last executing test programs:

30m30.666840483s ago: executing program 0 (id=1028):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000ac0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000600)={0x24, &(0x7f0000000340)={0x40, 0x6, 0x4, "c453514d"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

30m26.502570702s ago: executing program 0 (id=1036):
syz_usb_connect$uac1(0x0, 0xa4, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x9)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xffdd)

30m12.945916513s ago: executing program 0 (id=1061):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
execve(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

30m12.588116858s ago: executing program 0 (id=1064):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000f80))

30m10.607862624s ago: executing program 0 (id=1068):
openat$nullb(0xffffffffffffff9c, 0x0, 0x2cc400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000010}, 0x4000000)

30m8.865010781s ago: executing program 0 (id=1071):
syz_usb_connect$uac1(0x0, 0xa4, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x9)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xffdd)

29m53.01011441s ago: executing program 32 (id=1071):
syz_usb_connect$uac1(0x0, 0xa4, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x9)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xffdd)

20m16.443775781s ago: executing program 3 (id=2179):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x3}, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000001c0)={0x28, 0x7, 0x0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x10001, 0x0, 0x6, 0x4e8d0, 0x107b9c})
readv(r0, &(0x7f0000001c80)=[{&(0x7f0000000740)=""/200, 0xc8}], 0x1)
close_range(r0, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

20m15.089909729s ago: executing program 3 (id=2185):
socket$kcm(0x10, 0x400000002, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
socket$kcm(0x2, 0x200000000000001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.stat\x00', 0x26e1, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="e80100000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff020d40f799000000000000000000011400040020010000000000000000000000000001080007400000000010000d800c000380060002004e210000080007400000000da800068004000380080002006401010124000380060001004e230000060001004e230000060001004e210000060002004e24000008000200e0000002340003ec060002004e230000060002004e240000060001004e200000060002004e200000060002004e230000060001004e200000340004000000000000000000000000000000000008000200ac1414aa140005000000000000000000000000000000000008000100e000000284000e801400018008000100ac141409080002000a0101010600034000000000060003400001000006000340000300000c000280050001009f0000000c00028005000100000000002c00018014000300fe80000000000000000000000000002d14000400fc02000000000000000000000000000106000340000300000600034000040000080008d322be8899f58fd0412706a3110b6ac509050fbdad13da3ea4174b0ebbb14f4e2f6914138cd7"], 0x1e8}}, 0x0)

20m3.466120727s ago: executing program 3 (id=2206):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000001340)="0e9849f1332c3a4f7cd80c990e6bb6b5979749a4fbaef24bc5bcc03ac73ad01da6441277f5ac3b4d0ab075522859b01dff8f24e16cd420439da93470adbb7411843f018e01848aec434d0395f241ae92"})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)

20m2.241662091s ago: executing program 3 (id=2210):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
flistxattr(r1, &(0x7f0000000480)=""/138, 0x8a)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
listxattr(0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3d1, 0x0, 0x0, 0x0, 0x10000}}, &(0x7f0000000140)='GPL\x00', 0x3, 0x1000, &(0x7f00000009c0)=""/4096, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x1}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x2, 0x1, 0x5}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000200)=[r0, r0, r0], &(0x7f0000000240)=[{0x3, 0x4, 0x8, 0xb}, {0x1, 0x5, 0x2, 0x168b1cbd97ca0c80}, {0x3, 0x4, 0x2, 0xb}, {0x5, 0x5, 0x9, 0x7}, {0x4, 0x3, 0xa, 0x8}, {0x1, 0x1, 0x7, 0xc}, {0x1, 0x1, 0xd, 0x3}, {0x4, 0x5, 0x7, 0x2}], 0x10, 0x7}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r6, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r6, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e})
close_range(r6, r6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r2, 0x0, 0x6}, 0x18)

19m59.527040721s ago: executing program 3 (id=2216):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x5b0b}, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="020000000400000008000000010000"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x18, &(0x7f00000003c0)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x54}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})

19m56.952020364s ago: executing program 3 (id=2220):
dup(0xffffffffffffffff)
readlinkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='mmap_lock_acquire_returned\x00', r2, 0x0, 0x7}, 0x6d)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

19m40.815821373s ago: executing program 33 (id=2220):
dup(0xffffffffffffffff)
readlinkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='mmap_lock_acquire_returned\x00', r2, 0x0, 0x7}, 0x6d)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

17m48.48442485s ago: executing program 6 (id=2487):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000400)={'ipvs\x00'}, &(0x7f0000000440)=0x1e)

17m47.164553049s ago: executing program 6 (id=2494):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000002c0)={0x0, r1})
ioctl$VHOST_RESET_OWNER(r2, 0xaf02, 0x0)

17m45.416121575s ago: executing program 6 (id=2499):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
unshare(0x2000400)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4}, 0x0, 0x0)

17m44.501664229s ago: executing program 6 (id=2501):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000040), 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4}, 0x0, 0x0)

17m42.226526373s ago: executing program 6 (id=2507):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x5b0b}, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f00000003c0)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})

17m37.323612744s ago: executing program 6 (id=2518):
syz_kvm_add_vcpu$x86(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000200), &(0x7f0000000380), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="010000000000000053"], 0x53})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x90, 0x5, 0x9, 0x7f}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17m22.063201131s ago: executing program 34 (id=2518):
syz_kvm_add_vcpu$x86(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000200), &(0x7f0000000380), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="010000000000000053"], 0x53})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x90, 0x5, 0x9, 0x7f}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

16m26.112071685s ago: executing program 4 (id=2671):
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=ANY=[@ANYBLOB="80000000ffffffffffff0802110000"], 0x32)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r6)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

16m24.190993866s ago: executing program 4 (id=2675):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'geneve1\x00'})
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x8e, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000180)='bic\x00', 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

16m22.744853175s ago: executing program 4 (id=2681):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002240), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x2000}})
read$FUSE(r4, &(0x7f0000000200)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2092)
syz_fuse_handle_req(r4, &(0x7f0000008e40)="5536182daefa2fc6ee10a1b2d4e27cff3c3e628d4656f7b27979e371b15b420c01ae674ddb8fff7b2bc41e7c5927065cd32f2ff7908ef7dd74cdc82f3799ab12edbbfd0b8f6d2194d7f72aec3a136e25c7bf733436bf6cbfc94431ad053a2ec4ccac5aaada8a41ac38c0e1849e599dce84e431ac501db105b4484146b338c0ae9124877ccb8273c7fbb32603251e2d66c71398a7a715bcbe5c9d87e41af55f837e2931c4c1b6b7bbc30dfedfe6e61a39e28f66bbe56496745fbe03f6035183257edac4b0fe3087e7f3e79c2152a07341f3ae9ec68e78875b6e12b5a2a1abbcca4d7963be818a7a31290cad5a025ccd05b609c7ac49ea85d49f354c1e76091a917966665e77471005a46a195b290c01bb7ddf4709e94543471d87a0a5047d3631b00862e1e9a00c60b83371cc16ba087463122a892a1b21786fe3d450c7ba97799d88126f09a698a421242e9c67c981ebc576f57ba3df22e0071db74fa22e97b0fbe589894931a4c4e0eda8bb9533c4ce503fba218d0ae43ab4b4d0c705e04442d093ca5299ae8499c6db904bda6c68105bc2a1cd8e16067215476e573745d1e99daa73400567a9978dd7bffb21429479ace30c95afdfaebd7faf74343cd58e14ce6d2fada5a1c665049eeaa717ee681666c8b63c6d54e66df86144f85d80dcaa3ae7a13b58d5f2b607029efbbf8593afc75e0ce0a875a5fbedecb425a22624a0bb8e2fd06212a1fdafb92430d309f8f68504484fb1246f3d7b0893d3dc9d0b6c8d7476b6aea871eb4f32c283e22435fccb221484409cc28a6609dd869b99547fc81b2e517809a5b77783f9fc11b5fe584b9f64c0fec35d3db21ae30d0b8b88d722dea4a376d2a610f0a9d08b311e2ed3ef5d72d0e040e41d3dc45e5a17d740c67db88d95b18c8610fed3302aef0c3c1871ff8a5ae1908bf9668f0bc8e5867f56cc59cd303bafabde6a4034a96ba66b98a910dfaaff712673dcbf84c5354f066126068de620f08be67e6034138dd9a312f9ff197fca56a77bad46e59edfd79dfa3aee4582bfe01ce2201f6569178be7a4bdd28e495114944e538ee7b8f11e0812d9f822cd9760316809eccb9b0bbc5f0630224a1534f88600bbb2af2882562e76d149b44780380b62241829e5734fdfff1a2b3a052f3504dffe04d4632e9fef82762fe1950fbaceeb961464dfe2699f0a898fc8783cfdde45ecc3a16f052c4777beb1fddb080fc802a8cc760d1a0d4606b669e78ee9ba1ac398914ed5096850dedc513e5c71eca19d51af9075151f4ca3d8a841b7b1d205f5f3d223f7e48685daa0836f93017935ad1d942c7392667145ccc1d4700f5d8fb2fc218fd6d70357667d339a28dba3360761857b19f9f91e56a0e0281af1042a409a4e2839f3d21b73a5c352b22e4ff06e563e92c00b48e7f8bcdbbbd398c65331298f779dafe875854e301394b0faac2126138908fa8598b4f5e58ed1ac451eb0187e20077099d12d745fcff0b7fb5e8b9fa65ac617ea6c953e8786229b67a604c46810876650f919e6bc6792db22ec0be29cff94e9c24eb6e1830f890bb4b6bcd74b39060506095b99b95f2a8addfb8dfe11f47479fd23cc7c0701ae00774c430b3b9f52ab2579d47a2c2095365aa569f55a1431f93e651c01f0d67ff9337708a72e352c0e699f14bf07f9b9c056897c78edcf34ade3dfd17a04446d565fb6e7c701a237fe1a3d932371654a43b56e7f5ccdadc0f506d746c3f0047b69c0c174cbbfe092f139c09c0e2e76d9a777142813cb78174630ea8d73301e3343b94856fe610777468a9fb4518a0cf68243a4bd715e38e3431a811f962edb1306d76d89e0aad9be5800e7bebb82ccaec2382c9c114c91aee013acca2d8ddf99465e760bd185453a9eb4e5a78383094603b749c6242ad227124ef4b7ec7506b8a76f714099c954f0b2f2d427af0451a7ea3d1dbfa8a3e644c3640d397de3ce942311deb73fad3a76cba773f416314e81e70bda715b342113a18a249300b43250cb3b3aa46ecabe42d0e8c1dc4be286e539c71f0d1c0b0e1795ae7428a3887f36b79e9c76401a5dd460f45b9d8277e04c7c1e615fb33d0fbc444421f3fd0bff4e045d790610aaa2b62945e4b398024c75680b5e12235c35f5b23ddd99454fe527acad6d08fb37c35d9ecc0a8b10e2c31fac786666eb2ad499ddb7d06c7526fb1c5412f6a0df003410e69b81fe523057b6b73cdecf0e5bc4d3b87757889fe49dbdb3ec79c7eb3a868480fc87528e80400de837cccd4a6345508386ada1833f57a20c56e973569bc7821088d343e80009b7b35390975323d24e764aa6c90d3dd5fdec08ed363dc9ab57de949282994cd3858f829c7e5e9a745261383db27c9c53e9e98e109fda6cbb88649ba40b5067470d73b7471d406e5ea8041f9fa25f5b6c919aef84f7595511141e9f090ee103b20a13b22c9a88348ed6d284c0d7a58326e0c4c9626d9a5390bae2be199b201ea136a9aac76e6125db9bf58f61e6a46f8145a9df1305415989435f51529da03f09a67e3629e6f6cb6b70407d9d848f554f1a7e63602e678e62d3b41b4bf4ddda713ed2c291536d8cc12a16bde144ef56acc17778b1aa8eeeeeb60c781365b615be4435c7158d926351cdb46b89fa82acb384c7318dcb2e51db8bdb223aff2c8f36d9e6b1135ad18f7e0b9d91a76972c3140f8e21dc71422de12a4f5d08624bdaeb983619a5ff82cf788c6b8a5fbf0f78e61ae4058d6e03a3d5130646dfc13686e356a1325434caac94ced659529181561fee7ce4f7e1e7945f119ad8474ea6b00257ceb7af2d9b3f9ad5782cd986f1b097d61bf26a6c48c3ab597e4678d609f3050eec9f3bbea1bc67314407521950526e6d71e34e35392067ac84b66badc82a54bb0dc8ed2f1050711ef2d47af5252075c0441aad6900539fcc649c1b1ffc70a1cc39e0c2136c764ba718d50f4800dc29769c4bc9a2fd0f43eb6ffb717a473ccb14ccd58bd506c4e4a0f4ea1158b59b3d6bf1a2d010c456c1f099bff69add46cc60fd2d9779f603ebb943ab8eb02627ac8aebdd52f25b069f64a61e90fa9ac979cb4c6cf0ebcd070099a1a6e6a747e8989e84afe090390953f988f2dcee405086ce51b1d2d8d249f45899b4e862008d28efad8aa5abd0912fa456aa9d3a918a0dd3420d7c4b04b9e3d65c41a1548b7caeef5fbcededf64697786a0bae73d2c5352658b871c806bd150c91bbf8f4735dddee9cfd3e152b5d44cbcce912a2809760e225b9018fa498c86ccb2359cb0834bcefab92c0468522648fbefbe25cf8d82b897371b5369e8f2972502574c0a3235066969c4d5d67fc312d6631702f66a113d22063ba2ac7d9ab387ad1e115e9c98275f3e0dacd2e8f0843f24687b297bf42bca11b89c6db2fc7026d364486ef2d614bc45d5cff0758d69fd48ea06b8a97667e4d7d30bf7f1c30b62287637f50468bf144fd177fdabcbd0d12b50c9cbd052dcd66993c72f48bd6086412ed5f9af3d44dffdf7c012aadd5cf7bd3b314f236660fa1c0e4773a4e9ccc36fd130ffda59a9bf41f7fbf79e5e3333365a3ed2e7714e50805bc70bc6fd20203cacbbeecb8e01a2ce626756cdbd01c53717c2e7b56b47e21f13209c2bf2b1b251e7a93f8a085dcc61d9ae82303a962441372ff7c0b8b8ba75bbf5b861ff7ddbc9781d40c90ae467bdeddfdf949e9a8b8c9fb7db3a9323d05d15bef19ce2e7634b84ac082d50e84b66f99f34b2f852fefe67faa403e848f3de110eb1d9faefa176c3cacd20c7f87d74e858a1a7bfc2c9e895541f691f99a2b8771c8755300ee74e3d6a048b30d02ca16202ecfc207a0b29302aabc1c5b57c7d0d31d43be5cb1f7230dc238fb701e7037aa00c9b57c6fc85baccaa56754d27b975872051566187b0983d93b9ec052edf3b33f7ddab343eac6f7aed97771e708e40a4cc6797f85d91a0debd5c6169895e895f67a10685af5e0b80b0e728731cbffbff8be603469d03bd47dbca4456108c79c029af16482c5c2590c1e0673c7e943699ea107d906a3e667fe7b2afaeb489548b6a11d9862e86a0b549a42b607ffeda6e3ba0f567b63b0be6edb9098cf3a44e6864c5e99fa5f475acb57e2b7343eb7fe3e8c139b515348b188defd2d3021fd27950d822f6df5f9c93584fd95f3f88c85231943ed4d511249f96447f7903779e4d8c4a680661fe5133d415b862e668441e8077bfb827293a9eb733e914f37a19e01ad4b014ef87ed5a5817ab8123af9fd863090b8e9a50ce29cf706b2182fd79660cbdbb53ba71b750e71a21d0ed01db3335cad91d5cb4d4648f46468b6e51f63e4088386913ae6b6cbf103947c32d25a8a825118cd6ce23f53ffe3c087114700e9a5932faf3d844fc6b323b3e722ed3ed75037bd9a7fd9d256b2b9a168e66802e284853a0d6b47d39675900f02f005050425731f9c2cb329f70d7a5ce2ee256212bf8b2ba9ece0df39c58f0fbac06c4da946787abf19dadb536bddbf7e51d89f22413575e064c6482d936a89d48be159aeb5055feb0577ced6c5334411d1d58a7e6d02eca6164d90fda39685fd619269fea7f21db51f6aa6961250e03c9e00788c178dabeb68f13dea29f8cdcf30478dbca15c4519bb342ba8b201019061bf8317022dbc5673fb4ed92ef1a1dea0a1a00cb3cbca291f7ebcbec27ea5e824f04b82f5644d4368cdf8026550bc2f86b83da6a265357eb548a9eec6622204b3dcd22440fec0e12819ade4ba53b53b1e6ab906fe0cacabb9c15e8b657475a0dad62dbcb1037aa8617787abce24a0aa4cf1b5c85c030a14277832a95d8b29a4ea86fb80148ece147ce4bf386995ac28e1ad1e2072f3f4fce5c05d9bdd0af118815d6ee89aabfa3f8173e6fa59dfa4a8c1ba7641291b3c18c6ccc4c3588d56d169d397facb4e67485610cc68197b3a43fe78b9458dc47e5057d5bc6b8e3b65bf414818b65d41ed7cfd7a35fe79c9851ef39c3e059fb3dffe331a791ce75728efcd58dd9b3ed1c93b128469afa648f4f91de6e39d5bef7a0e69bdf5b2202682d857847a64b33432ea0f33bbfd1948ad0b6c66d853fef1e6c0d712b86c40f79ff4d125baebf2a4b32dfc8bed2a697f745cfeb16303b4f8e866ee0bb6a5eb6c6ce513b5cb84e2b44854c72ed0cf2e838245be8d098a6943d845f5a8c07c1036da86cab0d5be4ce29545fade4323acf2085b7645107dd12d5b3af7bb37be1b291cbd6fe297c4b4a2a23280358711be91f21305c035bf1f57467a1853c999b3fb478b11c49cfac66429a76099633a54689047d66fd8bd6eebea94fc8007d9e2765e2969608a78d0b96d6b30360e81fb9df5262c8ff15f2fd7000756d8cda1db3847d6f793bf803b159344c57b480c87702cb3d1260692a19ebdceb2e05a2fe2eb5ac5cfa76551a04795915bfaba9849a623e46ac1832157d0ea5255b5cacd4efa844b0ce5f2f0e1a9dc4fb115fce2640ec6d03c5fe15b4837bd6e6127349f2b6b0fd61c82c96531714f5b623ce4e4978c4a0c86b3c17f50acdd67d283ec934ed36ba7360a10ffeeb7864113eeaa25cccc66613e0757782381614b8da3cd0a85cef7bc384969517c920e8454a5a0f112d1653b2828e895d0614e5bf4dec0ec863432cce9337ce7c29affa7f29fff97bd54a6947cc68df8fed17850209242c1c67d0d7aced2efec4b3c006678bcb8716e8e9e40d78781fd6cc5b5522b8ed2ec8cecb677849b778c0a2a17817a3dd2278080e109906dd4e99b772d5911893fa09ade4296876921d1e009e714df7e4973ab1d2e593d88ecf2151e97ec66176549d3af66652c8377e162454ce7cc8ab34397d31978e84aea92a3c0a8106a2a31e33a8dfe942819fa1f2c1272d0f3cbd7dae820642cbc00202455ab7fb81857ef050a1965a291001874b38397ed9a8e8106dcfcdfd80d0f5d0ef0d5775e53cc5aeb1d6bc13886f8f3491cd6af5dd77ace3689fa2bf56e9b4d1e4964f8fd8f0a4a8b5d7fb678f0f3adcb4a19b5168ac5aeee6f087af15af3bde52a9be0f550b21b10ce98da70445284d9db9416732e63b6efb3ced984c0df50c11aa677f822af7ad39b8b4c0d236e4b36a00ff73587b39f917d7effbb37b95a96e350a430d544d68623c80bf2cd2d689b4dc41e8ef374c393092a2619055f268fbdcb9de494e6582be90a4798bac801bcac8389c823759860e7c9d692f41ee2a6b9624da3c09a2c8e7cdeaa100ba8ca25a737046d8bb237b9546641cfbb2eac9bbee9e125b14dfabac642e634d32151c06ceb3ddbb3d3f038ab2efdd063152270449ed5eca2655cd0016147ebbd00003eb8cd25297350afbffae43cfd9867543b81da4510850b1afaa199d0477837017e9098bf5b3973efe218a88b3d2bb172fe77278088997758fdc1dbb0b1fb6af2ab9db1ddf3e3fbd8e8dd35f918779ccba75b3cdfa317fc6e3cbeaa8b11ce2a30cc53292bcb9dc2a18ca400c674360c041c97ee6aec1448a025c6b04ae9efb3a01d31e3f897cfd5dc94dac95c88b95a26676cc6153e203535891116a5f4ebf54c71cbbe3215a04c57c7ba874a1e203bc66d8161d5b556f661244d9d405a2e6baaedd0d0e4c7e093c2ac0e5ee83b7ddf91669dd59016f7cb53d19896fcc838dc008da4a5fdc0a4fac1a6d7f49b24bcc01467df04d8a3f3181cc4e811942a53daf784b59186a17756a8f3a41ad93035a893a4ff60dd8f54a533e94cf87864169287804df3aa38dc5ce6021a06c58d48985c562a0f51d8b32879f9fb7d4a1d3d442626810f151b161b7e35f9a0b3bec05979e381140f31c03ee6f5549e6e7f116be5e87e0a9ab71ee632f837e9a0f9ad1b4979304c26bad6e84eff0b5b79b667e3d74e354d04f5b2c237102e41a1a4dcac99cbb911d9484aebe6ab2cb539a1db3e3302fb833a44a2d725e858ea9a65d43bb7661842b655c51a1ff25207956e8c6c71667c79975d69f688dfa34c59771488028e3d7500ba0cb71ae5751a51b568e67bdf2abb63838aba5e5cfbbeaf02285f6cbe58428a92a6fc25abb01f8d55ecbd7cc0ea69cdfb188b79048dbea488493681b0e70234463ca3e425d24e2ae4d800ce3adb04ce69428b5f884f8dc83392c22e456a2e195b86d717ac45003a99ae9a59c94167eb04aba3612528f94dad3360b46bc456fbb78072eb7f96418c71bec09831b0a63e83816ffde0d9909c06e765a666c2c41b20c339e0d39107311830ae9ad912f0a85f2ec5ca66a79798a568dae14f76b6d59e6c0bc0f9ebdff29c0fce58367c9705bd4323d3c3e125cdb13da6e58f3fdb2751401014e393e3fc688f04080a90430e531767a7c4f3187ccb7b90880955e766aba6091c4e8fed36482bb5a63372350dd08fe84bf5afd1a30a0f8f4de7a640fa84b9c0447073a0b39bf875d0377c8a572adefec3e033fb3dad91b22bfe22c01f23f27ab0c6a1ce19d2f4f4235281cbca15dafe50f383ba89a8c46a666b106c1ac534955df71f4c560010934fd3eb68eebd55487defa1e024f75ac30139cd190bde1dc8684936bc23a1882ae469fc4af8730d29658f996f71c219526497918e359228b55849d952f4b2996fe5f45a6cfdf87da93bfada579479b18d05c4e964c85b88a7bfc6e4f2b5d6e98e00635e8bd2ebb9eb40b99a9e9db2f688b2d94b8cc8c5fb2a1928624fa5df1c228e6499d992453772084bcd33dda984d97e3857b6fee43c6666b3206ccfe3af52debea4ee060c6edd194b90309213f5c4805f454c7e57bc759377aae9727e484391486be0849c5cdfa99c5a0d0687d6afdce97a32e01d45fef015e7c869ca190219a778b91d881a7b595313fb462e5bf78260c78285d6ccf5e4c50ed56ff28e3f49912773f0a58093f259b5cf4e7f607c51a81576fa95b97bf32d0e2e3511b5d784eba29a15246a97ccf608db456cd70adacc6c31913416f24f38dec3544ac2e88c409b5ff7771d873ea8d7a1868775c8b5502273c784cf945680fb14f143140b56462cd46874ffeacde7bf329fe8369df9c4b95a42535ea56ad6fa260f5c738eb9627f890f4a34f80bf3b8fe568d44c3895029b5f9557f17469a53fe4c0d581eb29029ff162ca906cd0e4bb81138be91a254752bf849232ed7042a82cda1e14dfbfdf74a09c17a9039749c789ab0242ed2d0249231c4ad70c23c805676968bdeb96c2d8886f784ecc3e42e6493e45aa20b6e8ede65c49136c9e9414a4371e3012bf596d55315be17ea9396b1df7f82db27f0d121f8aa66c40365fa686a46f430b4cd336da0d9937d5c26284bdcc6c4e0d5a6acc1be089e1a5d6ec422ad3961fb5c5c9836466c3366e6d3f2686b19b529549cacb6252b0d7a7f5df42ea2961ac59ba0b911311ccc4d83f8611f0c4b071544236037b2863d673303a4e3d428131b07f60eb2cd507dc43503456ce829aed8254bf0b51b38008d42e445acb0effc2ab7e4bc26ad76ffba1220f2e878fe9b5de39bf4f25a9ed468cdb100008ffac6bef401df4817b23463e771a3c834c32993274689c01004eb94b89bc44257b7d2b3936caab6d86937b5bb8f705d00fb6f091711222b6dc25eeaa0e350fe484337396162c86bf7d3a1ab82591ad35d393664617041142c0f8b528e947c092f28c3142493d056bd548910615e7300f041f5d01a2f00138ae5d7849244ef9215f5c9dd874e60ca4ad883f86e71690a510831e35c24de1e0d1261172bf4a8625af958febb7b109c5ca5bfffd4342c43ad02136c6eb117b4a6ea98c07a91279731c1228b01e6be755c1c1d095d3cdfe950ac32eee77327a0e7e342ccfc13c69ab6ab113b18c1abe72d39c03e351986cb3326b8b17ada5884aa7d0a553b0d35e32b8c09f1a4106f5d675a88a1508de4a0e9c598c082ae5b229b75579e39e297b225a852e3f6a7d0990a45fdf68771991acf9b7a5c04bc21a40c57817d500e8ebc6b5919219a4110395817c92bf9eb9c623606d4d98ed68dc0b51a0278b0addce8753f86316158bb4bd6a7a0c4c72b0d17b9545695e54826021a6ac44b4de1b4ea977b20af3c47b8860b0ed29a68c1a883777097d54b162cc58edc0f4de1afbbad7c340a5cd9f2f93133cb2a4babc2a688e2ddd580ef8d9d0846c269c265ce9d978aa233c73aa11eb78d3a67f4e7a3dd035ef5a1f832ada87c7dfa377b77215f8c23b1a78e4a7faa6d0c1a4a28a0ef7b32b36bd566d8c478d0133ab43f9c2a4829624eec535234eb89a177ca8d4e9d2d422f33a24d15044822e4a4c1bca5f470b8c8fde09fb69160297218398da27f4e80dbd480782ee75cecd20ad23fdbcc1d4a0acbc63241c1e2cf1a0b12949e42f707ba06b6fdbd8f336bd72d7f96ddf9ec2b5cfcc4c8da6e1ea573e97eeaea537511ac9fd2ae78eb18cb50c13b595f8b6d65ce8c08e9028fffff6b512080dbbd3fb5e5068538c05f73254969f9727db9bff0c6aeaaf83713812499308792a7fc8318e6b2996bcd1b072641be1eb8e028cbd6b0a5f1fa13bfe35b5cd0d2ca21d9cf8ed97f724ef73ab5a99d65befa38d636f2f827d229479377f25501f3a6ece12cb095549503b2299db7806d32751d4851d62b0c6a91e2e961d475d33a8874c96df52c75bb5a0569e892743937451f75345e0351bfa334d37aa43f01ad1ff984dec164faebc713de31470db5e536a0681a042ced0f9839d9ce89259349075961985171c27c410c99458d4c25614ea1d4252293c4f85b0d2ded9ac560cfd024c199d5f0f4bd47763690ba1bca88b8cc81059bb9fe82c955488523114db8c2caf8a63c0049e90ca524330b57edcf718f6a7aab0efe282079d198cc3c1294f35d1a1bf5f69a8838cfc5d4363f9ca9383f83e4f9576de3fac48866ddcde282e5e4ee3f852a063bd6423ac1fdc6201b1facd6c36609fa2faf96afc1c0b76fff27bce059ad6390fd1e3f735806ce654ed555a78ea8e59fb16ff5ac5ad183aab9de37c3d033b3018d591e7ff1a896de969f561260f797603df5fc232076ccdc2e1fe9fc789253a54af151dd50f89e777c2541591101720c893647bd4b3e6257de85251c9bcd700154e85db2a9e2c4d9d2e531a18bfaa05d16ce75f823e60416b3afebce16555536120d5f554fd13e861d74c4947a62d2d09473d8d75f03d354572b371b02e16f3976b1b0b235582ee38d938fe843b107c77c2acd88f34e1669816eb3867134b1c5fce5afad3c70f9bca972ed494577f2ba6362a6ee6b4720bd86938bb49490982a1b5ce6dd54b79f093ce27051530e1233f03d6641392d4fe7a1f7dcec8ba86d8f32f00f0ad50a29b1e17de07bd0205c0d893532c198f23656f7f5d178c0745b7e0b7e8afdd29c8fa1639a06039980d9a5fba11801db4e7868a9b77925a03a770aae3430b1ccbddb8bd766f51fef71ba25cf9184c9cfa6f9921d69066d09a656080f3c5fe475ccab94cdfccd76f3c7dada9236d1be861eb5fe6247ae9f97b7705bb71c375e8b98203c5bd224202c1aa714da47e0daf98fd3eca617f9a255df5dbe98a7520a1e6db9b88af893521f2ecf7fd2b08a7f3c5aeb77ebe6f52739b473840889c41315407477b82242d9a805f9aa200a129c4701d1c88ccd34871f356caf02da9937a88612a9755315914f4e8e1bf471a46c00650457cc06db168e5457fb3f9662994d901a1f58306156979aa795afacc1a7d6111cbea53e97fb71c7bbe44558fb06f8d78ee08e3678b5d218e13f79cf06f1da9f7e128647884589c487147b3edbdaffa16f9388568d3c8caa34a6b944e4f171842cdbb293474fcd5201b7440e05ddcf9e0b476773119516ef45077705e8bab5f877657205bf9eaaa7c86734b1b6c3661dfd4b9eb8590f962e17ad51b44058d558744e5b44cf9db280bff1062b2431d298064f11e7700ba4c8ece6f4df659d4880c4983db0152f1f903023672f6234620134bd5d1d888022da128a527d82e8fa1a562827a4f1592efe3b0bb78060626e8688ef3d5162afe9f1060123dbb1f93b7bdb6ad4ad6e1772bf8705cca424d9c42e4992eb5bef1ec7961bd4260d1e55e863fa9c8e0cb6d28b495fa37b5f59fd18cfcec6319288dd7363821e47ec46664e1994157319eb0d466b42fd9b5fac5ba979a9baf4f699dc539bf77852e18014074f88108b654219e4f9396696c94eb9fb9b360e59920f187029608bed76d09dd006f4033d384cd109726d51850202ba564599dbff7808591f834cc4084db29111de86a70217defa490e39c6e281650d15b1e44bb55164be0f6da58e838bf5f4d7cc2a23b818557ab1fad0fb2253c4da6af41591940b2608f6fa6bc25939ede95317ff96050bbc1f389235caa78adc0d801a56b2fb4cc41e73d5131552985b5af241722e0637f3b88e46b09ea875e5cf66f534666368ff8e46413e5ab557236134afa63478e18328d33b1a235deb2034955cdbb2bfd0e55fd885f380ae8efca1feea985a946519a712df1384f9e024efec61c30a6989aa3b5bd486366f3fccadc0add175c1cf0d2730ab97370eb47bcda4226ee140edbcd9b38b8ee913587125cb185adb4df18e80df2b0ea6e3e87dc8755fe6823ab5ee1feaebb1e6208cf3dd5ad5581f2388be92", 0x2000, &(0x7f0000004dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={0x18, 0x0, 0x0, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r4, &(0x7f00000046c0)={0x50, 0x0, r5, {0x7, 0x9, 0x0, 0x403a1810, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000004e80)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000002c00)={0xa0, 0xfffffffffffffffe, r8, {{0x5, 0x3, 0x6, 0x4, 0xb8d, 0x5, {0x1, 0x101, 0x5, 0x2, 0x8, 0x7fff, 0x20000000, 0xa5, 0x2, 0x8000, 0x8, r6, r7, 0x64, 0xc5}}, {0x0, 0x13}}}, 0xa0)

16m21.421375089s ago: executing program 4 (id=2683):
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r3 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r3, 0xc0045103, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000003e80)={{{@in=@initdev, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000180)=0xe4)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x40, r4}, 0xc)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x3}, {0xffff, 0xffff}, {0xd, 0x2}}, [@qdisc_kind_options=@q_gred={{0x9}, {0xfffffffffffffdd9, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x3, 0x1, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x20040000)

16m14.841900385s ago: executing program 4 (id=2691):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x5b0b}, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x18, &(0x7f00000003c0)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x54}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})

16m10.721351289s ago: executing program 4 (id=2698):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000000)=0x2, 0x4)
unshare(0x62040200)

15m54.597311968s ago: executing program 35 (id=2698):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000000)=0x2, 0x4)
unshare(0x62040200)

3m10.005560075s ago: executing program 5 (id=4151):
r0 = socket$kcm(0x10, 0x2, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x2d8, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x338)
syz_open_procfs$userns(0x0, &(0x7f0000003940))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x0)

3m7.941205493s ago: executing program 5 (id=4156):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000000000000085"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/nfsfs\x00')
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

3m7.670814357s ago: executing program 5 (id=4157):
r0 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000000c0)={0x10, 0x1, 0xffffff45, 0x0, 0x4, 0x8fc1, 0x65f40})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000140)={@loopback={0xa4, 0x7ffffffff000}, 0x800, 0x0, 0x1, 0x1, 0x0, 0xffff}, 0x20)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x0, 0x0, [<r7=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, 0x0)
pwrite64(r2, &(0x7f0000000680)="75af1c1e0de1b6a75c685552f03666c13daa0b7af473a153fa60f019947db8178f871e5129bd6f15490a118646cb7110f8a4ea6ef4fb4ddafd7f9cbf3a56efeab9e02a3f1a1296b90bb498e5e7a5dce3c64529f172c4a606f60fb029b17c2446c303ff05c35de8e7df1844f8f6648c8de2daeddfc0c38909", 0x78, 0xfffffffffffffff7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x6, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x1c}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000500)={&(0x7f0000000100)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x1, 0x3, 0x6, 0x3})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000600)={0x0, 0x0, r5, r6, 0x3, 0x6, 0x7, 0x5b, {0xabac, 0x0, 0x2, 0x6, 0xffff, 0x8, 0x5, 0x8, 0xf, 0x4, 0x8000, 0x5, 0xfffffffc, 0x1, "3c07653f7bc421b2e2bd166b8459a3fcded06e494223aa5db3e5e050b399d71c"}})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r8})
lsm_get_self_attr(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x116, 0xf6, ""/246}, &(0x7f0000000000)=0x116, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x34, 0x3c, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}, @typed={0x8, 0x7, 0x0, 0x0, @fd=r1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

3m6.613545502s ago: executing program 5 (id=4162):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
sched_getscheduler(0x0)

3m6.19662173s ago: executing program 5 (id=4164):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x1, 0x9, {}, {0x4, 0x2, 0x7, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, 0x0)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f00000002c0)=@mmap={0x1, 0x1, 0x4, 0x8, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "10db3fa0"}, 0x5})

3m3.201208262s ago: executing program 5 (id=4167):
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
preadv(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000300), 0x82a41, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x404002, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000008c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)

2m47.564976605s ago: executing program 36 (id=4167):
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
preadv(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000300), 0x82a41, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x404002, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000008c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)

21.881137015s ago: executing program 9 (id=4455):
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet(0xa, 0x801, 0x84)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
shmget$private(0x0, 0x800000, 0x1, &(0x7f0000173000/0x800000)=nil)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)

17.241435474s ago: executing program 2 (id=4461):
socket$alg(0x26, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x48582, 0x0)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001ac0)={r1, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)

16.490449669s ago: executing program 9 (id=4463):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000001c0))
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000280)={0x7, 0x100, "77c638b05041a0115f44304807e55536b7fc5ae52727d800", 0x1ff, 0x5, 0x79, 0xdf4})
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r5, 0x2000)
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r6, 0xc0745645, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

16.448219715s ago: executing program 7 (id=4464):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000140))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x0, 0xfffffffe}, 0x1c)
shutdown(r1, 0x1)

15.309352558s ago: executing program 2 (id=4467):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xd, 0x400009, 0x8, 0xa}, 0x0)
syz_open_dev$media(0x0, 0x0, 0x101d01)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_netfilter(r2, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x10000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
unshare(0x66000080)

14.992801042s ago: executing program 7 (id=4468):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0xffff, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000040)={0x4, 0x1, 0x2, "df1107d382bb07426affff9162395de731158a4d93bcff7f0000929697a8a146", 0x32314d54})
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r0 = socket$inet6(0xa, 0x1, 0xffffffff)
setsockopt$inet6_int(r0, 0x29, 0x18, 0x0, 0x500)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r5, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e500090400000001010000", @ANYRES8=r7], 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x14}}, 0x4000080)
r8 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f0000000080)={0x5, 0x802})
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x11}, 0x1c)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000240)=@urb_type_control={0x2, {0x5}, 0xfffffffc, 0x3, &(0x7f0000000140)={0x2, 0xa, 0x81, 0x4, 0x3}, 0x8, 0x8, 0x7, 0x0, 0x6, 0x106, &(0x7f0000000680)="bbc3b8947f7220a7630db70b73566f972df9e96385644465e36351cc271d74b4a22982f6b87ff02b134240068a48c91039e06761d41ccc18e9eed2819ec9285900699b18b89b5250af469246a9140c9f8658e5486d7c52f81826ccd2cc96602c1c43fad98631627d7665483663a0046a62f39032157169b2c5c9ee7a3102da0d8b9dd09da661e4e4be1f63933d8006e404711b92977342dce88789a1330f44fdbef2da58d0ccfd4a927354c25fc6640b4177ba43f53941a5b90ef4834c27ce8606f18fffbdcea7fadd4747b4a27f5846265351b43480ec6be568665f929846273fe3c25c972db3bb32"})
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000010401030000000000000000010000030a00020000000000d5000000050001000100000048535616a8554b4aefc84be48fd6cecb6b89eeda3d8da911334d94ed7415015ae59edc21f50ea378174a35b4a9d7f72419efcf3b54e88dd1e7da6cd76f1e365b0486b6b706b9"], 0x28}, 0x1, 0x0, 0x0, 0x4000050}, 0x40)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x0, 0x0}}, 0xfc36)

14.004878857s ago: executing program 1 (id=4469):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0xffff, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000040)={0x4, 0x1, 0x2, "df1107d382bb07426affff9162395de731158a4d93bcff7f0000929697a8a146", 0x32314d54})
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r0 = socket$inet6(0xa, 0x1, 0xffffffff)
setsockopt$inet6_int(r0, 0x29, 0x18, 0x0, 0x500)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r5, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e500090400000001010000", @ANYRES8=r7], 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x14}}, 0x4000080)
r8 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f0000000080)={0x5, 0x802})
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x11}, 0x1c)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000240)=@urb_type_control={0x2, {0x5}, 0xfffffffc, 0x3, &(0x7f0000000140)={0x2, 0xa, 0x81, 0x4, 0x3}, 0x8, 0x8, 0x7, 0x0, 0x6, 0x106, &(0x7f0000000680)="bbc3b8947f7220a7630db70b73566f972df9e96385644465e36351cc271d74b4a22982f6b87ff02b134240068a48c91039e06761d41ccc18e9eed2819ec9285900699b18b89b5250af469246a9140c9f8658e5486d7c52f81826ccd2cc96602c1c43fad98631627d7665483663a0046a62f39032157169b2c5c9ee7a3102da0d8b9dd09da661e4e4be1f63933d8006e404711b92977342dce88789a1330f44fdbef2da58d0ccfd4a927354c25fc6640b4177ba43f53941a5b90ef4834c27ce8606f18fffbdcea7fadd4747b4a27f5846265351b43480ec6be568665f929846273fe3c25c972db3bb32"})
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000010401030000000000000000010000030a00020000000000d5000000050001000100000048535616a8554b4aefc84be48fd6cecb6b89eeda3d8da911334d94ed7415015ae59edc21f50ea378174a35b4a9d7f72419efcf3b54e88dd1e7da6cd76f1e365b0486b6b706b9"], 0x28}, 0x1, 0x0, 0x0, 0x4000050}, 0x40)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x0, 0x0}}, 0xfc36)

12.478425838s ago: executing program 9 (id=4472):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x4, 0x1ab}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r1, 0x47f8, 0x0, 0x0, 0x0, 0x0)

11.363169506s ago: executing program 9 (id=4473):
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
dup(0xffffffffffffffff)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet(0xa, 0x801, 0x84)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
shmget$private(0x0, 0x800000, 0x1, &(0x7f0000173000/0x800000)=nil)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)

11.359246655s ago: executing program 2 (id=4474):
socket$alg(0x26, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x48582, 0x0)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e22, 0xfd9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001ac0)={r1, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)

10.892690175s ago: executing program 8 (id=4475):
socket$packet(0x11, 0x2, 0x300)
socket$kcm(0x10, 0x2, 0x4)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000080)={0x4e00, 0x0, 0x730, 0xbdff, 0x10, "fdffffffffffffff"})
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

10.07042854s ago: executing program 8 (id=4476):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

9.764390064s ago: executing program 7 (id=4477):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB, @ANYRESDEC], 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000a00)=ANY=[@ANYBLOB="9feb01001800000000000000c0000000c0000100050000000900000000000010080000000900000006000093090000000d00000005000000020000000a00000008000000620000000c000000b6000000040000000f00000004000000060000000500000004000000ffff00000f00000057000000008000000500000000000002050000000a0000000000000b0100000005000000040000930c00000007000000050000000c0002000c0000006700000009000000080000000300000002000000020000000000000ac804000004000000000000020100000000002e2e0022d3bfeafd44bba0be94380fb6c468409f600ad5af8f9d7682851f812acfa45db253fd45bf83c35060aa711df61b9c4867e3063705bd7e18002adf6b60f12a36cc"], &(0x7f00000000c0)=""/4, 0xdd, 0x4, 0x0, 0x0, 0x10000}, 0x28)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0x5b, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000940), &(0x7f0000000580), 0x8, 0xc5, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
socket$key(0xf, 0x3, 0x2)
r2 = socket$kcm(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x6000000)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)

9.060250661s ago: executing program 2 (id=4478):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001840)=ANY=[], 0x240}}, 0x0)
sendto$inet(r0, &(0x7f0000001600)="09268a927f1f6588b967481241ba7860fcfaf65ac635ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcec8044ab4ea6f7ae55d88fecf90b1a7511bf746b152124eb38d6c7a207112eb1bf554bc070626792d394df5adf7355fa5f8deb9db3da042d8803f5c0ca3642f22e4c896b5f1d4e16556e57cc2f36b50a00000063cf9528e90000000000581c7eeb130aac1cfd109c3e794fe91b5b473f244eeac47acbd809ca44d2ec59bfd29d8284c110c12383451ca080f21202c313d9e1433001c37c0cc36aa2feb07c4448ab65eb0e869e4eac424e301534d65c42cb556f46102dc89a4f3fd1af3b72abc4be573c7145547306d1d62631e44bab57cda2a1762d0e4819fa1c8d21ac06edbae57b5f1649e8dd21d83c7d1896ee05ffd46eb49c0a204c8339671b483837020bf7f3fc46609481b2c67cbc53ed3553aebe6bd95405029ddac6187b1d81b55e888ffb1055d571474160b84edca45a10122181033cf7248065298da173afc58f73200ba3cefb7562578361f6796aede6080228f7c48cb01d060a050ef7368a1f52e07d5562f39a0f6e3c2a", 0x198, 0x11, 0x0, 0x0)

8.469173879s ago: executing program 1 (id=4479):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, 0x1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x44800)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

8.051024888s ago: executing program 9 (id=4480):
socket$alg(0x26, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x48582, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e22, 0xfd9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001ac0)={r1, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)

7.878538629s ago: executing program 2 (id=4481):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000001c0))
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000280)={0x7, 0x100, "77c638b05041a0115f44304807e55536b7fc5ae52727d800", 0x1ff, 0x5, 0x79, 0xdf4})
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r7, 0xc0745645, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

6.957745815s ago: executing program 8 (id=4482):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030"])
chdir(0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r4, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0xe80)
syz_emit_vhci(&(0x7f0000000540)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@any, 0x0, 0x3, "5806de", 0x0, 0xff}]}}}, 0x12)
mount(0x0, 0x0, &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000034cb63077b538bfaeaab1000000000000000000000000020000000000"], 0x0, 0x1a}, 0x28)
migrate_pages(r1, 0xa94b, &(0x7f0000000b80), &(0x7f0000000bc0)=0x27e0407a)
syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x10b200)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r5}, 0x4)

6.508636694s ago: executing program 1 (id=4483):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030"])
chdir(0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r4, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0xe80)
syz_emit_vhci(&(0x7f0000000540)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@any, 0x0, 0x3, "5806de", 0x0, 0xff}]}}}, 0x12)
mount(0x0, 0x0, &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000034cb63077b538bfaeaab1000000000000000000000000020000000000"], 0x0, 0x1a}, 0x28)
migrate_pages(r1, 0xa94b, &(0x7f0000000b80), &(0x7f0000000bc0)=0x27e0407a)
syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x10b200)
umount2(&(0x7f0000000340)='./file0\x00', 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r5}, 0x4)

5.721770688s ago: executing program 8 (id=4484):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)

5.650408126s ago: executing program 7 (id=4485):
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x48582, 0x0)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e22, 0xfd9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001ac0)={r1, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)

4.40125884s ago: executing program 1 (id=4486):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmmsg(r3, &(0x7f0000005e00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002800)=[{0x10, 0x116, 0xf}], 0x10}}], 0x2, 0x48d4)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x19, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000ffffffff00000000000000001802", @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085000000bb000000b7"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_dev$vim2m(&(0x7f00000005c0), 0x1ff, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000680)={0x3, @win={{0x2, 0x2, 0x4, 0xffffffff}, 0x0, 0x0, &(0x7f0000000640)={{0x0, 0x79b, 0x6, 0x3}, &(0x7f0000000600)={{0x0, 0x2, 0x1, 0x9}}}, 0x9, &(0x7f0000002840)="0e394b5016a3981381c931c3d9949f02f69b10b195eeede9246431bc46a031b26fa61da3d47f53e66908870b79a02a49337b2641bf5f5bc58c148e97a95f93bc1bff7c32cad24f512eb4964768ae8a926735b4bb7405f2510b3ec5496f0e6d5893e6f5a5bc6629ae5e6dd6ac04462347dc781ba8cbade21fa1b33f77c49afafc75f48c4dbefc47e874977c4680113ad67e35d0721f9d9d8020c74573b144608e2e59936a9c232063b9c289c0484d9348823faee2e50d8c54c04d4b31991c104535ef9b0619d7c0b2ca10d24f1f6e9bf0041710f99ba1d041ddff1557850aac9971f790f865b6fe6b428272941e50b2c5f4f67f447e89e38fccb0ba11e04679c78550aaeec5ab5c95fa654328203e9612a966c27696006e84c9ce6d3c044c22a9c00da06cca4c97b90f6cb4fa9bdb90e6f38e6d254f3a306b6d73c97d117217934970de3f865aafbfede8009aaf648b5003031ece3b668955bb43a9f86fb220fe788af038ce64c99e541563c36bfd685d06d54f6aac6c0c2c7820d7ce9d15e1afbe2b0d0e163ecb416dd64d71f8021f4395967fb317ace924b57fce87d921da96809f3f1ad23c59e67a725165d3372f285283d6bc7bcd23a7787d404196b8b1e4d53cdc970bbd902f5f2daa5c163a3aea2b045c680c917d3b8224ab16bd1077354a5ea4b9b6f2199321298b4f0c3a97a5183f4e1d2c265c5ba35a223bea57fa632248e4a66f1c2e832b9d75b7d950911edc33724bbb013935e59d4c77829313649163e64582a2e4b91f73b71de3466b50ca5693a93f2ff8854dc5786a635b629fb41dc1328ffc46142b0fc9e367d4776e93e2fd59a01755928578e4a03a4beb998a4e543471d47a0b1fed07828d0eb4169a893b8626bc4dee0285d2a9649dafd804247824ea00537535ff2b506ec85e142be56dcc6d72045855fc6ef6d18cbe3b4312c8498666fd17d94bc6363664b442cb355bb320c58e642540bcc174418fc30e48289322a47b82144e2a4487b9008e5df1e5a844eddd31e39fa56ff71137afdeb8521a64547af1d2fe6a2b27f7e7f66b1ad0c4565472395b679d3d946cc9c6ffacaaea414d89151e2d1a6a887e9f7ca3d02ac9b3fb70eed176cf0ed4ea96c60d783a8c227cb30445b8ec6be51e83187ba15d82e752e4c2b934ca3c2790e0dd475b4ef95f3e9b3a07bf5997bb16205795346240bb738b12c4e521aa2ae19cfdbf3ed1c204fcac50f8c8a005dfd15e95ff4cc5ea34e05843d98c290cceafb875243bf606d2bd755d5ab77f6d85f483a367724ac75e1b6bc1e9fe7c3cc3865ba7840924f4271c32f14056961d5a5cdcc13f61e104b00fbbb95b824435e856632cccbc6d2a18ea63e27a880428bedd9f96985eb3d5ff2fd1f3a3eb1cc8596869beb96afffbe6102e4a0830109d721755cd465e6b69c64e782f71a086444d028e6896aa35a300b03aedacadcd7074c3941c49d66825b865f401935e6eb0233a6375b97f673587442bd01c7cd2e6490ed4c2cb69e1461d9fb73628f1cea97c5d54ce77205b147400e605ec4584d677bf35f81c96797b1fbb993e942afb44eeb579429f7adbd15deaf7b7b0399dfafbbbff793131898dc43e3291ed453f2298f335eff8e692478c199a78b791a90d523a0082ccb8e43535ca43c222d221e3c9e89438c028a4dac3a43096d0b3e1e4113bf5ef8a8262c40b7dafb76a24f7d16946f56610939653d92a1adaa66205d1449d6cfeb6074393e665d866684c3268c56eb5a3bb10829ed553a506f2ce3c8b90b77d94a326376c6eeb6884467726e129305299e00fa8f1d0c465527b38d7bca901445a9df15e56688f155f2d696e41b10486a36472698bca33e80950bda2f66a23c8c0669e28ac2265750f6fc1eccaf880bdb37a1e83469b97918a34931df6a16354bfe947e4b268e73a426d89821843408635a5c681bac9a9d1b86cae9484c38d321c13c9448ecdced9c92d7f4871e592820df26bbdac0977427749dab025411c0bb1915669799970dc54ad81cdd19d321747de1bb14373d1044b827c6adcf9e93f2a6c2269604e4fb7f57cf25d0bc5ad39b42d5b4566c1b7cda87f0a2ad7a2c7dbf5b3d57dca34326df467d06ed381fc139139ac0d15515cc3321de8bab85d48111c1505d8e0b940148e046f0a0011ec5f029dc71a5e89a0dca8dbdd95813d06f291fbc11358018c7ec1d4c06ebf120c2e10160a1c7640cb718fe832912d1e509a1f01184769bb9b268bf56c85fc5fd3e1822a659a0fbd51af7e3f805f5ee14d4e0412e5874a9414c7032bbbd76af82fccea691feae462a2d4e7ef3af9f6dcd75cd00c0eec391fbdab6516db5fb8be2602ec9c7bffccd2f89ef5460066927fba544e76d3b2db4cc1ae6b6918842c8395ea82d2ec6add7a8076c89931584491d32b34de5796d1ff0d1099757ec15892722cdfa547f4c64a4506672f1aed59c7c5276ae6b6e909a5f349bbedbf2dc2cad8b6d4dc451c0ae4ceaa248511dec10e817fdf491de243e0941fe5053ecb83a1f181d245bae09c85ead7e541e6531b3b07dbe984ff8c26dc395846cdd2aefec7336c03249115ec821b662423d991b25d7f0ae418599e02dc1831dadb1a9a579cd3f4553083b61cbd60a1195932f715b3dd6785a962d208fa25d5f6f56661888f33e62e13bad7570ffa66433b0277816c3c8a69dcc8755374770202505e7baafb637ac142769ab66c07c7fb22b9d1c9db87e7688ac427213148080eb732ca5e133d6ece6cfa1a4d72de4ce3fe860e2690d754d4cab69ed2c4b5c2e4511c4a9b851708d1fb5f125f7bd0c57c470a0284e5c58f40a8e9d6c194230f34e7778bd2eb4ad219d6a363f281e86a93969ee56edfd58a472a45bfb67bc02257a653e37bf426c85efbfa615614e5dfa1626f1bc56de01cedf5af1a2eeb3cdf54d79ff219c974bb0844c9664ddeaae1d851f7a951c5a22820d8a15c491ef00fcef592ad12af71104391266fef5e9f4a4fc296d3f8a0aef00a5b0864705dd2efa6886432090112e0044dc4c15ca9d6ceb0d38ae79e8f82c4e1f02613d8e38dbb3b03a9c28a8d9a4da074f83eb51ee507ea35e28c9afb95827cda8adf55529393bd68a8b5319dbd0a12ce24d3e472e1c7488e1790abab614180b4f445af613ae1779ed6f006565dc1bef3b59b0175999cb21f4b122673e2e815dfe798311d2736dc57a7c2c0abe8b12bbba7b6a9ba331955354d0a0b8c409848ed887eafb42f53d4ab1acb6804c9585c3495233a37f289bc88ff98744e205aa6b591cc6063257e552023c7ae389abfc135e9766473f2a40e6ec5f9badef0dfa1bf2dd30b402766cf977fba74297c760566f5ac4017c91595dfd353bc932f51596173694f847e854f8e8e1974e9218036c43ba4ea5b35b7318ddc7f6e10dcfc6504d9ea9d95011d9c838289afd1fb85e972051396f44ab2df15945c1f0a987f65fa12fb1acd50bfe305cf39286df0ebb20091a69db6f4acecef5fbe690e0543b374a02dcd0a48d8bcaeefa020df928f553b8c4b54a9c77d1c7916575c43e0c69d8668080f78789ced119bf50d8aeea32a8b7a9e0439e523599529719e4892513bf0e3c9e8f2c241d187ffac1d49fa0e054307d6f18d0012515aba415c40589e2212d268e7effad6dad8d29b1d8c57f15506c8f1473129a1c65f22a8ad74c7da68ab0caa0a8883268b86fa97e504b00ab645222054f4abbbfc6d7ded9949b4c4a14a25ac27013a20bce8c34f47e25c8d4c54c2c97e35641fe7bfaa538654060e76e6de6990263a898fd07ff549e3cbe5402f6a27c84776d96e932dd34e52fa1b5e8bcf4e32860419a871c2a70b911adb108c6a015aba18a08279d8c7d9d65efa46bb6501046fa59a35502268c07cef09907735fcd7a4d9f9ac47968e2fa2a4737f7b4e642fe1650381c63ca0e4f791803a96c51e27f58062d1cf9d35f1a30c6b7eb46bcff197cca28b014b5b0e5c52a41f60c3c73bc9b90acfe818ab577e8b7bc3f988b7372c6f78b0284bc097b9011791d8aed3dd818cacf625ebf90fff746cd13d9ef90f6f6705f96d22e3539625f3951061b5643da1d85bd9900524259df9f73ec4d2d583477f661738e6f163a210f8366d5fe3198af6a9bc80379d683c0343dd21222da3b3b93f0b86588b2114c7445f5c43dd82ca48f854ca39d339c36da46e027667f0ad4671ed4ea1fdcbc8ff8154370f66fb9c99f97bc47f3b3be2743d84f6ba86d83f682e10924cb1fa5795be825f4f5d3927d62811d091799d78540e6a62d291d8c1757c2ed045602a278de6858fe4597a94441816225baa7c76f77b4c91e0ec78b56368a108c5a3e18fbf6b0f5b0885e544b992ebc0b46a149f0519bf8e91d284a175b8bf88388be90ee0b64f45dd60ffaa8bf1c67fa704777f9f9efae1bd4c551e79bd911bf983fda39ff84bdca333f492c09b23dfc12be6e761e378d94aa8277f73605b85ad4f1e34a23cff14b560d69599da215894264a01c523ca9e554fddf065cf7c579ec3f55992090bcf695457457a1962b334cc53fb7d73500966cb61a856cff2ecaf3e844379b3c78f566a13abaab3efdbe7ebb18f694aa7005f11a11c5881bccb0c6197c92ec9ff4e74efeaf82627d86419a1b709cd7b9decef7597c3b6a7a70619744582b98379912b1a08b23009a9021e975a468619b5d4c26b5d943cb5dabd2eedc5588783e64eeb9a041837dd4169e29c01dbd67ad0115f772b80790ab5538030591e307d4ebc6535ac7d4dbd4f4db7db2f5d8e5c04b475bfc6022b522d67649e95f8ba35631808b2ccb8f0495ac60d9c90682154631bcd3b00971dc2e67eee1d7d8a06c2a740151361314f5b7907dd2cda9af79cc5b64ce2cf4e46c125e1ef4d2862929dd19e7cd7db8ae68bba75669e38612bd0a805ded8bc5d3ee73b4506caf246918ed5066ea46d3904305ff710d4db7d3bb7779964d9b29212c2ebd5cd4a8dc287a0b707e3789b98c51502f368749e9b0c0cea227b18a3a43732ae31f03bb67f4d2cd7e1ca7240e0bb0b71e0da5338b2262785eff91bc84e241e574bffea605ac8da50c53abd08f68db87a5af869cf3a950b79a0d5c3d96c4748708e1adcf3979a58da1f6e999e01a88ada46cc1da9ae2c9be0214e3ef621f97c8d95ade203bd4413ebe90df0530a1a41748912e1158c7407c743048167302191512069ef2c4fd431af6ba0b27fba2a08829be802bd83a4c65038139ab5d7ea0ee4b292c73aba5047e1a2174c8c5b400d41cce667cdc8008d7e8fead1f5554877a7b4f96442d75976ac4b39d36a7cf862c6fc70edb1532a0a671fae9524e19a5fb50d462f097eba3bcc2dfa3a6f4b6d331a80fc184c52e5523f0d56c1680167416ca0b75dce30a418db5376d35e1dbd9ae5e2fd433734f39d363ead2b1a97afadf8211f5e97b166edb6dc5a0cc7720213f93f36b179caa46fdaafd6dbd96178498387bb9033fd039559ee90bfbb00941fad8a2fd2e5c1123845ca95055c55a94f91f4bb11a06231a52c0b3c56f0272ba37eac2d082989d6fae7ad546b848fc0f5ffa276d73a9c105a56b2dd099a9f0d62fb34bc6bca02caa5420fe3cc32f9c4e05c02cb4220ee01f282b56dbf170394395b9c8dc124c91755fc5761dd4fb7ad6d74a56b7c5f87fd63a58741b78ae69ea33eb55189cd632bbd9179873a6b873edfe0b51aee78b715d24b7d330fc7733d1367923921c9001a7ff1190fc988b60d92150ace247adfefb6f1bbe5324b4f8d22b7d33ef0bff9004d1dba2b32309c05", 0x7}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_G_CTRL(r5, 0xc008561b, &(0x7f0000007c40)={0x98f908, 0x5})

3.797080652s ago: executing program 2 (id=4487):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
r1 = syz_io_uring_setup(0x233, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r4, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000040)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000100), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0xfa}, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

3.780136614s ago: executing program 7 (id=4488):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
fsmount(0xffffffffffffffff, 0x1, 0x8c)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0}, 0x18)
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={r1})
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0xfffc, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0x8)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x1d, &(0x7f0000000080)=0x4f, 0x4)
accept4(r2, 0x0, 0x0, 0x80000)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioperm(0x2, 0x7, 0x13)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r5 = shmget$private(0x0, 0x800000, 0x1, &(0x7f0000173000/0x800000)=nil)
shmat(r5, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)

2.951990532s ago: executing program 1 (id=4489):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x2c, r2, 0x5, 0x100000, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xffffffffffffff1d, 0x34, @random="7fdf"}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000080}, 0x4000800)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r4 = openat$smackfs_change_rule(0xffffff9c, &(0x7f0000002300), 0x2, 0x0)
write$smackfs_change_rule(r4, &(0x7f0000000400)=ANY=[@ANYBLOB="626174616476301a202126292d205262624c206c42425851"], 0x18)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/wireless\x00')
close_range(r5, r5, 0x2)
r6 = geteuid()
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r8 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x4f2, 0x1236, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r8, 0x0, 0x0)
syz_usb_control_io(r8, &(0x7f0000000200)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="001027"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000380)=ANY=[@ANYBLOB="3e3a137c62213cb50400c0e98a09000000", @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r7, &(0x7f00000093c0)={0x2020, 0x0, <r9=>0x0, <r10=>0x0, <r11=>0x0}, 0x2066)
write$FUSE_INIT(r7, &(0x7f0000004200)={0x50, 0x0, r9, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(0xffffffffffffffff, 0x3309)
syz_fuse_handle_req(r7, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r12 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r12, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r12, 0x117, 0x7ffffffe, 0x0, 0x0)
syz_fuse_handle_req(r7, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)=ANY=[@ANYRES32=r10, @ANYRES32=r11, @ANYBLOB="0000c000ff000000000000000100000000000004000000000000000001000000000000002e"], 0x0, 0x0, 0x0})
getresuid(&(0x7f00000000c0), &(0x7f0000000100)=<r13=>0x0, &(0x7f0000000140))
ioctl$DRM_IOCTL_GET_CLIENT(r5, 0xc0286405, &(0x7f0000000180)={0x7, 0xfff, {0xffffffffffffffff}, {0xee00}, 0x8, 0x5})
ioctl$NS_GET_OWNER_UID(r5, 0xb704, &(0x7f00000001c0)=<r14=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x11940a2, &(0x7f0000000980)=ANY=[@ANYBLOB="4af05d7ef8c2e9afce5972616e733d66642c725b646e6f3d0000", @ANYRESHEX=r5, @ANYBLOB="a6ebde2c9701791f975327ba3006b4ed51cc27bc3956c99c0398c25592e23dd2192c6235c3910169b07d6e1c4d93168d50f2cf28db15b665fe00", @ANYRESHEX=r5, @ANYBLOB="2c63616368653d7265616461686561642c64656275673dea8c21588d2e44aa15bb303032303030303030312c6163636573733d7c14ebf2ca9bd4ae4a92dd65f6f518888b54cdcf", @ANYRESDEC=r6, @ANYBLOB="2c76657273696f6e3d3970323030302e752c6d73696c653d3078303030303030303030303030303030612d76657273696f6e3d3928c74756b50227818bc08f18394b7032", @ANYRESHEX=r11, @ANYBLOB=',access=', @ANYRESDEC=r13, @ANYBLOB=',euid<', @ANYRESDEC=r0, @ANYBLOB=',fsmagic=0x0000000000000009,subj_type=,euid>', @ANYRESDEC=r14, @ANYBLOB=',fscontext=system_u,fsname=&}-\',\x00'])

2.678749604s ago: executing program 9 (id=4490):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
r1 = syz_io_uring_setup(0x233, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r4, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000040)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000100), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0xfa}, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

2.138783969s ago: executing program 7 (id=4491):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xd, 0x400009, 0x8, 0xa}, 0x0)
syz_open_dev$media(0x0, 0x0, 0x101d01)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_netfilter(r2, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x10000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
unshare(0x66000080)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000540)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_UNREGISTER(r4, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffb000/0x2000)=nil, 0x2000})
unshare(0x10000400)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
gettid()

1.241952468s ago: executing program 8 (id=4492):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
fsmount(0xffffffffffffffff, 0x1, 0x8c)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00'}, 0x18)
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={r1})
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, 0x0, 0x0)
listen(r2, 0x8)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x1d, &(0x7f0000000080)=0x4f, 0x4)
accept4(r2, 0x0, 0x0, 0x80000)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioperm(0x2, 0x7, 0x13)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r5 = shmget$private(0x0, 0x800000, 0x1, &(0x7f0000173000/0x800000)=nil)
shmat(r5, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)

486.789779ms ago: executing program 8 (id=4493):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000002200), 0x80002, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0)
r1 = signalfd4(r0, &(0x7f0000000080)={[0xc658]}, 0x8, 0x800)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x2b})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_create1(0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e29, 0x80, @initdev={0xfe, 0x88, '\x00', 0xfc, 0x0}, 0x6}, 0x1c)
cachestat(r2, &(0x7f0000000040), 0x0, 0x0)

0s ago: executing program 1 (id=4494):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000006c0))
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@map, 0x24, 0x1, 0x8, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0}, 0x40)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)=ANY=[@ANYBLOB=' \x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fbdbdf25000000000c00a6"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4802)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f", 0xcd}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)

kernel console output (not intermixed with test programs):

eftover after parsing attributes in process `syz.8.3510'.
[ 1679.002952][T19807] netlink: 'syz.1.3509': attribute type 4 has an invalid length.
[ 1679.012051][T19807] netlink: 'syz.1.3509': attribute type 2 has an invalid length.
[ 1679.042318][T19804] macvtap1: entered promiscuous mode
[ 1679.048210][T19804] macvtap1: entered allmulticast mode
[ 1679.053721][T19804] hsr0: entered allmulticast mode
[ 1679.059027][T19804] hsr_slave_0: entered allmulticast mode
[ 1679.065112][T19804] hsr_slave_1: entered allmulticast mode
[ 1679.343304][T19804] hsr0: left allmulticast mode
[ 1679.366814][T19804] hsr_slave_0: left allmulticast mode
[ 1679.433733][T19809] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3507'.
[ 1679.962737][T19804] hsr_slave_1: left allmulticast mode
[ 1682.639255][T19828] netlink: 'syz.7.3515': attribute type 4 has an invalid length.
[ 1682.649421][T19828] netlink: 'syz.7.3515': attribute type 2 has an invalid length.
[ 1685.240831][T19855] siw: device registration error -23
[ 1686.001880][T19857] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3523'.
[ 1687.030432][T16936] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1687.212133][T16936] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1689.983679][T16936] usb 2-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[ 1691.931363][T16936] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1692.108362][T16936] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7
[ 1692.120247][T16936] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024
[ 1692.430479][T16936] usb 2-1: string descriptor 0 read error: -71
[ 1692.471724][T16936] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1692.650492][T16936] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1692.673164][T16936] usb 2-1: can't set config #1, error -71
[ 1692.692684][T16936] usb 2-1: USB disconnect, device number 60
[ 1692.797359][T19885] siw: device registration error -23
[ 1693.876608][ T5900] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1694.521130][T12295] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1694.680557][ T5900] usb 2-1: Using ep0 maxpacket: 8
[ 1694.693467][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1694.710350][ T5900] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1694.747399][ T5900] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 1694.769769][T12295] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1694.778766][T12295] usb 9-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[ 1694.794567][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1694.810382][T12295] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1694.839170][ T5900] usb 2-1: config 0 descriptor??
[ 1694.849855][T12295] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7
[ 1694.900401][T12295] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024
[ 1694.935180][T12295] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1694.950537][T12295] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1694.960138][T12295] usb 9-1: Product: syz
[ 1694.975705][T12295] usb 9-1: Manufacturer: syz
[ 1695.010112][T12295] cdc_wdm 9-1:1.0: skipping garbage
[ 1695.025689][T12295] cdc_wdm 9-1:1.0: skipping garbage
[ 1695.040374][T12295] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1697.060441][  T120] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1697.240656][  T120] usb 6-1: Using ep0 maxpacket: 8
[ 1697.432151][ T5919] usb 9-1: USB disconnect, device number 13
[ 1698.010906][  T120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1698.029793][  T120] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1698.057965][  T120] usb 6-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 1698.077601][  T120] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1698.124629][  T120] usb 6-1: config 0 descriptor??
[ 1699.451121][ T5900] usbhid 2-1:0.0: can't add hid device: -71
[ 1699.459427][ T5900] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1699.505736][ T5900] usb 2-1: USB disconnect, device number 61
[ 1702.569898][T19944] siw: device registration error -23
[ 1704.209067][T19951] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3548'.
[ 1704.638175][  T120] usbhid 6-1:0.0: can't add hid device: -32
[ 1704.647931][  T120] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[ 1704.750567][  T120] usb 6-1: USB disconnect, device number 27
[ 1705.676307][T13531] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1705.884074][T13531] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1705.943869][T19972] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3553'.
[ 1705.971288][T13531] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1705.975721][T13531] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1705.975744][T13531] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1705.975760][T13531] usb 9-1: SerialNumber: syz
[ 1711.259250][    C1] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1711.267460][    C1] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1711.274897][    C1] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1711.300356][T13531] usb 9-1: cannot find UAC_HEADER
[ 1711.346587][T13531] snd-usb-audio 9-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1712.144816][T13531] usb 9-1: USB disconnect, device number 14
[ 1712.279812][T20010] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3566'.
[ 1713.184501][T20013] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1713.201380][T20013] kvm: pic: level sensitive irq not supported
[ 1713.201531][T20013] kvm: pic: non byte read
[ 1713.201690][T20013] kvm: pic: level sensitive irq not supported
[ 1713.201731][T20013] kvm: pic: non byte read
[ 1713.201852][T20013] kvm: pic: level sensitive irq not supported
[ 1713.201891][T20013] kvm: pic: non byte read
[ 1713.202011][T20013] kvm: pic: level sensitive irq not supported
[ 1713.202050][T20013] kvm: pic: non byte read
[ 1713.202174][T20013] kvm: pic: level sensitive irq not supported
[ 1713.202213][T20013] kvm: pic: non byte read
[ 1713.220641][T20019] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3566'.
[ 1713.259794][T15317] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[ 1713.259865][T15317] CPU: 1 UID: 0 PID: 15317 Comm: kworker/u9:1 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[ 1713.259888][T15317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1713.259901][T15317] Workqueue: hci4 hci_rx_work
[ 1713.259946][T15317] Call Trace:
[ 1713.259958][T15317]  <TASK>
[ 1713.259968][T15317]  dump_stack_lvl+0x189/0x250
[ 1713.259993][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1713.260014][T15317]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1713.260035][T15317]  ? __pfx__printk+0x10/0x10
[ 1713.260082][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1713.260118][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1713.260138][T15317]  ? kernfs_path_from_node+0x22c/0x260
[ 1713.260158][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1713.260180][T15317]  sysfs_create_dir_ns+0x259/0x280
[ 1713.260213][T15317]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1713.260245][T15317]  ? do_raw_spin_unlock+0x122/0x240
[ 1713.260278][T15317]  kobject_add_internal+0x59f/0xb40
[ 1713.260322][T15317]  kobject_add+0x155/0x220
[ 1713.260351][T15317]  ? __pfx_kobject_add+0x10/0x10
[ 1713.260374][T15317]  ? _raw_spin_unlock+0x28/0x50
[ 1713.260407][T15317]  ? get_device_parent+0x366/0x3a0
[ 1713.260437][T15317]  device_add+0x408/0xb50
[ 1713.260466][T15317]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1713.260498][T15317]  le_conn_complete_evt+0xc3a/0x1220
[ 1713.260538][T15317]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1713.260566][T15317]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1713.260585][T15317]  ? __asan_memcpy+0x40/0x70
[ 1713.260613][T15317]  ? __pfx___mutex_lock+0x10/0x10
[ 1713.260634][T15317]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1713.260654][T15317]  ? skb_pull_data+0xfb/0x200
[ 1713.260691][T15317]  hci_le_conn_complete_evt+0x187/0x450
[ 1713.260722][T15317]  hci_event_packet+0x78f/0x1200
[ 1713.260756][T15317]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1713.260784][T15317]  ? __pfx_hci_event_packet+0x10/0x10
[ 1713.260817][T15317]  ? kcov_remote_start+0x4d3/0x7f0
[ 1713.260844][T15317]  ? lockdep_hardirqs_on+0x90/0x150
[ 1713.260875][T15317]  ? hci_send_to_monitor+0xe2/0x570
[ 1713.260900][T15317]  hci_rx_work+0x46a/0xe80
[ 1713.260937][T15317]  ? process_scheduled_works+0x9ef/0x17b0
[ 1713.260963][T15317]  process_scheduled_works+0xade/0x17b0
[ 1713.261018][T15317]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1713.261057][T15317]  worker_thread+0x8a0/0xda0
[ 1713.261083][T15317]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1713.261118][T15317]  ? __kthread_parkme+0x7b/0x200
[ 1713.261152][T15317]  kthread+0x711/0x8a0
[ 1713.261188][T15317]  ? __pfx_worker_thread+0x10/0x10
[ 1713.261208][T15317]  ? __pfx_kthread+0x10/0x10
[ 1713.261247][T15317]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1713.261271][T15317]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1713.261295][T15317]  ? __pfx_kthread+0x10/0x10
[ 1713.261326][T15317]  ret_from_fork+0x3fc/0x770
[ 1713.261348][T15317]  ? __pfx_ret_from_fork+0x10/0x10
[ 1713.261377][T15317]  ? __switch_to_asm+0x39/0x70
[ 1713.261402][T15317]  ? __switch_to_asm+0x33/0x70
[ 1713.261423][T15317]  ? __pfx_kthread+0x10/0x10
[ 1713.261447][T15317]  ret_from_fork_asm+0x1a/0x30
[ 1713.261486][T15317]  </TASK>
[ 1713.261613][T15317] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1713.261659][T15317] Bluetooth: hci4: failed to register connection device
[ 1715.586461][T20041] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3574'.
[ 1718.467110][T20060] siw: device registration error -23
[ 1719.198227][T20062] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1719.253707][T20062] kvm: pic: level sensitive irq not supported
[ 1719.253799][T20062] kvm: pic: non byte read
[ 1719.328437][T20069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3580'.
[ 1719.781216][T20062] kvm: pic: level sensitive irq not supported
[ 1719.781326][T20062] kvm: pic: non byte read
[ 1719.848540][T20062] kvm: pic: level sensitive irq not supported
[ 1719.848601][T20062] kvm: pic: non byte read
[ 1719.860851][T20062] kvm: pic: level sensitive irq not supported
[ 1719.860932][T20062] kvm: pic: non byte read
[ 1719.979606][T20062] kvm: pic: level sensitive irq not supported
[ 1719.979721][T20062] kvm: pic: non byte read
[ 1720.893708][T20079] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3584'.
[ 1722.531400][T20101] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3591'.
[ 1722.540872][T20101] netlink: 'syz.1.3591': attribute type 6 has an invalid length.
[ 1722.548684][T20101] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3591'.
[ 1724.555462][T20120] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3594'.
[ 1725.316099][T20125] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3595'.
[ 1727.830426][ T5900] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1728.020425][ T5900] usb 6-1: Using ep0 maxpacket: 8
[ 1728.904853][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1728.983658][ T5900] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1729.098239][ T5900] usb 6-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 1729.114285][ T5900] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1729.172795][ T5900] usb 6-1: config 0 descriptor??
[ 1730.205596][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.487807][T20159] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3603'.
[ 1730.514659][T20158] lo speed is unknown, defaulting to 1000
[ 1730.529335][T20159] netlink: 'syz.8.3603': attribute type 6 has an invalid length.
[ 1730.546133][T20159] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3603'.
[ 1732.134165][T20175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3606'.
[ 1732.307560][ T5900] usbhid 6-1:0.0: can't add hid device: -71
[ 1732.324665][ T5900] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1732.406040][ T5900] usb 6-1: USB disconnect, device number 28
[ 1732.691789][T13531] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1732.834505][T20187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1733.459391][T13531] usb 9-1: Using ep0 maxpacket: 8
[ 1733.503414][T20189] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3607'.
[ 1733.533981][T13531] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1733.635818][T13531] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1734.828271][T13531] usb 9-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 1734.837780][T13531] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1734.848572][T13531] usb 9-1: config 0 descriptor??
[ 1735.366435][T20194] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3611'.
[ 1735.681906][T13531] usbhid 9-1:0.0: can't add hid device: -71
[ 1735.688137][T13531] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1735.713561][T13531] usb 9-1: USB disconnect, device number 15
[ 1743.372273][T20269] netlink: 'syz.7.3630': attribute type 10 has an invalid length.
[ 1743.394122][T20269] team0: Device ipvlan1 failed to register rx_handler
[ 1745.780387][T20284] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3633'.
[ 1747.304029][T20293] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1748.235530][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805ab0dc00: rx timeout, send abort
[ 1748.363353][T20312] siw: device registration error -23
[ 1748.736043][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805ab0c400: rx timeout, send abort
[ 1748.747836][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805ab0dc00: abort rx timeout. Force session deactivation
[ 1749.246705][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805ab0c400: abort rx timeout. Force session deactivation
[ 1749.691425][T20317] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3642'.
[ 1750.307288][T20323] lo speed is unknown, defaulting to 1000
[ 1752.007743][T20334] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3647'.
[ 1753.096522][T20346] CIFS mount error: No usable UNC path provided in device string!
[ 1753.096522][T20346] 
[ 1753.106812][T20346] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1753.459586][T20350] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3651'.
[ 1753.832758][  T120] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1754.135179][  T120] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1754.220183][  T120] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 1754.445131][  T120] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1754.611496][  T120] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 1754.836638][  T120] usb 3-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 1754.980216][  T120] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1755.118967][  T120] usb 3-1: Product: syz
[ 1755.208642][  T120] usb 3-1: Manufacturer: syz
[ 1755.299420][  T120] usb 3-1: SerialNumber: syz
[ 1755.481488][  T120] usb 3-1: config 0 descriptor??
[ 1755.622538][  T120] usb 3-1: NFC: Unable to get FW version
[ 1756.670587][  T120] pn533_usb 3-1:0.0: probe with driver pn533_usb failed with error -90
[ 1758.162983][  T120] usb 3-1: USB disconnect, device number 78
[ 1762.109674][T20412] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1763.452648][T20422] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1763.459920][T20422] IPv6: NLM_F_CREATE should be set when creating new route
[ 1763.467228][T20422] IPv6: NLM_F_CREATE should be set when creating new route
[ 1763.474485][T20422] IPv6: NLM_F_CREATE should be set when creating new route
[ 1763.730369][ T5900] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1764.570603][ T5900] usb 2-1: device descriptor read/64, error -71
[ 1764.980500][ T5900] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1765.600474][ T5900] usb 2-1: device descriptor read/64, error -71
[ 1765.721065][ T5900] usb usb2-port1: attempt power cycle
[ 1766.610729][ T5900] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1766.760825][ T5900] usb 2-1: device descriptor read/8, error -71
[ 1767.480703][T20450] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3675'.
[ 1768.012186][T15317] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1768.022994][T15317] CPU: 1 UID: 0 PID: 15317 Comm: kworker/u9:1 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[ 1768.023023][T15317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1768.023033][T15317] Workqueue: hci1 hci_rx_work
[ 1768.023078][T15317] Call Trace:
[ 1768.023084][T15317]  <TASK>
[ 1768.023092][T15317]  dump_stack_lvl+0x189/0x250
[ 1768.023112][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1768.023129][T15317]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1768.023154][T15317]  ? __pfx__printk+0x10/0x10
[ 1768.023175][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1768.023189][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1768.023205][T15317]  ? kernfs_path_from_node+0x22c/0x260
[ 1768.023219][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1768.023237][T15317]  sysfs_create_dir_ns+0x259/0x280
[ 1768.023264][T15317]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1768.023290][T15317]  ? do_raw_spin_unlock+0x122/0x240
[ 1768.023325][T15317]  kobject_add_internal+0x59f/0xb40
[ 1768.023346][T15317]  kobject_add+0x155/0x220
[ 1768.023382][T15317]  ? __pfx_kobject_add+0x10/0x10
[ 1768.023399][T15317]  ? _raw_spin_unlock+0x28/0x50
[ 1768.023424][T15317]  ? get_device_parent+0x366/0x3a0
[ 1768.023446][T15317]  device_add+0x408/0xb50
[ 1768.023468][T15317]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1768.023493][T15317]  le_conn_complete_evt+0xc3a/0x1220
[ 1768.023520][T15317]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1768.023539][T15317]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1768.023552][T15317]  ? __asan_memcpy+0x40/0x70
[ 1768.023572][T15317]  ? __pfx___mutex_lock+0x10/0x10
[ 1768.023586][T15317]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1768.023600][T15317]  ? skb_pull_data+0xfb/0x200
[ 1768.023626][T15317]  hci_le_conn_complete_evt+0x187/0x450
[ 1768.023649][T15317]  hci_event_packet+0x78f/0x1200
[ 1768.023674][T15317]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1768.023693][T15317]  ? __pfx_hci_event_packet+0x10/0x10
[ 1768.023718][T15317]  ? kcov_remote_start+0x4d3/0x7f0
[ 1768.023740][T15317]  ? lockdep_hardirqs_on+0x90/0x150
[ 1768.023764][T15317]  ? hci_send_to_monitor+0xe2/0x570
[ 1768.023785][T15317]  hci_rx_work+0x46a/0xe80
[ 1768.023816][T15317]  ? process_scheduled_works+0x9ef/0x17b0
[ 1768.023834][T15317]  process_scheduled_works+0xade/0x17b0
[ 1768.023872][T15317]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1768.023901][T15317]  worker_thread+0x8a0/0xda0
[ 1768.023921][T15317]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1768.023949][T15317]  ? __kthread_parkme+0x7b/0x200
[ 1768.023974][T15317]  kthread+0x711/0x8a0
[ 1768.023996][T15317]  ? __pfx_worker_thread+0x10/0x10
[ 1768.024013][T15317]  ? __pfx_kthread+0x10/0x10
[ 1768.024034][T15317]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1768.024064][T15317]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1768.024093][T15317]  ? __pfx_kthread+0x10/0x10
[ 1768.024121][T15317]  ret_from_fork+0x3fc/0x770
[ 1768.024153][T15317]  ? __pfx_ret_from_fork+0x10/0x10
[ 1768.024173][T15317]  ? __switch_to_asm+0x39/0x70
[ 1768.024191][T15317]  ? __switch_to_asm+0x33/0x70
[ 1768.024209][T15317]  ? __pfx_kthread+0x10/0x10
[ 1768.024230][T15317]  ret_from_fork_asm+0x1a/0x30
[ 1768.024260][T15317]  </TASK>
[ 1768.024290][T15317] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1768.340236][T15317] Bluetooth: hci1: failed to register connection device
[ 1768.695786][T20467] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3680'.
[ 1768.711896][T20467] netlink: 'syz.8.3680': attribute type 6 has an invalid length.
[ 1768.719819][T20467] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3680'.
[ 1771.526154][T20479] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3681'.
[ 1774.770415][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[ 1775.233854][T20511] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3690'.
[ 1775.710436][T20217] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1776.846511][T20217] usb 2-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 1776.906131][T20217] usb 2-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 1776.946141][T20217] usb 2-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 1776.970536][T20217] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1778.744665][T20537] netlink: 'syz.1.3689': attribute type 1 has an invalid length.
[ 1778.752738][T20537] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3689'.
[ 1780.069785][T20544] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3696'.
[ 1780.418771][T20217] usb 2-1: string descriptor 0 read error: -71
[ 1780.420165][T20217] usb 2-1: USB disconnect, device number 66
[ 1780.801705][T20547] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3697'.
[ 1780.859746][T20547] macsec1: entered allmulticast mode
[ 1780.859790][T20547] macvlan0: entered allmulticast mode
[ 1780.859826][T20547] veth1_vlan: entered allmulticast mode
[ 1781.456869][T20549] lo speed is unknown, defaulting to 1000
[ 1781.538144][T20554] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3700'.
[ 1781.584157][T20554] netlink: 'syz.7.3700': attribute type 6 has an invalid length.
[ 1781.614622][T20554] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3700'.
[ 1782.936410][T20565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1782.970668][T20565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1787.833190][T20574] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3703'.
[ 1790.300352][ T5900] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1790.472658][ T5900] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1790.498226][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1790.534673][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1790.554652][ T5900] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1790.601289][ T5900] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1790.897052][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1791.324445][ T5900] usb 2-1: config 0 descriptor??
[ 1791.653430][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1791.922741][T20604] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3712'.
[ 1791.984195][ T5900] usbhid 2-1:0.0: can't add hid device: -71
[ 1791.990843][ T5900] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1792.003245][ T5900] usb 2-1: USB disconnect, device number 67
[ 1794.141911][T20619] siw: device registration error -23
[ 1794.861586][T20621] netlink: 208 bytes leftover after parsing attributes in process `syz.1.3716'.
[ 1795.083240][T20624] ptrace attach of "./syz-executor exec"[9298] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[ 1797.852372][T20648] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3722'.
[ 1798.193264][T20653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3723'.
[ 1800.242138][T20670] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3729'.
[ 1800.582780][T20674] netlink: 'syz.2.3730': attribute type 10 has an invalid length.
[ 1800.605436][T20674] team0: Device ipvlan1 failed to register rx_handler
[ 1800.760568][ T9466] usb 6-1: new full-speed USB device number 29 using dummy_hcd
[ 1801.301432][ T9466] usb 6-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 1801.339714][ T9466] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1801.382290][ T9466] usb 6-1: config 0 descriptor??
[ 1801.812874][ T9466] chicony 0003:04F2:1236.0036: unknown main item tag 0x0
[ 1801.876434][ T9466] chicony 0003:04F2:1236.0036: unknown main item tag 0x0
[ 1801.900549][ T9466] chicony 0003:04F2:1236.0036: unknown main item tag 0x0
[ 1801.925236][ T9466] chicony 0003:04F2:1236.0036: unknown main item tag 0x0
[ 1801.932897][ T9466] chicony 0003:04F2:1236.0036: unknown main item tag 0x0
[ 1801.950010][ T9466] chicony 0003:04F2:1236.0036: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.5-1/input0
[ 1802.210702][ T5900] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1802.384517][ T5900] usb 2-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 1802.395908][ T5900] usb 2-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 1802.408915][ T5900] usb 2-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 1802.600475][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1802.764350][  T120] usb 6-1: USB disconnect, device number 29
[ 1804.012393][T20683] pim6reg: entered allmulticast mode
[ 1804.018598][T20685] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3733'.
[ 1804.405437][T20680] pim6reg: left allmulticast mode
[ 1805.024511][ T5900] usb 2-1: string descriptor 0 read error: -71
[ 1805.055913][ T5900] usb 2-1: USB disconnect, device number 68
[ 1806.600860][T20700] CIFS mount error: No usable UNC path provided in device string!
[ 1806.600860][T20700] 
[ 1806.611088][T20700] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1808.151079][ T9466] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[ 1809.210572][ T9466] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1809.270058][ T9466] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 1809.304709][ T9466] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1809.674779][ T9466] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 1809.860494][ T9466] usb 9-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 1809.902816][ T9466] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1809.915911][T20698] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1809.924528][T20698] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1809.964036][ T9466] usb 9-1: Product: syz
[ 1809.979736][ T9466] usb 9-1: Manufacturer: syz
[ 1810.006182][ T9466] usb 9-1: SerialNumber: syz
[ 1810.139226][ T9466] usb 9-1: config 0 descriptor??
[ 1810.484934][T20719] CIFS mount error: No usable UNC path provided in device string!
[ 1810.484934][T20719] 
[ 1810.495233][T20719] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1812.350817][ T9466] usb 9-1: can't set config #0, error -71
[ 1812.632080][ T9466] usb 9-1: USB disconnect, device number 16
[ 1813.364167][T20723] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3742'.
[ 1813.610448][ T9466] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1813.654050][T20717] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1813.662890][T20717] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1813.786060][ T9466] usb 9-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 1813.810003][ T9466] usb 9-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 1814.100340][ T9466] usb 9-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 1814.110532][ T9466] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1814.416507][T20731] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3744'.
[ 1814.829615][T20734] netlink: 'syz.8.3743': attribute type 1 has an invalid length.
[ 1814.837527][T20734] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3743'.
[ 1815.431846][T15317] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1815.442416][T15317] CPU: 0 UID: 0 PID: 15317 Comm: kworker/u9:1 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[ 1815.442444][T15317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1815.442458][T15317] Workqueue: hci0 hci_rx_work
[ 1815.442513][T15317] Call Trace:
[ 1815.442523][T15317]  <TASK>
[ 1815.442533][T15317]  dump_stack_lvl+0x189/0x250
[ 1815.442561][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1815.442586][T15317]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1815.442611][T15317]  ? __pfx__printk+0x10/0x10
[ 1815.442643][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1815.442664][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1815.442688][T15317]  ? kernfs_path_from_node+0x22c/0x260
[ 1815.442708][T15317]  ? kernfs_path_from_node+0x2c/0x260
[ 1815.442734][T15317]  sysfs_create_dir_ns+0x259/0x280
[ 1815.442786][T15317]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1815.442822][T15317]  ? do_raw_spin_unlock+0x122/0x240
[ 1815.442856][T15317]  kobject_add_internal+0x59f/0xb40
[ 1815.442889][T15317]  kobject_add+0x155/0x220
[ 1815.442917][T15317]  ? __pfx_kobject_add+0x10/0x10
[ 1815.442939][T15317]  ? _raw_spin_unlock+0x28/0x50
[ 1815.442981][T15317]  ? get_device_parent+0x366/0x3a0
[ 1815.443013][T15317]  device_add+0x408/0xb50
[ 1815.443044][T15317]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1815.443078][T15317]  le_conn_complete_evt+0xc3a/0x1220
[ 1815.443119][T15317]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1815.443145][T15317]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1815.443164][T15317]  ? __asan_memcpy+0x40/0x70
[ 1815.443191][T15317]  ? __pfx___mutex_lock+0x10/0x10
[ 1815.443211][T15317]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1815.443230][T15317]  ? skb_pull_data+0xfb/0x200
[ 1815.443267][T15317]  hci_le_conn_complete_evt+0x187/0x450
[ 1815.443299][T15317]  hci_event_packet+0x78f/0x1200
[ 1815.443334][T15317]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1815.443360][T15317]  ? __pfx_hci_event_packet+0x10/0x10
[ 1815.443395][T15317]  ? kcov_remote_start+0x4d3/0x7f0
[ 1815.443425][T15317]  ? lockdep_hardirqs_on+0x90/0x150
[ 1815.443459][T15317]  ? hci_send_to_monitor+0xe2/0x570
[ 1815.443487][T15317]  hci_rx_work+0x46a/0xe80
[ 1815.443530][T15317]  ? process_scheduled_works+0x9ef/0x17b0
[ 1815.443557][T15317]  process_scheduled_works+0xade/0x17b0
[ 1815.443611][T15317]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1815.443654][T15317]  worker_thread+0x8a0/0xda0
[ 1815.443681][T15317]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1815.443720][T15317]  ? __kthread_parkme+0x7b/0x200
[ 1815.443755][T15317]  kthread+0x711/0x8a0
[ 1815.443798][T15317]  ? __pfx_worker_thread+0x10/0x10
[ 1815.443821][T15317]  ? __pfx_kthread+0x10/0x10
[ 1815.443868][T15317]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1815.443896][T15317]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1815.443926][T15317]  ? __pfx_kthread+0x10/0x10
[ 1815.443962][T15317]  ret_from_fork+0x3fc/0x770
[ 1815.443988][T15317]  ? __pfx_ret_from_fork+0x10/0x10
[ 1815.444017][T15317]  ? __switch_to_asm+0x39/0x70
[ 1815.444042][T15317]  ? __switch_to_asm+0x33/0x70
[ 1815.444066][T15317]  ? __pfx_kthread+0x10/0x10
[ 1815.444096][T15317]  ret_from_fork_asm+0x1a/0x30
[ 1815.444142][T15317]  </TASK>
[ 1815.444171][T15317] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1815.758496][T15317] Bluetooth: hci0: failed to register connection device
[ 1817.266856][ T9466] usb 9-1: string descriptor 0 read error: -71
[ 1817.292251][ T9466] usb 9-1: USB disconnect, device number 17
[ 1819.969368][T20767] netlink: 'syz.5.3751': attribute type 10 has an invalid length.
[ 1820.074023][T20737] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1820.083980][T20737] CPU: 1 UID: 0 PID: 20737 Comm: kworker/u9:0 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[ 1820.084009][T20737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1820.084024][T20737] Workqueue: hci2 hci_rx_work
[ 1820.084064][T20737] Call Trace:
[ 1820.084074][T20737]  <TASK>
[ 1820.084083][T20737]  dump_stack_lvl+0x189/0x250
[ 1820.084110][T20737]  ? kernfs_path_from_node+0x2c/0x260
[ 1820.084133][T20737]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1820.084157][T20737]  ? __pfx__printk+0x10/0x10
[ 1820.084186][T20737]  ? kernfs_path_from_node+0x2c/0x260
[ 1820.084204][T20737]  ? kernfs_path_from_node+0x2c/0x260
[ 1820.084226][T20737]  ? kernfs_path_from_node+0x22c/0x260
[ 1820.084246][T20737]  ? kernfs_path_from_node+0x2c/0x260
[ 1820.084270][T20737]  sysfs_create_dir_ns+0x259/0x280
[ 1820.084317][T20737]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1820.084351][T20737]  ? do_raw_spin_unlock+0x122/0x240
[ 1820.084382][T20737]  kobject_add_internal+0x59f/0xb40
[ 1820.084413][T20737]  kobject_add+0x155/0x220
[ 1820.084439][T20737]  ? __pfx_kobject_add+0x10/0x10
[ 1820.084460][T20737]  ? _raw_spin_unlock+0x28/0x50
[ 1820.084492][T20737]  ? get_device_parent+0x366/0x3a0
[ 1820.084521][T20737]  device_add+0x408/0xb50
[ 1820.084550][T20737]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1820.084583][T20737]  le_conn_complete_evt+0xc3a/0x1220
[ 1820.084640][T20737]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1820.084668][T20737]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1820.084687][T20737]  ? __asan_memcpy+0x40/0x70
[ 1820.084715][T20737]  ? __pfx___mutex_lock+0x10/0x10
[ 1820.084736][T20737]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1820.084755][T20737]  ? skb_pull_data+0xfb/0x200
[ 1820.084801][T20737]  hci_le_conn_complete_evt+0x187/0x450
[ 1820.084834][T20737]  hci_event_packet+0x78f/0x1200
[ 1820.084871][T20737]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1820.084898][T20737]  ? __pfx_hci_event_packet+0x10/0x10
[ 1820.084934][T20737]  ? kcov_remote_start+0x4d3/0x7f0
[ 1820.084963][T20737]  ? lockdep_hardirqs_on+0x90/0x150
[ 1820.084998][T20737]  ? hci_send_to_monitor+0xe2/0x570
[ 1820.085028][T20737]  hci_rx_work+0x46a/0xe80
[ 1820.085068][T20737]  ? process_scheduled_works+0x9ef/0x17b0
[ 1820.085093][T20737]  process_scheduled_works+0xade/0x17b0
[ 1820.085146][T20737]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1820.085190][T20737]  worker_thread+0x8a0/0xda0
[ 1820.085215][T20737]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1820.085253][T20737]  ? __kthread_parkme+0x7b/0x200
[ 1820.085289][T20737]  kthread+0x711/0x8a0
[ 1820.085322][T20737]  ? __pfx_worker_thread+0x10/0x10
[ 1820.085345][T20737]  ? __pfx_kthread+0x10/0x10
[ 1820.085375][T20737]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1820.085405][T20737]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1820.085434][T20737]  ? __pfx_kthread+0x10/0x10
[ 1820.085463][T20737]  ret_from_fork+0x3fc/0x770
[ 1820.085487][T20737]  ? __pfx_ret_from_fork+0x10/0x10
[ 1820.085516][T20737]  ? __switch_to_asm+0x39/0x70
[ 1820.085541][T20737]  ? __switch_to_asm+0x33/0x70
[ 1820.085566][T20737]  ? __pfx_kthread+0x10/0x10
[ 1820.085595][T20737]  ret_from_fork_asm+0x1a/0x30
[ 1820.085640][T20737]  </TASK>
[ 1820.086384][T20737] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1820.478805][T20737] Bluetooth: hci2: failed to register connection device
[ 1824.046712][T20796] netlink: 'syz.1.3758': attribute type 10 has an invalid length.
[ 1824.068412][T20796] team0: Device ipvlan1 failed to register rx_handler
[ 1826.425411][T20817] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1826.930770][ T5836] Bluetooth: hci2: command 0x0405 tx timeout
[ 1827.419203][T20822] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3762'.
[ 1827.455103][T20812] pim6reg: entered allmulticast mode
[ 1828.794717][T20812] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3761'.
[ 1833.783958][T20811] pim6reg: left allmulticast mode
[ 1833.972939][T20874] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3778'.
[ 1833.985624][T20874] netlink: 'syz.5.3778': attribute type 6 has an invalid length.
[ 1834.027263][T20874] netlink: 112 bytes leftover after parsing attributes in process `syz.5.3778'.
[ 1835.450449][ T5919] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1835.642176][ T5919] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1835.667571][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1835.706505][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1835.735673][ T5919] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1835.778555][ T5919] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1836.553122][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1836.564084][ T5919] usb 3-1: config 0 descriptor??
[ 1837.063414][ T5919] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0
[ 1837.084584][ T5919] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1837.756373][T20900] netlink: 'syz.7.3785': attribute type 10 has an invalid length.
[ 1837.767292][T20900] team0: Device ipvlan1 failed to register rx_handler
[ 1838.257100][ T5919] usb 3-1: USB disconnect, device number 79
[ 1838.627025][T20909] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3789'.
[ 1838.639525][T20909] netlink: 'syz.5.3789': attribute type 6 has an invalid length.
[ 1838.654395][T20909] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3789'.
[ 1840.319544][T20929] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3792'.
[ 1840.339361][T20929] netlink: 'syz.8.3792': attribute type 6 has an invalid length.
[ 1840.383431][T20929] netlink: 112 bytes leftover after parsing attributes in process `syz.8.3792'.
[ 1840.410858][T16936] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1840.995344][T16936] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1841.009241][T16936] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1841.135884][T16936] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1841.148251][T16936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1841.158388][T16936] usb 3-1: SerialNumber: syz
[ 1842.550335][  T120] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1842.750478][ T5919] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1842.770153][  T120] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1842.780719][  T120] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1842.794424][  T120] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1842.803912][  T120] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1842.830293][  T120] usb 9-1: SerialNumber: syz
[ 1842.950506][ T5919] usb 6-1: device descriptor read/64, error -71
[ 1843.200375][ T5919] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1843.440508][ T5919] usb 6-1: device descriptor read/64, error -71
[ 1843.673289][T20950] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3797'.
[ 1844.202149][ T5919] usb usb6-port1: attempt power cycle
[ 1844.550371][ T5919] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1844.587296][ T5919] usb 6-1: device descriptor read/8, error -71
[ 1844.830354][ T5919] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1844.880525][T16936] usb 3-1: cannot find UAC_HEADER
[ 1844.891169][ T5919] usb 6-1: device descriptor read/8, error -71
[ 1845.125471][ T5919] usb usb6-port1: unable to enumerate USB device
[ 1845.163417][T16936] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1845.739993][T16936] usb 3-1: USB disconnect, device number 80
[ 1846.600199][ T9466] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1846.718863][T20980] netlink: 'syz.7.3805': attribute type 10 has an invalid length.
[ 1846.735007][T20980] team0: Device ipvlan1 failed to register rx_handler
[ 1847.690448][ T9466] usb 3-1: Using ep0 maxpacket: 32
[ 1847.722433][  T120] usb 9-1: cannot find UAC_HEADER
[ 1847.758833][ T9466] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[ 1847.881299][ T9466] usb 3-1: config 0 has no interface number 0
[ 1847.910431][ T9466] usb 3-1: config 0 interface 184 has no altsetting 0
[ 1847.949681][ T9466] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1847.971136][ T9466] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1847.972471][  T120] snd-usb-audio 9-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1848.035399][ T9466] usb 3-1: Product: syz
[ 1848.047467][ T9466] usb 3-1: Manufacturer: syz
[ 1848.180773][T16936] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1848.604754][  T120] usb 9-1: USB disconnect, device number 18
[ 1848.612460][ T9466] usb 3-1: SerialNumber: syz
[ 1848.636290][ T9466] usb 3-1: config 0 descriptor??
[ 1848.664406][ T9466] smsc75xx v1.0.0
[ 1848.724160][ T9466] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1848.868047][T20976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1848.877837][T20976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1848.893352][ T9466] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -22
[ 1852.521910][T21001] netlink: 'syz.1.3812': attribute type 10 has an invalid length.
[ 1853.084296][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.474952][T16936] usb 6-1: device descriptor read/64, error -110
[ 1853.847359][ T9466] usb 3-1: USB disconnect, device number 81
[ 1854.060573][T16936] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 1854.893866][T16936] usb 6-1: device descriptor read/64, error -32
[ 1855.675577][T16936] usb usb6-port1: attempt power cycle
[ 1856.825743][T21039] netlink: 'syz.5.3820': attribute type 10 has an invalid length.
[ 1860.694059][T21057] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1860.736346][T21057] kvm: pic: non byte read
[ 1860.742061][T21057] kvm: pic: level sensitive irq not supported
[ 1860.742109][T21057] kvm: pic: non byte read
[ 1860.758804][T21057] kvm: pic: level sensitive irq not supported
[ 1860.758866][T21057] kvm: pic: non byte read
[ 1860.773802][T21057] kvm: pic: level sensitive irq not supported
[ 1860.773867][T21057] kvm: pic: non byte read
[ 1861.116084][T21068] netlink: 'syz.1.3827': attribute type 10 has an invalid length.
[ 1861.135651][T21068] team0: Device ipvlan1 failed to register rx_handler
[ 1862.301107][T21082] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3829'.
[ 1863.280480][ T5919] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1866.138902][T21093] netlink: 60 bytes leftover after parsing attributes in process `syz.7.3835'.
[ 1867.604124][T21108] pim6reg: entered allmulticast mode
[ 1867.619002][T21108] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3839'.
[ 1868.504058][ T5919] usb 2-1: device descriptor read/64, error -110
[ 1868.774070][T21119] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3841'.
[ 1869.798900][T21133] netlink: 'syz.2.3849': attribute type 10 has an invalid length.
[ 1869.812838][T21133] netlink: 208 bytes leftover after parsing attributes in process `syz.2.3849'.
[ 1871.647136][T21150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1871.661158][T21150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1874.906228][T21154] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3851'.
[ 1875.070709][T21176] netlink: 208 bytes leftover after parsing attributes in process `syz.1.3861'.
[ 1875.514913][T21181] pim6reg: entered allmulticast mode
[ 1875.538631][T21181] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3860'.
[ 1876.184505][T21174] pim6reg: left allmulticast mode
[ 1877.911690][T21200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1877.944286][T21200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1883.003543][T21231] netlink: 'syz.2.3870': attribute type 10 has an invalid length.
[ 1883.015011][T21231] team0: Device ipvlan1 failed to register rx_handler
[ 1883.029137][T21229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1883.044376][T21229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1883.533502][T21237] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3871'.
[ 1889.101181][T21253] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3878'.
[ 1889.112453][T21253] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1892.171896][T21289] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3884'.
[ 1894.464826][T21305] netlink: 'syz.5.3890': attribute type 10 has an invalid length.
[ 1894.574214][T21307] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3889'.
[ 1894.657914][T21305] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3890'.
[ 1894.850455][T21305] netlink: 'syz.5.3890': attribute type 6 has an invalid length.
[ 1894.858213][T21305] netlink: 140 bytes leftover after parsing attributes in process `syz.5.3890'.
[ 1895.340202][T21312] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3892'.
[ 1896.468414][T19886] usb 2-1: new full-speed USB device number 71 using dummy_hcd
[ 1897.171723][T21323] pim6reg: entered allmulticast mode
[ 1897.177415][T21326] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3894'.
[ 1897.472325][T19886] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 1897.694270][T19886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1897.753921][T19886] usb 2-1: config 0 descriptor??
[ 1898.276423][T19886] chicony 0003:04F2:1236.0038: unknown main item tag 0x0
[ 1898.281988][T21319] pim6reg: left allmulticast mode
[ 1898.299149][T19886] chicony 0003:04F2:1236.0038: unknown main item tag 0x0
[ 1899.131020][T19886] chicony 0003:04F2:1236.0038: unknown main item tag 0x0
[ 1899.193104][T19886] chicony 0003:04F2:1236.0038: unknown main item tag 0x0
[ 1899.313445][T19886] chicony 0003:04F2:1236.0038: unknown main item tag 0x0
[ 1899.349112][T19886] chicony 0003:04F2:1236.0038: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.1-1/input0
[ 1899.981002][ T5919] usb 2-1: USB disconnect, device number 71
[ 1900.285476][T21346] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1900.319799][T21346] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1900.846211][T21348] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3900'.
[ 1901.100416][ T5919] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[ 1901.277623][ T5919] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 1901.308012][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1901.503587][ T5919] usb 2-1: config 0 descriptor??
[ 1902.026959][ T5919] chicony 0003:04F2:1236.0039: unknown main item tag 0x0
[ 1902.042683][ T5919] chicony 0003:04F2:1236.0039: unknown main item tag 0x0
[ 1902.171574][ T5919] chicony 0003:04F2:1236.0039: unknown main item tag 0x0
[ 1902.221142][ T5919] chicony 0003:04F2:1236.0039: unknown main item tag 0x0
[ 1902.288867][ T5919] chicony 0003:04F2:1236.0039: unknown main item tag 0x0
[ 1902.301011][ T5919] chicony 0003:04F2:1236.0039: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.1-1/input0
[ 1902.758918][ T5919] usb 2-1: USB disconnect, device number 72
[ 1906.733474][T21378] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3907'.
[ 1908.184618][T21397] CIFS mount error: No usable UNC path provided in device string!
[ 1908.184618][T21397] 
[ 1908.194779][T21397] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1908.431423][T21403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3912'.
[ 1908.695114][T16554] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[ 1909.030478][ T5919] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1909.058064][T16554] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1909.068342][T16554] usb 9-1: config 0 has no interfaces?
[ 1909.082352][T16554] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1909.190362][T16554] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1909.213129][ T5919] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1909.237051][ T5919] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 1909.253696][T16554] usb 9-1: config 0 descriptor??
[ 1909.309615][ T5919] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1909.460373][ T5919] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 1909.474076][ T5919] usb 6-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 1910.151917][T21413] fuse: Bad value for 'fd'
[ 1911.194252][T21415] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1911.589976][ T5919] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1911.620643][ T5919] usb 6-1: Product: syz
[ 1911.626001][ T5919] usb 6-1: Manufacturer: syz
[ 1911.653632][ T5919] usb 6-1: SerialNumber: syz
[ 1911.670313][ T5919] usb 6-1: config 0 descriptor??
[ 1911.865447][ T5919] usb 6-1: can't set config #0, error -71
[ 1911.874521][ T5919] usb 6-1: USB disconnect, device number 37
[ 1912.721990][ T5900] usb 9-1: USB disconnect, device number 19
[ 1914.538413][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1916.483335][T21450] pim6reg: entered allmulticast mode
[ 1918.935698][T21447] pim6reg: left allmulticast mode
[ 1919.488887][T21467] fuse: Bad value for 'fd'
[ 1920.529732][T21473] netlink: 'syz.1.3931': attribute type 10 has an invalid length.
[ 1920.633911][T21473] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3931'.
[ 1920.647698][T21473] netlink: 'syz.1.3931': attribute type 6 has an invalid length.
[ 1920.910682][T21473] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3931'.
[ 1921.350692][  T120] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[ 1921.512823][  T120] usb 6-1: Using ep0 maxpacket: 32
[ 1921.537370][  T120] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1921.550308][  T120] usb 6-1: config 0 has no interface number 0
[ 1921.686551][  T120] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1921.700622][  T120] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1921.725259][  T120] usb 6-1: Product: syz
[ 1921.739753][  T120] usb 6-1: Manufacturer: syz
[ 1921.753104][  T120] usb 6-1: SerialNumber: syz
[ 1921.787855][  T120] usb 6-1: config 0 descriptor??
[ 1921.820142][  T120] smsc75xx v1.0.0
[ 1921.828391][  T120] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1921.978327][  T120] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -22
[ 1922.034924][T21487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1922.044193][T21487] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1925.370379][T19886] usb 6-1: USB disconnect, device number 38
[ 1925.805492][T21509] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3940'.
[ 1926.013634][T21502] pim6reg: entered allmulticast mode
[ 1926.781944][T21495] pim6reg: left allmulticast mode
[ 1927.339126][T21520] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3942'.
[ 1928.194166][T21526] netlink: 'syz.1.3945': attribute type 10 has an invalid length.
[ 1928.246247][T21526] netlink: 208 bytes leftover after parsing attributes in process `syz.1.3945'.
[ 1929.036999][T21537] netlink: 'syz.5.3947': attribute type 10 has an invalid length.
[ 1931.342798][T21551] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 1931.937083][T21554] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3951'.
[ 1934.128123][T21571] ptrace attach of "./syz-executor exec"[16999] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
[ 1935.142001][T16554] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1935.361694][T21581] netlink: 'syz.2.3960': attribute type 10 has an invalid length.
[ 1935.366502][T16554] usb 2-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 1935.381328][T16554] usb 2-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 1935.403133][T21581] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3960'.
[ 1935.438467][T21581] netlink: 'syz.2.3960': attribute type 6 has an invalid length.
[ 1935.446911][T16554] usb 2-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 1935.478635][T21581] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3960'.
[ 1935.488484][T16554] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1936.081404][T21594] netlink: 'syz.1.3957': attribute type 1 has an invalid length.
[ 1936.089263][T21594] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3957'.
[ 1937.328972][T21591] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3961'.
[ 1937.863371][T16554] usb 2-1: string descriptor 0 read error: -71
[ 1937.900670][T16554] usb 2-1: USB disconnect, device number 73
[ 1939.507565][T21616] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1939.539665][T21616] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1940.435230][ T5900] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1940.590406][ T5900] usb 9-1: device descriptor read/64, error -71
[ 1940.830302][ T5900] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1940.964160][ T5900] usb 9-1: device descriptor read/64, error -71
[ 1941.070693][ T5900] usb usb9-port1: attempt power cycle
[ 1941.242907][T21627] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3971'.
[ 1941.585423][ T5900] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1941.661334][ T5900] usb 9-1: device descriptor read/8, error -71
[ 1941.900363][ T5900] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1941.931903][ T5900] usb 9-1: device descriptor read/8, error -71
[ 1942.041230][ T5900] usb usb9-port1: unable to enumerate USB device
[ 1948.230132][T21670] netlink: 'syz.5.3979': attribute type 10 has an invalid length.
[ 1949.576831][T21684] pim6reg: entered allmulticast mode
[ 1950.491201][T21692] pim6reg: entered allmulticast mode
[ 1950.592495][T21677] pim6reg: left allmulticast mode
[ 1950.959933][T21686] pim6reg: left allmulticast mode
[ 1950.967914][T21698] netlink: 'syz.7.3990': attribute type 10 has an invalid length.
[ 1951.050314][T21700] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3990'.
[ 1951.084870][T21700] netlink: 'syz.7.3990': attribute type 6 has an invalid length.
[ 1951.133808][T21700] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3990'.
[ 1953.852233][T21721] ptrace attach of "./syz-executor exec"[9298] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[ 1954.599260][T21727] netlink: 'syz.5.3997': attribute type 10 has an invalid length.
[ 1954.690562][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1954.776774][T21730] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3997'.
[ 1954.776796][T21730] netlink: 'syz.5.3997': attribute type 6 has an invalid length.
[ 1954.776807][T21730] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3997'.
[ 1957.285668][T21758] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4004'.
[ 1958.132310][T21759] usb usb8: usbfs: process 21759 (syz.5.4002) did not claim interface 0 before use
[ 1958.445553][ T5900] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[ 1958.790281][ T5900] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1958.850271][ T5900] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1958.904703][ T5900] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1958.932021][ T5900] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1959.047024][ T5900] usb 6-1: SerialNumber: syz
[ 1959.613606][T21773] pim6reg: entered allmulticast mode
[ 1959.629031][T21773] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4007'.
[ 1960.180375][T21768] pim6reg: left allmulticast mode
[ 1962.552165][ T5900] usb 6-1: cannot find UAC_HEADER
[ 1962.648133][ T5900] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1962.739942][T16554] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 1962.830465][ T5900] usb 6-1: USB disconnect, device number 39
[ 1963.004458][T21795] pim6reg: entered allmulticast mode
[ 1963.020458][T21795] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4012'.
[ 1963.844019][T16554] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1964.546778][T21791] pim6reg: left allmulticast mode
[ 1964.563240][T16554] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1968.277371][T21812] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4017'.
[ 1968.493185][T21823] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4019'.
[ 1968.867120][T16554] usb 2-1: string descriptor 0 read error: -71
[ 1968.907739][T16554] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1968.918538][T16554] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1969.024932][T16554] usb 2-1: can't set config #1, error -71
[ 1969.033673][T16554] usb 2-1: USB disconnect, device number 74
[ 1971.806670][T21863] netlink: 'syz.8.4029': attribute type 10 has an invalid length.
[ 1971.828848][T21863] team0: Device ipvlan1 failed to register rx_handler
[ 1973.724951][T16936] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[ 1974.230360][T16936] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1974.280432][T16936] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 1974.289549][T16936] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1974.470680][T16936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1975.964819][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1976.170076][T21895] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4039'.
[ 1976.380135][T16936] usb 2-1: can't set config #27, error -71
[ 1976.395681][T16936] usb 2-1: USB disconnect, device number 75
[ 1978.358931][   T30] audit: type=1400 audit(1752461881.594:94): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=21907 comm="syz.1.4043" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1978.381118][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1978.550644][   T30] audit: type=1400 audit(1752461881.804:95): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1979.068494][   T30] audit: type=1400 audit(1752461882.014:96): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1979.123108][T21911] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4042'.
[ 1980.060560][   T30] audit: type=1400 audit(1752461882.424:97): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=11571 comm="kworker/0:0H" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1980.287385][   T30] audit: type=1400 audit(1752461883.304:98): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=21905 comm="syz.2.4042" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1980.437182][   T30] audit: type=1326 audit(1752461883.684:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21912 comm="syz.1.4044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 1980.464313][   T30] audit: type=1326 audit(1752461883.684:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21912 comm="syz.1.4044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 1981.268778][   T30] audit: type=1326 audit(1752461883.684:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21912 comm="syz.1.4044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 1981.290792][   T30] audit: type=1326 audit(1752461883.684:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21912 comm="syz.1.4044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 1981.344989][T21926] netlink: 208 bytes leftover after parsing attributes in process `syz.1.4048'.
[ 1981.368602][   T30] audit: type=1326 audit(1752461883.684:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21912 comm="syz.1.4044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 1984.875612][T21960] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4056'.
[ 1985.000820][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1985.000838][   T30] audit: type=1400 audit(1752461888.254:105): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=0 comm="swapper/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1985.444141][T21962] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4057'.
[ 1986.242043][T21965] netlink: 'syz.2.4055': attribute type 10 has an invalid length.
[ 1986.264488][T21965] team0: Device ipvlan1 failed to register rx_handler
[ 1987.465760][T21978] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4059'.
[ 1988.913186][T21989] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4062'.
[ 1989.686570][T21996] lo speed is unknown, defaulting to 1000
[ 1992.067553][T22008] lo speed is unknown, defaulting to 1000
[ 1992.390730][   T30] audit: type=1400 audit(1752461895.214:106): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=22003 comm="syz.1.4066" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 1992.413005][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1992.977275][T22019] netlink: 'syz.8.4068': attribute type 10 has an invalid length.
[ 1993.534396][T22015] kthread_run failed with err -4
[ 1993.605254][T22019] team0: Device ipvlan1 failed to register rx_handler
[ 1993.760364][T19886] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1993.960299][T19886] usb 3-1: Using ep0 maxpacket: 32
[ 1993.972017][T22023] netlink: 'syz.8.4070': attribute type 10 has an invalid length.
[ 1994.010238][T22026] netlink: 'syz.1.4071': attribute type 10 has an invalid length.
[ 1994.064535][T22026] netlink: 208 bytes leftover after parsing attributes in process `syz.1.4071'.
[ 1994.078919][T19886] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[ 1994.087716][T22023] netlink: 208 bytes leftover after parsing attributes in process `syz.8.4070'.
[ 1994.105280][T19886] usb 3-1: config 0 has no interface number 0
[ 1994.112306][T19886] usb 3-1: config 0 interface 184 has no altsetting 0
[ 1994.136518][T19886] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1994.175382][T19886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1994.211244][T19886] usb 3-1: Product: syz
[ 1994.497509][T19886] usb 3-1: Manufacturer: syz
[ 1994.516624][T19886] usb 3-1: SerialNumber: syz
[ 1994.585133][T19886] usb 3-1: config 0 descriptor??
[ 1994.593936][T19886] smsc75xx v1.0.0
[ 1994.597733][T19886] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1994.608617][T19886] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -22
[ 1995.005963][T22020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1995.071122][T22020] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1996.792025][T22038] netlink: 'syz.7.4073': attribute type 10 has an invalid length.
[ 1996.802190][T22038] team0: Device ipvlan1 failed to register rx_handler
[ 1997.249926][ T5900] usb 3-1: USB disconnect, device number 82
[ 1997.559794][T22046] binder: 22043:22046 ioctl c0306201 0 returned -14
[ 1997.568049][T22046] binder: 22043:22046 ioctl c0306201 200000001440 returned -11
[ 1998.104513][T17101] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1998.603023][T22049] netlink: 'syz.1.4077': attribute type 10 has an invalid length.
[ 1998.613000][T22049] team0: Device ipvlan1 failed to register rx_handler
[ 1998.680056][T17101] usb 9-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1998.701719][T17101] usb 9-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 1998.718997][T17101] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1999.292948][T17101] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2002.562475][   T30] audit: type=1326 audit(1752461905.794:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22087 comm="syz.1.4087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 2002.700313][   T30] audit: type=1326 audit(1752461905.804:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22087 comm="syz.1.4087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 2003.056923][   T30] audit: type=1326 audit(1752461905.804:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22087 comm="syz.1.4087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 2003.080440][   T30] audit: type=1326 audit(1752461905.804:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22087 comm="syz.1.4087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 2003.106877][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2003.118233][   T30] audit: type=1326 audit(1752461905.804:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22087 comm="syz.1.4087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f229678e929 code=0x7ffc0000
[ 2003.139842][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2003.375000][T22099] binder: 22094:22099 ioctl c0306201 200000001440 returned -11
[ 2003.498012][T22101] netlink: 'syz.1.4088': attribute type 10 has an invalid length.
[ 2003.516951][T22101] team0: Device ipvlan1 failed to register rx_handler
[ 2003.986868][ T5919] usb 9-1: USB disconnect, device number 24
[ 2005.455803][   T30] audit: type=1400 audit(1752461908.664:112): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=5836 comm="kworker/u9:2" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 2005.848011][T22118] lo speed is unknown, defaulting to 1000
[ 2006.488750][T22130] netlink: 'syz.1.4099': attribute type 10 has an invalid length.
[ 2006.501179][T22128] netlink: 'syz.5.4100': attribute type 10 has an invalid length.
[ 2006.535495][T22128] netlink: 208 bytes leftover after parsing attributes in process `syz.5.4100'.
[ 2007.222348][T22135] binder: 22131:22135 ioctl c0306201 200000001440 returned -11
[ 2007.301234][T22142] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4103'.
[ 2008.371892][T22154] netlink: 208 bytes leftover after parsing attributes in process `syz.5.4106'.
[ 2009.570524][ T5919] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 2010.478647][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 2010.537356][ T5919] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 2010.550025][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 2010.581882][ T5919] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 2010.638141][ T5919] usb 2-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 2010.662870][ T5919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2010.710340][ T5919] usb 2-1: Product: syz
[ 2010.714567][ T5919] usb 2-1: Manufacturer: syz
[ 2010.719187][ T5919] usb 2-1: SerialNumber: syz
[ 2010.731569][ T5919] usb 2-1: config 0 descriptor??
[ 2010.865642][ T5919] usb 2-1: NFC: Unable to get FW version
[ 2010.894611][ T5919] pn533_usb 2-1:0.0: probe with driver pn533_usb failed with error -90
[ 2012.523657][T22150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2012.532520][T22150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2012.542570][ T5919] usb 2-1: USB disconnect, device number 76
[ 2012.577114][T22188] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2013.701440][T22203] binder: 22196:22203 ioctl c0306201 200000001440 returned -11
[ 2014.300603][ T9466] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[ 2015.984132][ T9466] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2016.014175][ T9466] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2016.885080][T22219] netlink: 'syz.2.4121': attribute type 10 has an invalid length.
[ 2016.906995][T22219] team0: Device ipvlan1 failed to register rx_handler
[ 2017.609326][T22221] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4122'.
[ 2017.870288][ T5900] usb 2-1: new full-speed USB device number 77 using dummy_hcd
[ 2018.863612][ T5900] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2018.923558][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2019.030818][ T5900] usb 2-1: config 0 descriptor??
[ 2019.589892][ T5900] chicony 0003:04F2:1236.003A: unknown main item tag 0x0
[ 2019.619222][ T5900] chicony 0003:04F2:1236.003A: unknown main item tag 0x0
[ 2019.638571][ T9466] usb 6-1: string descriptor 0 read error: -71
[ 2019.645000][ T9466] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2019.655825][ T5900] chicony 0003:04F2:1236.003A: unknown main item tag 0x0
[ 2019.663817][ T5900] chicony 0003:04F2:1236.003A: unknown main item tag 0x0
[ 2019.721774][ T5900] chicony 0003:04F2:1236.003A: unknown main item tag 0x0
[ 2019.738459][ T9466] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2019.772777][ T5900] chicony 0003:04F2:1236.003A: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.1-1/input0
[ 2019.794873][ T9466] usb 6-1: can't set config #1, error -71
[ 2019.842190][ T9466] usb 6-1: USB disconnect, device number 40
[ 2019.853341][T22235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4124'.
[ 2020.562659][ T5919] usb 2-1: USB disconnect, device number 77
[ 2020.641470][T22242] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 2021.706945][T22250] netlink: 'syz.7.4129': attribute type 10 has an invalid length.
[ 2021.725898][T22250] team0: Device ipvlan1 failed to register rx_handler
[ 2022.512782][T22255] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4131'.
[ 2024.747848][T22279] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4135'.
[ 2024.757242][T22279] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4135'.
[ 2026.841214][T22305] netlink: 'syz.5.4141': attribute type 10 has an invalid length.
[ 2027.237371][T22311] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4144'.
[ 2027.329644][T22314] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 2027.336964][T22314] IPv6: NLM_F_CREATE should be set when creating new route
[ 2027.344291][T22314] IPv6: NLM_F_CREATE should be set when creating new route
[ 2027.351568][T22314] IPv6: NLM_F_CREATE should be set when creating new route
[ 2027.692242][T22318] netlink: 'syz.2.4146': attribute type 10 has an invalid length.
[ 2027.702957][T22318] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4146'.
[ 2027.731971][T22318] netlink: 'syz.2.4146': attribute type 6 has an invalid length.
[ 2027.739824][T22318] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4146'.
[ 2028.013199][T22325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4147'.
[ 2028.158879][T22328] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4148'.
[ 2028.168598][T22328] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4148'.
[ 2028.199992][T22328] bridge0: entered promiscuous mode
[ 2028.217263][T22328] syz_tun: entered promiscuous mode
[ 2028.747889][T22332] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 2029.635484][T22334] netlink: 'syz.8.4150': attribute type 10 has an invalid length.
[ 2029.668836][T22334] netlink: 208 bytes leftover after parsing attributes in process `syz.8.4150'.
[ 2031.093189][T22345] netlink: 'syz.5.4151': attribute type 10 has an invalid length.
[ 2031.642139][   T30] audit: type=1400 audit(1752461934.894:113): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=51032 netif=lo
[ 2031.774820][T22347] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4153'.
[ 2032.562197][T22354] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4154'.
[ 2032.899382][T22366] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4158'.
[ 2034.306385][T22382] netlink: 'syz.1.4163': attribute type 10 has an invalid length.
[ 2034.324410][T22382] team0: Device ipvlan1 failed to register rx_handler
[ 2036.265617][T22389] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4166'.
[ 2036.278467][T22389] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4166'.
[ 2036.464472][T22389] ip6gretap0: entered promiscuous mode
[ 2036.567202][T22393] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 2037.138411][T22389] ip6gretap0: left promiscuous mode
[ 2037.421383][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.491067][T22399] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 2045.423252][T22450] netlink: 'syz.7.4180': attribute type 10 has an invalid length.
[ 2045.461615][T22448] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4182'.
[ 2045.545661][T22448] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4182'.
[ 2045.576199][T22450] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4180'.
[ 2045.610866][T22452] CIFS mount error: No usable UNC path provided in device string!
[ 2045.610866][T22452] 
[ 2045.621194][T22452] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 2045.637307][T22450] netlink: 'syz.7.4180': attribute type 6 has an invalid length.
[ 2046.727338][T22450] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4180'.
[ 2046.750221][T22453] kthread_run failed with err -4
[ 2046.801935][T12295] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 2046.935125][T22448] ip6gretap0: entered promiscuous mode
[ 2047.091222][T12295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 2047.114506][T22448] ip6gretap0: left promiscuous mode
[ 2047.171678][T12295] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 2047.412999][T12295] usb 2-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 2047.462725][T12295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2047.523072][T12295] usb 2-1: Product: syz
[ 2047.552749][T12295] usb 2-1: Manufacturer: syz
[ 2047.654022][T12295] usb 2-1: SerialNumber: syz
[ 2047.741455][T12295] usb 2-1: config 0 descriptor??
[ 2047.763857][T12295] pn533_usb 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[ 2048.453324][T22452] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2048.470543][T22452] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2050.383307][T12295] usb 2-1: USB disconnect, device number 78
[ 2050.750522][T22477] netlink: 'syz.1.4187': attribute type 10 has an invalid length.
[ 2050.794336][T22477] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4187'.
[ 2050.829514][T22477] netlink: 'syz.1.4187': attribute type 6 has an invalid length.
[ 2051.298414][T22477] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4187'.
[ 2053.475183][T22487] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4191'.
[ 2053.901950][ T5919] usb 3-1: new full-speed USB device number 83 using dummy_hcd
[ 2054.095371][ T5919] usb 3-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2054.138341][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2054.205388][ T5919] usb 3-1: config 0 descriptor??
[ 2054.687274][ T5919] chicony 0003:04F2:1236.003B: unknown main item tag 0x0
[ 2054.725626][ T5919] chicony 0003:04F2:1236.003B: unknown main item tag 0x0
[ 2055.188472][ T5919] chicony 0003:04F2:1236.003B: unknown main item tag 0x0
[ 2055.276320][ T5919] chicony 0003:04F2:1236.003B: unknown main item tag 0x0
[ 2055.291148][T22395] syz_tun (unregistering): left promiscuous mode
[ 2055.310627][ T5919] chicony 0003:04F2:1236.003B: unknown main item tag 0x0
[ 2055.356517][ T5919] chicony 0003:04F2:1236.003B: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.2-1/input0
[ 2055.471990][T20737] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2055.482030][T20737] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2055.490439][T20737] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2055.498966][T20737] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2055.508411][T20737] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2055.555998][T22497] lo speed is unknown, defaulting to 1000
[ 2056.515794][ T5919] usb 3-1: USB disconnect, device number 83
[ 2056.761230][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2057.654871][ T5836] Bluetooth: hci3: command tx timeout
[ 2058.974218][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2059.723387][ T5836] Bluetooth: hci3: command tx timeout
[ 2061.217280][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2061.801342][ T5836] Bluetooth: hci3: command tx timeout
[ 2061.859810][T22529] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4202'.
[ 2062.809798][T22497] chnl_net:caif_netlink_parms(): no params data found
[ 2063.095325][T22522] Set syz1 is full, maxelem 65536 reached
[ 2063.880435][ T5836] Bluetooth: hci3: command tx timeout
[ 2064.292198][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2064.497759][T22543] CIFS mount error: No usable UNC path provided in device string!
[ 2064.497759][T22543] 
[ 2064.507944][T22543] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 2065.002735][ T5900] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[ 2065.314606][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 2065.517347][ T5900] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 2065.653506][T22548] netlink: 'syz.7.4206': attribute type 10 has an invalid length.
[ 2065.755313][ T5900] usb 2-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 2065.892796][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2067.092438][T22550] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4206'.
[ 2067.105721][ T5900] usb 2-1: Product: syz
[ 2067.122057][ T5900] usb 2-1: Manufacturer: syz
[ 2067.126730][ T5900] usb 2-1: SerialNumber: syz
[ 2067.166958][T22550] netlink: 'syz.7.4206': attribute type 6 has an invalid length.
[ 2067.211603][ T5900] usb 2-1: config 0 descriptor??
[ 2067.240328][T22550] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4206'.
[ 2067.258617][ T5900] pn533_usb 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[ 2067.354171][T22551] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4205'.
[ 2067.694845][T22541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2067.703676][T22541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2067.714037][ T5900] usb 2-1: USB disconnect, device number 79
[ 2067.804762][T22497] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2067.812731][T22497] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2067.821851][T22497] bridge_slave_0: entered allmulticast mode
[ 2067.836403][T22497] bridge_slave_0: entered promiscuous mode
[ 2067.917249][T22497] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2067.948204][T22497] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2067.963818][T22497] bridge_slave_1: entered allmulticast mode
[ 2067.977482][T22497] bridge_slave_1: entered promiscuous mode
[ 2068.264766][   T12] bridge_slave_1: left allmulticast mode
[ 2068.336719][T22570] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2068.358554][T22570] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2068.940416][   T12] bridge_slave_1: left promiscuous mode
[ 2069.003413][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2069.017785][   T12] bridge_slave_0: left allmulticast mode
[ 2069.034751][   T12] bridge_slave_0: left promiscuous mode
[ 2069.052933][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2070.568732][T22586] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4216'.
[ 2070.813621][   T12] bridge0 (unregistering): left promiscuous mode
[ 2070.880296][T16936] usb 2-1: new full-speed USB device number 80 using dummy_hcd
[ 2071.076636][T16936] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2071.147143][T16936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2071.175511][T16936] usb 2-1: config 0 descriptor??
[ 2071.598988][T16936] chicony 0003:04F2:1236.003C: unknown main item tag 0x0
[ 2071.654920][T16936] chicony 0003:04F2:1236.003C: unknown main item tag 0x0
[ 2071.669126][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2071.692661][T16936] chicony 0003:04F2:1236.003C: unknown main item tag 0x0
[ 2071.710236][T16936] chicony 0003:04F2:1236.003C: unknown main item tag 0x0
[ 2071.743014][T16936] chicony 0003:04F2:1236.003C: unknown main item tag 0x0
[ 2071.834806][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2071.836005][T16936] chicony 0003:04F2:1236.003C: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.1-1/input0
[ 2071.871686][   T12] bond0 (unregistering): Released all slaves
[ 2072.011176][T17101] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 2072.293043][T17101] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2072.361886][T17101] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2072.394726][T17101] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2072.414895][T17101] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2072.433009][T17101] usb 3-1: SerialNumber: syz
[ 2072.679879][   T12] bond1 (unregistering): Released all slaves
[ 2072.886473][T22497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2072.939543][   T12] : left promiscuous mode
[ 2073.004436][T22497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2073.318405][   T12] tipc: Left network mode
[ 2073.348336][T22497] team0: Port device team_slave_0 added
[ 2074.299181][T22497] team0: Port device team_slave_1 added
[ 2074.404829][T16936] usb 2-1: USB disconnect, device number 80
[ 2074.641088][T22611] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4222'.
[ 2074.962780][T22497] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2074.990300][T22499] usb 9-1: new full-speed USB device number 25 using dummy_hcd
[ 2075.030430][T22497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2075.056752][T22497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2075.203825][T22499] usb 9-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2075.220251][T22499] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2075.233857][T22499] usb 9-1: config 0 descriptor??
[ 2075.420982][T22497] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2075.594035][T22497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2075.620088][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2075.626296][T22497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2075.985879][T17101] usb 3-1: cannot find UAC_HEADER
[ 2076.140645][   T12] hsr_slave_0: left promiscuous mode
[ 2076.778566][T22499] usbhid 9-1:0.0: can't add hid device: -71
[ 2076.798059][T17101] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 2076.820452][T22499] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 2076.834666][   T12] hsr_slave_1: left promiscuous mode
[ 2076.851464][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2076.866643][T22499] usb 9-1: USB disconnect, device number 25
[ 2076.873185][T17101] usb 3-1: USB disconnect, device number 84
[ 2076.928510][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2076.969998][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2076.986211][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2077.296805][   T12] macvlan0: left allmulticast mode
[ 2077.302324][   T12] veth1_vlan: left allmulticast mode
[ 2077.309354][   T12] veth1_macvtap: left promiscuous mode
[ 2077.315967][   T12] veth0_macvtap: left promiscuous mode
[ 2077.324742][   T12] veth1_vlan: left promiscuous mode
[ 2077.330706][   T12] veth0_vlan: left promiscuous mode
[ 2077.732342][T22633] netlink: 'syz.1.4228': attribute type 10 has an invalid length.
[ 2077.837231][   T12] pim6reg (unregistering): left allmulticast mode
[ 2080.212963][T22652] netlink: 'syz.2.4233': attribute type 10 has an invalid length.
[ 2080.328877][T22654] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4233'.
[ 2080.339598][T22654] netlink: 'syz.2.4233': attribute type 6 has an invalid length.
[ 2080.349677][T22654] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4233'.
[ 2080.557903][T22497] hsr_slave_0: entered promiscuous mode
[ 2080.573782][T22497] hsr_slave_1: entered promiscuous mode
[ 2080.580436][T22497] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2080.594707][T22497] Cannot create hsr debugfs directory
[ 2080.717180][T22633] team0: Device ipvlan1 failed to register rx_handler
[ 2081.193048][T22667] CIFS mount error: No usable UNC path provided in device string!
[ 2081.193048][T22667] 
[ 2081.203195][T22667] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 2081.522326][T22666] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4234'.
[ 2081.642897][T22671] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4235'.
[ 2083.930080][T22497] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2083.942568][T22497] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2083.996442][T22497] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2084.022900][T22497] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2084.044005][T22673] netlink: 'syz.2.4237': attribute type 10 has an invalid length.
[ 2084.083288][T22673] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4237'.
[ 2084.125729][T22673] netlink: 'syz.2.4237': attribute type 6 has an invalid length.
[ 2084.150676][T22673] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4237'.
[ 2084.242311][T22497] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2084.285022][T22497] 8021q: adding VLAN 0 to HW filter on device team0
[ 2084.356791][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2084.363979][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2084.394272][T22664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2084.403795][T22664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2084.416503][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2084.423753][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2085.079906][T22497] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2087.159091][T17101] IPVS: starting estimator thread 0...
[ 2087.248208][T22497] veth0_vlan: entered promiscuous mode
[ 2087.253882][T22700] IPVS: using max 42 ests per chain, 100800 per kthread
[ 2087.327458][T22497] veth1_vlan: entered promiscuous mode
[ 2087.558111][T22497] veth0_macvtap: entered promiscuous mode
[ 2087.569105][T22497] veth1_macvtap: entered promiscuous mode
[ 2087.589541][T22497] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2087.616254][T22497] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2087.717651][T22707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2087.738939][T22707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2088.303820][T22497] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2088.484291][T22709] CIFS mount error: No usable UNC path provided in device string!
[ 2088.484291][T22709] 
[ 2088.494747][T22709] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 2088.613259][T22712] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4243'.
[ 2088.669726][T22712] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4243'.
[ 2088.800292][T19886] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 2089.093282][T19886] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 2089.158204][T19886] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 2089.239497][T19886] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 2089.259804][T22714] netlink: 'syz.2.4244': attribute type 10 has an invalid length.
[ 2089.312990][T19886] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 2089.431605][T19886] usb 9-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[ 2089.491090][T19886] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2089.555921][T19886] usb 9-1: Product: syz
[ 2089.591503][T19886] usb 9-1: Manufacturer: syz
[ 2089.624809][T19886] usb 9-1: SerialNumber: syz
[ 2089.702468][T22715] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4244'.
[ 2089.716339][T19886] usb 9-1: config 0 descriptor??
[ 2089.774805][T22715] netlink: 'syz.2.4244': attribute type 6 has an invalid length.
[ 2089.794767][T19886] usb 9-1: NFC: Unable to get FW version
[ 2089.845586][T19886] pn533_usb 9-1:0.0: probe with driver pn533_usb failed with error -90
[ 2089.893455][T22715] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4244'.
[ 2090.064241][T22497] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2090.178074][T22709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2090.218866][T22497] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2090.257489][T22709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2090.334819][T22497] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2090.883604][T22712] bridge0: entered promiscuous mode
[ 2092.623710][T22712] syz_tun: entered promiscuous mode
[ 2093.982664][ T9466] usb 9-1: USB disconnect, device number 26
[ 2094.403572][ T9442] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2094.412370][ T9442] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2094.421460][ T9442] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2094.429508][ T9442] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2095.758822][T22735] netlink: 'syz.2.4248': attribute type 10 has an invalid length.
[ 2096.207375][T22735] team0: Device ipvlan1 failed to register rx_handler
[ 2096.596108][T22742] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 2098.095301][T22754] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4253'.
[ 2098.435267][T22761] binder: 22753:22761 ioctl c0306201 0 returned -14
[ 2098.891157][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 2099.080255][ T5919] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[ 2100.160350][ T5919] usb 10-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2100.190279][ T5919] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2100.230695][T17101] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 2100.239332][ T5919] usb 10-1: config 0 descriptor??
[ 2100.412496][T17101] usb 3-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 2100.553842][T17101] usb 3-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 2100.570357][T17101] usb 3-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 2100.579782][T17101] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2101.435190][ T5919] chicony 0003:04F2:1236.003D: unknown main item tag 0x0
[ 2101.547226][ T5919] chicony 0003:04F2:1236.003D: unknown main item tag 0x0
[ 2101.564970][ T5919] chicony 0003:04F2:1236.003D: unknown main item tag 0x0
[ 2101.584054][ T5919] chicony 0003:04F2:1236.003D: unknown main item tag 0x0
[ 2101.592746][ T5919] chicony 0003:04F2:1236.003D: unknown main item tag 0x0
[ 2101.603194][ T5919] chicony 0003:04F2:1236.003D: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.9-1/input0
[ 2102.022056][T22790] netlink: 'syz.2.4258': attribute type 1 has an invalid length.
[ 2102.030095][T22790] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4258'.
[ 2103.086270][ T5900] usb 10-1: USB disconnect, device number 2
[ 2103.658184][T17101] usb 3-1: string descriptor 0 read error: -71
[ 2103.702281][T17101] usb 3-1: USB disconnect, device number 85
[ 2105.661587][T22811] binder: 22806:22811 ioctl c0306201 0 returned -14
[ 2106.533903][T22817] netlink: 'syz.2.4270': attribute type 10 has an invalid length.
[ 2110.264970][T22842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2110.301906][T22842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2113.280373][ T9466] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 2113.452294][ T9466] usb 9-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 2113.560635][ T9466] usb 9-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 2113.810214][ T9466] usb 9-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 2113.839381][ T9466] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2114.722085][T22867] netlink: 'syz.8.4286': attribute type 1 has an invalid length.
[ 2114.729958][T22867] netlink: 224 bytes leftover after parsing attributes in process `syz.8.4286'.
[ 2114.756243][ T9466] usb 9-1: string descriptor 0 read error: -71
[ 2114.786273][ T9466] usb 9-1: USB disconnect, device number 27
[ 2116.621890][   T30] audit: type=1800 audit(1752462019.564:114): pid=22895 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.4293" name="SYSV00000000" dev="tmpfs" ino=6 res=0 errno=0
[ 2116.824440][T22894] ALSA: seq fatal error: cannot create timer (-19)
[ 2118.475402][   T30] audit: type=1800 audit(1752462021.724:115): pid=22902 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.4296" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2123.670084][   T30] audit: type=1800 audit(1752462026.884:116): pid=22952 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4307" name="SYSV00000000" dev="tmpfs" ino=10 res=0 errno=0
[ 2128.279867][T22986] netlink: 'syz.2.4318': attribute type 10 has an invalid length.
[ 2128.850942][T22988] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4318'.
[ 2128.859965][T22988] netlink: 'syz.2.4318': attribute type 6 has an invalid length.
[ 2128.877955][T22988] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4318'.
[ 2134.140664][ T5836] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[ 2135.281614][T23031] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4327'.
[ 2138.130271][   T30] audit: type=1800 audit(1752462041.374:117): pid=23057 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.4337" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2138.705789][T23062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4338'.
[ 2139.680207][   T30] audit: type=1800 audit(1752462042.924:118): pid=23068 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.4339" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[ 2142.925394][T23093] tipc: Started in network mode
[ 2142.930523][T23093] tipc: Node identity e2a4f867a754, cluster identity 4711
[ 2142.963129][T23093] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2143.038380][T23094] syzkaller0: entered promiscuous mode
[ 2143.079076][T23094] syzkaller0: entered allmulticast mode
[ 2143.100269][T16936] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[ 2143.171687][T23093] tipc: Resetting bearer <eth:syzkaller0>
[ 2143.208249][T23092] tipc: Resetting bearer <eth:syzkaller0>
[ 2143.295583][T16936] usb 9-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 2143.306411][T16936] usb 9-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 2143.319254][T16936] usb 9-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 2143.338659][T16936] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2143.388362][T23092] tipc: Disabling bearer <eth:syzkaller0>
[ 2144.461196][T23101] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4349'.
[ 2144.564555][T23101] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4349'.
[ 2144.583234][T23103] netlink: 'syz.9.4350': attribute type 10 has an invalid length.
[ 2144.694705][T23104] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4350'.
[ 2144.698451][T23103] 8021q: adding VLAN 0 to HW filter on device team0
[ 2144.791926][T23104] netlink: 'syz.9.4350': attribute type 6 has an invalid length.
[ 2144.829656][T23104] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4350'.
[ 2144.963641][T23103] bond0: (slave team0): Enslaving as an active interface with an up link
[ 2145.963899][T16936] usb 9-1: string descriptor 0 read error: -71
[ 2145.980881][T16936] usb 9-1: USB disconnect, device number 28
[ 2148.935774][   T30] audit: type=1800 audit(1752462052.094:119): pid=23134 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4358" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2150.008427][T23141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2150.047716][T23141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2151.310410][ T9466] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 2151.550792][   T30] audit: type=1800 audit(1752462054.774:120): pid=23150 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.4362" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0
[ 2151.902281][ T9466] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2151.912705][ T9466] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2151.958071][ T9466] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2152.250458][T23158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2152.284949][T23158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2152.732047][ T9466] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2152.803788][ T9466] usb 2-1: SerialNumber: syz
[ 2154.397636][T23173] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 2156.633345][ T9466] usb 2-1: cannot find UAC_HEADER
[ 2156.669532][ T9466] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 2157.536955][ T9466] usb 2-1: USB disconnect, device number 81
[ 2159.024112][   T30] audit: type=1800 audit(1752462062.254:121): pid=23202 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.4376" name="SYSV00000000" dev="tmpfs" ino=8 res=0 errno=0
[ 2159.795675][   T30] audit: type=1800 audit(1752462063.044:122): pid=23207 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.4377" name="SYSV00000000" dev="tmpfs" ino=3 res=0 errno=0
[ 2160.992782][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 2161.578355][T23220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2161.594067][T23220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2162.338771][   T30] audit: type=1400 audit(1752462065.584:123): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=13 comm="kworker/u8:1" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2162.933984][   T30] audit: type=1400 audit(1752462066.184:124): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23 comm="ksoftirqd/1" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2163.530956][   T30] audit: type=1400 audit(1752462066.784:125): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=16999 comm="syz-executor" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2164.615865][T23239] binder: 23237:23239 ioctl c0306201 200000001440 returned -11
[ 2164.769691][   T30] audit: type=1400 audit(1752462068.014:126): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23 comm="ksoftirqd/1" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2164.983274][   T30] audit: type=1800 audit(1752462068.234:127): pid=23241 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.4386" name="SYSV00000000" dev="tmpfs" ino=4 res=0 errno=0
[ 2167.285441][   T30] audit: type=1400 audit(1752462070.434:128): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23250 comm="syz.2.4388" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2168.777969][   T30] audit: type=1400 audit(1752462071.994:129): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23267 comm="syz.1.4392" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2168.962110][   T30] audit: type=1400 audit(1752462072.214:130): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=0 comm="swapper/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2169.510495][   T30] audit: type=1400 audit(1752462072.714:131): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=0 comm="swapper/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2171.060294][   T30] audit: type=1400 audit(1752462073.704:132): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=0 comm="swapper/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2171.825829][   T30] audit: type=1800 audit(1752462075.074:133): pid=23283 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.4397" name="SYSV00000000" dev="tmpfs" ino=5 res=0 errno=0
[ 2171.984161][   T30] audit: type=1400 audit(1752462075.214:134): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23280 comm="syz.2.4395" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2172.006575][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2172.440822][   T30] audit: type=1400 audit(1752462075.694:135): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2172.647819][T23293] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4399'.
[ 2173.266839][T23304] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 2175.224288][   T30] audit: type=1800 audit(1752462078.464:136): pid=23310 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4404" name="SYSV00000000" dev="tmpfs" ino=12 res=0 errno=0
[ 2175.403792][T23314] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2175.464339][T23316] bond0: (slave team0): Releasing backup interface
[ 2175.542060][T23316] bridge_slave_0: left allmulticast mode
[ 2175.575153][T23316] bridge_slave_0: left promiscuous mode
[ 2175.584438][T23316] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2175.607508][T23316] bridge_slave_1: left allmulticast mode
[ 2175.613317][T23316] bridge_slave_1: left promiscuous mode
[ 2175.621295][T23316] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2175.677629][T23316] bond0: (slave bond_slave_0): Releasing backup interface
[ 2175.754222][T23316] bond0: (slave bond_slave_1): Releasing backup interface
[ 2176.023417][T23316] team0: Port device team_slave_0 removed
[ 2176.382784][   T30] audit: type=1400 audit(1752462079.614:137): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23317 comm="syz.8.4406" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2176.405123][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2176.561432][T23316] team0: Port device team_slave_1 removed
[ 2176.567941][T23316] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2176.946485][T23316] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2177.620074][T23316] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2177.646077][T23316] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2177.664208][   T30] audit: type=1800 audit(1752462080.914:138): pid=23333 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.4409" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2177.738874][T20737] Bluetooth: hci3: command 0x0406 tx timeout
[ 2178.801461][T23344] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4415'.
[ 2178.886288][T23352] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4416'.
[ 2178.896214][T23352] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4416'.
[ 2179.167249][T16554] usb 3-1: new full-speed USB device number 86 using dummy_hcd
[ 2179.279513][T23355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4417'.
[ 2179.416558][T23357] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4418'.
[ 2179.441729][T16554] usb 3-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2179.455154][T16554] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2179.507661][T23357] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4418'.
[ 2179.575986][T16554] usb 3-1: config 0 descriptor??
[ 2179.606289][T23357] ip6gretap0: entered promiscuous mode
[ 2179.642694][T23357] ip6gretap0: left promiscuous mode
[ 2180.588545][T16554] chicony 0003:04F2:1236.003E: unknown main item tag 0x0
[ 2180.595986][T16554] chicony 0003:04F2:1236.003E: unknown main item tag 0x0
[ 2180.604218][T16554] chicony 0003:04F2:1236.003E: unknown main item tag 0x0
[ 2180.622030][T16554] chicony 0003:04F2:1236.003E: unknown main item tag 0x0
[ 2180.634064][T16554] chicony 0003:04F2:1236.003E: unknown main item tag 0x0
[ 2181.163730][T16554] chicony 0003:04F2:1236.003E: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.2-1/input0
[ 2181.195957][T23366] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4421'.
[ 2181.233763][ T5900] usb 3-1: USB disconnect, device number 86
[ 2181.460410][T22499] usb 2-1: new full-speed USB device number 82 using dummy_hcd
[ 2182.160335][   T30] audit: type=1400 audit(1752462085.294:139): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23367 comm="syz.7.4422" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2182.315312][T22499] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2182.340348][T22499] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2182.389409][T22499] usb 2-1: config 0 descriptor??
[ 2182.769663][T23384] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4427'.
[ 2182.789318][T23384] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4427'.
[ 2183.531728][T22499] chicony 0003:04F2:1236.003F: unknown main item tag 0x0
[ 2183.560208][T22499] chicony 0003:04F2:1236.003F: unknown main item tag 0x0
[ 2183.736654][T23384] syz_tun: entered promiscuous mode
[ 2183.745164][T22499] chicony 0003:04F2:1236.003F: unknown main item tag 0x0
[ 2183.765628][T23384] syz_tun: left promiscuous mode
[ 2183.778486][T22499] chicony 0003:04F2:1236.003F: unknown main item tag 0x0
[ 2183.862741][T22499] chicony 0003:04F2:1236.003F: unknown main item tag 0x0
[ 2183.924092][T22499] chicony 0003:04F2:1236.003F: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.1-1/input0
[ 2184.259028][T16936] usb 2-1: USB disconnect, device number 82
[ 2184.605610][   T30] audit: type=1400 audit(1752462087.854:140): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23392 comm="syz.7.4429" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2187.232049][   T30] audit: type=1800 audit(1752462090.464:141): pid=23423 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4434" name="SYSV00000000" dev="tmpfs" ino=14 res=0 errno=0
[ 2187.450591][T22499] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 2188.000395][T22499] usb 2-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 2188.023448][T22499] usb 2-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 2188.047110][T22499] usb 2-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 2188.137127][T22499] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2188.411459][T23429] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4438'.
[ 2191.391376][T22499] usb 2-1: string descriptor 0 read error: -71
[ 2191.420365][T22499] usb 2-1: USB disconnect, device number 83
[ 2193.797741][   T30] audit: type=1400 audit(1752462097.014:142): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23445 comm="syz.7.4444" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2193.970676][   T30] audit: type=1400 audit(1752462097.224:143): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2194.180893][   T30] audit: type=1400 audit(1752462097.434:144): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2194.230166][T19886] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 2194.339581][T23460] lo speed is unknown, defaulting to 1000
[ 2194.422663][T19886] usb 3-1: config 173 has an invalid descriptor of length 203, skipping remainder of the config
[ 2194.457684][T19886] usb 3-1: config 173 has 0 interfaces, different from the descriptor's value: 1
[ 2194.479530][T19886] usb 3-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 2194.500834][T23461] bond0: (slave team0): Releasing backup interface
[ 2194.532841][T19886] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2194.553246][T23461] bridge_slave_0: left allmulticast mode
[ 2194.561446][T23461] bridge_slave_0: left promiscuous mode
[ 2194.609300][   T30] audit: type=1400 audit(1752462097.844:145): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2194.609626][T23461] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2194.886728][T23461] bridge_slave_1: left allmulticast mode
[ 2194.892693][T23461] bridge_slave_1: left promiscuous mode
[ 2194.898600][T23461] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2194.916758][T23461] bond0: (slave bond_slave_0): Releasing backup interface
[ 2194.936862][T23461] bond0: (slave bond_slave_1): Releasing backup interface
[ 2195.383398][T23472] netlink: 'syz.2.4445': attribute type 1 has an invalid length.
[ 2195.391522][T23472] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4445'.
[ 2195.403352][   T30] audit: type=1400 audit(1752462098.654:146): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23451 comm="syz.2.4445" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2195.909205][T23461] team0: Port device team_slave_0 removed
[ 2196.320739][T23461] team0: Port device team_slave_1 removed
[ 2196.348426][T23461] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2196.422962][T23475] 9pnet: Unknown protocol version 9p200
[ 2197.020426][T23461] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2197.127744][   T30] audit: type=1400 audit(1752462100.334:147): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=0 comm="swapper/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2197.273653][T23461] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2197.329948][T23461] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2197.420896][T23463] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 2197.423946][ T9466] lo speed is unknown, defaulting to 1000
[ 2197.774639][T19886] usb 3-1: string descriptor 0 read error: -71
[ 2197.790736][T19886] usb 3-1: USB disconnect, device number 87
[ 2198.150925][ T5919] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[ 2198.344612][ T5919] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2198.357588][ T5919] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2198.402045][ T5919] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2198.415745][ T5919] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2198.444045][ T5919] usb 9-1: SerialNumber: syz
[ 2199.671414][T23500] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4456'.
[ 2199.756771][T23500] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4456'.
[ 2199.796153][T23500] ip6gretap0: entered promiscuous mode
[ 2199.815024][T23500] syz_tun: entered promiscuous mode
[ 2199.839378][T23500] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[ 2199.858438][T23500] Cannot create hsr debugfs directory
[ 2200.495193][   T30] audit: type=1400 audit(1752462103.614:148): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23496 comm="syz.9.4455" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2200.700302][   T30] audit: type=1400 audit(1752462103.854:149): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23504 comm="syz.1.4457" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=50224 netif=lo
[ 2201.535797][   T30] audit: type=1400 audit(1752462104.494:150): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23 comm="ksoftirqd/1" saddr=172.20.20.170 src=50220 daddr=172.20.20.170 dest=16385 netif=lo
[ 2203.792219][ T5919] usb 9-1: cannot find UAC_HEADER
[ 2203.931893][ T5919] snd-usb-audio 9-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 2203.982547][ T5919] usb 9-1: USB disconnect, device number 29
[ 2204.310658][T23528] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2204.657787][T23537] bond0: (slave team0): Releasing backup interface
[ 2205.041003][T23537] bridge_slave_0: left allmulticast mode
[ 2205.072625][T23537] bridge_slave_0: left promiscuous mode
[ 2205.142982][T23537] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2205.224459][T23537] bridge_slave_1: left allmulticast mode
[ 2205.305452][T23537] bridge_slave_1: left promiscuous mode
[ 2205.412869][T23537] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2205.476263][T23537] bond0: (slave bond_slave_0): Releasing backup interface
[ 2205.647508][T23537] bond0: (slave bond_slave_1): Releasing backup interface
[ 2205.851692][T23537] team0: Port device team_slave_0 removed
[ 2205.880892][T23537] team0: Port device team_slave_1 removed
[ 2205.903257][T23537] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2205.926267][T23537] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2206.079628][T23537] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2206.089972][T23537] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2206.322619][T23538] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 2206.572757][T23545] lo speed is unknown, defaulting to 1000
[ 2207.250542][   T30] audit: type=1400 audit(1752462110.254:151): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=23557 comm="syz.8.4470" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2207.380172][T22499] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 2207.623145][   T30] audit: type=1800 audit(1752462110.874:152): pid=23558 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4470" name="SYSV00000000" dev="tmpfs" ino=15 res=0 errno=0
[ 2207.777605][T22499] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2207.880250][T22499] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2207.951145][T22499] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2208.140309][T22499] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2208.148402][T22499] usb 2-1: SerialNumber: syz
[ 2211.798063][T22499] usb 2-1: cannot find UAC_HEADER
[ 2211.955520][T22499] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 2211.972392][T22499] usb 2-1: USB disconnect, device number 84
[ 2212.179706][T23591] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2213.892243][T23607] 9pnet: Unknown protocol version 9p200
[ 2215.084155][T23615] 9pnet: Unknown protocol version 9p200
[ 2218.104207][   T30] audit: type=1800 audit(1752462121.304:153): pid=23628 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.4488" name="SYSV00000000" dev="tmpfs" ino=9 res=0 errno=0
[ 2218.122012][T23634] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4489'.
[ 2218.450207][T12295] usb 2-1: new full-speed USB device number 85 using dummy_hcd
[ 2218.588219][T23643] lo speed is unknown, defaulting to 1000
[ 2218.642431][T12295] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[ 2218.651943][T12295] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2218.716705][T12295] usb 2-1: config 0 descriptor??
[ 2219.247651][T12295] chicony 0003:04F2:1236.0040: unknown main item tag 0x0
[ 2219.255170][T12295] chicony 0003:04F2:1236.0040: unknown main item tag 0x0
[ 2219.268053][T12295] chicony 0003:04F2:1236.0040: unknown main item tag 0x0
[ 2219.281926][T12295] chicony 0003:04F2:1236.0040: unknown main item tag 0x0
[ 2219.625404][T12295] chicony 0003:04F2:1236.0040: unknown main item tag 0x0
[ 2219.658413][T12295] chicony 0003:04F2:1236.0040: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.1-1/input0
[ 2219.761298][   T30] audit: type=1800 audit(1752462123.014:154): pid=23649 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4492" name="SYSV00000000" dev="tmpfs" ino=16 res=0 errno=0
[ 2220.162229][ T9466] usb 2-1: USB disconnect, device number 85
[ 2220.442394][   T30] audit: type=1400 audit(1752462123.694:155): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=15 comm="ksoftirqd/0" saddr=172.20.20.170 src=16385 daddr=172.20.20.170 dest=53210 netif=lo
[ 2221.174008][T23654] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2221.180421][T23654] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 2221.211704][T23654] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 2221.218739][T23654] ==================================================================
[ 2221.218753][T23654] BUG: KASAN: slab-out-of-bounds in __list_del_entry_valid_or_report+0x92/0x190
[ 2221.218779][T23654] Read of size 8 at addr ffff88807fda8558 by task syz.8.4493/23654
[ 2221.218791][T23654] 
[ 2221.218801][T23654] CPU: 1 UID: 0 PID: 23654 Comm: syz.8.4493 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[ 2221.218818][T23654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2221.218828][T23654] Call Trace:
[ 2221.218834][T23654]  <TASK>
[ 2221.218841][T23654]  dump_stack_lvl+0x189/0x250
[ 2221.218859][T23654]  ? __kasan_check_byte+0x12/0x40
[ 2221.218887][T23654]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2221.218902][T23654]  ? lock_release+0x4b/0x3e0
[ 2221.218918][T23654]  ? __virt_addr_valid+0x4a5/0x5c0
[ 2221.218937][T23654]  print_report+0xca/0x230
[ 2221.218958][T23654]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2221.218975][T23654]  kasan_report+0x118/0x150
[ 2221.218997][T23654]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2221.219019][T23654]  __list_del_entry_valid_or_report+0x92/0x190
[ 2221.219039][T23654]  bt_accept_unlink+0x39/0x240
[ 2221.219056][T23654]  l2cap_sock_teardown_cb+0x17e/0x460
[ 2221.219078][T23654]  l2cap_chan_del+0xb5/0x5e0
[ 2221.219100][T23654]  l2cap_conn_del+0x388/0x680
[ 2221.219120][T23654]  l2cap_connect_cfm+0x11d/0x1040
[ 2221.219141][T23654]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 2221.219161][T23654]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 2221.219197][T23654]  hci_conn_failed+0x1cb/0x310
[ 2221.219216][T23654]  ? hci_abort_conn_sync+0x1f7/0xdf0
[ 2221.219232][T23654]  hci_abort_conn_sync+0x5d1/0xdf0
[ 2221.219248][T23654]  ? __lock_acquire+0xab9/0xd20
[ 2221.219265][T23654]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[ 2221.219282][T23654]  ? hci_disconnect_all_sync+0x2e/0x350
[ 2221.219303][T23654]  ? hci_disconnect_all_sync+0x2e/0x350
[ 2221.219320][T23654]  ? hci_disconnect_all_sync+0x2e/0x350
[ 2221.219339][T23654]  hci_disconnect_all_sync+0x1b5/0x350
[ 2221.219359][T23654]  hci_suspend_sync+0x3b8/0xc00
[ 2221.219377][T23654]  ? __pfx___mutex_lock+0x10/0x10
[ 2221.219391][T23654]  ? enable_work+0x258/0x2c0
[ 2221.219409][T23654]  ? __pfx_hci_suspend_sync+0x10/0x10
[ 2221.219429][T23654]  ? mgmt_pending_find+0x152/0x170
[ 2221.219449][T23654]  ? hci_cmd_sync_cancel_sync+0xc9/0x190
[ 2221.219472][T23654]  hci_suspend_dev+0x28d/0x4d0
[ 2221.219488][T23654]  ? __pfx_hci_suspend_dev+0x10/0x10
[ 2221.219501][T23654]  ? rcu_barrier+0x474/0x570
[ 2221.219523][T23654]  hci_suspend_notifier+0xf2/0x290
[ 2221.219539][T23654]  notifier_call_chain+0x1b6/0x3e0
[ 2221.219559][T23654]  blocking_notifier_call_chain_robust+0x85/0x100
[ 2221.219580][T23654]  pm_notifier_call_chain_robust+0x2c/0x60
[ 2221.219604][T23654]  snapshot_open+0x19c/0x280
[ 2221.219620][T23654]  ? __pfx_snapshot_open+0x10/0x10
[ 2221.219635][T23654]  misc_open+0x2bc/0x330
[ 2221.219669][T23654]  chrdev_open+0x4c9/0x5e0
[ 2221.219690][T23654]  ? __pfx_chrdev_open+0x10/0x10
[ 2221.219715][T23654]  ? __pfx_chrdev_open+0x10/0x10
[ 2221.219728][T23654]  do_dentry_open+0xdf0/0x1970
[ 2221.219750][T23654]  vfs_open+0x3b/0x340
[ 2221.219764][T23654]  ? path_openat+0x2ecd/0x3830
[ 2221.219784][T23654]  path_openat+0x2ee5/0x3830
[ 2221.219801][T23654]  ? arch_stack_walk+0xfc/0x150
[ 2221.219832][T23654]  ? __pfx_path_openat+0x10/0x10
[ 2221.219849][T23654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.219880][T23654]  do_filp_open+0x1fa/0x410
[ 2221.219897][T23654]  ? __lock_acquire+0xab9/0xd20
[ 2221.219912][T23654]  ? __pfx_do_filp_open+0x10/0x10
[ 2221.219940][T23654]  ? _raw_spin_unlock+0x28/0x50
[ 2221.219960][T23654]  ? alloc_fd+0x64c/0x6c0
[ 2221.219987][T23654]  do_sys_openat2+0x121/0x1c0
[ 2221.220003][T23654]  ? __se_sys_futex+0x36f/0x400
[ 2221.220022][T23654]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2221.220042][T23654]  ? rcu_is_watching+0x15/0xb0
[ 2221.220066][T23654]  __x64_sys_openat+0x138/0x170
[ 2221.220091][T23654]  do_syscall_64+0xfa/0x3b0
[ 2221.220112][T23654]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2221.220136][T23654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.220151][T23654]  ? clear_bhb_loop+0x60/0xb0
[ 2221.220168][T23654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.220183][T23654] RIP: 0033:0x7fdef758e929
[ 2221.220203][T23654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2221.220217][T23654] RSP: 002b:00007fdef8473038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2221.220234][T23654] RAX: ffffffffffffffda RBX: 00007fdef77b6160 RCX: 00007fdef758e929
[ 2221.220246][T23654] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 2221.220257][T23654] RBP: 00007fdef7610b39 R08: 0000000000000000 R09: 0000000000000000
[ 2221.220266][T23654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2221.220276][T23654] R13: 0000000000000000 R14: 00007fdef77b6160 R15: 00007fff29dfa208
[ 2221.220293][T23654]  </TASK>
[ 2221.220299][T23654] 
[ 2221.220304][T23654] Allocated by task 20662:
[ 2221.220312][T23654]  kasan_save_track+0x3e/0x80
[ 2221.220331][T23654]  __kasan_kmalloc+0x93/0xb0
[ 2221.220350][T23654]  __kmalloc_cache_noprof+0x230/0x3d0
[ 2221.220370][T23654]  tty_register_device_attr+0x2d2/0x8f0
[ 2221.220389][T23654]  rfcomm_dev_ioctl+0x1788/0x1d40
[ 2221.220406][T23654]  sock_do_ioctl+0xd9/0x300
[ 2221.220427][T23654]  sock_ioctl+0x576/0x790
[ 2221.220446][T23654]  __se_sys_ioctl+0xfc/0x170
[ 2221.220463][T23654]  do_syscall_64+0xfa/0x3b0
[ 2221.220475][T23654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.220489][T23654] 
[ 2221.220494][T23654] The buggy address belongs to the object at ffff88807fda8000
[ 2221.220494][T23654]  which belongs to the cache kmalloc-2k of size 2048
[ 2221.220507][T23654] The buggy address is located 240 bytes to the right of
[ 2221.220507][T23654]  allocated 1128-byte region [ffff88807fda8000, ffff88807fda8468)
[ 2221.220523][T23654] 
[ 2221.220527][T23654] The buggy address belongs to the physical page:
[ 2221.220538][T23654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fda8
[ 2221.220552][T23654] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2221.220564][T23654] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 2221.220583][T23654] page_type: f5(slab)
[ 2221.220597][T23654] raw: 00fff00000000040 ffff88801a442000 0000000000000000 dead000000000001
[ 2221.220611][T23654] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 2221.220625][T23654] head: 00fff00000000040 ffff88801a442000 0000000000000000 dead000000000001
[ 2221.220638][T23654] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 2221.220664][T23654] head: 00fff00000000003 ffffea0001ff6a01 00000000ffffffff 00000000ffffffff
[ 2221.220677][T23654] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 2221.220685][T23654] page dumped because: kasan: bad access detected
[ 2221.220696][T23654] page_owner tracks the page as allocated
[ 2221.220701][T23654] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 16607, tgid 16607 (syz-executor), ts 1350631444361, free_ts 1350627740422
[ 2221.220726][T23654]  post_alloc_hook+0x240/0x2a0
[ 2221.220746][T23654]  get_page_from_freelist+0x21d5/0x22b0
[ 2221.220760][T23654]  __alloc_frozen_pages_noprof+0x181/0x370
[ 2221.220774][T23654]  alloc_pages_mpol+0x232/0x4a0
[ 2221.220793][T23654]  allocate_slab+0x8a/0x3b0
[ 2221.220806][T23654]  ___slab_alloc+0xbfc/0x1480
[ 2221.220817][T23654]  __kmalloc_node_track_caller_noprof+0x2f8/0x4e0
[ 2221.220837][T23654]  kmalloc_reserve+0x136/0x290
[ 2221.220851][T23654]  pskb_expand_head+0x18e/0x1150
[ 2221.220869][T23654]  netlink_trim+0x1d5/0x2e0
[ 2221.220888][T23654]  netlink_broadcast_filtered+0x80/0x1140
[ 2221.220902][T23654]  nlmsg_notify+0xf0/0x1a0
[ 2221.220915][T23654]  __dev_notify_flags+0xf4/0x2e0
[ 2221.220931][T23654]  netif_change_flags+0xe8/0x1a0
[ 2221.220946][T23654]  do_setlink+0xc55/0x41c0
[ 2221.220979][T23654]  rtnl_newlink+0x160b/0x1c70
[ 2221.220993][T23654] page last free pid 5976 tgid 5976 stack trace:
[ 2221.221002][T23654]  __free_frozen_pages+0xc65/0xe60
[ 2221.221023][T23654]  __put_partials+0x161/0x1c0
[ 2221.221048][T23654]  put_cpu_partial+0x17c/0x250
[ 2221.221060][T23654]  __slab_free+0x2f7/0x400
[ 2221.221073][T23654]  qlist_free_all+0x97/0x140
[ 2221.221089][T23654]  kasan_quarantine_reduce+0x148/0x160
[ 2221.221106][T23654]  __kasan_slab_alloc+0x22/0x80
[ 2221.221124][T23654]  __kmalloc_cache_noprof+0x1be/0x3d0
[ 2221.221142][T23654]  nsim_fib_event_work+0x835/0x3180
[ 2221.221162][T23654]  process_scheduled_works+0xade/0x17b0
[ 2221.221175][T23654]  worker_thread+0x8a0/0xda0
[ 2221.221189][T23654]  kthread+0x711/0x8a0
[ 2221.221205][T23654]  ret_from_fork+0x3fc/0x770
[ 2221.221217][T23654]  ret_from_fork_asm+0x1a/0x30
[ 2221.221234][T23654] 
[ 2221.221237][T23654] Memory state around the buggy address:
[ 2221.221245][T23654]  ffff88807fda8400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 2221.221255][T23654]  ffff88807fda8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2221.221265][T23654] >ffff88807fda8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2221.221273][T23654]                                                     ^
[ 2221.221282][T23654]  ffff88807fda8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2221.221292][T23654]  ffff88807fda8600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2221.221300][T23654] ==================================================================
[ 2221.225533][T23654] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2221.225558][T23654] CPU: 1 UID: 0 PID: 23654 Comm: syz.8.4493 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[ 2221.225587][T23654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2221.225602][T23654] Call Trace:
[ 2221.225612][T23654]  <TASK>
[ 2221.225621][T23654]  dump_stack_lvl+0x99/0x250
[ 2221.225649][T23654]  ? __asan_memcpy+0x40/0x70
[ 2221.225677][T23654]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2221.225702][T23654]  ? __pfx__printk+0x10/0x10
[ 2221.225739][T23654]  panic+0x2db/0x790
[ 2221.225767][T23654]  ? __pfx_panic+0x10/0x10
[ 2221.225795][T23654]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 2221.225828][T23654]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2221.225859][T23654]  ? print_memory_metadata+0x314/0x400
[ 2221.225903][T23654]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2221.225934][T23654]  check_panic_on_warn+0x89/0xb0
[ 2221.225969][T23654]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2221.225997][T23654]  end_report+0x78/0x160
[ 2221.226029][T23654]  kasan_report+0x129/0x150
[ 2221.226072][T23654]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2221.226104][T23654]  __list_del_entry_valid_or_report+0x92/0x190
[ 2221.226151][T23654]  bt_accept_unlink+0x39/0x240
[ 2221.226177][T23654]  l2cap_sock_teardown_cb+0x17e/0x460
[ 2221.226211][T23654]  l2cap_chan_del+0xb5/0x5e0
[ 2221.226245][T23654]  l2cap_conn_del+0x388/0x680
[ 2221.226278][T23654]  l2cap_connect_cfm+0x11d/0x1040
[ 2221.226311][T23654]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 2221.226341][T23654]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 2221.226370][T23654]  hci_conn_failed+0x1cb/0x310
[ 2221.226397][T23654]  ? hci_abort_conn_sync+0x1f7/0xdf0
[ 2221.226422][T23654]  hci_abort_conn_sync+0x5d1/0xdf0
[ 2221.226446][T23654]  ? __lock_acquire+0xab9/0xd20
[ 2221.226472][T23654]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[ 2221.226497][T23654]  ? hci_disconnect_all_sync+0x2e/0x350
[ 2221.226527][T23654]  ? hci_disconnect_all_sync+0x2e/0x350
[ 2221.226553][T23654]  ? hci_disconnect_all_sync+0x2e/0x350
[ 2221.226581][T23654]  hci_disconnect_all_sync+0x1b5/0x350
[ 2221.226610][T23654]  hci_suspend_sync+0x3b8/0xc00
[ 2221.226638][T23654]  ? __pfx___mutex_lock+0x10/0x10
[ 2221.226657][T23654]  ? enable_work+0x258/0x2c0
[ 2221.226684][T23654]  ? __pfx_hci_suspend_sync+0x10/0x10
[ 2221.226715][T23654]  ? mgmt_pending_find+0x152/0x170
[ 2221.226743][T23654]  ? hci_cmd_sync_cancel_sync+0xc9/0x190
[ 2221.226777][T23654]  hci_suspend_dev+0x28d/0x4d0
[ 2221.226801][T23654]  ? __pfx_hci_suspend_dev+0x10/0x10
[ 2221.226821][T23654]  ? rcu_barrier+0x474/0x570
[ 2221.226853][T23654]  hci_suspend_notifier+0xf2/0x290
[ 2221.226884][T23654]  notifier_call_chain+0x1b6/0x3e0
[ 2221.226931][T23654]  blocking_notifier_call_chain_robust+0x85/0x100
[ 2221.226964][T23654]  pm_notifier_call_chain_robust+0x2c/0x60
[ 2221.227003][T23654]  snapshot_open+0x19c/0x280
[ 2221.227028][T23654]  ? __pfx_snapshot_open+0x10/0x10
[ 2221.227049][T23654]  misc_open+0x2bc/0x330
[ 2221.227086][T23654]  chrdev_open+0x4c9/0x5e0
[ 2221.227111][T23654]  ? __pfx_chrdev_open+0x10/0x10
[ 2221.227157][T23654]  ? __pfx_chrdev_open+0x10/0x10
[ 2221.227179][T23654]  do_dentry_open+0xdf0/0x1970
[ 2221.227217][T23654]  vfs_open+0x3b/0x340
[ 2221.227241][T23654]  ? path_openat+0x2ecd/0x3830
[ 2221.227275][T23654]  path_openat+0x2ee5/0x3830
[ 2221.227303][T23654]  ? arch_stack_walk+0xfc/0x150
[ 2221.227355][T23654]  ? __pfx_path_openat+0x10/0x10
[ 2221.227384][T23654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.227424][T23654]  do_filp_open+0x1fa/0x410
[ 2221.227452][T23654]  ? __lock_acquire+0xab9/0xd20
[ 2221.227477][T23654]  ? __pfx_do_filp_open+0x10/0x10
[ 2221.227523][T23654]  ? _raw_spin_unlock+0x28/0x50
[ 2221.227554][T23654]  ? alloc_fd+0x64c/0x6c0
[ 2221.227597][T23654]  do_sys_openat2+0x121/0x1c0
[ 2221.227624][T23654]  ? __se_sys_futex+0x36f/0x400
[ 2221.227654][T23654]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2221.227686][T23654]  ? rcu_is_watching+0x15/0xb0
[ 2221.227714][T23654]  __x64_sys_openat+0x138/0x170
[ 2221.227745][T23654]  do_syscall_64+0xfa/0x3b0
[ 2221.227768][T23654]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2221.227804][T23654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.227827][T23654]  ? clear_bhb_loop+0x60/0xb0
[ 2221.227856][T23654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2221.227905][T23654] RIP: 0033:0x7fdef758e929
[ 2221.227926][T23654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2221.227950][T23654] RSP: 002b:00007fdef8473038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2221.227976][T23654] RAX: ffffffffffffffda RBX: 00007fdef77b6160 RCX: 00007fdef758e929
[ 2221.227997][T23654] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 2221.228014][T23654] RBP: 00007fdef7610b39 R08: 0000000000000000 R09: 0000000000000000
[ 2221.228031][T23654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2221.228046][T23654] R13: 0000000000000000 R14: 00007fdef77b6160 R15: 00007fff29dfa208
[ 2221.228077][T23654]  </TASK>
[ 2221.231364][T23654] Kernel Offset: disabled