last executing test programs:

29m2.69363933s ago: executing program 32 (id=544):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88203, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x2ce, 0x0, 0x4ac00000, 0x2}}, 0x101301)
r5 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="a50ed9bfa23aaaaaaaaaaa00000d010000a016000000f8b50d307d74af37e4da9707f653e812f340ace5733a33dc6af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f1b99cbaaf8b332233f"], 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x40, 0x0, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x40}}, 0x0)
r7 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r7, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0c00018006000600800a0000101002800c00198008008600000000000000", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000ff0f00000400000000000000000000000900000008000000000000000000000000000000000000000000000000000000118502681e4909dc53c9158b0e465342f3dbf15c627d104b1a01f08b7acc1619dd150a6e1800d173119b1167d8c1886e8b50ad604fd0bedbad1d00d5f07b6627a7b419beca466ec59bde25913f4095baa6f9c64a972708c6091d985bfdcc0f1456bcb0161bdb8067a23a4d249f6002fd5aa51c2ec46cc80e7cabc301cd3f8e5888d5a12cb73d0ba0160dc17fc341ad9c808da6565836091012893f4da822ffbd988a342a6756fbcac62ac73cb4d0f7c34da0d01620f1e5ae6f30389bd61120fdb6bf1b067076a93c1c062fa29148dbf2dc4b"])

28m40.242575641s ago: executing program 33 (id=604):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88203, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x2ce, 0x0, 0x4ac00000, 0x2}}, 0x101301)
r5 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="a50ed9bfa23aaaaaaaaaaa00000d010000a016000000f8b50d307d74af37e4da9707f653e812f340ace5733a33dc6af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f1b99cbaaf8b332233f"], 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r6)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x40, r7, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x40}}, 0x0)
r8 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0c00018006000600800a0000101002800c00198008008600000000000000", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000ff0f00000400000000000000000000000900000008000000000000000000000000000000000000000000000000000000118502681e4909dc53c9158b0e465342f3dbf15c627d104b1a01f08b7acc1619dd150a6e1800d173119b1167d8c1886e8b50ad604fd0bedbad1d00d5f07b6627a7b419beca466ec59bde25913f4095baa6f9c64a972708c6091d985bfdcc0f1456bcb0161bdb8067a23a4d249f6002fd5aa51c2ec46cc80e7cabc301cd3f8e5888d5a12cb73d0ba0160dc17fc341ad9c808da6565836091012893f4da822ffbd988a342a6756fbcac62ac73cb4d0f7c34da0d01620f1e5ae6f30389bd61120fdb6bf1b067076a93c1c062fa29148dbf2dc4b"])

28m17.633799193s ago: executing program 34 (id=662):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88203, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x2ce, 0x0, 0x4ac00000, 0x2}}, 0x101301)
r5 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="a50ed9bfa23aaaaaaaaaaa00000d010000a016000000f8b50d307d74af37e4da9707f653e812f340ace5733a33dc6af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f1b99cbaaf8b332233f"], 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r6)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x40, r7, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x40}}, 0x0)
r8 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0c00018006000600800a0000101002800c00198008008600000000000000", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000ff0f00000400000000000000000000000900000008000000000000000000000000000000000000000000000000000000118502681e4909dc53c9158b0e465342f3dbf15c627d104b1a01f08b7acc1619dd150a6e1800d173119b1167d8c1886e8b50ad604fd0bedbad1d00d5f07b6627a7b419beca466ec59bde25913f4095baa6f9c64a972708c6091d985bfdcc0f1456bcb0161bdb8067a23a4d249f6002fd5aa51c2ec46cc80e7cabc301cd3f8e5888d5a12cb73d0ba0160dc17fc341ad9c808da6565836091012893f4da822ffbd988a342a6756fbcac62ac73cb4d0f7c34da0d01620f1e5ae6f30389bd61120fdb6bf1b067076a93c1c062fa29148dbf2dc4b"])

28m16.097189565s ago: executing program 35 (id=665):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88203, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x2ce, 0x0, 0x4ac00000, 0x2}}, 0x101301)
r5 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="a50ed9bfa23aaaaaaaaaaa00000d010000a016000000f8b50d307d74af37e4da9707f653e812f340ace5733a33dc6af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f1b99cbaaf8b332233f"], 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r6)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x40, r7, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x40}}, 0x0)
r8 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0c00018006000600800a0000101002800c00198008008600000000000000", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000ff0f00000400000000000000000000000900000008000000000000000000000000000000000000000000000000000000118502681e4909dc53c9158b0e465342f3dbf15c627d104b1a01f08b7acc1619dd150a6e1800d173119b1167d8c1886e8b50ad604fd0bedbad1d00d5f07b6627a7b419beca466ec59bde25913f4095baa6f9c64a972708c6091d985bfdcc0f1456bcb0161bdb8067a23a4d249f6002fd5aa51c2ec46cc80e7cabc301cd3f8e5888d5a12cb73d0ba0160dc17fc341ad9c808da6565836091012893f4da822ffbd988a342a6756fbcac62ac73cb4d0f7c34da0d01620f1e5ae6f30389bd61120fdb6bf1b067076a93c1c062fa29148dbf2dc4b"])

27m44.191882332s ago: executing program 36 (id=737):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88203, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x2ce, 0x0, 0x4ac00000, 0x2}}, 0x101301)
r5 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="a50ed9bfa23aaaaaaaaaaa00000d010000a016000000f8b50d307d74af37e4da9707f653e812f340ace5733a33dc6af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f1b99cbaaf8b332233f"], 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r6)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x40, r7, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x40}}, 0x0)
r8 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0c00018006000600800a0000101002800c00198008008600000000000000", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000ff0f00000400000000000000000000000900000008000000000000000000000000000000000000000000000000000000118502681e4909dc53c9158b0e465342f3dbf15c627d104b1a01f08b7acc1619dd150a6e1800d173119b1167d8c1886e8b50ad604fd0bedbad1d00d5f07b6627a7b419beca466ec59bde25913f4095baa6f9c64a972708c6091d985bfdcc0f1456bcb0161bdb8067a23a4d249f6002fd5aa51c2ec46cc80e7cabc301cd3f8e5888d5a12cb73d0ba0160dc17fc341ad9c808da6565836091012893f4da822ffbd988a342a6756fbcac62ac73cb4d0f7c34da0d01620f1e5ae6f30389bd61120fdb6bf1b067076a93c1c062fa29148dbf2dc4b"])

27m29.592438683s ago: executing program 37 (id=786):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88203, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x2ce, 0x0, 0x4ac00000, 0x2}}, 0x101301)
r5 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="a50ed9bfa23aaaaaaaaaaa00000d010000a016000000f8b50d307d74af37e4da9707f653e812f340ace5733a33dc6af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f1b99cbaaf8b332233f"], 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r6)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x40, r7, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x40}}, 0x0)
r8 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0c00018006000600800a0000101002800c00198008008600000000000000", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000ff0f00000400000000000000000000000900000008000000000000000000000000000000000000000000000000000000118502681e4909dc53c9158b0e465342f3dbf15c627d104b1a01f08b7acc1619dd150a6e1800d173119b1167d8c1886e8b50ad604fd0bedbad1d00d5f07b6627a7b419beca466ec59bde25913f4095baa6f9c64a972708c6091d985bfdcc0f1456bcb0161bdb8067a23a4d249f6002fd5aa51c2ec46cc80e7cabc301cd3f8e5888d5a12cb73d0ba0160dc17fc341ad9c808da6565836091012893f4da822ffbd988a342a6756fbcac62ac73cb4d0f7c34da0d01620f1e5ae6f30389bd61120fdb6bf1b067076a93c1c062fa29148dbf2dc4b"])

24m22.362462798s ago: executing program 38 (id=1389):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2f}, @NFTA_SET_EXPRESSIONS={0x2c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x106}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb8}}, 0x20050800)

24m21.750545111s ago: executing program 39 (id=1402):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x380001a, 0x11, r2, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x40000000000, 0x1000000, 0x68ff, 0x5, 0x6, 0x3], 0xeeee8000, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

23m41.646873369s ago: executing program 2 (id=1947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a000000040000000600000003"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x101}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff52, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

23m41.516559025s ago: executing program 2 (id=1951):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="e5db9638edbc"})
write$cgroup_devices(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1e03d3ffdd5c9801288563a20dad501406"], 0xffdd)

23m36.718961724s ago: executing program 2 (id=1988):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x1a9041, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

23m35.778119458s ago: executing program 2 (id=2007):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x12c5c18, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000180)='./file0/file0\x00', 0x0)

23m35.635349029s ago: executing program 2 (id=2011):
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x3, 0x8005, 0x3, 0x9, r1}, &(0x7f0000000240)=0x10)

23m35.239742228s ago: executing program 2 (id=2021):
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x30000008c}, 0x0)
r0 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write(r0, &(0x7f0000000040)="06", 0x1)
sendfile(r0, r0, &(0x7f0000001000), 0xffff)

23m34.871317195s ago: executing program 40 (id=2021):
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x30000008c}, 0x0)
r0 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write(r0, &(0x7f0000000040)="06", 0x1)
sendfile(r0, r0, &(0x7f0000001000), 0xffff)

23m24.586919819s ago: executing program 8 (id=2169):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newlink={0x30, 0x10, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40938, 0x3}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_BRIDGE={0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x68010}, 0x0)

23m24.378972711s ago: executing program 8 (id=2175):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast2, 0x2}, 0x1c)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast2, 0x4}, 0x1c)

23m24.305453976s ago: executing program 8 (id=2178):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000680)={'nat\x00', 0x0, 0x3, 0x90, [0x6, 0xffffffffffffffff, 0x3, 0xe, 0x6, 0x3c752f48], 0x6, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], &(0x7f00000005c0)=""/144}, &(0x7f0000000700)=0x78)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f00000000c0), 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x6, 0x2, 0x0, 0x2}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}, @TCA_NETEM_RATE64={0xc, 0x8, 0xc1160cbda5ab1ab}]}}}]}, 0x64}}, 0x20000000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

23m23.35424639s ago: executing program 8 (id=2190):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x12c5c18, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(0x0, 0x0)

23m23.182080695s ago: executing program 8 (id=2195):
keyctl$reject(0x13, 0x0, 0x100000000, 0x0, 0x0)

23m21.557231067s ago: executing program 8 (id=2225):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@ifindex, 0xffffffffffffffff, 0x2e, 0x6000}, 0x20)

23m21.277830864s ago: executing program 41 (id=2225):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@ifindex, 0xffffffffffffffff, 0x2e, 0x6000}, 0x20)

23m20.728373727s ago: executing program 4 (id=2235):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x22}}, &(0x7f0000000000)='syzkaller\x00', 0x8, 0x10, &(0x7f0000000100)=""/16, 0x41000, 0x1f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)

23m20.246916938s ago: executing program 4 (id=2240):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = gettid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xffb0}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff13}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x9}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

23m19.233783911s ago: executing program 4 (id=2247):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x3, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x3)
io_setup(0x2, &(0x7f0000000000)=<r3=>0x0)
r4 = eventfd(0x0)
io_submit(r3, 0x1, &(0x7f0000000100)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xc2, r4, &(0x7f0000000180), 0x0, 0x36}])

23m18.159455561s ago: executing program 4 (id=2265):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x0)

23m17.96566215s ago: executing program 4 (id=2267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000546439f08500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r1, r2, 0x25, 0x0, @val=@perf_event}, 0x18)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

23m17.235041254s ago: executing program 4 (id=2278):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xb, 0x7}, {0x10, 0xfff1}, {0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

23m16.85089457s ago: executing program 42 (id=2278):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xb, 0x7}, {0x10, 0xfff1}, {0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

16m13.186055494s ago: executing program 9 (id=4292):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x58f41, 0x0)
fcntl$lock(r0, 0x11, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCFLSH(r2, 0x540b, 0x0)
syz_usb_control_io$rtl8150(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
splice(r1, &(0x7f00000000c0)=0x6, r1, &(0x7f0000000280)=0x48d07a0c, 0x7, 0xb)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))

16m11.306448436s ago: executing program 9 (id=4295):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1018}, 0x1, 0x0, 0x0, 0x4c094}, 0x4040)
prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r2)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=<r5=>r4, @ANYBLOB="010000000000000000001400000018"], 0x44}}, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r6, 0x400452c8, &(0x7f0000000100))
ioctl$FS_IOC_GETFSLABEL(r3, 0x800452d3, &(0x7f0000000100))
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$RTC_IRQP_READ(r7, 0x8008700b, &(0x7f00000000c0))
setrlimit(0xa, &(0x7f0000000040)={0x0, 0xc08})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="050000007d000000430000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYRESDEC=r0, @ANYBLOB="00004498c600"/24], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600), &(0x7f00000001c0), 0x71, r8}, 0x38)
r9 = socket$inet(0x2, 0x2, 0x0)
sendto$inet(r9, 0x0, 0x0, 0x40052, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_lsm={0x1d, 0x19, &(0x7f0000000380)=ANY=[@ANYBLOB="132336feffff", @ANYRES32=r8, @ANYRESHEX=0x0, @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018190000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000b7080000070000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r8, @ANYBLOB="0000000000000000980500000800000085000000a5000000"], &(0x7f0000000480)='syzkaller\x00', 0x1, 0x16, &(0x7f00000004c0)=""/22, 0x40f00, 0x2, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000700)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000740)={0x0, 0xe, 0x210, 0x8}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000840)=[r8, 0xffffffffffffffff, 0xffffffffffffffff, r8, 0xffffffffffffffff, r8, 0xffffffffffffffff, 0xffffffffffffffff, r8], &(0x7f0000000880)=[{0x2, 0x3, 0x5, 0x2}, {0x3, 0x4001, 0x1, 0x8}], 0x10, 0x2}, 0x94)
pipe(&(0x7f0000000440))
r10 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x1098448, &(0x7f0000000500)=ANY=[@ANYBLOB="661df90000000000000000002c0170a84a2c62a683ff9ad157bb169f65f365e0400d9f3c435a93fedc37ed987012292f1a99bb708b3be4a70815a7f91d4974b832771589809003f8cdac211d45f21360d8ebd000a5cc8179f2456ad58170ecfdec592d25e9fef6813d1a7b72493a9d2078111e243547a389f0d933928ff4adf42d9a70f74ee0afb130462f7763d638d41af7d97d8fda43fa38a82b29c534e49bec6376a3a091d92a338bc5c884a34eef5d4b9bce5e5889f036c6114cdbd5ce61dafe941c84452d6cf38800bf8fb3d05abfc85c3372160c7fca3a5e95dff3c549c5a00e2c8e18e0cda9145b492c9aa6b568c20c4c5acb490720b3c64968d8d165da6272040029068d367974f1472e701210103cf88a3b794402e2f1c018ca4d6cd326e01106c638792b0d9b4632c07c84f9d0f02352ea8729ff4fba6cde85f3f4341445c6d80d00000000000000", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRES32=r5, @ANYBLOB="23c409dd75fe7525aee0bd2d7495f684d2c379a7cb72e7a632b6127057d72cb58d", @ANYRES32=r10])
bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000280)={0xffffffffffffffff, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
semget$private(0x0, 0x0, 0x4c6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

16m10.254920331s ago: executing program 9 (id=4297):
r0 = getpid()
ptrace$setregs(0xd, r0, 0x5, &(0x7f0000000000)="4944c1399fae6a127ff5950e98a8c25a2e178ba7016cb1dbef75060a141df7945f54cb166bbc49cfa3f188a64b691bff881d613d20e95f188e61351b88d9ebdb68709c6f3219e12b10f8751c81cf3bfbbeb5970651dcf0c76051b49ebf071265d53d823b4af1544b920f159d19a26afe82f647a8d2dfe0fe95b2c6f2cf92")
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000001d00070f000000000000000007000000", @ANYRES32, @ANYBLOB="00005200060005000100000008000800", @ANYRES32=r1], 0x2c}}, 0x20008000)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0x58, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)=@gettfilter={0x34, 0x2e, 0x1, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xe}, {0xfff2, 0xc}, {0xffff, 0xf}}, [{0x8, 0xb, 0x3}, {0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000001)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESHEX=0x0])
read$FUSE(r3, &(0x7f0000002480)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000002300)={0x50, 0xffffffffffffffda, r4, {0x7, 0x9, 0x0, 0x21831002, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x20, 0xfffffffe}}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r5, &(0x7f0000000400), 0xe)
listen(r5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket$inet6(0xa, 0x2, 0x0)
r8 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0)
write$proc_mixer(r8, &(0x7f00000000c0)=ANY=[@ANYBLOB="524144494f0a434420274d6963204374707475726520537769746368272030303030303030303030303030303030303030300a494741494e0a545245424c45202743442043617074757265205377697463682720303030b0303030103030303030303030303030300a524144494f0a535045414b45"], 0xd3)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000180)={0x0, 'batadv_slave_1\x00', {0x2}, 0x9})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x14)
sendmmsg$inet6(r7, 0x0, 0x0, 0xc8040)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4)

16m9.608793892s ago: executing program 9 (id=4300):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r0=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'})
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
setpgid(0x0, r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x48000)
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a500000008000000", @ANYRESHEX=r2], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, 0x0, 0x0)
writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)
setsockopt$inet_mreqsrc(r3, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

16m9.380939559s ago: executing program 9 (id=4301):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x10001, 0x7fff, 0x202, 0x1}, 0x50)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, 0x0, 0x8000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, 0x0}, 0x68)
r4 = io_uring_setup(0x5, &(0x7f0000000040)={0x0, 0x3c1c, 0xc000, 0x3, 0x38})
r5 = syz_io_uring_setup(0x1593, &(0x7f0000001900)={0x0, 0x72d5, 0x8, 0x3, 0x6, 0x0, r4}, &(0x7f0000000400), &(0x7f0000002c00))
io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x15, &(0x7f0000002ac0)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1)
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f0000000180)={'pcl816\x00', [0x4f27, 0xd, 0x3, 0x81, 0x5, 0xcc9, 0xf, 0x7, 0xa, 0xe8aa, 0x58, 0x1, 0xfffffffe, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x100003, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0x7, 0xe69, 0x3c, 0x8, 0x2, 0x0, 0xfffffff8]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000440)=0x1f)
getresgid(&(0x7f0000000480), &(0x7f0000002500), &(0x7f0000002540))
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000)
shmctl$IPC_RMID(0x0, 0xffffffffffffff7f)
r7 = fsopen(&(0x7f0000000340)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, 0x0, &(0x7f0000000000)='#\x00\x00\x00\x00\x00\x00\x00\x00\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xcc:rC\xb3=\x17\x02/x\x84=\x17\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\x00\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xb9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x04\xbb\x10\x1d3\xa6', 0x0)

16m8.958240648s ago: executing program 9 (id=4304):
msgget$private(0x0, 0x420)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f00000003c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010101}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0x2542, 0x9, 0x201, 0x5, 0x8, 0xab31, 0x1, 0xb6}, 0x20)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000004340)=""/102376, 0x18fe8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000300)='btrfs\x00', 0x5, 0x0)
r5 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddde)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x40100, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f0000000280)={0xfffffffffffffc31, 0x4, r7, 0x0, &(0x7f0000000580)="ebd183fac2", 0x5, 0x203})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f0000000440)={0x28, 0x3, r7, 0x0, &(0x7f00000001c0)="a465de48f227f8b3f2f50eb22ed5a485d168fcf768a1ea09053a13e186b192ec6d", 0x21, 0xfffb})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000002c0)={0x28, 0x4, r7, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r7, 0x0, &(0x7f0000000480)='}', 0x1, 0x7ff})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x20, 0x800000000004, @thr={&(0x7f00000004c0)="38c609741adbb34836e370c9731f99d93bf39016ecc9e1fab82d64b3a781211763c8059bc1160d9552f40e0da15c8ba040809d931b3a9be31c4a7ab78cea4659293b0ce40ff3505cfad8b8ec53a1189fd5d84918c44267cc19c776d948a678ae5ccf5b89834047b651e82f16cba9bcb331794b967aa44e43f8210cb8dc5c98195f46bf493f34d76b896dfc8852e536a7b720ad397a1ada55", &(0x7f0000000680)="a50a32b2fa4e6f260c4260316f9ca5d5418cfb4fb4d02b7960d5977caf411bd781c67111926e94dd5ca4eaa67226ea725b9d64268f1cf057accd1f064cfde1d08b78464f1b"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r5)

16m8.407462487s ago: executing program 43 (id=4304):
msgget$private(0x0, 0x420)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f00000003c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010101}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0x2542, 0x9, 0x201, 0x5, 0x8, 0xab31, 0x1, 0xb6}, 0x20)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000004340)=""/102376, 0x18fe8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000300)='btrfs\x00', 0x5, 0x0)
r5 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddde)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x40100, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f0000000280)={0xfffffffffffffc31, 0x4, r7, 0x0, &(0x7f0000000580)="ebd183fac2", 0x5, 0x203})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f0000000440)={0x28, 0x3, r7, 0x0, &(0x7f00000001c0)="a465de48f227f8b3f2f50eb22ed5a485d168fcf768a1ea09053a13e186b192ec6d", 0x21, 0xfffb})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000002c0)={0x28, 0x4, r7, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r7, 0x0, &(0x7f0000000480)='}', 0x1, 0x7ff})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x20, 0x800000000004, @thr={&(0x7f00000004c0)="38c609741adbb34836e370c9731f99d93bf39016ecc9e1fab82d64b3a781211763c8059bc1160d9552f40e0da15c8ba040809d931b3a9be31c4a7ab78cea4659293b0ce40ff3505cfad8b8ec53a1189fd5d84918c44267cc19c776d948a678ae5ccf5b89834047b651e82f16cba9bcb331794b967aa44e43f8210cb8dc5c98195f46bf493f34d76b896dfc8852e536a7b720ad397a1ada55", &(0x7f0000000680)="a50a32b2fa4e6f260c4260316f9ca5d5418cfb4fb4d02b7960d5977caf411bd781c67111926e94dd5ca4eaa67226ea725b9d64268f1cf057accd1f064cfde1d08b78464f1b"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r5)

11m0.697903487s ago: executing program 3 (id=5252):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r8, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e23, 0x2, @empty, 0x7f13}}, 0x800}, 0x90)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r9, &(0x7f0000000080)=""/102341, 0x18fc5, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="3c1204"], 0x98)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1000001, 0xfffffffa}}}}]}, 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001505000008004e002d3501000000000095004100000000006916360000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf530000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

10m58.867198143s ago: executing program 3 (id=5255):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$kcm(0x10, 0x2, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e23, 0x2, @empty, 0x7f13}}, 0x800}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001505000008004e002d3501000000000095004100000000006916360000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf530000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

10m58.221225761s ago: executing program 3 (id=5258):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x6, 0x4, 0x7abec691, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)
socket$qrtr(0x2a, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}]}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x4000190, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xff, 0x7fff0010}]})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r2, 0x40082102, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_BT_SNDMTU(r3, 0x112, 0xc, 0x0, &(0x7f00000000c0))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r5, 0xc0405610, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r7, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x40000071, 0x0, 0x32feb97c}]})
r8 = syz_open_dev$ttys(0xc, 0x2, 0x1)
accept$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs, &(0x7f0000000180)=0x6e)
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1800002)
ioctl$TIOCSSOFTCAR(r8, 0x541a, &(0x7f0000000040)=0x4)

10m56.526845797s ago: executing program 3 (id=5262):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = syz_io_uring_setup(0x4b7, &(0x7f0000000480)={0x0, 0x773a, 0x80, 0x6, 0x377}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x12c5c18, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000180)='./file0/file0\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000580)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x4}, @initr0, @exit, @alu={0x6, 0x0, 0xa, 0xa, 0x0, 0x20, 0x300}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @jmp={0x5, 0x1, 0x1, 0x3, 0x3, 0x40, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x7, 0x0, 0x0, 0xa, 0x8, 0xffffffffffffffe0, 0x2f}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x40f00, 0x0, '\x00', r3}, 0x94)

10m55.936317549s ago: executing program 3 (id=5263):
prctl$PR_SET_SECUREBITS(0x1c, 0x15)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe11)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x10, 0x103)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd70000400000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000fffffffe00000000000000000d000100756470020000003200000000"], 0x54}}, 0x0)
mmap(&(0x7f0000737000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x295f9aa3815d971d, 0xffffffffffffffff, 0x0)
epoll_create(0x10000e9)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r2 = memfd_create(&(0x7f0000000580)='y\x105\xfb\xf7\x88\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7`\x9b=\xec\x9f\x1d\x9b@$\x8c\bb\x1a\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\'\xffO,4\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2\x01G\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\rr\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\xc6\x8a=\x04\xa35\x9b\xf5\x80E\x8f\x1e\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x10\x00'/276, 0x2)
ftruncate(r2, 0xffff)
fcntl$addseals(r2, 0x409, 0x7)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$IOMMU_TEST_OP_ACCESS_RW(0xffffffffffffffff, 0x3ba0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1})
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000300)={'rose0\x00', 0x4000})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e}, 0x94)
syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x532d, 0x40, 0x4, 0xfffefffe, 0x0, r4}, &(0x7f0000000100), &(0x7f0000000300))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000020601080000000000000000000000000c00078008000640000000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a69700092e753fafcc3eee5b2ce38002e13471dda1072a35d9f3e0d0aa57b461fe601b7d81e00df629787360466d33d73458c18391eef58553657bad87ddb01d0b114eeb4dcdf2c27de761a9b554470de8c7c6c1135dfc881cbfdc5553a4b7cac6d254ecce91381d62d86709d"], 0x50}}, 0x0)

10m55.220570836s ago: executing program 3 (id=5264):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x4, &(0x7f0000000000)={0x0, 0x1, 0x6, 0x9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {}, {0xfff1}}}, 0x24}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000d980708b5192100c7980000000109021b00012000ac00090400000107000009090585", @ANYRES64], 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r7, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r7, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
splice(r7, 0x0, r6, 0x0, 0xfea8, 0xa)

10m54.720755536s ago: executing program 44 (id=5264):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x4, &(0x7f0000000000)={0x0, 0x1, 0x6, 0x9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {}, {0xfff1}}}, 0x24}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000d980708b5192100c7980000000109021b00012000ac00090400000107000009090585", @ANYRES64], 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r7, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r7, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
splice(r7, 0x0, r6, 0x0, 0xfea8, 0xa)

35.110422427s ago: executing program 1 (id=7323):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x39)
dup(r0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x3, 0x10}, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
io_cancel(0x0, 0xfffffffffffffffe, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="000000c000000000000000000700000095000000000000f0"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x2121)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

33.870132557s ago: executing program 1 (id=7326):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
setsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f00000016c0)=0x5, 0x4)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
cachestat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r3 = open(0x0, 0x24042, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x2}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000040000000102000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = gettid()
r9 = getpgrp(0x0)
r10 = gettid()
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f0000001880)={0xfffffffb, 0x3, {<r11=>0x0}, {0xee01}, 0x7, 0x5})
syz_clone3(&(0x7f0000001900)={0x102880, &(0x7f00000001c0), &(0x7f0000000400), &(0x7f0000000440), {0x6}, &(0x7f00000015c0)=""/129, 0x81, &(0x7f00000004c0)=""/11, &(0x7f00000018c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, r9, r10, r11], 0xa, {r3}}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000003040)={0x2020}, 0x2020)
newfstatat(0xffffffffffffff9c, &(0x7f0000000500)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000380), 0x2000)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80, 0x23456})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

32.016838465s ago: executing program 1 (id=7334):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
ioctl$BTRFS_IOC_DEV_REPLACE(r0, 0xca289435, &(0x7f00000015c0)={0x2, 0x40, @start={0x0, 0x1, "7f147cead60fbe1252d426c114d444a4f0be6f58c936ed8806c0c011c60f786c9cdeb02d731c2b23acd748168358a3604fa9a9655382ee714c4fc47345fc6688b8f596e6187c4bf301ed717a53b71223923ac8decf93dc9acf450f8adfb536a98a5474e478b4fda49b604c8f8b99bbf505b779282cf99047fd696f6a0444246911d342c73641c9b35e374178b2415af74130a39414702b5b1b68241fefa672ed986c8d4b542a6efc89c80dcb592b697170bf1ec071b43298274c93d20571ab48d3e837a1293a886c051103c9c5acee4fee3fa31cd6d159d354f40d3d2cd9bf6396c49f83a1cea1585ae80153a6437aec76165fab935c2ffd10cacc8fc723ed8651b828ad5fb40f4688df8e174427f4a1f3384512deeefbd82912340787f6c3e3fe13a0c5837a4ef9cdaa766b1f5ad5677d8d03bafdfa3aefa34c94be8295fce8743f946de55e2c19edee9883a68e4f59172d2e1847fe8f7d129a1f3edf9c92b91678cb6082aa80713f9335977f137aec40bae68ea2de9197ff978a93daf7c97c3d15cf3b76a938b7e444b236ee15ec33c559aa7d63767833b25a17e04673b17c1b0d8dba236345ab3efb67217995270ab0c321c1b89fbaddc1bf32902b5b22e01ef7e90e5b1ec76b4f1a4437fa00d14f0a51e5c58200ba12b37298333fa27373486b29f5dee363764c7e2a35bde5f0e982ed245deb2092a5b4f8e4ace5306aa326d76c8c8108e605acba50dd9daa8092c1e61633a2a22614374b374a609e91d6b29c7a5b32127214e25ba80ac5bd2434f6ec0cb29eb5d1b67b0f7f82edd31a0f4dc205be778f5d7003b70023c5d413b6df90033bb9c783a7a49c393ca4f5bfcf6e931705280511e251395b33122341827886d195966f32863100a5fca7f77f16cbf1e859abcd013d6e48ad0dec7d571826e77b23bd641a8506a8b8f733549da4285c3fc3faaf6a792024d56a98599644b7e3ec5d4e00fd15f14d8646d7b03eb15e25a89a75b643563d0d4fbe29e651279897201608eb65c4d4be84487c1f69e2234c191b074cb41949f5eb4b74999ab4a4ecff3e650a3e7fde709e1adc2fd288550f3879885a1d1b6dc2c43ed74ea2da634597dd41b3a10d523f8c564f48f2547bf987406d2b0e2b263b15fdf74eed801656b9512c8be6c708f099d4e48521baf9956fad81400d2b9e7d6326c668bf9026ad6e981ba78c6d3bd046c746b35b646e083e62f0c90d0b8633b37e639996b307b3a6f6f323dd3af48640e32ad6073f96184b540fe5680031a86cc4577c5ffca4ceace554e5bca48a030630a3e966cb57ba556182e97e08739f2b5e8683adb4d1577487c18a2c7c144062b4062a13adbd83446e07ce713da826e5055a519c7f6c44b44a78064d43edc7a029b5f3638f3d68d297bf41a34a0987f5725d68522f3ccdca7c928080667361d631be2516b6c2", "a1abb67d7a469217af0339834c77d1f1184337dedaa052ef99fa2fc0d24c53f3fb081ff027967786562098fca560bf0a40283dc29ebf6e549f6ac236eb3f4c973490013246332556b9d46ea3a81df35bce13e5c22483294856310ce568923aefa101ad39278cade472c7451d4a843be10516de4457be7e131cf5704950820ed8086538c0969c9105a14f0afd2ba2cbea0ae09ce410b12a5997718cacbfa98d2474b155c05b8a26cc05b69f465c5bf60f28059122a4addbd05446521b48e95c9c8dd26c7eb56f7375d847ad8b338e18dbde3a55a33e4e238dfdd9686771549e5f177a44bc8b9bd58ca60c0c8977b98b90fcdac6a9f2c17f28c6fb0c7a8b7c91c42cfcf9a18a49cb6e8b5469cd99af90f5239fc1a7cb008d69c7eeb598a8f41146a75b9974eb295e7cd5eb21c758f3625cde60cdf4afabdef3a5c003bb49be7cc657f44187b8890ae2ee3a1f6722ea7eb1a2730fe0a3e44d01868c5cc3b3e0967cb5eb2e5384e8c10196f90c6f2aff6f7ca3420eff79b4e2fd2c641bc017d2c4a90c1442047f6cbb75620975869f09d33b64ee2d41b03071758bc20a04939b504c2a180c3b6273d7f1c25702b25a2d42a9cb001f9190a2526d7f601a0d4e9abde6d936101855582c3f69eafa59cfeedf4fc06b0d6005f6539d4cdf8743a37fe327c0473b864baa127a095cd60c361e39f344d31ecebf91cc78750dd86444cd1a0e7a7ae33a491e2005ac74afded20003524e59780de1edfed2989e012650de1e98c495dd6aceb106e7ba646e21dc5c3f8a4df59f873c8c521370387b5f302a8a229e81abd77ba41d3c5cf8f03f89133b0e46d85bb5e88ebbc80804f0e299c90e205d59f0892735fcfd05c010a93a84d1afbfedca08f3d7d75bfcc6badebc7ef26a85c2333695f03a391ec461c121d6dd05d249d6e0c3edc15be0244060c6eba108cb66217374d6872b49f966b22187f71f5f10da30be8cbc2e22ce3d6a45941ce3ab783a471d3e86c434c57e65928a7cc2fdb77b68d6d46c4834d9344adcddc6e8b5f92ca4fd96fbf4ec57ddb3e66f6aee085c2b4b387504aaeb960995b5c342aea49a937a59e55dd12e155334bf3adc43130b9d88e824ef744cfe90f7c82e9c9125bbd72e7d5563d61a462935b569b9fdd219381bb8f13e03c023cbdf767abb560591b12a231119f91f7cc2f218bbbb86fd652b9d98facde43768737cbc1ad8680b4079e6feb4fc461c71d28a9229be31bf1f00bc8ab49fc4ebba58b99d4ccb790b5962b6315153ad461e8d12d21edbd1cb52b6e2e174e4e0fa217faa7f9d9c35fa14d08f6aced0af95008c624b449d447bda46c558c2d80db8a6bd1a92b803ad0a8d635f197f8d53272e3e686ab411bf26ba78b3fb003bb32950869537573488d63fbcfad49249ce52a960d454af182bd6e23addd46f0c86b7f65b704f36bc9507"}, [0x3, 0x65, 0xffffffff7fffffff, 0x3, 0x8, 0xa3, 0x2, 0x9, 0x9, 0x0, 0x5b8, 0x5, 0x2, 0x5, 0x3, 0x6, 0xfffffffffffff001, 0x10000, 0x40, 0x1fd, 0x3, 0x1, 0xfffffffffffffff7, 0x101, 0x5, 0x8000000000000000, 0xffffffffffff0001, 0x8000000000000001, 0x5, 0x779d, 0xc7, 0x8, 0x8, 0x1, 0x5, 0x4, 0x0, 0x6, 0xfffffffffffffffc, 0x6, 0x2, 0x7, 0x4, 0x3, 0x5, 0xc, 0x4, 0x4, 0xffffffffffffb0a3, 0x3, 0xffffffff, 0xa, 0x2, 0xb, 0xf, 0x1, 0x1, 0x8000000000000000, 0x8, 0x1bb, 0xb, 0x0, 0xffff]})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000100)={@empty, <r10=>0x0}, &(0x7f0000000140)=0x14)
setsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@initdev={0xac, 0x1e, 0x41, 0x0}, 0x4e24, 0xffff, 0x4e24, 0x3ff, 0x2, 0xa0, 0x0, 0x2, r10, 0xffffffffffffffff}, {0x9, 0xffff, 0xd, 0x400, 0x5, 0x2, 0x81}, {0x2, 0x0, 0x69f4, 0x8}, 0x5, 0x0, 0x1, 0x1, 0x2, 0x1}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d5, 0x3c}, 0xa, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x3, 0x5, 0x4, 0xc, 0x6}}, 0xe8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000000000df00", @ANYRES8=r8, @ANYRES16=r8], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000280)={&(0x7f0000000000)="a1b2c4d4206e82e0afc7a503d8419bc23476742e8ff74e6aaa282d989998c6c846c433f937c539747e0f", &(0x7f0000000200)=""/95, &(0x7f0000000080)="0038c3a0701f4a1fa09ee367f77bc1015834d397524a8661d817664517544d1ed15d", &(0x7f0000000140), 0xe, r7}, 0x38)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = openat$cgroup_ro(r11, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r12, &(0x7f0000000200)=0x1, 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)

30.686690288s ago: executing program 1 (id=7337):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x81, 0x0, 0x0, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0xa000, 0xfffa}, 0x1d, [0x7ffe, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x8, 0x4, 0x3c5b, 0x1, 0x3, 0x9, 0x1, 0x1f461e2c, 0x0, 0xe660, 0x4, 0x7, 0x101, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0xfffffff8, 0x7, 0x0, 0x0, 0xd, 0x3e, 0x8f, 0x6, 0x10000006, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x134, 0x7ffe, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0x6, 0x3, 0xb83, 0x7, 0x5, 0x0, 0xf, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x5, 0x6, 0x7, 0xff, 0x5, 0x5, 0xed2d, 0x4, 0x0, 0x5, 0x2, 0xa, 0x4, 0x9, 0x8, 0x800, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0xff7f, 0x2, 0x7f, 0x9, 0x2, 0xffffffff, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x400, 0x4, 0x1, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x83, 0x80000003, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xf38, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x800003, 0x200, 0x80, 0xf, 0xd, 0x8, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0xfffffff9, 0x1, 0x1, 0xffff, 0x0, 0x1a, 0x1c, 0xfffffff7, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0xf58, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7ffe, 0x80000000, 0x200a620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0xe, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0x7, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0xb0b2748, 0xb1c, 0x1, 0x200, 0xffbf2441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

29.209088374s ago: executing program 1 (id=7340):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
r1 = socket(0x1, 0x3, 0x0)
bind$unix(r1, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)

28.665615472s ago: executing program 1 (id=7343):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x86}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

13.03435134s ago: executing program 45 (id=7343):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x86}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

12.621555537s ago: executing program 5 (id=7392):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_ext={0x1c, 0xc, &(0x7f0000000800)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfff}, @tail_call], 0x0, 0x59b4, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x15a1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="b8000000000000e3f3e6b68d64c8223f554d1c8b00e7ac687f6254a9c38d"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

12.394546858s ago: executing program 5 (id=7393):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000003000), 0xffffffffffffffff)
bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="7800000018002507b9409b14ffff00000204be04020b06050e020909430009003f00064c0a00000068d0bf46d32345653600648d270012000200000049935ade4a460c89b6ec2069e9247fe71315011b4123", 0x52, 0xd050, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x0, 0x0, @mcast2, 0x7}}, {{0xa, 0x0, 0x6df, @empty, 0x5}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x9, 0x0}}}}}, 0x108)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
writev(r3, &(0x7f0000000740)=[{&(0x7f0000000280)='X', 0x1}], 0x1)
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000100))
getsockopt$inet6_buf(r2, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
socket(0x10, 0x803, 0x0)

11.457227801s ago: executing program 5 (id=7394):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
setsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f00000016c0)=0x5, 0x4)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
cachestat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r3 = open(0x0, 0x24042, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x2}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000040000000102000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = gettid()
r9 = getpgrp(0x0)
r10 = gettid()
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f0000001880)={0xfffffffb, 0x3, {<r11=>0x0}, {0xee01}, 0x7, 0x5})
syz_clone3(&(0x7f0000001900)={0x102880, &(0x7f00000001c0), &(0x7f0000000400), &(0x7f0000000440), {0x6}, &(0x7f00000015c0)=""/129, 0x81, &(0x7f00000004c0)=""/11, &(0x7f00000018c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, r9, r10, r11], 0xa, {r3}}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
read$FUSE(0xffffffffffffffff, &(0x7f0000003040)={0x2020, 0x0, <r12=>0x0}, 0x2020)
newfstatat(0xffffffffffffff9c, &(0x7f0000000500)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r13=>0x0, <r14=>0x0}, 0x2000)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000001500)={0xa0, 0xfffffffffffffff5, r12, {{0x1, 0x0, 0xe, 0x13ea, 0x8872, 0xfffffacd, {0x5, 0x854, 0x0, 0x7b1, 0x80000000, 0x8, 0x7, 0x6, 0x8, 0x1000, 0x9, r13, r14, 0x9, 0x3}}, {0x0, 0x7}}}, 0xa0)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80, 0x23456})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

10.305549659s ago: executing program 5 (id=7401):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket$kcm(0x2, 0x8, 0x106)
setsockopt$sock_attach_bpf(r4, 0x1, 0x46, &(0x7f0000000080), 0x4)
syz_emit_ethernet(0x76, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000001aaaaaaaaaa1686dd60f53a0400403a00fe880000000000000000000000000001ff02000000000000000000000000000102009078000005026050835900000000fc010000000000000000000000000000fe8000000000000000000000000000bb3a0000000000000000ecff0000000000"], 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f0000000180)=""/173, &(0x7f0000000000)=0xad)
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000500)=""/234, 0xea}], 0x1)
ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f0000005fc0)={@remote, @mcast2, @mcast2, 0x4, 0x8000, 0x40, 0x400, 0x1000, 0x1cc0014})
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x1f4, 0xd50, 0x1000000, &(0x7f0000000100)="ff412f66b0833efc8864968781", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x50)
read$FUSE(r6, &(0x7f00000034c0)={0x2020}, 0xcac)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r6, 0x894b, &(0x7f0000000300))
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8)
r10 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
close(r10)

9.374630342s ago: executing program 7 (id=7404):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0x3, 0xffffffff}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x60980, 0x80)
r4 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_FSYNC={0x3, 0x42, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x1, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, 0x0)
r9 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r9, &(0x7f0000000040)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(r9, &(0x7f0000000100), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r9, &(0x7f00000000c0)={0x2, 0xfa}, 0x2)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
r10 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r10, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x5}, 0x1c)
r11 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x4712, 0x1032c0)
close_range(r0, r11, 0x0)
mmap(&(0x7f0000fea000/0xb000)=nil, 0xb000, 0x3000001, 0x4010, 0xffffffffffffffff, 0x452c5000)

9.286063216s ago: executing program 6 (id=7405):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000240), 0x400, 0x0)
sendmsg(r2, &(0x7f00000006c0)={&(0x7f0000000280)=@ieee802154={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="f6923e137d346cf3a516104239b871a10dc8a1170f6c1dd8c7caa5f8dffbdcc8fbc3c2bd5654e1f35411bece9cae1e7848cf8373a246f2900681d58015d23629208f042da68c1d299bb5e66286036af8b4c3c17b8940361be5d68e38a0cecdcdd0263b19f942b3851c6c49b6dba0833465fa189ec4d796b9334869f01efbd60586707d0cbd389407182f4e", 0x8b}, {&(0x7f00000003c0)="6d96eba819d52a881ca0b9891c42216d81dfe671fa88a768167163456ef686a55bd7688a8f07f906177dcdab9c3155f4b76e71272777324fd9f31f245866cbeb097725983b83", 0x46}, {&(0x7f0000000440)="4c31a2455016bdd1ce4af9b596996b57689c1b10b30b815fc5ac1a61c802914e32bc1f87062041348cb8e9d5a6ff93bb766af67738b63af88a4d20b5c08f233aed476f9901683fe06554b6171f9e18a394e36a61e55675801471853597ff98856e6ee2f233cbc972cdbc6e80b30339e9abc8c3f91f", 0x75}], 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="b00000000000000008010000db0100006440f127995784378b94d5b32a3141f6aa3ec9928b9c334fc21d6d4e3d64053437848f7a4b30b8bc46f6e8b3df91cb60fa6c7400d23bd941cea1cb394a110a3ee1a2150056bb700882fc6b0bdf1dda6f34eb57b75eb5235d254a086a89ccc3c5ea883f110588e236539daca78a058e31256ad68bc63abd68000000a60704d0f9903017a401033f18692895d1a5c2f91c6282e0d1bc3f86cce6445fb4e1000000c8000000000000000d01000008000000db3e6dd4d5668f5b62c2dae5288394c40cc423cfb4092dfc7c88ce10e0b7ee6971009fa384a52934c8930cda960330069aab098267873fc3647de68aebbd761c63cbaf78da6079e4edadb24c5bc1c7b3552406f74d960869246735d858e33b4a0dd5c8a3e8caeb56d5e2ffef3b6e93a4a86c9c7dcf2a21f28606c5554e5a8aa3a411c25ffb33a2e245fcd84acea35b033887ef35b412e03230959590d7697fceeccb67ef307491414b9ac9c31737fa48b91751e26e00000030000000000000002900000006000000a0d8cf25d7d3839e666dbca40c1e27a70ee956dfeff3f6ad2dfb705dfc00000018000000000000001601000003000000033ffec600000000"], 0x1c0}, 0x4014)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x1e, 0x27, 0x9b, 0x10, 0x5ac, 0x120a, 0x6045, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xb9, 0x0, 0x0, 0xfa, 0xb7, 0x5e}}]}}]}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x3f}]}}}]}, 0x40}}, 0x8c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f000001aa40)=""/102400, 0x19000)
shmget$private(0x0, 0x9000, 0x4, &(0x7f0000ff7000/0x9000)=nil)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4}, 0x48)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1ffffc}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x5, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}, {0x85, 0x0, 0x17, 0xcb}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$bt_rfcomm(r2, &(0x7f0000000700)={0x1f, @any, 0x1}, 0xa)
r6 = syz_open_dev$loop(&(0x7f0000000080), 0x3, 0x131000)
ioctl$LOOP_GET_STATUS64(r6, 0x4c05, &(0x7f0000000100))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000ec01000040"])
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000040)=0x1)
write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="000091000180200014000800ffff450600240065000004219078ac141416ac1414aa4e234e24047190787261dace042453d980"], 0x32)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x324)

9.191666981s ago: executing program 5 (id=7406):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000cc0)=ANY=[@ANYBLOB="12010000773604202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000900)={0x34, &(0x7f0000000200)=ANY=[@ANYBLOB="001804"], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000380)={0x20, 0xe, 0x6, "974bea735a5a"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x40, 0xb, 0x2, 'CM'}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x200}, &(0x7f0000000600)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, &(0x7f0000000640)={0x40, 0x17, 0x6, @remote}, &(0x7f0000000680)={0x40, 0x19, 0x2, "ba46"}, &(0x7f00000006c0)={0x40, 0x1a, 0x2, 0x4}, &(0x7f0000000700)={0x40, 0x1c, 0x1, 0x3}, &(0x7f0000000740)={0x40, 0x1e, 0x1, 0x68}, &(0x7f0000000780)={0x40, 0x21, 0x1, 0x99}})
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000140)={0x1c, &(0x7f0000000340)={0x0, 0xb, 0x4, "9f94ccca"}, 0x0, &(0x7f0000000100)})

8.753460218s ago: executing program 0 (id=7408):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000003000), 0xffffffffffffffff)
bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="7800000018002507b9409b14ffff00000204be04020b06050e020909430009003f00064c0a00000068d0bf46d32345653600648d270012000200000049935ade4a460c89b6ec2069e9247fe71315011b4123", 0x52, 0xd050, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x0, 0x0, @mcast2, 0x7}}, {{0xa, 0x0, 0x6df, @empty, 0x5}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x9, 0x0}}}}}, 0x108)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
writev(r3, &(0x7f0000000740)=[{&(0x7f0000000280)='X', 0x1}], 0x1)
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000100))
getsockopt$inet6_buf(r2, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
socket(0x10, 0x803, 0x0)

7.799444148s ago: executing program 0 (id=7409):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
r3 = fsopen(&(0x7f0000000040)='securityfs\x00', 0x0)
r4 = fcntl$dupfd(r1, 0x406, r3)
setsockopt$inet_mtu(r4, 0x111, 0xa, &(0x7f0000000000), 0x4)
rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8)
r5 = gettid()
tkill(r5, 0x11)
rt_sigaction(0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))
write$P9_RSTATu(r0, &(0x7f0000001400)=ANY=[@ANYBLOB="320200007d00000005f0000104000000050000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7892ffffff81000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f700000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200cfc2001000000000000000000000f313f6005500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0060074a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cc280e8d489da649a37002c016f6465762d6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475def03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff0000000000000000000000000000000000a52e05898a9bf0b3048053dcda147c863532226a6b357810ca10ee0251a7c5c982348f28d5b0ec8d7aec0f80ba300fe6472455093ceb5329ff474a6d074d46d520e324d0e61e6b1733fdcc", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0], 0x232)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000203010100000700000000000400000a0800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010)
r7 = syz_open_procfs(0x0, &(0x7f0000000440)='net/if_inet6\x00')
pread64(r7, 0x0, 0x0, 0x3c)
ioctl$KVM_SET_GUEST_DEBUG(r7, 0x4048ae9b, &(0x7f00000002c0)={0x190005, 0x0, [0x4, 0x7, 0x9ba5, 0x6, 0x2, 0x1, 0x5, 0x6]})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x1)
syz_open_dev$evdev(&(0x7f0000001240), 0x10001, 0x101000)
ioctl$TCSETS(r8, 0x89f3, &(0x7f0000000100)={0x4, 0x0, 0x1003, 0x4, 0x12, "bb40af00008000"})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
readv(r9, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r9, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xfff7ffff, 0x4, 0x10, "001b00"})
r10 = syz_open_pts(r9, 0x101)
r11 = dup3(r10, r9, 0x0)
ioctl$TIOCSETD(r11, 0x5423, &(0x7f0000000040)=0x15)
write$UHID_INPUT(r11, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0xe00}}, 0xffffff5c)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200054c149c7000000000000000000000300000a0c000200fffffffe0000ffff"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x24044094)
syz_usb_connect(0x5, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0})

7.585101204s ago: executing program 7 (id=7410):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2c, 0x4000, 0x3, 0x353, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40000)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
ioctl$VIDIOC_LOG_STATUS(r7, 0x5646, 0x0)
preadv(r7, &(0x7f00000033c0)=[{&(0x7f00000003c0)=""/207, 0xcf}], 0x1, 0x6, 0xfffffffe)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r7, 0xf517, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0xfffffffffffffffd)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x180000, @private2={0xfc, 0x2, '\x00', 0x1}, 0xef40}], 0x1c)
gettid()
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @local, 0xffffffff}, 0x1c)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000200)})
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f00000004c0)="fe07e413c9148fca61713c030a7889d906f70667613a9bcd4f0c061d8031611d64ac438250d8d087e335648a595247445802a904e77a458800498e0b667f92b142c23b01256f1dfd5e849bda26161b20813d9b84e08b30ba0ad4fd58e679aef8105d432137390d65059ca87eeb48e24d3a000dc2d981e5db5665b36c051b9cae633b900cb415f440bb4a2546a87083ae09c25880c44e1112b47175520bca246ff46e336b04e9684eada8f471774433e6aeb97ce739e569daba699d5d4dadb96f0a2a06f1f2331abac77614410297851fd2161a5a87115c0a7a60d16e52f008014490ee78437d1709e374f327721dd1b054076c2ef2c1ff30f85b0d00")

6.798761977s ago: executing program 0 (id=7411):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000280)={0x7, 0x6, 0x56b5, 0xc80, <r0=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0xc2dcc000)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40002042, 0x0)
socket(0x2, 0x3, 0x67)
ioprio_get$uid(0x3, 0x0)

6.001924956s ago: executing program 0 (id=7412):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000002c0)={0x6, 0x7b, 0x800, 0x200, 0xb64, 0xfa9})
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='io_uring_cqring_wait\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x6148, &(0x7f0000001b80)={0x0, 0x13ea, 0x2, 0x2, 0x3c6}, &(0x7f0000000040), &(0x7f0000000140))
io_uring_enter(r3, 0x2241, 0x1b86, 0x1, 0x0, 0x0)

5.92220948s ago: executing program 6 (id=7413):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000040)="f30f1ecd65f3ff9dd4a7260f01c9f3360f30670f01ca0f01fa8146051900baf80c66b8fa8ecd8c66efbafc0cb8f64aefdbe03e26660f38825f47", 0x3a}], 0x1, 0x5b, 0x0, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x7, 0x10, 0xfffffffd, 0x400000, 0xb47, 0x9, 0x8, 0xffffeff9, 0x3}, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
link(0x0, &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = socket(0x8000000010, 0x2, 0x0)
write(r2, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4b", 0xbd)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r3, &(0x7f0000000400)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f00000001c0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x20010, r3, 0x3c9be000)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
syz_clone(0xc01c011, 0x0, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

5.820673361s ago: executing program 7 (id=7414):
syz_init_net_socket$ax25(0x3, 0x3, 0x8)
dup(0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/mnt\x00')
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e24090800035b36a70df331cc28baf737f2ff13e1551e8beb26d806986172989c558b7fc77f42e376a1d377e09fd6bd4012b0d80b9160908d249697000000003324d5898075ebb2f495fcd3543d0bfa02cf89dd54c3378389c89089f39d43d448e308049efb3f14a2538ca6ea7d182378b1475606250f95a51717f09706d1ea01deeadbbfbe68cf2687354d3641cac73720f96364a283c97b393b80efa8bdb742238a2a43458a85842f1968c2fa3960"], 0x7)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x3f, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

5.789022415s ago: executing program 5 (id=7415):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="c4000000190001000000000000000000ac1414bb00000000000000000000000000000000000000000000000000000000800000000000001a0a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00100001"], 0xc4}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@flushpolicy={0x1c, 0x1d, 0x1, 0x0, 0x0, "", [@policy_type={0xa, 0x10, {0x1}}]}, 0x1c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000004180)='kfree\x00', r0}, 0x18)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
io_setup(0x3, &(0x7f0000000180))
ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000140))
socket$packet(0x11, 0x3, 0x300)

5.072013874s ago: executing program 7 (id=7416):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc601006034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x20, 0xf, 0x28, 0xfffff038}, {0x20, 0x1f, 0xf6, 0xfffff024}, {0x6, 0x80, 0xf2}]}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001440)=@deltclass={0x24, 0x29, 0x1, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x8, 0xf}, {0x4, 0x2}, {0x1, 0xb}}}, 0x24}}, 0x44880)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r6=>0x0})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x208800, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local})
write$tun(r7, &(0x7f0000000440)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xa, 0x0, 0x0, 0x0, 0x4, {[@window={0xa, 0x3}, @exp_smc={0xfe, 0x6}, @generic={0x0, 0x8, "d58838068b91"}]}}}}}}, 0x4a)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6}, 0x90)

4.338477398s ago: executing program 0 (id=7417):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_ext={0x1c, 0xc, &(0x7f0000000800)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfff}, @tail_call], 0x0, 0x59b4, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x15a1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="b8000000000000e3f3e6b68d64c8223f554d1c8b00e7ac687f6254a9c38d"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

4.107578653s ago: executing program 0 (id=7418):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f0000000040)={0xc0, 0x0, 0x8000})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27"})
ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, 0x0)
ioctl$SW_SYNC_IOC_INC(r2, 0x40045701, &(0x7f0000000500)=0x9)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r7, 0x0, 0xd}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x80000001, 0x0, 0x1000001000, 0x9}, 0x0, 0x0, 0x0, 0x0)
ioctl$PPPIOCSFLAGS(0xffffffffffffffff, 0x40047459, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f010400000009058303"], 0x0)

3.874384532s ago: executing program 7 (id=7419):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)

3.752639871s ago: executing program 6 (id=7420):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)

340.96026ms ago: executing program 7 (id=7421):
listen(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYRES32=r1], 0x80}}, 0x810)
sched_getattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48)
munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
write$cgroup_subtree(r3, 0x0, 0xfe33)
recvmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)}, 0x0)
syz_emit_ethernet(0x258, &(0x7f00000003c0)=ANY=[], 0x0)
syz_open_dev$loop(&(0x7f00000002c0), 0x9d, 0x8902)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
lseek(r4, 0x1000000, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000280)='net/icmp\x00')
pread64(r5, &(0x7f0000000100)=""/253, 0xfd, 0xadc)
setns(r5, 0x80)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000000)={0x0, {{0x2, 0x4e23, @rand_addr=0x64010101}}}, 0x84)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r7 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x40400)
ioctl$HIDIOCSREPORT(r7, 0x81044804, 0x0)

268.696002ms ago: executing program 6 (id=7422):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x31, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0xa78c}, {}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_val={0x18, 0x2, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}, @ldst={0x2, 0x3, 0x4, 0xa, 0x6, 0x6, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @ldst={0x2, 0x1, 0x2, 0x4, 0x5, 0xfffffffffffffff0, 0x1}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x9}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fff}, @map_fd={0x18, 0x4, 0x1, 0x0, r0}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x74bef8ba}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x26b, 0xae, &(0x7f00000000c0)=""/174, 0x40f00, 0x915ffc24e5c62983, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xa, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000440)=[r0, r0, r0], &(0x7f0000000480)=[{0x3, 0x1, 0xf, 0x4}, {0x80000000, 0x4, 0x6}], 0x10, 0x9}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000005200010003000000000000000a"], 0x20}}, 0x44)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@fallback=r1, r1, 0x2a, 0x8, 0x0, @void, @value=r2}, 0x20)

90.958716ms ago: executing program 6 (id=7423):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000020000000000000000850000001700000085000000a000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x14, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 6 (id=7424):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2c, 0x4000, 0x3, 0x353, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40000)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
ioctl$VIDIOC_LOG_STATUS(r7, 0x5646, 0x0)
preadv(r7, &(0x7f00000033c0)=[{&(0x7f00000003c0)=""/207, 0xcf}], 0x1, 0x6, 0xfffffffe)
prctl$PR_SET_IO_FLUSHER(0x43, 0xfffffffffffffffd)
mmap(&(0x7f00003d0000/0x1000)=nil, 0x1000, 0x0, 0xb5972, 0xffffffffffffffff, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x180000, @private2={0xfc, 0x2, '\x00', 0x1}, 0xef40}], 0x1c)
gettid()
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @local, 0xffffffff}, 0x1c)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000200)})
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f00000004c0)="fe07e413c9148fca61713c030a7889d906f70667613a9bcd4f0c061d8031611d64ac438250d8d087e335648a595247445802a904e77a458800498e0b667f92b142c23b01256f1dfd5e849bda26161b20813d9b84e08b30ba0ad4fd58e679aef8105d432137390d65059ca87eeb48e24d3a000dc2d981e5db5665b36c051b9cae633b900cb415f440bb4a2546a87083ae09c25880c44e1112b47175520bca246ff46e336b04e9684eada8f471774433e6aeb97ce739e569daba699d5d4dadb96f0a2a06f1f2331abac77614410297851fd2161a5a87115c0a7a60d16e52f008014490ee78437d1709e374f327721dd1b054076c2ef2c1ff30f85b0d00")

kernel console output (not intermixed with test programs):

point 0x8D has an invalid bInterval 0, changing to 7
[ 1892.702966][T27791] usb 6-1: config 0 has no interface number 0
[ 1892.710983][T10845] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1892.719653][T27791] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1892.738068][T27791] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1892.750828][ T5922] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1892.762337][T27791] usb 6-1: Product: syz
[ 1892.766602][T27791] usb 6-1: Manufacturer: syz
[ 1892.772154][T10845] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1892.778413][T27791] usb 6-1: SerialNumber: syz
[ 1892.800344][T10845] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1892.809276][T27791] usb 6-1: config 0 descriptor??
[ 1892.831670][T10845] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1892.832994][T27791] smsc95xx v2.0.0
[ 1892.851891][T10845] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1892.874972][T10845] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1892.894125][T10845] usb 7-1: Product: syz
[ 1892.914494][T10845] usb 7-1: Manufacturer: syz
[ 1892.939618][ T5922] usb 1-1: Using ep0 maxpacket: 32
[ 1892.944901][T10845] usb 7-1: SerialNumber: syz
[ 1892.952656][ T5922] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1892.969001][T10845] usb 7-1: config 0 descriptor??
[ 1892.982804][ T5922] usb 1-1: config 0 has no interface number 0
[ 1892.994500][T10845] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[ 1893.012817][ T5922] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1893.030394][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1893.040090][ T5922] usb 1-1: Product: syz
[ 1893.045005][ T5922] usb 1-1: Manufacturer: syz
[ 1893.049753][ T5922] usb 1-1: SerialNumber: syz
[ 1893.530608][ T1122] netlink: 100 bytes leftover after parsing attributes in process `syz.1.7031'.
[ 1893.551724][ T5922] usb 1-1: config 0 descriptor??
[ 1893.568941][ T5922] smsc95xx v2.0.0
[ 1893.678456][    C0] usb 7-1: yurex_control_callback - control failed: -71
[ 1893.688035][    C1] usb 7-1: yurex_control_callback - control failed: -71
[ 1893.697154][T27793] usb 7-1: USB disconnect, device number 108
[ 1893.707656][T27793] yurex 7-1:0.0: USB YUREX #0 now disconnected
[ 1893.717794][ T1124] netlink: 'syz.7.7026': attribute type 12 has an invalid length.
[ 1893.841498][T27791] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1893.883432][T27791] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1894.197707][T27791] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1894.220035][T27791] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[ 1894.256790][T27791] usb 6-1: USB disconnect, device number 17
[ 1894.436073][T29131] Bluetooth: hci0: unexpected event for opcode 0x0008
[ 1894.445560][ T1142] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7033'.
[ 1894.527762][ T1143] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7033'.
[ 1894.786301][ T5922] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1894.797963][ T5922] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1894.889318][ T5922] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1895.045154][ T5922] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1895.223158][ T5922] usb 1-1: USB disconnect, device number 16
[ 1896.439559][T10845] usb 8-1: new high-speed USB device number 64 using dummy_hcd
[ 1896.682942][T10845] usb 8-1: Using ep0 maxpacket: 8
[ 1896.693652][T10845] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1896.702569][T10845] usb 8-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1896.722142][T10845] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1896.736420][T10845] usb 8-1: Product: syz
[ 1896.886692][ T1170] block nbd5: Attempted send on invalid socket
[ 1896.895680][ T1170] I/O error, dev nbd5, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1896.910791][ T1170] isofs_fill_super: bread failed, dev=nbd5, iso_blknum=16, block=32
[ 1896.935543][T10845] usb 8-1: Manufacturer: syz
[ 1896.950088][T10845] usb 8-1: SerialNumber: syz
[ 1896.988904][T10845] usb 8-1: config 0 descriptor??
[ 1897.126495][T10845] snd_usb_toneport 8-1:0.0: Line 6 TonePort UX2 found
[ 1897.464915][T10845] snd_usb_toneport 8-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1897.487650][T10845] snd_usb_toneport 8-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1897.757040][ T1177] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7039'.
[ 1897.838289][T10845] usb 8-1: USB disconnect, device number 64
[ 1898.165237][ T1191] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7044'.
[ 1898.320802][ T1189] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7045'.
[ 1898.688268][ T1197] netlink: 'syz.0.7047': attribute type 12 has an invalid length.
[ 1899.428598][ T1207] kvm_pr_unimpl_wrmsr: 738 callbacks suppressed
[ 1899.428622][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.457352][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.505427][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.520995][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.531049][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.542587][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.560720][T27793] usb 7-1: new high-speed USB device number 109 using dummy_hcd
[ 1899.583290][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.602851][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.612665][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.630990][ T1207] kvm_intel: kvm [1199]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1899.916310][T27793] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1899.991742][T27793] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1899.998504][T27793] usb 7-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[ 1900.064518][T27793] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1900.182613][T27793] usb 7-1: config 0 descriptor??
[ 1900.699516][T27793] hid-alps 0003:044E:1215.0020: hidraw0: USB HID v0.04 Device [HID 044e:1215] on usb-dummy_hcd.6-1/input0
[ 1901.733713][T27791] usb 7-1: USB disconnect, device number 109
[ 1902.063237][ T1244] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1244 comm=syz.5.7056
[ 1902.225137][   T30] audit: type=1400 audit(1756993743.355:1548): avc:  denied  { map } for  pid=1243 comm="syz.5.7056" path="socket:[133672]" dev="sockfs" ino=133672 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1902.248366][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1902.442731][   T30] audit: type=1400 audit(1756993743.355:1549): avc:  denied  { read } for  pid=1243 comm="syz.5.7056" path="socket:[133672]" dev="sockfs" ino=133672 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1902.466028][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1903.182955][ T1255] pimreg: entered allmulticast mode
[ 1903.189327][ T1256] pimreg: left allmulticast mode
[ 1904.717759][ T1287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7066'.
[ 1905.160767][T27793] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1905.603770][T27793] usb 1-1: Using ep0 maxpacket: 32
[ 1907.890390][ T7007] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1908.040330][ T7007] usb 6-1: Using ep0 maxpacket: 8
[ 1908.049213][T27793] usb 1-1: unable to read config index 0 descriptor/all
[ 1908.057256][ T7007] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[ 1908.068865][ T7007] usb 6-1: config 179 has no interface number 0
[ 1908.075230][T27793] usb 1-1: can't read configurations, error -71
[ 1908.075551][ T7007] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1908.177140][ T7007] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1908.188532][ T7007] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1908.202184][ T7007] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1908.233393][ T7007] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1908.246950][ T7007] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1908.262710][ T7007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1908.361419][ T1294] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1908.385731][ T7007] xpad 6-1:179.65: probe with driver xpad failed with error -5
[ 1908.527896][ T1319] FAULT_INJECTION: forcing a failure.
[ 1908.527896][ T1319] name failslab, interval 1, probability 0, space 0, times 0
[ 1908.598639][ T1319] CPU: 0 UID: 0 PID: 1319 Comm: syz.7.7073 Not tainted syzkaller #0 PREEMPT(full) 
[ 1908.598667][ T1319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1908.598678][ T1319] Call Trace:
[ 1908.598684][ T1319]  <TASK>
[ 1908.598692][ T1319]  dump_stack_lvl+0x16c/0x1f0
[ 1908.598717][ T1319]  should_fail_ex+0x512/0x640
[ 1908.598738][ T1319]  ? __kmalloc_noprof+0xbf/0x510
[ 1908.598759][ T1319]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 1908.598789][ T1319]  should_failslab+0xc2/0x120
[ 1908.598810][ T1319]  __kmalloc_noprof+0xd2/0x510
[ 1908.598828][ T1319]  ? __pfx___mutex_lock+0x10/0x10
[ 1908.598855][ T1319]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 1908.598886][ T1319]  genl_start+0x18f/0x980
[ 1908.598913][ T1319]  __netlink_dump_start+0x60e/0x990
[ 1908.598938][ T1319]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[ 1908.598965][ T1319]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[ 1908.598988][ T1319]  ? __pfx_stack_trace_save+0x10/0x10
[ 1908.599019][ T1319]  ? __pfx_genl_get_cmd+0x10/0x10
[ 1908.599039][ T1319]  ? __pfx_genl_start+0x10/0x10
[ 1908.599067][ T1319]  ? __pfx_genl_dumpit+0x10/0x10
[ 1908.599089][ T1319]  ? __pfx_genl_done+0x10/0x10
[ 1908.599114][ T1319]  ? netlink_alloc_large_skb+0x69/0x130
[ 1908.599134][ T1319]  ? netlink_sendmsg+0x6a1/0xdd0
[ 1908.599153][ T1319]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1908.599176][ T1319]  genl_rcv_msg+0x46e/0x800
[ 1908.599204][ T1319]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1908.599229][ T1319]  ? __pfx_nl802154_list_associations+0x10/0x10
[ 1908.599259][ T1319]  ? __lock_acquire+0x62e/0x1ce0
[ 1908.599292][ T1319]  netlink_rcv_skb+0x158/0x420
[ 1908.599313][ T1319]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1908.599338][ T1319]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1908.599370][ T1319]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1908.599389][ T1319]  ? selinux_netlink_send+0x578/0x830
[ 1908.599411][ T1319]  ? is_vmalloc_addr+0x86/0xa0
[ 1908.599431][ T1319]  genl_rcv+0x28/0x40
[ 1908.599452][ T1319]  netlink_unicast+0x5a7/0x870
[ 1908.599477][ T1319]  ? __pfx_netlink_unicast+0x10/0x10
[ 1908.599499][ T1319]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1908.599528][ T1319]  netlink_sendmsg+0x8d1/0xdd0
[ 1908.599553][ T1319]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1908.599583][ T1319]  ____sys_sendmsg+0xa95/0xc70
[ 1908.599607][ T1319]  ? copy_msghdr_from_user+0x10a/0x160
[ 1908.599624][ T1319]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1908.599646][ T1319]  ___sys_sendmsg+0x134/0x1d0
[ 1908.599659][ T1319]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1908.599688][ T1319]  __sys_sendmsg+0x16d/0x220
[ 1908.599701][ T1319]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1908.599722][ T1319]  do_syscall_64+0xcd/0x4c0
[ 1908.599736][ T1319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1908.599747][ T1319] RIP: 0033:0x7fe322d8ebe9
[ 1908.599757][ T1319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1908.599768][ T1319] RSP: 002b:00007fe320ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1908.599780][ T1319] RAX: ffffffffffffffda RBX: 00007fe322fc5fa0 RCX: 00007fe322d8ebe9
[ 1908.599787][ T1319] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[ 1908.599793][ T1319] RBP: 00007fe320ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1908.599799][ T1319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1908.599806][ T1319] R13: 00007fe322fc6038 R14: 00007fe322fc5fa0 R15: 00007ffc924fe988
[ 1908.599820][ T1319]  </TASK>
[ 1908.932166][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1909.185699][ T5922] usb 6-1: USB disconnect, device number 18
[ 1910.175626][ T1330] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1910.681341][T22511] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1910.841025][T22511] usb 1-1: Using ep0 maxpacket: 32
[ 1910.858527][T22511] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1910.867639][T22511] usb 1-1: config 0 has no interface number 0
[ 1910.880760][T27793] usb 7-1: new high-speed USB device number 110 using dummy_hcd
[ 1910.901741][T22511] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1910.914734][T22511] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1910.928417][T22511] usb 1-1: Product: syz
[ 1910.935506][T22511] usb 1-1: Manufacturer: syz
[ 1910.941191][T22511] usb 1-1: SerialNumber: syz
[ 1911.049425][T27793] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1911.075014][T22511] usb 1-1: config 0 descriptor??
[ 1911.083947][T22511] smsc95xx v2.0.0
[ 1911.088509][T27793] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1911.222146][T27793] usb 7-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1911.302669][T27793] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1911.371707][T27793] usb 7-1: config 0 descriptor??
[ 1911.801650][ T1379] fuse: Unknown parameter '0x0000000000000008'
[ 1911.841551][T27793] hid (null): invalid report_count 1218949376
[ 1911.849638][T27793] hid-steam 0003:28DE:1142.0021: invalid report_count 1218949376
[ 1911.858384][T27793] hid-steam 0003:28DE:1142.0021: item 0 4 1 9 parsing failed
[ 1911.910128][T27793] hid-steam 0003:28DE:1142.0021: steam_probe:parse of hid interface failed
[ 1911.990569][ T1383] ALSA: mixer_oss: invalid OSS volume 'SPEAKE'
[ 1912.278070][T27793] hid-steam 0003:28DE:1142.0021: probe with driver hid-steam failed with error -22
[ 1912.302287][T22511] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1912.327156][T27793] usb 7-1: USB disconnect, device number 110
[ 1912.381014][T22511] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1912.401361][T22511] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1912.420892][T22511] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1912.439892][T22511] usb 1-1: USB disconnect, device number 19
[ 1912.750980][T27791] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1912.910842][T27791] usb 2-1: Using ep0 maxpacket: 8
[ 1912.955689][T27791] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1913.098071][T27791] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1913.139418][T29131] Bluetooth: hci3: ACL packet for unknown connection handle 200
[ 1913.153513][T27791] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1913.164542][T27791] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1913.178642][T27791] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1913.188656][T27791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1913.320267][ T7007] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1913.506589][T27791] usb 2-1: GET_CAPABILITIES returned 0
[ 1913.563288][T27791] usbtmc 2-1:16.0: can't read capabilities
[ 1913.672595][ T7007] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1913.728519][ T7007] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1913.741347][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1913.745576][ T7007] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1913.756121][T27791] usb 2-1: USB disconnect, device number 35
[ 1913.763940][   T30] audit: type=1400 audit(1756993754.885:1550): avc:  denied  { setopt } for  pid=1399 comm="syz.6.7099" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1913.785075][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1913.800899][ T7007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1913.839863][ T7007] usb 1-1: SerialNumber: syz
[ 1913.888749][ T1408] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7101'.
[ 1914.109934][ T7007] usb 1-1: 0:2 : does not exist
[ 1914.122894][ T7007] usb 1-1: USB disconnect, device number 20
[ 1914.197643][T32742] udevd[32742]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1914.398947][ T1414] netlink: 'syz.6.7103': attribute type 1 has an invalid length.
[ 1914.741344][ T1421] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7105'.
[ 1914.752100][ T1421] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7105'.
[ 1915.080505][ T1429] o2cb: This node has not been configured.
[ 1915.086367][ T1429] o2cb: Cluster check failed. Fix errors before retrying.
[ 1915.165781][ T1430] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1915.520474][ T1429] (syz.1.7107,1429,0):user_dlm_register:674 ERROR: status = -22
[ 1915.528257][ T1429] (syz.1.7107,1429,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1915.750553][T30242] Bluetooth: hci1: command 0x1003 tx timeout
[ 1915.781594][T29131] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1915.931157][ T7007] usb 2-1: new low-speed USB device number 36 using dummy_hcd
[ 1916.734461][ T7007] usb 2-1: config 0 has an invalid interface number: 207 but max is 0
[ 1916.749444][ T7007] usb 2-1: config 0 has no interface number 0
[ 1916.758540][ T7007] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[ 1916.768073][ T7007] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1916.830730][ T7007] usb 2-1: config 0 descriptor??
[ 1916.852683][ T7007] usb 2-1: selecting invalid altsetting 3
[ 1916.858447][ T7007] comedi comedi4: could not set alternate setting 3 in high speed
[ 1916.876748][ T7007] usbdux 2-1:0.207: driver 'usbdux' failed to auto-configure device.
[ 1916.905485][ T7007] usbdux 2-1:0.207: probe with driver usbdux failed with error -22
[ 1917.241268][T27791] usb 8-1: new full-speed USB device number 65 using dummy_hcd
[ 1917.258959][ T1450] netlink: 'syz.0.7112': attribute type 1 has an invalid length.
[ 1917.316022][ T1452] serio: Serial port ptm0
[ 1917.408580][ T7007] usb 2-1: USB disconnect, device number 36
[ 1918.049314][ T1452] vivid-000: disconnect
[ 1918.091373][   T30] audit: type=1326 audit(1756993759.225:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1446 comm="syz.5.7115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1918.252618][ T1454] vivid-000: reconnect
[ 1918.265310][   T30] audit: type=1326 audit(1756993759.265:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1446 comm="syz.5.7115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1918.295154][   T30] audit: type=1326 audit(1756993759.265:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1446 comm="syz.5.7115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1918.360827][   T30] audit: type=1326 audit(1756993759.265:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1446 comm="syz.5.7115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1918.455310][T27791] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[ 1918.463856][T27791] usb 8-1: config 0 has no interface number 0
[ 1918.469970][T27791] usb 8-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1918.503452][T27791] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1918.516396][ T1456] overlayfs: failed to resolve './file0': -2
[ 1918.536086][T27791] usb 8-1: config 0 descriptor??
[ 1918.555814][T27791] usb 8-1: selecting invalid altsetting 1
[ 1918.571337][T27791] dvb_ttusb_budget: ttusb_init_controller: error
[ 1918.578398][T27791] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1918.727304][T27791] DVB: Unable to find symbol cx22700_attach()
[ 1918.755528][T27791] DVB: Unable to find symbol tda10046_attach()
[ 1918.762378][T27791] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1918.770927][T22469] usb 7-1: new full-speed USB device number 111 using dummy_hcd
[ 1918.819947][ T1463] fuse: Unknown parameter '0x0000000000000003'
[ 1918.826321][T27791] usb 8-1: USB disconnect, device number 65
[ 1918.942143][T22469] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1918.967488][T22469] usb 7-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=fd.eb
[ 1918.978002][T22469] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=7
[ 1918.989390][T22469] usb 7-1: Product: syz
[ 1918.993622][T22469] usb 7-1: Manufacturer: syz
[ 1918.998463][T22469] usb 7-1: SerialNumber: syz
[ 1919.010134][T22469] usbserial_generic 7-1:1.0: The "generic" usb-serial driver is only for testing and one-off prototypes.
[ 1919.025807][T22469] usbserial_generic 7-1:1.0: Tell linux-usb@vger.kernel.org to add your device to a proper driver.
[ 1919.038513][T22469] usbserial_generic 7-1:1.0: device has no bulk endpoints
[ 1919.069567][ T1469] netlink: 'syz.0.7120': attribute type 12 has an invalid length.
[ 1919.278105][T22469] usb 7-1: USB disconnect, device number 111
[ 1920.734577][ T1493] serio: Serial port ptm0
[ 1920.840812][T27791] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1920.848998][    C1] raw-gadget.0 gadget.1: ignoring, device is not running
[ 1921.642494][ T1493] vivid-000: disconnect
[ 1921.681802][   T30] audit: type=1326 audit(1756993762.825:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1491 comm="syz.5.7128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1921.714349][T27791] usb 2-1: device descriptor read/64, error -32
[ 1921.737845][   T30] audit: type=1326 audit(1756993762.825:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1491 comm="syz.5.7128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1921.761542][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1921.769731][   T30] audit: type=1326 audit(1756993762.825:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1491 comm="syz.5.7128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1921.793090][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1921.802893][ T1492] vivid-000: reconnect
[ 1921.841282][   T30] audit: type=1326 audit(1756993762.825:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1491 comm="syz.5.7128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1921.971845][T27791] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1922.130853][T27791] usb 2-1: Using ep0 maxpacket: 8
[ 1922.160378][ T7007] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1923.004881][T27791] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1923.068528][T27791] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1923.148089][ T1505] kvm_pr_unimpl_wrmsr: 1731 callbacks suppressed
[ 1923.148112][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.170278][T27791] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1923.184271][ T7007] usb 6-1: Using ep0 maxpacket: 32
[ 1923.185852][ T7007] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 1923.199577][T27791] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1923.229420][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.234709][T27791] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1923.238681][ T7007] usb 6-1: config 0 has no interface number 0
[ 1923.345994][ T7007] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1923.358474][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.368105][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.377827][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.386922][ T7007] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1923.395355][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.404419][ T7007] usb 6-1: Product: syz
[ 1923.408764][ T7007] usb 6-1: Manufacturer: syz
[ 1923.436847][ T7007] usb 6-1: SerialNumber: syz
[ 1923.441998][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.451697][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.461238][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.470482][ T1505] kvm_intel: kvm [1498]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1923.616138][ T7007] usb 6-1: config 0 descriptor??
[ 1923.624715][T27791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1923.634355][ T7007] smsc95xx v2.0.0
[ 1923.703986][    C1] raw-gadget.0 gadget.1: ignoring, device is not running
[ 1923.717212][T27791] usb 2-1: can't set config #16, error -32
[ 1923.761239][T27791] usb 2-1: USB disconnect, device number 38
[ 1925.113466][ T7007] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1925.132479][ T7007] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1925.174099][ T7007] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1925.200604][ T1526] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7139'.
[ 1925.213730][ T7007] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[ 1925.259852][ T1526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7139'.
[ 1925.362403][ T7007] usb 6-1: USB disconnect, device number 19
[ 1925.511659][ T1531] serio: Serial port ptm0
[ 1925.549238][ T1532] FAULT_INJECTION: forcing a failure.
[ 1925.549238][ T1532] name failslab, interval 1, probability 0, space 0, times 0
[ 1925.624454][ T1532] CPU: 1 UID: 0 PID: 1532 Comm: syz.7.7141 Not tainted syzkaller #0 PREEMPT(full) 
[ 1925.624482][ T1532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1925.624494][ T1532] Call Trace:
[ 1925.624501][ T1532]  <TASK>
[ 1925.624509][ T1532]  dump_stack_lvl+0x16c/0x1f0
[ 1925.624536][ T1532]  should_fail_ex+0x512/0x640
[ 1925.624556][ T1532]  ? fs_reclaim_acquire+0xae/0x150
[ 1925.624583][ T1532]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1925.624609][ T1532]  should_failslab+0xc2/0x120
[ 1925.624631][ T1532]  __kmalloc_noprof+0xd2/0x510
[ 1925.624656][ T1532]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1925.624685][ T1532]  ? tomoyo_profile+0x47/0x60
[ 1925.624706][ T1532]  tomoyo_path_perm+0x274/0x460
[ 1925.624727][ T1532]  ? tomoyo_path_perm+0x260/0x460
[ 1925.624751][ T1532]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1925.624802][ T1532]  ? __d_lookup+0x25c/0x4a0
[ 1925.624839][ T1532]  tomoyo_path_unlink+0x91/0xe0
[ 1925.624857][ T1532]  ? __pfx_tomoyo_path_unlink+0x10/0x10
[ 1925.624875][ T1532]  ? lookup_dcache+0x66/0x170
[ 1925.624904][ T1532]  security_path_unlink+0x145/0x2b0
[ 1925.624931][ T1532]  do_unlinkat+0x463/0x6a0
[ 1925.624954][ T1532]  ? __pfx_do_unlinkat+0x10/0x10
[ 1925.624983][ T1532]  ? strncpy_from_user+0x203/0x2e0
[ 1925.625005][ T1532]  ? getname_flags.part.0+0x1c5/0x550
[ 1925.625030][ T1532]  ? __pfx_ksys_write+0x10/0x10
[ 1925.625054][ T1532]  __x64_sys_unlinkat+0xbf/0x130
[ 1925.625077][ T1532]  do_syscall_64+0xcd/0x4c0
[ 1925.625100][ T1532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1925.625118][ T1532] RIP: 0033:0x7fe322d8ebe9
[ 1925.625133][ T1532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1925.625149][ T1532] RSP: 002b:00007fe320ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[ 1925.625167][ T1532] RAX: ffffffffffffffda RBX: 00007fe322fc5fa0 RCX: 00007fe322d8ebe9
[ 1925.625179][ T1532] RDX: 0000000000000000 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 1925.625190][ T1532] RBP: 00007fe320ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1925.625201][ T1532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1925.625212][ T1532] R13: 00007fe322fc6038 R14: 00007fe322fc5fa0 R15: 00007ffc924fe988
[ 1925.625237][ T1532]  </TASK>
[ 1925.625245][ T1532] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1925.866733][ T1531] vivid-000: disconnect
[ 1925.988576][   T30] audit: type=1326 audit(1756993767.035:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1527 comm="syz.0.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1926.603577][   T30] audit: type=1326 audit(1756993767.045:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1527 comm="syz.0.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1926.712018][ T1533] vivid-000: reconnect
[ 1926.762484][   T30] audit: type=1326 audit(1756993767.045:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1527 comm="syz.0.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1926.834191][   T30] audit: type=1326 audit(1756993767.045:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1527 comm="syz.0.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1927.006088][ T1551] geneve2: entered promiscuous mode
[ 1927.031309][ T1551] geneve2: entered allmulticast mode
[ 1927.745443][ T1566] netlink: 'syz.0.7150': attribute type 1 has an invalid length.
[ 1928.070691][T27652] usb 8-1: new full-speed USB device number 66 using dummy_hcd
[ 1928.150490][ T1575] kvm_pr_unimpl_wrmsr: 115 callbacks suppressed
[ 1928.150512][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1928.251887][T27652] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[ 1928.259948][T27652] usb 8-1: config 0 has no interface number 0
[ 1928.269476][T27652] usb 8-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1928.291605][T27652] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1928.321486][T27652] usb 8-1: config 0 descriptor??
[ 1928.925285][ T1584] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1929.356053][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.376629][ T1586] serio: Serial port ptm0
[ 1929.391799][T27652] usb 8-1: selecting invalid altsetting 1
[ 1929.407836][T27652] dvb_ttusb_budget: ttusb_init_controller: error
[ 1929.420918][T27652] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1929.457645][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.493409][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.502854][ T1589] vivid-002: disconnect
[ 1929.508535][   T30] audit: type=1326 audit(1756993770.655:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1585 comm="syz.1.7156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1929.554044][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.582904][   T30] audit: type=1326 audit(1756993770.655:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1585 comm="syz.1.7156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1929.722550][   T30] audit: type=1326 audit(1756993770.655:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1585 comm="syz.1.7156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1929.768087][ T1596] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7157'.
[ 1929.841262][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.854390][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.875173][ T1586] vivid-002: reconnect
[ 1929.901064][T27652] DVB: Unable to find symbol cx22700_attach()
[ 1929.946869][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1929.957320][ T1602] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1929.985977][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1930.034329][ T1575] kvm_intel: kvm [1564]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1930.045002][   T30] audit: type=1326 audit(1756993770.655:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1585 comm="syz.1.7156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1930.153808][   T30] audit: type=1326 audit(1756993770.825:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1590 comm="syz.6.7157" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f679cf8ebe9 code=0x0
[ 1930.197412][T27652] DVB: Unable to find symbol tda10046_attach()
[ 1930.211151][T27652] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1930.281282][T27652] usb 8-1: USB disconnect, device number 66
[ 1931.165411][ T1626] netlink: 'syz.5.7164': attribute type 12 has an invalid length.
[ 1931.391997][ T1621] netlink: 'syz.1.7162': attribute type 1 has an invalid length.
[ 1932.615243][ T1638] vivid-002: =================  START STATUS  =================
[ 1932.657885][ T1638] vivid-002: Radio HW Seek Mode: Bounded
[ 1932.666047][ T1638] vivid-002: Radio Programmable HW Seek: false
[ 1932.676286][ T1638] vivid-002: RDS Rx I/O Mode: Block I/O
[ 1932.683756][ T1638] vivid-002: Generate RBDS Instead of RDS: false
[ 1932.779542][ T1638] vivid-002: RDS Reception: true
[ 1932.790825][ T1638] vivid-002: RDS Program Type: 0 inactive
[ 1932.810831][ T1638] vivid-002: RDS PS Name:  inactive
[ 1932.816359][ T1638] vivid-002: RDS Radio Text:  inactive
[ 1932.824263][ T1638] vivid-002: RDS Traffic Announcement: false inactive
[ 1932.832007][ T1638] vivid-002: RDS Traffic Program: false inactive
[ 1932.838559][ T1638] vivid-002: RDS Music: false inactive
[ 1932.845014][ T1638] vivid-002: ==================  END STATUS  ==================
[ 1933.184580][ T1649] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=1649 comm=syz.0.7169
[ 1933.530808][T27791] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1933.656418][ T1652] ALSA: mixer_oss: invalid OSS volume 'SPEAKE'
[ 1934.110780][T27791] usb 2-1: Using ep0 maxpacket: 32
[ 1934.154096][T27791] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 1934.280546][T27791] usb 2-1: config 0 has no interface number 0
[ 1934.362607][T27791] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1934.375918][T27791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1934.384698][T27791] usb 2-1: Product: syz
[ 1934.389093][T27791] usb 2-1: Manufacturer: syz
[ 1934.398931][T27791] usb 2-1: SerialNumber: syz
[ 1934.409481][T27791] usb 2-1: config 0 descriptor??
[ 1934.427159][T27791] smsc95xx v2.0.0
[ 1934.742379][T29131] Bluetooth: hci5: unexpected event for opcode 0x0008
[ 1935.225455][ T1666] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7175'.
[ 1935.273041][ T1666] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7175'.
[ 1935.497400][ T1673] vivid-000: =================  START STATUS  =================
[ 1935.508848][ T1673] vivid-000: Radio HW Seek Mode: Bounded
[ 1935.515817][ T1673] vivid-000: Radio Programmable HW Seek: false
[ 1935.525915][ T1673] vivid-000: RDS Rx I/O Mode: Block I/O
[ 1935.537510][ T1673] vivid-000: Generate RBDS Instead of RDS: false
[ 1935.546982][ T1673] vivid-000: RDS Reception: true
[ 1935.556824][ T1677] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7180'.
[ 1935.582822][ T1673] 
[ 1935.585536][ T1673] vivid-000: RDS Program Type: 0 inactive
[ 1935.592322][ T1673] vivid-000: RDS PS Name:  inactive
[ 1935.597921][ T1673] vivid-000: RDS Radio Text:  inactive
[ 1935.604018][ T1673] vivid-000: RDS Traffic Announcement: false inactive
[ 1935.611274][ T1673] vivid-000: RDS Traffic Program: false inactive
[ 1935.618176][ T1673] vivid-000: RDS Music: false inactive
[ 1935.649193][ T1681] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7180'.
[ 1935.679121][ T1673] vivid-000: ==================  END STATUS  ==================
[ 1935.852523][T27791] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1935.866350][T27791] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1935.873766][ T1688] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1935.876454][T27791] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1935.884667][ T7007] usb 8-1: new high-speed USB device number 67 using dummy_hcd
[ 1935.917662][T27791] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[ 1935.967555][ T1688] netlink: 'syz.6.7184': attribute type 1 has an invalid length.
[ 1936.000674][ T1688] netlink: 224 bytes leftover after parsing attributes in process `syz.6.7184'.
[ 1936.072627][T27791] usb 2-1: USB disconnect, device number 39
[ 1936.100751][ T7007] usb 8-1: too many configurations: 9, using maximum allowed: 8
[ 1936.117347][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.126941][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.145887][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.246099][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.255530][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.266805][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.274867][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.391609][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.402881][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.416545][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.426111][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.437926][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.446262][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.470325][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.481622][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.489919][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.499669][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.511960][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.519812][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.532304][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.555719][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.568966][ T7007] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1936.585196][ T7007] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1936.611491][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1936.633692][ T7007] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1936.643148][ T7007] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1936.660309][ T7007] usb 8-1: Product: syz
[ 1936.675198][ T7007] usb 8-1: Manufacturer: syz
[ 1936.690032][ T7007] usb 8-1: SerialNumber: syz
[ 1936.764529][ T1701] kvm_pr_unimpl_wrmsr: 198 callbacks suppressed
[ 1936.764542][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1936.784915][ T7007] usb 8-1: config 0 descriptor??
[ 1936.793821][ T7007] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[ 1936.807802][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1937.202372][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1937.224390][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1937.251069][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1937.293999][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1937.542569][ T1701] kvm_intel: kvm [1693]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1937.911846][T22511] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1937.945898][    C0] usb 8-1: yurex_control_callback - control failed: -71
[ 1937.946250][T27791] usb 8-1: USB disconnect, device number 67
[ 1937.960372][ T1714] yurex 8-1:0.0: yurex_write - failed to send bulk msg, error -19
[ 1938.008649][T27791] yurex 8-1:0.0: USB YUREX #0 now disconnected
[ 1938.304936][T22511] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1938.320821][T22511] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1938.346024][T22511] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1938.366258][T22511] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1938.386343][T30242] Bluetooth: hci5: command 0x0405 tx timeout
[ 1938.405766][ T1722] netlink: 'syz.5.7193': attribute type 1 has an invalid length.
[ 1938.442282][T22511] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1938.525938][T22511] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1938.583317][T22511] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1938.599905][T22511] usb 1-1: invalid MIDI out EP 0
[ 1938.732589][T22511] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1938.819279][  T400] udevd[400]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1938.886143][ T1727] vivid-002: =================  START STATUS  =================
[ 1938.894368][ T1727] vivid-002: Radio HW Seek Mode: Bounded
[ 1938.900583][ T1727] vivid-002: Radio Programmable HW Seek: false
[ 1938.914140][ T1727] vivid-002: RDS Rx I/O Mode: Block I/O
[ 1938.930050][ T5922] usb 1-1: USB disconnect, device number 21
[ 1938.974823][ T1727] vivid-002: Generate RBDS Instead of RDS: false
[ 1939.026918][ T1727] vivid-002: RDS Reception: true
[ 1939.047184][ T1727] vivid-002: RDS Program Type: 0 inactive
[ 1939.120288][ T1727] vivid-002: RDS PS Name:  inactive
[ 1939.125923][ T1727] vivid-002: RDS Radio Text:  inactive
[ 1939.157585][ T1727] vivid-002: RDS Traffic Announcement: false inactive
[ 1939.207424][ T1727] vivid-002: RDS Traffic Program: false inactive
[ 1939.285412][ T1727] vivid-002: RDS Music: false inactive
[ 1939.292521][ T1727] vivid-002: ==================  END STATUS  ==================
[ 1939.440401][ T5922] usb 7-1: new high-speed USB device number 112 using dummy_hcd
[ 1939.484805][   T30] audit: type=1326 audit(1756993780.595:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.514023][   T30] audit: type=1326 audit(1756993780.595:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.566545][   T30] audit: type=1326 audit(1756993780.595:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.654622][   T30] audit: type=1326 audit(1756993780.595:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.689607][   T30] audit: type=1326 audit(1756993780.595:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.731779][   T30] audit: type=1326 audit(1756993780.595:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.757120][   T30] audit: type=1326 audit(1756993780.595:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.804031][ T5922] usb 7-1: Using ep0 maxpacket: 8
[ 1939.842290][ T5922] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1939.861597][   T30] audit: type=1326 audit(1756993780.595:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.892648][ T5922] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1939.904499][ T5922] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1939.925668][ T5922] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1939.940521][   T30] audit: type=1326 audit(1756993780.595:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1939.994598][ T5922] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1940.025113][ T5922] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1940.040647][   T30] audit: type=1326 audit(1756993780.595:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1731 comm="syz.5.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1940.529720][T30242] Bluetooth: hci5: command 0x0405 tx timeout
[ 1940.740901][ T5922] usb 7-1: GET_CAPABILITIES returned 0
[ 1940.746473][ T5922] usbtmc 7-1:16.0: can't read capabilities
[ 1940.983003][    C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1940.993241][ T5922] usb 7-1: USB disconnect, device number 112
[ 1942.592045][ T1761] FAULT_INJECTION: forcing a failure.
[ 1942.592045][ T1761] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1942.708224][ T1761] CPU: 1 UID: 0 PID: 1761 Comm: syz.6.7204 Not tainted syzkaller #0 PREEMPT(full) 
[ 1942.708250][ T1761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1942.708261][ T1761] Call Trace:
[ 1942.708268][ T1761]  <TASK>
[ 1942.708275][ T1761]  dump_stack_lvl+0x16c/0x1f0
[ 1942.708300][ T1761]  should_fail_ex+0x512/0x640
[ 1942.708325][ T1761]  should_fail_alloc_page+0xe7/0x130
[ 1942.708348][ T1761]  prepare_alloc_pages+0x3c2/0x610
[ 1942.708374][ T1761]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1942.708393][ T1761]  ? register_lock_class+0x41/0x4c0
[ 1942.708408][ T1761]  ? find_held_lock+0x2b/0x80
[ 1942.708436][ T1761]  ? __lock_acquire+0x62e/0x1ce0
[ 1942.708462][ T1761]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1942.708484][ T1761]  ? __lock_acquire+0x62e/0x1ce0
[ 1942.708517][ T1761]  ? __lock_acquire+0x62e/0x1ce0
[ 1942.708546][ T1761]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1942.708569][ T1761]  ? policy_nodemask+0xea/0x4e0
[ 1942.708592][ T1761]  alloc_pages_mpol+0x1fb/0x550
[ 1942.708614][ T1761]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1942.708636][ T1761]  ? __lock_acquire+0x62e/0x1ce0
[ 1942.708666][ T1761]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1942.708692][ T1761]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1942.708715][ T1761]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1942.708747][ T1761]  do_pte_missing+0x2230/0x3ba0
[ 1942.708774][ T1761]  ? find_held_lock+0x2b/0x80
[ 1942.708801][ T1761]  __handle_mm_fault+0x152a/0x2a50
[ 1942.708830][ T1761]  ? mt_find+0x3ef/0xa30
[ 1942.708854][ T1761]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1942.708879][ T1761]  ? __pfx_mt_find+0x10/0x10
[ 1942.708915][ T1761]  ? find_vma+0xbf/0x140
[ 1942.708934][ T1761]  ? __pfx_find_vma+0x10/0x10
[ 1942.708956][ T1761]  handle_mm_fault+0x589/0xd10
[ 1942.708981][ T1761]  ? trace_raw_output_exceptions+0x131/0x150
[ 1942.709010][ T1761]  do_user_addr_fault+0x7a6/0x1370
[ 1942.709030][ T1761]  ? rcu_is_watching+0x12/0xc0
[ 1942.709054][ T1761]  exc_page_fault+0x5c/0xb0
[ 1942.709093][ T1761]  asm_exc_page_fault+0x26/0x30
[ 1942.709111][ T1761] RIP: 0010:__put_user_4+0xd/0x20
[ 1942.709129][ T1761] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 47 69 03 00 0f 1f 80 00 00 00 00 90 90 90
[ 1942.709145][ T1761] RSP: 0018:ffffc9001293fc98 EFLAGS: 00050206
[ 1942.709159][ T1761] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000000000
[ 1942.709170][ T1761] RDX: ffff88802e09a440 RSI: ffffffff824798fa RDI: ffffffff8c162b00
[ 1942.709181][ T1761] RBP: 1ffff92002527f94 R08: a23edf14cf8df726 R09: 0000000000000001
[ 1942.709192][ T1761] R10: 0000000000000000 R11: 0000000000000000 R12: 0000200000000000
[ 1942.709202][ T1761] R13: dffffc0000000000 R14: 0000000080086601 R15: 0000000080086601
[ 1942.709221][ T1761]  ? ioctl_getflags+0x13a/0x160
[ 1942.709243][ T1761]  ioctl_getflags+0x146/0x160
[ 1942.709265][ T1761]  ? __pfx_ioctl_getflags+0x10/0x10
[ 1942.709285][ T1761]  ? __pfx_avc_has_perm+0x10/0x10
[ 1942.709305][ T1761]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1942.709327][ T1761]  do_vfs_ioctl+0x709/0x14f0
[ 1942.709355][ T1761]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1942.709381][ T1761]  ? inode_has_perm+0x16f/0x1d0
[ 1942.709402][ T1761]  ? file_has_perm+0x27d/0x350
[ 1942.709423][ T1761]  ? __pfx_file_has_perm+0x10/0x10
[ 1942.709441][ T1761]  ? find_held_lock+0x2b/0x80
[ 1942.709471][ T1761]  ? selinux_file_ioctl+0xb4/0x270
[ 1942.709502][ T1761]  __x64_sys_ioctl+0x114/0x210
[ 1942.709531][ T1761]  do_syscall_64+0xcd/0x4c0
[ 1942.709553][ T1761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1942.709570][ T1761] RIP: 0033:0x7f679cf8ebe9
[ 1942.709585][ T1761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1942.709601][ T1761] RSP: 002b:00007f679de11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1942.709617][ T1761] RAX: ffffffffffffffda RBX: 00007f679d1c5fa0 RCX: 00007f679cf8ebe9
[ 1942.709628][ T1761] RDX: 0000200000000000 RSI: 0000000080086601 RDI: 0000000000000003
[ 1942.709639][ T1761] RBP: 00007f679de11090 R08: 0000000000000000 R09: 0000000000000000
[ 1942.709650][ T1761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1942.709660][ T1761] R13: 00007f679d1c6038 R14: 00007f679d1c5fa0 R15: 00007ffd1af9fa78
[ 1942.709684][ T1761]  </TASK>
[ 1942.719190][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.248059][ T1773] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7207'.
[ 1943.287626][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.308496][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.320868][ T1773] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7207'.
[ 1943.330031][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.353633][ T1768] netlink: 'syz.0.7206': attribute type 1 has an invalid length.
[ 1943.377821][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.444247][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.454838][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.518123][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.527770][ T1764] kvm_intel: kvm [1753]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3a
[ 1943.540886][T22511] usb 8-1: new high-speed USB device number 68 using dummy_hcd
[ 1943.729473][T22511] usb 8-1: Using ep0 maxpacket: 32
[ 1943.759415][T22511] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[ 1943.778396][T22511] usb 8-1: config 0 has no interface number 0
[ 1943.906024][T22511] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1943.918928][T22511] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1943.938501][T22511] usb 8-1: Product: syz
[ 1944.417133][T22511] usb 8-1: Manufacturer: syz
[ 1944.422418][T22511] usb 8-1: SerialNumber: syz
[ 1944.438321][T22511] usb 8-1: config 0 descriptor??
[ 1944.457572][T22511] smsc95xx v2.0.0
[ 1944.540883][T27793] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1944.578621][ T1792] FAULT_INJECTION: forcing a failure.
[ 1944.578621][ T1792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1944.595944][ T1792] CPU: 1 UID: 0 PID: 1792 Comm: syz.5.7213 Not tainted syzkaller #0 PREEMPT(full) 
[ 1944.595971][ T1792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1944.595982][ T1792] Call Trace:
[ 1944.595989][ T1792]  <TASK>
[ 1944.595999][ T1792]  dump_stack_lvl+0x16c/0x1f0
[ 1944.596024][ T1792]  should_fail_ex+0x512/0x640
[ 1944.596050][ T1792]  _copy_from_user+0x2e/0xd0
[ 1944.596074][ T1792]  iommufd_vfio_ioctl+0x285/0xe90
[ 1944.596103][ T1792]  ? __pfx_iommufd_vfio_ioctl+0x10/0x10
[ 1944.596143][ T1792]  ? do_vfs_ioctl+0x128/0x14f0
[ 1944.596175][ T1792]  iommufd_fops_ioctl+0x45b/0x540
[ 1944.596195][ T1792]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1944.596216][ T1792]  ? hook_file_ioctl_common+0x145/0x410
[ 1944.596242][ T1792]  ? selinux_file_ioctl+0x180/0x270
[ 1944.596266][ T1792]  ? selinux_file_ioctl+0xb4/0x270
[ 1944.596291][ T1792]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1944.596311][ T1792]  __x64_sys_ioctl+0x18b/0x210
[ 1944.596339][ T1792]  do_syscall_64+0xcd/0x4c0
[ 1944.596361][ T1792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1944.596379][ T1792] RIP: 0033:0x7f43f158ebe9
[ 1944.596394][ T1792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1944.596411][ T1792] RSP: 002b:00007f43f23c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1944.596430][ T1792] RAX: ffffffffffffffda RBX: 00007f43f17c5fa0 RCX: 00007f43f158ebe9
[ 1944.596441][ T1792] RDX: 0000200000000440 RSI: 0000000000003b72 RDI: 0000000000000003
[ 1944.596452][ T1792] RBP: 00007f43f23c7090 R08: 0000000000000000 R09: 0000000000000000
[ 1944.596462][ T1792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1944.596473][ T1792] R13: 00007f43f17c6038 R14: 00007f43f17c5fa0 R15: 00007ffc710871d8
[ 1944.596497][ T1792]  </TASK>
[ 1944.890454][T27793] usb 2-1: Using ep0 maxpacket: 32
[ 1944.897517][T27793] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 1944.906347][T27793] usb 2-1: config 0 has no interface number 0
[ 1944.916405][T27793] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1944.926225][T27793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1944.934651][T27793] usb 2-1: Product: syz
[ 1944.938858][T27793] usb 2-1: Manufacturer: syz
[ 1944.943887][T27793] usb 2-1: SerialNumber: syz
[ 1944.980063][T27793] usb 2-1: config 0 descriptor??
[ 1944.989221][T27793] smsc95xx v2.0.0
[ 1945.110524][ T1798] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1945.819567][T22511] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1945.833947][T22511] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1945.847360][T22511] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1945.946835][T22511] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -71
[ 1945.959759][T22511] usb 8-1: USB disconnect, device number 68
[ 1946.003671][T29131] Bluetooth: hci5: unexpected event for opcode 0x0008
[ 1946.014382][ T1813] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7219'.
[ 1946.054904][ T1813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7219'.
[ 1946.380242][ T5922] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1946.758169][T27793] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1946.771617][T27793] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1946.795066][T27793] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1946.812201][T27793] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[ 1946.838009][T27793] usb 2-1: USB disconnect, device number 40
[ 1946.971477][ T5922] usb 1-1: too many configurations: 215, using maximum allowed: 8
[ 1946.993083][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1947.013587][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1947.301408][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1947.320449][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1947.372539][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1947.590291][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1947.604447][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1947.617958][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1947.761838][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1947.785307][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1947.792436][ T1832] vivid-004: =================  START STATUS  =================
[ 1947.802250][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1947.818618][ T1832] vivid-004: Radio HW Seek Mode: Bounded
[ 1947.828804][   T30] kauditd_printk_skb: 48 callbacks suppressed
[ 1947.828822][   T30] audit: type=1326 audit(1756993788.965:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1947.864307][ T1832] vivid-004: Radio Programmable HW Seek: false
[ 1947.870673][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1947.887389][ T1832] vivid-004: RDS Rx I/O Mode: Block I/O
[ 1947.893262][ T1832] vivid-004: Generate RBDS Instead of RDS: false
[ 1947.899867][ T1832] vivid-004: RDS Reception: true
[ 1947.905259][ T1832] vivid-004: RDS Program Type: 0 inactive
[ 1947.911249][ T1832] vivid-004: RDS PS Name:  inactive
[ 1947.916574][ T1832] vivid-004: RDS Radio Text:  inactive
[ 1947.923828][ T1832] vivid-004: RDS Traffic Announcement: false inactive
[ 1947.933601][ T1832] vivid-004: RDS Traffic Program: false inactive
[ 1947.944048][ T1835] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7226'.
[ 1947.953132][ T1832] vivid-004: RDS Music: false inactive
[ 1947.958786][ T1832] vivid-004: ==================  END STATUS  ==================
[ 1947.968706][ T1835] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7226'.
[ 1947.976647][   T30] audit: type=1326 audit(1756993788.965:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1947.980464][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1948.023101][   T30] audit: type=1326 audit(1756993788.965:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.050043][   T30] audit: type=1326 audit(1756993788.965:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.084379][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1948.103739][   T30] audit: type=1326 audit(1756993788.965:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.169127][   T30] audit: type=1326 audit(1756993788.965:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.255634][ T1841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7227'.
[ 1948.265432][T29131] Bluetooth: hci0: unexpected event for opcode 0x0008
[ 1948.265870][ T5922] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1948.343274][   T30] audit: type=1326 audit(1756993788.975:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.392336][ T5922] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1948.465759][ T5922] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1948.483951][   T30] audit: type=1326 audit(1756993788.975:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.507645][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1948.536682][ T5922] usb 1-1: Product: syz
[ 1948.547713][ T5922] usb 1-1: Manufacturer: syz
[ 1948.563874][ T5922] usb 1-1: SerialNumber: syz
[ 1948.585255][   T30] audit: type=1326 audit(1756993788.975:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.628626][ T5922] usb 1-1: ath9k_htc: Device endpoint numbers are not the expected ones
[ 1948.673706][   T30] audit: type=1326 audit(1756993788.975:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1834 comm="syz.1.7226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f9a3a98ebe9 code=0x7ffc0000
[ 1948.774642][ T1858] netlink: 'syz.5.7232': attribute type 4 has an invalid length.
[ 1948.873563][ T1861] netlink: 'syz.5.7232': attribute type 4 has an invalid length.
[ 1948.970654][T22511] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1949.122794][T27793] usb 1-1: USB disconnect, device number 22
[ 1949.140984][T22511] usb 2-1: Using ep0 maxpacket: 32
[ 1949.166498][T22511] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 1949.179384][T22511] usb 2-1: config 0 has no interface number 0
[ 1949.203263][T22511] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1949.217247][T22511] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1949.257515][T22511] usb 2-1: Product: syz
[ 1949.267107][T22511] usb 2-1: Manufacturer: syz
[ 1949.286441][T22511] usb 2-1: SerialNumber: syz
[ 1949.364743][ T1869] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7238'.
[ 1949.395205][ T1869] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7238'.
[ 1949.400109][T22511] usb 2-1: config 0 descriptor??
[ 1949.533623][T22511] smsc95xx v2.0.0
[ 1949.791760][ T1653] Bluetooth: Error in BCSP hdr checksum
[ 1950.247451][T28802] Bluetooth: Error in BCSP hdr checksum
[ 1950.251967][ T1871] o2cb: This node has not been configured.
[ 1950.258875][ T1871] o2cb: Cluster check failed. Fix errors before retrying.
[ 1950.266521][ T1871] (syz.6.7239,1871,1):user_dlm_register:674 ERROR: status = -22
[ 1950.274615][ T1871] (syz.6.7239,1871,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1950.540869][T27793] usb 7-1: new low-speed USB device number 113 using dummy_hcd
[ 1950.570340][T25582] usb 8-1: new high-speed USB device number 69 using dummy_hcd
[ 1950.660271][T27791] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1950.694293][T27793] usb 7-1: config 0 has an invalid interface number: 207 but max is 0
[ 1950.702981][T27793] usb 7-1: config 0 has no interface number 0
[ 1950.709139][T27793] usb 7-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[ 1950.718878][T27793] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1950.728718][T27793] usb 7-1: config 0 descriptor??
[ 1950.730323][T25582] usb 8-1: Using ep0 maxpacket: 32
[ 1950.739302][T27793] usb 7-1: selecting invalid altsetting 3
[ 1950.745690][T27793] comedi comedi4: could not set alternate setting 3 in high speed
[ 1950.754657][T27793] usbdux 7-1:0.207: driver 'usbdux' failed to auto-configure device.
[ 1950.764097][T25582] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1950.765760][T27793] usbdux 7-1:0.207: probe with driver usbdux failed with error -22
[ 1950.775671][T25582] usb 8-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1950.797132][T25582] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1950.808251][T25582] usb 8-1: config 0 descriptor??
[ 1950.811030][T27791] usb 6-1: Using ep0 maxpacket: 16
[ 1950.822472][T27791] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1950.834381][T27791] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1950.844213][T27791] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1950.854688][T27791] usb 6-1: config 0 descriptor??
[ 1950.942484][T22469] usb 7-1: USB disconnect, device number 113
[ 1951.024412][ T1874] netlink: 'syz.7.7240': attribute type 4 has an invalid length.
[ 1951.034957][T22511] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1951.052438][T22511] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1951.064335][T22511] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1951.074916][T25582] usb 8-1: string descriptor 0 read error: -71
[ 1951.078170][T22511] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[ 1951.089664][T25582] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1951.098041][T25582] gspca_vc032x: reg_r err -71
[ 1951.103508][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.107955][T22511] usb 2-1: USB disconnect, device number 41
[ 1951.109307][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.122683][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.128303][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.134767][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.149349][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.157653][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.163046][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.168430][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.176701][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.184492][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.189820][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.197402][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.202793][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.208079][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.213614][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.218905][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.224347][T25582] gspca_vc032x: I2c Bus Busy Wait 00
[ 1951.229667][T25582] gspca_vc032x: Unknown sensor...
[ 1951.236640][T25582] vc032x 8-1:0.0: probe with driver vc032x failed with error -22
[ 1951.248214][T25582] usb 8-1: USB disconnect, device number 69
[ 1951.301108][T27791] mcp2221 0003:04D8:00DD.0022: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[ 1951.503107][ T1876] bpf: Bad value for 'mode'
[ 1951.582003][T29131] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1951.742972][T25582] usb 6-1: USB disconnect, device number 20
[ 1951.868028][ T1882] netlink: 'syz.6.7242': attribute type 1 has an invalid length.
[ 1952.291201][T27652] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1952.299077][T22511] usb 8-1: new high-speed USB device number 70 using dummy_hcd
[ 1952.440222][T27652] usb 2-1: Using ep0 maxpacket: 16
[ 1952.453111][T27652] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1952.460797][T22511] usb 8-1: Using ep0 maxpacket: 8
[ 1952.467555][T27652] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1952.471522][T22511] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1952.498796][T27652] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1952.554314][T22511] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1952.590707][T27652] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1952.595497][T22511] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1952.616006][T22511] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1952.640610][T27652] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1952.647970][T22511] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1952.667754][T22511] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1952.668662][T27652] usb 2-1: Product: syz
[ 1952.703211][T27652] usb 2-1: Manufacturer: syz
[ 1952.757703][T27652] usb 2-1: SerialNumber: syz
[ 1952.923357][T22511] usb 8-1: GET_CAPABILITIES returned 0
[ 1952.977857][T22511] usbtmc 8-1:16.0: can't read capabilities
[ 1953.144096][    C1] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1953.186033][T22511] usb 8-1: USB disconnect, device number 70
[ 1953.326028][T27652] usb 2-1: 0:2 : does not exist
[ 1953.369554][ T1904] vivid-000: =================  START STATUS  =================
[ 1953.379685][ T1904] vivid-000: Radio HW Seek Mode: Bounded
[ 1953.385656][ T1904] vivid-000: Radio Programmable HW Seek: false
[ 1953.392289][ T1904] vivid-000: RDS Rx I/O Mode: Block I/O
[ 1953.397944][ T1904] vivid-000: Generate RBDS Instead of RDS: false
[ 1953.404602][ T1904] vivid-000: RDS Reception: true
[ 1953.409691][ T1904] vivid-000: RDS Program Type: 0 inactive
[ 1953.415763][ T1904] vivid-000: RDS PS Name:  inactive
[ 1953.430398][ T1904] vivid-000: RDS Radio Text:  inactive
[ 1953.436070][ T1904] vivid-000: RDS Traffic Announcement: false inactive
[ 1953.455653][ T1904] vivid-000: RDS Traffic Program: false inactive
[ 1953.462548][ T1904] vivid-000: RDS Music: false inactive
[ 1953.471161][ T1904] vivid-000: ==================  END STATUS  ==================
[ 1953.990257][ T1914] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7253'.
[ 1954.006537][ T1913] o2cb: This node has not been configured.
[ 1954.012589][ T1913] o2cb: Cluster check failed. Fix errors before retrying.
[ 1954.019961][ T1913] (syz.0.7252,1913,0):user_dlm_register:674 ERROR: status = -22
[ 1954.027921][ T1913] (syz.0.7252,1913,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1954.261325][ T1914] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7253'.
[ 1954.354294][T27652] usb 2-1: 1:0: failed to get current value for ch 0 (-22)
[ 1954.417802][T27652] usb 2-1: USB disconnect, device number 42
[ 1954.490363][ T7007] usb 1-1: new low-speed USB device number 23 using dummy_hcd
[ 1954.558146][T32742] udevd[32742]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1954.899613][ T7007] usb 1-1: config 0 has an invalid interface number: 207 but max is 0
[ 1954.914119][ T7007] usb 1-1: config 0 has no interface number 0
[ 1954.929322][ T7007] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[ 1954.948036][ T7007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1954.976954][ T7007] usb 1-1: config 0 descriptor??
[ 1955.014392][ T7007] usb 1-1: selecting invalid altsetting 3
[ 1955.040536][ T7007] comedi comedi4: could not set alternate setting 3 in high speed
[ 1955.069907][ T7007] usbdux 1-1:0.207: driver 'usbdux' failed to auto-configure device.
[ 1955.114254][ T7007] usbdux 1-1:0.207: probe with driver usbdux failed with error -22
[ 1955.194462][ T1926] FAULT_INJECTION: forcing a failure.
[ 1955.194462][ T1926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1955.208903][ T1926] CPU: 0 UID: 0 PID: 1926 Comm: syz.6.7256 Not tainted syzkaller #0 PREEMPT(full) 
[ 1955.208928][ T1926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1955.208937][ T1926] Call Trace:
[ 1955.208943][ T1926]  <TASK>
[ 1955.208949][ T1926]  dump_stack_lvl+0x16c/0x1f0
[ 1955.208980][ T1926]  should_fail_ex+0x512/0x640
[ 1955.209001][ T1926]  _copy_from_user+0x2e/0xd0
[ 1955.209023][ T1926]  iommufd_fops_ioctl+0x2f5/0x540
[ 1955.209044][ T1926]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1955.209064][ T1926]  ? hook_file_ioctl_common+0x145/0x410
[ 1955.209089][ T1926]  ? selinux_file_ioctl+0x180/0x270
[ 1955.209113][ T1926]  ? selinux_file_ioctl+0xb4/0x270
[ 1955.209139][ T1926]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1955.209159][ T1926]  __x64_sys_ioctl+0x18b/0x210
[ 1955.209187][ T1926]  do_syscall_64+0xcd/0x4c0
[ 1955.209207][ T1926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1955.209224][ T1926] RIP: 0033:0x7f679cf8ebe9
[ 1955.209238][ T1926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1955.209254][ T1926] RSP: 002b:00007f679de11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1955.209270][ T1926] RAX: ffffffffffffffda RBX: 00007f679d1c5fa0 RCX: 00007f679cf8ebe9
[ 1955.209280][ T1926] RDX: 0000200000000000 RSI: 0000000000003b82 RDI: 0000000000000003
[ 1955.209291][ T1926] RBP: 00007f679de11090 R08: 0000000000000000 R09: 0000000000000000
[ 1955.209302][ T1926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1955.209312][ T1926] R13: 00007f679d1c6038 R14: 00007f679d1c5fa0 R15: 00007ffd1af9fa78
[ 1955.209335][ T1926]  </TASK>
[ 1955.393852][ T1929] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7258'.
[ 1955.404060][T30242] Bluetooth: hci0: unexpected event for opcode 0x0008
[ 1955.479347][ T7007] usb 1-1: USB disconnect, device number 23
[ 1955.723034][ T1939] netlink: 'syz.7.7259': attribute type 12 has an invalid length.
[ 1955.976518][ T1944] netlink: 'syz.6.7260': attribute type 12 has an invalid length.
[ 1956.817679][ T1953] vivid-000: =================  START STATUS  =================
[ 1956.825684][ T1953] vivid-000: Radio HW Seek Mode: Bounded
[ 1956.831855][ T1953] vivid-000: Radio Programmable HW Seek: false
[ 1956.838220][ T1953] vivid-000: RDS Rx I/O Mode: Block I/O
[ 1956.844047][ T1953] vivid-000: Generate RBDS Instead of RDS: false
[ 1956.851523][ T1953] vivid-000: RDS Reception: true
[ 1956.856617][ T1953] vivid-000: RDS Program Type: 0 inactive
[ 1956.865518][ T1953] vivid-000: RDS PS Name:  inactive
[ 1956.903875][ T1953] vivid-000: RDS Radio Text:  inactive
[ 1956.909710][ T1953] vivid-000: RDS Traffic Announcement: false inactive
[ 1956.920263][ T1953] vivid-000: RDS Traffic Program: false inactive
[ 1956.928868][ T1953] vivid-000: RDS Music: false inactive
[ 1956.939001][ T1953] vivid-000: ==================  END STATUS  ==================
[ 1957.697140][ T1963] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7267'.
[ 1957.763098][ T1963] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7267'.
[ 1958.262610][ T1967] netlink: 'syz.1.7264': attribute type 12 has an invalid length.
[ 1958.890836][ T1971] vivid-000: =================  START STATUS  =================
[ 1958.898551][ T1971] vivid-000: Radio HW Seek Mode: Bounded
[ 1958.980945][ T1971] vivid-000: Radio Programmable HW Seek: false
[ 1958.987235][ T1971] vivid-000: RDS Rx I/O Mode: Block I/O
[ 1959.024470][ T1971] vivid-000: Generate RBDS Instead of RDS: false
[ 1959.032288][ T1971] vivid-000: RDS Reception: true
[ 1959.038683][ T1971] vivid-000: RDS Program Type: 0 inactive
[ 1959.054308][ T1971] vivid-000: RDS PS Name:  inactive
[ 1959.061415][ T1971] vivid-000: RDS Radio Text:  inactive
[ 1959.068828][ T1971] vivid-000: RDS Traffic Announcement: false inactive
[ 1959.079475][ T1971] vivid-000: RDS Traffic Program: false inactive
[ 1959.094554][ T1971] vivid-000: RDS Music: false inactive
[ 1959.103184][ T1971] vivid-000: ==================  END STATUS  ==================
[ 1959.221930][T30242] Bluetooth: hci0: unexpected event for opcode 0x0008
[ 1959.222502][ T1981] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7271'.
[ 1961.477755][T22469] usb 8-1: new high-speed USB device number 71 using dummy_hcd
[ 1961.671015][T22469] usb 8-1: Using ep0 maxpacket: 8
[ 1961.729063][T22469] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[ 1961.792895][T22469] usb 8-1: config 179 has no interface number 0
[ 1961.855752][T22469] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1961.954136][T22469] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1962.047319][T22469] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1962.127236][ T1994] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7273'.
[ 1962.149086][T22469] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1962.223932][T22469] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1962.335851][T22469] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1963.074097][ T2000] Device name cannot be null; rc = [-22]
[ 1963.359435][T22469] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1963.450782][T22469] usb 8-1: can't set config #179, error -71
[ 1963.483900][T22469] usb 8-1: USB disconnect, device number 71
[ 1965.302430][T29131] Bluetooth: hci5: unexpected event for opcode 0x0008
[ 1965.313429][ T2033] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7284'.
[ 1966.770094][ T2047] netlink: 'syz.6.7287': attribute type 1 has an invalid length.
[ 1966.859479][ T2056] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7289'.
[ 1967.193339][T29131] Bluetooth: hci1: command 0x1003 tx timeout
[ 1967.201029][T30242] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1967.352129][ T2046] netlink: 'syz.5.7286': attribute type 1 has an invalid length.
[ 1968.746740][ T2077] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7296'.
[ 1968.908349][ T2077] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7296'.
[ 1969.579961][ T2087] ALSA: mixer_oss: invalid OSS volume 'SPEAKE'
[ 1971.956852][ T2122] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7309'.
[ 1971.985413][ T2122] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7309'.
[ 1972.144455][ T2127] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1972.160687][ T2127] kvm: pic: non byte read
[ 1972.165613][ T2127] kvm: pic: level sensitive irq not supported
[ 1972.165676][ T2127] kvm: pic: non byte read
[ 1972.177208][ T2127] kvm: pic: level sensitive irq not supported
[ 1972.177267][ T2127] kvm: pic: non byte read
[ 1972.390251][T30242] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1973.137987][ T2142] FAULT_INJECTION: forcing a failure.
[ 1973.137987][ T2142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1973.174894][ T2142] CPU: 0 UID: 0 PID: 2142 Comm: syz.0.7313 Not tainted syzkaller #0 PREEMPT(full) 
[ 1973.174919][ T2142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1973.174929][ T2142] Call Trace:
[ 1973.174935][ T2142]  <TASK>
[ 1973.174942][ T2142]  dump_stack_lvl+0x16c/0x1f0
[ 1973.174966][ T2142]  should_fail_ex+0x512/0x640
[ 1973.174989][ T2142]  _copy_from_user+0x2e/0xd0
[ 1973.175010][ T2142]  iommufd_fops_ioctl+0x2f5/0x540
[ 1973.175030][ T2142]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1973.175051][ T2142]  ? hook_file_ioctl_common+0x145/0x410
[ 1973.175075][ T2142]  ? selinux_file_ioctl+0x180/0x270
[ 1973.175098][ T2142]  ? selinux_file_ioctl+0xb4/0x270
[ 1973.175121][ T2142]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1973.175139][ T2142]  __x64_sys_ioctl+0x18b/0x210
[ 1973.175166][ T2142]  do_syscall_64+0xcd/0x4c0
[ 1973.175187][ T2142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1973.175205][ T2142] RIP: 0033:0x7f79ba58ebe9
[ 1973.175219][ T2142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1973.175237][ T2142] RSP: 002b:00007f79bb4c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1973.175254][ T2142] RAX: ffffffffffffffda RBX: 00007f79ba7c5fa0 RCX: 00007f79ba58ebe9
[ 1973.175266][ T2142] RDX: 0000200000000180 RSI: 0000000000003b85 RDI: 0000000000000003
[ 1973.175276][ T2142] RBP: 00007f79bb4c5090 R08: 0000000000000000 R09: 0000000000000000
[ 1973.175287][ T2142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1973.175297][ T2142] R13: 00007f79ba7c6038 R14: 00007f79ba7c5fa0 R15: 00007ffd4835ed78
[ 1973.175329][ T2142]  </TASK>
[ 1973.671421][ T2152] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7314'.
[ 1974.399215][ T5922] usb 7-1: new high-speed USB device number 114 using dummy_hcd
[ 1974.425441][ T2166] siw: device registration error -23
[ 1974.570749][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1974.570766][   T30] audit: type=1400 audit(1756993815.666:1643): avc:  denied  { remount } for  pid=2161 comm="syz.7.7320" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1974.654806][ T5922] usb 7-1: Using ep0 maxpacket: 32
[ 1974.663750][ T5922] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[ 1974.950137][   T30] audit: type=1326 audit(1756993815.787:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1974.973502][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1974.983906][ T5922] usb 7-1: config 0 has no interface number 0
[ 1975.016262][   T30] audit: type=1326 audit(1756993815.787:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.039664][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1975.052837][ T5922] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1975.095397][   T30] audit: type=1326 audit(1756993815.787:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.118907][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1975.138441][   T30] audit: type=1326 audit(1756993815.787:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.166351][ T5922] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1975.308697][ T5922] usb 7-1: Product: syz
[ 1975.312899][ T5922] usb 7-1: Manufacturer: syz
[ 1975.338057][   T30] audit: type=1326 audit(1756993815.787:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.361606][ T5922] usb 7-1: SerialNumber: syz
[ 1975.367914][ T5922] usb 7-1: config 0 descriptor??
[ 1975.501560][ T5922] smsc95xx v2.0.0
[ 1975.535852][   T30] audit: type=1326 audit(1756993815.797:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.566053][   T30] audit: type=1326 audit(1756993815.797:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.589434][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1975.681140][   T30] audit: type=1326 audit(1756993815.797:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1975.704513][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1975.876012][   T30] audit: type=1326 audit(1756993815.797:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.5.7321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1976.055067][ T2178] trusted_key: encrypted_key: insufficient parameters specified
[ 1976.871850][ T5922] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1976.977615][ T5922] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1977.010426][ T5922] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1977.145165][ T5922] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71
[ 1977.161194][ T5922] usb 7-1: USB disconnect, device number 114
[ 1977.315675][ T2194] misc userio: The device must be registered before sending interrupts
[ 1978.080058][ T2203] FAULT_INJECTION: forcing a failure.
[ 1978.080058][ T2203] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1978.147670][ T2203] CPU: 0 UID: 0 PID: 2203 Comm: syz.7.7331 Not tainted syzkaller #0 PREEMPT(full) 
[ 1978.147696][ T2203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1978.147706][ T2203] Call Trace:
[ 1978.147713][ T2203]  <TASK>
[ 1978.147720][ T2203]  dump_stack_lvl+0x16c/0x1f0
[ 1978.147758][ T2203]  should_fail_ex+0x512/0x640
[ 1978.147783][ T2203]  _copy_to_iter+0x463/0x1710
[ 1978.147811][ T2203]  ? neigh_get_next+0xd8/0x3e0
[ 1978.147832][ T2203]  ? __pfx__copy_to_iter+0x10/0x10
[ 1978.147856][ T2203]  ? find_held_lock+0x2b/0x80
[ 1978.147878][ T2203]  ? neigh_seq_stop+0x8c/0x120
[ 1978.147896][ T2203]  ? __local_bh_enable_ip+0xa4/0x120
[ 1978.147917][ T2203]  seq_read_iter+0xcf8/0x12c0
[ 1978.147936][ T2203]  seq_read+0x3a3/0x570
[ 1978.147946][ T2203]  ? __pfx_seq_read+0x10/0x10
[ 1978.147957][ T2203]  ? copy_iovec_from_user+0x131/0x170
[ 1978.147973][ T2203]  ? iovec_from_user+0xbb/0x140
[ 1978.147989][ T2203]  ? avc_policy_seqno+0x9/0x20
[ 1978.148003][ T2203]  ? __pfx_seq_read+0x10/0x10
[ 1978.148013][ T2203]  proc_reg_read+0x23d/0x330
[ 1978.148030][ T2203]  ? __pfx_proc_reg_read+0x10/0x10
[ 1978.148046][ T2203]  vfs_readv+0x5be/0x8b0
[ 1978.148060][ T2203]  ? __pfx_vfs_readv+0x10/0x10
[ 1978.148070][ T2203]  ? find_held_lock+0x2b/0x80
[ 1978.148092][ T2203]  ? __fget_files+0x20e/0x3c0
[ 1978.148108][ T2203]  ? do_preadv+0x1a6/0x270
[ 1978.148116][ T2203]  do_preadv+0x1a6/0x270
[ 1978.148127][ T2203]  ? __pfx_do_preadv+0x10/0x10
[ 1978.148141][ T2203]  do_syscall_64+0xcd/0x4c0
[ 1978.148156][ T2203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1978.148169][ T2203] RIP: 0033:0x7fe322d8ebe9
[ 1978.148177][ T2203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1978.148189][ T2203] RSP: 002b:00007fe320ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1978.148200][ T2203] RAX: ffffffffffffffda RBX: 00007fe322fc5fa0 RCX: 00007fe322d8ebe9
[ 1978.148207][ T2203] RDX: 0000000000000002 RSI: 00002000000004c0 RDI: 0000000000000003
[ 1978.148213][ T2203] RBP: 00007fe320ff6090 R08: 0000000000000005 R09: 0000000000000000
[ 1978.148220][ T2203] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 1978.148226][ T2203] R13: 00007fe322fc6038 R14: 00007fe322fc5fa0 R15: 00007ffc924fe988
[ 1978.148240][ T2203]  </TASK>
[ 1979.388345][ T2220] o2cb: This node has not been configured.
[ 1979.394496][ T2220] o2cb: Cluster check failed. Fix errors before retrying.
[ 1979.401898][ T2220] (syz.0.7335,2220,0):user_dlm_register:674 ERROR: status = -22
[ 1979.458608][ T2220] (syz.0.7335,2220,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1980.185057][   T30] kauditd_printk_skb: 138 callbacks suppressed
[ 1980.185092][   T30] audit: type=1326 audit(1756993821.329:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.215307][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1980.239290][ T5922] usb 1-1: new low-speed USB device number 24 using dummy_hcd
[ 1980.400923][ T5922] usb 1-1: config 0 has an invalid interface number: 207 but max is 0
[ 1980.400942][ T5922] usb 1-1: config 0 has no interface number 0
[ 1980.400964][ T5922] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[ 1980.400977][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1980.402258][ T5922] usb 1-1: config 0 descriptor??
[ 1980.405673][ T5922] usb 1-1: selecting invalid altsetting 3
[ 1980.405687][ T5922] comedi comedi4: could not set alternate setting 3 in high speed
[ 1980.405697][ T5922] usbdux 1-1:0.207: driver 'usbdux' failed to auto-configure device.
[ 1980.408516][ T5922] usbdux 1-1:0.207: probe with driver usbdux failed with error -22
[ 1980.533065][   T30] audit: type=1326 audit(1756993821.679:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533101][   T30] audit: type=1326 audit(1756993821.679:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533124][   T30] audit: type=1326 audit(1756993821.679:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533148][   T30] audit: type=1326 audit(1756993821.679:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533169][   T30] audit: type=1326 audit(1756993821.679:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533191][   T30] audit: type=1326 audit(1756993821.679:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533213][   T30] audit: type=1326 audit(1756993821.679:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533235][   T30] audit: type=1326 audit(1756993821.679:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.533260][   T30] audit: type=1326 audit(1756993821.679:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2223 comm="syz.7.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe322d8ebe9 code=0x7fc00000
[ 1980.690557][T27793] usb 1-1: USB disconnect, device number 24
[ 1983.737514][ T2266] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1984.197593][ T2272] ALSA: mixer_oss: invalid OSS volume 'SPEAKE'
[ 1985.278550][T30242] Bluetooth: hci5: unexpected event for opcode 0x0008
[ 1985.290982][ T2286] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7352'.
[ 1985.331947][ T2286] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7352'.
[ 1985.493326][T25582] usb 7-1: new full-speed USB device number 115 using dummy_hcd
[ 1985.820524][ T2293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7354'.
[ 1986.223343][T25582] usb 7-1: device descriptor read/64, error -71
[ 1986.517515][T25582] usb 7-1: new full-speed USB device number 116 using dummy_hcd
[ 1986.857276][ T2307] FAULT_INJECTION: forcing a failure.
[ 1986.857276][ T2307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1986.984286][ T2307] CPU: 1 UID: 0 PID: 2307 Comm: syz.0.7357 Not tainted syzkaller #0 PREEMPT(full) 
[ 1986.984314][ T2307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1986.984324][ T2307] Call Trace:
[ 1986.984330][ T2307]  <TASK>
[ 1986.984337][ T2307]  dump_stack_lvl+0x16c/0x1f0
[ 1986.984363][ T2307]  should_fail_ex+0x512/0x640
[ 1986.984388][ T2307]  _copy_from_user+0x2e/0xd0
[ 1986.984411][ T2307]  kstrtouint_from_user+0xd6/0x1d0
[ 1986.984429][ T2307]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1986.984444][ T2307]  ? __lock_acquire+0xb97/0x1ce0
[ 1986.984482][ T2307]  proc_fail_nth_write+0x83/0x220
[ 1986.984510][ T2307]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1986.984538][ T2307]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1986.984557][ T2307]  vfs_write+0x29d/0x11d0
[ 1986.984580][ T2307]  ? __pfx___mutex_lock+0x10/0x10
[ 1986.984601][ T2307]  ? __pfx_vfs_write+0x10/0x10
[ 1986.984626][ T2307]  ? __fget_files+0x20e/0x3c0
[ 1986.984654][ T2307]  ksys_write+0x12a/0x250
[ 1986.984672][ T2307]  ? __pfx_ksys_write+0x10/0x10
[ 1986.984698][ T2307]  do_syscall_64+0xcd/0x4c0
[ 1986.984720][ T2307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1986.984737][ T2307] RIP: 0033:0x7f79ba58d69f
[ 1986.984752][ T2307] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1986.984769][ T2307] RSP: 002b:00007f79bb4c5030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1986.984786][ T2307] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f79ba58d69f
[ 1986.984798][ T2307] RDX: 0000000000000001 RSI: 00007f79bb4c50a0 RDI: 0000000000000005
[ 1986.984809][ T2307] RBP: 00007f79bb4c5090 R08: 0000000000000000 R09: 0000000000000000
[ 1986.984819][ T2307] R10: 0000200000000300 R11: 0000000000000293 R12: 0000000000000001
[ 1986.984830][ T2307] R13: 00007f79ba7c6038 R14: 00007f79ba7c5fa0 R15: 00007ffd4835ed78
[ 1986.984856][ T2307]  </TASK>
[ 1987.177639][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1987.689084][   T30] kauditd_printk_skb: 1790 callbacks suppressed
[ 1987.689100][   T30] audit: type=1326 audit(1756993828.843:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1987.719445][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1987.868121][ T7007] usb 8-1: new high-speed USB device number 72 using dummy_hcd
[ 1988.097292][   T30] audit: type=1326 audit(1756993828.843:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1988.120692][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1988.122656][ T7007] usb 8-1: Using ep0 maxpacket: 32
[ 1988.151546][ T7007] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[ 1988.161663][ T7007] usb 8-1: config 0 has no interface number 0
[ 1988.177943][ T7007] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1988.197898][ T7007] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1988.227562][ T7007] usb 8-1: Product: syz
[ 1988.240504][ T7007] usb 8-1: Manufacturer: syz
[ 1988.268340][ T7007] usb 8-1: SerialNumber: syz
[ 1988.302778][   T30] audit: type=1326 audit(1756993828.843:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1988.368388][ T7007] usb 8-1: config 0 descriptor??
[ 1988.406297][ T7007] smsc95xx v2.0.0
[ 1988.443607][   T30] audit: type=1326 audit(1756993828.843:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1988.466977][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1988.572755][   T30] audit: type=1326 audit(1756993828.843:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1988.671385][   T30] audit: type=1326 audit(1756993828.843:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1988.847839][   T30] audit: type=1326 audit(1756993828.843:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1989.052903][   T30] audit: type=1326 audit(1756993828.843:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f79ba58ebe9 code=0x7ffc0000
[ 1989.147991][   T30] audit: type=1326 audit(1756993828.843:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f79ba58ec23 code=0x7ffc0000
[ 1989.181654][   T30] audit: type=1326 audit(1756993828.853:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2314 comm="syz.0.7359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f79ba58ec23 code=0x7ffc0000
[ 1989.252418][ T2327] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[ 1989.466436][ T2333] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1990.292606][ T7007] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1990.331381][ T7007] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1990.417132][ T7007] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1990.612375][ T7007] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -71
[ 1990.648274][ T7007] usb 8-1: USB disconnect, device number 72
[ 1990.915928][ T2350] veth0_to_bridge: entered promiscuous mode
[ 1990.980678][ T2347] veth0_to_bridge: left promiscuous mode
[ 1991.711176][T22511] usb 7-1: new high-speed USB device number 117 using dummy_hcd
[ 1992.270813][T22511] usb 7-1: Using ep0 maxpacket: 8
[ 1992.285620][T22511] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1992.509063][T22511] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1992.540663][T22511] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1992.617904][T22511] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1992.631491][T22511] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1992.641990][T22511] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1992.924143][T22511] usb 7-1: GET_CAPABILITIES returned 0
[ 1992.933421][T22511] usbtmc 7-1:16.0: can't read capabilities
[ 1993.520506][T22511] usb 7-1: USB disconnect, device number 117
[ 1994.062411][ T2381] lo speed is unknown, defaulting to 1000
[ 1994.090242][ T2388] 9pnet_fd: Insufficient options for proto=fd
[ 1994.331740][ T2396] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1995.424118][T30242] Bluetooth: hci5: unexpected event for opcode 0x0008
[ 1995.439719][ T7007] usb 8-1: new high-speed USB device number 73 using dummy_hcd
[ 1995.448467][ T2405] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7384'.
[ 1995.531778][ T2405] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7384'.
[ 1995.630334][ T7007] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1995.643321][ T7007] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1995.669741][ T7007] usb 8-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[ 1995.718628][ T7007] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1995.755493][ T7007] usb 8-1: config 0 descriptor??
[ 1995.787708][ T2415] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[ 1995.794248][ T2415] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1995.824745][ T2415] vhci_hcd vhci_hcd.0: Device attached
[ 1995.844957][   T30] kauditd_printk_skb: 34 callbacks suppressed
[ 1995.844972][   T30] audit: type=1400 audit(1756993836.987:3635): avc:  denied  { read } for  pid=2414 comm="syz.5.7387" path="socket:[139084]" dev="sockfs" ino=139084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1995.925242][ T2419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7388'.
[ 1996.009283][T22511] usb 7-1: new high-speed USB device number 118 using dummy_hcd
[ 1996.109242][T22469] vhci_hcd: vhci_device speed not set
[ 1996.391384][ T7007] hid-alps 0003:044E:1215.0023: hidraw0: USB HID v0.04 Device [HID 044e:1215] on usb-dummy_hcd.7-1/input0
[ 1996.408786][T22469] usb 43-1: new full-speed USB device number 4 using vhci_hcd
[ 1996.549196][T22511] usb 7-1: Using ep0 maxpacket: 32
[ 1996.903719][ T7007] usb 8-1: USB disconnect, device number 73
[ 1996.923503][T22511] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[ 1996.943512][T22511] usb 7-1: config 0 has no interface number 0
[ 1996.984365][T22511] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1997.036432][ T2430] fido_id[2430]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[ 1997.055219][T22511] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1997.064001][T22511] usb 7-1: Product: syz
[ 1997.132696][T22511] usb 7-1: Manufacturer: syz
[ 1997.173200][T22511] usb 7-1: SerialNumber: syz
[ 1997.207308][T22511] usb 7-1: config 0 descriptor??
[ 1997.277385][T22511] smsc95xx v2.0.0
[ 1997.927871][T27791] usb 8-1: new high-speed USB device number 74 using dummy_hcd
[ 1998.084176][ T2437] 9pnet_fd: Insufficient options for proto=fd
[ 1998.099457][T27791] usb 8-1: config 0 has an invalid interface number: 123 but max is 0
[ 1998.117878][T27791] usb 8-1: config 0 has no interface number 0
[ 1998.142095][T27791] usb 8-1: New USB device found, idVendor=1004, idProduct=61aa, bcdDevice= d.13
[ 1998.157838][T27791] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1998.176601][T27791] usb 8-1: Product: syz
[ 1998.186227][T27791] usb 8-1: Manufacturer: syz
[ 1998.220303][T27791] usb 8-1: SerialNumber: syz
[ 1998.249523][T27791] usb 8-1: config 0 descriptor??
[ 1998.272374][T29131] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1998.285369][T29131] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1998.295401][T29131] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1998.306798][T29131] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1998.316865][T29131] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1998.480399][T22511] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1998.492624][T22511] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1998.505921][T22511] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1998.521059][T22511] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71
[ 1998.822751][T22511] usb 7-1: USB disconnect, device number 118
[ 1999.078277][ T2448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1999.106377][ T2448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1999.195339][ T2439] lo speed is unknown, defaulting to 1000
[ 1999.273780][T27791] usb 8-1: bad CDC descriptors
[ 1999.387839][   T30] audit: type=1326 audit(1756993840.479:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.450407][T27791] usb 8-1: USB disconnect, device number 74
[ 1999.610123][   T30] audit: type=1326 audit(1756993840.489:3637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.703000][   T30] audit: type=1326 audit(1756993840.489:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.728837][   T30] audit: type=1326 audit(1756993840.489:3639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.752439][   T30] audit: type=1326 audit(1756993840.489:3640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.785197][   T30] audit: type=1326 audit(1756993840.489:3641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.809441][   T30] audit: type=1326 audit(1756993840.489:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.833092][   T30] audit: type=1326 audit(1756993840.489:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.865941][   T30] audit: type=1326 audit(1756993840.489:3644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2449 comm="syz.5.7394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f158ebe9 code=0x7ffc0000
[ 1999.914859][ T2439] chnl_net:caif_netlink_parms(): no params data found
[ 2000.122135][ T2473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7399'.
[ 2000.176811][ T2439] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2000.214285][ T2439] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2000.314661][ T2439] bridge_slave_0: entered allmulticast mode
[ 2000.323307][ T2439] bridge_slave_0: entered promiscuous mode
[ 2000.367112][T30242] Bluetooth: hci1: command tx timeout
[ 2000.521071][ T2439] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2000.568479][ T2439] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2000.587118][ T2439] bridge_slave_1: entered allmulticast mode
[ 2000.627437][ T2439] bridge_slave_1: entered promiscuous mode
[ 2000.639184][ T2486] vivid-000: =================  START STATUS  =================
[ 2000.649791][ T2486] vivid-000: Radio HW Seek Mode: Bounded
[ 2000.656986][ T2486] vivid-000: Radio Programmable HW Seek: false
[ 2000.663268][ T2486] vivid-000: RDS Rx I/O Mode: Block I/O
[ 2000.681862][ T2486] vivid-000: Generate RBDS Instead of RDS: false
[ 2000.717107][ T2495] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7403'.
[ 2000.999902][ T2486] vivid-000: RDS Reception: true
[ 2001.004967][ T2486] vivid-000: RDS Program Type: 0 inactive
[ 2001.013283][ T2486] vivid-000: RDS PS Name:  inactive
[ 2001.021412][ T2486] vivid-000: RDS Radio Text:  inactive
[ 2001.027156][ T2486] vivid-000: RDS Traffic Announcement: false inactive
[ 2001.034098][ T2486] vivid-000: RDS Traffic Program: false inactive
[ 2001.045215][ T2486] vivid-000: RDS Music: false inactive
[ 2001.051999][ T2486] vivid-000: ==================  END STATUS  ==================
[ 2001.119322][ T2439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2001.130811][ T2495] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7403'.
[ 2001.143360][ T2439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2001.257878][ T2439] team0: Port device team_slave_0 added
[ 2001.320114][ T2439] team0: Port device team_slave_1 added
[ 2001.795555][ T2439] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2001.818830][ T2439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2001.865889][ T2439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2001.969837][ T7007] usb 7-1: new high-speed USB device number 119 using dummy_hcd
[ 2002.116008][  T975] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 2002.281913][ T2439] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2002.448506][T30242] Bluetooth: hci1: command tx timeout
[ 2002.498142][ T7007] usb 7-1: Using ep0 maxpacket: 16
[ 2002.505286][ T7007] usb 7-1: config 2 has an invalid interface number: 185 but max is 0
[ 2002.513473][ T7007] usb 7-1: config 2 has no interface number 0
[ 2002.521779][ T2439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2002.522612][ T7007] usb 7-1: New USB device found, idVendor=05ac, idProduct=120a, bcdDevice=60.45
[ 2002.559523][ T7007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2002.574942][ T7007] usb 7-1: Product: syz
[ 2002.579158][ T7007] usb 7-1: Manufacturer: syz
[ 2002.583777][ T7007] usb 7-1: SerialNumber: syz
[ 2002.596955][ T2439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2002.599072][  T975] usb 6-1: Using ep0 maxpacket: 32
[ 2002.617396][ T7007] usb-storage 7-1:2.185: USB Mass Storage device detected
[ 2002.640316][  T975] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 2002.651973][ T7007] usb-storage 7-1:2.185: Quirks match for vid 05ac pid 120a: 10
[ 2002.674937][  T975] usb 6-1: config 0 has no interface number 0
[ 2002.706407][ T2439] hsr_slave_0: entered promiscuous mode
[ 2002.712480][ T2439] hsr_slave_1: entered promiscuous mode
[ 2002.740330][  T975] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 2002.757205][  T975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2002.775623][ T2439] debugfs: 'hsr0' already exists in 'hsr'
[ 2002.791618][  T975] usb 6-1: Product: syz
[ 2002.796947][ T2439] Cannot create hsr debugfs directory
[ 2002.803070][  T975] usb 6-1: Manufacturer: syz
[ 2002.815641][  T975] usb 6-1: SerialNumber: syz
[ 2002.874663][  T975] usb 6-1: config 0 descriptor??
[ 2002.894719][  T975] smsc95xx v2.0.0
[ 2003.262033][ T2534] vivid-004: =================  START STATUS  =================
[ 2003.278785][ T2534] vivid-004: Radio HW Seek Mode: Bounded
[ 2003.285122][ T2534] vivid-004: Radio Programmable HW Seek: false
[ 2003.291357][ T2534] vivid-004: RDS Rx I/O Mode: Block I/O
[ 2003.297578][ T2534] vivid-004: Generate RBDS Instead of RDS: false
[ 2003.303980][ T2534] vivid-004: RDS Reception: true
[ 2003.309168][ T2534] vivid-004: RDS Program Type: 0 inactive
[ 2003.315530][ T2534] vivid-004: RDS PS Name:  inactive
[ 2003.320905][ T2534] vivid-004: RDS Radio Text:  inactive
[ 2003.326732][ T2534] vivid-004: RDS Traffic Announcement: false inactive
[ 2003.333942][ T2534] vivid-004: RDS Traffic Program: false inactive
[ 2003.340373][ T2534] vivid-004: RDS Music: false inactive
[ 2003.346615][ T2534] vivid-004: ==================  END STATUS  ==================
[ 2003.921935][T22511] apple-mfi-fastcharge 7-1: USB disconnect, device number 119
[ 2004.169864][  T975] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 2004.198096][  T975] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 2004.211269][  T975] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 2004.231909][  T975] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[ 2004.290704][  T975] usb 6-1: USB disconnect, device number 21
[ 2004.531624][T30242] Bluetooth: hci1: command tx timeout
[ 2005.048474][T30242] Bluetooth: hci3: unexpected event for opcode 0x0008
[ 2005.049144][ T2574] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7414'.
[ 2005.316449][ T2582] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7414'.
[ 2005.424198][ T2439] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2005.519800][ T2439] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2005.679220][ T2439] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2005.855301][ T2439] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2005.924701][ T2594] netlink: 'syz.7.7416': attribute type 3 has an invalid length.
[ 2005.932589][ T2594] netlink: 201372 bytes leftover after parsing attributes in process `syz.7.7416'.
[ 2006.375045][ T2614] 9pnet_fd: Insufficient options for proto=fd
[ 2006.603234][T30242] Bluetooth: hci1: command tx timeout
[ 2006.721540][ T2439] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2006.735903][ T2439] 8021q: adding VLAN 0 to HW filter on device team0
[ 2006.796915][T18142] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2006.804064][T18142] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2006.874891][T18142] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2006.882028][T18142] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2010.383131][T25582] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 2010.424716][ T2645] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7422'.
[ 2010.581340][T25582] usb 1-1: Using ep0 maxpacket: 8
[ 2010.619887][T25582] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[ 2010.632008][T25582] usb 1-1: config 179 has no interface number 0
[ 2010.638302][T25582] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 2010.811794][ T2660] vivid-002: =================  START STATUS  =================
[ 2010.827003][ T2660] vivid-002: Radio HW Seek Mode: Bounded
[ 2010.833328][ T2660] vivid-002: Radio Programmable HW Seek: false
[ 2010.842919][ T2660] vivid-002: RDS Rx I/O Mode: Block I/O
[ 2010.850915][ T2660] vivid-002: Generate RBDS Instead of RDS: false
[ 2010.861688][ T2660] vivid-002: RDS Reception: true
[ 2010.867294][T25582] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 2010.878644][T25582] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 2010.890025][T25582] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 2010.900224][ T2660] vivid-002: RDS Program Type: 0 inactive
[ 2010.976798][ T2660] vivid-002: RDS PS Name:  inactive
[ 2010.982313][ T2660] vivid-002: RDS Radio Text:  inactive
[ 2010.987986][ T2660] vivid-002: RDS Traffic Announcement: false inactive
[ 2010.995073][ T2660] vivid-002: RDS Traffic Program: false inactive
[ 2011.001593][ T2660] vivid-002: RDS Music: false inactive
[ 2011.007177][ T2660] vivid-002: ==================  END STATUS  ==================
[ 2011.118835][T25582] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 2011.190237][T25582] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 2011.199624][T25582] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2011.211202][ T2634] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2011.277922][T25582] xpad 1-1:179.65: probe with driver xpad failed with error -5
[ 2011.403008][ T2439] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2011.471012][  T975] usb 8-1: new high-speed USB device number 75 using dummy_hcd
[ 2011.719301][ T2439] veth0_vlan: entered promiscuous mode
[ 2011.739894][ T5922] usb 1-1: USB disconnect, device number 25
[ 2011.874011][  T975] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 2011.889030][ T2439] veth1_vlan: entered promiscuous mode
[ 2011.976995][  T975] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2011.977140][ T2439] veth0_macvtap: entered promiscuous mode
[ 2012.089857][  T975] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2012.106727][  T975] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 2012.131781][  T975] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 2012.143710][  T975] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 2012.152488][  T975] usb 8-1: Manufacturer: syz
[ 2012.158605][  T975] usb 8-1: config 0 descriptor??
[ 2012.484994][ T2678] netlink: 'syz.0.7426': attribute type 1 has an invalid length.
[ 2012.499243][ T2439] veth1_macvtap: entered promiscuous mode
[ 2012.751544][ T2682] 9pnet_fd: Insufficient options for proto=fd
[ 2012.773776][ T2439] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2012.867193][ T2439] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2012.891254][  T975] appleir 0003:05AC:8243.0024: unknown main item tag 0x0
[ 2012.902323][T28793] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2012.987318][  T975] appleir 0003:05AC:8243.0024: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0
[ 2013.003299][T28793] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2013.241311][T28793] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2013.706527][T28793] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2014.147884][T28793] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2014.185598][T28793] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2014.232436][ T2714] FAULT_INJECTION: forcing a failure.
[ 2014.232436][ T2714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2014.260367][ T5922] usb 8-1: reset high-speed USB device number 75 using dummy_hcd
[ 2014.305211][ T2714] CPU: 0 UID: 0 PID: 2714 Comm: syz.5.7431 Not tainted syzkaller #0 PREEMPT(full) 
[ 2014.305241][ T2714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2014.305251][ T2714] Call Trace:
[ 2014.305258][ T2714]  <TASK>
[ 2014.305265][ T2714]  dump_stack_lvl+0x16c/0x1f0
[ 2014.305291][ T2714]  should_fail_ex+0x512/0x640
[ 2014.305316][ T2714]  _copy_to_user+0x32/0xd0
[ 2014.305342][ T2714]  simple_read_from_buffer+0xcb/0x170
[ 2014.305363][ T2714]  proc_fail_nth_read+0x197/0x240
[ 2014.305386][ T2714]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2014.305409][ T2714]  ? rw_verify_area+0xcf/0x6c0
[ 2014.305435][ T2714]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2014.305455][ T2714]  vfs_read+0x1e1/0xcf0
[ 2014.305476][ T2714]  ? __pfx___mutex_lock+0x10/0x10
[ 2014.305498][ T2714]  ? __pfx_vfs_read+0x10/0x10
[ 2014.305523][ T2714]  ? __fget_files+0x20e/0x3c0
[ 2014.305550][ T2714]  ksys_read+0x12a/0x250
[ 2014.305567][ T2714]  ? __pfx_ksys_read+0x10/0x10
[ 2014.305585][ T2714]  ? abort_creds+0x8b/0xb0
[ 2014.305608][ T2714]  do_syscall_64+0xcd/0x4c0
[ 2014.305631][ T2714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2014.305649][ T2714] RIP: 0033:0x7f43f158d5fc
[ 2014.305664][ T2714] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2014.305681][ T2714] RSP: 002b:00007f43f23c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2014.305698][ T2714] RAX: ffffffffffffffda RBX: 00007f43f17c5fa0 RCX: 00007f43f158d5fc
[ 2014.305710][ T2714] RDX: 000000000000000f RSI: 00007f43f23c70a0 RDI: 0000000000000003
[ 2014.305720][ T2714] RBP: 00007f43f23c7090 R08: 0000000000000000 R09: 0000000000000000
[ 2014.305731][ T2714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2014.305741][ T2714] R13: 00007f43f17c6038 R14: 00007f43f17c5fa0 R15: 00007ffc710871d8
[ 2014.305765][ T2714]  </TASK>
[ 2014.492170][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2014.550163][T28793] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2014.557997][T28793] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2015.049461][  T975] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 2015.209357][  T975] usb 3-1: Using ep0 maxpacket: 8
[ 2015.215944][  T975] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2015.235152][  T975] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2015.246255][  T975] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2015.266304][  T975] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2015.283186][  T975] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2015.293677][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2015.515139][  T975] usb 3-1: GET_CAPABILITIES returned 0
[ 2015.525018][  T975] usbtmc 3-1:16.0: can't read capabilities
[ 2015.541759][T10845] usb 8-1: USB disconnect, device number 75
[ 2015.728250][T22511] usb 3-1: USB disconnect, device number 19
[ 2120.946514][T30242] Bluetooth: hci1: command 0x0406 tx timeout
[ 2175.798744][   T31] INFO: task kworker/1:0:22469 blocked for more than 143 seconds.
[ 2175.806644][   T31]       Not tainted syzkaller #0
[ 2175.811969][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2175.821560][   T31] task:kworker/1:0     state:D stack:22568 pid:22469 tgid:22469 ppid:2      task_flags:0x4208160 flags:0x00004000
[ 2175.834126][   T31] Workqueue: usb_hub_wq hub_event
[ 2175.839885][   T31] Call Trace:
[ 2175.843193][   T31]  <TASK>
[ 2175.846148][   T31]  __schedule+0x1190/0x5de0
[ 2175.851843][   T31]  ? __pfx___schedule+0x10/0x10
[ 2175.856804][   T31]  ? find_held_lock+0x2b/0x80
[ 2175.862197][   T31]  ? schedule+0x2d7/0x3a0
[ 2175.866541][   T31]  schedule+0xe7/0x3a0
[ 2175.871872][   T31]  usb_kill_urb+0x253/0x320
[ 2175.876384][   T31]  ? __pfx_usb_kill_urb+0x10/0x10
[ 2175.886542][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 2175.893286][   T31]  ? lockdep_init_map_type+0xd0/0x280
[ 2175.899388][   T31]  usb_start_wait_urb+0x250/0x4b0
[ 2175.904422][   T31]  ? __pfx_usb_start_wait_urb+0x10/0x10
[ 2175.910581][   T31]  ? __asan_memset+0x23/0x50
[ 2175.915189][   T31]  usb_control_msg+0x326/0x4a0
[ 2175.920606][   T31]  ? __pfx_usb_control_msg+0x10/0x10
[ 2175.925909][   T31]  get_bMaxPacketSize0.constprop.0+0xd0/0x1f0
[ 2175.932605][   T31]  hub_port_init+0x690/0x3a70
[ 2175.937295][   T31]  hub_event+0x2ce1/0x4fe0
[ 2175.942352][   T31]  ? __pfx_hub_event+0x10/0x10
[ 2175.947211][   T31]  ? vvar_fault+0x150/0x1e0
[ 2175.952323][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2175.957101][   T31]  process_one_work+0x9cc/0x1b70
[ 2175.963285][   T31]  ? __pfx_hcd_resume_work+0x10/0x10
[ 2175.969198][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 2175.974667][   T31]  ? assign_work+0x1a0/0x250
[ 2175.980318][   T31]  worker_thread+0x6c8/0xf10
[ 2175.984928][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2175.990704][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 2175.995824][   T31]  kthread+0x3c2/0x780
[ 2176.001166][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.005783][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2176.011169][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.015762][   T31]  ret_from_fork+0x5d4/0x6f0
[ 2176.021066][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.025666][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2176.031104][   T31]  </TASK>
[ 2176.034153][   T31] 
[ 2176.034153][   T31] Showing all locks held in the system:
[ 2176.042551][   T31] 1 lock held by khungtaskd/31:
[ 2176.047383][   T31]  #0: ffffffff8e5c1260 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 2176.057694][   T31] 2 locks held by getty/5612:
[ 2176.062822][   T31]  #0: ffff88814cc3e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 2176.073169][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 2176.083780][   T31] 5 locks held by kworker/1:0/22469:
[ 2176.089681][   T31]  #0: ffff8880212ce948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 2176.101100][   T31]  #1: ffffc9000431fd10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 2176.113084][   T31]  #2: ffff88802b1bf198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[ 2176.122648][   T31]  #3: ffff88802b1eb518 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x2981/0x4fe0
[ 2176.133058][   T31]  #4: ffff88802ae64c68 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x29aa/0x4fe0
[ 2176.143278][   T31] 
[ 2176.145600][   T31] =============================================
[ 2176.145600][   T31] 
[ 2176.154229][   T31] NMI backtrace for cpu 1
[ 2176.154241][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 2176.154259][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2176.154271][   T31] Call Trace:
[ 2176.154276][   T31]  <TASK>
[ 2176.154283][   T31]  dump_stack_lvl+0x116/0x1f0
[ 2176.154308][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 2176.154333][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2176.154360][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 2176.154387][   T31]  watchdog+0xf0e/0x1260
[ 2176.154411][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2176.154429][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2176.154450][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2176.154476][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2176.154496][   T31]  kthread+0x3c2/0x780
[ 2176.154514][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.154533][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2176.154556][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.154574][   T31]  ret_from_fork+0x5d4/0x6f0
[ 2176.154590][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.154608][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2176.154642][   T31]  </TASK>
[ 2176.154648][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 2176.274378][    C0] NMI backtrace for cpu 0
[ 2176.274394][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[ 2176.274410][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2176.274418][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 2176.274438][    C0] Code: 0c 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 03 16 00 fb f4 <e9> 8c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 2176.274451][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 000002c2
[ 2176.274463][    C0] RAX: 00000000089e9b4b RBX: 0000000000000000 RCX: ffffffff8b940c29
[ 2176.274472][    C0] RDX: 0000000000000000 RSI: ffffffff8de513c8 RDI: ffffffff8c162b00
[ 2176.274480][    C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1017086655
[ 2176.274489][    C0] R10: ffff8880b84332ab R11: 0000000000000000 R12: 0000000000000000
[ 2176.274497][    C0] R13: ffffffff8e2977c0 R14: ffffffff90ab5c90 R15: 0000000000000000
[ 2176.274506][    C0] FS:  0000000000000000(0000) GS:ffff8881246b8000(0000) knlGS:0000000000000000
[ 2176.274520][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2176.274529][    C0] CR2: 000055d0acfb3168 CR3: 000000000e380000 CR4: 00000000003526f0
[ 2176.274537][    C0] Call Trace:
[ 2176.274543][    C0]  <TASK>
[ 2176.274548][    C0]  default_idle+0x13/0x20
[ 2176.274566][    C0]  default_idle_call+0x6d/0xb0
[ 2176.274581][    C0]  do_idle+0x391/0x510
[ 2176.274599][    C0]  ? __pfx_do_idle+0x10/0x10
[ 2176.274615][    C0]  ? trace_sched_exit_tp+0x2f/0x120
[ 2176.274631][    C0]  cpu_startup_entry+0x4f/0x60
[ 2176.274647][    C0]  rest_init+0x16b/0x2b0
[ 2176.274664][    C0]  ? acpi_subsystem_init+0x133/0x180
[ 2176.274677][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 2176.274692][    C0]  start_kernel+0x3ee/0x4d0
[ 2176.274706][    C0]  x86_64_start_reservations+0x18/0x30
[ 2176.274719][    C0]  x86_64_start_kernel+0x130/0x190
[ 2176.274732][    C0]  common_startup_64+0x13e/0x148
[ 2176.274752][    C0]  </TASK>
[ 2176.275426][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 2176.471435][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 2176.480522][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2176.490554][   T31] Call Trace:
[ 2176.493815][   T31]  <TASK>
[ 2176.496727][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 2176.501303][   T31]  vpanic+0x6e8/0x7a0
[ 2176.505272][   T31]  ? __pfx_vpanic+0x10/0x10
[ 2176.509760][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2176.515744][   T31]  panic+0xca/0xd0
[ 2176.519450][   T31]  ? __pfx_panic+0x10/0x10
[ 2176.523854][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 2176.529213][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b1/0x300
[ 2176.535360][   T31]  ? watchdog+0xd78/0x1260
[ 2176.539756][   T31]  ? watchdog+0xd6b/0x1260
[ 2176.544167][   T31]  watchdog+0xd89/0x1260
[ 2176.548418][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2176.553093][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2176.558279][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2176.563292][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2176.567950][   T31]  kthread+0x3c2/0x780
[ 2176.572002][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.576571][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2176.581317][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.585893][   T31]  ret_from_fork+0x5d4/0x6f0
[ 2176.590462][   T31]  ? __pfx_kthread+0x10/0x10
[ 2176.595030][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2176.599788][   T31]  </TASK>
[ 2176.602989][   T31] Kernel Offset: disabled
[ 2176.607289][   T31] Rebooting in 86400 seconds..