last executing test programs:

7m22.041490302s ago: executing program 3 (id=594):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
syz_emit_ethernet(0x3e, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffff000000000000080045080030000000000001907800000000ffffffff2a009078000000004500000000000000000000007f000001e0000001"], 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f00000001c0)={0x3, &(0x7f00000002c0)=[{0x2, 0x0, 0xff}, {0x0, 0xca, 0x1, 0x6}, {0x6, 0x8, 0x8, 0x8}]}, 0x10)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
read$FUSE(r3, &(0x7f0000002980)={0x2020}, 0x2020)
poll(&(0x7f00000022c0)=[{r3}], 0x1, 0xb9)
write$FUSE_NOTIFY_RESEND(r3, &(0x7f0000002940)={0x14}, 0x14)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000400)=@filter={'filter\x00', 0x2, 0x4, 0x3a8, 0xffffffff, 0x1c0, 0xd0, 0x0, 0xfeffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [0x0, 0x0, 0x0, 0xff], [], 'macsec0\x00', 'bond_slave_0\x00', {0xff}, {0xff}, 0x6, 0x0, 0x1, 0x48}, 0x2f2, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x7, 0x50cc}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [], [], 'sit0\x00', 'dvmrp0\x00'}, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x1, 'syz0\x00', {0x42b5}}}}, {{@ipv6={@private2, @mcast1, [0x0, 0xffffffff, 0xffffffff, 0xffffff00], [0x0, 0xffffffff, 0xffffff00], 'macvlan1\x00', 'veth0_to_batadv\x00', {0xff}, {0xff}, 0x6c, 0x6, 0x6}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@ipv6header={{0x28}, {0x0, 0x80, 0x1}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x7, 'syz1\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)

7m17.397647103s ago: executing program 3 (id=608):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000940)=0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000780)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
memfd_create(&(0x7f0000000440)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x6)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x303100, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYBLOB=',rootmode=00000', @ANYBLOB=',group_', @ANYRESDEC=0x0, @ANYBLOB=',allow_other,\x00'])
io_uring_setup(0xb3c, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x20090000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002b80)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r5, 0x0, 0x5}, 0x18)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000005c0))
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r6, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r6, 0x7a5, &(0x7f00000000c0)={{@host}, 0x1})

7m15.600945445s ago: executing program 3 (id=611):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f00000052c0)={'broute\x00', 0x0, 0x0, 0x0, [0x9573, 0x1, 0x3, 0x5, 0x547, 0x1], 0x14, 0x0}, 0x78)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x7, 0x1, 0x10000000, 0x4, 0xaee}, 0x7, 0x7}, [{0x8, 0xfffff000, 0x2, 0x9, 0x1ff, 0xafe}, {0xe, 0xfffffffe, 0x1, 0x9, 0x4, 0x7}, {0x2, 0xfe73, 0x6, 0x8, 0x2, 0x10000}, {0x4320, 0x3bf6, 0x4, 0x8, 0xffffff9d, 0x4}, {0x6, 0x40, 0x3, 0x986, 0xffff6d72, 0xbf5}, {0x7ff, 0x9ef, 0x1, 0x3, 0x9, 0x81}, {0x7f, 0x5752, 0x0, 0x9, 0x7}, {0x9, 0xf7b, 0xa000, 0x8, 0x5, 0xa17}, {0x7, 0x200, 0x1000, 0x80, 0x4, 0x1}, {0x7, 0x80000000, 0x40, 0x3, 0xfffffff2, 0x8}, {0x5, 0xfff, 0xe4af, 0x5, 0x8, 0x7}, {0x6, 0xd, 0x230, 0x400, 0x6971, 0xfff}, {0x6, 0x8, 0x6, 0x2, 0x4, 0x3}, {0x83, 0x3, 0x4, 0x7, 0x9, 0xaa7}, {0x5, 0x2, 0x4, 0x80, 0x0, 0x100}, {0x4, 0x8, 0x9, 0x1, 0x2, 0x9}, {0x2690, 0x7ff, 0x11, 0xd, 0x2, 0x722dadd0}, {0x4b, 0x5, 0x9, 0x9, 0x279, 0x3}, {0x7, 0x7b5a, 0x4, 0x0, 0xfffffffb, 0x7fffffff}, {0x0, 0x0, 0x6fbc79d2, 0x9, 0x401, 0x5}, {0x0, 0x527e, 0xc7, 0x4, 0x80, 0x7}, {0x4, 0xd, 0x5, 0xbd52, 0x80, 0xef35}, {0x9, 0xb, 0x4, 0x8001, 0xfffffff8, 0x1}, {0x3, 0x8, 0xd, 0x81, 0x9, 0x400}, {0x8000, 0x74dfe8ce, 0x956b, 0x4, 0x2, 0xfffffff4}, {0xf2, 0x1ee, 0x5, 0xfffffd14, 0x9, 0x40}, {0x0, 0xd, 0x9, 0x8, 0xffffffff, 0x1}, {0xfffff125, 0x1000, 0x1ff, 0xfffffffe, 0x3, 0x1}, {0x0, 0xfffffff9, 0x6, 0x3, 0x7fffffff, 0x20000002}, {0xec, 0x8, 0x8f1, 0xfffffffb, 0xa, 0x10000}, {0x6, 0x726, 0x6, 0x8, 0xfff, 0x9}, {0x5, 0x9, 0x3, 0x5, 0x3, 0x2}, {0x4, 0xffff, 0x5, 0xfffffffe, 0x7f, 0x6}, {0x400, 0xf, 0xcf, 0xc, 0x4022, 0x4}, {0x4, 0x4, 0x8, 0xfff, 0x6, 0x1}, {0xffff, 0x3, 0xb5, 0x433, 0x6, 0x6}, {0x10000, 0x0, 0x7, 0x9, 0x20, 0x4}, {0x4, 0x9, 0x594, 0xf90, 0xc, 0x3}, {0x5, 0x657a0ecc, 0x10000, 0xa4, 0x0, 0x7}, {0x8, 0xde, 0x2, 0x4, 0x8001, 0x5}, {0x2, 0xe4, 0xe, 0x2, 0x0, 0x9}, {0x3, 0xff, 0x6, 0x7, 0xd7d9, 0x9}, {0x42, 0x2, 0x6, 0x7, 0xae45, 0x5}, {0x6, 0x9c, 0x5, 0x80, 0x7fffffff, 0x5}, {0x7, 0x3, 0x3, 0x9, 0x0, 0x4}, {0x7ff, 0x2, 0x8, 0x8, 0x9, 0x5}, {0x1, 0x1, 0x4, 0x800, 0x0, 0x8}, {0x8, 0x5, 0x3fd, 0x4, 0xffffffff, 0x7}, {0x4, 0x0, 0x6, 0x5, 0x9, 0x9}, {0x3, 0x80000001, 0xb, 0x1, 0x80000000}, {0x0, 0xfffffff7, 0x84e5, 0x7f, 0x3a, 0x3fd}, {0x8000, 0x7, 0x2, 0xd8, 0xa}, {0x9, 0x1004, 0x8, 0x6, 0x1, 0x2}, {0x0, 0x9, 0x9, 0xd, 0x7fffffff, 0xfffffc00}, {0x1, 0xfffffffc, 0x6, 0x2, 0xc0, 0xfffff44c}, {0x4, 0x2, 0xfffffff3, 0x9, 0xbe, 0x4}, {0x6, 0x3, 0x0, 0x7fff, 0x5, 0x7ff}, {0x400, 0x7, 0x80000000, 0x5, 0xfffffff7, 0x1}, {0x7, 0x100000, 0x200, 0x9, 0xbc, 0xf}, {0x1ff, 0xfffffffc, 0x1, 0x4, 0x1, 0x2}, {0x10000, 0x8000003, 0x5, 0x111, 0x7, 0x2}, {0x1d, 0x3, 0xda62, 0x4, 0x2, 0x8}, {0xb8000000, 0xfffffff8, 0x7, 0x9, 0x0, 0x49}, {0x8, 0x401, 0x9, 0x332a, 0x1, 0x2}, {0xfa0, 0x6, 0x2, 0x7, 0x8, 0x80}, {0x10001, 0x4, 0x400, 0x9, 0x6, 0xdbce}, {0x1, 0x57f, 0x800, 0xe49, 0x0, 0xa81c}, {0x5, 0x8, 0xa, 0x10, 0x6, 0x8}, {0x7f, 0xf, 0x1, 0x5, 0x401}, {0x7f, 0x4, 0x6, 0x2, 0x3}, {0x625, 0x80000001, 0xfc4, 0xfffffffd, 0x7}, {0x6, 0xfffffffc, 0x95db, 0x3d0b, 0x3, 0x80000001}, {0x7fff, 0x2, 0xffffff7f, 0x383, 0x8, 0x1}, {0x9, 0x4, 0x1, 0x80000000, 0xac, 0x9}, {0x9, 0xffffff80, 0xffff, 0xfff, 0x3, 0x3ff}, {0x47, 0x2, 0xb2f9, 0xbf, 0x1ff, 0x9}, {0xe, 0x310, 0x2, 0xad0, 0x7fffffff, 0x859}, {0x7, 0x6, 0x2, 0x1, 0x6, 0x3}, {0x7bf65384, 0x8, 0xe87, 0x215ac34e, 0x3, 0xfffffffd}, {0x3, 0x2, 0x1fd, 0x7, 0x2, 0x6}, {0x3, 0x0, 0x3, 0x80000001, 0xc3, 0xa9d}, {0x8, 0x200, 0x8, 0x8, 0xc, 0x2}, {0x4, 0x4, 0x13ca, 0x74, 0x2, 0x1}, {0x2, 0x2, 0x1, 0x7fff, 0x14, 0x3}, {0x80000000, 0x4, 0x899, 0xfff, 0x0, 0x2}, {0x5, 0x80000, 0x0, 0x1, 0x3, 0x3}, {0x400, 0x5, 0x3ff, 0x3, 0xd, 0x5}, {0x2, 0x20000000, 0x3, 0x6, 0x81, 0x5}, {0x6, 0x7ff, 0x1, 0x40, 0x9, 0x7}, {0x8, 0x0, 0xd, 0x6, 0x5}, {0x3, 0x9, 0x1, 0x3b1c, 0x2, 0x6}, {0x4, 0x49354bbb, 0x2, 0x3, 0x7, 0x9}, {0x5, 0x2, 0x10, 0x9, 0x2, 0x400}, {0xfff, 0x54, 0x8, 0xc, 0x0, 0x6}, {0x401, 0x6, 0xff, 0x6, 0x3, 0x3}, {0x80000000, 0x7d, 0x2, 0xb, 0x81, 0x3}, {0xc45c, 0xa, 0x0, 0x2, 0x4, 0x2}, {0x7, 0x6, 0x86, 0x9, 0x3, 0x8001}, {0x3a, 0x7eb, 0x4, 0x9, 0x9, 0x5}, {0x7011, 0xfff, 0x9, 0x1, 0x9, 0x2}, {0x1, 0xff, 0x8, 0x2968, 0x2, 0xfffffffc}, {0x1, 0x9, 0xc402, 0x1, 0x100, 0xc72}, {0xfffffff9, 0x5, 0x81, 0x26, 0x9, 0x1}, {0x7ff, 0x81, 0xfffffff8, 0x401, 0x5, 0x3ff}, {0x6, 0x6, 0xd, 0x0, 0x6e5f, 0x80}, {0x4, 0x3ff, 0xb, 0x0, 0x0, 0x10001}, {0x0, 0x4, 0x81, 0x4, 0x10, 0x4}, {0x7, 0x4, 0x81, 0x6, 0x2f, 0x6}, {0x3, 0xff, 0x2, 0x7f, 0x4, 0x5}, {0x4, 0x8, 0xd, 0x1, 0x5, 0x4}, {0xcab, 0xd, 0x4, 0xf, 0x8, 0x7}, {0x1, 0x2, 0x3, 0x5, 0x7, 0x34}, {0x0, 0x6, 0x10000, 0x8, 0xbb, 0x7fffffff}, {0x2, 0x9, 0x9, 0x9, 0x80, 0x7}, {0x39e3, 0x9, 0x0, 0x2, 0x31, 0x3}, {0xfffffffc, 0x4, 0x0, 0xbe50, 0x40, 0x7}, {0xe, 0x5, 0x7, 0xffffffff, 0xd, 0x1}, {0x5, 0x1000, 0x9, 0x4, 0x24e, 0x1}, {0x7, 0x7, 0x7, 0x80000000, 0x1, 0x5}, {0x7, 0x9, 0x4, 0x8dad, 0x6, 0x7}, {0x1, 0x101, 0x3, 0x7, 0x4, 0x7}, {0x3ff, 0x3, 0x5, 0x0, 0x0, 0x2}, {0x2, 0x5, 0x7, 0x5, 0x2, 0x8}, {0x3c, 0x3409, 0x3, 0x5, 0x997c, 0x2df0}, {0x2, 0x9, 0x10001, 0x8711, 0x800}, {0x81, 0x0, 0x1, 0x1db, 0x0, 0xb}, {0x2, 0x5, 0x2, 0x5, 0x0, 0x7}, {0x8, 0xdfd3, 0x8, 0x2, 0xfffffffe, 0x2}], [{0x4}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x5}, {0x3, 0x1}, {0x0, 0x1}, {0x6}, {0x2}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x5}, {0x2, 0x1}, {0x2}, {0x0, 0x1}, {0x4, 0x1}, {0x4}, {0x2}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x0, 0x1}, {0x3, 0x1}, {0x5}, {0x5}, {0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0xe691a73254f1a9a5, 0x1}, {0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x5}, {}, {0x2}, {0x4, 0x1}, {0x0, 0x3}, {0x2}, {0x2}, {0x1}, {0x5}, {0x2}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x3, 0x1}, {0x1, 0x1}, {}, {0x5}, {0x0, 0x1}, {0x5}, {}, {0x5}, {0x5}, {0x5, 0x1}, {}, {0x2}, {}, {0x2}, {0x3}, {0x0, 0x1}, {0x5, 0x2}, {0x2}, {0x3}, {0x5}, {0x4, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x4, 0x1}, {}, {}, {0x2, 0x1}, {}, {0x1, 0x708aee799a2a8f33}, {0x4}, {0x1, 0x1}, {0x4}, {0x0, 0x1}, {0x3}, {0x3}, {0x1, 0x1}, {0x4, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x5, 0x1}, {0x2}, {}, {0x3, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x1}, {0x3}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {}, {0x1}, {0x3}, {0x2}, {0x4}, {0x4, 0x1}, {0x2}, {0x1}], 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xe68}, 0x1, 0x0, 0x0, 0x4}, 0x20000015)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x4e21, 0x2, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4000, 0x0, @loopback}, 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000200))
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$tmpfs(0x0, 0x0, &(0x7f0000000100), 0x8000, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="510003000000", 0x6)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

7m13.456392053s ago: executing program 3 (id=618):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$9p_rdma(0x0, 0x0, 0x0, 0x1000800, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
dup3(0xffffffffffffffff, r1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000005180)={0x2020}, 0x2020)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=@newtaction={0x910, 0x31, 0x3d, 0x0, 0x0, {}, [{0x8fc, 0x1, [@m_police={0x838, 0x1e, 0x0, 0x0, {{0xb}, {0x80c, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x8, 0x6, 0x8000, 0x100000, 0x1, 0x7ff, 0x1, 0x10000, 0x9, 0x0, 0x10000, 0x4, 0x9, 0x6, 0x5, 0x10, 0x1000, 0x200, 0x1, 0x0, 0x4, 0xa0, 0x32d4, 0xa, 0x80000000, 0x10000, 0x4f7, 0x0, 0x9, 0x3, 0xfffffff5, 0x7, 0x3, 0x4, 0x80ed, 0x7fff, 0xfffffff9, 0x4, 0x4, 0x6, 0x0, 0xb6, 0xee5, 0x43, 0x2, 0xfffffffb, 0x1, 0x1ff, 0x3, 0x9, 0x4, 0x1, 0x905, 0x7, 0x6, 0x3, 0x1, 0x7, 0xffffffff, 0x58, 0x9, 0x7ff, 0xad, 0x2, 0xffffff61, 0x8a8, 0x1, 0x0, 0x8, 0x5, 0xffff8000, 0x100, 0x3, 0xffffffff, 0x4, 0xb, 0x1, 0x8, 0x10001, 0x302160e2, 0x0, 0x1, 0xff, 0x4, 0x80, 0x3, 0x4, 0x1, 0x7, 0x1, 0x7ff, 0xfffffffc, 0x81, 0x7, 0x66d3, 0xffffffff, 0xef2, 0x9, 0x6, 0x7fffffff, 0xe52, 0x7, 0x4, 0x400, 0x0, 0xffffffff, 0x7fffffff, 0x3, 0x2, 0x0, 0x2, 0x9265, 0x3, 0x8, 0xff, 0xb58, 0xe3, 0x0, 0x7000, 0x9ae, 0x2, 0x0, 0x550, 0x2, 0x59, 0x4ca, 0x559b, 0x0, 0x2, 0x2, 0x400, 0x37, 0x1ff, 0x1, 0x6, 0x4, 0xc40, 0x1, 0x1, 0x74, 0xee, 0x9, 0x10000, 0x401, 0xc, 0x59b1, 0xd114, 0xf, 0x7, 0x4, 0xff, 0x80, 0x620a, 0x9, 0x1, 0x2, 0x2, 0x8, 0xfffffbff, 0x43, 0x7, 0x8, 0x2, 0x38a9, 0xd85, 0x7, 0x3, 0x38, 0x4404, 0x1, 0x1020, 0x3ff, 0xf4d, 0x63ae, 0xffffff00, 0xffffffff, 0x9, 0x81, 0xd8, 0x8, 0x1, 0xc1e4, 0xfffffff8, 0x8, 0x3, 0xb, 0x7, 0x1, 0x0, 0x6, 0xc, 0x9, 0xfffffff9, 0xe, 0x0, 0x5, 0x8, 0x8, 0x0, 0x66, 0x7, 0x8, 0x1, 0x3, 0x8, 0x0, 0x6, 0x80, 0x6, 0x68f, 0x7, 0x3, 0x7, 0x8, 0xfff, 0x2, 0xe7d, 0x4, 0x4, 0x3, 0x7, 0x9, 0x4, 0x1ff, 0xfffffffd, 0xf45b, 0x8, 0x76, 0x1, 0x2, 0x0, 0x4, 0x326, 0x8, 0x8, 0x80000000, 0x30000, 0x2, 0x800000, 0x1e, 0x40, 0x5, 0x4, 0x9, 0x2, 0xffff, 0x80000001, 0x8, 0x1c000000, 0x84d1, 0xff, 0x84, 0x9, 0x2, 0x9]}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0xf, 0x4ef, 0x4, 0x2, 0x4, 0x511, 0x1, 0x1, 0x10001, 0x3, 0x7fff, 0x40, 0x7, 0x6, 0x9, 0xe67, 0xfffffff8, 0xf9, 0x4, 0x7, 0x7, 0x2, 0x7, 0x5, 0x6, 0x6, 0xfffffffd, 0x81, 0x8, 0x6, 0x9, 0x5, 0x2, 0x8001, 0x7, 0xadc3, 0xd, 0x4, 0x1, 0x7, 0xf3fc, 0x800, 0x5, 0x7, 0xb, 0x6, 0x101, 0x8, 0x2d1c, 0x10, 0x6, 0x3, 0x1, 0x6, 0x1, 0x7fffffff, 0xb, 0x7, 0xfffffffe, 0x6, 0x7f, 0x100, 0x1, 0xffffffff, 0xd, 0x800, 0x9, 0x3, 0xd15, 0x0, 0x3, 0x5, 0x8, 0x0, 0x3, 0x4, 0x7, 0x40, 0x10, 0x3, 0xfffffffb, 0x8, 0x46, 0xffffffff, 0x0, 0x8, 0xf41, 0x80000000, 0xfffffffc, 0x8, 0x6, 0x7, 0x40, 0x7f, 0x94, 0xe2d, 0x1, 0x9, 0x909b, 0xffffff01, 0xfffffff8, 0x5, 0xfffff649, 0x100, 0x0, 0x7, 0x5, 0xffff5eb8, 0x62, 0xb, 0x7, 0xf, 0xffff, 0xfffffc01, 0xfffffffd, 0x2, 0x9, 0x3, 0xff, 0x2, 0x8, 0x8, 0xb5b, 0x7, 0x8000, 0x7, 0x3ff, 0x3, 0x2d, 0xffff71a8, 0xffff, 0x1000, 0x7, 0x5, 0x9, 0x8cd7, 0x1, 0x7, 0x7, 0xf, 0x0, 0x3, 0x1, 0x2, 0x800, 0x8001, 0x5, 0x3, 0x6, 0xba2, 0x2, 0x4, 0x1, 0x2, 0x1, 0x1, 0x0, 0x7d4a0d25, 0x1, 0x6, 0x8, 0x3916, 0x4, 0xccab, 0xfffffffb, 0x2, 0xfffffffc, 0x1000, 0x80000000, 0x0, 0xe6, 0x5, 0x8, 0xa5e6, 0x1, 0x8, 0x1, 0x40f, 0x7, 0x7, 0x6, 0x4, 0xabd4, 0xfffffffb, 0x0, 0x6, 0x5, 0x4, 0x5, 0xfffffff9, 0x7, 0x1, 0x4, 0x7, 0x9, 0xfff, 0x0, 0x5, 0xfffffffa, 0xff, 0x4, 0x8, 0x8, 0x2, 0x6, 0x8, 0x23ab, 0x0, 0xe296, 0x3, 0x80000000, 0xe749, 0x2, 0x5, 0x7fff, 0x3ff, 0x2, 0x81, 0x2, 0x2c0f, 0x8, 0x7, 0x0, 0x2, 0x9, 0x9, 0x2, 0x1, 0x1, 0x7096514c, 0x6, 0xdabf, 0x7, 0x5, 0x5, 0x10c4, 0x3ff, 0x0, 0x0, 0x3, 0x4095, 0x2, 0x8, 0x80000001, 0x8, 0x1bd5, 0x3, 0xb, 0x3, 0x0, 0x4, 0x2b0e, 0x7fffffff, 0x7bf9, 0x6]}]]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0xc0, 0xa, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_CT_MARK_MASK={0x8, 0x6, 0x4}, @TCA_CT_MARK={0x8, 0x5, 0x2}]}, {0x87, 0x6, "114ca1ee988806186ddc7a41544eb45e9dd2cae20f8369443ed907ac7726973766d03cf19ef1de3344d8f5b9e937b7c8ef5aa30bfd5ac1715aa2fae430bbdb81287aa0da2bd9bf3872364ed66120ae9d11b6dc45a6be7428ad2d5f898c3e9f9651181a3cb33563524a67f7ea6bb1ad8c9a6be831012ed8302a235c45421a06134361e4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x910}}, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000000), 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, 0x0, 0x0)

7m12.440011227s ago: executing program 3 (id=621):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000180), 0x8)
open$dir(&(0x7f0000000000)='./file0\x00', 0x20000, 0x49)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0xc, &(0x7f0000000680)=ANY=[@ANYRES32=r0, @ANYRES8], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x29c)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = request_key(&(0x7f00000005c0)='.dead\x00', &(0x7f0000000600)={'syz', 0x3}, &(0x7f0000000640)='#:\x00', 0xfffffffffffffffd)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x0}, &(0x7f0000000580)='source', r6)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000700)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1300, 0x1d)
fcntl$setlease(r3, 0x400, 0x0)
fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000740)='\x00\x00\x00\xbaC\x17\x13M=\x9f\xc0E\x9a)<R\x8bm4\xd7J\x8c\x8d\x8f\xf9\x7f\xe7\xf2\xd1\xd5\xdf6H\xe2\xc8\xefH\xb3\xca\xc4\\\"\xb2\xd9\v\xc5\xf0J\xbb~5\xfb\xa0\x0e@\xf5\xb9\xbf\xa0\x18w\xa8\xadk\xaefR%E\xfb\xaf\xb5\x99\xd9^\x17\x06\x14\xdb!\x90?\xbc\xe5\x1e\xd4F&\x88\xc7v\b\"\xf5\xddj\xba\x06\'?]\x1dI\xd4#qZ\xcc\xc1A+\xc1\xf5*\xb2\xe3%\xd0R\x1e\xe1e\xe5\xfaM\x13\xa3\xaa\x7fb7\x03\x81J\xcba\xc5\x15!\xafZ\x06\xb9\x0f\xc1\xca\x0fJ\x9f\xd3\xf3I9-\xee\x9c\x02\xd7\x04\xec\xe4y\xb6\x9e\x82n\xf2\xb7\x00', &(0x7f00000003c0)='//0\xc3p\xa7n\xb5\xad3\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b/\x1f\xcf\'\xe4mD\x94)U\xdb\x15X.I\n\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x88\xd2\xa9\xdf2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82XM\x13\xaa\x87\xf9\xba\xa9m\x14\x14Rl\x9a\\>4\xce\x8e_#\xf8DD\x9bp\x01\xcc:\xa6\xc5n\x9f\xfb\x81 \x10\x0fQ\x90}Zd\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x90\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3V\x9c\x8c\xf8\xf7\xe2\xd5\x8bE\xee5\x00\xaa\xd5\xfc\x1b$\x06\x1a\r\x00\x00\x00\x00\x00\x00\x00\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\x92\xe22\xc9\xb5\xca\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\xec\xac\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xec\x9es\xee\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\x00\x00\x00\x00\x00\x00\x00\x00_\tN\xfd\xa2\xc2SPu\xe7\xc0+SL\xa1', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffff00)

7m11.891625561s ago: executing program 3 (id=624):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x265}, 0x8)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[@ANYBLOB="211d00000000000007e6"], 0xf0)
sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x6, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000006c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000170000000c210680040006001400000032c561147655196206417e8c54d4f95a1217c74032f8889f89ac52bb899a5f6baa090fad4f215f9876aa117462439d5f0c6a88630badfa92cde72441fe67f58fedae5c7c7c24b9f5e17e4b095c1ec157f6c6aeb1ed8d748dc1d420751ca0695598391ca77a2beac7336143c85ffef434d5055afbf4a45bf6ee49d2273f4c9ce7b780ebfe9a74ab88f258f4c9cd1e442320f54289c8e2ae39f02c64c62313c127b35c0f453728ec34e8512b57c1eb776e9a346f6f50fdf934acb5d4f616c14c0835e479c61505181d5432f6b6b36cf8"], 0x20}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="4000000010001fff000000000200000000000000", @ANYRES32=0x0, @ANYBLOB="091800000002020020001280080001006774700014000280050006000300000008000300000000806c4677ce1ba7945e95f7d5ee6b39495716ce84017251f5ee347b2cca092302f8796e1570ec5b728d8927e644e1d87108710c7f1cd5447f51f7eaeb7b8e127273c8c08b53b825369b71e8dede595c3426dbfb9474dbe191d41ee327d183e51ad3fffbece1dc6813b04104a33333f1eee94c194c4a7d2d804dea47efe8299c436ef34e0e8b5ab2f434bccb106954f2b53236f03e60933d62a2"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffff0000000000000800451a00c27d79c633e0b322e2698f06d038232f140068004008329078ac141441e0000002"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
pread64(r7, &(0x7f0000001600)=""/4103, 0x1007, 0x8)
r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
dup(r9)
syz_usb_control_io(r8, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r8, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
setsockopt(r10, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r10, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xd}, &(0x7f00000000c0)=0x8)
syz_usb_control_io$cdc_ecm(r8, 0x0, &(0x7f0000000200)={0x1c, &(0x7f0000000400)=ANY=[@ANYBLOB="200616000000d2"], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r8, 0x0, 0x0)
syz_usb_control_io$uac1(r8, 0x0, 0x0)

7m10.601230563s ago: executing program 32 (id=624):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x265}, 0x8)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[@ANYBLOB="211d00000000000007e6"], 0xf0)
sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x6, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000006c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000170000000c210680040006001400000032c561147655196206417e8c54d4f95a1217c74032f8889f89ac52bb899a5f6baa090fad4f215f9876aa117462439d5f0c6a88630badfa92cde72441fe67f58fedae5c7c7c24b9f5e17e4b095c1ec157f6c6aeb1ed8d748dc1d420751ca0695598391ca77a2beac7336143c85ffef434d5055afbf4a45bf6ee49d2273f4c9ce7b780ebfe9a74ab88f258f4c9cd1e442320f54289c8e2ae39f02c64c62313c127b35c0f453728ec34e8512b57c1eb776e9a346f6f50fdf934acb5d4f616c14c0835e479c61505181d5432f6b6b36cf8"], 0x20}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="4000000010001fff000000000200000000000000", @ANYRES32=0x0, @ANYBLOB="091800000002020020001280080001006774700014000280050006000300000008000300000000806c4677ce1ba7945e95f7d5ee6b39495716ce84017251f5ee347b2cca092302f8796e1570ec5b728d8927e644e1d87108710c7f1cd5447f51f7eaeb7b8e127273c8c08b53b825369b71e8dede595c3426dbfb9474dbe191d41ee327d183e51ad3fffbece1dc6813b04104a33333f1eee94c194c4a7d2d804dea47efe8299c436ef34e0e8b5ab2f434bccb106954f2b53236f03e60933d62a2"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffff0000000000000800451a00c27d79c633e0b322e2698f06d038232f140068004008329078ac141441e0000002"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
pread64(r7, &(0x7f0000001600)=""/4103, 0x1007, 0x8)
r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
dup(r9)
syz_usb_control_io(r8, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r8, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
setsockopt(r10, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r10, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xd}, &(0x7f00000000c0)=0x8)
syz_usb_control_io$cdc_ecm(r8, 0x0, &(0x7f0000000200)={0x1c, &(0x7f0000000400)=ANY=[@ANYBLOB="200616000000d2"], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r8, 0x0, 0x0)
syz_usb_control_io$uac1(r8, 0x0, 0x0)

5m18.747470513s ago: executing program 4 (id=918):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0xff09)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x18)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

5m17.781094929s ago: executing program 4 (id=922):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="8657e7c672427c767366d27bd6e01f65670a4f9521e8ac637b291da6b6661df207eb22c2450bb574acd5605b8d955b24e0d58f423f18ccbeee269edd1532ba38685c00b80b3034bee3d05553f8ce92b99b9f8f24e0742df816cb18b1ec8a77fdecc2c985d857fb4d61b27f2491949c87b8943a969ee4fb9ac74efa2b51a105512c7ce086196970fa6b62ee0c95f2035f40688323a6f659a2d7c24b31d555c3e885d35a9cea17264c31c5507793ea6bfee2b9ebce257433af0867d2f44405395332c5a1207841046752c5b3094e2b4ce0956f792d60d2f5ed5af4f915d608da5ee81073cc777a770990838c1c0b1499a9fa903e5f2a97dfb473bd047a6c28aa989a90311cbda6909788995f10d852cf31de6d19bacea725f2cb827b5491e92a554b68a2b3f328b9b54a1d0ee3b887c0d0a5960f7a5c0a3380d408e75a177a2ade46ef3a479bfc56aaab9066b1fc445d9968e363e4a3abb0e00204c858b4fac4277a95963f8d246300caa7c88a8d", 0x16d)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x7e0}, 0x1, 0x0, 0x0, 0x400c010}, 0x20004000)
recvmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001680)=""/4084, 0xff4}, {&(0x7f0000000cc0)=""/146, 0x92}], 0x2}, 0x12041)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x8, 0x530, 0xc, 0xfffffffffffffffd, 0x59c})
prlimit64(0x0, 0xe, &(0x7f0000000200)={0xfffc, 0x1008b}, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x100010, 0xffffffffffffffff, 0x0)

5m16.13530924s ago: executing program 4 (id=924):
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000400)={0x0, 'veth0_macvtap\x00', {0x5}, 0x7})

5m13.403102159s ago: executing program 4 (id=928):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x9, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xa0, 0x7b, 0xa, 0xff00}, [@map_fd={0x18, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x10, 0x0, 0x0, 0x25000000}, @exit, @call={0x1d, 0xa}, @generic, @exit]}, &(0x7f0000000140)='GPL\x00', 0xa, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000080)=0x2, 0x4)

5m13.170342561s ago: executing program 4 (id=930):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000085e048e0000000000000109022400010000800f0904000004030000000921faff090122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="002207000000a10067000000008e91b698b8fd4932d0ba2c1dcfc158d4760bfe0558ddc08ab0b555ae03b501254e8954e189e234119f11d632c8ee633c5a351055ec5babc8ab2c55dfa2ac87d6882368391d196ec069ee3d1843b550d0d658eccf4aa616d05bb9112972e8ede3b7c27d837531a57db6a4068ab5b173c996ccde1d02eef6a6a3d22b38495873307bd4ce2fa5a5fec7030572695926e57da70d71c2b30490f57ce595f0d8a4fba3816ba54986b1a6767b70c4ceaa897988400ec0e38340fa122855170f77015902ca8aabe5cea362d7d3e99324b60c9e14b9092d1dbe81b084c5e7d0df007e0d54f94b885442e63ed216a9cb4223cdefb619f496a45f82c09909c4843670f950042e127c639a5067920ba235de989fb0c79259a23f442ee612e55504094e7bbfa40eb52e00bf7ea6a6d937e9f80be95a84b879b53e5b850f3cb932937499fecb7a3251bac96cbfeb5f76b3ab7291b8a003a3cea98b4827131382652a2ba195e5b66228ec07bdb81115a2ee8d58d5bf7d6379378bb8f0c30e9978e356f41247133b6d397290e1b91c815267f3f1e6ce630ee4bfa5d969f312526c295871781b1bd1b119983363dacd64c0518e0f669c37bbd40524e4574e4551b80c5b2a9beda5baa2eb5891e9b2bc30421c78098ba5fe994d54ec3759184a7f8edf245d45a98d1f4e00a5a664c95fa7df38859659a8759f70a4a156d4ca55696a38252f74f09f0deef6c703ed614ab88c2a47db223bb255479b1d967568713e67b6c10876d77813b3c3c0b75737a3ef0c07a32429b91cdc8df0c1084d11ea7e7c94a2a8ab9ddc51641aa82ca819216fcc9f071d5964cd59a37055121eb0"], 0x0}, 0x0)

5m9.291687734s ago: executing program 4 (id=940):
mmap(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x300000d, 0x10, 0xffffffffffffffff, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

4m54.275228068s ago: executing program 33 (id=940):
mmap(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x300000d, 0x10, 0xffffffffffffffff, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2m48.598244643s ago: executing program 5 (id=1361):
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000001c0)={0x5fa, 0x40000000, 0x2, {0x8, @pix_mp={0xcf6, 0x1c00, 0x40202843, 0x5, 0x2, [{0x28302c, 0x10000}, {0x1, 0xfffffffc}, {0x2, 0xb}, {0x77ff3, 0x10002}, {0x0, 0xfffffffd}, {0x20004, 0x5}, {0x7, 0x8}, {0xc, 0x200}], 0x7e, 0x5, 0x7, 0x0, 0x5}}, 0x7f})
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000003c0)={0x3, 0x6, 0x3, {0x1, @pix_mp={0x2, 0x9, 0x20363159, 0x2, 0x0, [{0x2776463d, 0x7}, {0x0, 0x7f}, {0xffffffff, 0xffff}, {0x1, 0x42}, {0x7, 0x310cb2b8}, {0x7fffffff, 0x80}, {0x614, 0xfffffffc}, {0x100081, 0x6}], 0xa0, 0x7f, 0x7, 0x0, 0x7}}, 0x4})
sendto$l2tp(r3, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = socket$netlink(0x10, 0x3, 0x4)
writev(r8, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560aff820fffff5bab3a3a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))

2m43.246230257s ago: executing program 5 (id=1376):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000079100000000100"/32], &(0x7f0000000100)='GPL\x00', 0x2}, 0x94)

2m43.031678377s ago: executing program 5 (id=1377):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x20000015)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f00000003c0)={0xa, 0x4e21, 0x2, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000200)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x40082102, &(0x7f0000000040)=r3)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$tmpfs(0x0, 0x0, &(0x7f0000000100), 0x8000, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="510003000000", 0x6)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m41.913879778s ago: executing program 5 (id=1383):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r2, 0xff09)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x18)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

2m40.911862406s ago: executing program 5 (id=1386):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x4)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000040), 0x4)
sendmsg$unix(r0, &(0x7f0000000640)={&(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, 0x0}, 0x24004044)
syz_emit_ethernet(0x6d, &(0x7f0000000680)={@local, @multicast, @void, {@ipv6={0x86dd, @dccp_packet={0x5, 0x6, '\x00 \x00', 0x37, 0x21, 0xff, @rand_addr=' \x01\x00', @dev={0xfe, 0x80, '\x00', 0x19}, {[], {{0x4e21, 0x4e22, 0x4, 0x1, 0x5, 0x0, 0x0, 0x0, 0x3, '\x00', 0xaa, "01d6bd"}, "c050db8de481df3a30c23f80ecc03f09da98d09ab8b373048baa05d65dbc3e904a9b7b754a21c2"}}}}}}, 0x0)

2m40.09973815s ago: executing program 5 (id=1387):
r0 = socket$unix(0x1, 0x1, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x123141) (async)
r2 = fsopen(&(0x7f0000000440)='nfsd\x00', 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd9, 0x72, 0xa4, 0x40, 0x20b7, 0x1540, 0xb75a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) (async)
bind$unix(r0, &(0x7f0000000140)=@file={0x0, './file1\x00'}, 0x2)

2m34.937302691s ago: executing program 6 (id=1399):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x4048001)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@ipv4_newaddr={0x20, 0x14, 0x121, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1d}}]}, 0x20}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r6, &(0x7f00000001c0)='./file0\x00', r6, &(0x7f0000000200)='.\x02\x00', 0x4)
renameat2(r6, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='.\x02\x00', 0x2)

2m34.455138862s ago: executing program 6 (id=1401):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000e00), 0x0, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r1, 0x40085112, &(0x7f0000000040)=@e={0xff, 0xb, 0x3, 0x0, @SEQ_CONTROLLER=0xfe, 0xdf, 0x4, 0x8})
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r0, 0x3ba0, &(0x7f0000000e80)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000})

2m34.027181294s ago: executing program 6 (id=1403):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000008400000000070000000900010073797a300000000084000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080003400000000838001180090001006c61737400000000280002800c00024000000000000000090800014000000ba308000140000010000800014000043f5e980000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000006c0003806800008008000340000000025c0002800c000280080003404c0002800800034000000004080001"], 0x164}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

2m33.92432797s ago: executing program 6 (id=1405):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000100000008792177000000000000010902240001000000000904000502030000000921f00000000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000100)={0x6, [0xff, 0x8, 0x8, 0x7fff, 0x3, 0x800, 0x7, 0xfff7, 0x0, 0x1, 0x4, 0xd, 0x6a, 0xa, 0x7, 0x2, 0x7, 0x8, 0x81, 0x8, 0x4, 0x3, 0x97, 0xcc, 0x4041, 0x2, 0x81, 0x1, 0x7fff, 0xfff8, 0xb, 0x5, 0x6, 0x7685, 0xfff8, 0x100, 0x8000, 0x4008, 0x5, 0x3, 0xfffd, 0x2, 0xe9da, 0xf, 0x8, 0x6, 0x810, 0x2], 0x8})
socket$netlink(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680)) (async)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) (async)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300)=ANY=[@ANYRES8], &(0x7f0000000180), 0x0) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
r6 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10900, 0x1, 0x33a}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) (async)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8}) (async)
io_uring_enter(r6, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\"\n'], 0x0}, 0x0)

2m32.241576603s ago: executing program 6 (id=1410):
syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESHEX], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mremap(&(0x7f0000014000/0x3000)=nil, 0x3000, 0x3000, 0x4, &(0x7f0000ffd000/0x3000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x100000000040, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000040)={'\x00', 0x1, 0x0, 0x2d0, 0x5a00, 0x5, <r6=>0xffffffffffffffff})
syz_open_procfs(r6, &(0x7f00000000c0)='net/packet\x00')
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0xeeee0000, 0x21687})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
openat$kvm(0x0, 0x0, 0x100, 0x0)

2m31.039964625s ago: executing program 6 (id=1412):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pselect6(0x0, 0x0, &(0x7f00000000c0)={0x7, 0x8000, 0xffffffff7fffffff, 0x8, 0xf, 0x2, 0x7, 0x40}, 0x0, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000020027000000000008000a00a8"], 0x6c}}, 0x0)

2m25.001305316s ago: executing program 34 (id=1387):
r0 = socket$unix(0x1, 0x1, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x123141) (async)
r2 = fsopen(&(0x7f0000000440)='nfsd\x00', 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd9, 0x72, 0xa4, 0x40, 0x20b7, 0x1540, 0xb75a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) (async)
bind$unix(r0, &(0x7f0000000140)=@file={0x0, './file1\x00'}, 0x2)

2m15.251399359s ago: executing program 35 (id=1412):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pselect6(0x0, 0x0, &(0x7f00000000c0)={0x7, 0x8000, 0xffffffff7fffffff, 0x8, 0xf, 0x2, 0x7, 0x40}, 0x0, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000020027000000000008000a00a8"], 0x6c}}, 0x0)

18.171785581s ago: executing program 1 (id=1847):
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
lseek(r0, 0x9, 0x1) (async)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)=@ipv6_newrule={0x1c, 0x20, 0x20, 0x2, 0x0, {0xa, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10018}}, 0x1c}}, 0x0) (async)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x1d, &(0x7f0000000000)=0xaf, 0x4) (async)
getsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, 0x0, &(0x7f0000000180))
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000200)={0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="db4ca8b5331771e67800000000000000000000256801235b5fbcf6490abdb581a6967bfd7734829137d294ee91694d7295562e8c1319ac29072726ec68cb8a0321e418081dbae7f8b5819c575faed046fca6e4a602489ac67644d2da8b5f8ae930ea983e69f9236eb737ca27032de4685182"], 0x0, 0x0, 0x0}, 0x0)

17.964403183s ago: executing program 1 (id=1848):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000e40)=@getqdisc={0x28, 0x26, 0x100, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x4, 0xc}, {0x9, 0x7}, {0x3, 0xfff1}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x50}, 0x20004000)
socket(0x2b, 0x2, 0x0)
r4 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1)
ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000000))
fsopen(0x0, 0x0)
write$sndseq(r5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/105, 0x69)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000300)=@abs, 0x6e)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010017"], 0x1c}}, 0x0)
r9 = syz_open_dev$loop(&(0x7f0000000100), 0x760, 0x103382)
ioctl$LOOP_SET_STATUS(r9, 0x1277, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x7f, 0x2, 0xc, 0x11, "4b8b3ea40100dfed0b2f3409000000dd5a96a9040009918ae7fd1f0ececfe0f4fcdf997dd5210000000002000000000000000000000000000000000000000b00", "090000f0ff00000001006be3f0ad717e1085deb88d8d00006cec00", [0x5, 0x6]})
fallocate(r4, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)

16.501331312s ago: executing program 2 (id=1849):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000700), 0x400000, 0x0)
ioctl$int_out(r0, 0x0, &(0x7f0000000740))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000005140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000008000000000010000000c0002000000000000000000400007800c00018008000100", @ANYRES32=r1, @ANYRES32=r2], 0x60}, 0x1, 0x0, 0x0, 0x4081}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x4, 0x3000000, {0x0, 0x4, 0x3}}]}}, 0xffffffffffffffff, 0x32, 0x0, 0x4, 0x7}, 0x28)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x77359400}, 0x1, 0x10, 0x1})
io_uring_enter(r6, 0x100847c0, 0x0, 0x1, 0x0, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r10 = accept(r9, 0x0, 0x0)
sendmmsg$alg(r10, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x1d}], 0x1, 0x0)
recvmsg(r10, &(0x7f000000b680)={0x0, 0x0, &(0x7f000000b600)=[{&(0x7f000000b500)=""/153, 0x99}], 0x1}, 0x0)
r11 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r12 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r12, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x200}})
ioctl$SNDCTL_SEQ_OUTOFBAND(r11, 0x40085112, &(0x7f0000000040)=@t={0x85, 0x2, 0x5, 0xc})

15.344512605s ago: executing program 2 (id=1851):
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x48080, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c500000005000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000000314010029bd700000000000bcfe020073797a3100000000080041007369770072ff33007465616d5f736c6176655f3100000000000041000178650000003300690000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40048d4}, 0x22048895)
sendmmsg(r0, &(0x7f0000008b40)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000180)}, {&(0x7f0000001540)="f24306e44253b52061c859fa51baed85e3502b7896f9f5c3e60cf38904c9e705be2796baacb8845b6113354c9a9837116e0f2bb573bd2f0efce37cf57725769e9805b2a4a1ac81f6e01497f696815ac4aa9b48851936b62f28cc14166439ad3d587573340d05aaf1b942518da0993b592d2374c1bc10470332f195260b5adbe29d09abeff0ee85b343e3f4d45a3f61666836eca3546b0b14730ab020f990eb24955f7c500f54fe482e0a766b9a2508db082ab09366d41fa8a8b8f31f701f20a5065fbcbbcb58209306b008d215718bca44bfc7e192b4857af4240b18669c05bfac49d8efb129704b7d3a31f18ad5992ffa8ca0290072b3afcfb853bb2eda2f7b12aad7f64442cb725be651cd9de6b014e9dc9e618334822537fd425627bb1a37d4a554bc74bf5c4b388e61d7ab676e93187fb0531817df8cabe88470ed04fc90d94bd865effd3fa243ae9eaa004429f192748a3f1286cf79878da5d2c9993819c7b9e888904e5dfde3b27d7f61a2d135163d365d44e17625fc6bee3dc1b4b7ed90b0ca38e996a13ca30b067e9ec1077322051aab265c7e0fe30933e11b95d39f48640d364ba3006d6c73320e26ce2bcce838a5a894fecae7711adb70549905230974f1272cfd84137b0f55dc11f916acac67b471214a110af780d0d1ff21b5091a7d1531dab2da224944601a76b8f29eb616c21e4cdb1b09a5b9f2d162ddef4669f5297075c4e484737badfa6c90d9227aa3e871f4fac450bcfa97eac2e9ef9f603b826c34bad44521971d71a9111b92de1eca75ffd35d78c9f8d8df56f9ffd8e5570c80e793db445a11b47ee4ab137dff92aec7cee72c60d6ec94616073b41c349858cc92c8a73042e087f78cb71f1b6af3327e818611440ad73c814949a8905cadf7e215c93dd83932b888d5f9c526fdbc663ef518a59d1f1f017ea41460a078d4a9bb58a8525e237bffc96276597e3a90ea276d02d3283980899648d30b83415b6db2ad3eef8429c2a87c098ff333467d35ad377401b70411356137eddbb4b65757a45fa7fe54edeb552a1060881d400721699de6c64d2dfa655aaa61dd87fe3366d1724b2349141b248cf66ab9f8711a889044946c8c3c669b1d1a8d35df81365eb3ca158dcb01c4cdac5b4db3345f271c1520b934c8692cb0840daed0c8dcb60e7c9e6f1edbb2fae962b5f029f96486800cf29b43abfdaecce25814272528d789f3099a5a874728ba314711879ef8d3fadc0114eedf2d8436aeb3a7eff3c0bfafa63dded24ad36baee7e8b7dcc00f0d010ff9f555e8c1bda2a58cd18a9e72d521553b35bbe84cbec902c2ce05f2140314bc422721daebc94dc9639a90213723197b75cbffb6dbb600eb39190922c077b8b2932463ecef17ff6930c17d83e310b51e44d8b0a4c20b90d4", 0x3ec}], 0x2}}], 0x1, 0x0)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000ff020000bfa300000000000007030000f4ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000e1000000b5000000000c00009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48)

14.676708201s ago: executing program 1 (id=1853):
r0 = syz_usb_connect$hid(0x3, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1b96, 0x13, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0xfc, 0x42}}, [{{0x9, 0x5, 0x2, 0x3, 0x0, 0x28, 0x40, 0xbf}}]}}}]}}]}}, 0x0) (async)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3290c200ff496614", 0x12) (async)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000000000017010fff03000000010000000000000000000000000000001701000002000000000000007005baa38d33e2e1650de8f13f421b2d4b60252e76171216e42961c3b08d4d3dacb0a7089ff7cbfd613d46fa95d6e2f6e76ac3266c9b1a531c4bcf0e7071f117cca4e883b4a6eb5dee7a9ab4d05d7ee311ab1c55b817285e0c3714ee6137e3b8553de667701a7c93437583b5f0b285a188098c1ac4ebac40b315ff8db6f736992497879a42b95248fed4d4888970573d0e88ceead26d97e172588a3ad30fbd01b7bbeeaa668e835f7ae3113fe2d949bb47bc0b2c62541714cc0538601ae4bab19d69a5addee134dd447034da6dd89704603d31a3d25b9d5f46cfd43d9e29aac7422920d98e1463256bd4cc929373ad9000000000faf6a95a04ad3b9db9b230f8224a3d6db187a94e5dadfe181d20d3a4bd08e8b0e6eeb79fdee230dd852a36dfc9046d03b8f316b2d460ca5d08c515d914db8ce430ea0237911c440ee750fe787aaffa83b809651c529e4cf68c8219a827ea003c59e3e51b00cd7f9464f37be2eb3e1475819ad37edcc238b85ab205a2b394916815d9cf7bf3f8e3d19a4697756299e21f2afd3ae31e0f09b8153965635216de47156f4e5fc97cb04f9c5e13256be1d9e0a94f9c6387940de1bcd7b532d16ebba216601cf23be6a7c259550bd059a5a7aee85eb558de8201c1d9c7b29e27313f61cf0b07dd790071bdbceabdd32ce2bcc279b1575a1431b03e5dc37307d15a2782175c87dad1a3aadf48b382bea4ae0b423edee0e12ada4c1dacc40bf387630792ab5c7ed6e2ef7e8a77268b0ff8978ccddfa8da4521d24b3fddc70d181c20caa9a584df9b2e"], 0x18}], 0x4924924924924fd, 0x0) (async)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x7, {0x7, 0x0, "392cdaab4a"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

13.948325119s ago: executing program 2 (id=1855):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x4, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x3, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0xc4}]}, &(0x7f0000000180)='GPL\x00', 0xf, 0x0, 0x0, 0x40f00, 0x88}, 0x94)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r5, @ANYBLOB="08002700851600000a00180000000000000000001c005a80"], 0x4c}}, 0x4000804)
ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000000)={0x28, 0x5, r2, r1, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
syz_usb_connect(0x0, 0x5d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000000000904000000020a0000052413", @ANYRES16], 0x0)

11.247697797s ago: executing program 8 (id=1863):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xea5bc50b6199d77e)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x5, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r2 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000680)=@base={0xa, 0x16, 0xb4, 0x3, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r5, 0x7a4, &(0x7f0000000240)={{@my=0x1, 0x3}, 0xa4e, 0x200, 0xff, 0x5})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x79, 0x0, 0x0, 0xe7}, @initr0, @exit, @alu={0x5, 0x0, 0xd, 0xa}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238}, 0x21)

10.937486597s ago: executing program 8 (id=1865):
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x48080, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c500000005000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000000314010029bd700000000000bcfe020073797a3100000000080041007369770072ff33007465616d5f736c6176655f3100000000000041000178650000003300690000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40048d4}, 0x22048895)
sendmmsg(r0, &(0x7f0000008b40)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000180)}, {&(0x7f0000001540)="f24306e44253b52061c859fa51baed85e3502b7896f9f5c3e60cf38904c9e705be2796baacb8845b6113354c9a9837116e0f2bb573bd2f0efce37cf57725769e9805b2a4a1ac81f6e01497f696815ac4aa9b48851936b62f28cc14166439ad3d587573340d05aaf1b942518da0993b592d2374c1bc10470332f195260b5adbe29d09abeff0ee85b343e3f4d45a3f61666836eca3546b0b14730ab020f990eb24955f7c500f54fe482e0a766b9a2508db082ab09366d41fa8a8b8f31f701f20a5065fbcbbcb58209306b008d215718bca44bfc7e192b4857af4240b18669c05bfac49d8efb129704b7d3a31f18ad5992ffa8ca0290072b3afcfb853bb2eda2f7b12aad7f64442cb725be651cd9de6b014e9dc9e618334822537fd425627bb1a37d4a554bc74bf5c4b388e61d7ab676e93187fb0531817df8cabe88470ed04fc90d94bd865effd3fa243ae9eaa004429f192748a3f1286cf79878da5d2c9993819c7b9e888904e5dfde3b27d7f61a2d135163d365d44e17625fc6bee3dc1b4b7ed90b0ca38e996a13ca30b067e9ec1077322051aab265c7e0fe30933e11b95d39f48640d364ba3006d6c73320e26ce2bcce838a5a894fecae7711adb70549905230974f1272cfd84137b0f55dc11f916acac67b471214a110af780d0d1ff21b5091a7d1531dab2da224944601a76b8f29eb616c21e4cdb1b09a5b9f2d162ddef4669f5297075c4e484737badfa6c90d9227aa3e871f4fac450bcfa97eac2e9ef9f603b826c34bad44521971d71a9111b92de1eca75ffd35d78c9f8d8df56f9ffd8e5570c80e793db445a11b47ee4ab137dff92aec7cee72c60d6ec94616073b41c349858cc92c8a73042e087f78cb71f1b6af3327e818611440ad73c814949a8905cadf7e215c93dd83932b888d5f9c526fdbc663ef518a59d1f1f017ea41460a078d4a9bb58a8525e237bffc96276597e3a90ea276d02d3283980899648d30b83415b6db2ad3eef8429c2a87c098ff333467d35ad377401b70411356137eddbb4b65757a45fa7fe54edeb552a1060881d400721699de6c64d2dfa655aaa61dd87fe3366d1724b2349141b248cf66ab9f8711a889044946c8c3c669b1d1a8d35df81365eb3ca158dcb01c4cdac5b4db3345f271c1520b934c8692cb0840daed0c8dcb60e7c9e6f1edbb2fae962b5f029f96486800cf29b43abfdaecce25814272528d789f3099a5a874728ba314711879ef8d3fadc0114eedf2d8436aeb3a7eff3c0bfafa63dded24ad36baee7e8b7dcc00f0d010ff9f555e8c1bda2a58cd18a9e72d521553b35bbe84cbec902c2ce05f2140314bc422721daebc94dc9639a90213723197b75cbffb6dbb600eb39190922c077b8b2932463ecef17ff6930c17d83e310b51e44d8b0a4c20b90d4", 0x3ec}], 0x2}}], 0x1, 0x0)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000ff020000bfa300000000000007030000f4ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000e1000000b5000000001800009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48)

10.807740056s ago: executing program 1 (id=1867):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x6, 0xaa, &(0x7f0000000140)=""/170, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x10, 0x4000}, 0x94)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, 0x0, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='btrfs_sync_fs\x00', r0, 0x0, 0x8000000000000000}, 0x18)
prlimit64(0x0, 0xd, &(0x7f0000000240)={0x8, 0x3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
syz_emit_ethernet(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/access\x00', 0x2, 0x0)
writev(r5, &(0x7f0000000440)=[{&(0x7f00000001c0)="5febd0a274ef68c04bcf8714eaffa77ac14ffc0444ada297c0dc4c25ad1d324d8a3af7fffffff2179674faf663285879ce4c181a2bcd", 0x36}], 0x1)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
utime(&(0x7f0000000000)='./file0\x00', 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='freezer.parent_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r7, 0x0)
ftruncate(r7, 0x8001)
socket$isdn_base(0x22, 0x3, 0x0)
gettid()

10.571033911s ago: executing program 2 (id=1869):
r0 = accept$unix(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x6e)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f00000000c0)={0x8, 'bridge0\x00', {'veth1_to_team\x00'}, 0x53c})
r1 = io_uring_setup(0x2ed8, &(0x7f0000000280)={0x0, 0x6842, 0x800, 0x3, 0x12})
r2 = syz_usb_connect(0x5, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000ffd26f10cb060600eb9a0102030109022400010000000009040001020a16d100090507000000000000090589", @ANYRES16], 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, &(0x7f0000000240)={0x14, &(0x7f0000000100)={0x0, 0x24, 0xba, {0xba, 0x23, "cddfc2b25ff23967c77a312f67840109fed9e4e913aafc1fc70a8e195407e52a0b9200582d8c1334955716a859159cda87b6e9fa8568ef5bd26ff979458d7dcf4abbfc458591cdcaee2e21e9932cd0426317ecbf9c3bd6ad08d98503c0e7deedee6a25e3063542b3d8398825f16cee6e2d5a7337f7726a8ec7ae98cd05b0112409759a5ae66fd1f9545915f5b2cb1fec39bba14a02299b1d8e8f96efc7088ac9292000bbe1796de9106f274b0e96b729e082cb7ba11144eb"}}, &(0x7f00000001c0)={0x0, 0x3, 0x48, @string={0x48, 0x3, "49eda22d5b1423dd48a07dcb85e01f07a356f56678d8079341d43da90aa22d5f02d9ed8514905580787cc36c15a4e7362784d79d42a437fcea7b8488db242266f35477a90043"}}}, &(0x7f0000000580)={0x34, &(0x7f0000000300)={0x40, 0x7, 0x43, "2d28809ea839e59cc1a35792331a636e52c162ba273db13b1e7dea8c151cb274bd196e5ea7265dc2f0291cf790a1516ed04a6ca1df96afe30ba43b8741c2a4b8a69463"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0xc}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000400)={0x20, 0x0, 0xf2, {0xf0, "15064a43d8474207679bb3f4454bd405773c0e652f7b0577d80980dc44ee89a23ea2668815f17fbf2e004a5e2aac28bc866c9a5a3b05cf8dec6683a183f215cfce4cca8e852d520ae914659f664f9df7dc5945921e2c5ee3ed727918a67791e0ab29fdc8d9db8801508bed39071697012481c68c8c2d5ce9cab8b602f1d201d5045e8620eb51aef1db1332cb3e6d8bd8d1becef7ab8ab60ab4bc1f368aac55caf2f2d836d59edd15fb29c847be9e20a8e1a92db643830916eb2e953ddf982cfafdc09e9dd35c707d618c9539b212240e7aad53f94600f2949598008b7beb074d17a70049c429ff60d48ef684e78ac46c"}}, &(0x7f0000000500)={0x20, 0x1, 0x1, 0x3}, &(0x7f0000000540)={0x20, 0x0, 0x1, 0x5}})
syz_usb_control_io$printer(r2, &(0x7f0000000640)={0x14, &(0x7f00000005c0)={0x0, 0x10, 0x76, {0x76, 0x30, "80deffd84c2c32034f43fb8792add1eea55b64fad88327a691c25a84eaf905bb7d19a9e5a86e42173965496a27b9211937c5059bdfd56c092377965fb256cbd0f3528dd17580fd129bf86a57b483d55961e84600eac9d81e948c9088735506019c12437cb0f1e79452bfe1e643519b96d8a33bac"}}, &(0x7f00000007c0)={0x0, 0x3, 0xc6, @string={0xc6, 0x3, "a4ae7ae79eb9e49efcf55f6d47b94b2cb8071bb102194a7448160c77d06c0336c3be36f5e6a345176a7419b344862a49aa81c963281e8f858ba45871348e3e95dc47deff9ddd636582bec6a27a8ef22a17665ba4dacbbc1dd828be903e4a022284d29f4d22c6c7e36e2ee7cd78678a629fbc7a14d8ab01ef67579a1707effdfbb2e77b7256b6cd070de2a4a2133788703e8887cd62717821f49b1846abd45960123324a38a3e7240142bae677a62be5675cefec0713ac85f35bf3d49cc4b0128dbf79bb6"}}}, &(0x7f0000000b00)={0x34, &(0x7f0000000680)={0x0, 0x1, 0x9, "c4389e62d6ecbc0c78"}, &(0x7f00000006c0)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000740)={0x0, 0x8, 0x1, 0x5}, &(0x7f00000008c0)={0x20, 0x0, 0xa8, {0xa6, "a97d1047a1565060c7be6c39365e82ee8dc5b0742fb81e375b96517c4197a2bb7fd10185d1b21e83054c92564aa0fedd4ae465fe9f7593631ac0a7ed23f96acb109e47374671907f1f800c1bd8c54cb6d6d8deb32ee1d491765ea62d7592145f802df5cfdbb10f2ea4f04a9f74385dead5a11d665897eaf2a7847d8882312339f723afb5494b8f0fa10d4e90ae219440a623c691ff06413fcf00849414c88d9acf0e57f9d4e3"}}, &(0x7f0000000980)={0x20, 0x1, 0x1}, &(0x7f00000009c0)={0x20, 0x0, 0x1, 0x5}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r3)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x14, r4, 0x607}, 0x14}}, 0x0)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000bc0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000c00)={'wpan3\x00', <r6=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000c40)={'wpan4\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'wpan3\x00', <r8=>0x0})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r9)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x4c, r10, 0x1, 0x70bd25, 0x25df5bfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_SEC_DEVKEY={0x30, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_ID={0x20, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}]}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40c4}, 0x40800)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(r3, &(0x7f0000000dc0)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x60, r5, 0x220, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa3}]}, 0x60}, 0x1, 0x0, 0x0, 0x44015}, 0x1)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002b00)=ANY=[@ANYBLOB="b702000007000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a55b000000c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2d90addedc28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000801989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802c8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a8f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee246d9cf19878dd62c53062d6000c40bde6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b01b823c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b988494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74585cf5e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f222c714870582a8832c2a326c5d1e406c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada47288e41e7e6ee82d66b99ae4b0889fe949e7342ca97c1a64dcc7f6a0c0da07de8c808b4caec54820f856889fc5f1af3d675206e3257f974d6e45ff1e905c2f0fc0173ac6714acaaca2397bee23630ecaa2c1c6ddc3085689a033d6d41a1a7ac59baec299158faa52308856805f2130863f4668e27b8bbef4f4cd43a2fd294b5b0bf2b0e4afbe570c54aa214579ca0caf54231d00a94eda2be6f037e2befdd03bf152f696ca1d1ea86eb7ee1f021062ad71246dae1580c4f959a320912032ed468a8ed9f27a2258ddf465de77a51b4713bc6b789a0e8b203f0f592ddb27aa90989a9e0cb624bc34e7d6ebf156ea251e3a2f83ada9f0b70035e8ed200a52b00"/3910], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r12, 0xe0, &(0x7f0000000a00)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r14 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r13}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r14, 0x2f000000, 0xe, 0x0, &(0x7f0000000780)="5ceced9e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
io_uring_register$IORING_REGISTER_IOWQ_AFF(r1, 0x11, &(0x7f0000000d40)="01", 0x1)

9.685606319s ago: executing program 8 (id=1870):
r0 = syz_usb_connect(0x5, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022d00010700800b0904bb06033ae5040009050402b3030fd3040905070020000500ce0905030210"], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0}) (async)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000080)={0x6, 0x3, 0x2, "39aab5ea464d3850b32d6fd0f298d5a9ab616a35a81c55e3ccd259b04f3da15f", 0x38414262})
syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x84, &(0x7f0000000a00)={0x40, 0xd, 0x2, "def0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

9.255201866s ago: executing program 0 (id=1871):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0xa, &(0x7f0000002380)=ANY=[@ANYRES32=r2, @ANYRES32, @ANYBLOB="e23c535f000000106608000000000101181a0000", @ANYRESHEX=r1, @ANYBLOB="00008212dd818a63e86504000000000095000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xbf, &(0x7f0000000340)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$inet(0x2b, 0x801, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYRES16=r0], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000022c0)='rpcgss_svc_authenticate\x00', r3, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000002280)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x1, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000001c0)={0x9, 0x2, 0x1})
ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x8, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 'BRTI'}, 0x0, 0x1, {}, 0xc93})
ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058560f, &(0x7f0000000a40)=@multiplanar_mmap={0x0, 0x2, 0x4, 0xffffff7f, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "68ab0498"}, 0x0, 0x1, {0x0}})
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
write$FUSE_INTERRUPT(r6, &(0x7f0000002240)={0x10}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r7, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x3, 0x1d, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a2666343392fda11504800f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a90139264a9ee8081973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

7.841471497s ago: executing program 7 (id=1874):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000700), 0x400000, 0x0)
ioctl$int_out(r0, 0x0, &(0x7f0000000740))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000005140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000008000000000010000000c0002000000000000000000400007800c00018008000100", @ANYRES32=r1, @ANYRES32=r2], 0x60}, 0x1, 0x0, 0x0, 0x4081}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x77359400}, 0x1, 0x10, 0x1})
io_uring_enter(r6, 0x100847c0, 0x0, 0x1, 0x0, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r10 = accept(r9, 0x0, 0x0)
sendmmsg$alg(r10, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x1d}], 0x1, 0x0)
recvmsg(r10, &(0x7f000000b680)={0x0, 0x0, &(0x7f000000b600)=[{&(0x7f000000b500)=""/153, 0x99}], 0x1}, 0x0)
r11 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r12 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r12, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x200}})
ioctl$SNDCTL_SEQ_OUTOFBAND(r11, 0x40085112, &(0x7f0000000040)=@t={0x85, 0x2, 0x5, 0xc})

7.296873753s ago: executing program 0 (id=1875):
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
epoll_pwait(r0, 0x0, 0x0, 0x2, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES64=r2], 0x48)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_uring_setup(0x3a84, &(0x7f0000001d80)={0x0, 0xfc33, 0x2, 0x1, 0x3d7})
prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x4)
socket(0x11, 0xa, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x4)
write(r6, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_DEL(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x34, r8, 0x1, 0x2, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x20008085)

7.296481182s ago: executing program 8 (id=1876):
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa6}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
listen(0xffffffffffffffff, 0x5)
syz_open_dev$sndpcmp(&(0x7f0000000500), 0xb, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000840)='map_files\x00')
r3 = accept4(r2, &(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000280)=0x80, 0x0)
getdents(r2, 0x0, 0x51)
openat$sysfs(0xffffff9c, 0x0, 0x250040, 0xe4)
ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f00000000c0)={0x8, 0x20, [0x0, 0xff, 0x5, 0xfffffffffffffff8], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r6, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x30, 0x0, 0x503, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x3}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c040}, 0x4044014)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xf6272000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
timer_gettime(0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="a800000000010104000000000000000002000001240001801400018008000100e000000108000200e00000010c00028005000100000000000800084000009503040010800800154000000000200004"], 0xa8}, 0x1, 0x0, 0x0, 0x400d0}, 0x0)

6.087761867s ago: executing program 0 (id=1877):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_int(r1, 0x1, 0x3, 0x0, &(0x7f0000000280)=0x51)
sendto$inet6(r0, &(0x7f00000001c0)='N', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e24, 0x0, @private2}, 0x1c)
shutdown(r0, 0x0)
r2 = open(&(0x7f0000000080)='./file0\x00', 0x48141, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x2710, @host}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@fallback=r5, 0x0, 0x1, 0xb, &(0x7f0000000040)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)
r6 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00"/151], 0x13c}, 0x1, 0x0, 0x0, 0x1}, 0x20040880)
sendmmsg$inet6(r3, &(0x7f0000000100)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @dev={0xfe, 0x80, '\x00', 0x15}, 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000240)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)
fcntl$setlease(r2, 0x400, 0x1)
openat(r5, &(0x7f00000001c0)='./file0\x00', 0x0, 0xe2)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000040)="4dc07f947163300c", 0x8)

6.056681812s ago: executing program 7 (id=1878):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x14, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0xffffffb8, &(0x7f00000000c0)={&(0x7f0000000240)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_IIF={0x8, 0x1f}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f00000004c0)={0x184, 0x19, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x4d, 0x10, 0x0, 0x1, [@generic="25b57e35619bf282cfcd8fba0cb7f2934efacde0a223b473fe77f3e5ba760d3793b2f943b7528ea34883bc4a506cf756740574b89d396af9b59638700500000005006f88d6e1db9b2b"]}, @nested={0x11d, 0x6, 0x0, 0x1, [@typed={0xf1, 0x12b, 0x0, 0x0, @binary="8eab44a5159d834f7a577417b5091d0aac85ef225fb8e3c8fdd2f87bc9333944af4d958747a97f5dfa8f3a0df989a8f4cfcc8a0b0c74808d8ddfb58a24ace32cd6545f956216b8471f880e80f1f26bdcc7e4a4205744b9ceb87f7e8ba79cf7a294a9009fb421d24d53c0707e155e078a7839c40f0105a02b9c169f981fa3c96661f8579e1edb7b3b4222e84bfc269b9600d7e7e52d0874b155d588b935b48ae618a36ca423735f466467d01823ab53aff4cffb81a84735653bf5e2656f1c5db992060d7766b7aac5fffd3d2aea3579c8074e0f8681f4f8192dcda190a364823142539c7ad525134d072c0655df"}, @generic="26c1e5e4409b7b2f21eaecd84205d99f8ad8c8696cd5d3eed9ad9a6c845fff292724b9ce7c"]}]}, 0x184}}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'erspan0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000200)="0b032212e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="f8b1cc5a2d0b"}, 0x14)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000000)={@my=0x0})
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000140)={@local, 0x1})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r7, 0x7ab, &(0x7f0000000040)={&(0x7f0000000280)={{@my=0x0}, {@local}, 0x400, "787c2ce2fba15d4e9f8e96bc11e2ca247a20c3e26661b174fe1825253be9e8480cb4f3524914f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336f04000000000000008e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102f58daa5211319db84aa9abac734be47c908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba09000000000000001c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed081729b5ea722a98b34d0dac6de995de4ee263c81b2567b3f87e0897857edd5d7e97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a72345772b3ce9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2246cb5c953048c43266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b8defe26674d65f908f9c3a8c201f661fc26efe0eff248d3a473fe32a5b3643bfad8f186c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745057dd2e7725f2c8450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30ce9aa0dd6e5158a672be8f3da8349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27afd20b02ce0e504c15b0237437200"}, 0x418, 0x7fffffff})
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r8 = dup(r5)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000000)=ANY=[@ANYBLOB="3801"], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="7472616e733d66642c0ebbc925db2c98237266646e6f3d", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',\x00'])
utime(&(0x7f0000000140)='./file0\x00', 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)

5.227133841s ago: executing program 2 (id=1879):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x20000400)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000380))
fcntl$getown(r1, 0x9)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000007bc0)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040))

4.719880369s ago: executing program 1 (id=1880):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x0, 0xffd, 0x1d})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000800000000000001c800000073110900000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.719518322s ago: executing program 7 (id=1881):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x44}}, 0x40000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, 0x0, 0x0)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028190000bca30000000000003403000040feffff720af1ff0000000071a4f1ff000000001f030000000000002e0a0200000000002604fdffffff000e61144400000000001d430000000000007a0a00fe0000001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)

4.659564539s ago: executing program 0 (id=1882):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000180), 0x0)
ioctl$SIOCGIFMTU(0xffffffffffffffff, 0x8921, 0x0)
r2 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x1c, r4, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x20000000)
r6 = dup(r1)
write$FUSE_BMAP(r6, &(0x7f0000000280)={0x18, 0xfffffffffffffffe, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r6, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r6, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x53b, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno9', @ANYRESHEX=r6, @ANYBLOB=',cache=fscache,\x00'])
r7 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r7, 0x75e7f000)
write$FUSE_INIT(r7, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x200, 0x0, 0x2, 0x11}, 0x20)

4.206536131s ago: executing program 1 (id=1883):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4008, 0x7, &(0x7f0000006680))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xd0100, 0xf4)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r1, 0xf501, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYBLOB="44b7d6b34998ed1036692c8cfd61c5eb9bb91126438e67e20b00c60513ba35376daf1b442089c3f4981977f70913cbefc58d162184f4f3b9f443320e578f08a229f3afff8637436ae0d94374eab6087e3c2df21eb6a2262bab5de29fed782d45abafc1877a6e4e911633505456788084df23ce351f5f9b9315ef93b0ec2e04f2901fef7606bcd3e327afc7158cbbed32231af09982740c4ec1ba6bd20f0da3d0a83cf557191145a8e791db8c979497bf01041efc89562942af9e39c52c4a160eec555335ebed0495e275d8db5af1f3783b7d308ddb21514e0f86ffcad8b3c987cbee8911a80fe8731f99756708c0782ff0"], 0x20}, 0x1, 0x0, 0x0, 0x200008d0}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r2, 0x2285, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r3, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x3c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r7, &(0x7f0000003680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000040}, 0x4)
openat$mixer(0xffffffffffffff9c, &(0x7f0000003080), 0x80241, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x74)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40))

3.899734555s ago: executing program 0 (id=1884):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x50)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r3, 0xffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000007c0)=ANY=[], 0x54}}, 0x0)
recvmsg(r4, &(0x7f0000000600)={&(0x7f0000000200)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x80, 0x0, 0x0, &(0x7f0000000300)=""/8, 0x8}, 0x40)
ioctl$UDMABUF_CREATE(r2, 0x40187542, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x241}})
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x880e, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x40000, 0x6)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00', 0x0, 0x0)
close(0x3)
open_by_handle_at(r5, &(0x7f0000000000)=@ceph_nfs_confh={0x10, 0x2, {0xa, 0x9}}, 0x0) (fail_nth: 5)

3.894458582s ago: executing program 7 (id=1885):
r0 = epoll_create1(0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r2, 0x407, 0xffffffffffffffff)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xb0000000})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0xff)
close(r3)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
epoll_pwait2(r0, &(0x7f0000000300)=[{}], 0x1, 0x0, 0x0, 0x0)

3.036087946s ago: executing program 2 (id=1886):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @local=@item_4={0x3, 0x2, 0x0, "53743ff6"}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @global=@item_4={0x3, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0xa0000)
r2 = syz_usb_connect$uac1(0x5, 0xac, &(0x7f0000000200)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9a, 0x3, 0x1, 0xc, 0x80, 0x4, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x401, 0x8}, [@processing_unit={0xb, 0x24, 0x7, 0x6, 0x5, 0x9, "7cf03916"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0x5c, 0x2, 0x3, 0xfc, "a3607baa4f"}, @as_header={0x7, 0x24, 0x1, 0xfe, 0x2}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8618, 0x1, 0xf6, "82"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x1, 0x81, 0x2, {0x7, 0x25, 0x1, 0x0, 0xd, 0x3}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x1, 0x6, 0xb, "14dce2f658d0a2dad8"}]}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x3, 0xff, 0x1, {0x7, 0x25, 0x1, 0x0, 0xff, 0x1}}}}}}}]}}, &(0x7f0000000540)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x200, 0x9, 0x4, 0xe6, 0xff, 0x5}, 0xc, &(0x7f0000000180)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x10, 0x1, 0x5, 0x9}]}, 0x6, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x413}}, {0x55, &(0x7f0000000300)=@string={0x55, 0x3, "9105ec635522ba51e732558acb5aa5c85c68731e4ba0d7d9618c740294671db697ecb52d381e1a2c23437496f67f6a713143305c59940b92b74c1aec1768790f3c704b86c93921c84e0ecf80c4afd7ba6efff6"}}, {0x56, &(0x7f0000000380)=@string={0x56, 0x3, "c45d69152314d10038505f4246aeb5bf5edccac2c9f948cd0f58d44fc333338ad78357ddd57f30657ee5708ed9f039bbb489b9b41b82c8144c89ca866f1c080674579e238690999df264682adc4ece82d1e721fd"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x39}}, {0xa3, &(0x7f0000000440)=@string={0xa3, 0x3, "6995132cb45705687749c0469f679eac83ff7ed69a3ca5e12863c5fbd27faf23be05d23e2920f5ed5277cd65575570564b254af06321d9856fdeada7dfef689beb22a82948c0dce216305d90cec4f45b080424a90b84cc9b8db3508243d8eff3658e72d2bbb297fdfdb0a6c03fb04dc8c35fe207e5be17e06b09984097a5407e4c1589908a6643cc492579590d282f906bd917b3891ec0933bce31c06d8655ee8a"}}, {0xa, &(0x7f0000000500)=@string={0xa, 0x3, "6b7b459abb87e202"}}]})
syz_usb_control_io$uac1(r2, &(0x7f0000000640)={0x14, &(0x7f00000005c0)={0x40, 0xe, 0x14, {0x14, 0x9, "73d28d0e1010a0d9345c8fade57d987ae4d2"}}, &(0x7f0000000600)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2809}}}, &(0x7f0000000880)={0x44, &(0x7f0000000680)={0x20, 0x8, 0xc, "0a48994101af2ebb611daced"}, &(0x7f00000006c0)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000700)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000740)={0x20, 0x81, 0x2, "21f0"}, &(0x7f0000000780)={0x20, 0x82, 0x3, "5935e2"}, &(0x7f00000007c0)={0x20, 0x83, 0x1, "d2"}, &(0x7f0000000800)={0x20, 0x84, 0x1, "b3"}, &(0x7f0000000840)={0x20, 0x85, 0x3, "888e68"}})
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000100)=""/101)

2.951958692s ago: executing program 0 (id=1887):
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pselect6(0x40, &(0x7f0000000080)={0xe, 0x3, 0x1, 0x1, 0xc, 0x5, 0x72a5, 0x7fffffffffffffff}, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120110037edfb99eff49d5c1d0370102030109021200016abfd0060904080100ff036b93"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0})

2.920219962s ago: executing program 8 (id=1888):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000700), 0x400000, 0x0)
ioctl$int_out(r0, 0x0, &(0x7f0000000740))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000005140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000008000000000010000000c0002000000000000000000400007800c00018008000100", @ANYRES32=r1, @ANYRES32=r2], 0x60}, 0x1, 0x0, 0x0, 0x4081}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x77359400}, 0x1, 0x10, 0x1})
io_uring_enter(r6, 0x100847c0, 0x0, 0x1, 0x0, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r10 = accept(r9, 0x0, 0x0)
sendmmsg$alg(r10, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x1d}], 0x1, 0x0)
recvmsg(r10, &(0x7f000000b680)={0x0, 0x0, &(0x7f000000b600)=[{&(0x7f000000b500)=""/153, 0x99}], 0x1}, 0x0)
r11 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r12 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r12, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x200}})
ioctl$SNDCTL_SEQ_OUTOFBAND(r11, 0x40085112, &(0x7f0000000040)=@t={0x85, 0x2, 0x5, 0xc})

1.528440136s ago: executing program 7 (id=1889):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, 0x0, 0x20004040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = landlock_create_ruleset(0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
landlock_restrict_self(r5, 0x0)
r6 = landlock_create_ruleset(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000080000000000000000000000691226000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
landlock_restrict_self(r6, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x8804)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, 0x0, 0x42000, 0x0)

1.245752237s ago: executing program 8 (id=1890):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0xe, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000027c00000400fc80a72601"], 0x26c0}, 0x1, 0x0, 0x0, 0xbbe87f18b54b20b5}, 0x4010)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed7f0000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000780)=ANY=[])
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=@newtaction={0x14, 0x1e, 0x109}, 0x14}}, 0x44090)

0s ago: executing program 7 (id=1891):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0xfffffffffffffed9, 0x2, [@TCA_HTB_INIT={0xf}]}}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r6 = syz_io_uring_setup(0x4b9, &(0x7f0000010400)={0x0, 0xb1a6, 0x2, 0x3}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

kernel console output (not intermixed with test programs):

+0xb0/0x130
[  576.995632][T11463]  should_fail_ex+0x414/0x560
[  576.995661][T11463]  core_sys_select+0x724/0xa20
[  576.995697][T11463]  ? __pfx_core_sys_select+0x10/0x10
[  576.995749][T11463]  ? __pfx_set_user_sigmask+0x10/0x10
[  576.995786][T11463]  __se_sys_pselect6+0x27a/0x300
[  576.995816][T11463]  ? __pfx___se_sys_pselect6+0x10/0x10
[  576.995840][T11463]  ? __pfx_ksys_write+0x10/0x10
[  576.995857][T11463]  ? rcu_is_watching+0x15/0xb0
[  576.995888][T11463]  ? __x64_sys_pselect6+0x21/0xf0
[  576.995914][T11463]  do_syscall_64+0xfa/0x3b0
[  576.995938][T11463]  ? lockdep_hardirqs_on+0x9c/0x150
[  576.995961][T11463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.995982][T11463]  ? clear_bhb_loop+0x60/0xb0
[  576.996009][T11463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.996030][T11463] RIP: 0033:0x7f425658ebe9
[  576.996049][T11463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.996067][T11463] RSP: 002b:00007f42547f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  576.996090][T11463] RAX: ffffffffffffffda RBX: 00007f42567b5fa0 RCX: 00007f425658ebe9
[  576.996106][T11463] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000040
[  576.996119][T11463] RBP: 00007f42547f6090 R08: 0000000000000000 R09: 0000000000000000
[  576.996133][T11463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.996146][T11463] R13: 00007f42567b6038 R14: 00007f42567b5fa0 R15: 00007fffaed075b8
[  576.996187][T11463]  </TASK>
[  577.194405][  T977] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  577.347107][  T977] usb 3-1: Using ep0 maxpacket: 8
[  577.356179][  T977] usb 3-1: unable to get BOS descriptor or descriptor too short
[  577.370937][  T977] usb 3-1: unable to read config index 0 descriptor/start: -61
[  577.380922][  T977] usb 3-1: can't read configurations, error -61
[  577.500505][  T977] usb usb3-port1: attempt power cycle
[  577.664275][T11474] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1303'.
[  577.677078][T11474] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  577.866656][  T977] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  577.879557][T11479] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1305'.
[  577.908002][  T977] usb 3-1: Using ep0 maxpacket: 8
[  578.106776][ T5923] usb 1-1: new full-speed USB device number 40 using dummy_hcd
[  578.241357][  T977] usb 3-1: unable to get BOS descriptor or descriptor too short
[  578.467915][  T977] usb 3-1: unable to read config index 0 descriptor/start: -61
[  578.475594][  T977] usb 3-1: can't read configurations, error -61
[  578.612028][ T5923] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  578.636102][ T5923] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  578.666780][  T977] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  578.861472][ T5923] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  578.882356][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  579.675450][  T977] usb 3-1: Using ep0 maxpacket: 8
[  579.686789][ T5923] usb 1-1: SerialNumber: syz
[  579.708560][ T5923] usb 1-1: bad CDC descriptors
[  579.714303][ T5923] usb-storage 1-1:1.0: USB Mass Storage device detected
[  579.784093][ T5923] usb-storage 1-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  579.812861][ T5923] scsi host1: usb-storage 1-1:1.0
[  579.835024][  T977] usb 3-1: device descriptor read/all, error -71
[  579.843225][  T977] usb usb3-port1: unable to enumerate USB device
[  580.297579][    T9] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  580.487060][ T5923] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  580.767872][    T9] usb 6-1: Using ep0 maxpacket: 16
[  580.781491][    T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  580.795435][ T5923] usb 7-1: Using ep0 maxpacket: 16
[  580.809941][ T5923] usb 7-1: config 0 has an invalid interface number: 161 but max is 0
[  580.821605][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  580.840104][ T5923] usb 7-1: config 0 has no interface number 0
[  580.870342][ T5923] usb 7-1: config 0 interface 161 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  580.899217][    T9] usb 6-1: config 0 has no interface number 0
[  580.910824][T11499] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1311'.
[  580.930470][ T5923] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0102, bcdDevice=9a.fd
[  580.940941][    T9] usb 6-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  580.961334][ T5923] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.976129][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  581.006372][ T5923] usb 7-1: Product: syz
[  581.015100][ T5923] usb 7-1: Manufacturer: syz
[  581.020746][    T9] usb 6-1: Product: syz
[  581.036865][    T9] usb 6-1: Manufacturer: syz
[  581.043957][    T9] usb 6-1: SerialNumber: syz
[  581.049493][ T5923] usb 7-1: SerialNumber: syz
[  581.093555][ T5923] usb 7-1: config 0 descriptor??
[  581.099922][    T9] usb 6-1: config 0 descriptor??
[  581.111747][T11491] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  581.128983][    T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  581.145933][T11502] FAULT_INJECTION: forcing a failure.
[  581.145933][T11502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.170247][ T5923] kvaser_usb 7-1:0.161: error -ENODEV: Cannot get usb endpoint(s)
[  581.199771][    T9] snd-usb-audio 6-1:0.1: probe with driver snd-usb-audio failed with error -2
[  581.215321][T11502] CPU: 0 UID: 0 PID: 11502 Comm: syz.2.1312 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  581.215354][T11502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  581.215369][T11502] Call Trace:
[  581.215378][T11502]  <TASK>
[  581.215388][T11502]  dump_stack_lvl+0x189/0x250
[  581.215419][T11502]  ? __pfx____ratelimit+0x10/0x10
[  581.215442][T11502]  ? __pfx_dump_stack_lvl+0x10/0x10
[  581.215465][T11502]  ? __pfx__printk+0x10/0x10
[  581.215507][T11502]  should_fail_ex+0x414/0x560
[  581.215536][T11502]  _copy_to_user+0x31/0xb0
[  581.215570][T11502]  simple_read_from_buffer+0xe1/0x170
[  581.215600][T11502]  proc_fail_nth_read+0x1df/0x250
[  581.215631][T11502]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  581.215662][T11502]  ? rw_verify_area+0x258/0x650
[  581.215695][T11502]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  581.215741][T11502]  vfs_read+0x200/0x980
[  581.215781][T11502]  ? __pfx___mutex_lock+0x10/0x10
[  581.215807][T11502]  ? __pfx_vfs_read+0x10/0x10
[  581.215843][T11502]  ? __fget_files+0x2a/0x420
[  581.215873][T11502]  ? __fget_files+0x3a0/0x420
[  581.215897][T11502]  ? __fget_files+0x2a/0x420
[  581.215932][T11502]  ksys_read+0x145/0x250
[  581.215955][T11502]  ? __pfx_ksys_read+0x10/0x10
[  581.215982][T11502]  ? do_syscall_64+0xbe/0x3b0
[  581.216012][T11502]  do_syscall_64+0xfa/0x3b0
[  581.216035][T11502]  ? lockdep_hardirqs_on+0x9c/0x150
[  581.216058][T11502]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.216080][T11502]  ? clear_bhb_loop+0x60/0xb0
[  581.216107][T11502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.216128][T11502] RIP: 0033:0x7fc77c98d5fc
[  581.216148][T11502] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  581.216168][T11502] RSP: 002b:00007fc77d83a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  581.216192][T11502] RAX: ffffffffffffffda RBX: 00007fc77cbb5fa0 RCX: 00007fc77c98d5fc
[  581.216209][T11502] RDX: 000000000000000f RSI: 00007fc77d83a0a0 RDI: 0000000000000004
[  581.216223][T11502] RBP: 00007fc77d83a090 R08: 0000000000000000 R09: 0000000000000000
[  581.216237][T11502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  581.216250][T11502] R13: 00007fc77cbb6038 R14: 00007fc77cbb5fa0 R15: 00007fffd9162698
[  581.216285][T11502]  </TASK>
[  581.563237][  T977] usb 6-1: USB disconnect, device number 22
[  582.301421][T11514] netlink: 'syz.6.1307': attribute type 10 has an invalid length.
[  582.309477][T11514] netlink: 152 bytes leftover after parsing attributes in process `syz.6.1307'.
[  582.319894][T11514] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  582.796658][ T1211] usb 1-1: USB disconnect, device number 40
[  583.995208][  T977] usb 7-1: USB disconnect, device number 10
[  584.118530][T11528] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  584.269957][ T6001] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  584.510985][ T6001] usb 2-1: Using ep0 maxpacket: 16
[  584.654483][ T6001] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  584.877739][    T9] usb 3-1: new low-speed USB device number 50 using dummy_hcd
[  584.947819][ T6001] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  584.957753][ T6001] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  584.970489][ T6001] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14
[  584.997355][ T6001] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.006115][ T6001] usb 2-1: Product: syz
[  585.036278][ T6001] usb 2-1: Manufacturer: syz
[  585.041259][ T6001] usb 2-1: SerialNumber: syz
[  585.099757][ T6001] usb 2-1: config 0 descriptor??
[  585.116008][T11524] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  585.149207][ T6001] mceusb 2-1:0.0: mceusb_dev_probe: device setup failed!
[  585.172743][ T6001] mceusb 2-1:0.0: probe with driver mceusb failed with error -12
[  585.196707][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  585.254309][T11540] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1323'.
[  585.306923][T11540] usb usb8: usbfs: process 11540 (syz.6.1323) did not claim interface 0 before use
[  585.326285][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  585.415291][    T9] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  585.514849][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.826152][    T9] usb 3-1: config 0 descriptor??
[  585.961310][ T6001] usb 2-1: USB disconnect, device number 33
[  586.035562][T11543] syzkaller1: tun_chr_ioctl cmd 1074025677
[  586.050896][T11526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  586.078285][T11526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  586.088482][T11543] syzkaller1: linktype set to 778
[  586.329403][T11526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  586.395294][T11526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  586.769978][    T9] lenovo 0003:17EF:6047.0011: unknown main item tag 0x0
[  586.797288][    T9] lenovo 0003:17EF:6047.0011: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.2-1/input0
[  586.845805][    T9] usb 3-1: USB disconnect, device number 50
[  587.047238][T11558] netlink: 'syz.1.1330': attribute type 10 has an invalid length.
[  587.541259][T11558] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  587.569534][T11564] netlink: 'syz.1.1330': attribute type 10 has an invalid length.
[  588.407924][T11583] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  588.584453][    T9] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  588.782887][    T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  589.025143][    T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  589.042484][    T9] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  589.055040][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.063713][    T9] usb 1-1: Product: syz
[  589.068691][    T9] usb 1-1: Manufacturer: syz
[  589.075899][    T9] usb 1-1: SerialNumber: syz
[  589.084676][    T9] usb 1-1: config 0 descriptor??
[  589.091292][T11578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  589.107968][T11578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  589.363165][T11578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  589.393064][T11578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  589.729630][    T9] Error reading MAC address
[  589.874586][    T9] usb 1-1: USB disconnect, device number 41
[  590.450220][T11616] lo speed is unknown, defaulting to 1000
[  591.164559][T11628] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1347'.
[  591.687400][T11638] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  591.694254][T11638] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  591.700986][T11638] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  591.707601][T11638] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  591.714849][T11638] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  591.721448][T11638] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  591.728298][T11638] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  591.734778][T11638] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  591.741699][T11638] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  591.748295][T11638] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  591.755100][T11638] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  591.762287][T11638] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  591.768862][T11638] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  591.776652][T11638] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  591.887879][T11641] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1352'.
[  592.128927][T10312] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  592.506672][T10312] usb 1-1: Using ep0 maxpacket: 32
[  592.527283][T11653] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  592.849171][T10312] usb 1-1: config 0 has an invalid interface number: 92 but max is 0
[  592.904520][T10312] usb 1-1: config 0 has no interface number 0
[  592.949016][T10312] usb 1-1: config 0 interface 92 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  592.968553][T10312] usb 1-1: config 0 interface 92 has no altsetting 0
[  593.001816][T10312] usb 1-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=a8.eb
[  593.049446][T10312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.063264][T10312] usb 1-1: Product: syz
[  593.067618][T10312] usb 1-1: Manufacturer: syz
[  593.098905][T10312] usb 1-1: SerialNumber: syz
[  593.122350][T10312] usb 1-1: config 0 descriptor??
[  593.131946][T11643] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  593.956359][T10312] redrat3 1-1:0.92: Couldn't find all endpoints
[  593.979705][T10312] usb 1-1: USB disconnect, device number 42
[  595.599626][T11687] netlink: 'syz.0.1364': attribute type 39 has an invalid length.
[  595.898828][T10312] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  596.372135][T10312] usb 1-1: config 1 has an invalid descriptor of length 246, skipping remainder of the config
[  596.419079][T10312] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  596.460716][T10312] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  596.470597][T10312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.488092][T10312] usb 1-1: Product: syz
[  596.495586][T10312] usb 1-1: Manufacturer: syz
[  596.508940][T10312] usb 1-1: SerialNumber: syz
[  596.561469][T10312] cdc_ether 1-1:1.0: skipping garbage
[  596.918715][T10312] usb 1-1: bad CDC descriptors
[  598.116356][ T5923] usb 1-1: USB disconnect, device number 43
[  599.439073][ T5923] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  599.626665][ T5923] usb 7-1: unable to get BOS descriptor or descriptor too short
[  599.639726][ T5923] usb 7-1: not running at top speed; connect to a high speed hub
[  599.664802][ T5923] usb 7-1: config 4 has an invalid interface number: 32 but max is 0
[  599.683668][ T5923] usb 7-1: config 4 has no interface number 0
[  599.702210][ T5923] usb 7-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=f1.50
[  599.718992][ T5923] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  599.729598][ T5923] usb 7-1: Product: syz
[  599.733833][ T5923] usb 7-1: Manufacturer: syz
[  599.738464][ T5923] usb 7-1: SerialNumber: syz
[  599.819971][T10312] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  599.986186][ T5923] usb 7-1: Found UVC 0.02 device syz (17dc:0202)
[  600.000934][T10312] usb 1-1: unable to get BOS descriptor or descriptor too short
[  600.011655][ T5923] usb 7-1: No valid video chain found.
[  600.023488][T10312] usb 1-1: config 6 has an invalid interface number: 200 but max is 0
[  600.037544][T10312] usb 1-1: config 6 has no interface number 0
[  600.044506][ T5923] usb 7-1: USB disconnect, device number 11
[  600.057587][T10312] usb 1-1: config 6 interface 200 has no altsetting 0
[  600.078896][T10312] usb 1-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  600.090420][T10312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.098631][T10312] usb 1-1: Product: ﶡ䘥죺藬誴ᐜ벅↞挨⢼ԋ埉厵ឭ诙憡놋໢ꈅ킏ଶ⒃訥渔墚鶚膜焙翟倕籦ò鏏觏ᴺ瘭旽븋糷荽ᓈ⤜䗽羻
[  600.116555][T10312] usb 1-1: Manufacturer: ఄ
[  600.122466][T10312] usb 1-1: SerialNumber: Н
[  600.351988][T11736] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1375'.
[  600.362499][T11736] 8021q: VLANs not supported on nlmon0
[  600.437914][T11752] netlink: 'syz.2.1380': attribute type 16 has an invalid length.
[  600.849520][ T5923] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  600.878484][T11761] can0: slcan on ttyS3.
[  600.940689][T11761] can0 (unregistered): slcan off ttyS3.
[  601.149859][ T5923] usb 7-1: config 0 has an invalid interface number: 138 but max is 0
[  601.373663][ T5923] usb 7-1: config 0 has no interface number 0
[  601.472127][ T5923] usb 7-1: config 0 interface 138 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  601.529351][ T5923] usb 7-1: config 0 interface 138 altsetting 0 has an endpoint descriptor with address 0x97, changing to 0x87
[  601.672503][ T5923] usb 7-1: config 0 interface 138 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 4
[  601.718665][ T5923] usb 7-1: config 0 interface 138 altsetting 0 endpoint 0x87 has invalid maxpacket 1152, setting to 1023
[  601.757821][ T5923] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice= f.66
[  601.800739][ T5923] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.822947][ T5923] usb 7-1: config 0 descriptor??
[  601.858404][T10312] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  601.882797][T10312] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  602.256060][ T5923] usb 7-1: string descriptor 0 read error: -71
[  602.407655][T10312] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  602.510699][ T5923] usbtest 7-1:0.138: Linux gadget zero
[  602.519752][ T5923] usbtest 7-1:0.138: full-speed {control in/out bulk-out iso-in} tests (+alt)
[  602.535445][T10312] usb 1-1: media controller created
[  602.560471][ T5923] usb 7-1: USB disconnect, device number 12
[  602.614923][T10312] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  602.689418][T10312] dvb-usb: bulk message failed: -71 (6/0)
[  602.747489][T10312] dvb-usb: bulk message failed: -71 (6/0)
[  602.763650][T10312] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  602.776394][T10312] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input24
[  602.794647][T10312] dvb-usb: schedule remote query interval to 150 msecs.
[  602.828735][T10312] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  603.197989][ T5923] dvb-usb: bulk message failed: -71 (1/0)
[  603.211538][T10312] usb 1-1: USB disconnect, device number 44
[  603.229412][ T5923] dvb-usb: error while querying for an remote control event.
[  603.590178][T10312] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  603.617907][T11798] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1392'.
[  606.615184][T11813] loop2: detected capacity change from 0 to 7
[  606.622672][T11813] Dev loop2: unable to read RDB block 7
[  606.628261][T11813]  loop2: AHDI p1 p2 p3
[  606.800245][T11813] loop2: partition table partially beyond EOD, truncated
[  606.918825][T11813] loop2: p1 start 1601398130 is beyond EOD, truncated
[  607.723316][T11813] loop2: p2 start 1702059890 is beyond EOD, truncated
[  607.904801][T11829] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1399'.
[  607.921115][   T30] audit: type=1326 audit(2000001957.982:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11826 comm="syz.0.1398" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x0
[  608.758401][T11842] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1403'.
[  608.783542][   T30] audit: type=1326 audit(2000001958.842:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  608.865079][   T30] audit: type=1326 audit(2000001958.842:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  608.868874][T11846] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1404'.
[  608.897027][T11846] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1404'.
[  608.906175][T11846] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1404'.
[  608.915214][T11846] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1404'.
[  608.915326][   T30] audit: type=1326 audit(2000001958.842:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc77c98d550 code=0x7ffc0000
[  608.966175][   T30] audit: type=1326 audit(2000001958.842:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fc77c990417 code=0x7ffc0000
[  608.991209][   T30] audit: type=1326 audit(2000001958.842:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  609.014726][   T30] audit: type=1326 audit(2000001958.842:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fc77c990417 code=0x7ffc0000
[  609.037298][   T30] audit: type=1326 audit(2000001958.842:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc77c98d84a code=0x7ffc0000
[  609.100173][   T30] audit: type=1326 audit(2000001958.842:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  609.120999][T11853] lo speed is unknown, defaulting to 1000
[  609.223156][   T30] audit: type=1326 audit(2000001958.842:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11841 comm="syz.2.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc77c98d84a code=0x7ffc0000
[  609.245020][T10312] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  609.411011][ T5846] Bluetooth: hci5: command 0x0c1a tx timeout
[  609.426200][T10312] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  609.468198][T10312] usb 7-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  609.523927][T10312] usb 7-1: config 0 interface 0 has no altsetting 0
[  609.534862][T10312] usb 7-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  609.550968][T10312] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.763082][T10312] usb 7-1: config 0 descriptor??
[  609.801256][T10312] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  610.465161][  T977] usb 7-1: USB disconnect, device number 13
[  610.832639][T11876] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  611.271026][T11880] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[  612.313618][T11892] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1412'.
[  612.324010][T11892] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1412'.
[  612.587353][T11894] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  613.460089][T11902] sch_tbf: burst 19872 is lower than device lo mtu (67108880) !
[  614.488871][T11921] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1418'.
[  614.671929][T11923] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1419'.
[  615.133496][T11925] overlay: Unknown parameter 'default_permissions:/'
[  616.131176][    T9] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  616.659990][    T9] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  616.671291][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.715740][    T9] usb 3-1: Product: syz
[  616.728356][    T9] usb 3-1: Manufacturer: syz
[  616.733674][    T9] usb 3-1: SerialNumber: syz
[  616.759336][    T9] usb 3-1: config 0 descriptor??
[  617.087951][    T9] usb 3-1: ignoring: probably an ADSL modem
[  617.304638][T11958] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  617.995201][    T9] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  618.023722][T11961] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1426'.
[  618.025614][   T24] usb 3-1: USB disconnect, device number 51
[  618.032991][T11961] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1426'.
[  618.033064][T11961] netlink: 492 bytes leftover after parsing attributes in process `syz.0.1426'.
[  618.067134][ T1211] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  618.251752][ T1211] usb 2-1: Using ep0 maxpacket: 16
[  618.266817][ T1211] usb 2-1: config 64 has an invalid interface number: 176 but max is 0
[  618.281183][ T1211] usb 2-1: config 64 has no interface number 0
[  618.292118][ T5846] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  618.297792][ T1211] usb 2-1: config 64 interface 176 has no altsetting 0
[  618.308855][ T5846] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  618.321231][ T5846] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  618.333222][ T1211] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=14.8d
[  618.343586][ T5846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  618.356481][ T5846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  618.367003][ T1211] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.378223][ T1211] usb 2-1: Product: syz
[  618.396278][ T1211] usb 2-1: Manufacturer: syz
[  618.400978][ T1211] usb 2-1: SerialNumber: syz
[  618.517695][T11966] lo speed is unknown, defaulting to 1000
[  618.643248][ T1211] peak_usb 2-1:64.176 can0: unable to request usb[type=0 value=1] err=-71
[  618.665884][ T1211] peak_usb 2-1:64.176: unable to read PCAN-USB X6 firmware info (err -71)
[  618.825366][ T1211] peak_usb 2-1:64.176: probe with driver peak_usb failed with error -71
[  618.871485][ T1211] usb 2-1: USB disconnect, device number 34
[  618.919225][T11973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1429'.
[  619.005535][T11978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  619.027835][T11978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  619.056688][T11966] chnl_net:caif_netlink_parms(): no params data found
[  619.231320][   T24] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  619.311493][  T977] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  619.361584][   T24] usb 1-1: device descriptor read/64, error -71
[  619.465814][T11966] bridge0: port 1(bridge_slave_0) entered blocking state
[  619.474170][  T977] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  619.492734][  T977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.502094][T11966] bridge0: port 1(bridge_slave_0) entered disabled state
[  619.510892][T11966] bridge_slave_0: entered allmulticast mode
[  619.512709][  T977] usb 3-1: config 0 descriptor??
[  619.523441][T11966] bridge_slave_0: entered promiscuous mode
[  619.543022][T11966] bridge0: port 2(bridge_slave_1) entered blocking state
[  619.550350][T11966] bridge0: port 2(bridge_slave_1) entered disabled state
[  619.561517][T11966] bridge_slave_1: entered allmulticast mode
[  619.569684][T11966] bridge_slave_1: entered promiscuous mode
[  619.631543][T11933] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[  619.639363][   T24] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  619.771492][   T24] usb 1-1: device descriptor read/64, error -71
[  619.793261][T11933] usb 2-1: config 0 has an invalid interface number: 39 but max is 0
[  619.811349][T11933] usb 2-1: config 0 has no interface number 0
[  619.821409][T11933] usb 2-1: config 0 interface 39 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  619.854944][T11933] usb 2-1: New USB device found, idVendor=0499, idProduct=4d3f, bcdDevice=d2.2a
[  619.864136][T11933] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  619.878725][T11933] usb 2-1: Product: syz
[  619.891896][   T24] usb usb1-port1: attempt power cycle
[  619.897597][T11933] usb 2-1: Manufacturer: syz
[  619.905623][T11933] usb 2-1: SerialNumber: syz
[  619.923358][T11933] usb 2-1: config 0 descriptor??
[  619.936143][T11966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  619.971115][T11966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  620.136724][T11987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  620.146167][T11987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  620.197918][T11933] usb 2-1: USB disconnect, device number 35
[  620.213618][T11966] team0: Port device team_slave_0 added
[  620.227492][T11966] team0: Port device team_slave_1 added
[  620.241402][   T24] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  620.272234][   T24] usb 1-1: device descriptor read/8, error -71
[  620.451670][ T5846] Bluetooth: hci6: command tx timeout
[  620.521411][   T24] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  620.542688][   T24] usb 1-1: device descriptor read/8, error -71
[  620.656556][   T24] usb usb1-port1: unable to enumerate USB device
[  620.779835][T11966] batman_adv: batadv0: Adding interface: batadv_slave_0
[  620.793084][T11966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  620.833971][T11966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  620.857392][T11966] batman_adv: batadv0: Adding interface: batadv_slave_1
[  620.870244][T11966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  620.923961][T11966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  621.187446][T11966] hsr_slave_0: entered promiscuous mode
[  621.198876][T11966] hsr_slave_1: entered promiscuous mode
[  621.206503][T11966] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  621.218039][T11966] Cannot create hsr debugfs directory
[  621.250660][T11995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1434'.
[  621.857409][  T977] usb 3-1: Cannot set MAC address
[  621.874905][  T977] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  621.915641][  T977] usb 3-1: USB disconnect, device number 52
[  622.528243][T11966] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  622.542029][ T5846] Bluetooth: hci6: command tx timeout
[  622.673406][T11966] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  622.738051][T11966] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  622.798121][T11966] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  624.038195][T11966] 8021q: adding VLAN 0 to HW filter on device bond0
[  624.200902][T11966] 8021q: adding VLAN 0 to HW filter on device team0
[  624.227110][ T6029] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.234538][ T6029] bridge0: port 1(bridge_slave_0) entered forwarding state
[  624.241875][T11933] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  624.309548][   T30] kauditd_printk_skb: 72 callbacks suppressed
[  624.309569][   T30] audit: type=1326 audit(2000001974.360:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12022 comm="syz.0.1439" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x0
[  624.343381][ T6491] bridge0: port 2(bridge_slave_1) entered blocking state
[  624.350685][ T6491] bridge0: port 2(bridge_slave_1) entered forwarding state
[  624.429080][T11933] usb 3-1: config 127 has an invalid interface number: 3 but max is 0
[  624.437610][T11933] usb 3-1: config 127 has no interface number 0
[  624.444578][T11933] usb 3-1: New USB device found, idVendor=1199, idProduct=0112, bcdDevice=16.15
[  624.451030][T11966] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  624.471907][T11933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.498682][T11933] sierra 3-1:127.3: Sierra USB modem converter detected
[  624.612508][ T5846] Bluetooth: hci6: command tx timeout
[  624.753462][T12029] fuse: Bad value for 'fd'
[  624.869070][T11966] 8021q: adding VLAN 0 to HW filter on device batadv0
[  626.085905][T11933] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[  626.098608][T11933] usb 3-1: USB disconnect, device number 53
[  626.113232][T11933] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  626.122439][T11933] sierra 3-1:127.3: device disconnected
[  626.247226][T12056] fuse: Bad value for 'fd'
[  626.294539][T11966] veth0_vlan: entered promiscuous mode
[  626.309783][T11966] veth1_vlan: entered promiscuous mode
[  626.478069][T11966] veth0_macvtap: entered promiscuous mode
[  626.521001][T11966] veth1_macvtap: entered promiscuous mode
[  626.692305][ T5846] Bluetooth: hci6: command tx timeout
[  626.767086][T11966] batman_adv: batadv0: Interface activated: batadv_slave_0
[  626.772490][    T9] usb 2-1: new low-speed USB device number 36 using dummy_hcd
[  626.780863][T11966] batman_adv: batadv0: Interface activated: batadv_slave_1
[  626.800322][T11966] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  626.929959][T11966] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  627.189698][T12071] fuse: Unknown parameter '0x000000000000000900000000000000000000'
[  627.273783][T11966] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  627.468117][T11966] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  627.512318][    T9] usb 2-1: device descriptor read/64, error -71
[  627.769945][ T6491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  627.778431][    T9] usb 2-1: new low-speed USB device number 37 using dummy_hcd
[  627.808271][ T6491] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  627.932330][    T9] usb 2-1: device descriptor read/64, error -71
[  628.059487][    T9] usb usb2-port1: attempt power cycle
[  628.065200][ T5987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  628.084264][ T5987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  628.335131][ T5908] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  628.393785][ T5908] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  628.572834][    T9] usb 2-1: new low-speed USB device number 38 using dummy_hcd
[  628.603160][    T9] usb 2-1: device descriptor read/8, error -71
[  628.708901][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  628.723949][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  628.736018][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  628.745976][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  628.754098][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  628.853940][T12085] lo speed is unknown, defaulting to 1000
[  628.882407][    T9] usb 2-1: new low-speed USB device number 39 using dummy_hcd
[  628.918854][    T9] usb 2-1: device descriptor read/8, error -71
[  629.063136][    T9] usb usb2-port1: unable to enumerate USB device
[  629.582980][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  629.589784][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  629.605024][T12085] chnl_net:caif_netlink_parms(): no params data found
[  629.844734][T12114] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1456'.
[  629.968822][T12085] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.981108][T12085] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.990027][T12085] bridge_slave_0: entered allmulticast mode
[  629.999134][T12085] bridge_slave_0: entered promiscuous mode
[  630.009614][T12085] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.017472][T12085] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.025022][T12085] bridge_slave_1: entered allmulticast mode
[  630.034451][T12085] bridge_slave_1: entered promiscuous mode
[  630.099194][T12085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  630.118095][T12085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.700173][T12085] team0: Port device team_slave_0 added
[  630.832262][T12085] team0: Port device team_slave_1 added
[  630.855338][ T5846] Bluetooth: hci3: command tx timeout
[  630.964942][T12085] batman_adv: batadv0: Adding interface: batadv_slave_0
[  630.975765][T12085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.054068][T12085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.119460][T12085] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.171171][T12085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.197330][    C1] vkms_vblank_simulate: vblank timer overrun
[  631.250183][T12085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.352386][T12135] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1462'.
[  631.433416][T12135] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1462'.
[  631.817274][T12140] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1464'.
[  631.907359][T12144] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1466'.
[  631.956007][T12085] hsr_slave_0: entered promiscuous mode
[  631.975311][T12085] hsr_slave_1: entered promiscuous mode
[  632.005595][T12085] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  632.039082][T12085] Cannot create hsr debugfs directory
[  632.055601][T12145] macvlan1: entered promiscuous mode
[  632.061201][T12145] macvlan1: entered allmulticast mode
[  632.083061][T12145] veth1_vlan: entered allmulticast mode
[  632.429653][T12161] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1471'.
[  632.836185][    T9] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  632.934039][ T5846] Bluetooth: hci3: command tx timeout
[  632.980683][T12085] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  633.025398][T12085] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  633.032866][    T9] usb 2-1: Using ep0 maxpacket: 16
[  633.043597][    T9] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  633.076262][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.199383][T12085] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  633.274471][    T9] usb 2-1: config 0 descriptor??
[  633.296440][    T9] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  633.307638][T12085] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  633.487044][    T9] usb 2-1: Detected FT232B
[  633.625297][T12085] 8021q: adding VLAN 0 to HW filter on device bond0
[  633.672218][T12085] 8021q: adding VLAN 0 to HW filter on device team0
[  633.684338][ T1211] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  633.737955][ T6491] bridge0: port 1(bridge_slave_0) entered blocking state
[  633.745272][ T6491] bridge0: port 1(bridge_slave_0) entered forwarding state
[  633.848614][ T1211] usb 3-1: no configurations
[  633.854123][ T1211] usb 3-1: can't read configurations, error -22
[  633.963944][T12185] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  633.993472][ T1211] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  634.002219][T12185] batadv_slave_0: entered promiscuous mode
[  634.153899][ T1211] usb 3-1: no configurations
[  634.158589][ T1211] usb 3-1: can't read configurations, error -22
[  634.165770][ T1211] usb usb3-port1: attempt power cycle
[  634.198123][ T6491] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.205409][ T6491] bridge0: port 2(bridge_slave_1) entered forwarding state
[  634.553109][ T1211] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  634.607816][ T1211] usb 3-1: no configurations
[  634.619261][ T1211] usb 3-1: can't read configurations, error -22
[  634.780600][ T1211] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  634.845096][ T1211] usb 3-1: no configurations
[  634.870353][ T1211] usb 3-1: can't read configurations, error -22
[  634.909581][ T1211] usb usb3-port1: unable to enumerate USB device
[  635.013052][ T5846] Bluetooth: hci3: command tx timeout
[  635.126275][T12085] 8021q: adding VLAN 0 to HW filter on device batadv0
[  635.367299][T12199] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1477'.
[  635.628505][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  635.816807][    T9] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  636.466418][    T9] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  636.479809][    T9] usb 2-1: USB disconnect, device number 40
[  636.490668][T12209] 8021q: adding VLAN 0 to HW filter on device bond0
[  636.504108][T12209] bond0: (slave rose0): Enslaving as an active interface with an up link
[  636.513288][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  636.718849][    T9] ftdi_sio 2-1:0.0: device disconnected
[  637.093629][ T5846] Bluetooth: hci3: command tx timeout
[  637.203512][ T5908] usb 1-1: new full-speed USB device number 49 using dummy_hcd
[  637.443569][ T5908] usb 1-1: device descriptor read/64, error -71
[  637.793043][T12085] veth0_vlan: entered promiscuous mode
[  637.853467][ T5908] usb 1-1: new full-speed USB device number 50 using dummy_hcd
[  637.904702][T12085] veth1_vlan: entered promiscuous mode
[  638.040225][ T5908] usb 1-1: device descriptor read/64, error -71
[  638.132596][T12085] veth0_macvtap: entered promiscuous mode
[  638.194157][ T5908] usb usb1-port1: attempt power cycle
[  638.212345][T12085] veth1_macvtap: entered promiscuous mode
[  638.269255][T12085] batman_adv: batadv0: Interface activated: batadv_slave_0
[  638.301560][T12085] batman_adv: batadv0: Interface activated: batadv_slave_1
[  638.421150][T12085] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  638.455764][T12085] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  638.473438][T12085] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  638.484987][T12085] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  638.573946][ T5908] usb 1-1: new full-speed USB device number 51 using dummy_hcd
[  638.614740][ T5908] usb 1-1: device descriptor read/8, error -71
[  638.883708][ T5908] usb 1-1: new full-speed USB device number 52 using dummy_hcd
[  638.902647][ T7664] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  638.960395][ T7664] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  638.986288][ T5908] usb 1-1: device descriptor read/8, error -71
[  639.105597][ T5908] usb usb1-port1: unable to enumerate USB device
[  639.116868][ T5990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  639.132140][ T5990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  640.564025][T12265] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1488'.
[  640.593028][T12270] netlink: 'syz.2.1489': attribute type 12 has an invalid length.
[  640.626213][T12270] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.1489'.
[  640.833780][T11933] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  641.044192][T11933] usb 2-1: Using ep0 maxpacket: 16
[  641.095443][T11933] usb 2-1: unable to get BOS descriptor or descriptor too short
[  641.138541][T11933] usb 2-1: config 159 has an invalid interface number: 195 but max is 0
[  641.153768][T11933] usb 2-1: config 159 has no interface number 0
[  641.166865][T11933] usb 2-1: config 159 interface 195 altsetting 5 endpoint 0x1 has invalid wMaxPacketSize 0
[  641.193779][T11933] usb 2-1: config 159 interface 195 has no altsetting 0
[  641.219347][T11933] usb 2-1: New USB device found, idVendor=17e9, idProduct=b889, bcdDevice=ec.5c
[  641.252592][T11933] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.283709][T11933] usb 2-1: Product: syz
[  641.287960][T11933] usb 2-1: Manufacturer: syz
[  641.339280][T11933] usb 2-1: SerialNumber: syz
[  641.804193][T11933] udl 2-1:159.195: [drm] Unrecognized vendor firmware descriptor
[  641.814009][T11933] [drm:udl_init] *ERROR* Selecting channel failed
[  641.859756][T11933] [drm] Initialized udl 0.0.1 for 2-1:159.195 on minor 2
[  641.880840][T12265] team0 (unregistering): Port device team_slave_0 removed
[  641.888369][T11933] [drm] Initialized udl on minor 2
[  641.909240][T11933] udl 2-1:159.195: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  641.938411][ T6001] udl 2-1:159.195: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  641.956251][T11933] udl 2-1:159.195: [drm] Cannot find any crtc or sizes
[  641.983398][ T6001] udl 2-1:159.195: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  641.996954][T12265] team0 (unregistering): Port device team_slave_1 removed
[  642.001544][T11933] usb 2-1: USB disconnect, device number 41
[  642.017144][ T6001] udl 2-1:159.195: [drm] Cannot find any crtc or sizes
[  642.152454][T12295] netlink: 180 bytes leftover after parsing attributes in process `syz.8.1493'.
[  642.672787][T12317] netlink: 'syz.1.1498': attribute type 58 has an invalid length.
[  642.922488][T12325] loop4: detected capacity change from 0 to 524255232
[  643.116015][  T977] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  643.516918][T12335] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  643.528966][T12335] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0'
[  643.690128][ T6001] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  644.257185][  T977] usb 2-1: device descriptor read/64, error -71
[  644.442226][T12339] overlay: Unknown parameter 'seclabel'
[  644.514277][  T977] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  644.552795][T12343] program syz.7.1504 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  644.666041][  T977] usb 2-1: device descriptor read/64, error -71
[  644.688506][ T6001] usb 1-1: unable to get BOS descriptor or descriptor too short
[  644.705795][ T6001] usb 1-1: config 3 has an invalid interface number: 8 but max is 3
[  644.713914][ T6001] usb 1-1: config 3 has an invalid descriptor of length 70, skipping remainder of the config
[  644.724715][ T6001] usb 1-1: config 3 has 1 interface, different from the descriptor's value: 4
[  645.429911][ T6001] usb 1-1: config 3 has no interface number 0
[  645.436759][ T6001] usb 1-1: config 3 interface 8 altsetting 6 endpoint 0x82 has an invalid bInterval 248, changing to 11
[  645.448023][ T6001] usb 1-1: config 3 interface 8 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  645.461518][  T977] usb usb2-port1: attempt power cycle
[  645.511250][ T6001] usb 1-1: config 3 interface 8 has no altsetting 0
[  645.581817][ T6001] usb 1-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=c2.be
[  645.624336][ T6001] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.624367][ T6001] usb 1-1: Product: syz
[  645.624385][ T6001] usb 1-1: Manufacturer: syz
[  645.624403][ T6001] usb 1-1: SerialNumber: syz
[  645.836106][T12352] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1505'.
[  645.892900][ T6001] appledisplay 1-1:3.8: Error while getting initial brightness: -71
[  645.898039][T12363] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1508'.
[  645.956634][ T6001] appledisplay 1-1:3.8: probe with driver appledisplay failed with error -71
[  645.994754][ T6001] usbhid 1-1:3.8: can't add hid device: -22
[  646.011577][ T6001] usbhid 1-1:3.8: probe with driver usbhid failed with error -22
[  646.030757][T12369] netlink: 'syz.8.1509': attribute type 1 has an invalid length.
[  646.033975][ T6001] usb 1-1: USB disconnect, device number 53
[  646.065413][T12369] vlan2: entered allmulticast mode
[  646.076745][T12369] veth1: entered allmulticast mode
[  646.969586][T12383] overlay: ./file0 is not a directory
[  647.584275][   T30] audit: type=1326 audit(2000001997.638:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  647.615339][ T6001] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  647.673489][   T30] audit: type=1326 audit(2000001997.638:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  647.843553][ T6001] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  647.860243][ T6001] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.894571][   T30] audit: type=1326 audit(2000001997.638:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  647.904567][ T6001] usb 1-1: Product: syz
[  647.984605][ T6001] usb 1-1: Manufacturer: syz
[  647.985986][   T30] audit: type=1326 audit(2000001997.638:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  647.993447][ T6001] usb 1-1: SerialNumber: syz
[  648.088830][ T6001] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  648.153783][T11933] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  648.177353][   T30] audit: type=1326 audit(2000001997.638:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  648.214285][   T30] audit: type=1326 audit(2000001997.688:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  648.324634][   T30] audit: type=1326 audit(2000001997.688:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  648.348877][   T30] audit: type=1326 audit(2000001997.698:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  648.371122][   T30] audit: type=1326 audit(2000001997.698:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  648.393816][   T30] audit: type=1326 audit(2000001997.698:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12400 comm="syz.8.1518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850eb8ebe9 code=0x7ffc0000
[  648.508015][T12416] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1517'.
[  648.522524][    C1] usb 1-1: ath9k_htc: invalid pkt_len (ff31)
[  649.258584][T11933] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  649.270354][T11933] ath9k_htc: Failed to initialize the device
[  649.320989][T11933] usb 1-1: ath9k_htc: USB layer deinitialized
[  650.082036][T12417] usb 1-1: USB disconnect, device number 54
[  651.404319][T12433] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1525'.
[  652.568858][T12441] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1530'.
[  653.346299][T10312] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  653.535237][T10312] usb 1-1: Using ep0 maxpacket: 16
[  653.562611][T10312] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  653.645316][T10312] usb 1-1: config 0 has no interface number 0
[  653.705377][  T977] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  653.725213][T10312] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  653.836044][T10312] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  653.982847][T10312] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  654.015231][  T977] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  654.076588][T10312] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.089753][  T977] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  654.150836][  T977] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  654.183885][T10312] usb 1-1: config 0 descriptor??
[  654.244656][  T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.278961][  T977] usb 2-1: config 0 descriptor??
[  655.292054][    C0] raw-gadget.1 gadget.1: ignoring, device is not running
[  655.311005][  T977] usbhid 2-1:0.0: can't add hid device: -71
[  655.329816][  T977] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  655.345448][T10312] uclogic 0003:28BD:0071.0013: pen parameters not found
[  655.353302][T10312] uclogic 0003:28BD:0071.0013: interface is invalid, ignoring
[  655.386704][  T977] usb 2-1: USB disconnect, device number 45
[  655.431523][T10312] usb 1-1: USB disconnect, device number 55
[  655.461345][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  655.461365][   T30] audit: type=1326 audit(2000002005.517:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.689377][   T30] audit: type=1326 audit(2000002005.517:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.719577][   T30] audit: type=1326 audit(2000002005.537:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.751224][   T30] audit: type=1326 audit(2000002005.537:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.782347][   T30] audit: type=1326 audit(2000002005.537:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.811033][   T30] audit: type=1326 audit(2000002005.537:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.840784][   T30] audit: type=1326 audit(2000002005.537:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.873064][   T30] audit: type=1326 audit(2000002005.537:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f219758ebe9 code=0x7ffc0000
[  655.902175][   T30] audit: type=1326 audit(2000002005.537:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f219758d550 code=0x7ffc0000
[  655.929970][   T30] audit: type=1326 audit(2000002005.537:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12494 comm="syz.7.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f219758e7eb code=0x7ffc0000
[  656.207609][T12507] syz.0.1537: attempt to access beyond end of device
[  656.207609][T12507] nbd0: rw=0, sector=2, nr_sectors = 1 limit=0
[  657.489333][T12417] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  657.672838][T12417] usb 3-1: Using ep0 maxpacket: 8
[  657.685329][T12417] usb 3-1: config 0 has an invalid interface number: 186 but max is 0
[  657.715680][T12417] usb 3-1: config 0 has no interface number 0
[  657.737334][T12417] usb 3-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  657.755707][T11933] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  657.763361][T12417] usb 3-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  657.786720][T12417] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  657.825602][T12417] usb 3-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  657.876507][T12417] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  657.904538][T12417] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.924556][T12417] usb 3-1: Product: syz
[  657.930798][T12417] usb 3-1: Manufacturer: syz
[  657.945658][T12417] usb 3-1: SerialNumber: syz
[  657.960102][T11933] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  657.978809][T12417] usb 3-1: config 0 descriptor??
[  657.996144][T11933] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  658.034342][T11933] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.074987][T11933] usb 9-1: config 0 descriptor??
[  658.096073][T11933] pwc: Askey VC010 type 2 USB webcam detected.
[  658.218945][T12417] iowarrior 3-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  658.402671][T12540] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1545'.
[  658.630794][T12540] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1545'.
[  658.674101][T11933] pwc: recv_control_msg error -32 req 02 val 2b00
[  658.696235][ T5846] Bluetooth: hci3: command 0x0405 tx timeout
[  658.710478][T11933] pwc: recv_control_msg error -32 req 02 val 2700
[  658.720191][T11933] pwc: recv_control_msg error -32 req 02 val 2c00
[  658.728262][T11933] pwc: recv_control_msg error -32 req 04 val 1000
[  658.745422][T11933] pwc: recv_control_msg error -32 req 04 val 1300
[  658.786626][T11933] pwc: recv_control_msg error -32 req 04 val 1400
[  658.801534][T11933] pwc: recv_control_msg error -32 req 02 val 2000
[  658.813011][T12539] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  658.838420][T11933] pwc: recv_control_msg error -32 req 02 val 2100
[  658.863025][T11933] pwc: recv_control_msg error -32 req 04 val 1500
[  658.883243][T11933] pwc: recv_control_msg error -32 req 02 val 2500
[  658.916872][T11933] pwc: recv_control_msg error -71 req 02 val 2400
[  658.948307][T11933] pwc: recv_control_msg error -71 req 02 val 2600
[  658.979226][T11933] pwc: recv_control_msg error -71 req 02 val 2900
[  659.000746][T11933] pwc: recv_control_msg error -71 req 02 val 2800
[  659.031645][T11933] pwc: recv_control_msg error -71 req 04 val 1100
[  659.069506][T11933] pwc: recv_control_msg error -71 req 04 val 1200
[  659.108204][T11933] pwc: Registered as video103.
[  659.134671][T11933] input: PWC snapshot button as /devices/platform/dummy_hcd.8/usb9/9-1/input/input26
[  659.174737][  T977] usb 3-1: USB disconnect, device number 58
[  659.182309][T12551] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1546'.
[  659.318910][T11933] usb 9-1: USB disconnect, device number 2
[  661.203561][T12580] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1554'.
[  661.401966][T12586] sch_tbf: burst 19869 is lower than device lo mtu (65550) !
[  661.444008][T12589] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1558'.
[  661.497580][T12589] syz_tun: entered promiscuous mode
[  661.613222][T12586] bridge0: port 3(syz_tun) entered blocking state
[  661.638370][T12586] bridge0: port 3(syz_tun) entered disabled state
[  661.745379][T12596] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  661.840633][T12586] syz_tun: entered allmulticast mode
[  661.862633][T12586] syz_tun: entered promiscuous mode
[  662.033686][T12586] bridge0: port 3(syz_tun) entered blocking state
[  662.040734][T12586] bridge0: port 3(syz_tun) entered forwarding state
[  662.501913][T12608] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  663.066318][  T977] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  663.403955][  T977] usb 2-1: Using ep0 maxpacket: 16
[  663.415350][  T977] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  663.452492][  T977] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  663.466549][T12615] fuse: Unknown parameter ''
[  664.319964][  T977] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  664.353683][  T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  664.409626][  T977] usb 2-1: Product: syz
[  664.413900][  T977] usb 2-1: Manufacturer: syz
[  664.440989][  T977] usb 2-1: SerialNumber: syz
[  664.726057][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  664.737524][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  664.748492][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  664.759620][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  664.772276][T12624] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1564'.
[  664.785161][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  665.345597][  T977] usb 2-1: 0:2 : does not exist
[  665.752249][T12606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1562'.
[  665.823903][  T977] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  665.887442][  T977] usb 2-1: USB disconnect, device number 46
[  667.113391][T12655] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  667.282363][T12663] random: crng reseeded on system resumption
[  668.015754][T12661] Restarting kernel threads ...
[  668.022140][T12661] Done restarting kernel threads.
[  668.258946][T12675] erofs (device nbd2): cannot find valid erofs superblock
[  670.297399][T12709] unsupported nla_type 52263
[  670.516192][T12704] lo speed is unknown, defaulting to 1000
[  670.635486][T12709] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  670.681847][T12715] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1590'.
[  670.716251][T12697] "syz.8.1587" (12697) uses obsolete ecb(arc4) skcipher
[  670.735818][T12715] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1590'.
[  670.808685][T12719] sch_tbf: burst 3298 is lower than device lo mtu (67108880) !
[  670.937239][T11933] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  671.087308][T11933] usb 2-1: Using ep0 maxpacket: 32
[  671.121753][T11933] usb 2-1: config 0 has an invalid interface number: 203 but max is 0
[  671.157186][T11933] usb 2-1: config 0 has no interface number 0
[  671.191556][T11933] usb 2-1: config 0 interface 203 altsetting 53 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  671.232425][T11933] usb 2-1: config 0 interface 203 altsetting 53 has an invalid descriptor for endpoint zero, skipping
[  671.276374][T11933] usb 2-1: config 0 interface 203 altsetting 53 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  671.314181][T11933] usb 2-1: config 0 interface 203 altsetting 53 has an endpoint descriptor with address 0xAF, changing to 0x8F
[  671.347260][T11933] usb 2-1: config 0 interface 203 altsetting 53 endpoint 0x8F has invalid maxpacket 57227, setting to 1024
[  671.373245][T11933] usb 2-1: config 0 interface 203 altsetting 53 bulk endpoint 0x8F has invalid maxpacket 1024
[  671.395088][T11933] usb 2-1: config 0 interface 203 altsetting 53 has 8 endpoint descriptors, different from the interface descriptor's value: 7
[  671.452874][T11933] usb 2-1: config 0 interface 203 has no altsetting 0
[  671.470202][T11933] usb 2-1: New USB device found, idVendor=0df6, idProduct=004d, bcdDevice=ef.77
[  671.486659][T11933] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  671.496941][T12713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  671.515263][T11933] usb 2-1: Product: syz
[  671.567382][T11933] usb 2-1: Manufacturer: syz
[  671.587463][T11933] usb 2-1: SerialNumber: syz
[  671.618119][T11933] usb 2-1: config 0 descriptor??
[  671.646701][T12718] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  671.897593][T11933] usb 2-1: USB disconnect, device number 47
[  672.675000][T12750] netlink: 'syz.7.1599': attribute type 12 has an invalid length.
[  673.138300][T12753] netlink: 'syz.0.1600': attribute type 1 has an invalid length.
[  673.146115][T12753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1600'.
[  673.205640][T12753] netlink: 'syz.0.1600': attribute type 1 has an invalid length.
[  673.213576][T12753] netlink: 'syz.0.1600': attribute type 2 has an invalid length.
[  673.221505][T12753] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1600'.
[  673.638880][T12770] ubi: mtd0 is already attached to ubi31
[  673.644582][T12774] ubi: mtd0 is already attached to ubi31
[  674.721892][T12789] 9pnet_fd: Insufficient options for proto=fd
[  675.405621][T12799] XFS (nbd1): no-recovery mounts must be read-only.
[  676.681955][T10312] IPVS: starting estimator thread 0...
[  676.704275][T12818] SET target dimension over the limit!
[  676.788107][T12819] IPVS: using max 36 ests per chain, 86400 per kthread
[  677.047881][ T1211] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  677.230123][ T1211] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  677.256153][ T1211] usb 1-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  677.296884][ T1211] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  677.322069][ T1211] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  677.342872][ T1211] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  677.352250][ T1211] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.581843][ T1211] ath6kl: Failed to submit usb control message: -71
[  677.596648][T12828] netlink: 'syz.7.1619': attribute type 1 has an invalid length.
[  677.608204][ T1211] ath6kl: unable to send the bmi data to the device: -71
[  677.615170][T12828] netlink: 'syz.7.1619': attribute type 1 has an invalid length.
[  677.615278][ T1211] ath6kl: Unable to send get target info: -71
[  677.638600][T12828] vxcan0: tx address claim with different name
[  677.691008][ T1211] ath6kl: Failed to init ath6kl core: -71
[  677.802083][ T1211] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -71
[  677.923403][ T1211] usb 1-1: USB disconnect, device number 56
[  681.157103][  T977] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  681.234054][T12866] futex_wake_op: syz.7.1629 tries to shift op by -1; fix this program
[  681.351615][  T977] usb 1-1: Using ep0 maxpacket: 8
[  681.359363][  T977] usb 1-1: unable to get BOS descriptor or descriptor too short
[  681.368111][  T977] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  681.394364][  T977] usb 1-1: unable to read config index 0 descriptor/start: -61
[  681.402253][  T977] usb 1-1: can't read configurations, error -61
[  681.415744][ T5843] Bluetooth: hci6: Malformed Event: 0x2f
[  681.443517][T12872] netlink: 48 bytes leftover after parsing attributes in process `syz.8.1632'.
[  681.455139][T12872] netlink: 'syz.8.1632': attribute type 10 has an invalid length.
[  681.517444][T12872] netlink: 'syz.8.1632': attribute type 4 has an invalid length.
[  681.538450][T12872] netlink: 152 bytes leftover after parsing attributes in process `syz.8.1632'.
[  681.548563][  T977] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  681.571292][T12872] : renamed from bond0 (while UP)
[  681.627974][T12870] Process accounting resumed
[  681.719637][  T977] usb 1-1: Using ep0 maxpacket: 8
[  681.741132][  T977] usb 1-1: unable to get BOS descriptor or descriptor too short
[  681.754617][  T977] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  681.767588][  T977] usb 1-1: unable to read config index 0 descriptor/start: -61
[  681.776389][  T977] usb 1-1: can't read configurations, error -61
[  681.783105][  T977] usb usb1-port1: attempt power cycle
[  682.324459][T12875] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1634'.
[  682.333795][T12875] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  682.350712][  T977] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  682.378444][T12875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  682.426977][  T977] usb 1-1: Using ep0 maxpacket: 8
[  682.443986][  T977] usb 1-1: unable to get BOS descriptor or descriptor too short
[  682.468763][  T977] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  682.491786][  T977] usb 1-1: unable to read config index 0 descriptor/start: -61
[  682.503241][  T977] usb 1-1: can't read configurations, error -61
[  682.573136][T12881] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  682.598739][T12881] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  682.648600][  T977] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  682.660745][T12881] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  682.680941][T12881] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  682.694800][  T977] usb 1-1: Using ep0 maxpacket: 8
[  682.708307][T12881] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  682.720953][T12881] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  682.730510][  T977] usb 1-1: unable to get BOS descriptor or descriptor too short
[  682.738788][  T977] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  682.752265][  T977] usb 1-1: unable to read config index 0 descriptor/start: -61
[  682.763678][  T977] usb 1-1: can't read configurations, error -61
[  682.773248][T12881] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  682.785706][  T977] usb usb1-port1: unable to enumerate USB device
[  682.801523][T12881] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  682.814104][T12881] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  682.827569][T12881] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  683.994803][T12903] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1639'.
[  684.767974][ T5843] Bluetooth: hci1: command 0x0406 tx timeout
[  684.775196][ T5846] Bluetooth: hci2: command 0x0406 tx timeout
[  684.781386][ T5843] Bluetooth: hci5: command 0x0c1a tx timeout
[  684.787451][ T5843] Bluetooth: hci4: command 0x0405 tx timeout
[  684.789765][ T5846] Bluetooth: hci6: command 0x0c1a tx timeout
[  684.865334][ T5846] Bluetooth: hci3: command 0x0405 tx timeout
[  685.305202][T12921] tmpfs: Unknown parameter 'nos'
[  686.171043][T12929] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1647'.
[  686.419909][T12936] openvswitch: netlink: Missing key (keys=40, expected=80)
[  686.860717][ T5846] Bluetooth: hci6: command 0x0c1a tx timeout
[  686.949708][ T5846] Bluetooth: hci3: command 0x0405 tx timeout
[  687.897440][T12957] tc_dump_action: action bad kind
[  688.951584][ T5846] Bluetooth: hci6: command 0x0c1a tx timeout
[  689.056952][ T5846] Bluetooth: hci3: command 0x0405 tx timeout
[  689.373689][T12975] tmpfs: Bad value for 'mpol'
[  689.959516][ T1211] usb 3-1: new full-speed USB device number 59 using dummy_hcd
[  690.002252][T12993] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1664'.
[  690.469648][ T1211] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  690.617584][ T1211] usb 3-1: config 0 has no interface number 0
[  690.738756][ T1211] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  690.778105][ T1211] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x8 has invalid maxpacket 1024, setting to 64
[  690.842141][ T1211] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  690.859475][ T1211] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  690.871781][ T1211] usb 3-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59
[  690.962544][T12998] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1667'.
[  690.988108][ T1211] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  691.017690][ T1211] usb 3-1: config 0 descriptor??
[  691.034001][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  691.209501][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  691.219809][T12417] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  691.567724][ T1211] hub 3-1:0.3: bad descriptor, ignoring hub
[  691.574541][ T1211] hub 3-1:0.3: probe with driver hub failed with error -5
[  691.597212][ T1211] sierra 3-1:0.3: Sierra USB modem converter detected
[  691.622310][T12417] usb 9-1: device descriptor read/64, error -71
[  691.696764][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  691.696784][   T30] audit: type=1326 audit(2000002041.743:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  691.727590][   T30] audit: type=1326 audit(2000002041.743:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  691.753217][   T30] audit: type=1326 audit(2000002041.803:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  691.755223][T13007] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1665'.
[  691.775497][   T30] audit: type=1326 audit(2000002041.803:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  691.963609][   T30] audit: type=1326 audit(2000002041.803:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  692.092955][T12417] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  692.109564][   T30] audit: type=1326 audit(2000002041.803:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  692.171973][   T30] audit: type=1326 audit(2000002041.803:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  692.232443][   T30] audit: type=1326 audit(2000002041.993:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  692.277783][   T30] audit: type=1326 audit(2000002041.993:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  692.314589][T12417] usb 9-1: device descriptor read/64, error -71
[  692.323277][   T30] audit: type=1326 audit(2000002042.003:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12985 comm="syz.2.1665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc77c98ebe9 code=0x7ffc0000
[  692.501542][T12417] usb usb9-port1: attempt power cycle
[  693.089662][T12417] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  693.348065][ T1211] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[  693.424272][ T1211] usb 3-1: Sierra USB modem converter now attached to ttyUSB1
[  693.459762][T11933] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  693.490882][ T1211] usb 3-1: USB disconnect, device number 59
[  693.524823][ T1211] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  693.553370][ T1211] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  693.581034][ T1211] sierra 3-1:0.3: device disconnected
[  693.648579][T11933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  693.719124][T12417] usb 9-1: device descriptor read/8, error -71
[  693.735435][T11933] usb 2-1: New USB device found, idVendor=056a, idProduct=00c6, bcdDevice= 0.00
[  693.745771][T11933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.771085][T11933] usb 2-1: config 0 descriptor??
[  693.800858][ T5922] usb 1-1: new full-speed USB device number 61 using dummy_hcd
[  693.990869][ T5922] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  694.006265][ T5922] usb 1-1: config 0 has no interface number 0
[  694.019718][ T5922] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  694.037715][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.047905][T13022] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.066638][ T5922] usb 1-1: config 0 descriptor??
[  694.072111][T13022] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  694.084061][ T5922] usb 1-1: selecting invalid altsetting 1
[  694.090001][ T1211] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  694.093141][ T5922] dvb_ttusb_budget: ttusb_init_controller: error
[  694.112276][ T5922] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  694.224784][ T5922] DVB: Unable to find symbol cx22700_attach()
[  694.318255][ T5922] DVB: Unable to find symbol tda10046_attach()
[  694.331774][ T5922] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  694.347712][ T5922] usb 1-1: USB disconnect, device number 61
[  694.366680][T11933] wacom 0003:056A:00C6.0014: hidraw0: USB HID v0.00 Device [HID 056a:00c6] on usb-dummy_hcd.1-1/input0
[  694.524074][ T1211] usb 3-1: Using ep0 maxpacket: 32
[  694.545477][ T1211] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  694.558285][ T1211] usb 3-1: config 0 interface 0 altsetting 16 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  694.571371][ T1211] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  694.583430][ T1211] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x8F has invalid wMaxPacketSize 0
[  694.596544][ T5922] usb 2-1: USB disconnect, device number 48
[  694.646824][ T1211] usb 3-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  694.663452][ T1211] usb 3-1: config 0 interface 0 has no altsetting 0
[  694.678728][ T1211] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  694.689161][ T1211] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.946839][ T1211] usb 3-1: config 0 descriptor??
[  695.683112][T13050] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  695.897150][ T1211] hid-thrustmaster 0003:044F:B65D.0015: unknown main item tag 0x0
[  695.957861][ T1211] hid-thrustmaster 0003:044F:B65D.0015: unknown main item tag 0x0
[  695.966816][ T1211] hid-thrustmaster 0003:044F:B65D.0015: unknown main item tag 0x0
[  695.974876][ T1211] hid-thrustmaster 0003:044F:B65D.0015: unknown main item tag 0x0
[  695.983078][ T1211] hid-thrustmaster 0003:044F:B65D.0015: unknown main item tag 0x0
[  695.998453][ T1211] hid-thrustmaster 0003:044F:B65D.0015: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0
[  696.039594][ T1211] hid-thrustmaster 0003:044F:B65D.0015: setup data couldn't be sent
[  696.104920][    C1] hid-thrustmaster 0003:044F:B65D.0015: URB to get model id failed with error -71
[  696.122546][ T1211] usb 3-1: USB disconnect, device number 60
[  696.946656][T13063] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1689'.
[  697.005177][T13066] netlink: 'syz.7.1687': attribute type 1 has an invalid length.
[  697.034389][T13066] netlink: 'syz.7.1687': attribute type 1 has an invalid length.
[  697.082755][ T5846] Bluetooth: hci6: unexpected event for opcode 0x0809
[  699.476267][T13098] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1696'.
[  699.934724][T13110] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1699'.
[  699.947237][T13110] bridge_slave_1: left allmulticast mode
[  699.954161][T13110] bridge_slave_1: left promiscuous mode
[  699.962424][T13110] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.988506][T13110] bridge_slave_0: left allmulticast mode
[  700.015927][T13110] bridge_slave_0: left promiscuous mode
[  700.034160][T13110] bridge0: port 1(bridge_slave_0) entered disabled state
[  701.275624][T13136] xt_l2tp: invalid flags combination: 4
[  703.143713][T13158] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  703.201293][ T5984] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  703.360824][ T5984] usb 9-1: Using ep0 maxpacket: 32
[  703.452584][ T5984] usb 9-1: config 0 has an invalid interface number: 67 but max is 0
[  703.479831][ T5984] usb 9-1: config 0 has no interface number 0
[  704.150359][ T5984] usb 9-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  704.208526][ T5984] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.248197][ T5984] usb 9-1: Product: syz
[  704.260856][ T5984] usb 9-1: Manufacturer: syz
[  704.272029][ T5984] usb 9-1: SerialNumber: syz
[  704.303009][ T5984] usb 9-1: config 0 descriptor??
[  704.331460][ T5984] smsc95xx v2.0.0
[  704.337761][T13175] binder: 13174:13175 ioctl c080661a 200000000640 returned -22
[  704.347281][T13181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  704.361915][T13181] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  704.399868][T13182] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1719'.
[  704.431521][T13182] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1719'.
[  704.440586][T13182] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1719'.
[  704.584884][T10312] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  705.181143][ T5846] Bluetooth: hci0: command tx timeout
[  705.681832][ T5984] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  705.897707][T13152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.911953][T13152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  705.952858][T13152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.962967][T13152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  705.984046][ T5984] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  705.996531][ T5984] smsc95xx 9-1:0.67: probe with driver smsc95xx failed with error -71
[  706.014005][ T5984] usb 9-1: USB disconnect, device number 7
[  706.025552][T13197] lo speed is unknown, defaulting to 1000
[  707.081217][  T977] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  707.235922][  T977] usb 3-1: unable to get BOS descriptor or descriptor too short
[  707.246762][  T977] usb 3-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  707.285717][  T977] usb 3-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  707.300765][  T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.327312][  T977] usb 3-1: Product: syz
[  707.336153][  T977] usb 3-1: Manufacturer: syz
[  707.346580][  T977] usb 3-1: SerialNumber: syz
[  707.425680][T13220] nbd: socks must be embedded in a SOCK_ITEM attr
[  707.433495][T13220] block nbd0: shutting down sockets
[  707.683988][T13225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  707.701708][T13225] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  708.411412][T12417] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  708.425197][T13238] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  708.434554][T13238] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  708.447444][T13238] overlayfs: conflicting options: userxattr,redirect_dir=on
[  708.510136][  T977] usb 3-1: reset high-speed USB device number 62 using dummy_hcd
[  708.617054][T12417] usb 1-1: Using ep0 maxpacket: 32
[  708.680179][T12417] usb 1-1: config index 0 descriptor too short (expected 33, got 25)
[  708.688777][T12417] usb 1-1: config 0 has an invalid interface number: 199 but max is 1
[  708.712499][T12417] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  708.734430][T12417] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  708.763233][T12417] usb 1-1: config 0 has no interface number 0
[  708.869491][  T977] usb 3-1: unable to get BOS descriptor or descriptor too short
[  708.883301][T12417] usb 1-1: New USB device found, idVendor=13d3, idProduct=3350, bcdDevice=a4.e3
[  708.940793][T12417] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.987744][T12417] usb 1-1: Product: syz
[  709.233419][T12417] usb 1-1: Manufacturer: syz
[  709.264359][T12417] usb 1-1: SerialNumber: syz
[  709.289768][T12417] usb 1-1: config 0 descriptor??
[  709.322000][  T977] usb 3-1: USB disconnect, device number 62
[  709.611618][T13246] afs: Unknown parameter '�'
[  709.952507][T13256] overlayfs: missing 'workdir'
[  710.093707][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  710.093954][   T30] audit: type=1326 audit(2000002060.141:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  710.358238][   T30] audit: type=1326 audit(2000002060.231:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  710.399803][T13246] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  710.721892][   T30] audit: type=1326 audit(2000002060.241:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  710.848222][   T30] audit: type=1326 audit(2000002060.241:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  710.906869][   T30] audit: type=1326 audit(2000002060.251:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  710.928734][   T30] audit: type=1326 audit(2000002060.251:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  711.008024][   T30] audit: type=1326 audit(2000002060.261:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  711.097597][T13263] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1740'.
[  711.170660][   T30] audit: type=1326 audit(2000002061.041:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  711.239104][T12417] usb 1-1: ath9k_htc: Device endpoint numbers are not the expected ones
[  711.292885][   T30] audit: type=1326 audit(2000002061.041:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13254 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d2258ebe9 code=0x7ffc0000
[  711.309055][T12417] usb 1-1: USB disconnect, device number 62
[  711.731720][ T1211] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  711.973536][T13283] netlink: 800 bytes leftover after parsing attributes in process `syz.7.1744'.
[  712.000365][T13283] netlink: 1301 bytes leftover after parsing attributes in process `syz.7.1744'.
[  712.045445][T13282] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1744'.
[  712.115437][T13286] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  712.125231][T13286] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  712.138261][T13286] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  712.147739][T13286] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  712.157058][ T1211] usb 9-1: Using ep0 maxpacket: 32
[  712.222830][ T1211] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  712.242319][T13286] geneve2: entered promiscuous mode
[  712.244106][ T1211] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  712.254227][T13286] geneve2: entered allmulticast mode
[  712.282308][T13286] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  712.290752][ T1211] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  712.301123][T13286] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  712.318877][ T1211] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.347791][T13286] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  712.361852][ T1211] usb 9-1: config 0 descriptor??
[  712.370092][T13286] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  713.556830][ T1211] savu 0003:1E7D:2D5A.0016: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0
[  713.882677][  T977] usb 9-1: USB disconnect, device number 8
[  713.951732][   T30] audit: type=1326 audit(2000002063.990:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13307 comm="syz.0.1752" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f425658ebe9 code=0x0
[  714.150615][T13315] FAULT_INJECTION: forcing a failure.
[  714.150615][T13315] name failslab, interval 1, probability 0, space 0, times 0
[  714.192324][T13315] CPU: 1 UID: 0 PID: 13315 Comm: syz.8.1753 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  714.192358][T13315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  714.192372][T13315] Call Trace:
[  714.192385][T13315]  <TASK>
[  714.192395][T13315]  dump_stack_lvl+0x189/0x250
[  714.192428][T13315]  ? __pfx____ratelimit+0x10/0x10
[  714.192452][T13315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  714.192477][T13315]  ? __pfx__printk+0x10/0x10
[  714.192509][T13315]  ? __pfx___might_resched+0x10/0x10
[  714.192535][T13315]  ? fs_reclaim_acquire+0x7d/0x100
[  714.192568][T13315]  should_fail_ex+0x414/0x560
[  714.192598][T13315]  should_failslab+0xa8/0x100
[  714.192625][T13315]  __kmalloc_noprof+0xcb/0x4f0
[  714.192647][T13315]  ? tomoyo_encode+0x28b/0x550
[  714.192687][T13315]  tomoyo_encode+0x28b/0x550
[  714.192724][T13315]  tomoyo_realpath_from_path+0x58d/0x5d0
[  714.192757][T13315]  ? tomoyo_domain+0xda/0x130
[  714.192793][T13315]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  714.192818][T13315]  tomoyo_path_number_perm+0x1e8/0x5a0
[  714.192844][T13315]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  714.192888][T13315]  ? __lock_acquire+0xab9/0xd20
[  714.192935][T13315]  ? __fget_files+0x2a/0x420
[  714.192962][T13315]  ? __fget_files+0x2a/0x420
[  714.192980][T13315]  ? __fget_files+0x3a0/0x420
[  714.192999][T13315]  ? __fget_files+0x2a/0x420
[  714.193021][T13315]  security_file_ioctl+0xcb/0x2d0
[  714.193044][T13315]  __se_sys_ioctl+0x47/0x170
[  714.193072][T13315]  do_syscall_64+0xfa/0x3b0
[  714.193090][T13315]  ? lockdep_hardirqs_on+0x9c/0x150
[  714.193112][T13315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.193131][T13315]  ? clear_bhb_loop+0x60/0xb0
[  714.193160][T13315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.193177][T13315] RIP: 0033:0x7f850eb8ebe9
[  714.193192][T13315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  714.193208][T13315] RSP: 002b:00007f850fac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  714.193227][T13315] RAX: ffffffffffffffda RBX: 00007f850edb5fa0 RCX: 00007f850eb8ebe9
[  714.193239][T13315] RDX: 00002000000001c0 RSI: 00000000c0606610 RDI: 0000000000000003
[  714.193251][T13315] RBP: 00007f850fac5090 R08: 0000000000000000 R09: 0000000000000000
[  714.193262][T13315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  714.193272][T13315] R13: 00007f850edb6038 R14: 00007f850edb5fa0 R15: 00007ffe461ef0e8
[  714.193299][T13315]  </TASK>
[  714.437760][T13315] ERROR: Out of memory at tomoyo_realpath_from_path.
[  715.282877][T13327] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1755'.
[  715.635905][T13338] loop7: detected capacity change from 0 to 524255232
[  715.752978][T13338] loop7: detected capacity change from 524255232 to 524287912
[  715.781480][T13342] lo speed is unknown, defaulting to 1000
[  715.862176][ T6001] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  716.032426][ T6001] usb 2-1: Using ep0 maxpacket: 32
[  716.042038][ T6001] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  716.062225][ T6001] usb 2-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  716.092236][ T6001] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.114539][ T6001] usb 2-1: config 0 descriptor??
[  716.122760][T13351] netlink: 'syz.2.1763': attribute type 39 has an invalid length.
[  716.533926][T13353] FAULT_INJECTION: forcing a failure.
[  716.533926][T13353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  716.582826][ T6001] magicmouse 0003:05AC:0265.0017: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.1-1/input0
[  716.617974][T13353] CPU: 0 UID: 0 PID: 13353 Comm: syz.8.1764 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  716.618007][T13353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  716.618021][T13353] Call Trace:
[  716.618030][T13353]  <TASK>
[  716.618039][T13353]  dump_stack_lvl+0x189/0x250
[  716.618070][T13353]  ? __pfx____ratelimit+0x10/0x10
[  716.618094][T13353]  ? __pfx_dump_stack_lvl+0x10/0x10
[  716.618119][T13353]  ? __pfx__printk+0x10/0x10
[  716.618148][T13353]  ? __might_fault+0xb0/0x130
[  716.618182][T13353]  should_fail_ex+0x414/0x560
[  716.618211][T13353]  _copy_from_user+0x2d/0xb0
[  716.618243][T13353]  do_pagemap_cmd+0xf7/0xbb0
[  716.618273][T13353]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  716.618311][T13353]  ? __fget_files+0x2a/0x420
[  716.618331][T13353]  ? __fget_files+0x3a0/0x420
[  716.618351][T13353]  ? __fget_files+0x2a/0x420
[  716.618373][T13353]  ? bpf_lsm_file_ioctl+0x9/0x20
[  716.618396][T13353]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  716.618416][T13353]  __se_sys_ioctl+0xfc/0x170
[  716.618446][T13353]  do_syscall_64+0xfa/0x3b0
[  716.618468][T13353]  ? lockdep_hardirqs_on+0x9c/0x150
[  716.618488][T13353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.618507][T13353]  ? clear_bhb_loop+0x60/0xb0
[  716.618531][T13353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.618552][T13353] RIP: 0033:0x7f850eb8ebe9
[  716.618570][T13353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.618588][T13353] RSP: 002b:00007f850fac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  716.618627][T13353] RAX: ffffffffffffffda RBX: 00007f850edb5fa0 RCX: 00007f850eb8ebe9
[  716.618642][T13353] RDX: 00002000000001c0 RSI: 00000000c0606610 RDI: 0000000000000003
[  716.618656][T13353] RBP: 00007f850fac5090 R08: 0000000000000000 R09: 0000000000000000
[  716.618668][T13353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.618680][T13353] R13: 00007f850edb6038 R14: 00007f850edb5fa0 R15: 00007ffe461ef0e8
[  716.618715][T13353]  </TASK>
[  717.066925][   T30] audit: type=1326 audit(2000002067.110:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  717.108027][T13357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  717.121104][T13357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  719.132753][   T30] audit: type=1326 audit(2000002067.110:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  719.432876][   T30] audit: type=1326 audit(2000002067.110:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  719.470335][T13362] Bluetooth: MGMT ver 1.23
[  719.566268][   T30] audit: type=1326 audit(2000002067.110:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  719.812635][   T30] audit: type=1326 audit(2000002067.110:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  719.913671][ T5984] usb 2-1: USB disconnect, device number 49
[  719.927187][   T30] audit: type=1326 audit(2000002067.110:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  719.978024][   T30] audit: type=1326 audit(2000002067.110:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  720.053662][   T30] audit: type=1326 audit(2000002067.110:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  720.155112][   T30] audit: type=1326 audit(2000002067.110:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  720.213380][   T30] audit: type=1326 audit(2000002067.110:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13329 comm="syz.0.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425658ebe9 code=0x7fc00000
[  721.595774][ T5846] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  721.606045][ T5846] Bluetooth: hci2: command 0x0406 tx timeout
[  722.996607][T13407] netlink: 120 bytes leftover after parsing attributes in process `syz.0.1778'.
[  723.117189][T13413] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1780'.
[  723.886804][T13408] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  725.310808][T13443] Can't find ip_set type hach:net,port
[  726.155228][T13453] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1789'.
[  726.586024][T13453] lo: entered allmulticast mode
[  726.773463][ T6001] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  726.983519][  T977] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  727.073547][ T6001] usb 3-1: Using ep0 maxpacket: 32
[  727.089770][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  727.102159][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  727.339760][ T6001] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  727.514725][ T6001] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.691395][ T6001] usb 3-1: config 0 descriptor??
[  727.725897][ T6001] hub 3-1:0.0: USB hub found
[  727.805717][  T977] usb 1-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=2d.62
[  727.823498][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.844932][  T977] usb 1-1: config 0 descriptor??
[  727.856196][  T977] usb 1-1: selecting invalid altsetting 1
[  727.873048][  T977] flexcop_usb: set interface failed.
[  727.903927][  T977] b2c2_flexcop_usb 1-1:0.0: probe with driver b2c2_flexcop_usb failed with error -22
[  728.044275][ T6001] hub 3-1:0.0: 1 port detected
[  728.067141][  T977] usb 1-1: USB disconnect, device number 63
[  728.823616][ T6001] hub 3-1:0.0: activate --> -90
[  729.019275][T11933] usb 3-1-port1: config error
[  729.220374][T13453] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1789'.
[  729.252472][T13453] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1789'.
[  729.276022][T13453] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1789'.
[  729.312553][T13453] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1789'.
[  729.320900][T13512] lo speed is unknown, defaulting to 1000
[  729.358215][ T5984] usb 3-1: USB disconnect, device number 63
[  729.364722][T11933] usb 3-1-port1: attempt power cycle
[  730.375966][T13538] nbd: socks must be embedded in a SOCK_ITEM attr
[  730.399639][T13538] block nbd0: shutting down sockets
[  730.453903][ T6001] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  730.924019][ T6001] usb 9-1: Using ep0 maxpacket: 32
[  731.558065][ T6001] usb 9-1: config 1 interface 0 altsetting 129 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  732.125828][T13540] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  732.145947][ T6001] usb 9-1: config 1 interface 0 has no altsetting 0
[  732.205844][ T6001] usb 9-1: New USB device found, idVendor=0596, idProduct=0506, bcdDevice= 0.40
[  732.277441][ T6001] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.438427][ T6001] usb 9-1: Product: ಑锗Αᩝ측౶뛯锭묽姿顿☝쀭㊫㤑꿙톏臑怔힠司㚢㩩㱀迱㘍ơ铊㙒箥㒬ڍᡅᩗ츶谎ɨ࿗⛼紁䣋婲駨틿详ُ显ϫ瞧ᓏ䛩禡㛏첪蓻劚ᵍ㾆ꓤ힂駘칈ꅗ殞䞇魦⾳쵃㘶ꣾ鳌榜䄼ﷇ儁有ࢼ㵏욎
[  732.467178][ T6001] usb 9-1: Manufacturer: Я
[  732.471754][ T6001] usb 9-1: SerialNumber: ဇ
[  733.189411][T13554] IPVS: set_ctl: invalid protocol: 44 172.20.20.36:0
[  734.108873][T13568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1812'.
[  734.146289][T13556] ceph: No mds server is up or the cluster is laggy
[  734.183724][T13563] Can't find ip_set type hach:net,port
[  734.199841][ T6001] usbhid 9-1:1.0: can't add hid device: -71
[  734.217833][ T6001] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[  734.296584][ T6001] usb 9-1: USB disconnect, device number 9
[  734.545627][T13577] Cannot find del_set index 2 as target
[  734.844465][ T6001] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  734.954571][  T977] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  735.014519][ T6001] usb 2-1: Using ep0 maxpacket: 32
[  735.036762][ T6001] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  735.058780][ T6001] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  735.075736][ T6001] usb 2-1: config 1 has no interface number 1
[  735.082017][ T6001] usb 2-1: too many endpoints for config 1 interface 2 altsetting 3: 156, using maximum allowed: 30
[  735.093133][ T6001] usb 2-1: config 1 interface 2 altsetting 3 has 0 endpoint descriptors, different from the interface descriptor's value: 156
[  735.096230][  T977] usb 3-1: device descriptor read/64, error -71
[  735.149852][ T6001] usb 2-1: config 1 interface 2 has no altsetting 0
[  735.167156][T13596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.229221][ T6001] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  735.251069][ T6001] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.270501][ T6001] usb 2-1: Product: syz
[  735.275033][ T6001] usb 2-1: Manufacturer: syz
[  735.280697][ T6001] usb 2-1: SerialNumber: syz
[  735.333525][T13600] netlink: 'syz.0.1822': attribute type 39 has an invalid length.
[  735.581114][  T977] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  735.683668][ T5922] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  735.998915][  T977] usb 3-1: device descriptor read/64, error -71
[  736.014416][ T5922] usb 9-1: Using ep0 maxpacket: 16
[  736.054884][ T5922] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  736.083195][ T5922] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  736.086162][ T6001] usb 2-1: USB disconnect, device number 50
[  736.094265][ T5922] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  736.114854][  T977] usb usb3-port1: attempt power cycle
[  736.127857][ T5922] usb 9-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  736.174526][ T5922] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.196006][ T5922] usb 9-1: config 0 descriptor??
[  736.753056][  T977] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  736.875332][  T977] usb 3-1: device descriptor read/8, error -71
[  737.114594][  T977] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  739.835105][ T5922] usbhid 9-1:0.0: can't add hid device: -71
[  739.841819][  T977] usb 3-1: device descriptor read/8, error -71
[  739.882538][ T5922] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  739.935263][ T5922] usb 9-1: USB disconnect, device number 10
[  739.945470][T13615] netlink: 'syz.0.1826': attribute type 12 has an invalid length.
[  739.985606][  T977] usb usb3-port1: unable to enumerate USB device
[  740.038845][T13617] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  740.625459][T13628] usb usb1: check_ctrlrecip: process 13628 (syz.8.1830) requesting ep 01 but needs 81
[  741.231580][T13634] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  741.437215][T13637] netlink: 148 bytes leftover after parsing attributes in process `syz.8.1834'.
[  741.457306][T13637] netlink: 116 bytes leftover after parsing attributes in process `syz.8.1834'.
[  741.457645][T13638] netlink: 148 bytes leftover after parsing attributes in process `syz.8.1834'.
[  742.157020][T13641] nbd: socks must be embedded in a SOCK_ITEM attr
[  742.187743][T13641] block nbd0: shutting down sockets
[  744.111813][T13666] xt_CT: No such helper "syz0"
[  744.217187][T13674] netlink: 10 bytes leftover after parsing attributes in process `syz.8.1843'.
[  744.256574][T13674] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1843'.
[  744.281460][T13674] netlink: 'syz.8.1843': attribute type 4 has an invalid length.
[  744.292340][T13669] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1841'.
[  744.311716][T13674] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1843'.
[  744.627810][  T977] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  744.808604][  T977] usb 9-1: Using ep0 maxpacket: 8
[  744.819393][  T977] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[  744.837959][  T977] usb 9-1: config 0 interface 0 has no altsetting 0
[  744.872276][  T977] usb 9-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  745.973918][  T977] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.983672][  T977] usb 9-1: Product: syz
[  745.988190][  T977] usb 9-1: Manufacturer: syz
[  745.992823][  T977] usb 9-1: SerialNumber: syz
[  746.000232][  T977] usb 9-1: config 0 descriptor??
[  746.281380][  T977] snd_usb_toneport 9-1:0.0: Line 6 TonePort UX2 found
[  746.366020][T13691] nbd: socks must be embedded in a SOCK_ITEM attr
[  746.374904][T13691] block nbd0: shutting down sockets
[  747.194717][  T977] snd_usb_toneport 9-1:0.0: cannot get proper max packet size
[  747.216516][  T977] snd_usb_toneport 9-1:0.0: Line 6 TonePort UX2 now disconnected
[  747.229274][  T977] snd_usb_toneport 9-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  748.265444][  T977] usb 9-1: USB disconnect, device number 11
[  749.105904][T11933] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  749.220707][T13711] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  750.049756][T11933] usb 2-1: device descriptor read/64, error -71
[  750.112625][T13724] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  750.156504][ T5922] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  750.261811][T13729] FAULT_INJECTION: forcing a failure.
[  750.261811][T13729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  750.278347][T13729] CPU: 0 UID: 0 PID: 13729 Comm: syz.8.1860 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  750.278378][T13729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  750.278393][T13729] Call Trace:
[  750.278402][T13729]  <TASK>
[  750.278412][T13729]  dump_stack_lvl+0x189/0x250
[  750.278443][T13729]  ? __pfx____ratelimit+0x10/0x10
[  750.278466][T13729]  ? __pfx_dump_stack_lvl+0x10/0x10
[  750.278491][T13729]  ? __pfx__printk+0x10/0x10
[  750.278519][T13729]  ? __might_fault+0xb0/0x130
[  750.278553][T13729]  should_fail_ex+0x414/0x560
[  750.278582][T13729]  _copy_from_user+0x2d/0xb0
[  750.278612][T13729]  do_handle_open+0x4a0/0x850
[  750.278640][T13729]  ? __pfx_do_handle_open+0x10/0x10
[  750.278664][T13729]  ? ksys_write+0x22a/0x250
[  750.278694][T13729]  ? __pfx_ksys_write+0x10/0x10
[  750.278720][T13729]  ? do_syscall_64+0xbe/0x3b0
[  750.278749][T13729]  do_syscall_64+0xfa/0x3b0
[  750.278774][T13729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.278793][T13729]  ? asm_sysvec_call_function_single+0x1a/0x20
[  750.278814][T13729]  ? clear_bhb_loop+0x60/0xb0
[  750.278840][T13729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.278861][T13729] RIP: 0033:0x7f850eb8ebe9
[  750.278881][T13729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.278899][T13729] RSP: 002b:00007f850faa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  750.278921][T13729] RAX: ffffffffffffffda RBX: 00007f850edb6090 RCX: 00007f850eb8ebe9
[  750.278937][T13729] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  750.278951][T13729] RBP: 00007f850faa4090 R08: 0000000000000000 R09: 0000000000000000
[  750.278964][T13729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.278977][T13729] R13: 00007f850edb6128 R14: 00007f850edb6090 R15: 00007ffe461ef0e8
[  750.279011][T13729]  </TASK>
[  750.513858][T11933] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  750.587205][ T5922] usb 3-1: Using ep0 maxpacket: 32
[  750.675363][ T5922] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  750.717293][ T5922] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  750.726702][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  750.735397][ T5922] usb 3-1: Product: syz
[  750.745028][ T5922] usb 3-1: Manufacturer: syz
[  750.750590][ T5922] usb 3-1: SerialNumber: syz
[  750.757165][T11933] usb 2-1: device descriptor read/64, error -71
[  750.760499][ T5922] usb 3-1: config 0 descriptor??
[  750.807119][ T5922] usb 3-1: bad CDC descriptors
[  750.836576][ T5922] usb 3-1: unsupported MDLM descriptors
[  750.872221][T11933] usb usb2-port1: attempt power cycle
[  751.050105][ T5922] usb 3-1: USB disconnect, device number 72
[  751.119982][T13731] nbd: socks must be embedded in a SOCK_ITEM attr
[  751.136920][T13731] block nbd0: shutting down sockets
[  751.467091][T11933] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  751.499539][T11933] usb 2-1: device descriptor read/8, error -71
[  751.910513][T13743] netlink: 'syz.7.1864': attribute type 10 has an invalid length.
[  751.916446][T11933] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  752.906659][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  752.920524][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  753.004477][T11933] usb 2-1: device not accepting address 54, error -71
[  753.041698][T11933] usb usb2-port1: unable to enumerate USB device
[  753.786454][T11933] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  753.876400][T12417] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  754.022026][T11933] usb 3-1: Using ep0 maxpacket: 16
[  754.028915][T11933] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  754.028952][T11933] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  754.028985][T11933] usb 3-1: config 0 interface 0 has no altsetting 0
[  754.032399][T11933] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  754.032434][T11933] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.032459][T11933] usb 3-1: Product: syz
[  754.032478][T11933] usb 3-1: Manufacturer: syz
[  754.032495][T11933] usb 3-1: SerialNumber: syz
[  754.040296][T11933] usb 3-1: config 0 descriptor??
[  754.048719][T12417] usb 9-1: Using ep0 maxpacket: 32
[  754.051471][T12417] usb 9-1: unable to get BOS descriptor or descriptor too short
[  754.052700][T12417] usb 9-1: config 7 has an invalid interface number: 187 but max is 0
[  754.052731][T12417] usb 9-1: config 7 has no interface number 0
[  754.052777][T12417] usb 9-1: config 7 interface 187 altsetting 6 bulk endpoint 0x4 has invalid maxpacket 947
[  754.052807][T12417] usb 9-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 16
[  754.052835][T12417] usb 9-1: config 7 interface 187 has no altsetting 0
[  754.055084][T12417] usb 9-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  754.055117][T12417] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.055142][T12417] usb 9-1: Product: syz
[  754.055159][T12417] usb 9-1: Manufacturer: syz
[  754.055176][T12417] usb 9-1: SerialNumber: syz
[  754.069796][T13759] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  754.070135][T13759] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  754.219178][T13770] FAULT_INJECTION: forcing a failure.
[  754.219178][T13770] name failslab, interval 1, probability 0, space 0, times 0
[  754.219239][T13770] CPU: 0 UID: 0 PID: 13770 Comm: syz.7.1873 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  754.219267][T13770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  754.219286][T13770] Call Trace:
[  754.219294][T13770]  <TASK>
[  754.219304][T13770]  dump_stack_lvl+0x189/0x250
[  754.219334][T13770]  ? __pfx____ratelimit+0x10/0x10
[  754.219359][T13770]  ? __pfx_dump_stack_lvl+0x10/0x10
[  754.219382][T13770]  ? __pfx__printk+0x10/0x10
[  754.219417][T13770]  ? lock_acquire+0x175/0x360
[  754.219433][T13770]  ? __pfx___might_resched+0x10/0x10
[  754.219455][T13770]  should_fail_ex+0x414/0x560
[  754.219481][T13770]  should_failslab+0xa8/0x100
[  754.219508][T13770]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  754.219530][T13770]  ? alloc_inode+0xb8/0x1b0
[  754.219557][T13770]  alloc_inode+0xb8/0x1b0
[  754.219581][T13770]  iget_locked+0xf0/0x570
[  754.219604][T13770]  kernfs_get_inode+0x4f/0x780
[  754.219622][T13770]  ? kernfs_find_and_get_node_by_id+0x2d3/0x340
[  754.219656][T13770]  kernfs_fh_to_dentry+0x115/0x190
[  754.219685][T13770]  exportfs_decode_fh_raw+0x17a/0x740
[  754.219721][T13770]  ? __pfx_vfs_dentry_acceptable+0x10/0x10
[  754.219747][T13770]  ? __pfx_exportfs_decode_fh_raw+0x10/0x10
[  754.219817][T13770]  do_handle_to_path+0xa4/0x1a0
[  754.219846][T13770]  do_handle_open+0x6ab/0x850
[  754.219875][T13770]  ? __pfx_do_handle_open+0x10/0x10
[  754.219898][T13770]  ? ksys_write+0x22a/0x250
[  754.219914][T13770]  ? __pfx_ksys_write+0x10/0x10
[  754.219927][T13770]  ? rcu_is_watching+0x15/0xb0
[  754.219957][T13770]  ? do_syscall_64+0xbe/0x3b0
[  754.219986][T13770]  do_syscall_64+0xfa/0x3b0
[  754.220011][T13770]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.220030][T13770]  ? asm_sysvec_call_function_single+0x1a/0x20
[  754.220051][T13770]  ? clear_bhb_loop+0x60/0xb0
[  754.220069][T13770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.220084][T13770] RIP: 0033:0x7f219758ebe9
[  754.220103][T13770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.220122][T13770] RSP: 002b:00007f21984b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  754.220146][T13770] RAX: ffffffffffffffda RBX: 00007f21977b6090 RCX: 00007f219758ebe9
[  754.220161][T13770] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  754.220175][T13770] RBP: 00007f21984b6090 R08: 0000000000000000 R09: 0000000000000000
[  754.220187][T13770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  754.220201][T13770] R13: 00007f21977b6128 R14: 00007f21977b6090 R15: 00007ffe013fb558
[  754.220225][T13770]  </TASK>
[  754.420889][T12417] usb 9-1: Cannot retrieve CPort count: -71
[  754.429149][T12417] usb 9-1: Cannot retrieve CPort count: -71
[  754.429448][T12417] es2_ap_driver 9-1:7.187: probe with driver es2_ap_driver failed with error -71
[  754.735604][T12417] usb 9-1: USB disconnect, device number 12
[  754.799051][T11933] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input31
[  755.037216][T13773] nbd: socks must be embedded in a SOCK_ITEM attr
[  755.397466][T13773] block nbd0: shutting down sockets
[  757.196059][ T5922] usb 3-1: USB disconnect, device number 73
[  757.853569][T13789] 9pnet_fd: Insufficient options for proto=fd
[  758.109365][T13795] program syz.1.1880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  758.700452][T13799] 9pnet_fd: Insufficient options for proto=fd
[  758.964845][T13805] FAULT_INJECTION: forcing a failure.
[  758.964845][T13805] name failslab, interval 1, probability 0, space 0, times 0
[  758.977871][T13805] CPU: 0 UID: 0 PID: 13805 Comm: syz.0.1884 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  758.977901][T13805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  758.977916][T13805] Call Trace:
[  758.977925][T13805]  <TASK>
[  758.977932][T13805]  dump_stack_lvl+0x189/0x250
[  758.977954][T13805]  ? __pfx____ratelimit+0x10/0x10
[  758.977971][T13805]  ? __pfx_dump_stack_lvl+0x10/0x10
[  758.977989][T13805]  ? __pfx__printk+0x10/0x10
[  758.978011][T13805]  ? __pfx___might_resched+0x10/0x10
[  758.978029][T13805]  ? fs_reclaim_acquire+0x7d/0x100
[  758.978053][T13805]  should_fail_ex+0x414/0x560
[  758.978073][T13805]  should_failslab+0xa8/0x100
[  758.978092][T13805]  kmem_cache_alloc_noprof+0x73/0x3c0
[  758.978107][T13805]  ? security_inode_alloc+0x39/0x330
[  758.978134][T13805]  security_inode_alloc+0x39/0x330
[  758.978159][T13805]  inode_init_always_gfp+0x9ed/0xdc0
[  758.978182][T13805]  alloc_inode+0x82/0x1b0
[  758.978199][T13805]  iget_locked+0xf0/0x570
[  758.978222][T13805]  kernfs_get_inode+0x4f/0x780
[  758.978240][T13805]  ? kernfs_find_and_get_node_by_id+0x2d3/0x340
[  758.978264][T13805]  kernfs_fh_to_dentry+0x115/0x190
[  758.978284][T13805]  exportfs_decode_fh_raw+0x17a/0x740
[  758.978311][T13805]  ? __pfx_vfs_dentry_acceptable+0x10/0x10
[  758.978332][T13805]  ? __pfx_exportfs_decode_fh_raw+0x10/0x10
[  758.978389][T13805]  do_handle_to_path+0xa4/0x1a0
[  758.978409][T13805]  do_handle_open+0x6ab/0x850
[  758.978431][T13805]  ? __pfx_do_handle_open+0x10/0x10
[  758.978448][T13805]  ? ksys_write+0x22a/0x250
[  758.978464][T13805]  ? __pfx_ksys_write+0x10/0x10
[  758.978482][T13805]  ? do_syscall_64+0xbe/0x3b0
[  758.978503][T13805]  do_syscall_64+0xfa/0x3b0
[  758.978521][T13805]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.978544][T13805]  ? asm_sysvec_call_function_single+0x1a/0x20
[  758.978574][T13805]  ? clear_bhb_loop+0x60/0xb0
[  758.978599][T13805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.978619][T13805] RIP: 0033:0x7f425658ebe9
[  758.978638][T13805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  758.978657][T13805] RSP: 002b:00007f42547d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  758.978679][T13805] RAX: ffffffffffffffda RBX: 00007f42567b6090 RCX: 00007f425658ebe9
[  758.978694][T13805] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  758.978707][T13805] RBP: 00007f42547d5090 R08: 0000000000000000 R09: 0000000000000000
[  758.978720][T13805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  758.978732][T13805] R13: 00007f42567b6128 R14: 00007f42567b6090 R15: 00007fffaed075b8
[  758.978766][T13805]  </TASK>
[  759.247336][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.717333][ T5922] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  759.889123][ T5922] usb 2-1: config 0 has an invalid interface number: 5 but max is 0
[  759.897415][ T5922] usb 2-1: config 0 has no interface number 0
[  759.915122][ T5922] usb 2-1: too many endpoints for config 0 interface 5 altsetting 19: 186, using maximum allowed: 30
[  759.926553][T13814] nbd: socks must be embedded in a SOCK_ITEM attr
[  759.936893][T13814] block nbd0: shutting down sockets
[  759.944302][ T5922] usb 2-1: config 0 interface 5 altsetting 19 has 0 endpoint descriptors, different from the interface descriptor's value: 186
[  759.990567][ T5922] usb 2-1: config 0 interface 5 has no altsetting 0
[  760.040942][ T5922] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  760.081342][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.110443][    T9] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  760.174257][ T5922] usb 2-1: config 0 descriptor??
[  760.372703][    T9] usb 3-1: Using ep0 maxpacket: 16
[  760.452570][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  760.723619][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  760.736424][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  760.749650][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  761.085135][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.175761][    T9] usb 3-1: config 0 descriptor??
[  762.597986][    T9] HID 045e:07da: Invalid code 65791 type 1
[  762.714997][   T31] INFO: task syz.5.1387:11785 blocked for more than 143 seconds.
[  762.757648][   T31]       Not tainted 6.16.0-syzkaller #0
[  762.776322][ T5922] usb 2-1: string descriptor 0 read error: -71
[  762.794950][T13810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  762.806962][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0018/input/input32
[  762.807379][   T31]       Blocked by coredump.
[  762.845521][T13810] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  762.862652][T13829] netlink: zone id is out of range
[  762.866654][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  762.898864][ T5922] usb 2-1: Cannot read MAC address
[  762.906982][T13829] netlink: del zone limit has 4 unknown bytes
[  762.916506][ T5922] MOSCHIP usb-ethernet driver 2-1:0.5: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  762.919775][   T31] task:syz.5.1387      state:D
[  762.942435][    T9] microsoft 0003:045E:07DA.0018: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  762.945964][   T31]  stack:26024 pid:11785 tgid:11784 ppid:8604   task_flags:0x40054c flags:0x00004002
[  763.122126][T13832] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1891'.
[  763.167382][   T31] Call Trace:
[  763.171144][   T31]  <TASK>
[  763.171600][    T9] usb 3-1: USB disconnect, device number 74
[  763.174136][   T31]  __schedule+0x16aa/0x4c90
[  763.174189][   T31]  ? schedule+0x165/0x360
[  763.182079][ T5922] usb 2-1: USB disconnect, device number 55
[  763.219265][   T31]  ? __pfx___schedule+0x10/0x10
[  763.230172][   T31]  ? schedule+0x91/0x360
[  763.245618][   T31]  schedule+0x165/0x360
[  763.288017][   T31]  schedule_preempt_disabled+0x13/0x30
[  763.300182][   T31]  __mutex_lock+0x724/0xe80
[  763.319731][   T31]  ? __mutex_lock+0x51b/0xe80
[  763.331979][   T31]  ? nfsd_shutdown_threads+0x4e/0xd0
[  763.347501][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  763.354672][   T31]  ? net_generic+0x1e/0x240
[  763.359658][   T31]  ? net_generic+0x1e/0x240
[  763.364535][   T31]  nfsd_shutdown_threads+0x4e/0xd0
[  763.369956][   T31]  nfsd_umount+0x42/0xd0
[  763.374356][   T31]  deactivate_locked_super+0xbc/0x130
[  763.380470][   T31]  put_fs_context+0x93/0x790
[  763.386199][   T31]  ? __pfx_fscontext_release+0x10/0x10
[  763.392055][   T31]  fscontext_release+0x62/0x80
[  763.397863][   T31]  __fput+0x449/0xa70
[  763.402427][   T31]  task_work_run+0x1d1/0x260
[  763.407546][   T31]  ? __pfx_task_work_run+0x10/0x10
[  763.413279][   T31]  do_exit+0x6b5/0x22e0
[  763.420905][   T31]  ? do_raw_spin_lock+0x121/0x290
[  763.427038][   T31]  ? __pfx_do_exit+0x10/0x10
[  763.432098][   T31]  do_group_exit+0x21c/0x2d0
[  763.437479][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  763.443292][   T31]  get_signal+0x125e/0x1310
[  763.449155][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  763.548781][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  763.555515][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  763.561434][   T31]  exit_to_user_mode_loop+0x75/0x110
[  763.566870][   T31]  do_syscall_64+0x2bd/0x3b0
[  763.571788][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  763.577126][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.583408][   T31]  ? clear_bhb_loop+0x60/0xb0
[  763.589957][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.596300][   T31] RIP: 0033:0x7f344e18ebe9
[  763.602881][   T31] RSP: 002b:00007f344f003038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  763.611825][   T31] RAX: 0000000000010106 RBX: 00007f344e3b5fa0 RCX: 00007f344e18ebe9
[  763.628793][   T31] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000006
[  763.641846][   T31] RBP: 00007f344e211e19 R08: 0000000000000000 R09: 0000000000000000
[  763.674604][   T31] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  763.699613][   T31] R13: 00007f344e3b6038 R14: 00007f344e3b5fa0 R15: 00007ffc40460ec8
[  763.713918][   T31]  </TASK>
[  763.721998][   T31] INFO: task syz.6.1412:11891 blocked for more than 144 seconds.
[  763.732837][   T31]       Not tainted 6.16.0-syzkaller #0
[  763.747445][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  763.760979][   T31] task:syz.6.1412      state:D stack:25704 pid:11891 tgid:11887 ppid:10190  task_flags:0x400140 flags:0x00004004
[  763.774102][   T31] Call Trace:
[  763.777497][   T31]  <TASK>
[  763.783316][   T31]  __schedule+0x16aa/0x4c90
[  763.789053][   T31]  ? schedule+0x165/0x360
[  763.795804][   T31]  ? __pfx___schedule+0x10/0x10
[  763.803998][   T31]  ? schedule+0x91/0x360
[  763.810064][   T31]  schedule+0x165/0x360
[  763.817374][   T31]  schedule_preempt_disabled+0x13/0x30
[  763.822921][   T31]  __mutex_lock+0x724/0xe80
[  763.828745][   T31]  ? __mutex_lock+0x51b/0xe80
[  763.834942][   T31]  ? nfsd_nl_listener_set_doit+0x12a/0x1650
[  763.843561][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  763.848909][   T31]  ? __asan_memset+0x22/0x50
[  763.854466][   T31]  ? ____sys_sendmsg+0x505/0x830
[  763.861150][   T31]  ? ___sys_sendmsg+0x21f/0x2a0
[  763.867471][   T31]  ? __x64_sys_sendmsg+0x19b/0x260
[  763.877147][   T31]  nfsd_nl_listener_set_doit+0x12a/0x1650
[  763.883732][   T31]  ? __pfx___nla_validate_parse+0x10/0x10
[  763.890902][   T31]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  763.900053][   T31]  ? __nla_parse+0x40/0x60
[  763.905527][   T31]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  763.912186][   T31]  genl_family_rcv_msg_doit+0x215/0x300
[  763.918266][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  763.925472][   T31]  ? bpf_lsm_capable+0x9/0x20
[  763.931485][   T31]  ? security_capable+0x7e/0x2e0
[  763.937203][   T31]  genl_rcv_msg+0x60e/0x790
[  763.944792][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  763.950871][   T31]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  763.959913][   T31]  netlink_rcv_skb+0x205/0x470
[  763.965288][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  763.970867][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  763.977439][   T31]  ? down_read+0x1ad/0x2e0
[  763.985893][   T31]  genl_rcv+0x28/0x40
[  763.994825][   T31]  netlink_unicast+0x75c/0x8e0
[  764.001846][   T31]  netlink_sendmsg+0x805/0xb30
[  764.011492][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  764.017118][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  764.024375][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  764.033216][   T31]  __sock_sendmsg+0x21c/0x270
[  764.041184][   T31]  ____sys_sendmsg+0x505/0x830
[  764.046118][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  764.057899][   T31]  ? import_iovec+0x74/0xa0
[  764.062711][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  764.070367][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  764.078045][   T31]  ? __fget_files+0x2a/0x420
[  764.082942][   T31]  ? __fget_files+0x3a0/0x420
[  764.089502][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  764.094796][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  764.101750][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[  764.107273][   T31]  ? do_syscall_64+0xbe/0x3b0
[  764.112874][   T31]  do_syscall_64+0xfa/0x3b0
[  764.119543][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  764.125131][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.131698][   T31]  ? clear_bhb_loop+0x60/0xb0
[  764.136735][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.142807][   T31] RIP: 0033:0x7fee8ad8ebe9
[  764.147580][   T31] RSP: 002b:00007fee8bbb1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  764.156299][   T31] RAX: ffffffffffffffda RBX: 00007fee8afb6180 RCX: 00007fee8ad8ebe9
[  764.164662][   T31] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000004
[  764.173006][   T31] RBP: 00007fee8ae11e19 R08: 0000000000000000 R09: 0000000000000000
[  764.181356][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  764.189643][   T31] R13: 00007fee8afb6218 R14: 00007fee8afb6180 R15: 00007fff8b9df9c8
[  764.199246][   T31]  </TASK>
[  764.211128][   T31] 
[  764.211128][   T31] Showing all locks held in the system:
[  764.224804][   T31] 3 locks held by kworker/0:0/9:
[  764.327660][   T31]  #0: ffff8880212a5148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  764.343591][   T31]  #1: ffffc900000e7bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  764.355947][   T31]  #2: ffff8880281ad198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[  764.369908][   T31] 1 lock held by khungtaskd/31:
[  764.374972][   T31]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  764.387095][   T31] 2 locks held by getty/5596:
[  764.394715][   T31]  #0: ffff888034f7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  764.410582][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  764.433795][   T31] 2 locks held by syz.4.940/10026:
[  764.441792][   T31]  #0: ffffffff8f5701f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  764.454283][   T31]  #1: ffffffff8e41a568 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x12a/0x1650
[  764.465646][   T31] 2 locks held by syz.5.1387/11785:
[  764.474570][   T31]  #0: ffff8880558ca0e0 (&type->s_umount_key#92){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[  764.485785][   T31]  #1: ffffffff8e41a568 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x4e/0xd0
[  764.500024][   T31] 2 locks held by syz.6.1412/11891:
[  764.505395][   T31]  #0: ffffffff8f5701f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  764.515186][   T31]  #1: ffffffff8e41a568 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x12a/0x1650
[  764.526287][   T31] 5 locks held by kworker/u8:31/13501:
[  764.532804][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  764.545164][   T31]  #1: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x19c/0x4a0
[  764.555957][   T31]  #2: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  764.566529][   T31]  #3: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_change+0xe5/0x250
[  764.578947][   T31]  #4: ffff88813fffc3d8 (&____s->seqcount){.-.-}-{0:0}, at: crng_make_state+0x13a/0x700
[  764.594413][   T31] 2 locks held by kworker/u8:37/13508:
[  764.604083][   T31]  #0: ffff888146ea8148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  764.616840][   T31]  #1: ffffc90016e4fbc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  764.630207][   T31] 4 locks held by kworker/u8:38/13509:
[  764.635857][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  764.646081][   T31]  #1: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x19c/0x4a0
[  764.655890][   T31]  #2: ffffffff99ca90f0 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0xbb/0x420
[  764.666422][   T31]  #3: ffffffff99cb4c88 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0xbb/0x420
[  764.677248][   T31] 2 locks held by dhcpcd/13828:
[  764.682287][   T31]  #0: ffff88806bfb2008 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  764.692863][   T31]  #1: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  764.704463][   T31] 
[  764.706834][   T31] =============================================
[  764.706834][   T31] 
[  764.718829][   T31] NMI backtrace for cpu 0
[  764.718852][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  764.718877][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  764.718890][   T31] Call Trace:
[  764.718898][   T31]  <TASK>
[  764.718907][   T31]  dump_stack_lvl+0x189/0x250
[  764.718935][   T31]  ? __wake_up_klogd+0xd9/0x110
[  764.718968][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  764.718992][   T31]  ? __pfx__printk+0x10/0x10
[  764.719035][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  764.719071][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  764.719100][   T31]  ? _printk+0xcf/0x120
[  764.719133][   T31]  ? __pfx__printk+0x10/0x10
[  764.719169][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  764.719205][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  764.719241][   T31]  watchdog+0xfee/0x1030
[  764.719276][   T31]  ? watchdog+0x1de/0x1030
[  764.719317][   T31]  kthread+0x70e/0x8a0
[  764.719349][   T31]  ? __pfx_watchdog+0x10/0x10
[  764.719379][   T31]  ? __pfx_kthread+0x10/0x10
[  764.719411][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  764.719431][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  764.719451][   T31]  ? __pfx_kthread+0x10/0x10
[  764.719481][   T31]  ret_from_fork+0x3fc/0x770
[  764.719506][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  764.719534][   T31]  ? __switch_to_asm+0x39/0x70
[  764.719559][   T31]  ? __switch_to_asm+0x33/0x70
[  764.719585][   T31]  ? __pfx_kthread+0x10/0x10
[  764.719614][   T31]  ret_from_fork_asm+0x1a/0x30
[  764.719659][   T31]  </TASK>
[  764.719667][   T31] Sending NMI from CPU 0 to CPUs 1:
[  764.877184][    C1] NMI backtrace for cpu 1
[  764.877202][    C1] CPU: 1 UID: 0 PID: 13502 Comm: kworker/u8:32 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  764.877224][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  764.877237][    C1] Workqueue: writeback wb_workfn (flush-8:0)
[  764.877270][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70
[  764.877298][    C1] Code: 8b 3d 74 6e fa 0b 48 89 de 5b e9 33 20 55 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 90 9c 92 65 8b 15 58 6a dc 10 81 e2 00 01 ff 00
[  764.877319][    C1] RSP: 0018:ffffc90019fde1d8 EFLAGS: 00000206
[  764.877335][    C1] RAX: ffffffff820c6232 RBX: 000000110c304000 RCX: ffff88802f6b5a00
[  764.877350][    C1] RDX: 0000000000000000 RSI: 000000110c304000 RDI: 0000008000000000
[  764.877363][    C1] RBP: ffffc90019fde390 R08: 0000000000000000 R09: ffffffff820d7c00
[  764.877384][    C1] R10: ffffc90019fde568 R11: fffff520033fbcb0 R12: ffffc90019fde578
[  764.877398][    C1] R13: dffffc0000000000 R14: ffffc90019fde560 R15: 0000008000000000
[  764.877412][    C1] FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
[  764.877427][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  764.877440][    C1] CR2: 00005607fd812660 CR3: 0000000075b84000 CR4: 00000000003526f0
[  764.877456][    C1] DR0: 000000000000004b DR1: 0000000000000000 DR2: 0000000000000000
[  764.877467][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  764.877479][    C1] Call Trace:
[  764.877485][    C1]  <TASK>
[  764.877492][    C1]  page_vma_mapped_walk+0x1752/0x2090
[  764.877538][    C1]  ? __pfx_page_vma_mapped_walk+0x10/0x10
[  764.877569][    C1]  ? page_vma_mkclean_one+0x2a0/0x740
[  764.877594][    C1]  page_vma_mkclean_one+0x328/0x740
[  764.877615][    C1]  ? bio_alloc_bioset+0x3b4/0x1110
[  764.877643][    C1]  ? ext4_bio_write_folio+0x10d9/0x1f20
[  764.877671][    C1]  ? mpage_submit_folio+0x27d/0x3f0
[  764.877697][    C1]  ? __pfx_page_vma_mkclean_one+0x10/0x10
[  764.877729][    C1]  page_mkclean_one+0x1c0/0x280
[  764.877752][    C1]  ? __pfx_page_mkclean_one+0x10/0x10
[  764.877778][    C1]  ? __pfx_down_read_trylock+0x10/0x10
[  764.877812][    C1]  ? vma_interval_tree_iter_next+0x2e0/0x300
[  764.877837][    C1]  ? __pfx_page_mkclean_one+0x10/0x10
[  764.877858][    C1]  __rmap_walk_file+0x464/0x620
[  764.877886][    C1]  folio_mkclean+0x297/0x390
[  764.877908][    C1]  ? __pfx_folio_mkclean+0x10/0x10
[  764.877930][    C1]  ? __pfx_page_mkclean_one+0x10/0x10
[  764.877951][    C1]  ? __pfx_invalid_mkclean_vma+0x10/0x10
[  764.877975][    C1]  ? folio_mapping+0x16f/0x240
[  764.878002][    C1]  folio_clear_dirty_for_io+0x1fa/0x8c0
[  764.878030][    C1]  ? __pfx_folio_clear_dirty_for_io+0x10/0x10
[  764.878070][    C1]  mpage_submit_folio+0x84/0x3f0
[  764.878090][    C1]  ? __pfx___might_resched+0x10/0x10
[  764.878109][    C1]  ? folio_unlock+0x101/0x160
[  764.878136][    C1]  mpage_process_page_bufs+0x6d1/0xa00
[  764.878164][    C1]  mpage_prepare_extent_to_map+0xe49/0x1760
[  764.878198][    C1]  ? __pfx_mpage_prepare_extent_to_map+0x10/0x10
[  764.878235][    C1]  ? rcu_is_watching+0x15/0xb0
[  764.878256][    C1]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  764.878272][    C1]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  764.878288][    C1]  ? ext4_init_io_end+0x29/0x130
[  764.878320][    C1]  ext4_do_writepages+0xbf3/0x3f30
[  764.878385][    C1]  ? __pfx_ext4_do_writepages+0x10/0x10
[  764.878410][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  764.878430][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  764.878450][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  764.878468][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  764.878492][    C1]  ? __lock_acquire+0xab9/0xd20
[  764.878516][    C1]  ? rcu_read_lock_any_held+0xb3/0x120
[  764.878547][    C1]  ext4_writepages+0x205/0x350
[  764.878570][    C1]  ? __pfx_ext4_writepages+0x10/0x10
[  764.878598][    C1]  ? __lock_acquire+0xab9/0xd20
[  764.878617][    C1]  ? __pfx_ext4_writepages+0x10/0x10
[  764.878638][    C1]  do_writepages+0x32b/0x550
[  764.878686][    C1]  ? reacquire_held_locks+0x127/0x1d0
[  764.878707][    C1]  ? writeback_sb_inodes+0x372/0x1000
[  764.878740][    C1]  __writeback_single_inode+0x145/0xff0
[  764.878767][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  764.878794][    C1]  writeback_sb_inodes+0x6b5/0x1000
[  764.878837][    C1]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  764.878889][    C1]  ? __pfx_move_expired_inodes+0x10/0x10
[  764.878922][    C1]  __writeback_inodes_wb+0x111/0x240
[  764.878960][    C1]  wb_writeback+0x44f/0xaf0
[  764.879005][    C1]  ? queue_io+0x3d1/0x590
[  764.879039][    C1]  ? __pfx_wb_writeback+0x10/0x10
[  764.879076][    C1]  wb_workfn+0xaef/0xef0
[  764.879107][    C1]  ? __pfx_wb_workfn+0x10/0x10
[  764.879133][    C1]  ? __lock_acquire+0xab9/0xd20
[  764.879156][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  764.879179][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  764.879195][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  764.879214][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  764.879234][    C1]  process_scheduled_works+0xade/0x17b0
[  764.879269][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  764.879298][    C1]  worker_thread+0x8a0/0xda0
[  764.879333][    C1]  kthread+0x70e/0x8a0
[  764.879358][    C1]  ? __pfx_worker_thread+0x10/0x10
[  764.879383][    C1]  ? __pfx_kthread+0x10/0x10
[  764.879407][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  764.879423][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  764.879440][    C1]  ? __pfx_kthread+0x10/0x10
[  764.879464][    C1]  ret_from_fork+0x3fc/0x770
[  764.879483][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  764.879503][    C1]  ? __switch_to_asm+0x39/0x70
[  764.879525][    C1]  ? __switch_to_asm+0x33/0x70
[  764.879546][    C1]  ? __pfx_kthread+0x10/0x10
[  764.879570][    C1]  ret_from_fork_asm+0x1a/0x30
[  764.879602][    C1]  </TASK>
[  764.882367][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  764.882398][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  764.882427][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  764.882444][   T31] Call Trace:
[  764.882454][   T31]  <TASK>
[  764.882465][   T31]  dump_stack_lvl+0x99/0x250
[  764.882500][   T31]  ? __asan_memcpy+0x40/0x70
[  764.882538][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  764.882568][   T31]  ? __pfx__printk+0x10/0x10
[  764.882619][   T31]  panic+0x2db/0x790
[  764.882653][   T31]  ? __pfx_panic+0x10/0x10
[  764.882678][   T31]  ? __pfx_delay_tsc+0x10/0x10
[  764.882711][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  764.882746][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  764.882785][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  764.882832][   T31]  watchdog+0x102d/0x1030
[  764.882871][   T31]  ? watchdog+0x1de/0x1030
[  764.882918][   T31]  kthread+0x70e/0x8a0
[  764.882956][   T31]  ? __pfx_watchdog+0x10/0x10
[  764.882992][   T31]  ? __pfx_kthread+0x10/0x10
[  764.883027][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  764.883052][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  764.883075][   T31]  ? __pfx_kthread+0x10/0x10
[  764.883110][   T31]  ret_from_fork+0x3fc/0x770
[  764.883145][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  764.883178][   T31]  ? __switch_to_asm+0x39/0x70
[  764.883208][   T31]  ? __switch_to_asm+0x33/0x70
[  764.883236][   T31]  ? __pfx_kthread+0x10/0x10
[  764.883271][   T31]  ret_from_fork_asm+0x1a/0x30
[  764.883320][   T31]  </TASK>
[  765.579913][   T31] Kernel Offset: disabled
[  765.584247][   T31] Rebooting in 86400 seconds..