5e576333247eee277ba44331c3591e5bb4d69c661a3ad650a4b2b38b5c16df18855e6faf3482a3ae5550d4d2cdeec663ac9400e63b74192567eeb6d0501b7b27619d3eeee0c6a8f461d45f8722fa9fb2c13f165b65efd39d5677131caa57d18e35418cb32fa2d8ef31e0a678f78c25c3186c0a6a23b53145d67cc9c7d7d4aa3ee818d483d655b7205565851bcf979f9e2f337a04fb56cb1d3ba767efbbfe2dfc58c6f9369d1e115315821e6774d0d416c11a44dc5251fce2414883b6d573c6e3995e144d923c432139664bd96bf72ce2fd2d84b0f1f06784d1228d21f2d9c346f4a57de56d79474206765eda01320e285dad0bc263da0e01a5428e0209001b52935a77bd8a61e32647bc01522484e718e13d99a7dbbd4bcc21f4821ee1b9bf144942f4295e4d8030e9c5f6fd01bf98e6b247408ae929c58c4b21ce5a3d16a635f9dca6ec8110a09ab99dd46a643febf77aa9962f4d319f91eadeacc4049731c29f1ed74a623d8fa51a66415057dd36b3fad2723f50feb17dc2b1a58997e40ed5aaacb1c04ba0cc4df72dda149f4e87ceaa63567089a57f102b719449265071651badb513e56848c7a4f1bc385141bd1c27001a73c0dddb831c7a1a0ab6b0bd64ee6b57f6bda6bb8efc4c92ec53cc11368de3be52c0a4feb158349be09dc9c02ce66d53763d6c698e48894476a13d9c6f8b2f6421cf5e60669d174daf0a33e4398c6cf9bc1bd2d4a28e427e39852fff254a9f2fedb5e8203b5dc3fc85d27d68dd4cb4d70d0665a03ff929892be94eaefede413c1c369b5b3f612887fa727142a11c37a6564b69adccd67570363cc2012371eec1ff1a7364d9730744ec3377dd494eddddbbae3c581a352d10701e22f2e5983b84f285388e3358cdf19d6636f5bb126a82a6c2f4ad06cd978372785e47bb6aaa92ec3464c6343badfd2a2f1b76e86be95237363199e0e48bf8b643c60333a531081b02b8059f3eb70e668f23d0f35db4b3491598cd0d63c3f21196db74d6d0f8d67baceeeb920ac61369c0fe0afa4e626694a778c45417dd506a783d68f06061714fcc088aa435b0780074ce39f43684650240e1b275e9bb7fc280de4aa553d1494c0d17b416eb12f854ac4c1399845fecc129f9095aa2a89d677cfe5f660ad165c9fe6ee97162874b7b05ad94a3a45c26a9957ede61b6c003892c819a9f4e27fa0a30596a520e65787a375814947ee9ac4b60fe9aac95745a68711b8fbe86e885b978f909790fb84cf129dd373c278c65e33f056978f84fcbf35dff1da80353f46cd08880f9289cf1c1891e934197119614fdd5fe7fd11017626a1a12f19102199f68d5c384bf914ffc4e7588a2517c7c6b58915e1f0580086544c5d7cac6cff40348c7168fbe094c89f5a5b11e8281b8211b783ce2bfe4dab3b847ccb55da5d2ef3a2688f0c5ab2676bbeaa3839d157457b715d02f96f1e8c94232ea61f451f725e01b64cef003c635733e423811aac806f3c9a5b1627dfe4c20be82a07c42b1ad6628aa628e3d893b313d2b46d35e47a23667fc31faa7fdecb9a11d1fd2097ef608f6e57b7904700dbd11ba270c48e415dc05fcf9958d9efeaa377d5f34add66133813af77092fa2ce6d9f8dc735ef58b1e183902a398e33640d8dc157d64a89b7f9a45cba080493e659fa139dfa9a940d57d54576f99d32e848a42052f5910b18762af728716fd4bd9476461ce6fbdc7dbc0f0f8b2cf016d1f405a20ddd66f01a4e6c4b6edf71e6f9c3981ea344876b7f8f5cee426427bc5e73d611bc8156eed86e1ad7790bd0f0ace2f2f389eb0dc0921d3066d7bbe626a3dbe1d48b5a631760fbdb40fe7a45878ec12254816a89b0dbead29c892e2145d11e7141331e82574f5de5bb07776e7bf4b2ab9d103e3d758252b7dc13fdea80278992d8ba745ae14abc00c32e272a772bbf39653a4370bbed7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r3 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, 0x2000})
tkill(r3, 0xb)
getgroups(0xfffffffffffffdb2, 0xfffffffffffffffe)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r5 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r5, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="98ac3c6741a40ce1997f49fba70d946a07f2178b8bc77dc9339505c7", 0x1c}, {&(0x7f0000000140)="f3e41672c645e11018dc0400000000000000a4c47b311e714b5aab5a85ab5f", 0x1f}, {&(0x7f00000002c0)="390ea240d45db5fcbed46fe54ba61b38faa36d565c3ed3685df9f01173ce90c93393750e9e37617c255ddb6d56", 0x2d}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x1f}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2, 0x0, 0x0, 0xf5000000}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ff6000/0x2000)=nil)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000008000e000000000000009500040000f90000"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r6}, 0x10)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

25.04579265s ago: executing program 2 (id=1333):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x1f)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
pipe(&(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
write(r5, &(0x7f0000000240)="94", 0x1)
tee(r4, r8, 0x8f5, 0x100000000000000)
write$cgroup_type(r8, &(0x7f0000000180), 0x9)
write(r6, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x400, 0x360, 0x556, 0x2000, 0xbdf2, 0xb, 0xa, 0x1, {0x8000, 0x569, 0x1}, {0x6, 0x1}, {0x8, 0x36, 0x1}, {0x8001, 0x80000001, 0x1}, 0x1, 0x40, 0x6, 0x6, 0x0, 0xfffffff2, 0x5, 0x73a, 0x8, 0x90, 0x6, 0x3ff, 0x55, 0x200, 0x3, 0xa})
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000100)={0x1, 'geneve0\x00', 0x2a32}, 0x18)

25.044843386s ago: executing program 3 (id=1334):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x2f126000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8)
cachestat(r2, &(0x7f0000000180)={0xff}, &(0x7f0000002280), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000001000000e8e187f63af5cbc371c494e9d809ff070000", @ANYRES32, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000097030000040000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x34, 0xe, 0xc08}}, 0x120)
syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, 0x0)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r6, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000000)={@empty, @empty, 0x0, "daf86eed51d59c3b227a93fc7264db425e9d015e14f17c0900497e00b3bb00", 0x7, 0x6, 0xffffff9d, 0xffffe6df}, 0x3c)
syz_emit_ethernet(0x13b, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c20000000800420c012d00680000060690780a010101ac1e0101830b9600000000ac1414bb4428fd6000008000000000780000ffff0000000600000002fffffff800000800000000810000000b004e244e23", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a180780006fe11f989fd357b00b9307614cb42af621400000022102afc78542ec522eb583ea4d9793fe0acdc26a4a58cb3ca51a705bdadf5066f01798c6e0d364c51521c69df399eff14b6572bc3f7916017396e07d09d853d0d4d331273829aa4e6ad7d0ae364b68397bb0b7e3ce085042093d365dd1b39be55575925c4b14df6175832192bbb43378827ef6d7b2d0da65ca43b6e09d4c07986640a1c4fb68bb7295340b01bcce748fcebb9d109434bbb472d3103fa8f119dee31dcb713f16f642f24be2d7c4c15e0614e7cab97281caa4fd37ae7369cb5766676300ba5bd89e651d9640301fb08c59fa3b3de57aeffbcde05083dbcb4051aa09630ef684c64f5e2d64740a9de88481c923e34169ec3d8cf482fabc812f7d72d162d46b7502fc33bff1c9d8414db2605c0f411724889ecc1c0908f69baf8ebfa3e6884f28de3c5d9da"], 0x0)

25.043616462s ago: executing program 5 (id=1335):
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x20, r3, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008814}, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_getaddrlabel={0x24, 0x1a, 0x1, 0x70bd2d, 0x0, {0xa, 0x0, 0x80}, [@IFAL_LABEL={0x8, 0x2, 0xc77d6fefed47c69f}]}, 0x24}, 0x1, 0x0, 0x0, 0x45}, 0x20044000)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x401, 0x170bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14800}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e22}]}}}, @IFLA_IFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x50}}, 0x2000000)
ioctl$IOMMU_IOAS_MAP(r4, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r5, 0x0, &(0x7f0000000000)='L', 0x1, 0x2})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r4, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x0, 0x0, r5})
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000100)=@phonet={0x23, 0x8, 0x0, 0x41}, 0x80, 0x0}, 0x24048015)

25.042563952s ago: executing program 2 (id=1336):
r0 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r0, &(0x7f00000000c0), 0x0, 0x800004, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fe80000000000000000000000000003bfe8000000000000000000000000000aa000000004e220c9c0a00003000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000007f00000000000000070000000000000003000000000000000000000000000000fdffffffffff06ff0500000000000000ffffffffffffffff030000000100002000000000000000000000000000000000090000000000000000000000000000000100000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x90}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a37f200082c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa3a000005"], 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mknod(0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r3, @ANYRESDEC=r0], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e24, @empty=0xe00}})

25.021012525s ago: executing program 0 (id=1337):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001000010700000000004000000a000000060001001800000008000a00", @ANYRES64=r2], 0x24}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x1f)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
pipe(&(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
write(r4, &(0x7f0000000240)="94", 0x1)
tee(r3, r6, 0x8f5, 0x100000000000000)
write$cgroup_type(r6, &(0x7f0000000180), 0x9)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x400, 0x360, 0x556, 0x2000, 0xbdf2, 0xb, 0xa, 0x1, {0x8000, 0x569, 0x1}, {0x6, 0x1}, {0x8, 0x36, 0x1}, {0x8001, 0x80000001, 0x1}, 0x1, 0x40, 0x6, 0x6, 0x0, 0xfffffff2, 0x5, 0x73a, 0x8, 0x90, 0x6, 0x3ff, 0x55, 0x200, 0x3, 0xa})

24.997987105s ago: executing program 0 (id=1338):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=@base={0xa, 0x4, 0x4, 0xc}, 0x50)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x24, 0x301, 0x70bd25, 0x2, {0x1}, [@typed={0x5, 0x14e, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r8, 0x4020aeb2, &(0x7f0000000300)={0x0, 0x45, @ioapic={0xd000, 0xfffffbff, 0x2, 0x9, 0x0, [{0x3, 0x6}, {0x6, 0xf8, 0xb, '\x00', 0xda}, {0xff, 0x9, 0x3, '\x00', 0xe2}, {0x5, 0xe, 0x7, '\x00', 0x3}, {0x8, 0x2, 0x4, '\x00', 0x40}, {0x9, 0x5, 0xd, '\x00', 0xea}, {0x9, 0x68, 0x4, '\x00', 0xe}, {0x26, 0x8, 0xa0, '\x00', 0x56}, {0x3, 0x7, 0x4, '\x00', 0x4}, {0x13, 0x10, 0x9d, '\x00', 0x1}, {0x0, 0xc2, 0x38, '\x00', 0x6}, {0x5, 0x1, 0x5, '\x00', 0x4}, {0x7, 0x2, 0x1}, {0xe, 0x0, 0x8, '\x00', 0x8}, {0xa, 0xb, 0x9, '\x00', 0x7}, {0x7f, 0x2, 0x80, '\x00', 0x65}, {0x9c, 0x3, 0x8, '\x00', 0xe}, {0x6, 0x1, 0x6, '\x00', 0x3}, {0x1, 0x9, 0x1, '\x00', 0xb}, {0x4, 0x81, 0x9, '\x00', 0xfe}, {0x2f, 0xf, 0x1c, '\x00', 0x2}, {0x6, 0x1, 0xf, '\x00', 0xfc}, {0xff, 0x1, 0x4, '\x00', 0x7}, {0x81, 0x3, 0x1, '\x00', 0x9}]}})

24.997424406s ago: executing program 1 (id=1339):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x3d5, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x3, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x0, 0x1}}}}}]}}]}}, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, &(0x7f0000000200)={0x0, 0x21, 0x2, {0x2, 0x23}}, &(0x7f0000000140)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, &(0x7f00000002c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x4, 0x1, 0x1, {0x22, 0x68d}}}}, &(0x7f0000000540)={0x2c, &(0x7f0000000380)={0x40, 0x10, 0xba, "a82e526ea45b862443a703368f12ac220455b618dbf5a2e6e1b1369093254e48c222722d662f5510b1b0fa08e9d7d4efb9e8e5225e4a26748763f32439d952f9c7d05270fcac69f610144272b4c3227a18099b304a4b99c4e4b9fe797d48bd01da3e4b6f03e35de99080d9f88501baad7a54ebd912403ab275e364b0054be78a68d6ddaa71ca675662e838153ccb0e69eb7778fbdf6690670048f5a57e465c8624126cf91f8373fd73b4b4b56fb9460f9a82d313ff78890cd5a2"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x1}, &(0x7f00000004c0)={0x20, 0x1, 0x29, "ecc4a1fa229c24ab8b3de6af215d5ff845f473dabbbea2078fba05af073e0ade79b9a5e2ad74cbc5a7"}, &(0x7f0000000500)={0x20, 0x3, 0x1, 0x6}})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB='7'], 0x20)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000d40)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000e40)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x44, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x39}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x5, 0x3}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_vlan\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040002}, 0x50040)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000b80)={0x14, &(0x7f0000000a80)={0x0, 0x30, 0x83, {0x83, 0x22, "82f6d26cca968bcd606d5df933e781870734d5dd0f223293c8d885a9dd154021bdd35e18afea4cd39470e25362e7bbeed5388636ea282745cf6b06e35929579a304a8c3b1facd3bdc9b7073ebb69af1738d8e5f036fec67736388c01eb6483b6e71b461c7e74b38df875ca5726a23637b9e926e1c5aedb77a31b8d14baa783d0cc"}}, &(0x7f0000000b40)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000c80)={0x1c, &(0x7f0000000bc0)={0x40, 0xa, 0x23, "b88c070861d1249f293874aa7a28b054b58d34d2548a8846bf23044efd054d26a115b6"}, &(0x7f0000000c00)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000c40)={0x0, 0x8, 0x1}})
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, &(0x7f00000000c0)={0x40, 0x11, 0x5, {0x5, 0x24, "b1cb1a"}}, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0)

24.996865701s ago: executing program 2 (id=1340):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x20000a0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, 0x0, &(0x7f00000000c0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8e9707ba2218f1cc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f00000000c0)="ddd5be65914ca2fd9a767ed10a74", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000080)={{0x0, 0x4}, 'syz1\x00', 0x4b})
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000100)={0x35, {0x9, 0x0, 0x2000000, 0x3, 0x101}})
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x200000a, 0x12, 0xffffffffffffffff, 0x7f196000)
r2 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x240)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f0000000300))
syz_open_dev$evdev(&(0x7f0000000240), 0xec, 0x220300)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r5 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f0000000040)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000004000c18d3c55b852ef56e43f664e3ab38eedc71bd9dd620e716928fa1ef59d7bf72332fb26766b7d66f573d16d28dc9b5c110d63af6a3d4"])
openat(0xffffffffffffffff, &(0x7f0000000400)='./file1\x00', 0x80c0, 0x4)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000440)={r2, 0x86, 0x26}, &(0x7f0000002600)={'enc=', 'raw', ' hash=', {'digest_null\x00'}}, &(0x7f0000002680)="9a09db5eb4144cc6a40eb4c2aa2871ddd44ea661ba33fd4b9cf9de8c11d628765b16b43f91f9ba47220959006131252222d1c6545b5c6eabf857f02ff6d22ad8417004274ad03f9d4a94538eeb3d2030b6b1b7bb53f89b4d1225f300f476de7531879ba834d6c76a1e8654bf7160e27935533fe70a546aace14eb720f48de61c6bdeb4cf8324", &(0x7f0000002740)=""/38)
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020)
socket$inet(0xa, 0x801, 0x100)

24.996538652s ago: executing program 3 (id=1341):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x13, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14fff4001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c0002800800074000000000080003400000001608000140000000120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0)

24.996246647s ago: executing program 5 (id=1342):
creat(&(0x7f0000000400)='./bus\x00', 0x0)
userfaultfd(0x80000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
tgkill(r0, r0, 0x32)

22.91017851s ago: executing program 3 (id=1343):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r0)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010020000000000000002800000005002e007f0000000a00dcbde01101007770616e3000000005002b0002000000dd7ee3eb45a0f10ab83da7b6efc36af48b5408324f394719"], 0x30}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getregset(0x4204, r3, 0x202, &(0x7f0000000200)={&(0x7f0000000380)=""/112, 0x70})
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0xfffff000)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$SNDCTL_DSP_SETDUPLEX(r4, 0x5016, 0x0)
r5 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffafff, 0x1000, 0x2, 0x33d})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c0000001d00010000000000000000000a00100076"], 0x1c}}, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r7 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r7, &(0x7f0000000180)={0x1a, 0x0, 0x80, 0x0, 0x0, 0x0, @multicast}, 0x10)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x7e)
r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0x0, 0x6, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x200, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8c], 0xeeee8000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

22.907382757s ago: executing program 2 (id=1344):
r0 = openat$smackfs_ptrace(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$smackfs_ptrace(r0, &(0x7f0000000080)=0x1, 0x14)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0xb00, 0x0)
write$ppp(r1, &(0x7f0000000100)="1485607977712fd1cb5e575581a7da5a04929412af351d2fde052c15430c8b9680aa3773a0c5484e097db5989da25fe8ecff35502061a61d503c51618ff96efa93006460323ce4d27ac6ebfdcff69fb2aabd1b60800fab13f03c8b8e805e256d424e6283407994529f035e053508928ac1d7dadacd", 0x75)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r2, &(0x7f00000002c0), 0xed)
ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f0000000180)={0x2c, 0xfffffffe})

22.852797669s ago: executing program 5 (id=1345):
r0 = socket$inet(0xa, 0x800, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x6, 0x0, 0x6, 0x691}, 0x10)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
r2 = gettid()
signalfd(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket(0x22, 0x2, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x77}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x6, 0x7a}, 0x8)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r4, &(0x7f00000000c0), 0x1d, 0x800004, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000140009050000000000000000021f0020", @ANYRES32=r7, @ANYBLOB="08000100e0000002080002000a01010008000400ac1414aa08000400ffffffff08000a000100000008000200e000"], 0x48}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x70}}, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e24, @empty=0xe00}})

22.720940621s ago: executing program 0 (id=1346):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x2f126000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write(r3, 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8)
cachestat(r2, &(0x7f0000000180)={0xff}, &(0x7f0000002280), 0x0)
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000001000000e8e187f63af5cbc371c494e9d809ff070000", @ANYRES32=r6, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000097030000040000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x34, 0xe, 0xc08}}, 0x120)
syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000000)={@empty, @empty, 0x0, "daf86eed51d59c3b227a93fc7264db425e9d015e14f17c0900497e00b3bb00", 0x7, 0x6, 0xffffff9d, 0xffffe6df}, 0x3c)
syz_emit_ethernet(0x13b, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c20000000800420c012d00680000060690780a010101ac1e0101830b9600000000ac1414bb4428fd6000008000000000780000ffff0000000600000002fffffff800000800000000810000000b004e244e23", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a180780006fe11f989fd357b00b9307614cb42af621400000022102afc78542ec522eb583ea4d9793fe0acdc26a4a58cb3ca51a705bdadf5066f01798c6e0d364c51521c69df399eff14b6572bc3f7916017396e07d09d853d0d4d331273829aa4e6ad7d0ae364b68397bb0b7e3ce085042093d365dd1b39be55575925c4b14df6175832192bbb43378827ef6d7b2d0da65ca43b6e09d4c07986640a1c4fb68bb7295340b01bcce748fcebb9d109434bbb472d3103fa8f119dee31dcb713f16f642f24be2d7c4c15e0614e7cab97281caa4fd37ae7369cb5766676300ba5bd89e651d9640301fb08c59fa3b3de57aeffbcde05083dbcb4051aa09630ef684c64f5e2d64740a9de88481c923e34169ec3d8cf482fabc812f7d72d162d46b7502fc33bff1c9d8414db2605c0f411724889ecc1c0908f69baf8ebfa3e6884f28de3c5d9da"], 0x0)

21.982192213s ago: executing program 2 (id=1347):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00', {}, 0x8a1})
readv(0xffffffffffffffff, &(0x7f00000017c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_to_batadv\x00'})
sendto$packet(r2, &(0x7f0000000740)=' ', 0x1, 0x20008801, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x11, 0xa, 0x300)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000540)={0x48, 0x1, 0x0, 0x0, 0x2, 0x6dd})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000080)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
dup3(r5, r4, 0x80000)
sendmsg$tipc(r5, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, &(0x7f0000000b40)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001a00), 0x101d0}], 0x4}, 0x0)

19.919360204s ago: executing program 3 (id=1348):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0xfffd, 0x7, @mcast2, 0x9}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9588, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

19.183401537s ago: executing program 5 (id=1349):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x2f126000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, 0x0, 0x0)
cachestat(r2, &(0x7f0000000180)={0xff}, &(0x7f0000002280), 0x0)
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000001000000e8e187f63af5cbc371c494e9d809ff070000", @ANYRES32=r6, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000097030000040000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x34, 0xe, 0xc08}}, 0x120)
syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000000)={@empty, @empty, 0x0, "daf86eed51d59c3b227a93fc7264db425e9d015e14f17c0900497e00b3bb00", 0x7, 0x6, 0xffffff9d, 0xffffe6df}, 0x3c)
syz_emit_ethernet(0x13b, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c20000000800420c012d00680000060690780a010101ac1e0101830b9600000000ac1414bb4428fd6000008000000000780000ffff0000000600000002fffffff800000800000000810000000b004e244e23", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a180780006fe11f989fd357b00b9307614cb42af621400000022102afc78542ec522eb583ea4d9793fe0acdc26a4a58cb3ca51a705bdadf5066f01798c6e0d364c51521c69df399eff14b6572bc3f7916017396e07d09d853d0d4d331273829aa4e6ad7d0ae364b68397bb0b7e3ce085042093d365dd1b39be55575925c4b14df6175832192bbb43378827ef6d7b2d0da65ca43b6e09d4c07986640a1c4fb68bb7295340b01bcce748fcebb9d109434bbb472d3103fa8f119dee31dcb713f16f642f24be2d7c4c15e0614e7cab97281caa4fd37ae7369cb5766676300ba5bd89e651d9640301fb08c59fa3b3de57aeffbcde05083dbcb4051aa09630ef684c64f5e2d64740a9de88481c923e34169ec3d8cf482fabc812f7d72d162d46b7502fc33bff1c9d8414db2605c0f411724889ecc1c0908f69baf8ebfa3e6884f28de3c5d9da"], 0x0)

19.085848821s ago: executing program 1 (id=1350):
sendmsg$inet(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="5cf30b35ee7f0486c58f56e7bca741a6f8d6e9a59d8aee73594a4a", 0x1b}, {&(0x7f00000003c0)="7d543297774f29c99137b5b02087a35ea2fdabd67dbb93cb5d053ad6ed588a8012988146f5aa6ab3c5e70dc2c9b137113bc59d9cc3ab5c872faab763a32c14b11a1683bfa1cd27245c14c9fbaaebf80be1655622eb23194e6efb05d7c512a01582711962d1e4c1c9a4", 0x69}, {&(0x7f0000000480)="b7bcd9d413d928dda3304b3e706ae1b317cbc83b8c7397d1725f331c3f632184fc22e3d528aeba405efc489553e8b56b2180193a5eecbb46d48c48bc41a5adb88df3e96ca1a9eed6bc9986d20c3b42c2543ff7c2edf8be84d357c4c73ae1bb07fa8dc912da43f2339307", 0x6a}, {&(0x7f00000005c0)="d035a9363e983cfebd74e71871174bb62438a55b84c6539a4cf1edb913d110870cb5b690694407d2b15e108ecb846d0088b28bddd8be402e9d7d999b83a408600c2ff0edb5322e252b8285fd09dc23dc76794c9af09aa247fb9f9c7096285496ebf05ee5bd73af59ab84c6b37d3cd5b464b242db0fbc11e9e7df49c04aa723194a95c545a405f989a2e154a24e0b230c44840b4bce410fb4f8e5512d7c1c", 0x9e}, {&(0x7f0000000680)="157645e2c80dc87e7dbdbe590ef498b55dcd556dbe65d6802d6a885daf7a0b1d2c7b705548e3da23063298958a4fb55b85cdbf82617f7c438c3f2a7ccc5355fa3e2fc62062682a69b0311e0f12e17f5fbae92c1c3015e77b09161739f6fb3957ee87f52ee9f2fa0273c2d485718dd0ea458b0d5f42b7256affe305996c7909fa0b776c427e715b5bfbba5048956584e43cf1462eb8fad05391bbd2574e6f1730a62505e8bc97e9ac853063b05f7065900774ffbb34ece592b00862014ba520b968734d8cbbb4bea4eeabd25f162dda5c7a4645a164b55651826e6b51082b490daffdca3178", 0xe5}], 0x5, &(0x7f00000007c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x401}}, @ip_retopts={{0x24, 0x0, 0x7, {[@generic={0x7, 0x11, "5f0f351a6829461a7163d54f53a835"}, @end]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xe0000000}}], 0x70}, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200", @ANYRES32], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000180))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000980)=ANY=[@ANYBLOB="340000001000030400000000fedbdf2500000400d87c5a40ce38af820b8ed419d76768602a49", @ANYRES32=0x0, @ANYBLOB="0003000000000000140012800c0001006d6163766c616e0004000280"], 0x34}, 0x1, 0x0, 0x0, 0x40084}, 0x0)
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0000fa00ea8000"})
syz_open_pts(r1, 0x100)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000780)={'vcan0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000940)=ANY=[@ANYBLOB="240000001800210200000000000000001d01000008000900", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x000'], 0x24}}, 0x0)

18.665553313s ago: executing program 3 (id=1351):
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000002400)='illinois\x00', 0x9)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002440)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000000)=0xbdf6, &(0x7f0000000040)=0x4)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

18.594623826s ago: executing program 0 (id=1352):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

16.624498316s ago: executing program 1 (id=1353):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet(0x2, 0x2, 0x1)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000001d00)={0x0, 0x640, 0x0, 0xf0, 0x6, 0xa08, 0x0, 0x0, {0x9, 0x2}, {0x1, 0x2, 0x1}, {0x3}, {0x7ff, 0x3, 0x1}, 0x3, 0x100, 0xf, 0x8, 0x0, 0x7, 0x4, 0x5, 0x9, 0x81e, 0x5, 0x9, 0x2, 0x0, 0x2, 0xb})
connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2004000)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r3 = socket$kcm(0x2, 0x3, 0x2)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f00000004c0)={0x5, 0x40000}, 0x10)
sendmsg$nl_route(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000001200375f3fbd7000fcffffff07001d"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x8884)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x388ff000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x4000000, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x7, 0x6}, {0xff}, 0x0, 0x1}}, @TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1ff, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0xfffffffd, 0x400000, 0x3, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xb484, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7fffffff, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xf20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x3ff, 0xfffffffe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffd]}]}}]}, 0x45c}}, 0x0)
write$tun(r0, &(0x7f0000002700)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x1, 0x5, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0xfc0, 0x64, 0x0, 0xb, 0x88, 0x0, @private=0xa0100fe, @dev={0xac, 0x14, 0x14, 0x1a}}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d3cc4bb4640a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a100301000d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f03000000f1e41d59470decee7b0cc41ac49e4b75a9ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d8bd1666ca697270c901d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18fe4575ac3a228ef172d096625d105d544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c9eaacb5793498be490de32baba49172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19411e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86d90c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb97800763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f30975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319bd24b9f663e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb11b5f94f0363c21c0093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e121558bbf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c"}}, 0xfce)
syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x44f, 0xb605, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x40, 0x1, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x3, 0x1, 0x2, 0x8, {0x9, 0x21, 0xd, 0xb, 0x1, {0x22, 0xfb4}}, {{{0x9, 0x5, 0x81, 0x3, 0x420, 0x8, 0x1, 0x6}}}}}]}}]}}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000040)=@lang_id={0x4}}]})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
socket$inet(0x2, 0x2, 0x1) (async)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000001d00)={0x0, 0x640, 0x0, 0xf0, 0x6, 0xa08, 0x0, 0x0, {0x9, 0x2}, {0x1, 0x2, 0x1}, {0x3}, {0x7ff, 0x3, 0x1}, 0x3, 0x100, 0xf, 0x8, 0x0, 0x7, 0x4, 0x5, 0x9, 0x81e, 0x5, 0x9, 0x2, 0x0, 0x2, 0xb}) (async)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) (async)
sendmmsg$inet(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2004000) (async)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0) (async)
socket$kcm(0x2, 0x3, 0x2) (async)
socket(0x10, 0x3, 0x0) (async)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f00000004c0)={0x5, 0x40000}, 0x10) (async)
sendmsg$nl_route(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000001200375f3fbd7000fcffffff07001d"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x8884) (async)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) (async)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x388ff000) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x4000000, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x7, 0x6}, {0xff}, 0x0, 0x1}}, @TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1ff, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0xfffffffd, 0x400000, 0x3, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xb484, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7fffffff, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xf20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x3ff, 0xfffffffe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffd]}]}}]}, 0x45c}}, 0x0) (async)
write$tun(r0, &(0x7f0000002700)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x1, 0x5, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0xfc0, 0x64, 0x0, 0xb, 0x88, 0x0, @private=0xa0100fe, @dev={0xac, 0x14, 0x14, 0x1a}}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d3cc4bb4640a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a100301000d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f03000000f1e41d59470decee7b0cc41ac49e4b75a9ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d8bd1666ca697270c901d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18fe4575ac3a228ef172d096625d105d544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c9eaacb5793498be490de32baba49172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19411e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86d90c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb97800763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f30975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319bd24b9f663e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb11b5f94f0363c21c0093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e121558bbf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c"}}, 0xfce) (async)
syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x44f, 0xb605, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x40, 0x1, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x3, 0x1, 0x2, 0x8, {0x9, 0x21, 0xd, 0xb, 0x1, {0x22, 0xfb4}}, {{{0x9, 0x5, 0x81, 0x3, 0x420, 0x8, 0x1, 0x6}}}}}]}}]}}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000040)=@lang_id={0x4}}]}) (async)

0s ago: executing program 33 (id=1347):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00', {}, 0x8a1})
readv(0xffffffffffffffff, &(0x7f00000017c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_to_batadv\x00'})
sendto$packet(r2, &(0x7f0000000740)=' ', 0x1, 0x20008801, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x11, 0xa, 0x300)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000540)={0x48, 0x1, 0x0, 0x0, 0x2, 0x6dd})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000080)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
dup3(r5, r4, 0x80000)
sendmsg$tipc(r5, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, &(0x7f0000000b40)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001a00), 0x101d0}], 0x4}, 0x0)

kernel console output (not intermixed with test programs):

dress 0x73, changing to 0x3
[  382.686232][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  382.749141][   T24] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  382.771013][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.822321][   T24] usb 5-1: Product: syz
[  382.826607][   T24] usb 5-1: Manufacturer: syz
[  382.864286][   T24] usb 5-1: SerialNumber: syz
[  382.908701][   T24] usb 5-1: config 0 descriptor??
[  382.949917][   T24] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  383.021457][ T6447] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  383.225176][ T6447] usb 3-1: config 0 has an invalid interface number: 20 but max is 0
[  383.241704][ T6447] usb 3-1: config 0 has no interface number 0
[  383.988776][ T8730] netlink: 'syz.0.730': attribute type 10 has an invalid length.
[  384.005168][ T6447] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  384.040352][ T6447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.362396][ T6447] usb 3-1: Product: syz
[  384.366683][ T6447] usb 3-1: Manufacturer: syz
[  384.380642][ T6447] usb 3-1: SerialNumber: syz
[  384.397963][ T6447] usb 3-1: config 0 descriptor??
[  384.651759][ T8737] siw: device registration error -23
[  385.070312][ T6447] usb-storage 3-1:0.20: USB Mass Storage device detected
[  385.143262][ T6447] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  385.790729][ T8738] syz_tun: entered allmulticast mode
[  386.015563][ T8735] syz_tun: left allmulticast mode
[  386.237920][ T6447] usb 3-1: USB disconnect, device number 13
[  386.338082][ T5903] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  386.570405][ T2151] usb 5-1: USB disconnect, device number 17
[  387.317434][ T8755] : entered promiscuous mode
[  387.362975][ T5903] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  389.286873][ T8763] fido_id[8763]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  389.373212][ T8769] netlink: 'syz.3.738': attribute type 10 has an invalid length.
[  390.033792][ T8774] netlink: 'syz.4.739': attribute type 13 has an invalid length.
[  390.050439][ T8774] netlink: 'syz.4.739': attribute type 17 has an invalid length.
[  390.493476][ T8776] netlink: 20 bytes leftover after parsing attributes in process `syz.4.739'.
[  390.592871][ T8774] gretap0: refused to change device tx_queue_len
[  390.609739][ T8774] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  390.731124][ T8784] FAULT_INJECTION: forcing a failure.
[  390.731124][ T8784] name failslab, interval 1, probability 0, space 0, times 0
[  390.758211][ T8784] CPU: 1 UID: 0 PID: 8784 Comm: syz.2.740 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[  390.758250][ T8784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  390.758268][ T8784] Call Trace:
[  390.758280][ T8784]  <TASK>
[  390.758289][ T8784]  dump_stack_lvl+0x189/0x250
[  390.758319][ T8784]  ? __pfx____ratelimit+0x10/0x10
[  390.758351][ T8784]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.758374][ T8784]  ? __pfx__printk+0x10/0x10
[  390.758407][ T8784]  ? __pfx___might_resched+0x10/0x10
[  390.758435][ T8784]  should_fail_ex+0x414/0x560
[  390.758470][ T8784]  should_failslab+0xa8/0x100
[  390.758503][ T8784]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  390.758534][ T8784]  ? __alloc_skb+0x112/0x2d0
[  390.758562][ T8784]  __alloc_skb+0x112/0x2d0
[  390.758589][ T8784]  __ip6_append_data+0x2b8c/0x3de0
[  390.758634][ T8784]  ? __lock_acquire+0xab9/0xd20
[  390.758669][ T8784]  ? __pfx_raw6_getfrag+0x10/0x10
[  390.758714][ T8784]  ? ip6_mtu+0x7d/0x3f0
[  390.758741][ T8784]  ? __pfx___ip6_append_data+0x10/0x10
[  390.758769][ T8784]  ? __pfx_ip6_mtu+0x10/0x10
[  390.758804][ T8784]  ip6_append_data+0x1c4/0x380
[  390.758834][ T8784]  ? __pfx_raw6_getfrag+0x10/0x10
[  390.758866][ T8784]  rawv6_sendmsg+0x124b/0x17f0
[  390.758912][ T8784]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  390.758938][ T8784]  ? __lock_acquire+0xab9/0xd20
[  390.758963][ T8784]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  390.759007][ T8784]  ? sock_rps_record_flow+0x19/0x410
[  390.759030][ T8784]  ? inet_sendmsg+0x2f4/0x370
[  390.759046][ T8784]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  390.759076][ T8784]  __sock_sendmsg+0x19c/0x270
[  390.759128][ T8784]  ____sys_sendmsg+0x505/0x830
[  390.759160][ T8784]  ? __pfx_____sys_sendmsg+0x10/0x10
[  390.759195][ T8784]  ? import_iovec+0x74/0xa0
[  390.759230][ T8784]  ___sys_sendmsg+0x21f/0x2a0
[  390.759260][ T8784]  ? __pfx____sys_sendmsg+0x10/0x10
[  390.759326][ T8784]  ? __fget_files+0x2a/0x420
[  390.759344][ T8784]  ? __fget_files+0x3a0/0x420
[  390.759375][ T8784]  __x64_sys_sendmsg+0x19b/0x260
[  390.759405][ T8784]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  390.759442][ T8784]  ? __pfx_ksys_write+0x10/0x10
[  390.759475][ T8784]  ? do_syscall_64+0xbe/0x3b0
[  390.759501][ T8784]  do_syscall_64+0xfa/0x3b0
[  390.759518][ T8784]  ? lockdep_hardirqs_on+0x9c/0x150
[  390.759549][ T8784]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.759569][ T8784]  ? clear_bhb_loop+0x60/0xb0
[  390.759594][ T8784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.759614][ T8784] RIP: 0033:0x7f24d6f8e929
[  390.759633][ T8784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.759652][ T8784] RSP: 002b:00007f24d7df5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  390.759674][ T8784] RAX: ffffffffffffffda RBX: 00007f24d71b6080 RCX: 00007f24d6f8e929
[  390.759689][ T8784] RDX: 0000000000044004 RSI: 00002000000000c0 RDI: 0000000000000003
[  390.759702][ T8784] RBP: 00007f24d7df5090 R08: 0000000000000000 R09: 0000000000000000
[  390.759714][ T8784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.759726][ T8784] R13: 0000000000000001 R14: 00007f24d71b6080 R15: 00007ffc75ed2af8
[  390.759759][ T8784]  </TASK>
[  391.293776][ T8787] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  391.992269][ T6447] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  392.000593][   T24] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  392.831468][ T6447] usb 3-1: Using ep0 maxpacket: 16
[  392.849808][   T24] usb 1-1: config 0 has an invalid interface number: 20 but max is 0
[  392.858241][ T6447] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  392.878807][   T24] usb 1-1: config 0 has no interface number 0
[  392.885546][ T6447] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  392.905453][   T24] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  392.921895][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.934224][ T6447] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  392.946853][   T24] usb 1-1: Product: syz
[  392.951121][   T24] usb 1-1: Manufacturer: syz
[  392.960976][ T6447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.987501][   T24] usb 1-1: SerialNumber: syz
[  392.994284][ T6447] usb 3-1: Product: syz
[  393.015722][ T6447] usb 3-1: Manufacturer: syz
[  393.023417][   T24] usb 1-1: config 0 descriptor??
[  393.028491][ T6447] usb 3-1: SerialNumber: syz
[  393.051151][   T24] usb-storage 1-1:0.20: USB Mass Storage device detected
[  393.248749][ T8808] syz_tun: entered allmulticast mode
[  393.798702][ T8802] syz_tun: left allmulticast mode
[  394.754157][ T2151] hid-generic 0000:0004:0034.000F: unknown main item tag 0x0
[  394.795188][ T2151] hid-generic 0000:0004:0034.000F: unknown main item tag 0x0
[  395.042987][ T2151] hid-generic 0000:0004:0034.000F: unknown main item tag 0x0
[  395.656511][ T2151] hid-generic 0000:0004:0034.000F: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  395.701635][ T6447] usb 3-1: 0:2 : does not exist
[  395.712592][   T24] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  395.727395][ T6447] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  395.771673][ T6447] usb 3-1: USB disconnect, device number 14
[  395.910294][   T24] usb 1-1: USB disconnect, device number 14
[  396.584523][ T6090] udevd[6090]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  396.616496][ T8815] fido_id[8815]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  397.031492][   T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  397.211524][   T24] usb 1-1: Using ep0 maxpacket: 8
[  397.252038][   T24] usb 1-1: config 0 has an invalid interface number: 197 but max is 0
[  397.288539][   T24] usb 1-1: config 0 has no interface number 0
[  397.443714][   T24] usb 1-1: New USB device found, idVendor=2040, idProduct=7500, bcdDevice=f7.98
[  397.454695][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.471094][   T24] usb 1-1: Product: syz
[  397.485577][   T24] usb 1-1: Manufacturer: syz
[  397.490288][   T24] usb 1-1: SerialNumber: syz
[  397.514381][   T24] usb 1-1: config 0 descriptor??
[  397.587489][   T24] pvrusb2: Hardware description: WinTV HVR-1950 Model 750xx
[  397.758697][ T8838] netlink: 'syz.3.754': attribute type 7 has an invalid length.
[  397.766520][ T8838] netlink: 'syz.3.754': attribute type 8 has an invalid length.
[  397.782947][   T24] usb 1-1: USB disconnect, device number 15
[  397.891757][ T2342] pvrusb2: Invalid write control endpoint
[  398.329526][ T2342] usb 1-1: Direct firmware load for v4l-pvrusb2-73xxx-01.fw failed with error -2
[  398.371465][ T2342] usb 1-1: Falling back to sysfs fallback for: v4l-pvrusb2-73xxx-01.fw
[  398.831508][    T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  399.441863][ T8855] netlink: 'syz.2.758': attribute type 10 has an invalid length.
[  400.648282][ T8870] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  400.704398][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[  400.818669][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  400.818688][   T30] audit: type=1326 audit(1752317783.333:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.268144][   T30] audit: type=1326 audit(1752317783.333:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.289698][   T30] audit: type=1326 audit(1752317783.383:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.311169][   T30] audit: type=1326 audit(1752317783.393:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.333939][   T30] audit: type=1326 audit(1752317783.403:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.356437][   T30] audit: type=1326 audit(1752317783.413:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.380114][   T30] audit: type=1326 audit(1752317783.443:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.450208][   T30] audit: type=1326 audit(1752317783.443:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.525651][   T30] audit: type=1326 audit(1752317783.473:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.753913][   T30] audit: type=1326 audit(1752317783.473:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  401.950840][ T8883] syz_tun: entered allmulticast mode
[  402.066390][ T5925] hid-generic 0000:0004:0034.0010: unknown main item tag 0x0
[  402.127982][ T5925] hid-generic 0000:0004:0034.0010: unknown main item tag 0x0
[  402.186754][ T5925] hid-generic 0000:0004:0034.0010: unknown main item tag 0x0
[  402.493670][ T8877] syz_tun: left allmulticast mode
[  402.741560][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  403.032300][ T5846] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  404.011117][ T5925] hid-generic 0000:0004:0034.0010: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  404.208806][ T8884] fido_id[8884]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  406.074206][ T8907] netlink: 'syz.1.772': attribute type 10 has an invalid length.
[  408.693366][ T8934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.780'.
[  408.857925][ T8935] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  408.931277][ T5979] Bluetooth: hci5: Frame reassembly failed (-84)
[  409.230513][ T8940] netlink: 104 bytes leftover after parsing attributes in process `syz.0.781'.
[  410.048392][ T8949] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  410.891962][ T5846] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  411.091759][ T8955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.785'.
[  411.341301][ T8965] netlink: 'syz.1.788': attribute type 10 has an invalid length.
[  411.421403][ T8966] netlink: 48 bytes leftover after parsing attributes in process `syz.3.787'.
[  411.448577][ T8961] 9pnet_fd: Insufficient options for proto=fd
[  411.455996][ T8966] netlink: 48 bytes leftover after parsing attributes in process `syz.3.787'.
[  411.559681][ T8955] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  412.114561][ T8975] netlink: 'syz.4.790': attribute type 10 has an invalid length.
[  413.935303][ T8967] siw: device registration error -23
[  415.188093][ T9001] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  415.257084][ T6151] Bluetooth: hci5: Frame reassembly failed (-84)
[  415.723751][ T9007] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  416.312764][ T9011] netlink: 'syz.3.801': attribute type 10 has an invalid length.
[  417.212644][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  417.213459][ T5846] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  418.199182][ T9040] tap0: tun_chr_ioctl cmd 1074025681
[  420.363598][ T9058] netlink: 'syz.2.813': attribute type 10 has an invalid length.
[  421.945583][ T5925] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  422.087357][ T9074] TCP: TCP_TX_DELAY enabled
[  422.113653][ T9075] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  422.123795][ T5925] usb 5-1: Using ep0 maxpacket: 8
[  422.156553][ T5925] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  422.162108][ T9075] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  422.194533][ T5925] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  422.224440][ T5925] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  422.241871][ T9075] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  422.261656][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.281440][ T5925] usb 5-1: Product: syz
[  422.285661][ T5925] usb 5-1: Manufacturer: syz
[  422.302390][ T5925] usb 5-1: SerialNumber: syz
[  422.343429][ T5925] usb 5-1: config 0 descriptor??
[  422.388584][ T5925] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  422.704904][ T9093] trusted_key: encrypted_key: insufficient parameters specified
[  423.411359][ T9100] siw: device registration error -23
[  423.692412][ T9087] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  424.229251][ T9109] netlink: 'syz.1.828': attribute type 12 has an invalid length.
[  424.916076][ T5925] usb 5-1: USB disconnect, device number 18
[  426.244956][ T9117] syz_tun: entered allmulticast mode
[  426.399618][ T9116] syz_tun: left allmulticast mode
[  426.487951][ T5925] hid-generic 0000:0004:0034.0011: unknown main item tag 0x0
[  426.721098][ T5925] hid-generic 0000:0004:0034.0011: unknown main item tag 0x0
[  426.971998][ T9126] syz_tun: entered allmulticast mode
[  427.283102][ T9119] syz_tun: left allmulticast mode
[  428.247079][ T5925] hid-generic 0000:0004:0034.0011: unknown main item tag 0x0
[  429.416691][ T5925] hid-generic 0000:0004:0034.0011: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  429.505639][ T5941] hid-generic 0000:0004:0034.0012: unknown main item tag 0x0
[  429.522020][ T5941] hid-generic 0000:0004:0034.0012: unknown main item tag 0x0
[  429.529615][ T5941] hid-generic 0000:0004:0034.0012: unknown main item tag 0x0
[  429.539463][ T5941] hid-generic 0000:0004:0034.0012: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  430.099047][ T9128] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.832'.
[  430.109549][ T9128] netlink: 100 bytes leftover after parsing attributes in process `syz.1.832'.
[  430.119949][ T9128] netlink: 12 bytes leftover after parsing attributes in process `syz.1.832'.
[  430.188226][ T9135] fido_id[9135]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  430.719941][ T9138] syz_tun: entered allmulticast mode
[  430.999795][ T9137] syz_tun: left allmulticast mode
[  431.270424][ T9142] fido_id[9142]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  431.523792][ T9152] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  434.625361][ T9176] netlink: 'syz.0.844': attribute type 10 has an invalid length.
[  437.269395][ T9192] syz_tun: entered allmulticast mode
[  437.423361][ T9189] syz_tun: left allmulticast mode
[  439.171898][ T9215] netlink: 'syz.3.852': attribute type 12 has an invalid length.
[  439.442703][ T9214] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  439.511467][ T6447] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  439.678818][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  439.678853][   T30] audit: type=1326 audit(1752317822.203:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  439.946159][ T6447] usb 3-1: Using ep0 maxpacket: 8
[  440.037171][ T6447] usb 3-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  440.047102][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  440.053688][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  440.060720][ T6447] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.116401][ T9226] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  440.672586][ T6447] usb 3-1: config 0 descriptor??
[  440.682880][   T30] audit: type=1326 audit(1752317822.203:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  440.711673][ T6447] usb 3-1: can't set config #0, error -71
[  440.719510][ T6447] usb 3-1: USB disconnect, device number 16
[  440.731427][   T30] audit: type=1326 audit(1752317822.203:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  441.001444][   T30] audit: type=1326 audit(1752317822.203:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  441.041964][   T30] audit: type=1326 audit(1752317822.203:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  441.071640][   T30] audit: type=1326 audit(1752317822.233:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  441.721694][   T30] audit: type=1326 audit(1752317822.233:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  441.841646][   T30] audit: type=1326 audit(1752317822.233:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  441.875413][   T30] audit: type=1326 audit(1752317822.233:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  442.006570][   T30] audit: type=1326 audit(1752317822.233:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56f98e929 code=0x7ffc0000
[  443.086214][ T9242] netlink: 'syz.4.858': attribute type 10 has an invalid length.
[  445.449727][ T9257] [U] �T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  446.086509][ T9272] Invalid ELF header len 8
[  446.456802][ T9260] 9pnet_fd: Insufficient options for proto=fd
[  446.571575][ T2151] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  446.744526][ T9282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  446.837738][ T9283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  446.846778][ T9283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.038048][ T9285] siw: device registration error -23
[  447.051153][ T2151] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  447.068447][ T2151] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.079262][ T2151] usb 3-1: config 0 descriptor??
[  447.089062][ T2151] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  447.154736][ T9283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  447.182142][ T9283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.244510][ T9283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  447.349170][ T9283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.533271][ T2151] gp8psk: usb out operation failed.
[  447.538840][ T2151] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  447.591524][ T2151] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  447.630085][ T2151] usb 3-1: USB disconnect, device number 17
[  447.641474][ T5941] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  447.803266][ T5941] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  447.820284][ T5941] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  447.844173][ T5941] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  447.879380][ T5941] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.912473][ T9289] raw-gadget.5 gadget.1: fail, usb_ep_enable returned -22
[  447.924896][ T5941] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  447.927261][ T9296] netlink: 24 bytes leftover after parsing attributes in process `syz.4.871'.
[  447.958205][ T9296] netlink: 24 bytes leftover after parsing attributes in process `syz.4.871'.
[  448.153443][ T5941] usb 2-1: USB disconnect, device number 17
[  449.306548][ T5927] hid-generic 0000:0004:0034.0013: unknown main item tag 0x0
[  449.389881][ T5927] hid-generic 0000:0004:0034.0013: unknown main item tag 0x0
[  449.475744][ T5927] hid-generic 0000:0004:0034.0013: unknown main item tag 0x0
[  449.934968][ T5927] hid-generic 0000:0004:0034.0013: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  450.283271][ T9304] fido_id[9304]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  450.662321][ T5927] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  450.908060][ T9320] [U] ��M٭��Q&�� K�4
[  451.362750][ T9310] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј�T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  451.639657][    T9] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  451.676770][ T5927] usb 4-1: config 0 has an invalid interface number: 20 but max is 0
[  452.613446][ T5927] usb 4-1: config 0 has no interface number 0
[  452.624441][ T5927] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  452.634429][ T5927] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.642542][ T5927] usb 4-1: Product: syz
[  452.646739][ T5927] usb 4-1: Manufacturer: syz
[  452.651588][ T5927] usb 4-1: SerialNumber: syz
[  452.659228][ T5927] usb 4-1: config 0 descriptor??
[  452.667156][ T5927] usb-storage 4-1:0.20: USB Mass Storage device detected
[  452.704622][ T9326] siw: device registration error -23
[  452.705370][    T9] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  452.762121][ T5927] usb-storage 4-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  452.779783][    T9] usb 2-1: config 0 has no interface number 0
[  452.798271][    T9] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  452.809597][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.827760][    T9] usb 2-1: Product: syz
[  452.854503][    T9] usb 2-1: Manufacturer: syz
[  452.882179][    T9] usb 2-1: SerialNumber: syz
[  452.924588][    T9] usb 2-1: config 0 descriptor??
[  452.963943][ T5941] usb 4-1: USB disconnect, device number 19
[  453.078122][    T9] usb-storage 2-1:0.20: USB Mass Storage device detected
[  453.155036][    T9] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  453.193715][ T2151] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  453.211792][ T2151] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  453.447456][ T9342] openvswitch: : Dropping previously announced user features
[  453.913556][    T9] usb 2-1: USB disconnect, device number 18
[  454.188132][ T9346] netlink: 'syz.2.884': attribute type 10 has an invalid length.
[  454.556782][ T9345] fido_id[9345]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  454.757215][ T9354] Invalid ELF header len 8
[  455.511485][    T9] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  456.398238][    T9] usb 4-1: Using ep0 maxpacket: 8
[  456.428961][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  456.496010][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  456.573253][ T9377] netlink: 'syz.0.893': attribute type 10 has an invalid length.
[  457.048084][    T9] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  457.080544][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.114788][    T9] usb 4-1: Product: syz
[  457.128048][ T9383] netlink: 'syz.2.894': attribute type 10 has an invalid length.
[  457.180067][    T9] usb 4-1: Manufacturer: syz
[  457.190263][    T9] usb 4-1: SerialNumber: syz
[  457.250342][    T9] usb 4-1: config 0 descriptor??
[  457.299666][    T9] streamzap 4-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  458.688064][ T9391] netlink: 8 bytes leftover after parsing attributes in process `syz.0.896'.
[  460.271592][ T9406] netlink: 'syz.4.899': attribute type 10 has an invalid length.
[  460.326589][ T5925] usb 4-1: USB disconnect, device number 20
[  460.524606][ T2342] pvrusb2: request_firmware fatal error with code=-110
[  460.548468][ T2342] pvrusb2: Failure uploading firmware1
[  460.563058][ T2342] pvrusb2: Device initialization was not successful.
[  460.586170][ T2342] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  460.618248][ T2342] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  460.650504][   T24] pvrusb2: Device being rendered inoperable
[  461.029325][ T5927] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  461.208886][ T9417] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 10802, id = 0
[  461.313179][ T5927] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  461.331197][ T5927] usb 2-1: config 0 has no interface number 0
[  461.344620][ T5927] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  461.354802][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.421404][ T5927] usb 2-1: Product: syz
[  461.439638][ T5927] usb 2-1: Manufacturer: syz
[  461.476662][ T5927] usb 2-1: SerialNumber: syz
[  461.511509][   T24] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  461.547583][ T5927] usb 2-1: config 0 descriptor??
[  461.584694][ T5927] usb-storage 2-1:0.20: USB Mass Storage device detected
[  461.611974][ T5927] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  461.693145][   T24] usb 1-1: Using ep0 maxpacket: 32
[  461.719943][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.748003][   T24] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  461.785564][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.838664][   T24] usb 1-1: config 0 descriptor??
[  461.840333][ T5927] usb 2-1: USB disconnect, device number 19
[  462.747461][   T24] usb 1-1: can't set config #0, error -71
[  462.980249][   T24] usb 1-1: USB disconnect, device number 16
[  463.134625][ T9434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.907'.
[  463.437717][ T9440] netlink: 'syz.2.908': attribute type 10 has an invalid length.
[  463.915027][ T9448] [U] ��M٭��Q&�� K�4
[  464.516248][ T9442] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј�T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  465.851648][ T9463] netlink: 'syz.0.915': attribute type 10 has an invalid length.
[  465.943013][ T9460] x_tables: duplicate underflow at hook 2
[  466.107102][ T9464] netlink: 'syz.2.913': attribute type 10 has an invalid length.
[  467.448077][ T5927] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  467.505994][ T5927] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  467.950280][ T9494] [U] ��M٭��Q&�� K�4
[  468.539277][ T9488] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј��EY�	T�T<$C�R�Ɩ�/VG���{Y�~Y5\�
;ƃZ��DX���Y�A��"XI�F�{��`A�T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  468.572271][    C0] vkms_vblank_simulate: vblank timer overrun
[  468.576105][ T9493] : entered promiscuous mode
[  469.258868][ T9487] fido_id[9487]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  469.439746][ T9498] netlink: 'syz.3.923': attribute type 10 has an invalid length.
[  470.024841][ T9501] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  470.040745][   T59] Bluetooth: hci5: Frame reassembly failed (-84)
[  470.066518][   T59] Bluetooth: hci5: Frame reassembly failed (-84)
[  470.349783][ T9507] Invalid ELF header len 8
[  470.841713][ T5927] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  470.995632][ T5927] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  471.008675][ T5927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.024159][ T5927] usb 4-1: config 0 descriptor??
[  471.046644][ T5927] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  471.500600][ T5927] gp8psk: usb out operation failed.
[  471.506157][ T5927] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  471.719996][ T5927] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  471.803143][ T5925] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  471.926600][ T5927] usb 4-1: USB disconnect, device number 21
[  472.051588][ T5925] usb 1-1: device descriptor read/64, error -71
[  472.053567][ T9523] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  472.080089][ T9523] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  472.091641][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  472.098430][ T5846] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  472.106251][ T9523] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  472.629809][ T5925] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  472.865172][ T5925] usb 1-1: device descriptor read/64, error -71
[  472.920895][ T5927] hid-generic 0000:0004:0034.0016: unknown main item tag 0x0
[  472.996170][ T5927] hid-generic 0000:0004:0034.0016: unknown main item tag 0x0
[  473.046352][ T5927] hid-generic 0000:0004:0034.0016: unknown main item tag 0x0
[  473.055307][ T5925] usb usb1-port1: attempt power cycle
[  473.241440][ T5903] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  473.316357][ T5927] hid-generic 0000:0004:0034.0016: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  473.498400][ T5903] usb 3-1: Using ep0 maxpacket: 8
[  473.542229][ T5925] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  473.605011][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  473.627182][ T5925] usb 1-1: device descriptor read/8, error -71
[  473.633118][ T9534] fido_id[9534]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  473.652724][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  473.683223][ T9537] netlink: 'syz.4.936': attribute type 10 has an invalid length.
[  473.719592][ T9538] Bluetooth: hci5: Frame reassembly failed (-84)
[  473.745072][ T5903] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  473.760530][   T59] Bluetooth: hci5: Frame reassembly failed (-84)
[  473.771128][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.780358][ T5903] usb 3-1: Product: syz
[  473.784916][ T5903] usb 3-1: Manufacturer: syz
[  473.789553][ T5903] usb 3-1: SerialNumber: syz
[  473.798842][ T5903] usb 3-1: config 0 descriptor??
[  473.808909][ T5903] streamzap 3-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  473.881585][ T5925] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  473.908111][ T9544] netlink: 100 bytes leftover after parsing attributes in process `syz.1.938'.
[  473.924780][ T9544] netlink: 12 bytes leftover after parsing attributes in process `syz.1.938'.
[  473.936081][ T5925] usb 1-1: device descriptor read/8, error -71
[  474.028018][ T9548] Invalid ELF header len 8
[  474.061916][ T5925] usb usb1-port1: unable to enumerate USB device
[  474.151039][ T9551] siw: device registration error -23
[  475.457315][ T9566] siw: device registration error -23
[  475.629149][ T2151] usb 3-1: USB disconnect, device number 18
[  475.775081][ T5846] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  476.833442][ T9574] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  476.885416][ T9574] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  476.899497][ T9574] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  477.431561][ T5941] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  477.594263][ T5941] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  477.616637][ T5941] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  477.644817][ T5941] usb 4-1: New USB device found, idVendor=0543, idProduct=e621, bcdDevice= 0.00
[  477.666921][ T5941] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.706273][ T5941] usb 4-1: config 0 descriptor??
[  478.057013][ T9588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.069400][ T9588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  478.500418][ T5941] viewsonic 0003:0543:E621.0017: hidraw0: USB HID v0.00 Device [HID 0543:e621] on usb-dummy_hcd.3-1/input0
[  478.698351][ T5903] usb 4-1: USB disconnect, device number 22
[  478.932487][ T5941] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  479.241426][ T5941] usb 5-1: Using ep0 maxpacket: 8
[  479.268103][ T5941] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  479.290034][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  479.351103][ T5941] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  479.398880][ T5941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.452358][ T5941] usb 5-1: Product: syz
[  479.457831][ T5941] usb 5-1: Manufacturer: syz
[  479.472314][ T5941] usb 5-1: SerialNumber: syz
[  479.496182][ T5941] usb 5-1: config 0 descriptor??
[  479.533842][ T5941] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  480.570339][ T9604] netlink: 'syz.3.957': attribute type 10 has an invalid length.
[  480.914400][ T9609] siw: device registration error -23
[  481.223468][ T9612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.960'.
[  481.459758][ T9621] netlink: 52 bytes leftover after parsing attributes in process `syz.0.962'.
[  481.692047][ T9621] netlink: 'syz.0.962': attribute type 2 has an invalid length.
[  481.709736][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  481.710404][   T30] audit: type=1326 audit(1752317864.103:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.011873][ T9621] netlink: 'syz.0.962': attribute type 1 has an invalid length.
[  482.020246][ T9621] netlink: 88 bytes leftover after parsing attributes in process `syz.0.962'.
[  482.069091][   T30] audit: type=1326 audit(1752317864.103:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.268694][ T5903] usb 5-1: USB disconnect, device number 19
[  482.340472][   T30] audit: type=1326 audit(1752317864.113:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.408171][   T30] audit: type=1326 audit(1752317864.113:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.433414][   T30] audit: type=1326 audit(1752317864.123:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.456533][   T30] audit: type=1326 audit(1752317864.133:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.480611][   T30] audit: type=1326 audit(1752317864.143:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.562368][ T9632] ceph: No mds server is up or the cluster is laggy
[  482.569947][ T5927] libceph: connect (1)[c::]:6789 error -101
[  482.591872][ T5927] libceph: mon0 (1)[c::]:6789 connect error
[  482.597902][   T30] audit: type=1326 audit(1752317864.143:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.624667][   T30] audit: type=1326 audit(1752317864.143:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.647862][   T30] audit: type=1326 audit(1752317864.163:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9622 comm="syz.1.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  482.744548][ T9640] Invalid ELF header len 8
[  483.502644][ T9636] 9pnet_fd: p9_fd_create_tcp (9636): problem connecting socket to 127.0.0.1
[  483.887160][   T24] hid-generic 0000:0004:0034.0018: unknown main item tag 0x0
[  483.984881][   T24] hid-generic 0000:0004:0034.0018: unknown main item tag 0x0
[  484.115429][   T24] hid-generic 0000:0004:0034.0018: unknown main item tag 0x0
[  484.390162][   T24] hid-generic 0000:0004:0034.0018: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  484.639904][ T5903] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[  484.649611][ T5903] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  485.759204][ T9654] openvswitch: : Dropping previously announced user features
[  486.489097][ T9658] x_tables: duplicate underflow at hook 2
[  486.624790][ T9660] netlink: 'syz.1.970': attribute type 10 has an invalid length.
[  486.923808][ T9650] fido_id[9650]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  487.311518][ T6447] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  487.521844][ T6447] usb 5-1: Using ep0 maxpacket: 8
[  487.920252][ T6447] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  488.049854][ T6447] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  488.544335][ T6447] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  488.817837][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  488.817857][   T30] audit: type=1326 audit(1752317871.113:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  488.945136][ T6447] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.007456][ T6447] usb 5-1: Product: syz
[  489.025889][ T6447] usb 5-1: Manufacturer: syz
[  489.030946][ T6447] usb 5-1: SerialNumber: syz
[  489.044329][ T9670] fido_id[9670]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  489.095203][ T6447] usb 5-1: config 0 descriptor??
[  489.117017][   T30] audit: type=1326 audit(1752317871.113:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  489.131396][ T6447] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  489.685352][ T9678] syz_tun: entered allmulticast mode
[  490.063181][ T9677] syz_tun: left allmulticast mode
[  490.086117][   T30] audit: type=1326 audit(1752317871.113:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109031][   T30] audit: type=1326 audit(1752317871.113:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109080][   T30] audit: type=1326 audit(1752317871.113:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109125][   T30] audit: type=1326 audit(1752317871.113:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109170][   T30] audit: type=1326 audit(1752317871.113:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109215][   T30] audit: type=1326 audit(1752317871.113:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109260][   T30] audit: type=1326 audit(1752317871.123:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.109305][   T30] audit: type=1326 audit(1752317871.123:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9674 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6f8e929 code=0x7ffc0000
[  490.149967][ T5927] usb 5-1: USB disconnect, device number 20
[  490.369270][ T9686] netlink: 'syz.2.979': attribute type 10 has an invalid length.
[  491.636950][ T9694] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  491.644304][ T5979] Bluetooth: hci5: Frame reassembly failed (-84)
[  493.721537][ T5846] Bluetooth: hci5: command 0x1003 tx timeout
[  493.728921][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  493.755111][ T5927] hid-generic 0000:0004:0034.001A: unknown main item tag 0x0
[  493.854619][   T59] Bluetooth: hci6: Frame reassembly failed (-84)
[  493.888156][ T5927] hid-generic 0000:0004:0034.001A: unknown main item tag 0x0
[  493.936356][ T5927] hid-generic 0000:0004:0034.001A: unknown main item tag 0x0
[  493.985067][ T5927] hid-generic 0000:0004:0034.001A: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  494.190231][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz.4.986'.
[  494.378960][ T9716] fido_id[9716]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  495.078079][ T9725] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  495.114583][ T9725] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  495.163005][ T9725] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  495.303040][ T9731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.989'.
[  495.851814][ T5848] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  496.749214][ T9731] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  496.811428][ T5927] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  496.851939][ T5925] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  496.988741][ T5927] usb 1-1: Using ep0 maxpacket: 8
[  497.061858][ T5925] usb 3-1: Using ep0 maxpacket: 8
[  497.241978][ T5925] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  497.285616][ T5927] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  497.435672][ T5925] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  497.473744][ T5927] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  497.698420][ T9740] syz_tun: entered allmulticast mode
[  497.785294][    T9] hid-generic 0000:0004:0034.001B: unknown main item tag 0x0
[  497.854762][    T9] hid-generic 0000:0004:0034.001B: unknown main item tag 0x0
[  498.047975][    T9] hid-generic 0000:0004:0034.001B: unknown main item tag 0x0
[  498.149323][ T5927] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  498.169560][ T5925] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  498.321737][ T5927] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.329808][ T5927] usb 1-1: Product: syz
[  498.334351][ T5925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.356420][ T5925] usb 3-1: Product: syz
[  498.360643][ T5925] usb 3-1: Manufacturer: syz
[  498.366370][ T5927] usb 1-1: Manufacturer: syz
[  498.371010][ T5927] usb 1-1: SerialNumber: syz
[  498.376640][ T5925] usb 3-1: SerialNumber: syz
[  498.385417][    T9] hid-generic 0000:0004:0034.001B: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  498.414420][ T5925] usb 3-1: config 0 descriptor??
[  498.422993][ T5927] usb 1-1: config 0 descriptor??
[  498.429379][ T9739] syz_tun: left allmulticast mode
[  498.573418][ T9743] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  499.077986][ T5927] usb 1-1: can't set config #0, error -71
[  499.170408][ T5925] streamzap 3-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  499.271615][ T5927] usb 1-1: USB disconnect, device number 21
[  499.326955][ T9748] fido_id[9748]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  499.630745][ T9753] siw: device registration error -23
[  500.270401][ T9749] syz_tun: entered allmulticast mode
[  500.412483][ T9746] syz_tun: left allmulticast mode
[  500.453175][ T9758] netlink: 8 bytes leftover after parsing attributes in process `syz.1.997'.
[  500.807451][ T9764] syz_tun: entered allmulticast mode
[  500.969656][ T9755] syz_tun: left allmulticast mode
[  501.457189][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.463675][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  502.127606][ T9765] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  503.095088][ T9761] syz_tun: entered allmulticast mode
[  503.350163][ T5942] hid-generic 0000:0004:0034.001D: unknown main item tag 0x0
[  503.445650][ T5927] hid-generic 0000:0004:0034.001C: unknown main item tag 0x0
[  503.451462][ T5942] hid-generic 0000:0004:0034.001D: unknown main item tag 0x0
[  503.486365][ T6447] usb 3-1: USB disconnect, device number 19
[  503.578814][ T5942] hid-generic 0000:0004:0034.001D: unknown main item tag 0x0
[  503.793176][ T5942] hid-generic 0000:0004:0034.001D: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  504.080145][ T5927] hid-generic 0000:0004:0034.001C: unknown main item tag 0x0
[  504.087755][ T5927] hid-generic 0000:0004:0034.001C: unknown main item tag 0x0
[  504.097321][ T5927] hid-generic 0000:0004:0034.001C: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  504.641371][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  504.641388][   T30] audit: type=1326 audit(1752317886.783:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9769 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  504.831810][ T9776] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1002'.
[  505.283012][   T30] audit: type=1326 audit(1752317886.783:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9769 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  505.392197][   T30] audit: type=1326 audit(1752317887.213:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9769 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  505.421185][   T30] audit: type=1326 audit(1752317887.213:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9769 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  505.447154][   T30] audit: type=1326 audit(1752317887.213:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9769 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  505.541437][ T5942] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  505.585457][ T9779] fido_id[9779]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  506.291479][ T5942] usb 5-1: Using ep0 maxpacket: 8
[  506.353327][ T5942] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  506.964565][ T9786] fido_id[9786]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  507.039953][ T9795] netlink: 'syz.2.1007': attribute type 10 has an invalid length.
[  507.060833][ T5942] usb 5-1: config 179 has no interface number 0
[  507.091743][ T5942] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  507.187838][ T5942] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  507.218182][ T5942] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  507.251420][ T5942] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  507.290328][ T5942] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  507.314915][ T5942] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.350896][ T5942] usb 5-1: can't set config #179, error -71
[  507.376326][ T5942] usb 5-1: USB disconnect, device number 21
[  507.471662][   T48] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  507.482875][ T9809] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1009'.
[  507.509331][ T9809] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1009'.
[  507.641392][   T48] usb 2-1: Using ep0 maxpacket: 8
[  507.683296][   T48] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  507.691883][ T9814] netlink: 'syz.2.1011': attribute type 10 has an invalid length.
[  507.704831][ T9815] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1012'.
[  507.721446][   T48] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  507.726346][ T9815] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1012'.
[  507.803674][   T48] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  507.817995][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.832483][   T48] usb 2-1: Product: syz
[  507.837576][   T48] usb 2-1: Manufacturer: syz
[  507.855925][   T48] usb 2-1: SerialNumber: syz
[  507.869336][   T48] usb 2-1: config 0 descriptor??
[  507.975548][   T48] streamzap 2-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  508.383565][ T9800] bridge0: entered allmulticast mode
[  508.506786][ T9826] siw: device registration error -23
[  509.011463][   T30] audit: type=1326 audit(1752317891.433:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.329967][   T30] audit: type=1326 audit(1752317891.433:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.371533][   T30] audit: type=1326 audit(1752317891.443:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.513297][   T30] audit: type=1326 audit(1752317891.443:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.588599][ T9836] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  509.602294][   T30] audit: type=1326 audit(1752317891.463:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.670019][   T30] audit: type=1326 audit(1752317891.463:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.713143][   T30] audit: type=1326 audit(1752317891.473:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.759451][   T30] audit: type=1326 audit(1752317891.473:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.820571][   T30] audit: type=1326 audit(1752317891.493:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.878015][   T30] audit: type=1326 audit(1752317891.503:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9828 comm="syz.4.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b3b8e929 code=0x7ffc0000
[  509.936620][ T9844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1018'.
[  511.422231][ T5942] usb 2-1: USB disconnect, device number 20
[  511.597706][ T9853] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  511.991844][ T9858] netlink: 'syz.3.1021': attribute type 10 has an invalid length.
[  512.599682][ T9870] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1025'.
[  512.610433][ T9870] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1025'.
[  513.760505][ T9880] [U] ��M٭��Q&�� K�4
[  514.328221][ T9874] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј��EY�	T�T<$C�R�Ɩ�/VG���{Y�~Y5\�
;ƃZ��DX���Y�T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  514.353400][ T9881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1028'.
[  515.123615][ T9883] syz_tun: entered allmulticast mode
[  515.541156][ T9882] syz_tun: left allmulticast mode
[  515.574895][ T5942] hid-generic 0000:0004:0034.001E: unknown main item tag 0x0
[  515.818633][ T5942] hid-generic 0000:0004:0034.001E: unknown main item tag 0x0
[  515.925801][ T5942] hid-generic 0000:0004:0034.001E: unknown main item tag 0x0
[  516.220524][ T5942] hid-generic 0000:0004:0034.001E: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  516.310340][ T9896] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1032'.
[  516.822456][ T9896] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1032'.
[  517.122287][ T9897] fido_id[9897]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  518.151567][ T5893] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  518.208276][ T9908] netlink: 'syz.3.1036': attribute type 10 has an invalid length.
[  518.324581][ T5893] usb 1-1: Using ep0 maxpacket: 8
[  518.380369][ T5893] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  518.558130][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  518.711517][ T5893] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  518.734442][ T5893] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.750355][ T9918] netlink: 'syz.4.1037': attribute type 10 has an invalid length.
[  518.895701][ T5893] usb 1-1: Product: syz
[  518.899987][ T5893] usb 1-1: Manufacturer: syz
[  518.924375][ T5893] usb 1-1: SerialNumber: syz
[  519.081537][ T5893] usb 1-1: config 0 descriptor??
[  519.942991][ T5893] streamzap 1-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  519.968521][ T9916] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  520.815731][ T9903] siw: device registration error -23
[  522.015680][ T9938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1043'.
[  522.059237][ T5893] usb 1-1: USB disconnect, device number 22
[  523.808401][ T9956] syz_tun: entered allmulticast mode
[  523.831515][ T5893] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  523.851223][ T5903] hid-generic 0000:0004:0034.001F: unknown main item tag 0x0
[  523.875713][ T5903] hid-generic 0000:0004:0034.001F: unknown main item tag 0x0
[  523.904182][ T5903] hid-generic 0000:0004:0034.001F: unknown main item tag 0x0
[  523.952555][ T5903] hid-generic 0000:0004:0034.001F: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  524.031145][ T5893] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  524.044135][ T5893] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  524.111587][ T5903] hid-generic 0000:0004:0034.0020: unknown main item tag 0x0
[  524.119391][ T5893] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  524.137484][ T9955] syz_tun: entered allmulticast mode
[  524.155830][ T5903] hid-generic 0000:0004:0034.0020: unknown main item tag 0x0
[  524.180317][ T5893] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  524.209259][ T5903] hid-generic 0000:0004:0034.0020: unknown main item tag 0x0
[  524.231815][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.269359][ T5903] hid-generic 0000:0004:0034.0020: hidraw1: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  524.332351][ T9945] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  524.496044][ T9952] syz_tun: left allmulticast mode
[  525.190973][ T9949] syz_tun: left allmulticast mode
[  525.425431][ T9962] syz_tun: entered allmulticast mode
[  526.581488][ T5893] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  526.590244][ T5893] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input21
[  526.774268][ T5893] usb 1-1: USB disconnect, device number 23
[  526.780230][    C0] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  526.928688][ T9965] fido_id[9965]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  527.202689][ T9969] fido_id[9969]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  529.898715][ T5893] hid-generic 0000:0004:0034.0021: unknown main item tag 0x0
[  529.906535][ T5893] hid-generic 0000:0004:0034.0021: unknown main item tag 0x0
[  529.914078][ T5893] hid-generic 0000:0004:0034.0021: unknown main item tag 0x0
[  529.946343][ T5893] hid-generic 0000:0004:0034.0021: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  530.849639][ T9988] fido_id[9988]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  531.141432][ T5893] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  531.837781][    T9] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  531.846653][    T9] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  531.897496][ T5893] usb 3-1: Using ep0 maxpacket: 8
[  531.913231][ T5893] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  531.941515][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  531.979374][ T5893] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  532.123618][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.332739][T10009] openvswitch: : Dropping previously announced user features
[  532.801399][ T5893] usb 3-1: Product: syz
[  532.806215][ T5893] usb 3-1: Manufacturer: syz
[  532.810862][ T5893] usb 3-1: SerialNumber: syz
[  532.823580][ T5893] usb 3-1: config 0 descriptor??
[  533.033066][ T5893] streamzap 3-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  533.393439][T10002] syz_tun: entered allmulticast mode
[  533.493905][ T5893] hid-generic 0000:0004:0034.0023: unknown main item tag 0x0
[  533.583253][T10001] syz_tun: left allmulticast mode
[  533.589737][ T5893] hid-generic 0000:0004:0034.0023: unknown main item tag 0x0
[  533.656615][ T5893] hid-generic 0000:0004:0034.0023: unknown main item tag 0x0
[  534.151408][ T5893] hid-generic 0000:0004:0034.0023: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  534.676886][T10017] [U] ��M٭��Q&�� K�4
[  535.328910][T10012] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј��EY�	T�T<$C�R�Ɩ�/VG���{Y�~Y5\�
;ƃZ��DX���Y�A��"XI��T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  536.125856][T10019] fido_id[10019]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  536.238554][ T5942] usb 3-1: USB disconnect, device number 20
[  537.521629][    T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  539.595875][T10038] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  539.816064][    T9] usb 4-1: unable to read config index 0 descriptor/all
[  539.869163][    T9] usb 4-1: can't read configurations, error -71
[  539.881562][ T5941] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  540.058786][T10039] fido_id[10039]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  540.086055][ T5941] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  540.174467][ T5941] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.670970][ T5941] usb 2-1: config 0 descriptor??
[  540.755303][ T5941] usb 2-1: can't set config #0, error -71
[  540.765613][ T5941] usb 2-1: USB disconnect, device number 21
[  541.020949][T10047] siw: device registration error -23
[  541.036399][ T9987] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  541.047646][ T9987] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  541.069816][ T9987] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  541.078997][ T9987] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  541.087937][ T9987] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  541.120471][ T9911] syz_tun (unregistering): left allmulticast mode
[  541.224402][T10052] virt_wifi0 speed is unknown, defaulting to 1000
[  541.375755][ T4118] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.511771][ T4118] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.595737][ T4118] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  542.955095][ T4118] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  543.135368][ T9987] Bluetooth: hci1: command tx timeout
[  544.474192][T10074] syz_tun: entered allmulticast mode
[  544.539662][T10083] syz_tun: left allmulticast mode
[  544.625915][T10052] chnl_net:caif_netlink_parms(): no params data found
[  545.213358][ T9987] Bluetooth: hci1: command tx timeout
[  545.864826][ T4118] bridge_slave_1: left allmulticast mode
[  545.870911][ T4118] bridge_slave_1: left promiscuous mode
[  545.884078][ T4118] bridge0: port 2(bridge_slave_1) entered disabled state
[  545.982606][ T4118] bridge_slave_0: left allmulticast mode
[  545.988323][ T4118] bridge_slave_0: left promiscuous mode
[  545.994739][ T4118] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.413777][T10122] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  547.291427][ T9987] Bluetooth: hci1: command tx timeout
[  547.665492][ T4118] team0: Port device bond0 removed
[  547.709353][ T4118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  547.726040][ T4118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  547.739235][ T4118] bond0 (unregistering): Released all slaves
[  547.939560][T10052] bridge0: port 1(bridge_slave_0) entered blocking state
[  547.967708][T10052] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.975864][T10052] bridge_slave_0: entered allmulticast mode
[  547.996792][T10052] bridge_slave_0: entered promiscuous mode
[  548.012408][T10052] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.029942][T10052] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.054294][T10052] bridge_slave_1: entered allmulticast mode
[  548.075533][T10052] bridge_slave_1: entered promiscuous mode
[  548.210123][T10052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  548.355961][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1089'.
[  548.393720][T10052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.478520][ T4118] : left promiscuous mode
[  548.751460][ T4118] tipc: Left network mode
[  548.969590][T10052] team0: Port device team_slave_0 added
[  548.988873][T10052] team0: Port device team_slave_1 added
[  549.177441][ T4118] IPVS: stopping master sync thread 9417 ...
[  549.371670][ T9987] Bluetooth: hci1: command tx timeout
[  549.713554][T10052] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.720653][T10052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.758658][T10052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.771736][ T5925] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  550.166434][T10052] batman_adv: batadv0: Adding interface: batadv_slave_1
[  550.208794][T10052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.237460][T10052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  550.283371][ T5925] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  550.299391][ T5925] usb 2-1: config 0 has no interface number 0
[  550.324096][ T5925] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  550.341593][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.359655][ T5925] usb 2-1: Product: syz
[  550.370545][ T5925] usb 2-1: Manufacturer: syz
[  550.383897][ T5925] usb 2-1: SerialNumber: syz
[  550.435360][ T5925] usb 2-1: config 0 descriptor??
[  550.460757][ T5925] usb-storage 2-1:0.20: USB Mass Storage device detected
[  550.493294][ T5925] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  550.582222][T10052] hsr_slave_0: entered promiscuous mode
[  550.618042][T10052] hsr_slave_1: entered promiscuous mode
[  550.636496][T10052] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  550.650435][T10052] Cannot create hsr debugfs directory
[  550.679781][   T48] usb 2-1: USB disconnect, device number 22
[  550.744369][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1097'.
[  550.850285][ T4118] hsr_slave_0: left promiscuous mode
[  550.858006][ T4118] hsr_slave_1: left promiscuous mode
[  550.867076][ T4118] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  550.878590][ T4118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  550.888880][T10187] netlink: 'syz.0.1096': attribute type 4 has an invalid length.
[  550.899511][ T4118] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  550.912682][ T4118] batman_adv: batadv0: Removing interface: batadv_slave_1
[  550.969234][ T4118] veth1_macvtap: left promiscuous mode
[  550.978080][ T4118] veth0_macvtap: left promiscuous mode
[  551.611791][ T4118] team0 (unregistering): Port device virt_wifi0 removed
[  551.970957][ T4118] team0 (unregistering): Port device team_slave_1 removed
[  552.011636][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  552.018909][ T9987] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  552.019546][ T4118] team0 (unregistering): Port device team_slave_0 removed
[  552.680617][T10207] siw: device registration error -23
[  553.176625][ T5927] hid-generic 0000:0004:0034.0024: unknown main item tag 0x0
[  553.209148][ T5927] hid-generic 0000:0004:0034.0024: unknown main item tag 0x0
[  553.237427][ T5927] hid-generic 0000:0004:0034.0024: unknown main item tag 0x0
[  553.571395][ T5927] hid-generic 0000:0004:0034.0024: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  554.267759][T10212] fido_id[10212]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  556.044096][T10227] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  556.062275][T10226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1102'.
[  557.751734][T10248] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  557.815902][T10052] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  557.860515][T10052] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  557.969614][T10261] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  558.456249][T10052] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  558.481248][T10052] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  558.791139][T10052] 8021q: adding VLAN 0 to HW filter on device bond0
[  558.876362][T10052] 8021q: adding VLAN 0 to HW filter on device team0
[  558.903368][  T993] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.910588][  T993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  558.949045][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.956382][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.300796][T10285] netlink: 'syz.1.1113': attribute type 1 has an invalid length.
[  559.377576][T10285] bond1: entered promiscuous mode
[  559.390138][T10285] 8021q: adding VLAN 0 to HW filter on device bond1
[  559.564126][T10256] Bluetooth: hci5: command 0x1003 tx timeout
[  559.575255][ T9987] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  559.766404][T10287] 8021q: adding VLAN 0 to HW filter on device bond2
[  559.787848][T10287] bond1: (slave bond2): making interface the new active one
[  559.795429][T10287] bond2: entered promiscuous mode
[  559.806116][T10287] bond1: (slave bond2): Enslaving as an active interface with an up link
[  559.820059][ T5848] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  562.011962][T10306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1116'.
[  562.633502][ T2151] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  562.802160][ T2151] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  562.822024][ T5925] usb 1-1: new full-speed USB device number 24 using dummy_hcd
[  563.118012][T10330] : entered promiscuous mode
[  563.550979][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  563.557406][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  563.656255][T10052] 8021q: adding VLAN 0 to HW filter on device batadv0
[  563.697131][ T5925] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  563.716617][ T5925] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.793539][ T5925] usb 1-1: config 0 descriptor??
[  563.817563][T10328] fido_id[10328]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  563.870968][ T5925] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  564.163588][ T5979] Bluetooth: hci5: Frame reassembly failed (-84)
[  564.211141][ T5925] gp8psk: usb out operation failed.
[  564.222928][ T5925] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  564.266333][ T5903] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  564.274230][ T5925] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  564.312483][ T5925] usb 1-1: USB disconnect, device number 24
[  564.455207][ T5903] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  564.472516][ T5903] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.497366][ T5903] usb 4-1: config 0 descriptor??
[  564.539807][ T5903] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  564.723603][T10052] veth0_vlan: entered promiscuous mode
[  564.756678][T10052] veth1_vlan: entered promiscuous mode
[  564.819526][T10052] veth0_macvtap: entered promiscuous mode
[  564.841037][T10052] veth1_macvtap: entered promiscuous mode
[  564.886980][T10052] batman_adv: batadv0: Interface activated: batadv_slave_0
[  564.918028][T10052] batman_adv: batadv0: Interface activated: batadv_slave_1
[  564.937148][T10052] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  564.948368][ T5903] gp8psk: usb out operation failed.
[  564.960125][ T5903] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  564.970731][T10052] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  564.980249][T10052] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  564.989889][ T5903] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  565.159215][T10360] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  565.208132][T10052] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  565.227499][ T5903] usb 4-1: USB disconnect, device number 25
[  565.460895][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.489477][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  565.639029][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.678387][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.183031][ T9987] Bluetooth: hci5: command 0x1003 tx timeout
[  566.190128][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  566.942024][    T9] hid-generic 0000:0004:0034.0026: unknown main item tag 0x0
[  566.985830][    T9] hid-generic 0000:0004:0034.0026: unknown main item tag 0x0
[  567.056475][    T9] hid-generic 0000:0004:0034.0026: unknown main item tag 0x0
[  567.400306][    T9] hid-generic 0000:0004:0034.0026: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  567.771075][T10383] netlink: 'syz.1.1129': attribute type 10 has an invalid length.
[  568.182575][T10388] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  569.056370][T10382] fido_id[10382]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  569.528114][T10402] [U] ��M٭��Q&�� K�4
[  570.139372][T10398] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј��EY�	T�T<$C�R�Ɩ�/VG���{Y�~Y5\�
;ƃZ��DX���Y�A��"XI�F�{���T���%`RZTA	��5ֲ�ڞF��J՘�M_ϖ~2L�1�	]��ү�$R0-<���`�*	ܠ�̎K�}��2�<B	Z�[��������۳?_/�Wڦ��$C���,6C�]�LP#�LE�K�N"3!�H�<��XXƦ9�`�Pֈ�MN`Z
[  570.511971][T10409] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1135'.
[  572.095976][ T5942] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  572.571372][ T9987] Bluetooth: hci5: command 0x1003 tx timeout
[  572.578400][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  572.743049][T10433] syz_tun: entered allmulticast mode
[  573.369421][T10426] syz_tun: left allmulticast mode
[  573.431188][ T5942] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  573.440645][ T5942] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.457453][ T5942] usb 6-1: config 0 descriptor??
[  573.523515][ T5942] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  574.226667][ T5942] gp8psk: usb in 128 operation failed.
[  574.253972][T10435] wg2: entered promiscuous mode
[  574.280598][ T5942] gp8psk: usb in 137 operation failed.
[  574.281592][T10435] wg2: entered allmulticast mode
[  574.322411][ T5942] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  574.402134][ T5942] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  574.443302][ T5942] usb 6-1: USB disconnect, device number 2
[  574.611635][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1146'.
[  574.681749][ T2151] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  575.034846][ T2151] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.195876][ T2151] usb 4-1: config 0 interface 0 has no altsetting 0
[  575.278796][ T2151] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  575.308831][T10464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1148'.
[  575.344620][ T2151] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.503747][ T2151] usb 4-1: config 0 descriptor??
[  576.203994][T10476] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  576.278722][ T2151] input: HID 054c:03d5 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:054C:03D5.0027/input/input22
[  576.502191][ T6447] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  576.821880][ T6447] usb 3-1: config 0 has an invalid interface number: 20 but max is 0
[  576.904267][ T2151] sony 0003:054C:03D5.0027: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.3-1/input0
[  577.007230][ T6447] usb 3-1: config 0 has no interface number 0
[  577.216912][ T6447] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  577.363090][ T6447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.443760][ T6447] usb 3-1: Product: syz
[  577.448065][ T6447] usb 3-1: Manufacturer: syz
[  577.523573][ T6447] usb 3-1: SerialNumber: syz
[  577.601612][ T6447] usb 3-1: config 0 descriptor??
[  577.630242][ T6447] usb-storage 3-1:0.20: USB Mass Storage device detected
[  577.670186][T10493] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1155'.
[  577.703238][T10493] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1155'.
[  577.735284][ T6447] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  578.580604][ T5903] usb 4-1: USB disconnect, device number 26
[  578.686822][ T6447] usb 3-1: USB disconnect, device number 21
[  578.901689][T10516] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1158'.
[  578.916919][T10514] netlink: 'syz.1.1160': attribute type 10 has an invalid length.
[  578.991885][T10516] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1158'.
[  579.411950][T10517] syz_tun: entered allmulticast mode
[  579.768890][T10511] syz_tun: left allmulticast mode
[  581.595026][T10538] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1163'.
[  581.984059][T10551] netlink: 1276 bytes leftover after parsing attributes in process `syz.2.1167'.
[  582.085702][T10554] netlink: 'syz.1.1168': attribute type 1 has an invalid length.
[  583.212725][T10563] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1171'.
[  583.244882][T10563] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1171'.
[  583.374497][ T6447] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  583.430469][ T2151] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  583.778777][ T6447] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  583.908724][ T2151] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  583.970421][ T6447] usb 1-1: config 0 interface 0 has no altsetting 0
[  584.007266][T10566] syz_tun: entered allmulticast mode
[  584.058044][ T2151] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  584.076217][ T6447] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  584.170250][T10564] syz_tun: left allmulticast mode
[  584.214410][ T6447] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  584.227646][   T48] hid-generic 0000:0004:0034.0028: unknown main item tag 0x0
[  584.308732][   T48] hid-generic 0000:0004:0034.0028: unknown main item tag 0x0
[  584.371614][   T48] hid-generic 0000:0004:0034.0028: unknown main item tag 0x0
[  584.509038][ T2151] usb 6-1: config 0 descriptor??
[  584.602233][ T6447] usb 1-1: config 0 descriptor??
[  584.869414][ T2151] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  584.905303][   T48] hid-generic 0000:0004:0034.0028: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  585.463362][ T6447] usbhid 1-1:0.0: can't add hid device: -71
[  585.469662][ T6447] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  585.489527][ T6447] usb 1-1: USB disconnect, device number 25
[  585.612353][ T2151] gp8psk: usb out operation failed.
[  585.620742][ T2151] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  585.657769][ T2151] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  585.746961][T10579] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1176'.
[  585.770619][ T2151] usb 6-1: USB disconnect, device number 3
[  585.853052][T10575] fido_id[10575]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  587.175111][T10581] syz_tun: entered allmulticast mode
[  587.518549][T10580] syz_tun: left allmulticast mode
[  589.370089][T10616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1184'.
[  590.224215][T10620] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1185'.
[  590.263414][T10620] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1185'.
[  591.434589][T10630] netlink: 'syz.3.1188': attribute type 153 has an invalid length.
[  591.451920][T10630] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1188'.
[  591.639850][T10636] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[  593.580742][T10657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1194'.
[  594.010688][T10664] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  596.085165][T10694] netlink: 'syz.1.1204': attribute type 10 has an invalid length.
[  596.157778][ T6447] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0
[  596.334366][ T6447] hid-generic 0000:0000:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  596.488082][T10701] fuse: Bad value for 'fd'
[  596.550132][T10701] : entered promiscuous mode
[  597.590832][T10713] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1208'.
[  597.719166][T10703] fido_id[10703]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  600.031057][T10725] syz_tun: entered allmulticast mode
[  600.209459][T10724] syz_tun: left allmulticast mode
[  602.771897][T10752] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1218'.
[  603.565966][T10762] FAULT_INJECTION: forcing a failure.
[  603.565966][T10762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  603.579385][T10762] CPU: 0 UID: 0 PID: 10762 Comm: syz.3.1220 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[  603.579411][T10762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  603.579424][T10762] Call Trace:
[  603.579432][T10762]  <TASK>
[  603.579441][T10762]  dump_stack_lvl+0x189/0x250
[  603.579470][T10762]  ? __pfx____ratelimit+0x10/0x10
[  603.579501][T10762]  ? __pfx_dump_stack_lvl+0x10/0x10
[  603.579524][T10762]  ? __pfx__printk+0x10/0x10
[  603.579547][T10762]  ? lock_acquire+0x175/0x360
[  603.579581][T10762]  should_fail_ex+0x414/0x560
[  603.579615][T10762]  _copy_from_user+0x2d/0xb0
[  603.579639][T10762]  ___sys_sendmsg+0x158/0x2a0
[  603.579686][T10762]  ? __pfx____sys_sendmsg+0x10/0x10
[  603.579761][T10762]  ? __fget_files+0x2a/0x420
[  603.579780][T10762]  ? __fget_files+0x3a0/0x420
[  603.579811][T10762]  __x64_sys_sendmsg+0x19b/0x260
[  603.579841][T10762]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  603.579888][T10762]  ? do_syscall_64+0xbe/0x3b0
[  603.579912][T10762]  do_syscall_64+0xfa/0x3b0
[  603.579933][T10762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.579952][T10762]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  603.579972][T10762]  ? clear_bhb_loop+0x60/0xb0
[  603.579998][T10762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.580018][T10762] RIP: 0033:0x7f8a0698e929
[  603.580035][T10762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  603.580054][T10762] RSP: 002b:00007f8a07715038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  603.580077][T10762] RAX: ffffffffffffffda RBX: 00007f8a06bb6160 RCX: 00007f8a0698e929
[  603.580093][T10762] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000005
[  603.580106][T10762] RBP: 00007f8a07715090 R08: 0000000000000000 R09: 0000000000000000
[  603.580118][T10762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.580131][T10762] R13: 0000000000000000 R14: 00007f8a06bb6160 R15: 00007ffce61b1b18
[  603.580164][T10762]  </TASK>
[  604.241298][ T4118] Bluetooth: hci6: Frame reassembly failed (-84)
[  604.249600][T10769] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  604.651379][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  605.025775][T10773] netlink: 'syz.3.1223': attribute type 12 has an invalid length.
[  606.243514][T10794] Illegal XDP return value 4294967274 on prog  (id 251) dev N/A, expect packet loss!
[  606.253994][T10256] Bluetooth: hci6: command 0x1003 tx timeout
[  606.334557][ T9987] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  607.232517][T10804] siw: device registration error -23
[  608.313680][T10811] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  608.735236][T10816] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1233'.
[  608.766024][T10815] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1232'.
[  609.052783][ T5941] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  609.261896][ T5941] usb 3-1: unable to get BOS descriptor or descriptor too short
[  609.312745][T10824] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  609.374908][ T5941] usb 3-1: not running at top speed; connect to a high speed hub
[  609.514341][ T5941] usb 3-1: config 129 has an invalid interface number: 28 but max is 0
[  609.547036][ T5941] usb 3-1: config 129 has no interface number 0
[  609.584740][ T5941] usb 3-1: config 129 interface 28 altsetting 250 has an endpoint descriptor with address 0xFD, changing to 0x8D
[  610.131328][ T5941] usb 3-1: config 129 interface 28 altsetting 250 endpoint 0x8D has invalid maxpacket 18502, setting to 64
[  610.171306][ T5941] usb 3-1: config 129 interface 28 altsetting 250 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  610.193261][ T5941] usb 3-1: config 129 interface 28 has no altsetting 0
[  610.207541][ T5941] usb 3-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=db.57
[  610.217777][ T5941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  610.251244][ T5941] usb 3-1: Product: syz
[  610.285766][ T5941] usb 3-1: Manufacturer: syz
[  610.302370][ T5941] usb 3-1: SerialNumber: syz
[  610.340665][T10816] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  610.924514][T10215] hid-generic 0000:0004:0034.002A: unknown main item tag 0x0
[  611.068780][T10215] hid-generic 0000:0004:0034.002A: unknown main item tag 0x0
[  611.181140][T10215] hid-generic 0000:0004:0034.002A: unknown main item tag 0x0
[  611.226741][T10841] syz_tun: entered allmulticast mode
[  611.423395][T10840] syz_tun: left allmulticast mode
[  612.098559][T10215] hid-generic 0000:0004:0034.002A: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  613.477936][T10854] netlink: 'syz.1.1239': attribute type 10 has an invalid length.
[  613.623799][ T5927] hid-generic 0000:0004:0034.002B: unknown main item tag 0x0
[  613.652439][ T5927] hid-generic 0000:0004:0034.002B: unknown main item tag 0x0
[  613.667721][ T5927] hid-generic 0000:0004:0034.002B: unknown main item tag 0x0
[  613.769828][ T5927] hid-generic 0000:0004:0034.002B: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  613.785173][T10853] syz_tun: entered allmulticast mode
[  613.829538][ T5941] etas_es58x 3-1:129.28: Starting syz syz (Serial Number syz)
[  613.853544][T10862] netlink: 'syz.5.1241': attribute type 12 has an invalid length.
[  613.876134][ T5941] etas_es58x 3-1:129.28: could not retrieve the product info string
[  613.897090][T10849] syz_tun: left allmulticast mode
[  614.098979][ T5941] usb 3-1: USB disconnect, device number 22
[  614.138543][ T5941] etas_es58x 3-1:129.28: Disconnecting syz syz
[  614.176221][T10863] fido_id[10863]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  614.182884][T10870] FAULT_INJECTION: forcing a failure.
[  614.182884][T10870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  614.343737][T10870] CPU: 0 UID: 0 PID: 10870 Comm: syz.0.1243 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[  614.343767][T10870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  614.343780][T10870] Call Trace:
[  614.343788][T10870]  <TASK>
[  614.343796][T10870]  dump_stack_lvl+0x189/0x250
[  614.343824][T10870]  ? __pfx____ratelimit+0x10/0x10
[  614.343855][T10870]  ? __pfx_dump_stack_lvl+0x10/0x10
[  614.343879][T10870]  ? __pfx__printk+0x10/0x10
[  614.343905][T10870]  ? __might_fault+0xb0/0x130
[  614.343954][T10870]  should_fail_ex+0x414/0x560
[  614.343988][T10870]  _copy_from_user+0x2d/0xb0
[  614.344013][T10870]  do_ipv6_setsockopt+0x32d/0x2fb0
[  614.344052][T10870]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  614.344087][T10870]  ? get_pid_task+0x20/0x1f0
[  614.344129][T10870]  ? rcu_read_lock_any_held+0xb3/0x120
[  614.344154][T10870]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  614.344181][T10870]  ? vfs_write+0x8d8/0xa90
[  614.344225][T10870]  ? __lock_acquire+0xab9/0xd20
[  614.344253][T10870]  ipv6_setsockopt+0x59/0x170
[  614.344279][T10870]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  614.344302][T10870]  do_sock_setsockopt+0x25a/0x3e0
[  614.344331][T10870]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  614.344361][T10870]  ? __fget_files+0x2a/0x420
[  614.344388][T10870]  __x64_sys_setsockopt+0x18b/0x220
[  614.344418][T10870]  do_syscall_64+0xfa/0x3b0
[  614.344437][T10870]  ? lockdep_hardirqs_on+0x9c/0x150
[  614.344467][T10870]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.344488][T10870]  ? clear_bhb_loop+0x60/0xb0
[  614.344512][T10870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.344532][T10870] RIP: 0033:0x7fb56f98e929
[  614.344550][T10870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  614.344567][T10870] RSP: 002b:00007fb570715038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  614.344590][T10870] RAX: ffffffffffffffda RBX: 00007fb56fbb5fa0 RCX: 00007fb56f98e929
[  614.344605][T10870] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  614.344616][T10870] RBP: 00007fb570715090 R08: 0000000000000578 R09: 0000000000000000
[  614.344629][T10870] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[  614.344641][T10870] R13: 0000000000000000 R14: 00007fb56fbb5fa0 R15: 00007fffd7847548
[  614.344673][T10870]  </TASK>
[  614.950265][T10881] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1245'.
[  615.690353][T10887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1247'.
[  616.861021][ T5927] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  617.084411][ T5927] usb 3-1: Using ep0 maxpacket: 16
[  617.114721][ T5927] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  617.169025][ T5927] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  617.213755][ T5927] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  617.234096][ T5927] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.249504][T10910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  617.251515][ T5925] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  617.267668][ T5927] usb 3-1: Product: syz
[  617.278531][T10910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  617.287068][ T5927] usb 3-1: Manufacturer: syz
[  617.298830][T10910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  617.304876][ T5927] usb 3-1: SerialNumber: syz
[  617.323025][T10910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  617.342766][ T5927] usb 3-1: config 0 descriptor??
[  617.374406][ T5927] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  617.389476][ T5927] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  617.463840][ T5925] usb 1-1: config 0 has an invalid interface number: 20 but max is 0
[  617.485238][ T5925] usb 1-1: config 0 has no interface number 0
[  617.511963][ T5925] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  617.523477][ T5925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.532622][ T5925] usb 1-1: Product: syz
[  617.537725][ T5925] usb 1-1: Manufacturer: syz
[  617.543746][ T5925] usb 1-1: SerialNumber: syz
[  617.572603][ T5925] usb 1-1: config 0 descriptor??
[  617.593403][ T5925] usb-storage 1-1:0.20: USB Mass Storage device detected
[  617.625156][ T5925] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  617.945124][ T5941] usb 1-1: USB disconnect, device number 26
[  617.982811][ T5927] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  618.118076][T10923] syz_tun: entered allmulticast mode
[  618.580315][T10917] syz_tun: left allmulticast mode
[  619.064113][ T5927] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  619.528982][ T5927] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[  619.668999][ T5927] em28xx 3-1:0.0: No AC97 audio processor
[  619.763717][ T5927] usb 3-1: USB disconnect, device number 23
[  619.819855][ T5927] em28xx 3-1:0.0: Disconnecting em28xx
[  619.888457][ T5927] em28xx 3-1:0.0: Freeing device
[  619.907174][T10933] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1257'.
[  620.480373][T10930] syz_tun: entered allmulticast mode
[  620.814111][T10215] hid-generic 0000:0004:0034.002C: unknown main item tag 0x0
[  620.862695][T10929] syz_tun: left allmulticast mode
[  620.893613][T10215] hid-generic 0000:0004:0034.002C: unknown main item tag 0x0
[  620.960384][T10215] hid-generic 0000:0004:0034.002C: unknown main item tag 0x0
[  621.240606][T10215] hid-generic 0000:0004:0034.002C: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  622.675467][T10944] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1260'.
[  622.750391][T10948] fido_id[10948]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  622.791385][ T5941] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  622.951499][ T5941] usb 3-1: Using ep0 maxpacket: 8
[  622.968851][ T5941] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  622.983089][ T5941] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  623.020950][ T5941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.046939][T10954] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1265'.
[  623.058735][ T5941] usb 3-1: config 0 descriptor??
[  623.291502][ T5927] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  623.494961][ T5927] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  624.236887][T10215] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  624.291379][ T5927] usb 2-1: config 0 has no interface number 0
[  624.337867][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  624.361730][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  624.474096][T10215] usb 1-1: Using ep0 maxpacket: 8
[  624.672171][T10215] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  624.767700][ T5927] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  624.820269][T10959] syz_tun: entered allmulticast mode
[  624.965524][T10958] syz_tun: left allmulticast mode
[  625.227572][T10215] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  625.292157][   T24] hid-generic 0000:0004:0034.002D: unknown main item tag 0x0
[  625.389089][   T24] hid-generic 0000:0004:0034.002D: unknown main item tag 0x0
[  625.447009][   T24] hid-generic 0000:0004:0034.002D: unknown main item tag 0x0
[  625.485794][T10215] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  625.581998][ T5941] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  625.644112][T10215] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.702412][   T24] hid-generic 0000:0004:0034.002D: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  625.755603][T10215] usb 1-1: Product: syz
[  625.813887][T10215] usb 1-1: Manufacturer: syz
[  625.878607][T10215] usb 1-1: SerialNumber: syz
[  625.934918][ T5941] usb 3-1: USB disconnect, device number 24
[  625.971376][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.979453][ T5927] usb 2-1: Product: syz
[  625.984732][ T5927] usb 2-1: Manufacturer: syz
[  625.989927][ T5927] usb 2-1: SerialNumber: syz
[  626.010169][ T5927] usb 2-1: config 0 descriptor??
[  626.129735][ T5927] usb 2-1: can't set config #0, error -71
[  626.143146][T10215] usb 1-1: config 0 descriptor??
[  626.163876][ T5927] usb 2-1: USB disconnect, device number 23
[  626.234679][T10215] usb 1-1: can't set config #0, error -71
[  626.694559][T10215] usb 1-1: USB disconnect, device number 27
[  627.558360][T10974] fido_id[10974]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  628.885353][T10995] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1274'.
[  630.679523][T11008] syz_tun: entered allmulticast mode
[  630.786369][ T5941] hid-generic 0000:0004:0034.002E: unknown main item tag 0x0
[  630.941095][T11007] syz_tun: left allmulticast mode
[  631.036068][ T5941] hid-generic 0000:0004:0034.002E: unknown main item tag 0x0
[  631.205861][ T5941] hid-generic 0000:0004:0034.002E: unknown main item tag 0x0
[  631.689283][ T5941] hid-generic 0000:0004:0034.002E: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  631.990077][T11022] fido_id[11022]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  632.353127][ T6447] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  632.392305][ T5941] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  633.024573][T11035] syz_tun: entered allmulticast mode
[  633.361039][T11034] syz_tun: left allmulticast mode
[  633.412976][T11038] netlink: 'syz.5.1283': attribute type 3 has an invalid length.
[  633.420790][T11038] netlink: 201372 bytes leftover after parsing attributes in process `syz.5.1283'.
[  633.500376][ T5941] usb 3-1: Using ep0 maxpacket: 16
[  633.551515][ T6447] usb 1-1: config 0 has an invalid interface number: 20 but max is 0
[  633.559816][ T6447] usb 1-1: config 0 has no interface number 0
[  633.864577][ T5941] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  634.107514][ T6447] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  634.134206][ T5941] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  634.158228][ T6447] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.175396][ T5941] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  634.191311][ T6447] usb 1-1: Product: syz
[  634.217635][ T6447] usb 1-1: Manufacturer: syz
[  634.236317][ T6447] usb 1-1: SerialNumber: syz
[  634.241680][ T5941] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  634.277565][ T6447] usb 1-1: config 0 descriptor??
[  634.290729][ T5941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.321043][ T5941] usb 3-1: Product: syz
[  634.334097][ T5941] usb 3-1: Manufacturer: syz
[  634.351396][ T5941] usb 3-1: SerialNumber: syz
[  634.423479][ T6447] usb-storage 1-1:0.20: USB Mass Storage device detected
[  635.430870][ T6447] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  635.773628][ T5941] usb 3-1: 0:2 : does not exist
[  635.819495][ T5941] usb 3-1: 1:0: cannot get min/max values for control 4 (id 1)
[  636.376484][ T5941] usb 3-1: USB disconnect, device number 25
[  636.744726][T11069] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  636.815898][ T6447] usb 1-1: USB disconnect, device number 28
[  637.446625][T11081] FAULT_INJECTION: forcing a failure.
[  637.446625][T11081] name failslab, interval 1, probability 0, space 0, times 0
[  637.460508][T11081] CPU: 0 UID: 0 PID: 11081 Comm: syz.0.1291 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[  637.460537][T11081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  637.460550][T11081] Call Trace:
[  637.460559][T11081]  <TASK>
[  637.460568][T11081]  dump_stack_lvl+0x189/0x250
[  637.460600][T11081]  ? __pfx_dump_stack_lvl+0x10/0x10
[  637.460625][T11081]  ? __pfx__printk+0x10/0x10
[  637.460669][T11081]  should_fail_ex+0x414/0x560
[  637.460704][T11081]  ? file_tty_write+0x2a8/0x990
[  637.460724][T11081]  should_failslab+0xa8/0x100
[  637.460758][T11081]  __kvmalloc_node_noprof+0x161/0x5f0
[  637.460789][T11081]  ? file_tty_write+0x2a8/0x990
[  637.460817][T11081]  file_tty_write+0x2a8/0x990
[  637.460850][T11081]  do_iter_readv_writev+0x56b/0x7f0
[  637.460884][T11081]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  637.460924][T11081]  ? vfs_writev+0x2fb/0x960
[  637.460953][T11081]  vfs_writev+0x31a/0x960
[  637.460971][T11081]  ? preempt_schedule_irq+0xb5/0x150
[  637.461006][T11081]  ? __lock_acquire+0xab9/0xd20
[  637.461028][T11081]  ? __pfx_vfs_writev+0x10/0x10
[  637.461067][T11081]  ? __fget_files+0x2a/0x420
[  637.461092][T11081]  ? __fget_files+0x3a0/0x420
[  637.461109][T11081]  ? __fget_files+0x2a/0x420
[  637.461139][T11081]  do_writev+0x14d/0x2d0
[  637.461163][T11081]  ? __pfx_do_writev+0x10/0x10
[  637.461210][T11081]  do_syscall_64+0xfa/0x3b0
[  637.461236][T11081]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.461255][T11081]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  637.461275][T11081]  ? clear_bhb_loop+0x60/0xb0
[  637.461299][T11081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.461319][T11081] RIP: 0033:0x7fb56f98e929
[  637.461338][T11081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.461355][T11081] RSP: 002b:00007fb56d7d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  637.461377][T11081] RAX: ffffffffffffffda RBX: 00007fb56fbb6160 RCX: 00007fb56f98e929
[  637.461392][T11081] RDX: 0000000000000003 RSI: 0000200000000100 RDI: 0000000000000005
[  637.461406][T11081] RBP: 00007fb56d7d5090 R08: 0000000000000000 R09: 0000000000000000
[  637.461418][T11081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.461431][T11081] R13: 0000000000000000 R14: 00007fb56fbb6160 R15: 00007fffd7847548
[  637.461465][T11081]  </TASK>
[  637.801297][ T7610] udevd[7610]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  638.885597][ T5927] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  639.068559][ T5927] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  639.092590][T11102] netlink: 'syz.2.1295': attribute type 12 has an invalid length.
[  639.154462][ T5927] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.378034][T11107] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1296'.
[  639.406470][ T5927] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  639.669627][ T5927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.867197][ T5927] usb 1-1: config 0 descriptor??
[  640.520939][T11111] netlink: 'syz.3.1298': attribute type 10 has an invalid length.
[  640.742775][ T5927] input: HID 054c:03d5 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:054C:03D5.002F/input/input23
[  640.807363][T11119] Invalid ELF header len 8
[  640.903541][ T5927] sony 0003:054C:03D5.002F: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.0-1/input0
[  642.912613][ T6447] usb 1-1: USB disconnect, device number 29
[  643.956662][T11176] netlink: 'syz.1.1311': attribute type 10 has an invalid length.
[  644.170261][   T30] audit: type=1326 audit(1752318026.663:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.369621][   T30] audit: type=1326 audit(1752318026.663:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.516853][   T30] audit: type=1326 audit(1752318026.663:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.740666][   T30] audit: type=1326 audit(1752318026.663:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.766300][   T30] audit: type=1326 audit(1752318026.663:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.789941][   T30] audit: type=1326 audit(1752318026.663:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.831791][   T30] audit: type=1326 audit(1752318026.663:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.882564][   T30] audit: type=1326 audit(1752318026.663:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.951334][   T30] audit: type=1326 audit(1752318026.663:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  644.991467][ T5927] usb 4-1: new full-speed USB device number 27 using dummy_hcd
[  645.023401][   T30] audit: type=1326 audit(1752318026.663:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11163 comm="syz.5.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f573a78e929 code=0x7ffc0000
[  645.042439][ T6447] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  645.163743][ T5927] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  645.193918][ T5927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.371722][T11206] FAULT_INJECTION: forcing a failure.
[  645.371722][T11206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.385067][T11206] CPU: 1 UID: 0 PID: 11206 Comm: syz.1.1316 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[  645.385095][T11206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  645.385109][T11206] Call Trace:
[  645.385119][T11206]  <TASK>
[  645.385129][T11206]  dump_stack_lvl+0x189/0x250
[  645.385158][T11206]  ? __pfx____ratelimit+0x10/0x10
[  645.385190][T11206]  ? __pfx_dump_stack_lvl+0x10/0x10
[  645.385213][T11206]  ? __pfx__printk+0x10/0x10
[  645.385240][T11206]  ? __might_fault+0xb0/0x130
[  645.385284][T11206]  should_fail_ex+0x414/0x560
[  645.385319][T11206]  _copy_from_user+0x2d/0xb0
[  645.385357][T11206]  ___sys_sendmsg+0x158/0x2a0
[  645.385385][T11206]  ? __pfx____sys_sendmsg+0x10/0x10
[  645.385470][T11206]  ? __fget_files+0x2a/0x420
[  645.385488][T11206]  ? __fget_files+0x3a0/0x420
[  645.385519][T11206]  __x64_sys_sendmsg+0x19b/0x260
[  645.385548][T11206]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  645.385603][T11206]  do_syscall_64+0xfa/0x3b0
[  645.385625][T11206]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  645.385645][T11206]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  645.385665][T11206]  ? clear_bhb_loop+0x60/0xb0
[  645.385694][T11206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  645.385714][T11206] RIP: 0033:0x7fac4218e929
[  645.385733][T11206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  645.385750][T11206] RSP: 002b:00007fac43077038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  645.385773][T11206] RAX: ffffffffffffffda RBX: 00007fac423b6160 RCX: 00007fac4218e929
[  645.385788][T11206] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000005
[  645.385801][T11206] RBP: 00007fac43077090 R08: 0000000000000000 R09: 0000000000000000
[  645.385814][T11206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  645.385833][T11206] R13: 0000000000000000 R14: 00007fac423b6160 R15: 00007ffd823a2428
[  645.385867][T11206]  </TASK>
[  645.721440][ T6447] usb 1-1: Using ep0 maxpacket: 8
[  645.746242][ T6447] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  645.751389][ T5927] usb 4-1: config 0 descriptor??
[  645.763753][ T6447] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  645.801546][ T6447] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  645.811322][ T6447] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.819580][ T6447] usb 1-1: Product: syz
[  645.824027][ T6447] usb 1-1: Manufacturer: syz
[  645.828877][ T6447] usb 1-1: SerialNumber: syz
[  646.000480][ T6447] usb 1-1: config 0 descriptor??
[  646.040393][ T6447] streamzap 1-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  646.043074][ T5927] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  646.467865][T11211] binder: 11210:11211 unknown command 0
[  646.475037][T11211] binder: 11210:11211 ioctl c0306201 200000000180 returned -22
[  646.641596][ T5927] gp8psk: usb out operation failed.
[  646.870696][ T5927] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  646.889189][ T5927] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  646.902596][ T5927] usb 4-1: USB disconnect, device number 27
[  646.920558][T11215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1320'.
[  646.971427][ T6447] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  647.077162][T11222] siw: device registration error -23
[  647.161484][ T6447] usb 6-1: Using ep0 maxpacket: 16
[  647.171390][ T6447] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  647.180322][ T6447] usb 6-1: config 0 has no interface number 0
[  647.195744][ T6447] usb 6-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  647.265036][T11226] netlink: 'syz.2.1321': attribute type 10 has an invalid length.
[  647.357379][ T6447] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.430529][ T6447] usb 6-1: Product: syz
[  647.451605][ T6447] usb 6-1: Manufacturer: syz
[  647.456443][ T6447] usb 6-1: SerialNumber: syz
[  647.740707][ T6447] usb 6-1: config 0 descriptor??
[  647.788882][ T6447] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  648.573564][ T6447] gspca_spca1528: reg_w err -110
[  648.811679][ T6447] spca1528 6-1:0.1: probe with driver spca1528 failed with error -110
[  648.840087][T11209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  648.898198][T11209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  648.980337][T11209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  648.998231][T11209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  649.229868][T11241] trusted_key: syz.3.1323 sent an empty control message without MSG_MORE.
[  650.042402][T11244] netlink: 'syz.1.1324': attribute type 10 has an invalid length.
[  650.980911][   T24] usb 6-1: USB disconnect, device number 4
[  651.165832][T11262] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1326'.
[  651.197939][   T49] Bluetooth: hci5: Frame reassembly failed (-84)
[  651.318951][T11259] Bluetooth: hci5: Frame reassembly failed (-84)
[  651.441918][T11263] Bluetooth: hci5: Frame reassembly failed (-84)
[  651.507949][   T24] usb 1-1: USB disconnect, device number 30
[  651.609794][T11259] Bluetooth: hci5: Frame reassembly failed (-84)
[  652.838913][T11274] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1331'.
[  653.224598][T10256] Bluetooth: hci5: command 0x1003 tx timeout
[  653.227016][T11287] netlink: 'syz.2.1333': attribute type 10 has an invalid length.
[  653.231208][ T9987] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  653.239978][ T6447] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  653.341478][T11288] siw: device registration error -23
[  654.071410][ T6447] usb 1-1: Using ep0 maxpacket: 16
[  654.090330][ T6447] usb 1-1: config 4 has an invalid interface number: 51 but max is 0
[  654.451535][ T6447] usb 1-1: config 4 has no interface number 0
[  654.457759][ T6447] usb 1-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  654.477088][ T6447] usb 1-1: config 4 interface 51 has no altsetting 0
[  654.590538][ T6447] usb 1-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  654.600832][ T6447] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.609532][ T6447] usb 1-1: Product: syz
[  654.615323][ T6447] usb 1-1: Manufacturer: syz
[  654.621530][ T6447] usb 1-1: SerialNumber: syz
[  654.626298][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  654.626313][   T30] audit: type=1326 audit(1752318037.113:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  654.686749][T11270] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  654.834294][ T6447] cdc_eem 1-1:4.51: probe with driver cdc_eem failed with error -22
[  655.220924][T11292] syz_tun: entered allmulticast mode
[  655.711336][T11291] syz_tun: left allmulticast mode
[  656.202381][   T30] audit: type=1326 audit(1752318037.113:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  656.409992][   T30] audit: type=1326 audit(1752318037.113:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  656.478077][ T5942] hid-generic 0000:0004:0034.0030: unknown main item tag 0x0
[  656.906798][ T5942] hid-generic 0000:0004:0034.0030: unknown main item tag 0x0
[  657.282497][   T30] audit: type=1326 audit(1752318037.113:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  657.304119][ T5942] hid-generic 0000:0004:0034.0030: unknown main item tag 0x0
[  657.311693][   T30] audit: type=1326 audit(1752318037.113:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  657.334692][   T30] audit: type=1326 audit(1752318037.113:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  657.362354][   T30] audit: type=1326 audit(1752318037.113:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  657.398387][   T30] audit: type=1326 audit(1752318037.113:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  657.407666][ T6447] usb 1-1: USB disconnect, device number 31
[  657.446760][   T30] audit: type=1326 audit(1752318037.113:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  657.462200][ T5942] hid-generic 0000:0004:0034.0030: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  657.484259][   T30] audit: type=1326 audit(1752318037.113:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11281 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac4218e929 code=0x7ffc0000
[  658.083771][T11303] netlink: 'syz.0.1337': attribute type 10 has an invalid length.
[  685.775944][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  685.782491][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  713.452999][T10256] Bluetooth: hci1: command 0x0406 tx timeout
[  731.702656][T11353] siw: device registration error -23
[  732.054410][ T5942] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  732.440182][ T5942] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  732.463453][ T5942] usb 2-1: config 0 interface 0 has no altsetting 0
[  732.840636][ T5942] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  733.002084][ T5942] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.013597][ T5942] usb 2-1: config 0 descriptor??
[  734.375231][T11372] syz_tun: entered allmulticast mode
[  734.709209][T11369] syz_tun: left allmulticast mode
[  734.769509][ T6447] hid-generic 0000:0004:0034.0032: unknown main item tag 0x0
[  734.828938][ T6447] hid-generic 0000:0004:0034.0032: unknown main item tag 0x0
[  734.895085][ T6447] hid-generic 0000:0004:0034.0032: unknown main item tag 0x0
[  735.558084][ T5942] input: HID 054c:03d5 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:054C:03D5.0031/input/input24
[  735.796351][ T6447] hid-generic 0000:0004:0034.0032: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  736.633097][ T5942] sony 0003:054C:03D5.0031: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.1-1/input0
[  736.872566][T11379] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  736.942410][ T5942] usb 2-1: USB disconnect, device number 24
[  737.271508][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  737.271526][   T30] audit: type=1326 audit(1752318119.783:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11388 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0698e929 code=0x7ffc0000
[  739.739431][   T30] audit: type=1326 audit(1752318119.793:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11388 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f8a0698e929 code=0x7ffc0000
[  743.649574][    C1] sched: DL replenish lagged too much
[  748.621266][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  750.887117][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  756.063573][   T30] audit: type=1326 audit(1752318119.793:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11388 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0698e929 code=0x7ffc0000
[  760.665538][   T30] audit: type=1326 audit(1752318119.793:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11388 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8a0698e929 code=0x7ffc0000
[  809.083781][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  809.173661][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  843.221170][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  843.228177][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P11377/1:b..l
[  843.236689][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=45517, q=705 ncpus=2)
[  843.244436][    C0] task:syz.2.1347      state:R  running task     stack:26888 pid:11377 tgid:11376 ppid:5845   task_flags:0x40054c flags:0x00004000
[  843.258914][    C0] Call Trace:
[  843.262233][    C0]  <TASK>
[  843.265202][    C0]  __schedule+0x16a2/0x4cb0
[  843.269772][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  843.275111][    C0]  ? __pfx___schedule+0x10/0x10
[  843.280010][    C0]  ? __lock_acquire+0xab9/0xd20
[  843.284903][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  843.290235][    C0]  preempt_schedule_irq+0xb5/0x150
[  843.295401][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  843.301179][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  843.307044][    C0]  irqentry_exit+0x6f/0x90
[  843.311527][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  843.317537][    C0] RIP: 0010:lock_acquire+0x18d/0x360
[  843.322852][    C0] Code: 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 ab d1 fe 10 48 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f <5d> e9 cd d3 cc 09 cc 65 8b 05 a5 11 ff 10 85 c0 75 ce 65 8b 05 8a
[  843.342498][    C0] RSP: 0018:ffffc90003d9f340 EFLAGS: 00000286
[  843.348607][    C0] RAX: a2f1f29f5d21dd00 RBX: ffffffff8164bdba RCX: a2f1f29f5d21dd00
[  843.356609][    C0] RDX: 0000000000000000 RSI: ffffffff8db72167 RDI: ffffffff8be1ca80
[  843.364612][    C0] RBP: ffffffff8172aae5 R08: 0000000000000000 R09: ffffffff8172aae5
[  843.372614][    C0] R10: ffffc90003d9f478 R11: ffffffff81ad0290 R12: 1ffff920007b3e85
[  843.380701][    C0] R13: ffffc90003d9f460 R14: ffffc90003d9f428 R15: ffffffff8172aae5
[  843.388701][    C0]  ? unwind_next_frame+0xa5/0x2390
[  843.393852][    C0]  ? unwind_next_frame+0xa5/0x2390
[  843.398996][    C0]  ? arch_do_signal_or_restart+0x9a/0x750
[  843.404765][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  843.410959][    C0]  ? unwind_next_frame+0xa5/0x2390
[  843.416110][    C0]  unwind_next_frame+0xc2/0x2390
[  843.421069][    C0]  ? unwind_next_frame+0xa5/0x2390
[  843.426219][    C0]  ? unwind_next_frame+0xa5/0x2390
[  843.431355][    C0]  ? get_signal+0x125e/0x1310
[  843.436057][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  843.442246][    C0]  arch_stack_walk+0x11c/0x150
[  843.447048][    C0]  ? arch_do_signal_or_restart+0x9a/0x750
[  843.452816][    C0]  stack_trace_save+0x9c/0xe0
[  843.457539][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  843.462946][    C0]  ? __kasan_kmalloc+0x93/0xb0
[  843.467761][    C0]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  843.473348][    C0]  ? kmem_cache_free+0x166/0x400
[  843.478325][    C0]  ? exit_mmap+0x53f/0xb50
[  843.482783][    C0]  ? __mmput+0x118/0x410
[  843.487057][    C0]  ? exit_mm+0x1da/0x2c0
[  843.491327][    C0]  ? do_exit+0x648/0x22e0
[  843.495678][    C0]  ? do_group_exit+0x21c/0x2d0
[  843.500481][    C0]  kasan_save_stack+0x3e/0x60
[  843.505216][    C0]  ? kasan_save_stack+0x3e/0x60
[  843.510104][    C0]  ? kasan_record_aux_stack+0xbd/0xd0
[  843.515505][    C0]  ? kmem_cache_free+0x2f6/0x400
[  843.520471][    C0]  ? exit_mmap+0x53f/0xb50
[  843.524935][    C0]  ? __mmput+0x118/0x410
[  843.529228][    C0]  ? exit_mm+0x1da/0x2c0
[  843.533513][    C0]  ? do_exit+0x648/0x22e0
[  843.537873][    C0]  ? do_group_exit+0x21c/0x2d0
[  843.542670][    C0]  ? get_signal+0x125e/0x1310
[  843.547373][    C0]  ? arch_do_signal_or_restart+0x9a/0x750
[  843.553180][    C0]  ? exit_mmap+0x53f/0xb50
[  843.557646][    C0]  kasan_record_aux_stack+0xbd/0xd0
[  843.562877][    C0]  kmem_cache_free+0x2f6/0x400
[  843.567706][    C0]  exit_mmap+0x53f/0xb50
[  843.571992][    C0]  ? uprobe_clear_state+0x20f/0x290
[  843.577247][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  843.582053][    C0]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  843.587728][    C0]  ? __pfx_exit_aio+0x10/0x10
[  843.592463][    C0]  ? uprobe_clear_state+0x274/0x290
[  843.597699][    C0]  ? mm_update_next_owner+0xa7/0x870
[  843.603043][    C0]  __mmput+0x118/0x410
[  843.607147][    C0]  exit_mm+0x1da/0x2c0
[  843.611261][    C0]  ? __pfx_exit_mm+0x10/0x10
[  843.615890][    C0]  ? rcu_is_watching+0x15/0xb0
[  843.620702][    C0]  do_exit+0x648/0x22e0
[  843.624903][    C0]  ? do_raw_spin_lock+0x121/0x290
[  843.629977][    C0]  ? __pfx_do_exit+0x10/0x10
[  843.634613][    C0]  do_group_exit+0x21c/0x2d0
[  843.639249][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  843.644491][    C0]  get_signal+0x125e/0x1310
[  843.649037][    C0]  arch_do_signal_or_restart+0x9a/0x750
[  843.654616][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  843.660846][    C0]  ? exit_to_user_mode_loop+0x40/0x110
[  843.666334][    C0]  exit_to_user_mode_loop+0x75/0x110
[  843.671644][    C0]  do_syscall_64+0x2bd/0x3b0
[  843.676259][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  843.681489][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.687581][    C0]  ? clear_bhb_loop+0x60/0xb0
[  843.692297][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.698222][    C0] RIP: 0033:0x7f24d6f8e929
[  843.702664][    C0] RSP: 002b:00007f24d7e160e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  843.711116][    C0] RAX: fffffffffffffe00 RBX: 00007f24d71b5fa8 RCX: 00007f24d6f8e929
[  843.719114][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f24d71b5fa8
[  843.727112][    C0] RBP: 00007f24d71b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  843.735108][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f24d71b5fac
[  843.743110][    C0] R13: 0000000000000000 R14: 00007ffc75ed2a10 R15: 00007ffc75ed2af8
[  843.751132][    C0]  </TASK>