last executing test programs:

8m42.936106018s ago: executing program 2 (id=1994):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffdffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, 0x17)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x1300, 0x6})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000800)={0x44, 0x0, &(0x7f0000000600)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x71, 0x0, &(0x7f0000000700)="0e2598b916403a6934947cc96f784bfdd51629db64273d360b3a06fe783f305949ffe460db9f122b2ae86acca8326b549437658befb65242899462f4569139b437e53560e192c5669e28ab63aca77f8c88224d480f722df8ef295b1618bac627c0c66dc4a3db10ba0c8c5163a17da16c2a"})
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x2, &(0x7f0000000a80)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @generic={0x10, 0x0, 0x1, 0x5, 0x4}], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x61, &(0x7f00000001c0)=""/97, 0x40f00, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x7, 0x8001, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0x1], 0x0, 0x10, 0x9}, 0x94)
io_setup(0x6, &(0x7f00000006c0)=<r7=>0x0)
preadv(0xffffffffffffffff, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0xfffffe01}], 0x1, 0x8000, 0x0)
r8 = eventfd(0x8)
io_submit(r7, 0x3, &(0x7f00000009c0)=[&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000700)="dec6250d584b4bce4c7763904ffd35ae55cd24983f87446d94bb197c6d1de4c27726a732ce94f6e43c69521a73ecfc9f95101f025794e8516ac34abaf56d79a8c5a67f1d8a626a6ae7df0ce25bfd99cf63023e385afc709923cb8510fb331fd46db31acfb65086e88bc0e4be0c986707786ac06b35306a8d73fd032f6a0d6d9073d78d8daab72c251b03d21e48ffa9285fc5b2e3c6682c75c625c3e62b44c656f79b650fe654472dfc9bf7e1b21b17", 0xaf, 0xfffffffffffffffa, 0x0, 0x3}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x7, r6, &(0x7f0000000800)="d2fe488055a293904547194afaa49582a1aa35aa069dbb33dac63bfd0fbb59ea3a2db73d97126c7d47078263e52f9ee2353478b10c507f4c8fff2ca9de78dff88fd9a66bf33d1ee2767ce27188d963251bf052a00f23a33014543538cc7d8edd76a6e2fcbac2de0d8873c26ba77a9e8a2f63e9eb67b4b372f69261dca47771b01521154d81ea4317abdfbf3a9d900d9b6865d6355f8ac9b27f53ecc688e31b2d242f99d676e20dac198ad3c68b6bc00cc0143067c469b2ef0e914afc5298b1785c6b9abe", 0xc4, 0x6af, 0x0, 0x1}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x29, 0xffffffffffffffff, &(0x7f0000000940)="1eac2c5710586f205abb7b0d2c8720a839c6e9476aa2eb38bedbe6fc04f39cd670", 0x21, 0x3, 0x0, 0x3, r8}])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r6, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa1, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x33, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25250000000e0001006e657464657673697d0000000f0002006e657464657673696d30000008008b00f2a030c1c3847f2e189594410ab90c0b0bd35907658b28f46cf6029ba33cad5fa6ccd0545b856f83dac1de0845af79", @ANYRES32, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000008c80), 0x0, 0x0)

8m42.060860533s ago: executing program 2 (id=2001):
socket$l2tp(0x2, 0x2, 0x73)
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE(0xffffffffffffffff, 0x50009401, &(0x7f0000000280)={{}, "653d501466f824bd772cfbc49cf83bf6b5b02d8c8d46f6858d889c29b0a46955b7aa1a2742fa3ef9af9bbda78f253e70296dc95ef51c5dea5f1b5b28c3a6cceeff350eea30598154080f87d532ec432bf95edc9b31be8f664a74816a32f78bcd1b047e9cc99868e0a8693b1800bb550aae576a230a240c9228de4d816d9557564326ec4ff40c19863b5350ef058e948f91ff44d8f4e61e1b47efffea8f8800837ac82fc4b0e9cb1c5b37dbc150e91dd4e51d85f0581d44248d0dc7162757701944f36ec3d60a5b717b48b7051306d1dd28897e529eb3e5c6f82a10e3fa9ea948c1866b916104ac98b9265613c834eb9e4774958ebf1cff9f6e796945ff27f10f6a1c4b7f6a7145604169625c86437c6b349b4815ec77f48cd0d8d7e46d08a47d9dd8317bd06458c390bcfe3b672bb8e039355d205b038a0e5f38473a16059ea515822e7073ef765cc656a7437ccd99c35dca57434d1b7b5e3c1d587649bf92e2ca212b9d4651065b828b4cf0c1b5096b927d3cefa538c038b6f0017f6527801a7b9eece7f7cba78c3db04864b5a8960375cd123fb6570091a5131aa9133a44e2860c3b415334f2b170920f87b88de4dadd986a728b149cc96b0d75e017c705e7af10c945e6fc104c6c7d554375e9f84473e0e67148efe536bd3384e76d92a809099c53c7ab5db648b744b89a13a1ae315b4208ff9b2f863ecd312ade0f61fb3e19db4b13f084b1e4475fd53c8393b76d31155b90c017ca0b39577fcee6ff57a2feae0c276a6057d92026e6b764f31aaaa21d5adcbe5806e940eaac47db6b63354a091d6649309d2c206e054b5c48ddb81101eeb35f4efe48cadc9a513b3cb5ff00addebd3b72d9f38a38e1f46f85b54892f7aeb9e33dd793e41fb4fc942a0ac015aca47eeae43170d3749891a4a397aa8745fde20454b606a899d90b0b8296963983b8429938ab08a02de84d9557653d4063a86cffe39a3c26f2fc417e445affdf5b34330bf3f54432a726769c6dd1b33f1933d369f28f382bb9ffc2d8cd3f3b6b602fda7d627521890e238975012239094e7448adca78fe38b62f4823142528fa8a07b9e9674ce175a9f27ac82c36e15c9fcba43035a83ef20f76fc94f4acfc609fd9329b1c894553f05d92d5b8dd7f2c7d01abda4f275004300ae1560d3cdb300daebce06af0c01097fe757cc709abaadf98dc8249d00ca58ab305724e5847d45d815824a4af3fb22c382095b7a8ea9b48c3cb342ffea9cb621c4ffd14035220c4737e1d3c016750e25b1b284c0a44f672cc008274f291a81aaeaf974349ad2db5b670d27ab17c5c50dc56d9a545f36090c7065e1496e826f9a4320c2839305f6b01eebd063e1dc772e2bdf688afec7d1c4bda6ccc2bac3534268b9d1d874d512b012a9e107fcce9731eb56b6fd0b4097d9fe5327df31b34a4b737c4bae3a946448fc77c9f7ce990473de8d507ee03c064fd92cd8530b7efeb890a42cd14e5f125e4b2a0408214bc4752ebe68d391fdc4610212180524779d8d8ca257dc1e71b8044ac089198de95bccb1e82043f981e390d4aeb66a8bef13a760dd677052386f6f38961342e176b7bc637982abb895d30ee4270eeafe89731fb1f20ec5aa699a8702d2b8c091ed0b21a814318bfa5707ba031d723264251fc2a36868c81544e14d816311fa113ffad650bf874fb5aae1b6915bfd0c27b59f6a217938ea546a13f4d03783707212008ed14b7c271cc270e25e52b9499233c7b6e77e80148c598229b35be9d3cff21cec5cb2f35c80f924e0d057f55162866c27f2a3701050a38c1bf381edd8694491cf24d8f29f7240ceeb08fab16dca2db8c88bc2d2f06ce5ef5970986c3ca635f15612677138053ff25f84ea42f79adcebc0a2bb825c8a47f0b218e8397a1dc559d624ecc47b7ca3690c8f277818fd094c404ee32a82d392325f2f6b138481e67e3b43e3a0c5861c2519a24be09722126e1785b2c44261b293662895efa3403d9f4c3d0d8fe6c86239a544b7d52dc0d4fda94708e80f4efb31e37819cc8e336d95071a7fd8f372b34e6f05b5f012c479db3b2d75950bccfb830748dba6e1075a8921737cf3b79418f640a823376e1d3833d57eb28ba1491909a8d42212dfcea06979797c3f2453f3765231daab12fe419cf7d5c0e78e2f5c549bfdf7f30d17378421958cf7df4659affc81e4cb5c6ac8ded4efe76c85957900ddd6e95e934a314be497f44dc1b84eaaacf03d5b26f009785a1ff43ff61d27f0050975f24fc6221ec71759a89dad2221ff1540c77b2d5800dd42608b0f0fe0ec5584491f36b1f17d2add9f521abee9d21b7c07be1ef370af1edf70c4ff24a86a6033a65401e2f6878cc5ee8656402623a578409b041addbb1bfe94e99e5870668475cdc153171c91af81774ce181229c06823e74586d470505e481f02b3bd222870518f8e1897c264eb4b0115da1900a672e57c6a57a7a6a3b138232ae212eaff92360e3c95b1859dbe9a03e760840d31cc6465476f4ee631cd1d2345479453107b543d4bc42f927fdb75d00ad391112e5e7fb042ac2b6a1a5aace775c495a5e802405554d7e6b47b0206c1e7958165b5f209032f0d701f833531818da2b4a685e08ea112b190ce5c50d1340c0ef4218d06cfec764c6225a116a9779f931294e2580f31920bfbf2735b6350ffd4fdedbf55035b6e9547aca08fda09fcef0ae3352a3d8346444e4d6c17650a8da2f16f7ff4a86adeeeeceb73a48583b109e40e83c8db1cab8c974b3eff8b3005641b18cf5abede6ce6c536ce082bbfa2073c371cb61a5b3064eeb8258e98557764750fbc4c2e5b02af3f783bbf178f2830034f6230d0dfb16d309c69738a368fb106ad3e4b0f88eb4ae48b190e4d1af7d713a345b2682d487e489e58d8cbad5a717c7a446bdb55699362e2455735c68dda8cc185bc18edc0b754bd81522ae761b653faaf6a35b737275b240b662ac1d579251bf2f71436ff191408b61af924c7ccd919c9a38a3fd0f6ca604bb95f491601d33de16d8600bee9c5a53ef9e6266b052e115c00a5c5f83f98e94072d22caa57650bca2eeaed8f11aa05f520d4b72480dab4b33800eff346dcd4ef6b5b656c5f22f2bf1754cd67400fd95de93e0f5d842c03ffd7d452ce800da41f64073b210473e17013ecb2498cfd98e3a7fe4c6b90a45defdd32fc4b676fdfa51c9ae747c1eb1b13f7b26f7a3118b84599a87cf32b923da7e73a80205e49e25b52c1241c17b76ef49a2825b95c13ff8431831b330901d40c689aaeb41dee98fca1f7ce601893a4eb95fa696d0155c6cd90594aa0a6da33336a388244675ef76fba7654ca73a0538de579724ce8acf9e2a66912215a8757e8575d5ba54d0045d5d43e3e6c5b20ea951ee0d604ff894a3cc18a691da712019c601dc8ace953e000eae15beb01aa16149d56f99cdff413ec4633b9c12bbc1afdd43119fa00312d3b27a16159d9275f9541da12a183143825c0a067736081aff88e04ca19ca65b0f00660dea370180e5c0f09675dca72810083b4070f1ef13336746f5a4890389e28bdb1fa3c7574d9882c6178419ab5dbf70b27278a39316b10bc62905d661d8b5ccb1d5a86d83916058203e50db7aa87e2e683c788383087c9b379940c7f93e207aff025226f411d8b26c4ca12a2d5142794f66f32d5284ff119f1fd18ad799186e51f817ba3f53d630349e9f07504c76bf9f00605d020de9f9d6e64bc3173c60730c161ea35fecc095085a6d9eeec591ea18198afe8d6645571734a6966e2cea171871744a96998beb44edd8001a6d5322ad242123efc5a814a548d20f703007a16080933e747af12120a31330f08e848344c682e32f3f1021f81ab096ce460f1840ab669479d631c7e8ec2b3df70a4aad62dcce3d181750e01d402a6f6b4b3f3d2b05e5e7429bc612161ff6cf2962ebefc74d57a172a2812881c54bf1d6fa44752709487ac2bf0826589c9d16d407b759ada7bdeb2db38eedad5d2661b5cc9ebea22a5cbfc1aa19bb665c3210918768a05fc5bb6c7cc30fabe23103282827b31c27c3e311df13c46a3896b2e3065bf2b2f6113ac0de19c249d846a4839585f1a2d1d0d1dbd3f1579c7c228c1d030f8f88a4bf46beb090b35a4ff39c3c887e8fa166fe2b1438dc1fa50dae14bbf2cb05ffabc27bd1edd9c02f6379345dff8158fa87f9cb6b292893ffbbca175cdf0e6a6e4292963ba3e2f076f6db07f3354debc8673b8c34e1d880fe3f585ab92b620217bee285e7b493ac43a473bac07bf708e8b3218ce8ee7961264fb71e19a0aa0fa268c718a1b8f2790933b5cff9e20d1565f5eceafa276bf69ec9abdd8d3559465e8bae4f4095c237f862fa393371d3082d5787debf7c03847f842339cd99c5d4da0f231c4bc2f51150a10ae5459a840343b0038d12aa0545d5c3764aae75e798659e90678628802f8a834e6d24cbcc18a4889e8ebe524e71f28839222f2c13b469ef4a6464e4408c8f35ccea854b238a7e9b06e63ac089532f96f12db99ddae7df186a1b8d9927edbeb4df38ec550b3957f7c37cbb35b40a04ce0280949a6640f80ae846cd7913127ae5f79d2e994f8166745135e628748808c16479e6b8d737f3e1f22a19ab372fa832e5feb8d615792a89232d2c71407ee1217c73c53dcf29b61ce4457cae869e067f11c68e49a85b7022fc059d1cba1399ac46e6b07866905a2c88c00a29379dfea98a42abc3347196f9e232b926c78a10e49e38304dcc807afa15c4e6d6ccf3a1cfae929518c8f30fdff51a6ed799172770a7da1ea88663da9117b50fb53b3dd79b0f681198ca6ccf7ed71b3a3520b678272065312c8315c64c3689bc71e12c1f4fae9ae7fbcac256843bfa260efdfbe2eb67dd8c0ca3c3ea344673530dd03535509a1945e140f70fa30b7bfaa15d92264567c24f3847be2f7922845ac4f80de24b7296261a9c1912c8ecc41abec0af8ead6214903e18c82625cb1fe686ebcec7fc5da1025548789ee21d0662e5badc3d464791e183ec0524ed05051af6417fe26a65ca735696c9b1afd84f6ea5428649d0867e959cb4169e02b937a9701d211a74a44a2c0e543f0785b8cdb1d2ba35dd4704337e0dc55c30897fd9f75cc30b2e849f5ea42746b5339c870eb36037f33358ddc8434f187b6bd6e896c36150924aed3091bc2bcdec69b77c01dc7bbbca0783788cad7aef18e86dbe27a0fc6d1919725063d71434a07d5e1af5f5cff650b042897c24adc094d189a077cd2b104eacfdc0ad78101ff773edc1692d6853a5f8ab9b489f2d89b685a01a81a48ac0e82564a28c9e1b50ec36ce07e0e69946fa861b7d91c239df06085d2d41b86b4b5fe55b87e75fc3b897633d0c05d07fda0b55b92a173eed3d279108fd9aaf9ac369910c8f23e6ecbd340ce869c03acef0463de4fafa64e9978ed499e6a5b881b7bd6c416db517e51e1a9aff38af601e0815e27efe9b02f3465820f9bfc268e9025268b335bd198386ffe563a69c5b37cbb43cab08648c73410cc227d203ad3a0e4e62551f6c11fb9a989e57dc85b37d84fa4e91d3f11a22bc2818e277862b1419aa7381c6145fe1ec7612daa0774e68868e0da7aa80a1a394afaa932301ccb2b3a8205ed52e84fda0d074c6941f5f563247bf54c7ef45fe73fa888b92c11e58a62b410803ace1698a59356cbb44c6c531490f45c9e3b9113117287d47b462c7c5664a24b6558d9d0c359a34574340a6673e3b4d2913f40387a2cba9a06f03a0b50f5bffd26ff88fd"})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket(0x28, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x980)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001080)=ANY=[@ANYBLOB="3800000003140100020700000000000009000200"], 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x123e00, 0x0)
ioctl$TCSBRKP(r2, 0x5425, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x4, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TCSETSW2(r2, 0x5408, &(0x7f0000000540)={0xff, 0x37, 0xffffffee, 0x7fffffef, 0x0, "b850e43615b3b70500000000000400", 0x81002, 0x2})

8m41.224280529s ago: executing program 2 (id=2005):
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x936, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r0=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = memfd_create(0x0, 0x7)
fcntl$addseals(r1, 0x409, 0x12)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
r6 = socket$netlink(0x10, 0x3, 0x4)
write(r6, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f750800", 0x26)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000012c0)='qgroup_update_reserve\x00', r7, 0x0, 0x2}, 0x18)
r8 = syz_open_dev$video4linux(0x0, 0x7fff, 0x48b03)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r8, 0x4020565b, &(0x7f0000001300)={0x0, 0x7ff, 0x2})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
connect$caif(0xffffffffffffffff, &(0x7f0000005b00)=@dgm={0x25, 0xc, 0xd}, 0x18)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x40, &(0x7f00000000c0)=0x2, 0x4)
r9 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r10 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f00000010c0)="d20ab3bce6ff", 0x6, r9)
keyctl$read(0x2, r10, &(0x7f00000000c0)=""/4096, 0x1000)

8m39.440546431s ago: executing program 2 (id=2009):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) (async)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00') (async)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0) (async)
setpgid(0x0, r0) (async)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x19}}, './file1\x00'}) (async)
ioctl$AUTOFS_IOC_CATATONIC(r2, 0x9362, 0x0)

8m38.940763768s ago: executing program 2 (id=2011):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffdffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, 0x17)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x1300, 0x6})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000800)={0x44, 0x0, &(0x7f0000000600)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x71, 0x0, &(0x7f0000000700)="0e2598b916403a6934947cc96f784bfdd51629db64273d360b3a06fe783f305949ffe460db9f122b2ae86acca8326b549437658befb65242899462f4569139b437e53560e192c5669e28ab63aca77f8c88224d480f722df8ef295b1618bac627c0c66dc4a3db10ba0c8c5163a17da16c2a"})
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x2, &(0x7f0000000a80)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @generic={0x10, 0x0, 0x1, 0x5, 0x4}], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x61, &(0x7f00000001c0)=""/97, 0x40f00, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x7, 0x8001, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0x1], 0x0, 0x10, 0x9}, 0x94)
io_setup(0x6, &(0x7f00000006c0)=<r7=>0x0)
preadv(0xffffffffffffffff, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0xfffffe01}], 0x1, 0x8000, 0x0)
r8 = eventfd(0x8)
io_submit(r7, 0x3, &(0x7f00000009c0)=[&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000700)="dec6250d584b4bce4c7763904ffd35ae55cd24983f87446d94bb197c6d1de4c27726a732ce94f6e43c69521a73ecfc9f95101f025794e8516ac34abaf56d79a8c5a67f1d8a626a6ae7df0ce25bfd99cf63023e385afc709923cb8510fb331fd46db31acfb65086e88bc0e4be0c986707786ac06b35306a8d73fd032f6a0d6d9073d78d8daab72c251b03d21e48ffa9285fc5b2e3c6682c75c625c3e62b44c656f79b650fe654472dfc9bf7e1b21b17", 0xaf, 0xfffffffffffffffa, 0x0, 0x3}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x7, r6, &(0x7f0000000800)="d2fe488055a293904547194afaa49582a1aa35aa069dbb33dac63bfd0fbb59ea3a2db73d97126c7d47078263e52f9ee2353478b10c507f4c8fff2ca9de78dff88fd9a66bf33d1ee2767ce27188d963251bf052a00f23a33014543538cc7d8edd76a6e2fcbac2de0d8873c26ba77a9e8a2f63e9eb67b4b372f69261dca47771b01521154d81ea4317abdfbf3a9d900d9b6865d6355f8ac9b27f53ecc688e31b2d242f99d676e20dac198ad3c68b6bc00cc0143067c469b2ef0e914afc5298b1785c6b9abe", 0xc4, 0x6af, 0x0, 0x1}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x29, 0xffffffffffffffff, &(0x7f0000000940)="1eac2c5710586f205abb7b0d2c8720a839c6e9476aa2eb38bedbe6fc04f39cd670", 0x21, 0x3, 0x0, 0x3, r8}])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r6, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa1, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x33, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25250000000e0001006e657464657673697d0000000f0002006e657464657673696d30000008008b00f2a030c1c3847f2e189594410ab90c0b0bd35907658b28f46cf6029ba33cad5fa6ccd0545b856f83dac1de0845af79", @ANYRES32, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000008c80), 0x0, 0x0)

8m38.084293762s ago: executing program 2 (id=2014):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000020000008500000086", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000006c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000440)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="0180c200000050a245d5cde0080045000028fffe00000002907800000000ffffffff11009078e0000002000000024062d13c00000000850221f05b0c59011c061a0a63c49b011dd37bd3da"], 0x0)

8m36.613233953s ago: executing program 32 (id=2014):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000020000008500000086", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000006c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000440)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="0180c200000050a245d5cde0080045000028fffe00000002907800000000ffffffff11009078e0000002000000024062d13c00000000850221f05b0c59011c061a0a63c49b011dd37bd3da"], 0x0)

17.316806418s ago: executing program 3 (id=3393):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x1, 0x7, 0x8, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40, 0x10, 0x1, 0x8}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x40c0080)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000080601020000000000000000020000010500010007008807aee531dc1cb5ba72e2b0a43000d8d72d2a16c4a7c319a8b79725b86771f746cb7e57eec10f33644242d15559e16717a472a4235cba46ba183c475591d477537ce76afca939ca77d2de2c323d07c1"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008004)
r3 = getuid()
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r4)
chown(&(0x7f0000000040)='./file0\x00', r3, 0xffffffffffffffff)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
socket(0x1d, 0x2, 0x6)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='htcp', 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x7e832, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28440, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0)
close(r6)
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x100a, 0x200000000000008e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000000)=0x7)

12.626169469s ago: executing program 4 (id=3406):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002640)=@newtaction={0x54, 0x30, 0x200, 0x70bd28, 0x25dfdbfc, {}, [{0x40, 0x1, [@m_ipt={0x3c, 0x7, 0x0, 0x0, {{0x8}, {0x4}, {0x11, 0x6, "e2ebd2e0185a4d308803e9306e"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x54}}, 0x4008800)
recvmmsg$unix(r1, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000100)={0x3, 0x7f, 0x8208, 0x2, 0x7, 0x5, 0xe, 0x9}, &(0x7f00000002c0)=0x20)
sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r2, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x2d}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)

9.920616541s ago: executing program 4 (id=3411):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in6=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x33}, {@in=@dev, 0x0, 0x6c}, @in6=@mcast2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, 0x0, 0x7fff}}, 0xf8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f000001b700)=""/102395, 0x1900f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, 0x0, 0x0)
sendmsg$TIPC_NL_KEY_SET(r2, 0x0, 0x0)
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="8011000042000701feffffff00000020017c000004004680681101"], 0x1180}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = socket(0x10, 0x3, 0xa)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0xb0, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2, 0x9}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8001]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x1c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2c2a1f44}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xb0}}, 0x0)
r9 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r5, r9, 0x0, 0x7fffffffffffffff)

6.913950539s ago: executing program 1 (id=3418):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)=ANY=[@ANYBLOB="40000000100005ff00000008000000000000004a", @ANYRES32=0x0, @ANYBLOB="7f15000000000000140012800b0001006261746164760000040002800a000100bbbbbbbbbbbb0000deabc20b88577739080e676d2bfb1a01a95fcd039931711b1d755c7fe7acb06a69e010d608dcd607b76878287dcac0447283314dd7e44221426886b6a5e700d17f70fa73ce5f1aa38563fd534418fa1b53d8172de7caead6a6a9c5037939b951c5b1d0f3d90f30dfb6e2b5141afc922d827249f202047d07a9d84214a6d26312c2720b33e2e33de99cb19b48edccb84f4aa541b30d070c6a578fcaf6ec5786bfb712bf284b451be77722b66bdfb85b13fd706eff9a27ce2218b3"], 0x40}}, 0x20000840)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0xc800)
pipe(&(0x7f0000000080))
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn'])
r3 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r3, &(0x7f00000029c0)={0x2020}, 0x2020)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0xe1c, &(0x7f0000000240)={0x0, 0xf803, 0x10100, 0x2, 0x229, 0x0, r2}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x2ded, 0x4004, 0x0, 0x0, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
read(r7, &(0x7f0000000200)=""/202, 0xca)

6.902194166s ago: executing program 4 (id=3419):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc34000000000010902"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100004c9e581045058080010001020301090212000100000000090402004f5c0f4600"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mremap(&(0x7f0000034000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000190000/0x1000)=nil)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x2a, 0x2, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000480)={0xa, 0x0, 0xc, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x3}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=@newtfilter={0x40, 0x2c, 0xd29, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xfff3}, {}, {0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xc, 0x6}}]}}]}, 0x40}}, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x2, 0x4038a09, 0x4, @loopback={0xe0}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x5}})
syz_usb_control_io$uac1(r1, 0x0, 0x0)

6.536006166s ago: executing program 5 (id=3421):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f00000004c0), 0x14305, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe02, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="000000000000987a2a282d4b9e884c4dd56c75bb2000"/31, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
pipe2$9p(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(r0, 0x0, 0xfffffce6, 0x4040)
sched_setaffinity(0x0, 0x8, &(0x7f00000005c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r3 = creat(&(0x7f0000000580)='./file1\x00', 0x0)
r4 = fanotify_init(0xf00, 0x1)
fanotify_mark(r4, 0x105, 0x40009975, r3, 0x0)
fallocate(r2, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)

6.009731272s ago: executing program 1 (id=3422):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000070601880000000000000000000000000500010006000000dc8f"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x0)

5.573513728s ago: executing program 0 (id=3423):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x8840, 0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, 0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f00000001c0)=[{0x6, 0x8, 0x8, 0x4}]}, 0x10)

5.496787181s ago: executing program 0 (id=3424):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x11, @empty, 0x0, 0x0, 'lblcr\x00', 0xc, 0xfffffff7}, 0x2c)
getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000000), &(0x7f0000000180)=0x68)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0400"], 0x48)
close_range(r0, r0, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

5.494299234s ago: executing program 5 (id=3425):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x1, 0x7, 0x8, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40, 0x10, 0x1, 0x8}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x40c0080)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000080601020000000000000000020000010500010007008807aee531dc1cb5ba72e2b0a43000d8d72d2a16c4a7c319a8b79725b86771f746cb7e57eec10f33644242d15559e16717a472a4235cba46ba183c475591d477537ce76afca939ca77d2de2c323d07c1"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008004)
r3 = getuid()
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r4)
chown(&(0x7f0000000040)='./file0\x00', r3, 0xffffffffffffffff)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
socket(0x1d, 0x2, 0x6)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='htcp', 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x7e832, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28440, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0)
close(r6)
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x100a, 0x200000000000008e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000000)=0x7)

5.294929635s ago: executing program 3 (id=3426):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x40, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @multicast2}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r1, &(0x7f0000000140), 0x4924b68, 0x0)

5.293479533s ago: executing program 5 (id=3427):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0xc6a, 0x0, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=@mpls_getroute={0x3c, 0x1a, 0x100, 0x70bd2b, 0x25dfdbfe, {0x1c, 0x80, 0x10, 0x3, 0x0, 0x2, 0xff, 0x3, 0x1600}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x3}, @RTA_DST={0x8, 0x1, {0xffff7, 0x0, 0x1}}, @RTA_DST={0x8, 0x1, {0x6}}, @RTA_OIF={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x10)
socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x6}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x30000047}, 0x4000084)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSWINSZ(r7, 0x5414, &(0x7f0000000380)={0x8, 0x96ce, 0x35, 0x4})
r8 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000, 0x4, &(0x7f00006dd000/0x1000)=nil)
pwrite64(r8, &(0x7f0000000400)="eaf809d2", 0x4, 0x776)
ioctl$IOCTL_GET_NUM_DEVICES(0xffffffffffffffff, 0x40046104, &(0x7f0000000000))
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4080)

4.204216092s ago: executing program 5 (id=3428):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffdffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, 0x17)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x1300, 0x6})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000800)={0x44, 0x0, &(0x7f0000000600)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x71, 0x0, &(0x7f0000000700)="0e2598b916403a6934947cc96f784bfdd51629db64273d360b3a06fe783f305949ffe460db9f122b2ae86acca8326b549437658befb65242899462f4569139b437e53560e192c5669e28ab63aca77f8c88224d480f722df8ef295b1618bac627c0c66dc4a3db10ba0c8c5163a17da16c2a"})
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x2, &(0x7f0000000a80)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @generic={0x10, 0x0, 0x1, 0x5, 0x4}], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x61, &(0x7f00000001c0)=""/97, 0x40f00, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x7, 0x8001, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0x1], 0x0, 0x10, 0x9}, 0x94)
io_setup(0x6, &(0x7f00000006c0)=<r7=>0x0)
preadv(0xffffffffffffffff, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0xfffffe01}], 0x1, 0x8000, 0x0)
r8 = eventfd(0x8)
io_submit(r7, 0x3, &(0x7f00000009c0)=[&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000700)="dec6250d584b4bce4c7763904ffd35ae55cd24983f87446d94bb197c6d1de4c27726a732ce94f6e43c69521a73ecfc9f95101f025794e8516ac34abaf56d79a8c5a67f1d8a626a6ae7df0ce25bfd99cf63023e385afc709923cb8510fb331fd46db31acfb65086e88bc0e4be0c986707786ac06b35306a8d73fd032f6a0d6d9073d78d8daab72c251b03d21e48ffa9285fc5b2e3c6682c75c625c3e62b44c656f79b650fe654472dfc9bf7e1b21b17f90e", 0xb1, 0xfffffffffffffffa, 0x0, 0x3}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x7, r6, &(0x7f0000000800)="d2fe488055a293904547194afaa49582a1aa35aa069dbb33dac63bfd0fbb59ea3a2db73d97126c7d47078263e52f9ee2353478b10c507f4c8fff2ca9de78dff88fd9a66bf33d1ee2767ce27188d963251bf052a00f23a33014543538cc7d8edd76a6e2fcbac2de0d8873c26ba77a9e8a2f63e9eb67b4b372f69261dca47771b01521154d81ea4317abdfbf3a9d900d9b6865d6355f8ac9b27f53ecc688e31b2d242f99d676e20dac198ad3c68b6bc00cc0143067c469b2ef0e914afc5298b1785c6b9abe", 0xc4, 0x6af, 0x0, 0x1}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x29, 0xffffffffffffffff, &(0x7f0000000940)="1eac2c5710586f205abb7b0d2c8720a839c6e9476aa2eb38bedbe6fc04f39cd670", 0x21, 0x3, 0x0, 0x3, r8}])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r6, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa1, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x33, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25250000000e0001006e657464657673697d0000000f0002006e657464657673696d30000008008b00f2a030c1c3847f2e189594410ab90c0b0bd35907658b28f46cf6029ba33cad5fa6ccd0545b856f83dac1de0845af79", @ANYRES32, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)

4.156894697s ago: executing program 0 (id=3429):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
syz_open_dev$usbfs(0x0, 0x800000001fe, 0x82) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) (async)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x80000)
readv(r4, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x80}, {0x0}], 0x20000000000000d6) (async)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f0000000140)={0x12, 0x10, 0xfa00, {&(0x7f00000000c0), 0xffffffffffffffff, r4}}, 0x18)
write$cgroup_pid(r2, &(0x7f0000000100), 0x12)

4.109767543s ago: executing program 1 (id=3430):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r2)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x44, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffff38}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xee}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x1000)
chown(&(0x7f00000003c0)='./file0\x00', r4, 0xee01)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500000000002d4cedcf310113fbf1dc424ae4179f5da0a7222909e8e397d9d143aab4750b81261f9e01a621ec5b13b6cd423d691fd0b1a8381e1390ae8b894999c4ec86175338e455aaa11daf67f89163aed1af20c2336c56183d12d00fd7fd3244cf1933b7ea6b9a4d7c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r7}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000020000000000000000eb4cb25728b21fde8043a185250218"], 0x24, 0x0)

4.104192071s ago: executing program 3 (id=3431):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400"/20], 0x14}}, 0x0)
r2 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='cpu.pressure\x00', 0x2, 0x0)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140), 0x10000, 0x0)
write$P9_RAUTH(r3, &(0x7f00000001c0)={0x14, 0x67, 0x1, {0x80, 0x4, 0x6}}, 0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f0000000400)={'gretap0\x00', <r4=>0x0, 0x8, 0x7800, 0x1, 0x2, {{0x1e, 0x4, 0x1, 0x6, 0x78, 0x66, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}, @remote, {[@rr={0x7, 0x13, 0xeb, [@multicast1, @local, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ssrr={0x89, 0x2b, 0x21, [@local, @local, @multicast1, @private=0xa010101, @multicast2, @local, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102, @broadcast]}, @ssrr={0x89, 0xf, 0xf2, [@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x38}]}, @timestamp_addr={0x44, 0x14, 0xa3, 0x1, 0x4, [{@dev={0xac, 0x14, 0x14, 0x2b}, 0x9}, {@remote, 0xfffffff7}]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000540)={'sit0\x00', &(0x7f00000004c0)={'gre0\x00', <r5=>0x0, 0x700, 0x20, 0x0, 0x8, {{0x14, 0x4, 0x3, 0x1, 0x50, 0x64, 0x0, 0x5, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x12}, @private=0xa010102, {[@ra={0x94, 0x4}, @generic={0x89, 0x4, "c147"}, @cipso={0x86, 0xb, 0x3, [{0x6, 0x5, "a38d54"}]}, @rr={0x7, 0x27, 0xb4, [@rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x24}, @dev={0xac, 0x14, 0x14, 0x31}, @rand_addr=0x64010100, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x27}, @dev={0xac, 0x14, 0x14, 0x19}, @multicast1, @dev={0xac, 0x14, 0x14, 0x37}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r6=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', &(0x7f0000000600)={'ip6_vti0\x00', <r7=>0x0, 0x2f, 0x46, 0x1, 0x0, 0x0, @loopback, @private1, 0x80, 0x0, 0x3, 0x6}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000740)={'syztnl2\x00', &(0x7f00000006c0)={'syztnl0\x00', <r8=>0x0, 0x29, 0x6, 0x7, 0x1, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x43}, 0x8000, 0x8000, 0x20e6, 0x97}})
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB="380000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="c16f2e63eb7b130000000000001800f87f08000100736974000c000280080001008eb17f0725315ff0b9499344fc3de6ac9fdcecd466ec43714c96b6dbfe7ab80ebf3c4ca1dec022bdbec9c6c9afa334f90da376e57ebd4f4b6c858410856d244895207c854059d8f901019f70728e8fd3d5508efe991cfa02d157224a1dfde11f5418b7be65880c99332c4dc7dee80f33e98dc5651d301d5dfe4d0e64532775217d4bf91e7618774e33a88c310d5f47877fab87a4f77fcd278684703014b081718632cc1093c65ec89f546d1ac3263414a4a0ffa2cc0d9690bab279dc4fd7b38939db1bc59993c92f1b81b1824a385e2e5e7b036ec17587759c00"/261, @ANYRES32=r11, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x40800)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000780)={&(0x7f0000004440)=@newtaction={0x2e84, 0x30, 0x100, 0x70bd27, 0x25dfdbfc, {}, [{0x4}, {0x15a4, 0x1, [@m_tunnel_key={0x100, 0x8, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @rand_addr=0x64010100}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}]}, {0x9a, 0x6, "8d880ddc1bd28cb231e1e11327fc4eb32ca75e03cd6845be139eade739a4d8580e68579766dabf15294401b895b1dc9e9c6196eff77cb213285bb389f3a416b21e81474a404680b73a4109e191c37b52b55c9b0bb9c3b30b5c6f7f054ff74503ed73f449a84e2347f178657ea24572fe348efa77e710e8d6b64b08e24244d570b2524453b78964c05821f7cccb7e38f99db0d51ec3a3"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_skbedit={0x1068, 0x1, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0xf88, 0x20000000, 0x9, 0x4}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x3, 0xf}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x4}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x1}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x9, 0xa}}]}, {0x1004, 0x6, "ea64e291369bd9e1de578493ddc1f0eb7c0f6ddf143a86211dc47d7464d97e24335648e043877df6cb321891f2e0ddc5b65350a71a1a909acabb2ababcb97cae24c491519402f182f75ac403ac4e5079ee8bff3e2f2a446d90655b4d7e9bb0c300c385c6bf934c518a766a47f9ac8a306d6c61cb35b2e3cada9a0c9d858c49d0449ae58e5a06949c94352e45c0093722b96080cc8336e566dfedc10754be585cf8da2791cecaae1f45656079b854ed848ba451014203f4d64d3e19bee80cb7024c4677f94d2254adb51ae51be620da23d1103a64f8a1fc7489faab71441a7adb9a4e56e8ec1c74bf9a0f56d901b1ff36be2bda151c1eeecfc4c052b8963fff0488756943a547860780fd8cc5955962250ec57d7ba04ff391e529e26e49773504d21eb7613e378cf57f67d283e54dc12b733209676fc981918d58ba266d0db36977e73432ba4216de4df76389bd8921c26d37623f38cea6cada06c21c9b13290f8e17d001f6c4dc210c2dc6f23c751863d6281f3950b2386204a8f8b2923af20ae7a8ae6aadc6765e1c90f6a7a93e50fcdba1096493aafed99f81a8228f68575b69abd8e54a267b5764137cbc7f3ccf4033af263073110f8390f8b8a4cc70de5144e4c649ce0d812ccfeaeeefdcabafabb08b3736d84f3e9cdc1712d551450bb0b66c22b74b3c32436c1419f790ce99f66374572932f2928bcd83fccb5030c2d5a0d5c7475778cd86a98628da0abefba3b0ab3a45e704eac645f6ed01f662938860bbe7368ac0ed31508cf57b8ae6275ffd60f6f348fd28fd20b854a03f52d8aa820e4f0b3978239c62ada0a19fc2d3db5dadf352e12f9c4dbe5271e87064300c264fc999da11af84215e999fdd8cffa61ffbf6e43b7ce6f9e589a12acbbb9a4cba1e0963c0cda904951c3aea936fffa95e3850c8853d61401a474ab26126ed74c06df29e66852cf53364855571dfe146e668e908108f930cbdbf60fa572fffd004b876e5c3c06299fafb3fb15157a04cbda6affbfbb1d85cc6db88737c257cf4469519923c6cebd2d10a5dd3de8968c5113638a6ed31a211312d1b6db6e82a91d18a0625f3e112d8f12dfdb51f3db44d7af1d6094b4b4e1ac4c34411e6c1c147e928a488683bb1a0e02a11d422d18564999a1fdfd78635762bfcfe3a9605c2c1ad5349e20fbcbdc20c769255513f8996d65d246c292747e85db46636e09ec75c50c6f1989968361d4b4a170742d2893fd1a4cb69e8cda394ae04cce3171390d1c5d65d341cc8716661b70c86788de70d7ec386792c415e365c4f43a7f747d87690936a0a0a9b1caf377ed1083c83e85aac23ac2b6c0c5007fcf68020699bef6f5db66adfcdecb09f3983b19d707093d5f823f2c698fc236742f3add2ec446288f56b115dc27110f5edbc8331b2cc2257964ff9ad3c3a468a547a2dec3b36e5d170e91b82cc69890725aee99aa986295d41f7ba7a360365a2d0a9d2c925fd8ef931403aa417cc781e04b2b321bd966d71d2215e7dd7a6d88db7f3ff631a2d813cd1bb516a1b09caa18b44f38e082ffb2536047c7cd4a2488a460941e2851414296b9da57ce5f7aef16f868f70f5db4278078b0cd89c842e7c13394c0d6ad55be9fab8da552ad5fff421a37f57ca3e728d31bbcaa53244c5911fb5584cd95038691ccecec0f150dec1e4fdf0e26acb22362483e54c39a7e9db01a966416c6d8f0faa76bc873d1c91726696965eac68410f6b549ba55bb3e69528daae7d590abc4df40286b2934100b8847cdd4142ebedc0c04534969a23b22b3d386fe5579f41e2c588ed603369307aefd9d09fcc1d7dcb3a59f12b115f7546c785a941caa8562d16b7dd7e3b999c5f9d0f5b2320c5494ca0e13b3656ef293efa8c262f46398bb306ecb49aeac279aa9814c6deec82f2927209613e9bbe1bfccfa6b2aa7732c1ccaf3d2a705de77a3ab843be61203a618e1a42a7f0c7341172b5b3987632b7222ba0ac1374144d240ea6250d6edff03af4841997b1dc5f4c2bf01fde165c8c0020e17b9eda62f007d108b10baa8b62e70ec6403af8e838383c764a34d181322773fc151b7eb470c4342619b1a914f6ac60b376dfa455e1b13f76337aad723c3906e6c889b86ecd19474d3561260a40183a117b7bb3f3f2785c08c724d4881b627d532b4f3e32b7d2eaa90e40ac6840faed0672b45a6d83702c706ff9393abb8ddb82a438be18c1feaeca792319b25e7e4f51087d757a5e00df524be24767834e3eb8b13efea766e517fb7ebed8fb689121020099f0d5304dcd25c5010215d154637c8e8b2ea724c540aab9415c30a09002c36ab86173c2894ae38a0ce35eaf3493cf55e7bebd4052162568d4550da028f54dfe29eb1beddbdc01a688289c602c0bb0d584b3baa700d770e4aee64658b137255ef7737dab7b4ddb499491bea08c53ac6bbc20ef962aa7c205bb2aacc3aa2efe08eeb702e2ecd76d72271b7e6fe0a7198dcc0a7a54d5d2e3f68a44ebe4ca6bc1b06ebcfc335f38fda6813b7743a93408e03c6c03d1b35d5af9a98f9faa518701387888e51c92d494104fad1af74fa464c3f9f176fef6d7c306cea5a17bcaf8301e499472fe57278978f67d246eab7351d8bb10b77a16845c308c243355430f83ec48d9215a91224f6b6315773c4b56aaf060cd5a05aa3ca6f565cd1f929d8ebc6eb99d8d1d6b8dc653fb0b0587cea7b9a0e9f3fb1022275a3fae2da9a8fcd4750b8b3daee67f4ca24c971b8f99532fe1019913ad949774f1c88575aa8ff39e1411142072d6a3d07d228e2519082461744fce545af7e6339099aab5cb202fa795535b84540109df5b5a7ceee1ceee4ada127c030527f193fd7be1060bb96364c1b13ea969c680c5f1c10de7d0ec05abe6608bd1ac040567ea09500d9e5e51707443d824a53c0e2aa78eca2ac1c71d4d9c1cb72cf9a951b8ed45b963a3c757021b44684ed2273d6c0a3db340e2da82b0c1b9d6b7628b46a45deb9f01bd3ca9bdefcd8bae032fd71f4c8005153f96d3973ad32a7b91f4443a309017cb56712a52c95e4ace50ca321aaca02e9f89ad6e2032f52cd15f8ccb3506ea6dad6984d620b037166351fbf075723c8616b0f8e7b486b30933a393fe7acb6124928420bb56307bf26e43fb62bc3af2ca9b47fef26f2ca03fbc4537174d8abe7fbfc6aa0be8cc2db14216e342c9bd9d7d0964ffb3fefc7d1118c4a6172f4730b08a8e09c33c4903fd98f0e103f33986a37d6638c4133a4664f9506a9df0aa9fa7533f82232a09ddd3087d2751e0b17e9a0fad2ab2fddb3163c8bbcfe4d02f63b976ee6cf51c568bd4ba0fe581be2b146038d3846e708fe74ee2a3a8f9216295829f25ac4544613076d3ebc1c4444adf2616446770b29d2b398e80b78c3218f610a5c0901dd4d0b35c109724c8d94a803e31c2a5168e15c24fc0cc46a2f6217b46d01b53a69e3e7c8a9ed0b6b455adfd67911c15f728f86c48cdde68804ca5ff61ba6bf4076ba0ce8d2b8e35b64de52e779ccfd077654691484c74ee3809b29fc0ea2de48daedde63ecdd9b0c4dda185ca84469451c589b520ac53380b9c096ccb27b260d4280988bac0ff44f3ba7bde4b3f23e139a53de217ab2d8855f5bbbffb4e0c5ad6d9254e66d6cff33a1b1338c5c05c64e3987ad8322d00635be27a5c33662fdcd2485137b6b7c9c5ae3f2bac519a45ddb7d02ed28edae101787e3a0d1a6cf136e82f22ce91b7a9236eebe2707c538c2a572ca4ec0223d7f129ae4d9becc57596d7e5f57550dfca8ee134c0e221d16cdedeb9f187e055bae8ddb61e04e4e2f91aa831d27d1122e80ab3ac34d4bb29ab9e0467571434ec2a165b11404cfe25cec5d2e7f5831a4bfdb687ccccaa15a1503e8c423ecb491f20d36fe6defdfacd0ef92240c3915f9817a708e4aae13e49979b04bfa40ab89d5aa5e5cbc80f3333081cb502fca01972a843ad7ed990827c1f9a145adc13bb5e54fdbebf1ba071d060df38692030515aa68f4590e7865a424dffca037a650aab0ee741c4da92f88b6a674dafc52c1a4810422d187ff7659866e2dbcec563507b5ee1f4f56fdc37dfa4091900d42b6b7ebce5f4b205de8a81a4b64a237586c7e1214614188b8ac3bcd5af55610977f5804b29d1da2ce8aa9af02794b317593e0caeae5f119779580f3d62fa3444c641ef3a3ba708ca7e3cb766678b37192060b5cae22b1641b674e1d5f1e26598cee71faeee5aa6f06763438c3f776f132f119b0389e89fc3dc4fd5326d135cf59adbe143e8acba671c2fbc722588380313522cdfb99d2a5ff0b25a9d3d3a423b2ea988540efa93c82fa14f490045ad6e446df7da288f537e3b4aed712605b5296a3e49930a4ba4ed933d41a0d7447efa687cc549de99f72fa7708827dbada8eab832e45cd3c4e24aa4163e20bc2cd765e6d86e811cdf36844b1e18f83a0be5567f2350bf529b70d4bb1b5bc0ddae57e3ebd6980712dab072002d97db7b906f71dc5d97d45b622751504a2021b948d0393ca4f5e3a60b4b36604ed977c270e5ebcd1108d15cee8bbee8149decf4322907d3a123f1b3bae216e4eb2eee4f97ad05aad709d938cd0e86bd09000c2d1d86529bf1bf11d89ca741dc2cd8da64246de5640edc2ae4bea981e4aebcb4102704e4d5f096ca209ecabf4bff28d71a575ab615363a369365d1ff1b195df8a2a59257701bd39faf1f3ae0c7556f151ce83a3089906aae62f55cfe93dc9a2cfd68448073895f1c03f02aa2e7604c3ac31708105a01936c51c343d96ef107242b9a51b3a2568c89429f8df17dd81e5bd5bf28777e5880b12f9ab9c607c73eb20d94e8f812dd774e7e11b711458b7b3af847ce8735467d284ca2c137cc437b96a57e0ad57c886c7e15203cb949dcb5876f690efc5484b53711be8b439cf8b4bc529135483b4970e9c5525e67f5c7b8a605f5065572525d08e666c0c0a1658fe438720d34cd8cf850ed5159984a7adfb0618f27fe481b3ce9e2b2c98feb771d006e183cc62470bc8b8af55523daf3ec1eaf456cca26c52ad271296949fb0265906352717b16ca011c62a9a68773fcef4edb083d603f8fcac2f9560fa2430ae2ae8c8bfb69422593f49601b8384e690e083f5a5ddf5c54cc48c8be5747d1a4d371c3fb1b1c6286e14d0a7c23348bc88e445e6ed6805c2bab9b83d667bc93cc211fa0822e6de57533a9408318f411f53864b7c2bd52375c71819922ff4a4e862c537e77423604fb8f5cc144d169a7546a56444e69c30860e44043f86ae0cf88fc72b446cef4d4c206d1164843d662b4f0eec837e8b56c8b08c28536261983518896555dd9f22c0a596fe397d8c0ee38410a74a8e4e992656054b214a2aae36a9c99f932c863a33dffe2f42ee929dec5eedf70540309d72c41197916b43d3878dfe150d84c406b4ab6de8c543f4d342af1b42710581c5220a33aea702f649174091c6b625ad852fea0a25fa197ecce1ce546d3f9715f771f5077b240839de70a1d1e30443e33cff21eece7927da346fa7ceec91db230529dbd74b2db7b3f4de8c130e9f0c5469c30ca5bbabeb62e1102e13d07dab3b8fd4f24959f9d81abd0ab2135cdfc4330db96787472c4c4e7ab9bc1ef6a87889c379768e11f051e405baf7996f196010c1994e927dfd0eae8b9eee3d132ddbe4c4d5574366bcf0e4b9da066fe83b030fb93e3d986d43d476ca5fe8b81dd23e40e38a933a612a5cea50469cfe7897f7e6072fee37675eecdeb8699f20b02072e1de8587410a18072852192814071a59c"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_skbedit={0x128, 0xc, 0x0, 0x0, {{0xc}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0xffffffff, 0x4, 0xffffffffffffffff, 0x80000000, 0x1}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xc0}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x9, 0x80, 0x20000000, 0x10001, 0x8}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x2, 0x8, 0xfffffffffffffff9, 0x5d2, 0x6}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff2, 0x5}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x9}]}, {0x91, 0x6, "7db5db0d8453604aa3c281feb5b984c41f40d6041ec040026757046573a9d48796f2d1510af81f5ae809c806f5eae40e75fa6fbf1335f24286c1563f266fe0cf9d73820ba751d1fc03dfee2a8b58e557d43a128049785a5b08ca5b0a9b3d91f100fa8d867442b04a5acaeb3936331e0d0319f4ce83d20b1ed78b09a023a52deeece47b091e9d74f603e0f371dc"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_tunnel_key={0xf0, 0x1b, 0x0, 0x0, {{0xf}, {0x44, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3e3, 0x10000, 0x7, 0x7fffffff, 0x9}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0xcee2, 0x3, 0x400000, 0xc1}, 0x1}}]}, {0x7d, 0x6, "d7376ebb3331b4c0bc9181bc928071aa25fa08246a257305b0aa36fe5c1baa7e1ef759c8888b57543e840f1d4a585325965b6730f574a11004faa855eeeca4e2dfd884fd96ff860e649727be8304fd914bdb01c3126ce8db5702516b90d66e7f161273197485d7860c25cb91de5c5404135d24c573a1ca933d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_sample={0x114, 0x1e, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x23}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x1000}]}, {0xd5, 0x6, "33efbf0975006078869102ff6181b53456a55634ab15b02913fe1ae7ad103b66b0494200aaf1b0c7bec4c968530518cfe41981c6d1b48caeaf923105e217a3fcf6d837a1aef6280a457480c39bfcf6a3f786dc11aba2430547b13e39ab42356ce0aa66e4076834b22e54194b0a78c19436214b187b6584d77e6398dba89fcfb2e0cb5708df1a1f8771cb79c0d145fc0facf351188cb3601af06751900784f210c84b0af27c30ea77be812cfc104a44d72ce71595eef6e1108df7917ed8dd22cf71cd86e05df9b4f9ff8522140b978d4d6b"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_mpls={0x10c, 0x3, 0x0, 0x0, {{0x9}, {0x64, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x3}, @TCA_MPLS_TTL={0x5, 0x7, 0x1}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x200, 0x6, 0x7, 0x5, 0x4}, 0x4}}, @TCA_MPLS_TC={0x5}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x9, 0xa, 0x2, 0x8, 0x8}, 0x1}}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}]}, {0x80, 0x6, "ad3aafb818a5c7e2f55b1a4ab453d3d74bdbd5b6da0d7c6c2950fb6e934ca5270e22894084913af52fed8554549c3187dda64748a0f2d765338c48bf6a9be44cd003e8fb6c28c5f21c3bc42aaa6da195260eb3ec7c390fabc94cdb47826e4ce87700c0fa9e3136ecc9147f00be693821f937e4ff96e3b987ee904861"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}, {0x18c8, 0x1, [@m_police={0x104, 0x10, 0x0, 0x0, {{0xb}, {0x60, 0x2, 0x0, 0x1, [[@TCA_POLICE_AVRATE={0x8, 0x4, 0x769}, @TCA_POLICE_TBF={0x3c, 0x1, {0x30000, 0x2, 0x551, 0x0, 0x5, {0xf9, 0x3, 0xfff, 0xb, 0x40, 0xff}, {0x9, 0x1, 0x0, 0xffff, 0x6, 0x9}, 0x8, 0x5, 0x2}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}]]}, {0x7a, 0x6, "e677d4e61f9eb1468ccfc7b795852293b036cc2517aea97438c1e3efe2a8a9800e61c3fc2ba46a8da30012ead0dd8ab6881a5fc4deacaef0dd6890eb83248f28d3967348d178ad61ea8d17cb9300b5458bded35157f5202ff71efd98213783a8b67d925668db7fc23defe199111f3dce34c0f46fd39b"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x6, 0x2}}}}, @m_mpls={0xd0, 0xf, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x1, 0x40, 0x6, 0x5, 0x400}, 0x1}}, @TCA_MPLS_PROTO={0x6, 0x4, 0x8914}, @TCA_MPLS_TC={0x5, 0x6, 0x4}, @TCA_MPLS_BOS={0x5}]}, {0x6f, 0x6, "66795a019ecd2a35e291860321196af9f3bfb85962f85883f28ab427ed75f99067bc621be6445083b6c534e9c86b5652cdf37c0e148c3efdf94c1f52db9f88d3ad9e7ac8aa01e777c6b0762c2c568ca357843f897e3f3dbed2d10c0559d66809079a3800dda373ae497d8c"}, {0xc}, {0xc, 0x8, {0x4}}}}, @m_ctinfo={0x6c, 0x10, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_CTINFO_ZONE={0x6, 0x4, 0x5}]}, {0x36, 0x6, "3c3b22e6d115dbb47832ea4042de11ce00793c7762fce06b16ee4e5294f0c773db7a8c1dae04e42cdcbea4dcf3d38f6e0461"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ct={0x13c, 0x20, 0x0, 0x0, {{0x7}, {0x28, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e22}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @dev={0xac, 0x14, 0x14, 0x1e}}]}, {0xef, 0x6, "d038da2f1c1bf29da7793ef07e9bed928661c21c8fc9fcd5361c33c4f011dc649b97eb89206ded8b8f00273b039b48dfef7e6e1e207c54ba3b19444408f8febd463b31c5d1c9f4f723a24ae432862d5e8adddaa9bc0b476aa0b8165e04edfeebff6daaa6d850d5dc1e0baa60ac1110387305bf7a0eb4d047bba2f2800c33a085cdbce41f586e5da6591bdd033826d1fb4a6e59c943550bdfecf4c5c6eedee1aa279384ded7fc309290109b99e35b75fa2065c0fe0c83436b703fc5d0d785be3706544410a077c9f3111c7eb6324598f10ef3a075689fa7ccf65b6c0b29f588375eef7f4d150226ae30ed19"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x5, 0x1}}}}, @m_sample={0x1050, 0x19, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x67, 0x3ff, 0x5, 0xc13, 0x400}}]}, {0x1004, 0x6, "6f020daf5f4acbb0c34a45510fc7ed4442f52584ba59dafd04a585aba3830d1b17e542b49090566f3ef628e5150ea8ad2b110437151a18d2ab059d1e816319c54815665b35c9a5ea6d77ff6ada593e0d4e6bbb8716a24d13f8fec0a62052c4e36028d53a225534f5098d2805c23dd3ac0539871bf2fbe44752a1fc20f254584625b7f8bb17c89c48d555bd4c17d9c6d37c326d0485d989b981cf1a02864dabb123382baf06e95bc6cdf4e0a270136877937428d40cdaec76b0cbbe4c27491c84d7f89542aaaef0c9352c41a2230e164f75be21152083462a547119d136347957fa876b128af1f55a00087d0ac1a49fadaf69f6d9360de2c30800aa4b9571df3095d7b866ba80ff6529032dbe75366911e1eafe0e214b1b038bf3666144ad6f67823374c1714de03cbf21354fa779b9294edbd55490f42cee5ac81796d2a19ea9d566149f80f4099741ca261a723b9e330a8c1d5f5af310e01b3248c95ed27ce157339e41b4752c2beea1bacced8af37cf9be2cc3390e54a19faf6678db9f5cdf5766e5982b2a6ee906cdb0b0f13a10fb39a5c42b5b9d95592df4ad2ca9bd32e1b07f6b93d68023f7134b136f0e653aa076e9260991b011ef4babcbddd203a478122d58834a06fa5236aed8428f93ba5c4aa8d01a01e1b4440d45ccb86c161f32ce2bf166ae12913acac9d9b978032bd5c405b1609bc14fe5da4e1e80316fd58cc7a9f197c1522badc2aa2b0e518cf5ac3652341fe02ea07effc41d65e2b0f0f4e51c590995dd6ea039e1dc9dcea5823e35facaa5c8c559c19f200bf04d86e07649a2b92f5f611881dfa74b8f86b2b7e2d1eb1811cb30905c31972d97197ebb0e35173c7daa25a3d42b618358904c16bfd77db7589a8f7231d1734d5e4ffaa50a613c72bd548f7d9398c8957c86844c87f05b9efab244fd1aefa4eb31140bff5910a001f9f5008702d12d5e8885e8ca814c6c07823524931bf6d3f133c2d2499ac84b24495ec5a51a7c73b18e1ba6afa9b29a484a7e2e4d4df432cfca96e7d9df134363e7e29e2a8999cb92e49232e99b653b30764037cb130ae5cb5f0724b44f0eefb5b74af7881cd9bbf18e939ae76801ef7dfd71adc9db7981f653576e11cda5cb95dfced0f8d6ab41664073f80065b20631798cdc08c21153b212d248fd7dc6a00c5596bd205aca1c2bcc94ed348fe03f7bef3c4224208189f3e00165e34cb98951d292ca95ba5f5f55a3ce838f9cf933265dc8c5282ec891c2c80600b399f24b3e28a67acb325206c3f5d80923f3e6379103b1807dd75caf5e681d242e22ee05fb1eefbcdb3fe415be5e6db33e09e52eff5bec05e1a33419f6bd5a01ca22b4ebadbbf7624f82bdb0a0dfbeb64f4358f50e5d57b36745cae3eb8c2d7785061097327475ec17541ba4e3c005a7e31385d86ebf8578f8577e47f73ca1c5149a1bd1ce07f7642fde5f1d54d9c541c52b3934f946685be6d4c8a598c3923713fa955972c7036c00ff8951c385e612ca5b7575e696c18215051b78f9d357932bce91a46de08b1e17d28ceb0d2b16fe1ec1837800a817e6a3faa9e89c5d3b6a79fb38d1d73d4167efe7cbad98456df7121a9feda931003349947e7dc53754be7774b8523dbc3a36666210a42f916e883fe893bcf007ee003c6a535df6107cb87f6d969f66f064ca025d7fa73fe41bd506ff0d0617c64e80180cd712add8dc28c1742121aba98190d90c04b872870971c1a19f6c44484b6a9320f50b0ff0d963c1b07fcab263edd447000d605f71117aff7662af92e4b8730606f807d6f8cc0400f3b386d264bf0d7bc985ddcf7c246b4661062253042b8b8025b2505117ac0edb8d765d7d580c0e7563477933b36a41e1c594dda4f0f650baf432581c5a6dc0f1de9fd95dc935eb0cafd1ad5c8b05402e900ac21aad18573121b7574a1450cb4d2cb1382f4a9f9f027cb59a7630f723d27aeab6ce49eb0b436869c100f0b37ec4b7e634cd7702f809f4d5e5be383054242a7beaccc99842f878b6c3b701d96c060588a01287c50e5a06877f298bfdb04760ad128ea33289ea83e77388414aff22c0895ed8aa90e33a786c2cb57c5b6cc5baa8477e746fa9bea19ec6817887bc0ab3ecde95eac3169de627b801e7f9fd57a7e711ce64e36baca3b06bc87c963f9ced7c5dcd82a093b3eb1cb66644ab0b0de622b2e2bf69a1b0b0e37c9a2a7eee8efb4cb4de4b667a0d3dd6532f0fcdfb51348385bbd50c745340463206612bf048f25cc65119dd0da4d5981518210250d376b60e98e3412d438bf6c8e9fd501adb4a62d9c912114736903f0c31105516f68660aa7f98a68573ca214e5e08680a1d68d35c7ed2b5eb0accba2d47e7027ed93a2dccca8efa17fe246dcfb815cc5b23b6cee9ca57e7af158463c3efcdfff82d897d8949296d680803ee24dc65f577ab8031844fd00b2270b6317fb8f5385d19c1ad328fd9ddda78b9f631640a3ad3e07d0de503b9aad60ccf45cd58f001c6a59e70dde683ea0081f0441dc97da0796aed474e01322ee6c82b4bef50e4529d3faaf493231c02b9a08afdc98e436c6c7f2f07ce5c634f43aeb5695503a49b3f8f2e6790fd29b6fa9a0349e64309738eacd1ff35e8a8a9537461a0a5a418dc2a66aaa1efab0a8de4149ddd6e0ee526034487fd887258f0bcf6c868c6450e69977ce16db6ddf49e916de8e19024de1e31a36de4de038ca61ce8bb445501c84a4ad0b146784d742270df3c24d787b5a8f35c78138b95ff7a06c7cfd2ca5bbe56fbec2e78e996e2af19d1cddcaed83f994d24dfc2add4e8c970e4be9e6554d389c8f1963700cd3adb4e8bda78326f6c73fc15fff57aaa91d2e7cf4e9eb56a945e5ffe5c68d9af9cfca34ec392fdcf325c07cc2e3f8264ab914506096f6ea9c72ee8d91700d5f234bb196aaf9ed3319be3745dc808cc3db4003c320db7b345eaaf322728768642cb0c0ee44d7ceace8b61a6f37c0dfc7bc04053e0c1bc4bce3d06ca3694e2cd9acc1355f724cc69223a577818e2086f714c9e41cf305443b2b9f034e96639df47dbf9a06cd94503f0c4fdf792c9964b01436faccf433c11a0f1d9706527f39fb30f00fa5c2eed4ab62cb8933d2d7898922b82c74578523df88a057c6a1386ab6ed72cbd91bd98bbc8acd931454e0742fca82ae5aa10da0ebe2d5590d3858a42457a6e3d3b050cfc6ebddea631c5f3b6d28326e61b4507bf1a71ea4d3642ccc009a4a9d10c3c1e57cb36ef8215cc453331964c1228b28681cbce2a8a914ab788acd2139a48f52d4bd39f3eda680b9b50a6fe562ccf9b2f57c869f8fd350bfb98a61b8e79f5283e1bbd80be8faf340d7a40eca219dd2a1bd4dad05206446359f37f65c0c24324df86c86eb671b87de3e4ffc8b3dc8142141d4d74d797220c762c8c73053fcbcdfae3861f267063f1349642971ea856d52f49a78c048d26f95a9375b83e0aaf19297f1a14808642655cdc475d63745bfdd4926292571f3ede1c23a21f10976423e761221f8d4a03679bf9035e932386fa84deca31435513b204e4379a3a97ce8ba1feeddd5ff9feb8638dceeb9656f87f5b0ec5b907ae58773d412bf4f305233f1c8e74c26547c64acd61bf83ab70a1de067a152131dcb18db6dc16e0b01ddf05605ec1641b4e6954f78c707542f759e75b811f5d673070a00b698a814de10647cd9fc33c650dfd2b86a52a78025ec894dda8af1cdfbcec180dbc163c90f0dc6f27ea0637d81f3484e6bd9e11aac7cbb392894df7569088b953d519bbe21d8c201645b831e9355f2bd9b4e08cb0374c82803fcd36524d98d97776624fa503f5d2c0fed40832f80933f6d554b50b1ecc6c64f8bd21dfb71a2532f6a95bb35a982866f6cdba0b7002464e8e6f4160e0c7b8669a1a135376b03d46e3d4fdff00fdcbfd74a2c729d51fa9fe0628a6460adb0a9d42f0c64ec520f157179ccee5f385e6ca113b7e4d44dbd00fcf6cadbc397d767c15187a3ecf5a4df53b39ec413d2e399ace26ef53772ab8cfb28440c55a2db9131f8c17f4efd4f3963d06dfb27dfd65e3ca3efe0398f66356ddecb06768270d07e711ae899c50c9eb8f49d3490e9ae6eba8df9f9ff489314b3e53624fb8a363f1f2b830c16969ec0c928fb1abf3bdf8ff66288bd1bf9b2409f9d470e7b2b8bb77deaeb12f1f405ac37fd06f06a5608b9e3dc08bc60181a654b7630468832e11a69bce270e775b6226753b15774f43abf22d6674929834fd0932bf5c37349dad45b46ba5512e7c7973db0175802cadc29bedba4084b667e5d3897af2a655d62c14a401a7544fcf793d73bf66b0f624048ab756704c902a7dce9f74004241f05a782ca4929e8b23f8f3b2ef7d45215c65d79f34a6c54236f646f99acc10c737b21864006a44662a2f9d064dbfd793e6ceb800fdeb11f3a7388064289d35abfc5873a98346ad5b1033a581d2dfb68aa7439c7caa76f54fe61e2bab12f543ebeda16000ca117b50823f0d611f037f2ebd04c2b257d47f2abd60787d07d2a904db187a1ec390bb425fa68e947a2152eefa855a3b1b14be2c4ac600edf8d2cdce393d344d599f48b21a8f636af4f3f545f356fbadd2a64743fb4220c487e6dd4302d6343f24bc041b5188d322eda279c455b3f2fee654dab15a562d5468b2acccaf2d0269230c8d1c90df5c35d820f69c27962be9ad349f5d82c54e9229ca857c6388fc47d9362867b55d7477fb275adb69565045e7b002a0d2728663f3505d0dd9c3fff1b3871c757f7dda1af799cd0d933527bb2b2a4064102836c5ad94cab29e8310a8c74bb131e4ff4f1d330e90bb91c66aae27d18b882c2003122f8e1834012459b5f7e8454f9ddc59649753327124877087ef1d88a50851f292a1e45eade8d1234ec94cc3541e549d7e5cba4fa66abfe2b91dc729b1a6b6837a45e28a79fc016d6ce9a4b00ff635554ac142e168b525e613ecf893d1e365ceb6cd43ac98a8e448b3de9310b02f08d5b07632da9a3b013d5dcbf67ca0405a81a793d554317fcd92a0af15731a0c1dd6fdc36e580c574d6ac2f5e90e0fc3e497bf3941a324adce31f911bcabfbc0a93b8aa7a119c82855b663bc6bce5d64be8f34d4335cf888af0bbbeb39df7f19454d88d8737d0acf75b0b931373d845b5206540d9eefa33aa8d92862807a0fdd4e9cf52b5e8beeb7283a671914dbdbafb39ec41e755080150af30f41c65cae801fd3f38f74af7599d8c48d5bbc2a7c46e3d6f431a81b6a243deb71f13483b2d5a55840517978447ba0d2213ada3f6b8c9fb8c61c92654cffde686600ca2339e54b37565afb6d32bd987e17e2def4972d22e0683f042dce091626b02467481510f0c6edba4c726a9c6b97a0885dbece11a786dd821f37b5b3b62001ed8738dc47ceeffbc9e5c34eb7da08adb56e42bde00c0bced0913d924a8b9ac4613d9b289e264e8bb32f87967aa87b03a058ffa73de06dc27084e41c9f5d94db20c18720e537e17dd64df7b2ac7badf110c5ea39d54799b53a85402c37d1dfd4c5bf54cd64b788de75043a16396591865c01defdd52ce0c6c0b0dbee77b470139d417b9038242a99ec7851b9d76650dbc044662f210783c644ec82893898c977147832aaf920fecd8dffb5ae9f4bf8179b319894db0c6b06d41c2c16c78c489a6cec0c246adcbdebd5ac4ef7126a8c90378b524f5ae95d67e472306e57164e7600282e9174868778bb727652557a9d15cdad0d5167038268d118f95a3bc0ba60ed4cb2dc23af26e297d1c6a174966f3dc81638de92cb"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x4, 0x3}}}}, @m_mirred={0x214, 0x10, 0x0, 0x0, {{0xb}, {0x144, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x3, 0x0, 0x9, 0xfffffffd}, 0x3, r4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x9, 0xfffffffffffffff9, 0x6, 0xc}, 0x2, r5}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x7ff, 0xfffffffffffffffd, 0x4, 0x10000}, 0x2, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x0, 0x0, 0x2, 0x1d4}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x10000, 0x4, 0x9, 0xd4a}, 0x3, r7}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x8, 0x6, 0x7fffffff}, 0x2, r8}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x7, 0x0, 0x10000}, 0x2, r11}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0xfffffff7, 0x1, 0x5, 0x7fff}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x20, 0x9, 0x2, 0xffff0b04, 0x8001}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xeb7, 0x20000000, 0x10000000, 0x10000, 0x8}, 0x3}}]}, {0xa5, 0x6, "384078cedb570eabe489f0ebb4846efa3ab29e595d0a73d616a34a11c75add309d0b03428dad95f40f26a7a00dc8f50e56d2523f086e7c54800cb81dfa2b880a4d186fd9d6561ec7a0d902b427d65e0cd63509a25f30a833ba5698bc795343f862d4137fe9a5381266d663f71707fbdfc311f7d5ea63d65a402a5c931e5c6920681bd81c6aeab442d10498a3282d75cd8c1527a71d6cf4ea83c0b7b9a0cbcae512"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_nat={0xec, 0x19, 0x0, 0x0, {{0x8}, {0x4}, {0xc2, 0x6, "39f7b3a2d70d0bd83d92026fc1c0c85048847afda51671f025a28f5e178421d7032f623d590fef3c85c99cc47a5b58399bce75d22101c1186636cd7915038e55f55fd135d6d99c4180d6ccbec20b1be986ad3fb9a459eadd15b0577a2afee2a80eaa7ca2eb6907a734aecd0ab48c0e67fadf69b19f71b4509ad2fda3689b6f91c93381f16d911cbd67f41a97a0c85f62dee34485b6a387fa7689dd34393447683c875ecc134fda12d742a8a915f854c242c45309fabbefd8667d4a28d8c1"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_skbmod={0xb4, 0x1b, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0xdee}]}, {0x7e, 0x6, "2958cbc8790573d0afc82f9ef67c71e80c72ce5cb72ad112e5f9db2014451cb96379b0f8d488835967606099dbee1ab49a285591cd98bcbbaa5cbd8e8f96100e2ac82b97d411b96eaa7cd4bb50385e933bcebaf7cf9dcc03a386af624ac77a5a6d7b9f150ec5119440e0f1d5639dc7ca91c97b788417b6a8a849"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_ct={0x144, 0x1a, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_CT_LABELS_MASK={0x14, 0x8, "90074abba29c5c70c650616341b82ff5"}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x7}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0xa010100}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @local}]}, {0xed, 0x6, "a90a99fe432e9ed3459e2d43e78c0717e48dc128ddb910f9fbd6ab89210995e2d232e10a971dedbf0c431021012c63c000b11a3f576b3951ad8e899c88f63d1db05d079a522560909c2319aa809d9a72c5b349ea7224764071046e62bfa716ed9f886546b932177e86d15d912975506043dd3c82ef1d07e22f3bc97f4dd60802b233e3b127822fd7f28b0c56c3a7e6a1a7e6a6166021443e7b2b2fb994a99006ab93cd27e0cee034620a3d7a3ac1270682d8223212955d648bf2bb2d55ba40bca365e0bec7178e77eb43de249340f5e9721b909d94c945873b66a422a8b8508175dcd75f03518b5ef1"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}]}]}, 0x2e84}, 0x1, 0x0, 0x0, 0x20000000}, 0x84)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
creat(&(0x7f0000000100)='./file0/file0\x00', 0xbc9dc8fbd81cb4a1)
stat(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000200))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000040)={<r12=>0xffffffffffffffff})
vmsplice(r12, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
write$cgroup_pressure(r2, &(0x7f0000000080)={'some', 0x20, 0x2000000005, 0x20, 0x10000000fffff}, 0x2f)
r13 = openat$cgroup_procs(r0, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r13, &(0x7f00000005c0), 0x12)

3.388145364s ago: executing program 5 (id=3432):
io_setup(0x7fff, &(0x7f0000000000))
r0 = gettid()
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xb200, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
splice(r3, 0x0, r2, 0x0, 0x100000000001, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000000)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3}, @end]}}}}}}}, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000640))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000081000000000000000400063010c2000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.236779429s ago: executing program 0 (id=3433):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f00000004c0), 0x14305, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe02, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="000000000000987a2a282d4b9e884c4dd56c75bb2000"/31, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
pipe2$9p(0x0, 0x0)
timer_create(0x5, &(0x7f00000002c0)={0x0, 0x3f, 0x0, @thr={0x0, 0x0}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(r0, 0x0, 0xfffffce6, 0x4040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r3 = creat(&(0x7f0000000580)='./file1\x00', 0x0)
r4 = fanotify_init(0xf00, 0x1)
fanotify_mark(r4, 0x105, 0x40009975, r3, 0x0)
fallocate(r2, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)

2.59495042s ago: executing program 3 (id=3434):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x641, 0x0)
flock(r1, 0x2)
fcntl$lock(r1, 0x24, &(0x7f0000000740)={0x1, 0x0, 0xe6a, 0xa})
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a7000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x19}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffcc2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000040)={[0x4, 0x2, 0x80, 0x25, 0x1, 0x7f, 0x44233, 0x0, 0x81, 0x9c1, 0x8001, 0x1005, 0xc, 0x204db6, 0x0, 0xfffffdfffffffffd], 0xf000, 0x80300})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0xdb, 0xd})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$BTRFS_IOC_INO_PATHS(r4, 0xc0389423, &(0x7f0000000080)={0x1ff, 0x8, [0x4, 0x9, 0x5, 0x100000000], &(0x7f0000000000)=[0x0]})
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000200)=@multiplanar_mmap={0x9, 0x8, 0x4, 0x2, 0xfc, {}, {0x5, 0x8, 0x8, 0x6a, 0x2, 0x4, "3b7a1286"}, 0x8, 0x1, {&(0x7f00000000c0)=[{0xca808, 0x6, {0x8}, 0x8}, {0xffffffff, 0x39, {0x4}, 0xfff}]}, 0x8})

2.335576452s ago: executing program 5 (id=3435):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
recvfrom$inet_nvme(r1, &(0x7f00000000c0)=""/76, 0x4c, 0x2020, &(0x7f0000000140)=@l2tp6={0xa, 0x0, 0x2, @private0={0xfc, 0x0, '\x00', 0x40}, 0x0, 0x1}, 0x80)
syz_usb_connect$uac1(0x5, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005020524", @ANYRES64=r0], 0x0)

2.241221648s ago: executing program 1 (id=3436):
socket$nl_route(0x10, 0x3, 0x0)
r0 = semget$private(0x0, 0x5, 0x0)
semop(r0, &(0x7f0000000180)=[{0x3, 0x44cf, 0x800}], 0x1f4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_TIOCINQ(r4, 0x541b, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x10000, 0x0)
close(0xffffffffffffffff)
memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
syz_open_dev$dri(0x0, 0x3, 0x2200)
r5 = socket$netlink(0x10, 0x3, 0x15)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
fcntl$setstatus(r6, 0x4, 0x2800)
fsetxattr$security_ima(r5, 0x0, 0x0, 0x0, 0x23ee3d92e16e0d44)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_SNDMTU(r7, 0x112, 0xc, 0x0, 0x0)

1.416385547s ago: executing program 0 (id=3437):
socket$inet6(0xa, 0x3, 0x5)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000001e00431b00000000000000000700007a2b09ff7900", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r3, 0x8008f512, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40094}, 0x20000804)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0x9a}, @l2cap_cid_signaling={{0x96}, [@l2cap_cmd_rej_unk={{0x1, 0x9, 0x2}, {0x4}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x8, 0x2}, {0x2}}, @l2cap_conf_req={{0x4, 0x6, 0x5b}, {0x9, 0x10, [@l2cap_conf_flushto={0x2, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x81}, @l2cap_conf_flushto={0x2, 0x2, 0x8617}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x10, 0x2, 0x2, 0x8, 0x3ff}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x72}, @l2cap_conf_efs={0x6, 0x10, {0x62, 0x1, 0x9, 0x8ce, 0x80, 0xc3}}, @l2cap_conf_efs={0x6, 0x10, {0xa, 0x0, 0xfff9, 0x6, 0x848, 0x1}}, @l2cap_conf_efs={0x6, 0x10, {0x5, 0x0, 0x9582, 0xe, 0x4, 0x6ac}}]}}, @l2cap_disconn_req={{0x6, 0x60, 0x4}, {0x4, 0x8000}}, @l2cap_move_chan_req={{0xe, 0xfc, 0x3}, {0x1ff, 0xb0}}, @l2cap_create_chan_rsp={{0xd, 0x2, 0x8}, {0xff, 0x5, 0x101, 0x38c}}, @l2cap_disconn_rsp={{0x7, 0xff, 0x4}, {0x61, 0x3}}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0x4, 0x5}}]}}, 0x9f)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="dd1f", 0x2, 0xb, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)

1.218069181s ago: executing program 1 (id=3438):
syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=ANY=[], 0x18}}, {{0x0, 0x0, &(0x7f0000000680)}}], 0x2, 0x810)
mount$fuse(0x0, 0x0, 0x0, 0x1, &(0x7f0000000ac0)=ANY=[@ANYBLOB="e7e4861f4bcfc6ea1143faf5be5b5e6bb7fabe3baafc310136a16290571ae8331b4e694ced800e"])
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000540), &(0x7f0000000640)=0xc)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.20256866s ago: executing program 4 (id=3439):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, 0x0)

457.314221ms ago: executing program 4 (id=3440):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000001000), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r2=>0x0)
sendmsg$NFC_CMD_LLC_SDREQ(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44001}, 0x0)

446.609241ms ago: executing program 3 (id=3441):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x40, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @multicast2}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)

384.284972ms ago: executing program 0 (id=3442):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffdffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, 0x17)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x1300, 0x6})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000800)={0x44, 0x0, &(0x7f0000000600)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x71, 0x0, &(0x7f0000000700)="0e2598b916403a6934947cc96f784bfdd51629db64273d360b3a06fe783f305949ffe460db9f122b2ae86acca8326b549437658befb65242899462f4569139b437e53560e192c5669e28ab63aca77f8c88224d480f722df8ef295b1618bac627c0c66dc4a3db10ba0c8c5163a17da16c2a"})
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x2, &(0x7f0000000a80)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @generic={0x10, 0x0, 0x1, 0x5, 0x4}], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x61, &(0x7f00000001c0)=""/97, 0x40f00, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x7, 0x8001, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0x1], 0x0, 0x10, 0x9}, 0x94)
io_setup(0x6, &(0x7f00000006c0)=<r7=>0x0)
preadv(0xffffffffffffffff, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0xfffffe01}], 0x1, 0x8000, 0x0)
r8 = eventfd(0x8)
io_submit(r7, 0x3, &(0x7f00000009c0)=[&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000700)="dec6250d584b4bce4c7763904ffd35ae55cd24983f87446d94bb197c6d1de4c27726a732ce94f6e43c69521a73ecfc9f95101f025794e8516ac34abaf56d79a8c5a67f1d8a626a6ae7df0ce25bfd99cf63023e385afc709923cb8510fb331fd46db31acfb65086e88bc0e4be0c986707786ac06b35306a8d73fd032f6a0d6d9073d78d8daab72c251b03d21e48ffa9285fc5b2e3c6682c75c625c3e62b44c656f79b650fe654472dfc9bf7e1b21b17f90e", 0xb1, 0xfffffffffffffffa, 0x0, 0x3}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x7, r6, &(0x7f0000000800)="d2fe488055a293904547194afaa49582a1aa35aa069dbb33dac63bfd0fbb59ea3a2db73d97126c7d47078263e52f9ee2353478b10c507f4c8fff2ca9de78dff88fd9a66bf33d1ee2767ce27188d963251bf052a00f23a33014543538cc7d8edd76a6e2fcbac2de0d8873c26ba77a9e8a2f63e9eb67b4b372f69261dca47771b01521154d81ea4317abdfbf3a9d900d9b6865d6355f8ac9b27f53ecc688e31b2d242f99d676e20dac198ad3c68b6bc00cc0143067c469b2ef0e914afc5298b1785c6b9abe", 0xc4, 0x6af, 0x0, 0x1}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x29, 0xffffffffffffffff, &(0x7f0000000940)="1eac2c5710586f205abb7b0d2c8720a839c6e9476aa2eb38bedbe6fc04f39cd670", 0x21, 0x3, 0x0, 0x3, r8}])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r6, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa1, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x33, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25250000000e0001006e657464657673697d0000000f0002006e657464657673696d30000008008b00f2a030c1c3847f2e189594410ab90c0b0bd35907658b28f46cf6029ba33cad5fa6ccd0545b856f83dac1de0845af79", @ANYRES32, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)

136.683395ms ago: executing program 4 (id=3443):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
pipe(&(0x7f00000000c0))
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r1, &(0x7f0000000580)={&(0x7f0000000000)={0xa, 0x4e23, 0x8a, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x2}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000029000000370000d32b688b3adc0023000000000000001b00000000000000290000003200000020010000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000029000000390000003a00c00700000000fe8000000000000000000000000000aa0000000000000000000000000000000100000000000000000000000000000001ff01000000000000000000000000000100000000000000000000ffffe0000002fe8000000000000000000000000000bbff020000000000000000000000000001fe880000000000000000000000000101"], 0x40}, 0x20000010)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, &(0x7f0000001040)=0x5d)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r2, &(0x7f0000000680)={&(0x7f00000001c0)={0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40001}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$inet6(0xa, 0xa, 0x2)
socket$netlink(0x10, 0x3, 0x4)
bind$rds(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
write$6lowpan_control(r3, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000940)={0x60, 0xa0, 0x0, 0x0, 0x3e000000, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0xfffffffc}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7b13000000000000200012800b00010067656e657665000010000280060005004e2000000400060008000a00b5"], 0x48}}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001505000008004e002d3501000000000095004100000000006916360000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf530000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

102.745163ms ago: executing program 1 (id=3444):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x0)
r1 = inotify_init()
fcntl$getownex(r1, 0x10, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
mknod$loop(0x0, 0xfff, 0x1)
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x20000045)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000005580)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(r3, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000001e580)=@newtaction={0x44, 0x1e, 0x109, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x8, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x44}, 0x1, 0x2b1e, 0x0, 0x80}, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x34581)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x1, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_START(r5, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_STOP(r5, 0x54a1)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c00000003060101000000000000000002008ccbb01761e4f4123965000a0500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
add_key(&(0x7f0000000000)='blacklist\x00', 0x0, &(0x7f0000000340)="7b331c32750a584e0600000000000000d6add6098b4b1ca27cf814b5738e9b0dfafe5be08f2d306764e3db86accdfb4bdb0ec2522b3e7cea57c20199048b8cc2a81a63f78da1ba75d5b41b7c4eceec6b9aadc39374e2c408651fb019ddc765c135af1dc00ddc17a100a0acad672ef874fa8dad3d7673365ab6b8e1d2a5b9286e905624000617edd2c993b547e3118cb8b92e0ea1dc112fa17726c1a01a86fbad2ea2028ae057a680e6cc4b8c7dacb71f72c29805e477816acfe43cda09eb014f70119683d505898f55cb789bac7a9afc3329cf84d332501b56b8d1f31779703a09003154e48dd94b2ec3e394e7a5b7d3c1d35981718308cc28f662663ec67711", 0x100, 0xffffffffffffffff)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000c00)={[&(0x7f0000000b40)='/dev/fuse\x00', &(0x7f0000000bc0)='/dev/fuse\x00']})

0s ago: executing program 3 (id=3445):
socket$inet6(0xa, 0x80002, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='sched\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0xa, 0x2, 0x0)
eventfd(0x200)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
brk(0x55d55ede6004)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
io_setup(0x58, 0x0)
io_submit(0x0, 0x0, 0x0)
r2 = openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000300)={'adq12b\x00', [0x6, 0x5, 0xd09a, 0xe, 0x3, 0xfffffffd, 0x20000004, 0x8, 0x1000, 0x6, 0xc, 0x1001, 0x9, 0x2, 0xffff, 0x6, 0x5, 0x40000009, 0x830, 0x30000, 0x10003, 0x2, 0x800, 0xe2db, 0x2, 0xd, 0x7, 0x3, 0x4, 0x3, 0x70f]})
ioctl$COMEDI_INSN(r2, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92ff, 0x0, 0x0, 0x4})
write(r1, 0x0, 0x0)
cachestat(r0, 0x0, 0x0, 0xee)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
ioctl$sock_qrtr_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000100))
r3 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r3, &(0x7f0000000380)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendto(r4, 0x0, 0x0, 0x4000854, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
socket(0xa, 0x3, 0xff)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)

kernel console output (not intermixed with test programs):

[ 1129.989468][ T5917] usb 4-1: SerialNumber: syz
[ 1130.050972][ T5917] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1130.075364][    T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1130.270981][   T24] usb 5-1: device descriptor read/8, error -71
[ 1130.675692][ T5884] IPVS: starting estimator thread 0...
[ 1130.707193][T18945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1130.730465][T18945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.750624][T18945] bridge_slave_0: entered allmulticast mode
[ 1130.769126][T18945] bridge_slave_0: entered promiscuous mode
[ 1130.810350][T19007] IPVS: using max 39 ests per chain, 93600 per kthread
[ 1130.813091][T18945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1130.876547][T18945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1130.911823][T18945] bridge_slave_1: entered allmulticast mode
[ 1130.943270][T18945] bridge_slave_1: entered promiscuous mode
[ 1131.011978][T18218] usb 4-1: USB disconnect, device number 110
[ 1131.123279][T18945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1131.145544][   T67] bridge_slave_1: left allmulticast mode
[ 1131.155435][   T67] bridge_slave_1: left promiscuous mode
[ 1131.165692][   T67] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1131.183295][   T67] bridge_slave_0: left allmulticast mode
[ 1131.199099][   T67] bridge_slave_0: left promiscuous mode
[ 1131.209369][   T67] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1131.210267][ T5884] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[ 1131.403030][ T5884] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1131.440579][ T5884] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1131.470308][ T5884] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1131.480391][    T9] usb 4-1: Service connection timeout for: 256
[ 1131.489496][    T9] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1131.493705][ T5884] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1131.521027][    T9] ath9k_htc: Failed to initialize the device
[ 1131.526877][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.537591][T18218] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1131.561474][T11578] Bluetooth: hci4: command tx timeout
[ 1131.589982][ T5884] usb 6-1: config 0 descriptor??
[ 1132.078438][ T5884] plantronics 0003:047F:FFFF.0034: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1132.587640][   T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1132.610637][   T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1132.646267][   T67] bond0 (unregistering): (slave dummy0): Releasing backup interface
[ 1132.673166][   T67] bond0 (unregistering): Released all slaves
[ 1132.711301][   T67] bond1 (unregistering): Released all slaves
[ 1132.749708][T18945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1133.089417][T18218] usb 6-1: USB disconnect, device number 45
[ 1133.247700][ T5884] usb 2-1: USB disconnect, device number 101
[ 1133.275817][   T67] tipc: Left network mode
[ 1133.281672][T18945] team0: Port device team_slave_0 added
[ 1133.374155][T18945] team0: Port device team_slave_1 added
[ 1133.650458][T11578] Bluetooth: hci4: command tx timeout
[ 1133.708079][T18945] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1133.715116][T18945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1133.827798][T18945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1133.870091][T18945] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1133.870109][T18945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1133.870137][T18945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1134.649596][T19052] tmpfs: Unknown parameter ''
[ 1134.670779][T10716] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[ 1134.771494][T18945] hsr_slave_0: entered promiscuous mode
[ 1134.822312][T18945] hsr_slave_1: entered promiscuous mode
[ 1134.850543][T10716] usb 6-1: Using ep0 maxpacket: 32
[ 1134.899969][T10716] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1134.918792][T18945] debugfs: 'hsr0' already exists in 'hsr'
[ 1134.923546][T10716] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1134.940354][T18945] Cannot create hsr debugfs directory
[ 1134.941927][T10716] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1134.969170][T10716] usb 6-1: Product: syz
[ 1135.006425][T10716] usb 6-1: Manufacturer: syz
[ 1135.020243][T10716] usb 6-1: SerialNumber: syz
[ 1135.035815][T10716] usb 6-1: config 0 descriptor??
[ 1135.047643][T19058] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1135.092854][T10716] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1135.098774][T10716] hub 6-1:0.0: probe with driver hub failed with error -5
[ 1135.105157][T19068] netdevsim netdevsim3 ªªªªª»: renamed from netdevsim0 (while UP)
[ 1135.180349][    T9] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1135.351205][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1135.358817][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1135.384643][   T67] hsr_slave_0: left promiscuous mode
[ 1135.385710][    T9] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1135.410921][    T9] usb 5-1: can't read configurations, error -61
[ 1135.464385][   T67] hsr_slave_1: left promiscuous mode
[ 1135.514243][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1135.636869][   T67] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1136.087320][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1136.124889][   T67] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1136.140290][    T9] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1136.171671][T10716] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 1136.248616][T19082] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1136.257331][T19082] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1136.363724][T10716] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1136.379065][T10716] usb 4-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1136.412656][T10716] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1136.427377][   T67] veth1_vlan: left allmulticast mode
[ 1136.430305][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1136.433670][   T67] veth1_macvtap: left promiscuous mode
[ 1136.447721][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1136.455560][T10716] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1136.464111][   T67] veth0_macvtap: left promiscuous mode
[ 1136.469896][   T67] veth1_vlan: left promiscuous mode
[ 1136.473452][    T9] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1136.477895][T18218] usb 6-1: USB disconnect, device number 46
[ 1136.483012][    T9] usb 5-1: can't read configurations, error -61
[ 1136.521503][T10716] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1136.542092][    T9] usb usb5-port1: attempt power cycle
[ 1136.551350][T10716] usb 4-1: invalid MIDI out EP 0
[ 1136.644869][T10716] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1136.767733][T19081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1136.777633][T19081] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1136.892886][    T9] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1136.925001][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1136.965013][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1136.990900][    T9] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1137.002828][T19081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1137.014564][   T30] audit: type=1326 audit(1136.977:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.026485][    T9] usb 5-1: can't read configurations, error -61
[ 1137.044512][T19081] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1137.064444][   T30] audit: type=1326 audit(1136.977:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.129713][ T5884] usb 4-1: USB disconnect, device number 111
[ 1137.201604][    T9] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1137.215571][   T30] audit: type=1326 audit(1136.987:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f87f538d810 code=0x7ffc0000
[ 1137.272281][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1137.279669][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1137.302354][    T9] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1137.310126][    T9] usb 5-1: can't read configurations, error -61
[ 1137.316541][   T30] audit: type=1326 audit(1136.987:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f87f538ebcb code=0x7ffc0000
[ 1137.342410][    T9] usb usb5-port1: unable to enumerate USB device
[ 1137.389667][   T30] audit: type=1326 audit(1136.987:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f87f538ebcb code=0x7ffc0000
[ 1137.457186][   T30] audit: type=1326 audit(1137.037:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.537150][   T30] audit: type=1326 audit(1137.037:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.614484][   T30] audit: type=1326 audit(1137.087:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.686023][   T30] audit: type=1326 audit(1137.087:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.846526][   T30] audit: type=1326 audit(1137.087:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19077 comm="syz.3.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1137.963926][   T67] team0 (unregistering): Port device team_slave_1 removed
[ 1138.390481][T19094] netlink: 'syz.4.3074': attribute type 6 has an invalid length.
[ 1138.700763][   T67] team0 (unregistering): Port device team_slave_0 removed
[ 1138.738914][T19101] SELinux:  Context system_u:object is not valid (left unmapped).
[ 1140.570157][T19118] input: syz0 as /devices/virtual/input/input67
[ 1141.906383][T19140] netdevsim netdevsim4 ªªªªª»: renamed from netdevsim0 (while UP)
[ 1141.930843][ T5898] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 1142.125024][ T5898] usb 4-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1
[ 1142.139195][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1142.354310][ T5898] usb 4-1: config 0 descriptor??
[ 1142.363588][ T5898] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1142.370985][ T5898] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1142.406358][   T67] IPVS: stop unused estimator thread 0...
[ 1143.030501][T19157] IPVS: set_ctl: invalid protocol: 44 172.20.20.14:20002
[ 1143.116816][    T9] usb 4-1: USB disconnect, device number 112
[ 1144.731616][T18945] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1144.759087][T18945] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1144.824648][T18945] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1144.964386][T18945] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1145.047491][T19184] netlink: 'syz.4.3096': attribute type 6 has an invalid length.
[ 1146.032452][T18945] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1146.112628][T18945] 8021q: adding VLAN 0 to HW filter on device team0
[ 1146.177774][T19204] FAULT_INJECTION: forcing a failure.
[ 1146.177774][T19204] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1146.196487][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1146.203651][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1146.339446][T19204] CPU: 0 UID: 0 PID: 19204 Comm: syz.5.3101 Not tainted syzkaller #0 PREEMPT(full) 
[ 1146.339476][T19204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1146.339489][T19204] Call Trace:
[ 1146.339496][T19204]  <TASK>
[ 1146.339505][T19204]  dump_stack_lvl+0x16c/0x1f0
[ 1146.339539][T19204]  should_fail_ex+0x512/0x640
[ 1146.339568][T19204]  should_fail_alloc_page+0xe7/0x130
[ 1146.339595][T19204]  prepare_alloc_pages+0x3c2/0x610
[ 1146.339619][T19204]  ? rcu_is_watching+0x12/0xc0
[ 1146.339649][T19204]  __alloc_frozen_pages_noprof+0x18b/0x2470
[ 1146.339696][T19204]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1146.339740][T19204]  ? __lock_acquire+0x622/0x1c90
[ 1146.339775][T19204]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1146.339805][T19204]  ? policy_nodemask+0xea/0x4e0
[ 1146.339831][T19204]  alloc_pages_mpol+0x1fb/0x550
[ 1146.339857][T19204]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1146.339890][T19204]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1146.339920][T19204]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1146.339947][T19204]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1146.339975][T19204]  ? rcu_read_unlock+0x2d/0xb0
[ 1146.340010][T19204]  do_wp_page+0x11d8/0x52b0
[ 1146.340042][T19204]  ? __pfx_do_wp_page+0x10/0x10
[ 1146.340069][T19204]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1146.340091][T19204]  ? ___pte_offset_map+0x2ad/0x4f0
[ 1146.340120][T19204]  __handle_mm_fault+0x1ae3/0x2aa0
[ 1146.340162][T19204]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1146.340193][T19204]  ? __pte_offset_map_lock+0x174/0x310
[ 1146.340214][T19204]  ? find_held_lock+0x2b/0x80
[ 1146.340246][T19204]  ? follow_page_pte+0x5cf/0x1390
[ 1146.340274][T19204]  handle_mm_fault+0x589/0xd10
[ 1146.340306][T19204]  __get_user_pages+0x54e/0x3530
[ 1146.340340][T19204]  ? down_read_killable+0x220/0x4b0
[ 1146.340361][T19204]  ? __lock_acquire+0x622/0x1c90
[ 1146.340390][T19204]  ? __pfx___get_user_pages+0x10/0x10
[ 1146.340415][T19204]  ? __lock_acquire+0x622/0x1c90
[ 1146.340447][T19204]  __gup_longterm_locked+0xa92/0x17e0
[ 1146.340479][T19204]  ? __pfx___gup_longterm_locked+0x10/0x10
[ 1146.340506][T19204]  ? try_get_folio+0x255/0x730
[ 1146.340527][T19204]  ? find_held_lock+0x2b/0x80
[ 1146.340552][T19204]  ? sanity_check_pinned_pages+0x58a/0x11d0
[ 1146.340582][T19204]  gup_fast_fallback+0xee2/0x22a0
[ 1146.340629][T19204]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1146.340654][T19204]  ? bpf_ksym_find+0x127/0x1c0
[ 1146.340684][T19204]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1146.340712][T19204]  ? is_bpf_text_address+0x94/0x1a0
[ 1146.340737][T19204]  ? kernel_text_address+0x8d/0x100
[ 1146.340764][T19204]  pin_user_pages_fast+0xa7/0xf0
[ 1146.340789][T19204]  ? __pfx_pin_user_pages_fast+0x10/0x10
[ 1146.340823][T19204]  iov_iter_extract_pages+0x3a2/0x1ed0
[ 1146.340854][T19204]  ? stack_depot_save_flags+0x29/0x9c0
[ 1146.340878][T19204]  ? __pfx___might_resched+0x10/0x10
[ 1146.340908][T19204]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[ 1146.340932][T19204]  ? kasan_save_stack+0x42/0x60
[ 1146.340950][T19204]  ? kasan_save_stack+0x33/0x60
[ 1146.340968][T19204]  ? kasan_save_track+0x14/0x30
[ 1146.340985][T19204]  ? __kasan_kmalloc+0xaa/0xb0
[ 1146.341003][T19204]  ? __kmalloc_noprof+0x32f/0x880
[ 1146.341028][T19204]  ? sock_kmalloc+0x111/0x170
[ 1146.341056][T19204]  ? af_alg_alloc_areq+0xbc/0x2e0
[ 1146.341082][T19204]  ? skcipher_recvmsg+0x314/0x1030
[ 1146.341102][T19204]  ? sock_recvmsg+0x1f9/0x250
[ 1146.341127][T19204]  ? ____sys_recvmsg+0x218/0x6b0
[ 1146.341160][T19204]  ? ___sys_recvmsg+0x114/0x1a0
[ 1146.341182][T19204]  ? __sys_recvmsg+0x16a/0x220
[ 1146.341205][T19204]  ? do_syscall_64+0xcd/0xfa0
[ 1146.341231][T19204]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.341265][T19204]  extract_iter_to_sg+0xf6e/0x20c0
[ 1146.341300][T19204]  ? __pfx_extract_iter_to_sg+0x10/0x10
[ 1146.341334][T19204]  ? rcu_is_watching+0x12/0xc0
[ 1146.341366][T19204]  af_alg_get_rsgl+0x2b8/0x7f0
[ 1146.341409][T19204]  skcipher_recvmsg+0x375/0x1030
[ 1146.341444][T19204]  ? __pfx_skcipher_recvmsg+0x10/0x10
[ 1146.341474][T19204]  sock_recvmsg+0x1f9/0x250
[ 1146.341505][T19204]  ____sys_recvmsg+0x218/0x6b0
[ 1146.341541][T19204]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1146.341583][T19204]  ? __lock_acquire+0x622/0x1c90
[ 1146.341617][T19204]  ___sys_recvmsg+0x114/0x1a0
[ 1146.341644][T19204]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1146.341698][T19204]  __sys_recvmsg+0x16a/0x220
[ 1146.341725][T19204]  ? __pfx___sys_recvmsg+0x10/0x10
[ 1146.341773][T19204]  do_syscall_64+0xcd/0xfa0
[ 1146.341805][T19204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.341826][T19204] RIP: 0033:0x7fdef378efc9
[ 1146.341843][T19204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1146.341863][T19204] RSP: 002b:00007fdef46da038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1146.341883][T19204] RAX: ffffffffffffffda RBX: 00007fdef39e5fa0 RCX: 00007fdef378efc9
[ 1146.341897][T19204] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[ 1146.341910][T19204] RBP: 00007fdef46da090 R08: 0000000000000000 R09: 0000000000000000
[ 1146.341923][T19204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1146.341935][T19204] R13: 00007fdef39e6038 R14: 00007fdef39e5fa0 R15: 00007ffe917e8358
[ 1146.341967][T19204]  </TASK>
[ 1146.391968][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1146.848759][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1147.176096][T18945] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1147.487054][   T30] kauditd_printk_skb: 20 callbacks suppressed
[ 1147.487071][   T30] audit: type=1400 audit(1147.467:1607): avc:  denied  { setopt } for  pid=19230 comm="syz.5.3106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1147.983068][T19236] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3103'.
[ 1148.038012][T19236] bridge_slave_1: left allmulticast mode
[ 1148.073632][T19236] bridge_slave_1: left promiscuous mode
[ 1148.212797][T19236] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1148.263653][T19236] bridge_slave_0: left allmulticast mode
[ 1148.269372][T19236] bridge_slave_0: left promiscuous mode
[ 1148.274986][ T5884] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[ 1148.297454][T19236] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1148.427241][ T5884] usb 6-1: device descriptor read/64, error -71
[ 1148.670290][ T5884] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[ 1148.800308][ T5884] usb 6-1: device descriptor read/64, error -71
[ 1148.910725][ T5884] usb usb6-port1: attempt power cycle
[ 1148.917779][T18945] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1149.567592][T18945] veth0_vlan: entered promiscuous mode
[ 1149.584198][T18945] veth1_vlan: entered promiscuous mode
[ 1149.638970][T18945] veth0_macvtap: entered promiscuous mode
[ 1149.800332][ T5884] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 1149.809813][T18945] veth1_macvtap: entered promiscuous mode
[ 1149.823477][ T5884] usb 6-1: device descriptor read/8, error -71
[ 1150.028493][T19272] netlink: 'syz.3.3110': attribute type 6 has an invalid length.
[ 1150.166512][T18945] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1150.179796][T18945] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1150.191021][ T3014] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1150.199783][ T3014] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1150.238783][ T3014] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1150.292357][ T5884] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[ 1150.308943][ T3014] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1150.430798][ T5884] usb 6-1: device descriptor read/8, error -71
[ 1150.457352][ T6571] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1150.478330][ T6571] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1150.536500][ T6571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1150.604055][ T6571] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1150.670798][ T5884] usb usb6-port1: unable to enumerate USB device
[ 1150.817575][T19283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3046'.
[ 1150.885338][T19283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3046'.
[ 1152.241647][T19310] tmpfs: Unknown parameter ''
[ 1152.491831][   T30] audit: type=1400 audit(1152.477:1608): avc:  denied  { listen } for  pid=19312 comm="syz.0.3117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1154.410275][ T5898] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[ 1154.590303][ T5898] usb 2-1: Using ep0 maxpacket: 8
[ 1155.155736][ T5898] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[ 1155.186174][ T5898] usb 2-1: config 179 has no interface number 0
[ 1155.222838][ T5898] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1155.272143][ T5898] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1155.309146][ T5898] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1155.457677][ T5898] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1155.486903][ T5898] usb 2-1: config 179 interface 65 has no altsetting 0
[ 1155.535212][ T5898] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1155.648241][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.654211][T19351] batadv0: entered promiscuous mode
[ 1155.669275][T19351] vlan2: entered promiscuous mode
[ 1155.758839][   T30] audit: type=1400 audit(1155.737:1609): avc:  denied  { connect } for  pid=19352 comm="syz.3.3128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1155.846361][   T30] audit: type=1400 audit(1155.757:1610): avc:  denied  { read } for  pid=19352 comm="syz.3.3128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1155.879012][ T5898] usb 2-1: USB disconnect, device number 102
[ 1155.931243][    T9] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1156.122367][    T9] usb 1-1: config 0 has an invalid interface number: 83 but max is 0
[ 1156.130600][    T9] usb 1-1: config 0 has no interface number 0
[ 1156.136673][    T9] usb 1-1: config 0 interface 83 altsetting 0 endpoint 0x8B has an invalid bInterval 97, changing to 7
[ 1156.150234][    T9] usb 1-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid maxpacket 24929, setting to 1024
[ 1156.170477][    T9] usb 1-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[ 1156.185456][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1156.202949][    T9] usb 1-1: config 0 descriptor??
[ 1156.218705][    T9] ttusbir 1-1:0.83: cannot find expected altsetting
[ 1156.575266][T19364] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3131'.
[ 1157.664678][ T5884] usb 1-1: USB disconnect, device number 73
[ 1157.750944][T19382] netlink: 'syz.1.3134': attribute type 6 has an invalid length.
[ 1158.896172][T19394] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3136'.
[ 1158.955292][   T30] audit: type=1326 audit(1158.937:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1159.641032][   T30] audit: type=1326 audit(1158.937:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1159.941824][   T30] audit: type=1326 audit(1158.967:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.112748][   T30] audit: type=1326 audit(1158.967:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.193737][   T30] audit: type=1326 audit(1158.967:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.300320][   T30] audit: type=1326 audit(1158.967:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.406245][   T30] audit: type=1326 audit(1158.967:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.460310][   T30] audit: type=1326 audit(1158.977:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.588661][   T30] audit: type=1326 audit(1158.977:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1160.708515][T19420] tmpfs: Unknown parameter ''
[ 1160.717909][   T30] audit: type=1326 audit(1158.977:1620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19388 comm="syz.5.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fdef378efc9 code=0x7ffc0000
[ 1161.555786][T19434] netlink: 'syz.3.3145': attribute type 10 has an invalid length.
[ 1163.722540][T15780] Bluetooth: hci1: command 0x041b tx timeout
[ 1164.780331][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1164.780349][   T30] audit: type=1400 audit(1164.617:1631): avc:  denied  { setopt } for  pid=19460 comm="syz.5.3152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1166.735401][T19479] tmpfs: Unknown parameter ''
[ 1167.810492][ T5870] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[ 1168.102135][   T30] audit: type=1400 audit(1167.917:1632): avc:  denied  { setopt } for  pid=19492 comm="syz.4.3163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1168.167806][T19493] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1168.173971][T19493] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1168.188687][T19493] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1168.198431][ T5870] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1168.201925][T19493] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1168.222166][T19493] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1168.229498][T19493] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1168.246228][ T5870] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1168.257591][T19493] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1168.258549][ T5870] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1168.276159][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.289710][T19491] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1168.303409][ T5870] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1168.326194][T19493] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1168.338075][T19493] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1168.434389][T19493] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1168.454938][T19493] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1168.461490][T19493] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1168.470429][T19493] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1168.720290][ T5898] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1168.733211][ T5870] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 1168.751215][    T9] usb 1-1: USB disconnect, device number 74
[ 1168.870445][ T5898] usb 5-1: Using ep0 maxpacket: 16
[ 1168.880437][   T24] usb 6-1: new full-speed USB device number 51 using dummy_hcd
[ 1168.942248][ T5870] usb 4-1: config 16 interface 0 altsetting 75 endpoint 0x7 has invalid maxpacket 1032, setting to 1024
[ 1168.942383][ T5898] usb 5-1: config 0 has an invalid interface number: 214 but max is 0
[ 1168.963385][ T5870] usb 4-1: config 16 interface 0 altsetting 75 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1168.980621][ T5870] usb 4-1: config 16 interface 0 has no altsetting 0
[ 1168.987582][ T5870] usb 4-1: New USB device found, idVendor=15c2, idProduct=0036, bcdDevice=bb.7a
[ 1168.987730][ T5898] usb 5-1: config 0 has no interface number 0
[ 1168.997966][ T5870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1169.040598][ T5898] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[ 1169.050596][T19508] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1169.078954][   T24] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[ 1169.300381][ T5898] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1169.322818][ T5870] usb 4-1: string descriptor 0 read error: -71
[ 1169.323870][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1169.330223][   T24] usb 6-1: config 5 has no interface number 0
[ 1169.358320][ T5898] usb 5-1: Product: syz
[ 1169.359516][ T5870] imon:imon_find_endpoints: no valid input (IR) endpoint found
[ 1169.362857][ T5898] usb 5-1: Manufacturer: syz
[ 1169.371656][   T24] usb 6-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[ 1169.394993][ T5898] usb 5-1: SerialNumber: syz
[ 1169.411080][ T5870] imon 4-1:16.0: unable to initialize intf0, err -19
[ 1169.417822][ T5870] imon:imon_probe: failed to initialize context!
[ 1169.417831][ T5898] usb 5-1: config 0 descriptor??
[ 1169.433912][   T30] audit: type=1400 audit(1169.407:1633): avc:  denied  { append } for  pid=19524 comm="syz.0.3173" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[ 1169.480002][   T24] usb 6-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1169.494874][ T5870] imon 4-1:16.0: unable to register, err -19
[ 1169.498023][T19527] FAULT_INJECTION: forcing a failure.
[ 1169.498023][T19527] name failslab, interval 1, probability 0, space 0, times 0
[ 1169.514643][   T24] usb 6-1: config 5 interface 123 has no altsetting 0
[ 1169.534901][T19527] CPU: 0 UID: 0 PID: 19527 Comm: syz.0.3174 Not tainted syzkaller #0 PREEMPT(full) 
[ 1169.534928][T19527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1169.534940][T19527] Call Trace:
[ 1169.534948][T19527]  <TASK>
[ 1169.534956][T19527]  dump_stack_lvl+0x16c/0x1f0
[ 1169.534993][T19527]  should_fail_ex+0x512/0x640
[ 1169.535016][T19527]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1169.535050][T19527]  should_failslab+0xc2/0x120
[ 1169.535075][T19527]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1169.535105][T19527]  ? __alloc_skb+0x2b2/0x380
[ 1169.535135][T19527]  ? __alloc_skb+0x2b2/0x380
[ 1169.535156][T19527]  __alloc_skb+0x2b2/0x380
[ 1169.535179][T19527]  ? __pfx___alloc_skb+0x10/0x10
[ 1169.535204][T19527]  ? genl_rcv_msg+0x4bb/0x800
[ 1169.535232][T19527]  netlink_ack+0x15d/0xb80
[ 1169.535262][T19527]  ? __lock_acquire+0x622/0x1c90
[ 1169.535298][T19527]  netlink_rcv_skb+0x332/0x420
[ 1169.535326][T19527]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1169.535348][T19527]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1169.535389][T19527]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1169.535428][T19527]  genl_rcv+0x28/0x40
[ 1169.535455][T19527]  netlink_unicast+0x5aa/0x870
[ 1169.535488][T19527]  ? __pfx_netlink_unicast+0x10/0x10
[ 1169.535528][T19527]  netlink_sendmsg+0x8c8/0xdd0
[ 1169.535561][T19527]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1169.535602][T19527]  ____sys_sendmsg+0xa98/0xc70
[ 1169.535633][T19527]  ? copy_msghdr_from_user+0x10a/0x160
[ 1169.535663][T19527]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1169.535709][T19527]  ___sys_sendmsg+0x134/0x1d0
[ 1169.535737][T19527]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1169.535760][T19527]  ? __lock_acquire+0x622/0x1c90
[ 1169.535832][T19527]  __sys_sendmsg+0x16d/0x220
[ 1169.535858][T19527]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1169.535904][T19527]  do_syscall_64+0xcd/0xfa0
[ 1169.535936][T19527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.535957][T19527] RIP: 0033:0x7fdc4398efc9
[ 1169.535975][T19527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1169.535995][T19527] RSP: 002b:00007fdc447a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1169.536014][T19527] RAX: ffffffffffffffda RBX: 00007fdc43be5fa0 RCX: 00007fdc4398efc9
[ 1169.536029][T19527] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[ 1169.536043][T19527] RBP: 00007fdc447a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1169.536055][T19527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1169.536068][T19527] R13: 00007fdc43be6038 R14: 00007fdc43be5fa0 R15: 00007ffc1a844108
[ 1169.536100][T19527]  </TASK>
[ 1169.545066][ T5870] usb 4-1: USB disconnect, device number 113
[ 1169.755437][T15780] Bluetooth: hci3: command 0x0405 tx timeout
[ 1169.763734][   T24] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[ 1169.885917][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1169.895277][   T24] usb 6-1: Product: syz
[ 1169.899500][   T24] usb 6-1: Manufacturer: syz
[ 1169.929809][   T24] usb 6-1: SerialNumber: syz
[ 1170.202034][T15780] Bluetooth: hci1: command 0x041b tx timeout
[ 1170.290326][T15780] Bluetooth: hci5: command 0x0405 tx timeout
[ 1170.360921][T15780] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1170.455220][T19539] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3178'.
[ 1170.520431][T15780] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1170.960656][ T5898] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.214/input/input69
[ 1170.995040][T19544] binder: 19536:19544 ioctl c0306201 200000000040 returned -22
[ 1171.006028][ T5898] input: failed to attach handler mousedev to device input69, error: -5
[ 1171.194094][T18218] usb 5-1: USB disconnect, device number 87
[ 1171.300333][T10716] usb 2-1: new high-speed USB device number 103 using dummy_hcd
[ 1171.577585][T19554] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1171.586015][T10716] usb 2-1: Using ep0 maxpacket: 8
[ 1171.593026][T10716] usb 2-1: config 162 has an invalid interface number: 231 but max is 0
[ 1171.670685][T10716] usb 2-1: config 162 has no interface number 0
[ 1171.678548][T10716] usb 2-1: config 162 interface 231 has no altsetting 0
[ 1171.702803][T10716] usb 2-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice=d1.4f
[ 1171.703494][   T24] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[ 1171.712066][T10716] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.730105][T10716] usb 2-1: Product: syz
[ 1171.734328][T10716] usb 2-1: Manufacturer: syz
[ 1171.765754][T10716] usb 2-1: SerialNumber: syz
[ 1171.801086][   T24] usb 6-1: USB disconnect, device number 51
[ 1171.801289][T15780] Bluetooth: hci3: command 0x0405 tx timeout
[ 1171.892274][ T5870] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[ 1172.026496][T10716] gspca_main: spca501-2.14.0 probing 0497:c001
[ 1172.047636][T10716] gspca_spca501: reg write: error -71
[ 1172.067534][T10716] spca501 2-1:162.231: Reg write failed for 0x02,0x07,0x05
[ 1172.167791][ T5870] usb 4-1: Using ep0 maxpacket: 32
[ 1172.181087][ T5870] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1172.195705][ T5870] usb 4-1: config 1 has no interface number 1
[ 1172.201975][ T5870] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1172.217257][ T5870] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1172.226375][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1172.234448][ T5870] usb 4-1: Product: syz
[ 1172.238654][ T5870] usb 4-1: Manufacturer: syz
[ 1172.319569][T15780] Bluetooth: hci1: command 0x041b tx timeout
[ 1172.360271][T15780] Bluetooth: hci5: command 0x0405 tx timeout
[ 1172.442734][T15780] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1172.580334][   T24] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1172.600263][T15780] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1172.649400][T10716] spca501 2-1:162.231: probe with driver spca501 failed with error -22
[ 1172.662652][T10716] usb 2-1: USB disconnect, device number 103
[ 1172.668806][ T5870] usb 4-1: SerialNumber: syz
[ 1172.680967][T19558] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3183'.
[ 1172.842534][   T24] usb 5-1: Using ep0 maxpacket: 16
[ 1172.890459][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1172.937816][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1172.960369][   T24] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[ 1173.015267][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1173.085008][   T24] usb 5-1: config 0 descriptor??
[ 1173.288204][    T9] kernel write not supported for file bpf-map (pid: 9 comm: kworker/0:0)
[ 1173.384196][T19580] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.3190' resets device
[ 1173.524357][   T24] hid-multitouch 0003:1FD2:6007.0035: unknown main item tag 0x0
[ 1173.566070][   T24] hid-multitouch 0003:1FD2:6007.0035: item fetching failed at offset 4/5
[ 1173.616730][   T24] hid-multitouch 0003:1FD2:6007.0035: probe with driver hid-multitouch failed with error -22
[ 1173.725502][T19561] bridge_slave_0: default FDB implementation only supports local addresses
[ 1173.952912][T19598] FAULT_INJECTION: forcing a failure.
[ 1173.952912][T19598] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1174.102701][T19598] CPU: 0 UID: 0 PID: 19598 Comm: syz.0.3194 Not tainted syzkaller #0 PREEMPT(full) 
[ 1174.102731][T19598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1174.102744][T19598] Call Trace:
[ 1174.102752][T19598]  <TASK>
[ 1174.102760][T19598]  dump_stack_lvl+0x16c/0x1f0
[ 1174.102794][T19598]  should_fail_ex+0x512/0x640
[ 1174.102820][T19598]  should_fail_alloc_page+0xe7/0x130
[ 1174.102845][T19598]  prepare_alloc_pages+0x3c2/0x610
[ 1174.102868][T19598]  ? rcu_is_watching+0x12/0xc0
[ 1174.102897][T19598]  __alloc_frozen_pages_noprof+0x18b/0x2470
[ 1174.102925][T19598]  ? __pfx_native_flush_tlb_one_user+0x10/0x10
[ 1174.102957][T19598]  ? __pfx___page_table_check_zero+0x10/0x10
[ 1174.102987][T19598]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1174.103026][T19598]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1174.103061][T19598]  ? smp_call_function_many_cond+0x1239/0x1600
[ 1174.103079][T19598]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1174.103095][T19598]  ? smp_call_function_many_cond+0x457/0x1600
[ 1174.103114][T19598]  ? __lock_acquire+0x622/0x1c90
[ 1174.103141][T19598]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1174.103171][T19598]  ? policy_nodemask+0xea/0x4e0
[ 1174.103198][T19598]  alloc_pages_mpol+0x1fb/0x550
[ 1174.103217][T19598]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1174.103234][T19598]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1174.103250][T19598]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1174.103265][T19598]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1174.103288][T19598]  ? rcu_read_unlock+0x2d/0xb0
[ 1174.103323][T19598]  do_wp_page+0x11d8/0x52b0
[ 1174.103355][T19598]  ? __pfx_do_wp_page+0x10/0x10
[ 1174.103370][T19598]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1174.103382][T19598]  ? ___pte_offset_map+0x2ad/0x4f0
[ 1174.103397][T19598]  __handle_mm_fault+0x1ae3/0x2aa0
[ 1174.103414][T19598]  ? mt_find+0x3e2/0xa20
[ 1174.103433][T19598]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1174.103458][T19598]  ? __pfx_mt_find+0x10/0x10
[ 1174.103495][T19598]  ? find_vma+0xbf/0x140
[ 1174.103508][T19598]  ? __pfx_find_vma+0x10/0x10
[ 1174.103521][T19598]  handle_mm_fault+0x589/0xd10
[ 1174.103536][T19598]  ? __pkru_allows_pkey+0x11/0xb0
[ 1174.103548][T19598]  do_user_addr_fault+0x7a6/0x1370
[ 1174.103561][T19598]  ? rcu_is_watching+0x12/0xc0
[ 1174.103589][T19598]  exc_page_fault+0x64/0xc0
[ 1174.103619][T19598]  asm_exc_page_fault+0x26/0x30
[ 1174.103639][T19598] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1174.103654][T19598] Code: 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1174.103665][T19598] RSP: 0018:ffffc9000b7f7d00 EFLAGS: 00050206
[ 1174.103678][T19598] RAX: 0000000000000001 RBX: 0000000000002800 RCX: 0000000000000f40
[ 1174.103685][T19598] RDX: 0000000000000000 RSI: ffff88804cc118c0 RDI: 0000200000006000
[ 1174.103693][T19598] RBP: 0000200000004740 R08: 0000000000000000 R09: ffffed10099824ff
[ 1174.103700][T19598] R10: ffff88804cc127ff R11: 0000000000000000 R12: ffff88804cc10000
[ 1174.103709][T19598] R13: 0000200000006f40 R14: 00007ffffffff000 R15: 0000000000000000
[ 1174.103738][T19598]  _copy_to_user+0xbb/0xd0
[ 1174.103766][T19598]  video_usercopy+0x684/0x1720
[ 1174.103796][T19598]  ? selinux_kernel_read_file+0xf1/0x130
[ 1174.103809][T19598]  ? __pfx_video_usercopy+0x10/0x10
[ 1174.103836][T19598]  v4l2_ioctl+0x1bd/0x250
[ 1174.103854][T19598]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1174.103884][T19598]  __x64_sys_ioctl+0x18e/0x210
[ 1174.103915][T19598]  do_syscall_64+0xcd/0xfa0
[ 1174.103939][T19598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.103950][T19598] RIP: 0033:0x7fdc4398efc9
[ 1174.103959][T19598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1174.103970][T19598] RSP: 002b:00007fdc447a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1174.103980][T19598] RAX: ffffffffffffffda RBX: 00007fdc43be5fa0 RCX: 00007fdc4398efc9
[ 1174.103988][T19598] RDX: 0000200000004780 RSI: 00000000c0205647 RDI: 0000000000000003
[ 1174.103997][T19598] RBP: 00007fdc447a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1174.104010][T19598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1174.104022][T19598] R13: 00007fdc43be6038 R14: 00007fdc43be5fa0 R15: 00007ffc1a844108
[ 1174.104058][T19598]  </TASK>
[ 1174.541438][T15780] Bluetooth: hci5: command 0x0405 tx timeout
[ 1174.543773][T11578] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1174.690581][T11578] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1174.908417][T19615] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19615 comm=syz.3.3197
[ 1174.951000][T19617] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19617 comm=syz.3.3198
[ 1174.964321][T19617] FAULT_INJECTION: forcing a failure.
[ 1174.964321][T19617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1174.979018][T19617] CPU: 0 UID: 0 PID: 19617 Comm: syz.3.3198 Not tainted syzkaller #0 PREEMPT(full) 
[ 1174.979035][T19617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1174.979042][T19617] Call Trace:
[ 1174.979046][T19617]  <TASK>
[ 1174.979051][T19617]  dump_stack_lvl+0x16c/0x1f0
[ 1174.979071][T19617]  should_fail_ex+0x512/0x640
[ 1174.979087][T19617]  _copy_from_user+0x2e/0xd0
[ 1174.979102][T19617]  copy_msghdr_from_user+0x98/0x160
[ 1174.979118][T19617]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1174.979139][T19617]  ___sys_sendmsg+0xfe/0x1d0
[ 1174.979154][T19617]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1174.979167][T19617]  ? __lock_acquire+0x622/0x1c90
[ 1174.979204][T19617]  __sys_sendmsg+0x16d/0x220
[ 1174.979218][T19617]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1174.979242][T19617]  do_syscall_64+0xcd/0xfa0
[ 1174.979259][T19617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.979271][T19617] RIP: 0033:0x7f87f538efc9
[ 1174.979281][T19617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1174.979292][T19617] RSP: 002b:00007f87f6229038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1174.979303][T19617] RAX: ffffffffffffffda RBX: 00007f87f55e5fa0 RCX: 00007f87f538efc9
[ 1174.979310][T19617] RDX: 0000000000004010 RSI: 0000200000000280 RDI: 0000000000000005
[ 1174.979317][T19617] RBP: 00007f87f6229090 R08: 0000000000000000 R09: 0000000000000000
[ 1174.979324][T19617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1174.979331][T19617] R13: 00007f87f55e6038 R14: 00007f87f55e5fa0 R15: 00007ffc450fc4b8
[ 1174.979347][T19617]  </TASK>
[ 1174.981075][ T5870] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1175.470353][   T24] usb 5-1: USB disconnect, device number 88
[ 1175.780248][T19621] netlink: 'syz.5.3195': attribute type 6 has an invalid length.
[ 1176.118444][ T5870] usb 4-1: USB disconnect, device number 114
[ 1176.430511][   T24] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 1176.612738][T18518] udevd[18518]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1176.731483][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1176.745874][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1176.815555][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1176.835598][T19640] binder: 19639:19640 unknown command 0
[ 1176.841457][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1176.849890][T19640] binder: 19639:19640 ioctl c0306201 200000000080 returned -22
[ 1176.866191][   T24] usb 5-1: config 0 descriptor??
[ 1176.944262][   T24] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1177.008680][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.038248][T10716] hid-generic 0006:0000:0006.0036: unknown main item tag 0x1
[ 1177.056001][T10716] hid-generic 0006:0000:0006.0036: item fetching failed at offset 7/157
[ 1177.082320][T10716] hid-generic 0006:0000:0006.0036: probe with driver hid-generic failed with error -22
[ 1177.193809][T19652] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1177.330306][   T24] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[ 1177.390536][T10716] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[ 1177.420286][T18218] usb 2-1: new high-speed USB device number 104 using dummy_hcd
[ 1177.450263][    T9] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[ 1177.481946][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1177.492149][   T24] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[ 1177.502118][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1177.512414][   T24] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[ 1177.523819][   T24] usb 6-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[ 1177.533050][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.541075][   T24] usb 6-1: Product: syz
[ 1177.545213][   T24] usb 6-1: Manufacturer: syz
[ 1177.549770][   T24] usb 6-1: SerialNumber: syz
[ 1177.557423][   T24] usb 6-1: config 0 descriptor??
[ 1177.565351][   T24] ums-isd200 6-1:0.0: USB Mass Storage device detected
[ 1177.572137][T10716] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1177.572451][T18218] usb 2-1: Using ep0 maxpacket: 8
[ 1177.582479][T10716] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1177.589550][T18218] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1177.596499][T10716] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1177.602723][T18218] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1177.610970][    T9] usb 1-1: Using ep0 maxpacket: 32
[ 1177.622288][T18218] usb 2-1: config 0 has no interfaces?
[ 1177.626556][T10716] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1177.635698][T18218] usb 2-1: New USB device found, idVendor=6d79, idProduct=4f80, bcdDevice=d7.15
[ 1177.650591][T18218] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.654882][T10716] usb 4-1: Product: syz
[ 1177.658862][T18218] usb 2-1: Product: syz
[ 1177.662836][    T9] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1177.667173][T18218] usb 2-1: Manufacturer: syz
[ 1177.679826][    T9] usb 1-1: config 1 has no interface number 1
[ 1177.680925][T18218] usb 2-1: SerialNumber: syz
[ 1177.686740][T10716] usb 4-1: Manufacturer: syz
[ 1177.696725][T18218] usb 2-1: config 0 descriptor??
[ 1177.700341][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1177.715528][T10716] usb 4-1: SerialNumber: syz
[ 1177.723225][T10716] usb 4-1: config 0 descriptor??
[ 1177.729763][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1177.739089][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.750057][T10716] usb 4-1: selecting invalid altsetting 0
[ 1177.755827][    T9] usb 1-1: Product: syz
[ 1177.761611][    T9] usb 1-1: Manufacturer: syz
[ 1177.767436][    T9] usb 1-1: SerialNumber: syz
[ 1177.835362][T19644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1177.845697][T19644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1177.920628][T11578] Bluetooth: hci3: unexpected event for opcode 0x0403
[ 1177.923223][T19644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1177.958548][T18218] usb 4-1: USB disconnect, device number 115
[ 1178.167756][T19644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1178.214201][   T30] audit: type=1400 audit(1178.197:1634): avc:  denied  { accept } for  pid=19647 comm="syz.3.3206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1178.330090][T19664] netlink: 'syz.1.3207': attribute type 4 has an invalid length.
[ 1178.338011][T19664] netlink: 17 bytes leftover after parsing attributes in process `syz.1.3207'.
[ 1178.364895][T19664] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[ 1179.380919][   T24] scsi host1: usb-storage 6-1:0.0
[ 1179.725471][   T24] usb 6-1: USB disconnect, device number 52
[ 1180.331717][ T5884] usb 5-1: USB disconnect, device number 89
[ 1180.876630][T19675] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1181.063205][    T9] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1181.092506][    T9] usb 1-1: USB disconnect, device number 75
[ 1181.165086][T19680] syzkaller1: entered promiscuous mode
[ 1181.172705][T19680] syzkaller1: entered allmulticast mode
[ 1181.183578][T19680] binder: 19679:19680 unknown command 0
[ 1181.189179][T19680] binder: 19679:19680 ioctl c0306201 200000000080 returned -22
[ 1181.300554][   T30] audit: type=1400 audit(1181.277:1635): avc:  denied  { write } for  pid=19679 comm="syz.0.3213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1181.327583][   T24] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[ 1181.335928][ T5884] usb 2-1: USB disconnect, device number 104
[ 1181.360750][T19683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3214'.
[ 1181.369671][T19683] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3214'.
[ 1181.458714][T19685] 9pnet_virtio: no channels available for device éq‰Y’3aK
[ 1181.492317][   T24] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1181.510561][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1181.525685][   T24] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1181.538554][   T24] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1181.548533][   T24] usb 6-1: Manufacturer: syz
[ 1181.557080][   T24] usb 6-1: config 0 descriptor??
[ 1181.760269][   T24] rc_core: IR keymap rc-hauppauge not found
[ 1181.766221][   T24] Registered IR keymap rc-empty
[ 1181.827721][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 1181.855844][T19695] xt_hashlimit: max too large, truncated to 1048576
[ 1181.866082][T19695] No such timeout policy "syz1"
[ 1181.878230][ T5884] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[ 1182.046480][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input70
[ 1182.141506][ T5884] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[ 1182.167125][T19697] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3219'.
[ 1182.211796][ T5884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1182.251104][T19697] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3219'.
[ 1182.275348][ T5884] usb 2-1: config 0 descriptor??
[ 1182.282131][T19697] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[ 1182.300735][    C1] igorplugusb 6-1:0.0: receive overflow invalid: 84
[ 1182.313694][T19697] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[ 1182.352143][   T30] audit: type=1400 audit(1182.317:1636): avc:  denied  { firmware_load } for  pid=19696 comm="syz.0.3219" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 1182.352810][T19697] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[ 1182.456036][   T30] audit: type=1400 audit(1182.437:1637): avc:  denied  { unmount } for  pid=18554 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1182.545774][   T30] audit: type=1326 audit(1182.527:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.5.3212" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdef378efc9 code=0x0
[ 1182.600473][T18218] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 1182.701383][ T5884] ath6kl: Unsupported hardware version: 0x0
[ 1182.707999][ T5884] ath6kl: Failed to init ath6kl core: -22
[ 1182.714266][ T5884] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -22
[ 1182.740592][T10716] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 1182.753429][T18218] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1182.762743][T18218] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1182.770819][T18218] usb 5-1: Product: syz
[ 1182.774979][T18218] usb 5-1: Manufacturer: syz
[ 1182.779556][T18218] usb 5-1: SerialNumber: syz
[ 1182.790035][T18218] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1182.810911][ T5884] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1182.944355][T10716] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1183.076468][T10716] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1183.092728][    T9] usb 2-1: USB disconnect, device number 105
[ 1183.109306][T10716] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1183.154894][T10716] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1183.189720][T10716] usb 4-1: config 0 descriptor??
[ 1183.228641][T10716] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1183.561194][   T24] usb 5-1: USB disconnect, device number 90
[ 1183.697498][T19716] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1183.980472][T18218] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[ 1184.162417][T18218] usb 2-1: Using ep0 maxpacket: 32
[ 1184.197371][T18218] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1184.208920][ T5884] usb 5-1: Service connection timeout for: 256
[ 1184.221024][T18218] usb 2-1: config 1 has no interface number 1
[ 1184.231096][ T5884] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1184.237414][T10716] usb 6-1: USB disconnect, device number 53
[ 1184.248922][T18218] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1184.262436][ T5884] ath9k_htc: Failed to initialize the device
[ 1184.283960][   T24] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1184.299030][T18218] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1184.320717][T18218] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1184.444713][T18218] usb 2-1: Product: syz
[ 1184.448897][T18218] usb 2-1: Manufacturer: syz
[ 1184.455799][T18218] usb 2-1: SerialNumber: syz
[ 1185.546610][T19737] tipc: Started in network mode
[ 1185.555306][T10716] usb 4-1: USB disconnect, device number 116
[ 1185.557641][T19737] tipc: Node identity 2269c7d818c9, cluster identity 4711
[ 1185.632533][T19737] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1185.781824][T19742] syzkaller0: entered promiscuous mode
[ 1185.788662][T19742] syzkaller0: entered allmulticast mode
[ 1186.537068][T19757] vcan0: tx drop: invalid sa for name 0x0000000000000003
[ 1186.557088][T19757] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3234'.
[ 1186.760808][   T24] tipc: Node number set to 983615448
[ 1187.160724][T18218] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1187.236629][T18218] usb 2-1: USB disconnect, device number 106
[ 1187.277502][T18518] udevd[18518]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1187.383414][T19764] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.3236' resets device
[ 1188.936021][T19737] tipc: Resetting bearer <eth:syzkaller0>
[ 1188.948497][T19736] tipc: Resetting bearer <eth:syzkaller0>
[ 1188.963499][T19736] tipc: Disabling bearer <eth:syzkaller0>
[ 1188.987512][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1188.997791][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.008961][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.027378][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.037364][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.046687][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.070326][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.187659][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.200851][T19762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[ 1189.523027][T19773] netdevsim netdevsim0 ªªªªª»: renamed from netdevsim0 (while UP)
[ 1190.277909][T11578] Bluetooth: hci3: ACL packet for unknown connection handle 201
[ 1190.819076][T19791] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1190.868212][T18218] libceph: connect (1)[c::]:6789 error -101
[ 1190.874490][T18218] libceph: mon0 (1)[c::]:6789 connect error
[ 1191.012035][    T9] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 1191.144289][   T24] libceph: connect (1)[c::]:6789 error -101
[ 1191.240383][T18218] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[ 1191.259256][T19799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19799 comm=syz.4.3247
[ 1191.273025][   T24] libceph: mon0 (1)[c::]:6789 connect error
[ 1191.280120][T19799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19799 comm=syz.4.3247
[ 1191.344170][T19795] ceph: No mds server is up or the cluster is laggy
[ 1191.404917][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 1191.423574][    T9] usb 4-1: config 0 has no interfaces?
[ 1191.429088][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1191.466215][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1191.475277][T18218] usb 6-1: Using ep0 maxpacket: 32
[ 1191.500598][T18218] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1191.532734][T18218] usb 6-1: config 1 has no interface number 1
[ 1191.555058][T18218] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1191.558755][    T9] usb 4-1: config 0 descriptor??
[ 1191.614380][T18218] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1191.636320][T19801] __nla_validate_parse: 44 callbacks suppressed
[ 1191.636336][T19801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3248'.
[ 1191.665460][T18218] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1191.710602][T18218] usb 6-1: Product: syz
[ 1191.714766][T18218] usb 6-1: Manufacturer: syz
[ 1191.742130][T19801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3248'.
[ 1191.752271][T18218] usb 6-1: SerialNumber: syz
[ 1191.919257][    T9] usb 4-1: USB disconnect, device number 117
[ 1191.968318][   T30] audit: type=1400 audit(1191.947:1639): avc:  denied  { getopt } for  pid=19802 comm="syz.0.3249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1192.010283][ T5917] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[ 1192.162438][ T5917] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[ 1192.179241][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1192.203513][ T5917] usb 5-1: config 0 descriptor??
[ 1192.390968][    T9] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 1192.567085][    T9] usb 4-1: Using ep0 maxpacket: 16
[ 1192.605381][    T9] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[ 1192.642737][    T9] usb 4-1: config 0 has no interface number 0
[ 1192.687730][    T9] usb 4-1: too many endpoints for config 0 interface 2 altsetting 0: 79, using maximum allowed: 30
[ 1192.717638][    T9] usb 4-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 79
[ 1192.740752][    T9] usb 4-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[ 1192.765237][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1192.774333][    T9] usb 4-1: Product: syz
[ 1192.779426][    T9] usb 4-1: Manufacturer: syz
[ 1192.786170][    T9] usb 4-1: SerialNumber: syz
[ 1192.791183][ T5917] ath6kl: Unsupported hardware version: 0x0
[ 1192.803801][    T9] usb 4-1: config 0 descriptor??
[ 1192.815279][ T5917] ath6kl: Failed to init ath6kl core: -22
[ 1192.830805][ T5917] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -22
[ 1192.873749][    T9] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[ 1193.033897][ T5884] usb 5-1: USB disconnect, device number 91
[ 1193.444437][   T30] audit: type=1400 audit(1193.427:1640): avc:  denied  { ioctl } for  pid=19813 comm="syz.1.3251" path="/dev/ptyq6" dev="devtmpfs" ino=125 ioctlcmd=0x5431 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1194.031918][T19818] netlink: 'syz.4.3252': attribute type 6 has an invalid length.
[ 1194.228773][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x00, error -71)
[ 1194.230876][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x01, error -71)
[ 1194.232381][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0409, value 0x0D, error -71)
[ 1194.235320][    T9] gspca_xirlink_cit: Failed to write a register (index 0x040A, value 0x02, error -71)
[ 1194.240424][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0405, value 0x18, error -71)
[ 1194.240740][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0435, value 0x08, error -71)
[ 1194.241191][    T9] gspca_xirlink_cit: Failed to write a register (index 0x040B, value 0x26, error -71)
[ 1194.241746][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -71)
[ 1194.242227][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -71)
[ 1194.243294][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -71)
[ 1194.244887][    T9] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -71)
[ 1194.246843][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -71)
[ 1194.247303][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -71)
[ 1194.247604][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -71)
[ 1194.248072][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -71)
[ 1194.355712][    T9] input: xirlink-cit as /devices/platform/dummy_hcd.3/usb4/4-1/input/input71
[ 1194.456020][    T9] usb 4-1: USB disconnect, device number 118
[ 1195.107041][T18218] usb 6-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1195.184322][T18218] usb 6-1: USB disconnect, device number 54
[ 1195.304266][T18593] udevd[18593]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1195.709987][T19838] sp0: Synchronizing with TNC
[ 1195.748996][T19838] sp0: Found TNC
[ 1195.845125][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1195.873822][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1195.934216][    T9] usb 4-1: new full-speed USB device number 119 using dummy_hcd
[ 1195.975529][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1195.984811][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1195.996655][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1196.005812][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1196.014970][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1196.026628][T19840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3258'.
[ 1196.211533][    T9] usb 4-1: config 0 has no interfaces?
[ 1196.217108][    T9] usb 4-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[ 1196.236266][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1196.250830][ T5917] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1196.302571][    T9] usb 4-1: config 0 descriptor??
[ 1196.421746][ T5917] usb 1-1: Using ep0 maxpacket: 32
[ 1196.450595][ T5884] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[ 1196.460905][ T5917] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1196.486286][ T5917] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1196.500302][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1196.518945][ T5917] usb 1-1: Product: syz
[ 1196.524603][ T5917] usb 1-1: Manufacturer: syz
[ 1196.529630][ T5917] usb 1-1: SerialNumber: syz
[ 1196.536455][ T5917] usb 1-1: config 0 descriptor??
[ 1196.542025][T19842] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1196.569305][ T5917] hub 1-1:0.0: bad descriptor, ignoring hub
[ 1196.585113][ T5917] hub 1-1:0.0: probe with driver hub failed with error -5
[ 1196.630756][ T5884] usb 2-1: Using ep0 maxpacket: 32
[ 1196.703102][ T5884] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1196.740672][ T5884] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1196.754671][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1196.797130][ T5884] usb 2-1: Product: syz
[ 1196.817173][ T5884] usb 2-1: Manufacturer: syz
[ 1196.831864][ T5884] usb 2-1: SerialNumber: syz
[ 1196.856162][ T5884] usb 2-1: config 0 descriptor??
[ 1196.895112][T19844] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1196.936970][ T5884] hub 2-1:0.0: bad descriptor, ignoring hub
[ 1196.962029][ T5884] hub 2-1:0.0: probe with driver hub failed with error -5
[ 1196.989020][ T5884] chaoskey 2-1:0.0: Unable to register with hwrng
[ 1198.978880][T10716] usb 4-1: USB disconnect, device number 119
[ 1199.103983][T19851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1199.112627][T19851] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1199.385051][T19860] __nla_validate_parse: 46 callbacks suppressed
[ 1199.385108][T19860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3262'.
[ 1199.542562][T19860] siw: device registration error -23
[ 1199.612095][   T24] usb 2-1: USB disconnect, device number 107
[ 1199.699213][T19862] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3263'.
[ 1199.943868][ T5884] usb 1-1: USB disconnect, device number 76
[ 1200.823252][T19879] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3268'.
[ 1201.320833][ T5870] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[ 1201.648226][ T5870] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1201.795820][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1202.076095][ T5870] usb 2-1: Product: syz
[ 1202.096281][ T5870] usb 2-1: Manufacturer: syz
[ 1202.111479][ T5870] usb 2-1: SerialNumber: syz
[ 1202.196842][ T5870] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1202.235881][ T5884] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1202.242340][T19903] FAULT_INJECTION: forcing a failure.
[ 1202.242340][T19903] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1202.302507][T19903] CPU: 0 UID: 0 PID: 19903 Comm: syz.0.3272 Not tainted syzkaller #0 PREEMPT(full) 
[ 1202.302537][T19903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1202.302550][T19903] Call Trace:
[ 1202.302558][T19903]  <TASK>
[ 1202.302566][T19903]  dump_stack_lvl+0x16c/0x1f0
[ 1202.302594][T19903]  should_fail_ex+0x512/0x640
[ 1202.302612][T19903]  should_fail_alloc_page+0xe7/0x130
[ 1202.302626][T19903]  prepare_alloc_pages+0x3c2/0x610
[ 1202.302640][T19903]  ? look_up_lock_class+0x59/0x150
[ 1202.302668][T19903]  __alloc_frozen_pages_noprof+0x18b/0x2470
[ 1202.302705][T19903]  ? __lock_acquire+0xb8a/0x1c90
[ 1202.302741][T19903]  ? kasan_save_stack+0x33/0x60
[ 1202.302759][T19903]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1202.302778][T19903]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1202.302792][T19903]  ? rcu_is_watching+0x12/0xc0
[ 1202.302806][T19903]  ? trace_contention_end+0xdd/0x130
[ 1202.302817][T19903]  ? find_held_lock+0x2b/0x80
[ 1202.302842][T19903]  ? binder_alloc_new_buf+0x1590/0x3190
[ 1202.302872][T19903]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1202.302901][T19903]  ? policy_nodemask+0xea/0x4e0
[ 1202.302925][T19903]  alloc_pages_mpol+0x1fb/0x550
[ 1202.302939][T19903]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1202.302951][T19903]  ? rcu_is_watching+0x12/0xc0
[ 1202.302965][T19903]  ? kfree+0x252/0x6d0
[ 1202.302988][T19903]  alloc_pages_noprof+0x131/0x390
[ 1202.303013][T19903]  binder_alloc_new_buf+0x17d2/0x3190
[ 1202.303060][T19903]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[ 1202.303095][T19903]  binder_transaction+0x1d09/0x9d10
[ 1202.303126][T19903]  ? __lock_acquire+0x622/0x1c90
[ 1202.303143][T19903]  ? __pfx_binder_transaction+0x10/0x10
[ 1202.303175][T19903]  ? find_held_lock+0x2b/0x80
[ 1202.303201][T19903]  ? is_bpf_text_address+0x8a/0x1a0
[ 1202.303229][T19903]  ? __lock_acquire+0xb8a/0x1c90
[ 1202.303266][T19903]  ? find_held_lock+0x2b/0x80
[ 1202.303279][T19903]  ? __might_fault+0xe3/0x190
[ 1202.303295][T19903]  ? __might_fault+0xe3/0x190
[ 1202.303309][T19903]  ? __might_fault+0x13b/0x190
[ 1202.303340][T19903]  binder_thread_write+0xaae/0x4e70
[ 1202.303383][T19903]  ? __pfx_binder_thread_write+0x10/0x10
[ 1202.303416][T19903]  ? binder_debug+0xde/0x1a0
[ 1202.303437][T19903]  ? binder_debug+0xde/0x1a0
[ 1202.303450][T19903]  ? __pfx_binder_debug+0x10/0x10
[ 1202.303464][T19903]  ? find_held_lock+0x2b/0x80
[ 1202.303485][T19903]  binder_ioctl+0x26db/0x73b0
[ 1202.303525][T19903]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1202.303566][T19903]  ? __pfx_binder_ioctl+0x10/0x10
[ 1202.303595][T19903]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1202.303610][T19903]  ? do_vfs_ioctl+0x128/0x14f0
[ 1202.303626][T19903]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1202.303641][T19903]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1202.303663][T19903]  ? hook_file_ioctl_common+0x145/0x410
[ 1202.303699][T19903]  ? selinux_file_ioctl+0x180/0x270
[ 1202.303720][T19903]  ? selinux_file_ioctl+0xb4/0x270
[ 1202.303744][T19903]  ? __pfx_binder_ioctl+0x10/0x10
[ 1202.303768][T19903]  __x64_sys_ioctl+0x18e/0x210
[ 1202.303784][T19903]  do_syscall_64+0xcd/0xfa0
[ 1202.303801][T19903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.303813][T19903] RIP: 0033:0x7fdc4398efc9
[ 1202.303824][T19903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1202.303843][T19903] RSP: 002b:00007fdc447a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1202.303863][T19903] RAX: ffffffffffffffda RBX: 00007fdc43be5fa0 RCX: 00007fdc4398efc9
[ 1202.303877][T19903] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000004
[ 1202.303891][T19903] RBP: 00007fdc447a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1202.303904][T19903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1202.303916][T19903] R13: 00007fdc43be6038 R14: 00007fdc43be5fa0 R15: 00007ffc1a844108
[ 1202.303938][T19903]  </TASK>
[ 1202.952040][ T5917] IPVS: starting estimator thread 0...
[ 1203.036290][T10716] usb 2-1: USB disconnect, device number 108
[ 1203.080485][T19912] IPVS: using max 31 ests per chain, 74400 per kthread
[ 1203.152090][ T5884] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1203.190096][ T5884] ath9k_htc: Failed to initialize the device
[ 1203.229594][T10716] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1203.260700][ T5917] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[ 1203.390286][ T5917] usb 1-1: device descriptor read/64, error -71
[ 1203.742166][ T5917] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1203.940281][ T5917] usb 1-1: device descriptor read/64, error -71
[ 1204.068278][ T5917] usb usb1-port1: attempt power cycle
[ 1204.570326][ T5917] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1204.602839][ T5917] usb 1-1: device descriptor read/8, error -71
[ 1204.672220][T19942] binder: 19937:19942 ioctl c0306201 200000000040 returned -14
[ 1204.851586][ T5917] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1204.893633][T19947] tipc: Started in network mode
[ 1204.898617][T19947] tipc: Node identity 0ea7c584568e, cluster identity 4711
[ 1204.900949][ T5917] usb 1-1: device descriptor read/8, error -71
[ 1204.905890][T19947] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1204.945113][T19947] syzkaller0: MTU too low for tipc bearer
[ 1204.950896][T19947] tipc: Disabling bearer <eth:syzkaller0>
[ 1205.020499][ T5917] usb usb1-port1: unable to enumerate USB device
[ 1205.095912][   T30] audit: type=1400 audit(1205.077:1641): avc:  denied  { listen } for  pid=19951 comm="syz.1.3281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1205.098015][T19961] syzkaller0: entered promiscuous mode
[ 1205.116939][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1205.137306][T19961] syzkaller0: entered allmulticast mode
[ 1205.281073][T19968] binder: 19966:19968 ioctl c0306201 200000000240 returned -11
[ 1205.290259][T18218] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[ 1205.420342][T18218] usb 6-1: device descriptor read/64, error -71
[ 1205.660392][T18218] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[ 1205.789611][   T30] audit: type=1326 audit(1205.767:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1205.877457][   T30] audit: type=1326 audit(1205.767:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1205.900341][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1205.907004][   T30] audit: type=1326 audit(1205.767:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1205.933328][   T30] audit: type=1326 audit(1205.767:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1205.970550][T18218] usb 6-1: device descriptor read/64, error -71
[ 1205.973446][   T30] audit: type=1326 audit(1205.767:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1206.000219][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1206.010003][   T30] audit: type=1326 audit(1205.767:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1206.032986][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1206.052706][   T30] audit: type=1326 audit(1205.767:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1206.081904][   T30] audit: type=1326 audit(1205.767:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1206.104887][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1206.120870][   T30] audit: type=1326 audit(1205.767:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19951 comm="syz.1.3281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b178efc9 code=0x7fc00000
[ 1206.144354][T18218] usb usb6-port1: attempt power cycle
[ 1206.370346][ T5870] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1206.490282][T18218] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[ 1206.533975][ T5870] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1206.537330][T19985] batadv1: entered promiscuous mode
[ 1206.543772][T18218] usb 6-1: device descriptor read/8, error -71
[ 1206.555523][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1206.563708][ T5870] usb 1-1: Product: syz
[ 1206.567919][ T5870] usb 1-1: Manufacturer: syz
[ 1206.572588][ T5870] usb 1-1: SerialNumber: syz
[ 1206.598959][ T5870] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1206.622969][ T5884] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1206.711523][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.724510][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.738257][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.747574][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.756631][    T9] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[ 1206.765999][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.776382][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.791372][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.801092][T18218] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[ 1206.817837][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.827036][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.836284][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3293'.
[ 1206.846061][T18218] usb 6-1: device descriptor read/8, error -71
[ 1206.913497][    T9] usb 2-1: config 0 has an invalid interface number: 83 but max is 0
[ 1206.960289][    T9] usb 2-1: config 0 has no interface number 0
[ 1206.961171][T18218] usb usb6-port1: unable to enumerate USB device
[ 1207.260444][    T9] usb 2-1: config 0 interface 83 altsetting 0 endpoint 0x8B has an invalid bInterval 97, changing to 7
[ 1207.290502][    T9] usb 2-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid maxpacket 24929, setting to 1024
[ 1207.302167][    T9] usb 2-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[ 1207.314071][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.355329][    T9] usb 2-1: config 0 descriptor??
[ 1207.400822][T10716] IPVS: starting estimator thread 0...
[ 1207.421972][    T9] ttusbir 2-1:0.83: cannot find expected altsetting
[ 1207.501750][T19995] IPVS: using max 33 ests per chain, 79200 per kthread
[ 1207.550941][    T9] usb 1-1: USB disconnect, device number 81
[ 1208.026662][ T5884] usb 1-1: Service connection timeout for: 256
[ 1208.041811][ T5884] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1208.052443][ T5884] ath9k_htc: Failed to initialize the device
[ 1208.084357][    T9] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1208.454091][ T5884] usb 2-1: USB disconnect, device number 109
[ 1209.760301][T10716] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 1209.888824][T20037] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 1209.990215][T10716] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1210.394944][T10716] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1210.410623][T10716] usb 5-1: Product: syz
[ 1210.417407][T10716] usb 5-1: Manufacturer: syz
[ 1210.424388][T10716] usb 5-1: SerialNumber: syz
[ 1210.720295][ T5884] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1210.872011][ T5884] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1210.887171][ T5884] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1210.914579][ T5884] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1210.932915][ T5884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1210.959925][ T5884] usb 2-1: config 0 descriptor??
[ 1210.975662][ T5884] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1212.565256][T20081] netlink: 'syz.5.3314': attribute type 6 has an invalid length.
[ 1212.866046][T10716] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1212.928823][T10716] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1212.941918][T10716] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1212.955945][T10716] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[ 1213.070333][T10716] usb 5-1: USB disconnect, device number 92
[ 1213.477226][ T5917] usb 2-1: USB disconnect, device number 110
[ 1213.484578][T15780] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1213.690261][    T9] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[ 1214.535160][    T9] usb 6-1: device descriptor read/64, error -71
[ 1214.730439][T20096] netlink: 'syz.4.3319': attribute type 1 has an invalid length.
[ 1214.738186][T20096] __nla_validate_parse: 90 callbacks suppressed
[ 1214.738204][T20096] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3319'.
[ 1214.817685][    T9] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[ 1215.380278][    T9] usb 6-1: device descriptor read/64, error -71
[ 1215.490652][    T9] usb usb6-port1: attempt power cycle
[ 1215.629741][T20113] FAULT_INJECTION: forcing a failure.
[ 1215.629741][T20113] name failslab, interval 1, probability 0, space 0, times 0
[ 1215.643122][T20113] CPU: 0 UID: 0 PID: 20113 Comm: syz.3.3322 Not tainted syzkaller #0 PREEMPT(full) 
[ 1215.643150][T20113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1215.643163][T20113] Call Trace:
[ 1215.643171][T20113]  <TASK>
[ 1215.643180][T20113]  dump_stack_lvl+0x16c/0x1f0
[ 1215.643216][T20113]  should_fail_ex+0x512/0x640
[ 1215.643245][T20113]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[ 1215.643279][T20113]  should_failslab+0xc2/0x120
[ 1215.643303][T20113]  kmem_cache_alloc_noprof+0x75/0x6e0
[ 1215.643333][T20113]  ? __mpol_dup+0x74/0x380
[ 1215.643364][T20113]  ? __mpol_dup+0x74/0x380
[ 1215.643387][T20113]  __mpol_dup+0x74/0x380
[ 1215.643412][T20113]  ? __pfx___mpol_dup+0x10/0x10
[ 1215.643438][T20113]  ? sp_alloc+0x27/0x160
[ 1215.643470][T20113]  sp_alloc+0x4d/0x160
[ 1215.643497][T20113]  mpol_shared_policy_init+0x303/0x3a0
[ 1215.643527][T20113]  ? __pfx_mpol_shared_policy_init+0x10/0x10
[ 1215.643557][T20113]  ? shmem_get_inode+0xbc9/0xfb0
[ 1215.643588][T20113]  shmem_get_inode+0xbdd/0xfb0
[ 1215.643620][T20113]  shmem_mknod+0x1a8/0x450
[ 1215.643649][T20113]  ? __pfx_shmem_create+0x10/0x10
[ 1215.643672][T20113]  lookup_open.isra.0+0x11d3/0x1580
[ 1215.643710][T20113]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1215.643746][T20113]  ? find_held_lock+0x2b/0x80
[ 1215.643780][T20113]  ? __pfx_down_write+0x10/0x10
[ 1215.643809][T20113]  path_openat+0x893/0x2cb0
[ 1215.643842][T20113]  ? __pfx_path_openat+0x10/0x10
[ 1215.643873][T20113]  do_filp_open+0x20b/0x470
[ 1215.643896][T20113]  ? __pfx_do_filp_open+0x10/0x10
[ 1215.643941][T20113]  ? _raw_spin_unlock+0x28/0x50
[ 1215.643966][T20113]  ? alloc_fd+0x471/0x7d0
[ 1215.643996][T20113]  do_sys_openat2+0x11b/0x1d0
[ 1215.644022][T20113]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1215.644050][T20113]  ? __pfx___schedule+0x10/0x10
[ 1215.644075][T20113]  ? __fget_files+0x20e/0x3c0
[ 1215.644103][T20113]  __x64_sys_open+0x153/0x1e0
[ 1215.644130][T20113]  ? __pfx___x64_sys_open+0x10/0x10
[ 1215.644163][T20113]  ? rcu_is_watching+0x12/0xc0
[ 1215.644193][T20113]  do_syscall_64+0xcd/0xfa0
[ 1215.644225][T20113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.644250][T20113] RIP: 0033:0x7f87f538efc9
[ 1215.644267][T20113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1215.644287][T20113] RSP: 002b:00007f87f61e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1215.644307][T20113] RAX: ffffffffffffffda RBX: 00007f87f55e6180 RCX: 00007f87f538efc9
[ 1215.644321][T20113] RDX: 0000000000000001 RSI: 0000000000101042 RDI: 0000200000000000
[ 1215.644335][T20113] RBP: 00007f87f61e7090 R08: 0000000000000000 R09: 0000000000000000
[ 1215.644348][T20113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1215.644361][T20113] R13: 00007f87f55e6218 R14: 00007f87f55e6180 R15: 00007ffc450fc4b8
[ 1215.644393][T20113]  </TASK>
[ 1215.924796][T20109] netlink: 'syz.4.3323': attribute type 6 has an invalid length.
[ 1216.219076][    T9] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[ 1216.363880][    T9] usb 6-1: device descriptor read/8, error -71
[ 1216.566200][T20126] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3328'.
[ 1216.708218][T20127] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3327'.
[ 1218.743962][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1218.766467][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1218.800582][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1218.809442][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1218.949773][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1219.016129][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1219.048731][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1219.384276][ T5917] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1219.650291][ T5917] usb 5-1: Using ep0 maxpacket: 32
[ 1219.656871][ T5917] usb 5-1: config 0 has no interfaces?
[ 1219.662827][ T5917] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1219.681878][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1219.703529][ T5917] usb 5-1: config 0 descriptor??
[ 1219.720756][T15404] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[ 1219.872387][T15404] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1219.887753][T15404] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1219.904450][T15404] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1219.917781][T15404] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1219.930271][T15404] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1219.931603][T18218] usb 5-1: USB disconnect, device number 93
[ 1219.944934][T15404] usb 2-1: config 0 descriptor??
[ 1220.080340][ T5917] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[ 1220.240343][ T5917] usb 6-1: Using ep0 maxpacket: 32
[ 1220.264720][ T5917] usb 6-1: config 0 has an invalid interface number: 183 but max is 0
[ 1220.275906][ T5917] usb 6-1: config 0 has no interface number 0
[ 1220.305259][ T5917] usb 6-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=24.c5
[ 1220.324561][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1220.344101][ T5917] usb 6-1: Product: syz
[ 1220.354867][ T5917] usb 6-1: Manufacturer: syz
[ 1220.364884][ T5917] usb 6-1: SerialNumber: syz
[ 1220.390926][ T5917] usb 6-1: config 0 descriptor??
[ 1220.466807][T20071] Set syz1 is full, maxelem 65536 reached
[ 1220.482773][T18218] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1220.585140][T15404] usbhid 2-1:0.0: can't add hid device: -71
[ 1220.591399][T15404] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1220.744052][T15404] usb 2-1: USB disconnect, device number 111
[ 1220.750263][ T5884] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1220.770318][T18218] usb 5-1: Using ep0 maxpacket: 16
[ 1220.781346][T18218] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[ 1220.895097][T17817] Bluetooth: hci4: ACL packet for unknown connection handle 201
[ 1221.351911][T18218] usb 5-1: config 0 has no interface number 0
[ 1221.362640][T18218] usb 5-1: too many endpoints for config 0 interface 2 altsetting 0: 79, using maximum allowed: 30
[ 1221.374074][T18218] usb 5-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 79
[ 1221.492790][T18218] usb 5-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[ 1221.502351][T18218] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1221.514004][T18218] usb 5-1: Product: syz
[ 1221.518235][T18218] usb 5-1: Manufacturer: syz
[ 1221.522954][T18218] usb 5-1: SerialNumber: syz
[ 1221.532721][T18218] usb 5-1: config 0 descriptor??
[ 1221.541371][T18218] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[ 1221.563987][ T5884] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1221.575306][ T5884] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1221.590401][ T5884] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1221.599684][ T5884] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.734429][ T5884] usb 4-1: config 0 descriptor??
[ 1221.808542][ T5884] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1222.170006][T20170] __nla_validate_parse: 47 callbacks suppressed
[ 1222.170041][T20170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3340'.
[ 1222.704747][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x00, error -71)
[ 1222.718761][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x01, error -71)
[ 1222.729628][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0409, value 0x0D, error -71)
[ 1222.768020][T18218] gspca_xirlink_cit: Failed to write a register (index 0x040A, value 0x02, error -71)
[ 1222.824493][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0405, value 0x18, error -71)
[ 1222.841707][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0435, value 0x08, error -71)
[ 1222.853048][T18218] gspca_xirlink_cit: Failed to write a register (index 0x040B, value 0x26, error -71)
[ 1222.876999][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -71)
[ 1222.975958][T18218] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -71)
[ 1222.988820][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -71)
[ 1223.304673][T18218] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -71)
[ 1223.430350][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -71)
[ 1223.456151][T18218] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -71)
[ 1223.492238][T18218] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -71)
[ 1223.506922][T18218] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -71)
[ 1223.539937][T18218] input: xirlink-cit as /devices/platform/dummy_hcd.4/usb5/5-1/input/input73
[ 1223.595465][T18218] usb 5-1: USB disconnect, device number 94
[ 1223.830171][ T5917] em28xx 6-1:0.183: New device syz syz @ 480 Mbps (eb1a:e303, interface 183, class 183)
[ 1223.892235][T20186] netlink: 'syz.4.3344': attribute type 6 has an invalid length.
[ 1223.915890][T15404] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1223.969467][T18218] usb 4-1: USB disconnect, device number 120
[ 1224.187175][ T5917] em28xx 6-1:0.183: Video interface 183 found: bulk
[ 1224.274248][ T5917] em28xx 6-1:0.183: unknown em28xx chip ID (0)
[ 1224.311455][T20190] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=20190 comm=syz.5.3347
[ 1224.361461][T15404] usb 2-1: Using ep0 maxpacket: 8
[ 1224.375204][T15404] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1224.398555][T15404] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1224.419698][ T5917] em28xx 6-1:0.183: reading from i2c device at 0xa0 failed (error=-5)
[ 1224.433415][T15404] usb 2-1: Product: syz
[ 1224.438729][T15404] usb 2-1: Manufacturer: syz
[ 1224.445191][ T5917] em28xx 6-1:0.183: board has no eeprom
[ 1224.451769][T15404] usb 2-1: SerialNumber: syz
[ 1224.459079][T15404] usb 2-1: config 0 descriptor??
[ 1224.483750][T15404] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1224.510567][ T5917] em28xx 6-1:0.183: Identified as Kaiomy TVnPC U2 (card=63)
[ 1224.520994][ T5870] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1224.528096][ T5917] em28xx 6-1:0.183: analog set to bulk mode.
[ 1224.543934][    T9] em28xx 6-1:0.183: Registering V4L2 extension
[ 1224.566270][ T5917] usb 6-1: USB disconnect, device number 63
[ 1224.591516][ T5917] em28xx 6-1:0.183: Disconnecting em28xx
[ 1224.699337][ T5870] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1224.739674][ T5870] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[ 1224.849186][    T9] i2c i2c-1: Invalid 7-bit I2C address 0x00
[ 1224.871320][ T5870] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1224.881768][ T5870] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[ 1224.963053][ T5870] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[ 1225.002753][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.021278][ T5870] usb 1-1: Product: syz
[ 1225.028108][ T5870] usb 1-1: Manufacturer: syz
[ 1225.034344][    T9] tuner: 1-0061: Tuner -1 found with type(s) Radio TV.
[ 1225.034918][ T5870] usb 1-1: SerialNumber: syz
[ 1225.373231][ T5870] usb 1-1: config 0 descriptor??
[ 1225.493639][ T5870] ums-isd200 1-1:0.0: USB Mass Storage device detected
[ 1225.544338][    T9] DVB: Unable to find symbol xc2028_attach()
[ 1225.550467][    T9] tuner: 1-0061: Tuner has no way to set tv freq
[ 1225.556862][    T9] em28xx 6-1:0.183: Config register raw data: 0xffffffed
[ 1225.577457][    T9] em28xx 6-1:0.183: AC97 chip type couldn't be determined
[ 1225.586720][    T9] em28xx 6-1:0.183: No AC97 audio processor
[ 1225.593032][    T9] tuner: 1-0061: Tuner has no way to set tv freq
[ 1225.607732][    T9] videodev: could not get a free minor
[ 1225.613349][    T9] em28xx 6-1:0.183: can't register radio device
[ 1225.619607][    T9] em28xx 6-1:0.183: V4L2 device video103 deregistered
[ 1225.644096][    T9] em28xx 6-1:0.183: Registering input extension
[ 1225.651447][ T5917] em28xx 6-1:0.183: Closing input extension
[ 1225.675974][ T5917] em28xx 6-1:0.183: Freeing device
[ 1225.777268][T20188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1225.810563][T20188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1225.960257][T15404] gspca_sq930x: reg_w 0105 0c00 failed -71
[ 1226.200506][ T5884] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1226.220263][T15404] gspca_sq930x: Sensor ov9630 not yet treated
[ 1226.292817][T15404] sq930x 2-1:0.0: probe with driver sq930x failed with error -22
[ 1226.389018][ T5884] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1226.411779][T15404] usb 2-1: USB disconnect, device number 112
[ 1226.414750][ T5884] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1226.504280][ T5884] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1226.515935][ T5870] scsi host1: usb-storage 1-1:0.0
[ 1226.894021][ T5884] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1226.922235][ T5870] usb 1-1: USB disconnect, device number 82
[ 1226.947479][ T5884] usb 4-1: config 0 descriptor??
[ 1226.999817][ T5884] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1227.508578][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 1227.508595][   T30] audit: type=1400 audit(1227.477:1708): avc:  denied  { mount } for  pid=20241 comm="syz.1.3360" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1227.771104][ T5884] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[ 1228.035386][   T30] audit: type=1400 audit(1227.947:1709): avc:  denied  { unmount } for  pid=17814 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1228.098395][T20257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3364'.
[ 1228.301946][ T5884] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1228.311992][ T5884] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[ 1228.823646][ T5884] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1228.866546][ T5884] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[ 1228.878823][ T5884] usb 6-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[ 1228.888092][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1228.896982][ T5884] usb 6-1: Product: syz
[ 1228.901714][ T5884] usb 6-1: Manufacturer: syz
[ 1228.906470][ T5884] usb 6-1: SerialNumber: syz
[ 1228.946699][ T5884] usb 6-1: config 0 descriptor??
[ 1228.981003][ T5884] ums-isd200 6-1:0.0: USB Mass Storage device detected
[ 1229.173118][ T5917] usb 4-1: USB disconnect, device number 121
[ 1229.232267][T20248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1229.240893][T20248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1229.296584][T17817] Bluetooth: hci3: unexpected event for opcode 0x0403
[ 1229.574999][ T5884] scsi host1: usb-storage 6-1:0.0
[ 1229.653317][ T5884] usb 6-1: USB disconnect, device number 64
[ 1230.290385][T10716] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1230.311204][T20298] netlink: 'syz.5.3372': attribute type 6 has an invalid length.
[ 1230.771452][T10716] usb 2-1: Using ep0 maxpacket: 8
[ 1230.784766][T10716] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1230.794153][T10716] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1230.811487][T10716] usb 2-1: config 0 has no interfaces?
[ 1230.844140][T10716] usb 2-1: New USB device found, idVendor=6d79, idProduct=4f80, bcdDevice=d7.15
[ 1230.853313][T15404] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1230.863426][T10716] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1230.872483][T10716] usb 2-1: Product: syz
[ 1230.876713][T10716] usb 2-1: Manufacturer: syz
[ 1230.892786][T10716] usb 2-1: SerialNumber: syz
[ 1230.910002][T10716] usb 2-1: config 0 descriptor??
[ 1231.014050][T15404] usb 5-1: config 0 has an invalid interface number: 83 but max is 0
[ 1231.030226][T15404] usb 5-1: config 0 has no interface number 0
[ 1231.040276][T15404] usb 5-1: config 0 interface 83 altsetting 0 endpoint 0x8B has an invalid bInterval 97, changing to 7
[ 1231.051639][T15404] usb 5-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid maxpacket 24929, setting to 1024
[ 1231.073198][T15404] usb 5-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[ 1231.534245][T20321] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[ 1232.378882][T15404] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1232.414485][T15404] usb 5-1: config 0 descriptor??
[ 1233.441243][T15404] ttusbir 5-1:0.83: cannot find expected altsetting
[ 1233.647590][   T30] audit: type=1400 audit(1233.607:1710): avc:  denied  { bind } for  pid=20313 comm="syz.0.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1233.729234][ T6571] Bluetooth: Error in BCSP hdr checksum
[ 1233.946226][   T12] Bluetooth: Error in BCSP hdr checksum
[ 1234.055966][T15404] usb 5-1: USB disconnect, device number 95
[ 1234.200496][ T7497] Bluetooth: Error in BCSP hdr checksum
[ 1234.242573][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.280796][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.307623][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.346935][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.389550][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.411585][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.430823][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.479866][  T910] usb 2-1: USB disconnect, device number 113
[ 1234.550488][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.561386][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1234.619653][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1235.489853][T17817] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1235.496628][T11578] Bluetooth: hci0: command 0x1003 tx timeout
[ 1235.687809][T20363] fuse: Bad value for 'rootmode'
[ 1235.697135][T20363] FAULT_INJECTION: forcing a failure.
[ 1235.697135][T20363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1235.730421][T20363] CPU: 0 UID: 0 PID: 20363 Comm: syz.4.3387 Not tainted syzkaller #0 PREEMPT(full) 
[ 1235.730451][T20363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1235.730463][T20363] Call Trace:
[ 1235.730470][T20363]  <TASK>
[ 1235.730479][T20363]  dump_stack_lvl+0x16c/0x1f0
[ 1235.730512][T20363]  should_fail_ex+0x512/0x640
[ 1235.730547][T20363]  _copy_to_user+0x32/0xd0
[ 1235.730574][T20363]  simple_read_from_buffer+0xcb/0x170
[ 1235.730607][T20363]  proc_fail_nth_read+0x197/0x240
[ 1235.730633][T20363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1235.730659][T20363]  ? rw_verify_area+0xcf/0x6c0
[ 1235.730687][T20363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1235.730711][T20363]  vfs_read+0x1e4/0xcf0
[ 1235.730735][T20363]  ? __pfx___mutex_lock+0x10/0x10
[ 1235.730754][T20363]  ? __pfx_vfs_read+0x10/0x10
[ 1235.730782][T20363]  ? __fget_files+0x20e/0x3c0
[ 1235.730812][T20363]  ksys_read+0x12a/0x250
[ 1235.730831][T20363]  ? __pfx_ksys_read+0x10/0x10
[ 1235.730849][T20363]  ? fput+0x9b/0xd0
[ 1235.730877][T20363]  do_syscall_64+0xcd/0xfa0
[ 1235.730907][T20363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1235.730928][T20363] RIP: 0033:0x7f66a378d9dc
[ 1235.730945][T20363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1235.730964][T20363] RSP: 002b:00007f66a4679030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1235.730984][T20363] RAX: ffffffffffffffda RBX: 00007f66a39e5fa0 RCX: 00007f66a378d9dc
[ 1235.730998][T20363] RDX: 000000000000000f RSI: 00007f66a46790a0 RDI: 000000000000000b
[ 1235.731010][T20363] RBP: 00007f66a4679090 R08: 0000000000000000 R09: 0000000000000000
[ 1235.731024][T20363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1235.731036][T20363] R13: 00007f66a39e6038 R14: 00007f66a39e5fa0 R15: 00007ffc1897e4d8
[ 1235.731067][T20363]  </TASK>
[ 1236.320039][   T30] audit: type=1400 audit(1236.277:1711): avc:  denied  { map } for  pid=20366 comm="syz.3.3389" path="socket:[70024]" dev="sockfs" ino=70024 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1236.538870][   T30] audit: type=1400 audit(1236.277:1712): avc:  denied  { accept } for  pid=20366 comm="syz.3.3389" path="socket:[70024]" dev="sockfs" ino=70024 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1236.902993][T20387] FAULT_INJECTION: forcing a failure.
[ 1236.902993][T20387] name failslab, interval 1, probability 0, space 0, times 0
[ 1236.957453][T20387] CPU: 1 UID: 0 PID: 20387 Comm: syz.4.3390 Not tainted syzkaller #0 PREEMPT(full) 
[ 1236.957483][T20387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1236.957493][T20387] Call Trace:
[ 1236.957499][T20387]  <TASK>
[ 1236.957507][T20387]  dump_stack_lvl+0x16c/0x1f0
[ 1236.957541][T20387]  should_fail_ex+0x512/0x640
[ 1236.957563][T20387]  ? __kvmalloc_node_noprof+0x12e/0x9c0
[ 1236.957588][T20387]  should_failslab+0xc2/0x120
[ 1236.957612][T20387]  __kvmalloc_node_noprof+0x141/0x9c0
[ 1236.957635][T20387]  ? video_usercopy+0xa6b/0x1720
[ 1236.957678][T20387]  ? video_usercopy+0xa6b/0x1720
[ 1236.957705][T20387]  video_usercopy+0xa6b/0x1720
[ 1236.957736][T20387]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1236.957764][T20387]  ? selinux_kernel_read_file+0xf0/0x130
[ 1236.957787][T20387]  ? __pfx_video_usercopy+0x10/0x10
[ 1236.957836][T20387]  v4l2_ioctl+0x1bd/0x250
[ 1236.957862][T20387]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1236.957891][T20387]  __x64_sys_ioctl+0x18e/0x210
[ 1236.957922][T20387]  do_syscall_64+0xcd/0xfa0
[ 1236.957952][T20387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1236.957972][T20387] RIP: 0033:0x7f66a378efc9
[ 1236.957989][T20387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1236.958009][T20387] RSP: 002b:00007f66a4658038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1236.958029][T20387] RAX: ffffffffffffffda RBX: 00007f66a39e6090 RCX: 00007f66a378efc9
[ 1236.958045][T20387] RDX: 0000200000000200 RSI: 00000000c058565d RDI: 0000000000000003
[ 1236.958057][T20387] RBP: 00007f66a4658090 R08: 0000000000000000 R09: 0000000000000000
[ 1236.958071][T20387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1236.958084][T20387] R13: 00007f66a39e6128 R14: 00007f66a39e6090 R15: 00007ffc1897e4d8
[ 1236.958114][T20387]  </TASK>
[ 1238.534619][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1240.295359][T20434] __nla_validate_parse: 43 callbacks suppressed
[ 1240.295375][T20434] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3401'.
[ 1240.380299][T18218] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[ 1240.554574][T18218] usb 2-1: Using ep0 maxpacket: 16
[ 1240.571430][T18218] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1240.633388][T18218] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[ 1240.730674][   T24] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[ 1240.756036][T18218] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1240.919441][T18218] usb 2-1: config 1 interface 2 has no altsetting 0
[ 1240.981248][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1241.022770][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1241.030388][   T24] usb 1-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00
[ 1241.040106][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1241.048716][T18218] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1241.071461][T18218] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1241.090258][T18218] usb 2-1: Product: syz
[ 1241.401724][T18218] usb 2-1: Manufacturer: syz
[ 1241.487460][   T24] usb 1-1: config 0 descriptor??
[ 1241.504259][T18218] usb 2-1: SerialNumber: syz
[ 1241.575931][T20452] batadv3: entered promiscuous mode
[ 1241.850615][T15404] usb 1-1: USB disconnect, device number 83
[ 1242.920643][T18218] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1242.928798][T18218] usb 2-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[ 1242.937379][T18218] usb 2-1: found format II with max.bitrate = 3, frame size=7
[ 1243.001046][ T5884] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[ 1243.034222][T18218] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1243.042597][T18218] usb 2-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[ 1243.129142][T18218] usb 2-1: found format II with max.bitrate = 3, frame size=7
[ 1243.373672][ T5884] usb 6-1: Using ep0 maxpacket: 32
[ 1243.387001][T18218] usb 2-1: selecting invalid altsetting 0
[ 1243.410708][ T5884] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1243.496563][T18218] usb 2-1: selecting invalid altsetting 0
[ 1243.513229][ T5884] usb 6-1: config 164 has an invalid interface number: 246 but max is 0
[ 1243.533048][ T5884] usb 6-1: config 164 has no interface number 0
[ 1243.572282][ T5884] usb 6-1: config 164 interface 246 has no altsetting 0
[ 1243.692601][ T5884] usb 6-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice= f.fe
[ 1243.710457][T18218] usb 2-1: USB disconnect, device number 114
[ 1243.720248][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1243.738726][ T5884] usb 6-1: Product: syz
[ 1243.859765][ T5884] usb 6-1: Manufacturer: syz
[ 1243.864926][ T5884] usb 6-1: SerialNumber: syz
[ 1244.165133][T20475] bond1: option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[ 1244.219132][T20475] bond1 (unregistering): Released all slaves
[ 1244.725136][T20498] netlink: 'syz.4.3411': attribute type 1 has an invalid length.
[ 1245.486719][T20503] comedi comedi0: comedi_bond: 3:2 3:3  attached, 48 channels from 2 devices
[ 1245.650308][   T30] audit: type=1400 audit(1245.537:1713): avc:  denied  { bind } for  pid=20500 comm="syz.0.3412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1246.004089][ T5884] powermate 6-1:164.246: probe with driver powermate failed with error -5
[ 1246.025123][T20506] binder: BC_ATTEMPT_ACQUIRE not supported
[ 1246.072566][T20506] binder: 20505:20506 ioctl c0306201 2000000003c0 returned -22
[ 1246.081386][ T5884] usb 6-1: USB disconnect, device number 65
[ 1246.381254][T20512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3413'.
[ 1247.008869][T20509] siw: device registration error -23
[ 1247.164566][T20515] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3415'.
[ 1247.329616][T20524] batadv1: entered promiscuous mode
[ 1247.532392][   T30] audit: type=1400 audit(1247.517:1714): avc:  denied  { ioctl } for  pid=20529 comm="syz.5.3420" path="socket:[71340]" dev="sockfs" ino=71340 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1247.570309][    T9] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1247.824790][    T9] usb 5-1: Using ep0 maxpacket: 32
[ 1247.882643][    T9] usb 5-1: config 0 has no interfaces?
[ 1247.901284][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1247.918858][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1248.040626][    T9] usb 5-1: config 0 descriptor??
[ 1248.250645][    T9] usb 5-1: USB disconnect, device number 96
[ 1248.690409][    T9] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1248.815529][T20391] Set syz1 is full, maxelem 65536 reached
[ 1248.860419][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1248.911160][    T9] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[ 1248.919164][    T9] usb 5-1: config 0 has no interface number 0
[ 1248.925578][    T9] usb 5-1: too many endpoints for config 0 interface 2 altsetting 0: 79, using maximum allowed: 30
[ 1248.966532][    T9] usb 5-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 79
[ 1249.105829][    T9] usb 5-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[ 1249.176103][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1249.254013][    T9] usb 5-1: Product: syz
[ 1249.314132][    T9] usb 5-1: Manufacturer: syz
[ 1249.357115][    T9] usb 5-1: SerialNumber: syz
[ 1249.382592][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1249.438299][    T9] usb 5-1: config 0 descriptor??
[ 1249.446882][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1249.523258][    T9] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[ 1249.547185][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1249.647057][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1249.753530][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1249.834837][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1249.974237][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1250.006024][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3426'.
[ 1250.094661][   T30] audit: type=1326 audit(1250.077:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.118817][   T30] audit: type=1326 audit(1250.077:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.143868][   T30] audit: type=1326 audit(1250.077:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.180503][   T30] audit: type=1326 audit(1250.077:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.294386][   T30] audit: type=1326 audit(1250.077:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.334575][   T30] audit: type=1326 audit(1250.077:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.440050][   T30] audit: type=1326 audit(1250.077:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.639769][   T30] audit: type=1326 audit(1250.077:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.693473][   T30] audit: type=1326 audit(1250.077:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.757215][   T30] audit: type=1326 audit(1250.077:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.799156][   T30] audit: type=1326 audit(1250.077:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1250.840064][   T30] audit: type=1326 audit(1250.077:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.242055][   T30] audit: type=1326 audit(1250.077:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.390466][   T30] audit: type=1326 audit(1250.077:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.413502][   T30] audit: type=1326 audit(1250.077:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.440531][   T30] audit: type=1326 audit(1250.077:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.464376][   T30] audit: type=1326 audit(1251.037:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.593305][   T30] audit: type=1326 audit(1251.037:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20567 comm="syz.3.3431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87f538efc9 code=0x7ffc0000
[ 1251.810288][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x00, error -110)
[ 1251.821423][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x01, error -32)
[ 1251.908513][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0409, value 0x0D, error -32)
[ 1251.998264][    T9] gspca_xirlink_cit: Failed to write a register (index 0x040A, value 0x02, error -32)
[ 1252.199048][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0405, value 0x18, error -71)
[ 1252.735090][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0435, value 0x08, error -71)
[ 1252.759119][    T9] gspca_xirlink_cit: Failed to write a register (index 0x040B, value 0x26, error -71)
[ 1252.781659][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -71)
[ 1252.792403][T10716] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[ 1252.837001][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -71)
[ 1252.860562][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -71)
[ 1252.880509][    T9] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -71)
[ 1252.900302][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -71)
[ 1252.920418][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -71)
[ 1252.937636][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -71)
[ 1252.998854][T10716] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1253.020513][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -71)
[ 1253.071347][T10716] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1253.102499][    T9] input: xirlink-cit as /devices/platform/dummy_hcd.4/usb5/5-1/input/input76
[ 1253.165792][T10716] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1253.192200][T10716] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1253.202644][    T9] usb 5-1: USB disconnect, device number 97
[ 1253.333049][T17817] Bluetooth: hci4: ACL packet for unknown connection handle 201
[ 1253.640896][T10716] usb 6-1: SerialNumber: syz
[ 1253.799732][T20612] __nla_validate_parse: 43 callbacks suppressed
[ 1253.799751][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.816247][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.825175][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.834159][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.876125][T10716] usb 6-1: 0:2 : does not exist
[ 1253.880351][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.891492][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.911000][T10716] usb 6-1: unit 5 not found!
[ 1253.965450][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.990672][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1253.997101][T10716] usb 6-1: USB disconnect, device number 66
[ 1254.035878][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1254.062531][T20612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[ 1254.229637][T20628] netlink: 'syz.1.3444': attribute type 6 has an invalid length.
[ 1254.275872][T20633] 
[ 1254.278203][T20633] ============================================
[ 1254.284338][T20633] WARNING: possible recursive locking detected
[ 1254.290475][T20633] syzkaller #0 Not tainted
[ 1254.294871][T20633] --------------------------------------------
[ 1254.300991][T20633] syz.3.3445/20633 is trying to acquire lock:
[ 1254.307027][T20633] ffff8880309f98f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_do_insn+0x2e/0x3e0
[ 1254.315894][T20633] 
[ 1254.315894][T20633] but task is already holding lock:
[ 1254.323240][T20633] ffff8880309f80f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_unlocked_ioctl+0x167/0x2f00
[ 1254.332893][T20633] 
[ 1254.332893][T20633] other info that might help us debug this:
[ 1254.340927][T20633]  Possible unsafe locking scenario:
[ 1254.340927][T20633] 
[ 1254.348353][T20633]        CPU0
[ 1254.351612][T20633]        ----
[ 1254.354867][T20633]   lock(&dev->mutex#4);
[ 1254.359098][T20633]   lock(&dev->mutex#4);
[ 1254.363323][T20633] 
[ 1254.363323][T20633]  *** DEADLOCK ***
[ 1254.363323][T20633] 
[ 1254.371441][T20633]  May be due to missing lock nesting notation
[ 1254.371441][T20633] 
[ 1254.379733][T20633] 1 lock held by syz.3.3445/20633:
[ 1254.384817][T20633]  #0: ffff8880309f80f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_unlocked_ioctl+0x167/0x2f00
[ 1254.394898][T20633] 
[ 1254.394898][T20633] stack backtrace:
[ 1254.400764][T20633] CPU: 1 UID: 0 PID: 20633 Comm: syz.3.3445 Not tainted syzkaller #0 PREEMPT(full) 
[ 1254.400789][T20633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1254.400801][T20633] Call Trace:
[ 1254.400807][T20633]  <TASK>
[ 1254.400815][T20633]  dump_stack_lvl+0x116/0x1f0
[ 1254.400844][T20633]  print_deadlock_bug+0x1e9/0x240
[ 1254.400872][T20633]  __lock_acquire+0x1106/0x1c90
[ 1254.400904][T20633]  lock_acquire+0x179/0x350
[ 1254.400921][T20633]  ? comedi_do_insn+0x2e/0x3e0
[ 1254.400943][T20633]  ? __pfx___might_resched+0x10/0x10
[ 1254.400967][T20633]  ? comedi_do_insn+0x2e/0x3e0
[ 1254.400986][T20633]  __mutex_lock+0x193/0x1060
[ 1254.401003][T20633]  ? comedi_do_insn+0x2e/0x3e0
[ 1254.401029][T20633]  ? __pfx___mutex_lock+0x10/0x10
[ 1254.401046][T20633]  ? __pfx___might_resched+0x10/0x10
[ 1254.401068][T20633]  ? __up_read+0x1f8/0x750
[ 1254.401085][T20633]  ? down_read+0x13d/0x480
[ 1254.401104][T20633]  ? comedi_do_insn+0x2e/0x3e0
[ 1254.401124][T20633]  comedi_do_insn+0x2e/0x3e0
[ 1254.401146][T20633]  comedi_dio_bitfield2+0x3c4/0x420
[ 1254.401169][T20633]  ? __pfx_comedi_dio_bitfield2+0x10/0x10
[ 1254.401189][T20633]  ? __alloc_frozen_pages_noprof+0x292/0x2470
[ 1254.401214][T20633]  ? unwind_get_return_address+0x59/0xa0
[ 1254.401235][T20633]  ? arch_stack_walk+0xa6/0x100
[ 1254.401258][T20633]  bonding_dio_insn_bits+0x2bd/0x570
[ 1254.401284][T20633]  ? __lock_acquire+0xb8a/0x1c90
[ 1254.401308][T20633]  ? __pfx_bonding_dio_insn_bits+0x10/0x10
[ 1254.401332][T20633]  ? __lock_acquire+0x622/0x1c90
[ 1254.401359][T20633]  insn_rw_emulate_bits+0x29b/0x5f0
[ 1254.401381][T20633]  ? __pfx_insn_rw_emulate_bits+0x10/0x10
[ 1254.401406][T20633]  ? rcu_read_unlock+0x17/0x60
[ 1254.401429][T20633]  ? comedi_check_chanlist+0x2d6/0x380
[ 1254.401451][T20633]  parse_insn+0xf4c/0x1970
[ 1254.401478][T20633]  ? __pfx_parse_insn+0x10/0x10
[ 1254.401503][T20633]  ? __might_fault+0xe3/0x190
[ 1254.401527][T20633]  ? do_insn_ioctl+0xda/0x4e0
[ 1254.401544][T20633]  do_insn_ioctl+0x152/0x4e0
[ 1254.401561][T20633]  comedi_unlocked_ioctl+0x1618/0x2f00
[ 1254.401582][T20633]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1254.401602][T20633]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1254.401624][T20633]  ? do_vfs_ioctl+0x128/0x14f0
[ 1254.401646][T20633]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1254.401669][T20633]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1254.401694][T20633]  ? hook_file_ioctl_common+0x145/0x410
[ 1254.401720][T20633]  ? selinux_file_ioctl+0x180/0x270
[ 1254.401737][T20633]  ? selinux_file_ioctl+0xb4/0x270
[ 1254.401755][T20633]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1254.401773][T20633]  __x64_sys_ioctl+0x18e/0x210
[ 1254.401797][T20633]  do_syscall_64+0xcd/0xfa0
[ 1254.401821][T20633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.401840][T20633] RIP: 0033:0x7f87f538efc9
[ 1254.401855][T20633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1254.401872][T20633] RSP: 002b:00007f87f6229038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1254.401889][T20633] RAX: ffffffffffffffda RBX: 00007f87f55e5fa0 RCX: 00007f87f538efc9
[ 1254.401902][T20633] RDX: 0000200000000000 RSI: 000000008028640c RDI: 000000000000000c
[ 1254.401915][T20633] RBP: 00007f87f5411f91 R08: 0000000000000000 R09: 0000000000000000
[ 1254.401926][T20633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1254.401938][T20633] R13: 00007f87f55e6038 R14: 00007f87f55e5fa0 R15: 00007ffc450fc4b8
[ 1254.401957][T20633]  </TASK>
[ 1256.840304][T11578] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1264.040757][    C1] ------------[ cut here ]------------
[ 1264.046245][    C1] ODEBUG: free active (active state 0) object: ffff888057ef6090 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150
[ 1264.059418][    C1] WARNING: CPU: 1 PID: 0 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0
[ 1264.068618][    C1] Modules linked in:
[ 1264.072506][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1264.081429][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1264.091478][    C1] RIP: 0010:debug_print_object+0x1a2/0x2b0
[ 1264.097268][    C1] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 7d f0 8b 4c 89 e6 48 c7 c7 20 72 f0 8b e8 ef f0 ce fc 90 <0f> 0b 90 90 58 83 05 f6 d8 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[ 1264.116869][    C1] RSP: 0018:ffffc90000a08a18 EFLAGS: 00010282
[ 1264.122939][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b3ee8
[ 1264.130916][    C1] RDX: ffff88801d6da480 RSI: ffffffff817b3ef5 RDI: 0000000000000001
[ 1264.138870][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 1264.146860][    C1] R10: 0000000000000000 R11: 000000000004b068 R12: ffffffff8bf078c0
[ 1264.154839][    C1] R13: ffffffff8b901fe0 R14: ffffffff8a4d5ca0 R15: ffffc90000a08b18
[ 1264.162795][    C1] FS:  0000000000000000(0000) GS:ffff888124b0b000(0000) knlGS:0000000000000000
[ 1264.171709][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1264.178270][    C1] CR2: 000056474b5cdbe0 CR3: 0000000073fa1000 CR4: 00000000003526f0
[ 1264.186238][    C1] Call Trace:
[ 1264.189493][    C1]  <IRQ>
[ 1264.192327][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1264.197940][    C1]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1264.203920][    C1]  debug_check_no_obj_freed+0x4b7/0x600
[ 1264.209454][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1264.215522][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1264.220277][    C1]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1264.226235][    C1]  kfree+0x291/0x6d0
[ 1264.230105][    C1]  ? rose_timer_expiry+0x53f/0x630
[ 1264.235207][    C1]  ? rose_timer_expiry+0x53f/0x630
[ 1264.240308][    C1]  rose_timer_expiry+0x53f/0x630
[ 1264.245225][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[ 1264.250679][    C1]  call_timer_fn+0x19a/0x620
[ 1264.255244][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1264.260348][    C1]  ? __run_timers+0x6df/0x960
[ 1264.265016][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1264.269787][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1264.274559][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[ 1264.279998][    C1]  __run_timers+0x6ef/0x960
[ 1264.284493][    C1]  ? __pfx___run_timers+0x10/0x10