last executing test programs:

1m13.427657582s ago: executing program 4 (id=341):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x38, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000002000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
unshare(0x68060200)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000b00)={{0x2, 0x8200, @dev={0xac, 0x14, 0x14, 0x31}}, {0x0, @random}, 0x1c, {0x2, 0x4e22, @loopback}, 'veth1_to_hsr\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000009500cd3d2f000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786cab00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000004000000850000007d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = syz_io_uring_setup(0x34b3, &(0x7f0000000180)={0x0, 0x0, 0x30c0, 0x1}, &(0x7f0000000100), &(0x7f0000000140))
r6 = epoll_create(0xaf2)
epoll_pwait2(r6, &(0x7f0000000240)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000080)={0xe000200f})
setgroups(0xefff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
close(0xffffffffffffffff)

1m9.416253061s ago: executing program 4 (id=353):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r1, &(0x7f0000001440)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0)

1m8.403996756s ago: executing program 4 (id=357):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x1000000, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0x8, 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card0/oss_mixer\x00', 0x121400, 0x0)
getpid()
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x801)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bee)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
read$FUSE(0xffffffffffffffff, &(0x7f0000003980)={0x2020}, 0x2020)
timer_delete(0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="747240e4157896dd56be7ea12d36ecac75c99508b6fd49", @ANYRESHEX=r4, @ANYRESHEX=r5, @ANYBLOB=',\x00'])

1m7.737899813s ago: executing program 4 (id=360):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = syz_open_procfs(0x0, &(0x7f0000001400)='sessionid\x00')
preadv(r1, &(0x7f0000001380)=[{&(0x7f0000000080)=""/180, 0xb4}], 0x1, 0x3, 0x3ff)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@rand_addr=' \x01\x00', 0x2, 0x0, 0xff, 0x1, 0xfffc}, 0x20)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r4, 0x400448ca, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r6, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x58, 0x30, 0x1, 0x0, 0x0, {}, [{0x44, 0x1, [@m_skbedit={0x40, 0x1, 0x0, 0x0, {{0xc}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x3}, @TCA_SKBEDIT_PTYPE={0x6, 0x4}]}, {0x4}, {0xc, 0x10}, {0xc, 0x9, {0xf5}}}}]}]}, 0x58}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write(r5, &(0x7f0000000000)="0a000000010001", 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x18)
socket$kcm(0x10, 0x2, 0x0)

1m7.412240654s ago: executing program 4 (id=362):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000003010101000000b500000000000000003a5e79d9062db61d116b80854604e1ec312128fcadae7ad447783d69e78049a14408a4ebb6ed695b3da6beffaf0634b2062aa47ea6a0d4fb36dbd12bcd6a327ed9eff6603f2ff8b5bf736c22a729406baa0b5d634bba7c"], 0x14}}, 0x0)

1m7.197521885s ago: executing program 4 (id=363):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
syz_io_uring_setup(0x4c70, &(0x7f0000000200)={0x0, 0x0, 0x10101}, &(0x7f0000000080), &(0x7f0000000140)=<r0=>0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x1, './file1\x00'}, 0xfffffc61) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r2, &(0x7f0000002e40)=[{{&(0x7f0000000280)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/171, 0xab}, {&(0x7f0000002f00)=""/61, 0x3d}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f00000005c0)=""/137, 0x89}, {&(0x7f0000000680)=""/220, 0xdc}], 0x5, &(0x7f0000000800)=""/98, 0x62}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/211, 0xd3}, {&(0x7f0000000980)=""/4090, 0xffa}, {&(0x7f0000000340)=""/61, 0x3d}, {&(0x7f0000001980)=""/161, 0xa1}], 0x4, &(0x7f0000001a40)=""/114, 0x72}, 0x8}, {{&(0x7f0000001ac0)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000002dc0), 0x0, &(0x7f0000000440)=""/19, 0x13}, 0x8}], 0x3, 0x40002003, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[]) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000180)) (async)
chdir(0x0) (async)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0) (async)
r4 = memfd_secret(0x0)
ftruncate(r4, 0x5)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x11, r4, 0x0)
syz_io_uring_submit(r5, r0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1f}})
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, &(0x7f0000000040)={0x80, 0x8c8, 0x0, 0x0}) (async)
r7 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) (async)
syz_open_dev$midi(&(0x7f0000000100), 0x3ff, 0x2000)
syz_usb_disconnect(r7) (async)
gettid() (async)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xa6af, 0x4, 0xffbffffc, 0x13dc}, &(0x7f0000000000), &(0x7f00000001c0))

1m6.917372762s ago: executing program 32 (id=363):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
syz_io_uring_setup(0x4c70, &(0x7f0000000200)={0x0, 0x0, 0x10101}, &(0x7f0000000080), &(0x7f0000000140)=<r0=>0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x1, './file1\x00'}, 0xfffffc61) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r2, &(0x7f0000002e40)=[{{&(0x7f0000000280)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/171, 0xab}, {&(0x7f0000002f00)=""/61, 0x3d}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f00000005c0)=""/137, 0x89}, {&(0x7f0000000680)=""/220, 0xdc}], 0x5, &(0x7f0000000800)=""/98, 0x62}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/211, 0xd3}, {&(0x7f0000000980)=""/4090, 0xffa}, {&(0x7f0000000340)=""/61, 0x3d}, {&(0x7f0000001980)=""/161, 0xa1}], 0x4, &(0x7f0000001a40)=""/114, 0x72}, 0x8}, {{&(0x7f0000001ac0)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000002dc0), 0x0, &(0x7f0000000440)=""/19, 0x13}, 0x8}], 0x3, 0x40002003, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[]) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000180)) (async)
chdir(0x0) (async)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0) (async)
r4 = memfd_secret(0x0)
ftruncate(r4, 0x5)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x11, r4, 0x0)
syz_io_uring_submit(r5, r0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1f}})
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, &(0x7f0000000040)={0x80, 0x8c8, 0x0, 0x0}) (async)
r7 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) (async)
syz_open_dev$midi(&(0x7f0000000100), 0x3ff, 0x2000)
syz_usb_disconnect(r7) (async)
gettid() (async)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xa6af, 0x4, 0xffbffffc, 0x13dc}, &(0x7f0000000000), &(0x7f00000001c0))

9.68206817s ago: executing program 1 (id=545):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x4d, 0xda, 0xcc, 0x20, 0xe41, 0x4750, 0x269c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xf4, 0x2, 0x1, 0xd2, 0x98, 0x2c, 0x0, [], [{{0x9, 0x5, 0x2, 0x0, 0x200, 0x2}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/handlers\x00', 0x0, 0x0)
preadv2(r1, &(0x7f00000004c0)=[{&(0x7f0000000040)=""/78, 0x4e}], 0x1, 0xffff7fff, 0x0, 0x0)

8.919780469s ago: executing program 0 (id=549):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xfffffffffffffcff}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000000)=ANY=[])

7.623209536s ago: executing program 1 (id=552):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d01"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000c80)={0x44, &(0x7f0000000740)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

7.51332391s ago: executing program 2 (id=553):
r0 = memfd_create(&(0x7f0000000000)='&\x00', 0x4)
ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000000040))
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000080)={"1e16bc119d7b189075829a3afcd8574f", 0x0, <r1=>0x0, {0xfffffffffffff171, 0x7018}, {0x9, 0xfffffff9}, 0x9, [0x2, 0x2, 0x5, 0x4, 0x1000, 0x0, 0x0, 0x40, 0x1, 0x1ff, 0x7, 0x80000001, 0x7, 0x10, 0x81, 0x3]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000180)={0x0, ""/256, 0x0, 0x0, <r2=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000380)={"c02b2e3aa6eb902c905b3f1a591228a4", r1, r2, {0x100, 0xffffffff}, {0x2, 0x1000}, 0x7, [0x81, 0x0, 0x0, 0xd94, 0x8, 0x9, 0x7, 0x100000001, 0x4, 0x5, 0x0, 0x8000, 0x10f00462, 0x8, 0x9, 0x6]})
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x202002, 0x20, 0x20}, 0x18)
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000500)={0x800, 0x4})
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000540)={<r4=>0x0})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r3, 0xc010641d, &(0x7f0000001580)={r4, &(0x7f0000000580)=""/4096})
ioctl$HIDIOCSFLAG(r3, 0x4004480f, &(0x7f00000015c0)=0x2)
read$hiddev(r3, &(0x7f0000001600)=""/4096, 0x1000)
setsockopt$WPAN_WANTLQI(r3, 0x0, 0x3, &(0x7f0000002600), 0x4)
ioctl$RNDGETENTCNT(r3, 0x80045200, &(0x7f0000002640))
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000002680))
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f00000026c0)=0xde6)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000002740), r3)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000002940)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002900)={&(0x7f0000002780)={0x178, r5, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7fffffff}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "42d327ac0f8346ae0f0720f53cfe602b393d939b14c0"}}]}, @TIPC_NLA_NET={0x64, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xffffffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100000001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfe}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x80}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8000000000000000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x39d7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xe83}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_LINK={0xa8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6bb}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf15c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x4008014}, 0x48000)
r6 = accept$ax25(r3, &(0x7f0000002980)={{0x3, @default}, [@default, @rose, @rose, @bcast, @netrom, @default, @bcast, @bcast]}, &(0x7f0000002a00)=0x48)
ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f0000002a40)=@mmap={0xdeb, 0x1, 0x4, 0x2, 0xfffff000, {}, {0x2, 0x1, 0xd3, 0x8, 0x8d, 0x1, "673b87f4"}, 0x7, 0x1, {}, 0x0, 0x0, r3})
getpid()
connect$bt_sco(r3, &(0x7f0000002ac0), 0x8)
syz_open_dev$sndmidi(&(0x7f0000002b00), 0x4f, 0x400000)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000002b40)=[@in6={0xa, 0x4e23, 0x6, @private1, 0x1}, @in={0x2, 0x4e24, @multicast2}], 0x2c)
ioctl(r3, 0xe, &(0x7f0000002b80)="0bcd74fd1a9bd9d5f32bd86fdee39857fedc11a559ce6e1f4467683e1ec29c0538f61cdeee4e9ffc0f53184be10b49ab1500dbd7cc787bcd202c172daa1016a9937cff429736681076618adef2fb63374b4ea8f4502346d571001cf0caa3eb67be104ad69fde817ec68653fec34f453f2bbe0913d6a607ad0cc62237f3e2fcbfea2b07c69c80a93d8f54e1942f3d172d4a0abcf44fcc3a9120f53752710449bccc384df4c025e6e2911c2fc54b90d9c76411d6cbab751eee91b304dc812f8dd63a7c2ff9b2979837550199334b7438347cb629863dd5df14fec2536de617f0105a5674d96084a5a9a3b452a85c3a514445c9200cd2deec0601d4d9")
recvmmsg(r6, &(0x7f0000009340)=[{{&(0x7f0000002c80)=@pppol2tp={0x18, 0x1, {0x0, <r7=>0xffffffffffffffff}}, 0x80, &(0x7f0000002fc0)=[{&(0x7f0000002d00)=""/53, 0x35}, {&(0x7f0000002d40)=""/159, 0x9f}, {&(0x7f0000002e00)=""/194, 0xc2}, {&(0x7f0000002f00)=""/187, 0xbb}], 0x4, &(0x7f0000003000)=""/136, 0x88}, 0x8}, {{&(0x7f00000030c0)=@ieee802154={0x24, @long}, 0x80, &(0x7f0000004540)=[{&(0x7f0000003140)=""/183, 0xb7}, {&(0x7f0000003200)=""/242, 0xf2}, {&(0x7f0000003300)}, {&(0x7f0000003340)=""/4096, 0x1000}, {&(0x7f0000004340)=""/17, 0x11}, {&(0x7f0000004380)}, {&(0x7f00000043c0)=""/149, 0x95}, {&(0x7f0000004480)=""/34, 0x22}, {&(0x7f00000044c0)=""/98, 0x62}], 0x9, &(0x7f0000004600)}, 0xf}, {{0x0, 0x0, &(0x7f0000006980)=[{&(0x7f0000004640)=""/88, 0x58}, {&(0x7f00000046c0)=""/4096, 0x1000}, {&(0x7f00000056c0)=""/195, 0xc3}, {&(0x7f00000057c0)=""/62, 0x3e}, {&(0x7f0000005800)=""/245, 0xf5}, {&(0x7f0000005900)=""/125, 0x7d}, {&(0x7f0000005980)=""/4096, 0x1000}], 0x7, &(0x7f0000006a00)=""/36, 0x24}, 0x10000}, {{&(0x7f0000006a40)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000006d00)=[{&(0x7f0000006ac0)=""/181, 0xb5}, {&(0x7f0000006b80)=""/133, 0x85}, {&(0x7f0000006c40)=""/150, 0x96}], 0x3, &(0x7f0000006d40)=""/129, 0x81}, 0x7fff}, {{&(0x7f0000006e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000009280)=[{&(0x7f0000006e80)=""/241, 0xf1}, {&(0x7f0000006f80)=""/159, 0x9f}, {&(0x7f0000007040)=""/189, 0xbd}, {&(0x7f0000007100)=""/4096, 0x1000}, {&(0x7f0000008100)=""/150, 0x96}, {&(0x7f00000081c0)=""/150, 0x96}, {&(0x7f0000008280)=""/4096, 0x1000}], 0x7, &(0x7f0000009300)=""/58, 0x3a}, 0x5}], 0x5, 0x20, &(0x7f0000009480)={0x0, 0x3938700})
bpf$OBJ_GET_MAP(0x7, &(0x7f0000009500)=@o_path={&(0x7f00000094c0)='./file0\x00', 0x0, 0x4000}, 0x18)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000009580), r3)
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000009680)={&(0x7f0000009540)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000009640)={&(0x7f00000095c0)={0x5c, r8, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x5}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e21}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x7}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x91)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000096c0)={0x0, 0x0, 0x7, 0x0, '\x00', [{0xd, 0x7, 0x1, 0x401, 0xc75f, 0x3}, {0x9b, 0x6, 0x2, 0x5, 0x3, 0x1}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
recvmmsg(0xffffffffffffffff, &(0x7f000000ba40)=[{{&(0x7f0000009980)=@qipcrtr, 0x80, &(0x7f0000009b00)=[{&(0x7f0000009a00)=""/250, 0xfa}], 0x1, &(0x7f0000009b40)=""/22, 0x16}, 0x1}, {{0x0, 0x0, &(0x7f000000a280)=[{&(0x7f0000009b80)=""/20, 0x14}, {&(0x7f0000009bc0)=""/63, 0x3f}, {&(0x7f0000009c00)=""/233, 0xe9}, {&(0x7f0000009d00)=""/219, 0xdb}, {&(0x7f0000009e00)=""/205, 0xcd}, {&(0x7f0000009f00)=""/221, 0xdd}, {&(0x7f000000a000)=""/137, 0x89}, {&(0x7f000000a0c0)=""/148, 0x94}, {&(0x7f000000a180)=""/224, 0xe0}], 0x9, &(0x7f000000a340)=""/202, 0xca}, 0x8}, {{&(0x7f000000a440)=@nfc, 0x80, &(0x7f000000a700)=[{&(0x7f000000a4c0)=""/69, 0x45}, {&(0x7f000000a540)=""/67, 0x43}, {&(0x7f000000a5c0)=""/44, 0x2c}, {&(0x7f000000a600)=""/199, 0xc7}], 0x4, &(0x7f000000a740)=""/183, 0xb7}, 0x2}, {{&(0x7f000000a800)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f000000b9c0)=[{&(0x7f000000a880)=""/109, 0x6d}, {&(0x7f000000a900)=""/4096, 0x1000}, {&(0x7f000000b900)=""/182, 0xb6}], 0x3, &(0x7f000000ba00)}, 0xe0ab}], 0x4, 0x40, 0x0)

7.395188809s ago: executing program 2 (id=555):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x1000001, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
waitid(0x2, 0x0, &(0x7f00000001c0), 0x4, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
creat(&(0x7f0000000080)='./file0\x00', 0x1de)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x84000)
preadv(r0, &(0x7f0000000480)=[{&(0x7f0000000040)=""/1, 0x1}, {&(0x7f00000000c0)=""/100, 0x64}, {&(0x7f0000000140)=""/194, 0xc2}, {&(0x7f0000000240)=""/92, 0x5c}, {&(0x7f00000002c0)=""/193, 0xc1}, {&(0x7f00000003c0)=""/142, 0x8e}], 0x6, 0x8001, 0x2)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000100), 0x3f00, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100002ade4520cd0612016f580102030109021b00010000000009040000010d18100009050103"], 0x0)

6.972569663s ago: executing program 0 (id=559):
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
r1 = openat$dsp(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x98}, 0x18)
ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f00000000c0)=0x33)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380))
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000400)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000001c0)={r3, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000a40)={0xa, @pix_mp})
ioctl$VIDIOC_S_CROP(r6, 0x4014563c, &(0x7f0000000280)={0xa, {0x0, 0x0, 0x7fffffff, 0xf14}})
r7 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)={@cgroup=r8, r5, 0x12, 0x6, 0x0, @void, @value}, 0x10)
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000180)={0x60, 0x3, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0xb4d, &(0x7f00000000c0)=[{0x6, 0x4, 0x7}, {0xb01, 0x7, 0x2451}, {0x8, 0x78b6, 0x9}, {0x61, 0x3, 0xffffffffffffffe7}, {0x0, 0x94, 0x1}, {0x8, 0xfffffffffffffff7, 0xff}], 0x6, 0x7, 0x2, 0x44, 0x8, 0x20})
ioctl$VIDIOC_CROPCAP(r4, 0xc02c563a, &(0x7f0000000000)={0xa, {0x1000be8, 0x8, 0xd, 0x9}, {0x8, 0x8837, 0x4, 0x8}, {0x0, 0x6df}})

5.898108137s ago: executing program 5 (id=560):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
socket(0x1d, 0x2, 0x6)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x95)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[])
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r5, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r6, &(0x7f0000000840)=[{&(0x7f0000000880)="24e0ddbc20a189d8826378fafbdc737af9df1967ead513fd034634e737ad8b", 0x1f}, {&(0x7f0000000680)="88810a54a9c2263b15d2833c5debf3770a6b891564c66e25c65f5dd059329e86cb84e2177dc680c1ad", 0x29}, {0x0}], 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r8 = gettid()
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000410007010000000000000000017c000008000100", @ANYRES32=r8], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r1, 0x321, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

5.044524158s ago: executing program 0 (id=562):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffe4}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x20}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0) (fail_nth: 3)

4.936229904s ago: executing program 0 (id=563):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan0\x00', <r1=>0x0})
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x4, 0x0, 0x0, r1}, 0xc)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000080)={0x1, 0x0, 0x0, r1, 0x267a4e37}, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x24008050}, 0x20008000)

4.465139371s ago: executing program 3 (id=564):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc040aed4, &(0x7f00000000c0)={0x0, 0x7, 0xeeee8000, 0x2000, &(0x7f0000fe8000/0x2000)=nil})
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100))
add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, r2)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
brk(0x200100006e61)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000e2b8ffab4e146108310f58aa0000b6dac2424358875626"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r5}, 0x10)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r4])

4.418020877s ago: executing program 2 (id=565):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'virt_wifi0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newlink={0x60, 0x10, 0x403, 0x0, 0xff000000, {0x0, 0x0, 0x4, 0x0, 0x300, 0x200}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x28, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7fffffff, 0x1000}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3ff, 0x3}}]}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x60}, 0x1, 0x0, 0x0, 0xc1}, 0x0)

4.364332634s ago: executing program 0 (id=566):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d40710404030300000000010902b901010000003f0904"], 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffa000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000100), 0x0) (rerun: 32)
syz_usb_control_io(r0, 0x0, 0x0)

4.363786748s ago: executing program 1 (id=567):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, 0x0)
socket$igmp(0x2, 0x3, 0x2)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000440)={0x6, 0x0, 0x8c1f, 0x0, 0x0, 0x0, 0x651, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xa, 0x0, 0xcc3, 0xfffffffffffffffc})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
bind$nfc_llcp(0xffffffffffffffff, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
writev(r5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000400000000000f4ff000000009500000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
setxattr$security_evm(0x0, 0x0, 0x0, 0x0, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.340795108s ago: executing program 2 (id=568):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
socket(0x1d, 0x2, 0x6)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x95)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[])
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r5, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r6, &(0x7f0000000840)=[{&(0x7f0000000880)="24e0ddbc20a189d8826378fafbdc737af9df1967ead513fd034634e737ad8b", 0x1f}, {&(0x7f0000000680)="88810a54a9c2263b15d2833c5debf3770a6b891564c66e25c65f5dd059329e86cb84e2177dc680c1ad", 0x29}, {0x0}], 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000410007010000000000000000017c000008000100", @ANYRES32], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r1, 0x321, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

4.339914982s ago: executing program 5 (id=569):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

3.383188566s ago: executing program 5 (id=570):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005f40)={0x0, 0x0, &(0x7f0000005f00)={&(0x7f0000000140)=@deltclass={0x40, 0x29, 0x309, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x10, 0xd}, {0xfff3, 0x6}, {0x6, 0xd}}, [@tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0x99d3}}}, @tclass_kind_options=@c_red={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x44}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = getpgrp(0xffffffffffffffff)
prlimit64(r2, 0x2, 0x0, &(0x7f0000000000))
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x3c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}], @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0xc, {0x8, 0x5, 0x0, 0x8}}}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x28}]}, 0x3c}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ioctl$FICLONE(r4, 0x40049409, r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0700000004000000080000004000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000200"/28], 0x48)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0xc, &(0x7f0000000480)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
r8 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r8, &(0x7f00000003c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}}], 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r8, 0x84, 0x17, &(0x7f0000000200)=@sack_info={r7}, 0xc)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r9}, 0x10)

3.282637675s ago: executing program 2 (id=571):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x29, &(0x7f0000000280)=@raw=[@cb_func={0x18, 0xf, 0x4, 0x0, 0xfffffffffffffffd}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x400}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x8}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @call, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], &(0x7f0000000400)='syzkaller\x00', 0x80000000, 0xed, &(0x7f0000000440)=""/237, 0x41000, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x4, 0x2, 0x81b, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000005c0)=[0x1, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], &(0x7f0000000600)=[{0x4, 0x1, 0x2, 0x5}, {0x1, 0x2, 0xd, 0x2}, {0x3, 0x3, 0x0, 0xc}, {0x5, 0x5, 0x3, 0x1}, {0x4, 0x2, 0x7}, {0x0, 0x5, 0x2, 0x3}, {0x0, 0x5, 0xf}], 0x10, 0x0, @void, @value}, 0x94)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002fc0)=""/102400, 0x19000)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

2.799490591s ago: executing program 1 (id=572):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="6c000000100001042dbd70000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000000000004c001280110001006272696467655f736c617665000000003400058006001f00ff0300000800030004000000050021000000000005000100030000000600020003000000050019"], 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

2.728955768s ago: executing program 3 (id=573):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="05a300f2ffffffffffff0c"], 0x1c}}, 0xf0ffffffffffff)

2.624013357s ago: executing program 1 (id=574):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x100, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_RATE={0x6, 0x5, {0xd, 0xd0}}, @filter_kind_options=@f_cgroup={{0xb}, {0xc8, 0x2, [@TCA_CGROUP_EMATCHES={0xc4, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xc0, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x9, 0x3, 0x5}, {0x1ff, 0x81, 0x1ff, 0x5}}}, @TCF_EM_META={0x74, 0x3, 0x0, 0x0, {{0x8, 0x4, 0x3}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x69, 0x1}, {0x9, 0x9}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8001, 0x4, 0x2}, {0x2, 0xe7, 0x1}}}, @TCA_EM_META_RVALUE={0x1d, 0x3, [@TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="03fec46370fa", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR='O', @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="f3ba", @TCF_META_TYPE_INT=0x7]}, @TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_VAR="2210c2244f264701", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="43fefa1ddadc69f433"]}, @TCA_EM_META_LVALUE={0x11, 0x2, [@TCF_META_TYPE_VAR="cf", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x1]}]}}, @TCF_EM_IPT={0x2c, 0x2, 0x0, 0x0, {{0xfc01, 0x9, 0x6}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xa6}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}, @TCA_EM_IPT_HOOK={0x8}]}}]}]}]}}]}, 0x100}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
tee(r1, r5, 0xfffffffffffffc01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QUERYBUF(r2, 0xc0585609, &(0x7f00000002c0)=@multiplanar_mmap={0x7fff, 0x6, 0x4, 0x1000, 0x1000, {}, {0x3, 0x0, 0x46, 0x2, 0x9, 0xf, "53127f8b"}, 0x9, 0x1, {&(0x7f0000000200)=[{0x8f25, 0xd4, {0x800000000000000}, 0xfffffff0}, {0xfffffff8, 0xe2b, {0x1}, 0x1000}]}, 0x0, 0x0, r4})
timerfd_create(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000380)="2cbdd5e297a5f9f749f4f8fe3f134625ab52151dd066bb5f57b3b61d4b7dca6ba2f64501556e154307f50a2936afe8fccac94a48ca10b1562baf18738c017463c7947d0995e518c51c5ce7b79474f8149d5d880e151827ce7f4e3be08fd99929b962bcad69bb5f7d576e4cc1ca206f873adb", 0x72}], 0x1}, 0x8940)

2.152639178s ago: executing program 3 (id=575):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x100, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_RATE={0x6, 0x5, {0xd, 0xd0}}, @filter_kind_options=@f_cgroup={{0xb}, {0xc8, 0x2, [@TCA_CGROUP_EMATCHES={0xc4, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xc0, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x9, 0x3, 0x5}, {0x1ff, 0x81, 0x1ff, 0x5}}}, @TCF_EM_META={0x74, 0x3, 0x0, 0x0, {{0x8, 0x4, 0x3}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x69, 0x1}, {0x9, 0x9}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8001, 0x4, 0x2}, {0x2, 0xe7, 0x1}}}, @TCA_EM_META_RVALUE={0x1d, 0x3, [@TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="03fec46370fa", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR='O', @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="f3ba", @TCF_META_TYPE_INT=0x7]}, @TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_VAR="2210c2244f264701", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="43fefa1ddadc69f433"]}, @TCA_EM_META_LVALUE={0x11, 0x2, [@TCF_META_TYPE_VAR="cf", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x1]}]}}, @TCF_EM_IPT={0x2c, 0x2, 0x0, 0x0, {{0xfc01, 0x9, 0x6}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xa6}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}, @TCA_EM_IPT_HOOK={0x8}]}}]}]}]}}]}, 0x100}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r1, r3, 0xfffffffffffffc01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_create(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000380)="2cbdd5e297a5f9f749f4f8fe3f134625ab52151dd066bb5f57b3b61d4b7dca6ba2f64501556e154307f50a2936afe8fccac94a48ca10b1562baf18738c017463c7947d0995e518c51c5ce7b79474f8149d5d880e151827ce7f4e3be08fd99929b962bcad69bb5f7d576e4cc1ca206f873adb", 0x72}], 0x1}, 0x8940)

1.938038426s ago: executing program 5 (id=576):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_create_resource$binfmt(&(0x7f0000000e40)='./file0\x00')
openat$binfmt(0xffffff9c, r1, 0x41, 0x1ff)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! '], 0x5c00000000000000})

1.37866878s ago: executing program 5 (id=577):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r1)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x58, r2, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0xfeffffff}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0xffa7}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @local}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}]}, 0x58}}, 0x0)

1.304413246s ago: executing program 1 (id=578):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d0102030109021200"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000c80)={0x44, &(0x7f0000000740)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.30234493s ago: executing program 0 (id=579):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r2=>0x0})
getsockopt$sock_buf(r1, 0x1, 0x3d, &(0x7f0000000040)=""/28, &(0x7f0000000100)=0x1c)
r3 = socket$igmp(0x2, 0x3, 0x2)
syz_usb_connect(0x1, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r5 = eventfd(0x1)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000880)={0x1, 0x1, 0x0, 0x0, 0x0})
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000000c0)={0x1, 0x8, 0x1, 0x80000000, @vifc_lcl_ifindex=r2, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000002e40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd607428dd00183afffe800000000000009ee060a6000000bbff0200000000000000000000000008018900907800000000fe880000000000000000000000000001"], 0x0)
io_uring_setup(0x354a, &(0x7f0000000140)={0x0, 0x400004, 0x1})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r7, &(0x7f0000000280), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r7, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r7, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000082e0d2450d75fa2c1d5600"/28], 0x50)
close(r9)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1200000007000000040000000600000000430000", @ANYRES32, @ANYBLOB="0000000000000000000000020000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000400"/28], 0x50)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="5c8100000000000000000000000000000000000000000000000000007c7b00bcd279bc54f914977597b6e4214c95eff2c47dc27a27c99c49208ab4c0f7862d48cffc1534dc9b2c57623e36f333aad962fe2bc180a7cd1554eb248fb4e412654e6bea9b232e6422491a883e0d9df0f383d6b9f19b32adf64d8c63ae89a5d06aa44f28e3b2c4567cc166d36dd266ff66cfd2158a0f944a576b41810c73463164fa"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000300000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x800)
setsockopt$sock_attach_bpf(r13, 0x1, 0x32, &(0x7f0000000440)=r12, 0x4)
sendmsg$unix(r11, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x114, r0, 0xb97534d5fe9704cf, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xd5, 0xac, "128c9f98451ce2e2c98200a82b07284fa7831ebd30d780cfff3874efdb10aef0b1561ea42afaa0099c4207c32d876a4d6ca93f95a8a58ab2170897a7e682b2dcb8f4ad8992fbb3fec6c459497b1e87b45c950bcba4d302765ad3618e0ca9bb50fdd6da071357dc57413916d2b7f00cab425d186081496055dae67e02f8b0077c33cedccdaed8ac366d1ebbd568c96478a0f82f0a02378eb7a4f8b954193b6c321e58186861d2369b6a720a5448f18158e8378390eaf6932245b2811b1db312a02bf4a3fb7546b52ccf620e6f330b33bd1b"}]}, 0x114}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.222947556s ago: executing program 5 (id=580):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl0\x00', <r2=>0x0, 0x4, 0x3, 0x6, 0x0, 0x11, @private0, @mcast1, 0x700, 0x8000, 0x6, 0x7}})
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newsa={0x160, 0x10, 0x1, 0x0, 0x0, {{@in=@private=0xa010102, @in=@dev={0xac, 0x14, 0x14, 0x22}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}, {@in=@empty, 0x0, 0x2b}, @in6=@local, {}, {0xffffffffffffffff}, {0x0, 0x0, 0x4}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4}, [@algo_crypt={0x51, 0x2, {{'ecb(cipher_null)\x00'}, 0x48, "f488ca557ddf0105f1"}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x3}}]}, 0x160}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000280)=@generic={0x0, 0x2, 0x0, "d8251b2a"})
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$inet_int(r3, 0x0, 0xb, 0x0, &(0x7f0000000040))

1.169150833s ago: executing program 2 (id=581):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
memfd_create(&(0x7f0000000040)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00J_\xcc\xc43#\xab\xba\xff\xa5\x99\x87<;bWW,\xcf\xc8\xc5\x12\xd4\xbf\xbc\xb4\xee\xb8\xea\xc2^\xc3!\xb6\x13\xf0\x8fe)\xe2\xc1\t\x1c\x1a\xb0=S\x17d@\x04\xe1\x91\x1dt\xce8\xff\x18\x1a', 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200f0ffff", 0x1a1}], 0x1)
setsockopt(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000000), 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

1.10727347s ago: executing program 3 (id=582):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x70, 0x101301)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f00000001c0)=0x40)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000000000000000000000ff"])
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48c, 0x0, 0x100000000000}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0a0000000400d061000c00000000000000", @ANYRES16=r0, @ANYBLOB='\x00'/20, @ANYRES64=r2, @ANYRES32, @ANYRES16=r3], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002008007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='signal_deliver\x00', r6}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
ioctl$USBDEVFS_RESETEP(r0, 0x80045503, &(0x7f0000000000)={0x1, 0x1})

248.800242ms ago: executing program 3 (id=583):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xf5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}]}], {0x14}}, 0xd4}}, 0x0)

0s ago: executing program 3 (id=584):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[@ANYRESOCT=r0], 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r4, 0x0, 0xffffffffffffffff}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$alg(r6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
sendmsg$nl_route_sched_retired(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r6, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000840)=""/138, 0x8a}, {&(0x7f0000000400)=""/115, 0x73}], 0x2}, 0x4}], 0x1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

iptor??
[  126.780174][  T965] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  126.789740][  T965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.819374][  T965] usb 2-1: config 0 descriptor??
[  126.823554][ T5906] usb 4-1: USB disconnect, device number 4
[  126.832546][ T6776] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  126.867912][ T5850] usb 1-1: device descriptor read/8, error -71
[  126.941440][ T5876] usb 4-1-port1: config error
[  127.025800][   T29] audit: type=1400 audit(1732204977.129:334): avc:  denied  { create } for  pid=6790 comm="syz.2.254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  127.355429][ T6793] infiniband syz2: set active
[  127.360540][ T6793] infiniband syz2: added team_slave_1
[  127.634408][ T5879] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  127.682943][ T6793] RDS/IB: syz2: added
[  127.688655][ T6793] smc: adding ib device syz2 with port count 1
[  127.695169][ T6793] smc:    ib device syz2 port 1 has pnetid 
[  127.711067][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  128.076093][ T5879] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  128.104455][ T5857] Bluetooth: hci1: command 0x0406 tx timeout
[  128.241408][  T965] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd
[  128.249188][ T5857] Bluetooth: hci4: command 0x0c1a tx timeout
[  128.253161][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  128.255344][  T965] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  128.279547][  T965] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  128.298003][  T965] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  128.512524][  T965] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  129.120252][  T965] usb 5-1: USB disconnect, device number 9
[  129.155896][ T5906] usb 2-1: USB disconnect, device number 4
[  129.436390][ T6829] FAULT_INJECTION: forcing a failure.
[  129.436390][ T6829] name failslab, interval 1, probability 0, space 0, times 0
[  129.459844][ T6829] CPU: 0 UID: 0 PID: 6829 Comm: syz.4.263 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  129.470114][ T6829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  129.480174][ T6829] Call Trace:
[  129.483454][ T6829]  <TASK>
[  129.486371][ T6829]  dump_stack_lvl+0x16c/0x1f0
[  129.491042][ T6829]  should_fail_ex+0x497/0x5b0
[  129.495708][ T6829]  ? fs_reclaim_acquire+0xae/0x150
[  129.500808][ T6829]  should_failslab+0xc2/0x120
[  129.505472][ T6829]  __kmalloc_noprof+0xcb/0x400
[  129.510223][ T6829]  ? d_absolute_path+0x137/0x1b0
[  129.515154][ T6829]  tomoyo_encode2+0x100/0x3e0
[  129.519820][ T6829]  tomoyo_encode+0x29/0x50
[  129.524221][ T6829]  tomoyo_realpath_from_path+0x19d/0x720
[  129.529844][ T6829]  tomoyo_path_number_perm+0x248/0x590
[  129.535294][ T6829]  ? tomoyo_path_number_perm+0x235/0x590
[  129.540910][ T6829]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  129.546888][ T6829]  ? __pfx_lock_release+0x10/0x10
[  129.551920][ T6829]  ? trace_lock_acquire+0x14a/0x1d0
[  129.557112][ T6829]  ? lock_acquire+0x2f/0xb0
[  129.561606][ T6829]  ? __fget_files+0x40/0x3a0
[  129.566199][ T6829]  ? __fget_files+0x206/0x3a0
[  129.570863][ T6829]  security_file_ioctl+0x9b/0x240
[  129.575874][ T6829]  __x64_sys_ioctl+0xb7/0x200
[  129.580535][ T6829]  do_syscall_64+0xcd/0x250
[  129.585039][ T6829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.590930][ T6829] RIP: 0033:0x7fa789b7e819
[  129.595330][ T6829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.614924][ T6829] RSP: 002b:00007fa78a982038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  129.623319][ T6829] RAX: ffffffffffffffda RBX: 00007fa789d35fa0 RCX: 00007fa789b7e819
[  129.631277][ T6829] RDX: 0000000020000080 RSI: 00000000c0285628 RDI: 0000000000000003
[  129.639240][ T6829] RBP: 00007fa78a982090 R08: 0000000000000000 R09: 0000000000000000
[  129.647197][ T6829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.655162][ T6829] R13: 0000000000000000 R14: 00007fa789d35fa0 R15: 00007ffd6d819f28
[  129.663144][ T6829]  </TASK>
[  129.666313][    C0] vkms_vblank_simulate: vblank timer overrun
[  130.406213][ T6829] ERROR: Out of memory at tomoyo_realpath_from_path.
[  130.413186][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  130.418991][ T5857] Bluetooth: hci1: command 0x0406 tx timeout
[  130.419245][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  130.425617][ T5144] Bluetooth: hci2: command 0x0406 tx timeout
[  130.752405][ T5878] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  131.015460][ T5856] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  131.016844][ T6845] FAULT_INJECTION: forcing a failure.
[  131.016844][ T6845] name failslab, interval 1, probability 0, space 0, times 0
[  131.041299][ T5878] usb 2-1: device descriptor read/64, error -71
[  131.041330][ T6845] CPU: 1 UID: 0 PID: 6845 Comm: syz.3.268 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  131.057798][ T6845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  131.067880][ T6845] Call Trace:
[  131.071184][ T6845]  <TASK>
[  131.074122][ T6845]  dump_stack_lvl+0x16c/0x1f0
[  131.078817][ T6845]  should_fail_ex+0x497/0x5b0
[  131.083495][ T6845]  ? fs_reclaim_acquire+0xae/0x150
[  131.088608][ T6845]  should_failslab+0xc2/0x120
[  131.093272][ T6845]  __kmalloc_noprof+0xcb/0x400
[  131.098024][ T6845]  bpf_test_init.isra.0+0xa5/0x150
[  131.103135][ T6845]  bpf_prog_test_run_xdp+0x4f0/0x1580
[  131.108513][ T6845]  ? lock_acquire+0x2f/0xb0
[  131.113007][ T6845]  ? __fget_files+0x40/0x3a0
[  131.117607][ T6845]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  131.123424][ T6845]  ? __fget_files+0x206/0x3a0
[  131.128130][ T6845]  ? fput+0x67/0x440
[  131.132035][ T6845]  ? __bpf_prog_get+0xa0/0x290
[  131.136788][ T6845]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  131.142587][ T6845]  __sys_bpf+0xfc6/0x49a0
[  131.146934][ T6845]  ? __pfx_lock_release+0x10/0x10
[  131.151973][ T6845]  ? __pfx___sys_bpf+0x10/0x10
[  131.156726][ T6845]  ? vfs_write+0x306/0x1150
[  131.161231][ T6845]  ? __mutex_unlock_slowpath+0x164/0x690
[  131.166881][ T6845]  ? fput+0x67/0x440
[  131.170771][ T6845]  ? ksys_write+0x1ba/0x250
[  131.175273][ T6845]  ? __pfx_ksys_write+0x10/0x10
[  131.180116][ T6845]  __x64_sys_bpf+0x78/0xc0
[  131.184525][ T6845]  ? lockdep_hardirqs_on+0x7c/0x110
[  131.189719][ T6845]  do_syscall_64+0xcd/0x250
[  131.194209][ T6845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.200100][ T6845] RIP: 0033:0x7f2e1f17e819
[  131.204495][ T6845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.224094][ T6845] RSP: 002b:00007f2e1ffae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  131.232501][ T6845] RAX: ffffffffffffffda RBX: 00007f2e1f335fa0 RCX: 00007f2e1f17e819
[  131.240474][ T6845] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a
[  131.248434][ T6845] RBP: 00007f2e1ffae090 R08: 0000000000000000 R09: 0000000000000000
[  131.256397][ T6845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.264368][ T6845] R13: 0000000000000000 R14: 00007f2e1f335fa0 R15: 00007ffe92feee78
[  131.272364][ T6845]  </TASK>
[  131.282328][ T5878] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  131.421337][ T5878] usb 2-1: device descriptor read/64, error -71
[  131.455873][ T5856] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  131.458686][ T6855] FAULT_INJECTION: forcing a failure.
[  131.458686][ T6855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.497894][ T6855] CPU: 0 UID: 0 PID: 6855 Comm: syz.4.272 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  131.508172][ T6855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  131.518214][ T6855] Call Trace:
[  131.521479][ T6855]  <TASK>
[  131.524395][ T6855]  dump_stack_lvl+0x16c/0x1f0
[  131.529072][ T6855]  should_fail_ex+0x497/0x5b0
[  131.533744][ T6855]  _copy_to_user+0x32/0xd0
[  131.538158][ T6855]  simple_read_from_buffer+0xd0/0x160
[  131.543519][ T6855]  proc_fail_nth_read+0x198/0x270
[  131.548539][ T6855]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  131.554081][ T6855]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  131.559621][ T6855]  vfs_read+0x1df/0xbe0
[  131.563767][ T6855]  ? __fget_files+0x1fc/0x3a0
[  131.568435][ T6855]  ? __pfx___mutex_lock+0x10/0x10
[  131.573450][ T6855]  ? __pfx_vfs_read+0x10/0x10
[  131.578121][ T6855]  ? __fget_files+0x206/0x3a0
[  131.582802][ T6855]  ksys_read+0x12b/0x250
[  131.587045][ T6855]  ? __pfx_ksys_read+0x10/0x10
[  131.591809][ T6855]  do_syscall_64+0xcd/0x250
[  131.596308][ T6855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.602195][ T6855] RIP: 0033:0x7fa789b7d25c
[  131.606600][ T6855] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  131.626195][ T6855] RSP: 002b:00007fa78a982030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  131.634600][ T6855] RAX: ffffffffffffffda RBX: 00007fa789d35fa0 RCX: 00007fa789b7d25c
[  131.642578][ T6855] RDX: 000000000000000f RSI: 00007fa78a9820a0 RDI: 0000000000000003
[  131.650536][ T6855] RBP: 00007fa78a982090 R08: 0000000000000000 R09: 0000000000000000
[  131.658497][ T6855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.666453][ T6855] R13: 0000000000000000 R14: 00007fa789d35fa0 R15: 00007ffd6d819f28
[  131.674422][ T6855]  </TASK>
[  131.677545][    C0] vkms_vblank_simulate: vblank timer overrun
[  131.705985][ T5878] usb usb2-port1: attempt power cycle
[  132.098586][ T6862] FAULT_INJECTION: forcing a failure.
[  132.098586][ T6862] name failslab, interval 1, probability 0, space 0, times 0
[  132.114684][ T6862] CPU: 0 UID: 0 PID: 6862 Comm: syz.2.274 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  132.124957][ T6862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  132.135023][ T6862] Call Trace:
[  132.138288][ T6862]  <TASK>
[  132.141215][ T6862]  dump_stack_lvl+0x16c/0x1f0
[  132.145914][ T6862]  should_fail_ex+0x497/0x5b0
[  132.150610][ T6862]  ? fs_reclaim_acquire+0xae/0x150
[  132.155754][ T6862]  should_failslab+0xc2/0x120
[  132.160453][ T6862]  kmem_cache_alloc_node_noprof+0x71/0x310
[  132.166284][ T6862]  ? __alloc_skb+0x2b1/0x380
[  132.170901][ T6862]  __alloc_skb+0x2b1/0x380
[  132.175347][ T6862]  ? __pfx___alloc_skb+0x10/0x10
[  132.180318][ T6862]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  132.186309][ T6862]  netlink_alloc_large_skb+0x69/0x130
[  132.191687][ T6862]  netlink_sendmsg+0x689/0xd70
[  132.196458][ T6862]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.201753][ T6862]  ____sys_sendmsg+0xaaf/0xc90
[  132.206510][ T6862]  ? copy_msghdr_from_user+0x10b/0x160
[  132.211963][ T6862]  ? __pfx_____sys_sendmsg+0x10/0x10
[  132.217240][ T6862]  ? __lock_acquire+0xcc5/0x3c40
[  132.222179][ T6862]  ___sys_sendmsg+0x135/0x1e0
[  132.226853][ T6862]  ? __pfx____sys_sendmsg+0x10/0x10
[  132.232065][ T6862]  ? trace_lock_acquire+0x14a/0x1d0
[  132.237284][ T6862]  __sys_sendmmsg+0x201/0x420
[  132.241971][ T6862]  ? __pfx___sys_sendmmsg+0x10/0x10
[  132.247183][ T6862]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  132.253167][ T6862]  ? fput+0x67/0x440
[  132.257059][ T6862]  ? ksys_write+0x1ba/0x250
[  132.261551][ T6862]  ? __pfx_ksys_write+0x10/0x10
[  132.266397][ T6862]  __x64_sys_sendmmsg+0x9c/0x100
[  132.271330][ T6862]  ? lockdep_hardirqs_on+0x7c/0x110
[  132.276527][ T6862]  do_syscall_64+0xcd/0x250
[  132.281060][ T6862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.286966][ T6862] RIP: 0033:0x7f207717e819
[  132.291374][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.310973][ T6862] RSP: 002b:00007f2077eba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  132.319384][ T6862] RAX: ffffffffffffffda RBX: 00007f2077335fa0 RCX: 00007f207717e819
[  132.327346][ T6862] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005
[  132.335307][ T6862] RBP: 00007f2077eba090 R08: 0000000000000000 R09: 0000000000000000
[  132.343267][ T6862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.351238][ T6862] R13: 0000000000000000 R14: 00007f2077335fa0 R15: 00007ffda1750108
[  132.359213][ T6862]  </TASK>
[  132.362347][    C0] vkms_vblank_simulate: vblank timer overrun
[  132.502667][ T5856] Bluetooth: hci4: command 0x0c1a tx timeout
[  132.508776][ T5856] Bluetooth: hci1: command 0x0406 tx timeout
[  132.514942][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  132.520989][ T5857] Bluetooth: hci0: command 0x0c1a tx timeout
[  132.621290][   T29] audit: type=1400 audit(1732204982.789:335): avc:  denied  { accept } for  pid=6869 comm="syz.2.277" lport=48117 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  132.644062][    C0] vkms_vblank_simulate: vblank timer overrun
[  132.701385][ T5878] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  132.723888][ T5878] usb 2-1: device descriptor read/8, error -71
[  132.749903][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  132.756523][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  133.087994][ T5878] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  133.133574][ T5878] usb 2-1: device descriptor read/8, error -71
[  133.241650][ T5878] usb usb2-port1: unable to enumerate USB device
[  134.421305][ T5921] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  134.631245][ T5857] Bluetooth: hci2: command 0x0406 tx timeout
[  134.637299][ T5857] Bluetooth: hci0: command 0x0c1a tx timeout
[  134.755854][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  136.411304][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  136.448272][ T5921] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  137.453291][ T5857] Bluetooth: hci1: command 0x0406 tx timeout
[  137.472897][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.507626][ T5921] usb 2-1: Product: syz
[  137.521243][ T5921] usb 2-1: Manufacturer: syz
[  137.525876][ T5921] usb 2-1: SerialNumber: syz
[  137.540351][ T5921] usb 2-1: config 0 descriptor??
[  137.600481][ T5921] usb 2-1: can't set config #0, error -71
[  137.663228][ T5921] usb 2-1: USB disconnect, device number 9
[  137.695105][ T6895] FAULT_INJECTION: forcing a failure.
[  137.695105][ T6895] name failslab, interval 1, probability 0, space 0, times 0
[  137.723476][ T6895] CPU: 1 UID: 0 PID: 6895 Comm: syz.1.286 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  137.733760][ T6895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  137.743825][ T6895] Call Trace:
[  137.747110][ T6895]  <TASK>
[  137.750043][ T6895]  dump_stack_lvl+0x16c/0x1f0
[  137.754739][ T6895]  should_fail_ex+0x497/0x5b0
[  137.759435][ T6895]  ? fs_reclaim_acquire+0xae/0x150
[  137.764565][ T6895]  should_failslab+0xc2/0x120
[  137.769260][ T6895]  kmem_cache_alloc_node_noprof+0x71/0x310
[  137.775086][ T6895]  ? __alloc_skb+0x2b1/0x380
[  137.779700][ T6895]  __alloc_skb+0x2b1/0x380
[  137.784135][ T6895]  ? __pfx___alloc_skb+0x10/0x10
[  137.789087][ T6895]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  137.795861][ T6895]  ? import_ubuf+0x1b6/0x220
[  137.800456][ T6895]  pfkey_sendmsg+0x16e/0x840
[  137.805042][ T6895]  ____sys_sendmsg+0xaaf/0xc90
[  137.809797][ T6895]  ? copy_msghdr_from_user+0x10b/0x160
[  137.815251][ T6895]  ? __pfx_____sys_sendmsg+0x10/0x10
[  137.820524][ T6895]  ? __lock_acquire+0xcc5/0x3c40
[  137.825464][ T6895]  ___sys_sendmsg+0x135/0x1e0
[  137.830140][ T6895]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.835341][ T6895]  ? trace_lock_acquire+0x14a/0x1d0
[  137.840546][ T6895]  __sys_sendmmsg+0x201/0x420
[  137.845220][ T6895]  ? __pfx___sys_sendmmsg+0x10/0x10
[  137.850423][ T6895]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.856430][ T6895]  ? fput+0x67/0x440
[  137.860320][ T6895]  ? ksys_write+0x1ba/0x250
[  137.864814][ T6895]  ? __pfx_ksys_write+0x10/0x10
[  137.869655][ T6895]  __x64_sys_sendmmsg+0x9c/0x100
[  137.874589][ T6895]  ? lockdep_hardirqs_on+0x7c/0x110
[  137.879780][ T6895]  do_syscall_64+0xcd/0x250
[  137.884277][ T6895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.890162][ T6895] RIP: 0033:0x7f313a17e819
[  137.894566][ T6895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.914163][ T6895] RSP: 002b:00007f313afdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  137.922571][ T6895] RAX: ffffffffffffffda RBX: 00007f313a335fa0 RCX: 00007f313a17e819
[  137.930533][ T6895] RDX: 00000000000003ef RSI: 0000000020000180 RDI: 0000000000000003
[  137.938516][ T6895] RBP: 00007f313afdf090 R08: 0000000000000000 R09: 0000000000000000
[  137.946475][ T6895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.954434][ T6895] R13: 0000000000000000 R14: 00007f313a335fa0 R15: 00007ffebabdb1d8
[  137.962409][ T6895]  </TASK>
[  138.151920][ T5906] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  138.322747][ T5906] usb 4-1: config 0 has an invalid interface number: 244 but max is 0
[  138.337719][ T5906] usb 4-1: config 0 has no interface number 0
[  138.370777][ T5906] usb 4-1: config 0 interface 244 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.446371][ T5906] usb 4-1: config 0 interface 244 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.520693][ T5906] usb 4-1: config 0 interface 244 has no altsetting 0
[  138.567451][ T5906] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  138.627412][ T5906] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.693128][ T5906] usb 4-1: config 0 descriptor??
[  140.051579][ T6893] block nbd3: Device being setup by another task
[  140.142301][ T6919] FAULT_INJECTION: forcing a failure.
[  140.142301][ T6919] name failslab, interval 1, probability 0, space 0, times 0
[  140.170967][ T6919] CPU: 1 UID: 0 PID: 6919 Comm: syz.0.291 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  140.181253][ T6919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  140.191309][ T6919] Call Trace:
[  140.194572][ T6919]  <TASK>
[  140.197503][ T6919]  dump_stack_lvl+0x16c/0x1f0
[  140.202177][ T6919]  should_fail_ex+0x497/0x5b0
[  140.206842][ T6919]  ? fs_reclaim_acquire+0xae/0x150
[  140.211953][ T6919]  should_failslab+0xc2/0x120
[  140.216621][ T6919]  kmem_cache_alloc_node_noprof+0x71/0x310
[  140.222433][ T6919]  ? __alloc_skb+0x2b1/0x380
[  140.227033][ T6919]  __alloc_skb+0x2b1/0x380
[  140.231456][ T6919]  ? __pfx___alloc_skb+0x10/0x10
[  140.236393][ T6919]  ? __lock_acquire+0xcc5/0x3c40
[  140.241329][ T6919]  alloc_skb_with_frags+0xe4/0x850
[  140.246428][ T6919]  ? __pfx___lock_acquire+0x10/0x10
[  140.251615][ T6919]  ? __pfx_mark_lock+0x10/0x10
[  140.256368][ T6919]  sock_alloc_send_pskb+0x7f1/0x980
[  140.261562][ T6919]  ? find_held_lock+0x2d/0x110
[  140.266327][ T6919]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  140.272041][ T6919]  ? lock_acquire+0x2f/0xb0
[  140.276530][ T6919]  ? dev_get_by_index+0x37/0x380
[  140.281481][ T6919]  packet_sendmsg+0x1f18/0x54d0
[  140.286347][ T6919]  ? avc_has_perm_noaudit+0x2d0/0x3a0
[  140.291726][ T6919]  ? sock_has_perm+0x25a/0x2f0
[  140.296483][ T6919]  ? __pfx_sock_has_perm+0x10/0x10
[  140.301597][ T6919]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  140.308356][ T6919]  ? __pfx_packet_sendmsg+0x10/0x10
[  140.313559][ T6919]  __sys_sendto+0x488/0x4f0
[  140.318059][ T6919]  ? __pfx___sys_sendto+0x10/0x10
[  140.323092][ T6919]  ? ksys_write+0x1ba/0x250
[  140.327584][ T6919]  ? __pfx_ksys_write+0x10/0x10
[  140.332428][ T6919]  __x64_sys_sendto+0xe0/0x1c0
[  140.337184][ T6919]  ? do_syscall_64+0x91/0x250
[  140.341858][ T6919]  ? lockdep_hardirqs_on+0x7c/0x110
[  140.347049][ T6919]  do_syscall_64+0xcd/0x250
[  140.351554][ T6919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.357442][ T6919] RIP: 0033:0x7ff5da97e819
[  140.361847][ T6919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.381445][ T6919] RSP: 002b:00007ff5db6d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  140.389848][ T6919] RAX: ffffffffffffffda RBX: 00007ff5dab36080 RCX: 00007ff5da97e819
[  140.397814][ T6919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  140.405776][ T6919] RBP: 00007ff5db6d1090 R08: 0000000020000300 R09: 0000000000000014
[  140.413735][ T6919] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  140.421693][ T6919] R13: 0000000000000000 R14: 00007ff5dab36080 R15: 00007ffc04133c78
[  140.429672][ T6919]  </TASK>
[  140.454518][ T6923] block nbd3: shutting down sockets
[  141.312560][   T29] audit: type=1400 audit(1732204991.489:336): avc:  denied  { open } for  pid=6924 comm="syz.1.293" path="/dev/ttyq7" dev="devtmpfs" ino=382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  141.468976][ T5906] usbhid 4-1:0.244: can't add hid device: -71
[  141.475702][ T5906] usbhid 4-1:0.244: probe with driver usbhid failed with error -71
[  141.502721][ T5906] usb 4-1: USB disconnect, device number 5
[  141.888838][  T965] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  142.134790][  T965] usb 2-1: device descriptor read/64, error -71
[  142.227831][   T29] audit: type=1400 audit(1732204992.359:337): avc:  denied  { connect } for  pid=6940 comm="syz.4.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  142.296779][   T29] audit: type=1400 audit(1732204992.359:338): avc:  denied  { bind } for  pid=6940 comm="syz.4.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  142.380265][   T29] audit: type=1400 audit(1732204992.399:339): avc:  denied  { write } for  pid=6940 comm="syz.4.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  142.399691][  T965] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  142.432725][   T29] audit: type=1400 audit(1732204992.439:340): avc:  denied  { create } for  pid=6946 comm="syz.3.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  142.498815][ T6949] bond0: entered promiscuous mode
[  142.503999][   T29] audit: type=1400 audit(1732204992.439:341): avc:  denied  { sys_admin } for  pid=6946 comm="syz.3.301" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  142.525929][ T6949] bond_slave_0: entered promiscuous mode
[  142.536311][ T6950] netlink: 4 bytes leftover after parsing attributes in process `syz.2.302'.
[  142.545264][  T965] usb 2-1: device descriptor read/64, error -71
[  142.553529][   T29] audit: type=1400 audit(1732204992.599:342): avc:  denied  { ioctl } for  pid=6948 comm="syz.2.302" path="socket:[13377]" dev="sockfs" ino=13377 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.581908][ T6951] process 'syz.2.302' launched '/dev/fd/41' with NULL argv: empty string added
[  142.582547][ T6949] bond_slave_1: entered promiscuous mode
[  142.606559][   T29] audit: type=1400 audit(1732204992.759:343): avc:  denied  { execute } for  pid=6948 comm="syz.2.302" dev="hugetlbfs" ino=13413 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  142.663453][  T965] usb usb2-port1: attempt power cycle
[  142.687745][   T29] audit: type=1400 audit(1732204992.779:344): avc:  denied  { execute_no_trans } for  pid=6948 comm="syz.2.302" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CE1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F520C8103EC95C85174CBFCF91DF4DF3025E542A202864656C6574656429 dev="hugetlbfs" ino=13413 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  142.791350][ T5850] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  142.892061][ T6961] warning: `syz.3.305' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  143.022110][ T5850] usb 5-1: Using ep0 maxpacket: 8
[  143.038137][  T965] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  143.051371][ T5850] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  143.070786][ T5850] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  143.084669][ T5850] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.097450][ T5850] usb 5-1: Product: syz
[  143.111736][ T5850] usb 5-1: Manufacturer: syz
[  143.137872][ T5850] usb 5-1: SerialNumber: syz
[  143.146015][  T965] usb 2-1: device descriptor read/8, error -71
[  143.179789][   T29] audit: type=1400 audit(1732204993.339:345): avc:  denied  { mounton } for  pid=6969 comm="syz.2.309" path="/73/file0" dev="tmpfs" ino=396 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  143.198801][ T5850] usb 5-1: config 0 descriptor??
[  143.321418][ T5878] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  143.411355][  T965] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  143.705406][  T965] usb 2-1: device descriptor read/8, error -71
[  143.719117][ T6977] FAULT_INJECTION: forcing a failure.
[  143.719117][ T6977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.739076][ T6977] CPU: 0 UID: 0 PID: 6977 Comm: syz.2.311 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  143.749348][ T6977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  143.759405][ T6977] Call Trace:
[  143.762672][ T6977]  <TASK>
[  143.765588][ T6977]  dump_stack_lvl+0x16c/0x1f0
[  143.770270][ T6977]  should_fail_ex+0x497/0x5b0
[  143.774941][ T6977]  _copy_from_user+0x2e/0xd0
[  143.779515][ T6977]  copy_group_source_from_sockptr+0x603/0x6b0
[  143.785570][ T6977]  ? mark_lock+0xb5/0xc60
[  143.789878][ T6977]  ? __pfx_copy_group_source_from_sockptr+0x10/0x10
[  143.796453][ T6977]  ? mark_lock+0xb5/0xc60
[  143.800763][ T6977]  ? __pfx_mark_lock+0x10/0x10
[  143.805521][ T6977]  ? __pfx_mark_lock+0x10/0x10
[  143.810311][ T6977]  ? __pfx___lock_acquire+0x10/0x10
[  143.815510][ T6977]  ? hlock_class+0x4e/0x130
[  143.819998][ T6977]  ? hlock_class+0x4e/0x130
[  143.824486][ T6977]  ? __lock_acquire+0x15a9/0x3c40
[  143.829496][ T6977]  do_ipv6_mcast_group_source+0xb5/0x260
[  143.835114][ T6977]  ? __pfx_do_ipv6_mcast_group_source+0x10/0x10
[  143.841364][ T6977]  ? mark_held_locks+0x9f/0xe0
[  143.846125][ T6977]  ? sockopt_lock_sock+0x54/0x70
[  143.851047][ T6977]  ? __local_bh_enable_ip+0xa4/0x120
[  143.856314][ T6977]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.861503][ T6977]  do_ipv6_setsockopt+0x315c/0x4790
[  143.866727][ T6977]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  143.872264][ T6977]  ? avc_has_perm_noaudit+0x143/0x3a0
[  143.877625][ T6977]  ? avc_has_perm+0x11b/0x1c0
[  143.882288][ T6977]  ? __pfx_avc_has_perm+0x10/0x10
[  143.887315][ T6977]  ? hlock_class+0x4e/0x130
[  143.891806][ T6977]  ? sock_has_perm+0x25a/0x2f0
[  143.896554][ T6977]  ? __pfx_sock_has_perm+0x10/0x10
[  143.901653][ T6977]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  143.908049][ T6977]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  143.914794][ T6977]  ? ipv6_setsockopt+0xcb/0x170
[  143.919630][ T6977]  ipv6_setsockopt+0xcb/0x170
[  143.924297][ T6977]  udpv6_setsockopt+0x7d/0xd0
[  143.928985][ T6977]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  143.934861][ T6977]  do_sock_setsockopt+0x222/0x480
[  143.939885][ T6977]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  143.945412][ T6977]  ? lock_acquire+0x2f/0xb0
[  143.949904][ T6977]  __sys_setsockopt+0x1a0/0x230
[  143.954741][ T6977]  __x64_sys_setsockopt+0xbd/0x160
[  143.959833][ T6977]  ? do_syscall_64+0x91/0x250
[  143.964495][ T6977]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.969681][ T6977]  do_syscall_64+0xcd/0x250
[  143.974172][ T6977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.980048][ T6977] RIP: 0033:0x7f207717e819
[  143.984442][ T6977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.004040][ T6977] RSP: 002b:00007f2077eba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  144.012439][ T6977] RAX: ffffffffffffffda RBX: 00007f2077335fa0 RCX: 00007f207717e819
[  144.020391][ T6977] RDX: 000000000000002b RSI: 0000000000000029 RDI: 0000000000000003
[  144.028431][ T6977] RBP: 00007f2077eba090 R08: 0000000000000108 R09: 0000000000000000
[  144.036380][ T6977] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000001
[  144.044345][ T6977] R13: 0000000000000000 R14: 00007f2077335fa0 R15: 00007ffda1750108
[  144.052326][ T6977]  </TASK>
[  144.059871][  T965] usb usb2-port1: unable to enumerate USB device
[  144.451697][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.466710][ T5878] usb 1-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  144.476862][ T5878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.527368][ T5878] usb 1-1: config 0 descriptor??
[  145.046948][ T5878] appletouch 1-1:0.0: Geyser mode initialized.
[  145.055132][ T5878] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input7
[  145.284957][ T5878] usb 1-1: USB disconnect, device number 15
[  145.372713][ T5878] appletouch 1-1:0.0: input: appletouch disconnected
[  145.449085][ T7006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.319'.
[  145.527006][ T5906] usb 5-1: USB disconnect, device number 10
[  145.711317][   T25] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  145.862947][   T25] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  145.878038][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.899015][   T25] usb 2-1: config 0 descriptor??
[  146.383570][ T5906] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  146.449330][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  146.449341][   T29] audit: type=1400 audit(1732204996.619:350): avc:  denied  { setopt } for  pid=7020 comm="syz.3.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  146.571609][ T5906] usb 3-1: Using ep0 maxpacket: 16
[  146.580380][ T5906] usb 3-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb
[  146.589907][ T5906] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.604769][ T5906] usb 3-1: Product: syz
[  146.609022][ T5906] usb 3-1: Manufacturer: syz
[  146.613738][ T5906] usb 3-1: SerialNumber: syz
[  146.858521][ T7014] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.322' sets config #1
[  147.171083][ T5906] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  147.547380][ T5906] snd-usb-audio 3-1:222.0: probe with driver snd-usb-audio failed with error -71
[  147.572378][ T5906] usb 3-1: USB disconnect, device number 5
[  147.831109][ T6044] udevd[6044]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:222.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  147.899146][ T7039] FAULT_INJECTION: forcing a failure.
[  147.899146][ T7039] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.964849][ T7039] CPU: 0 UID: 0 PID: 7039 Comm: syz.0.329 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  147.975129][ T7039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  147.985175][ T7039] Call Trace:
[  147.988446][ T7039]  <TASK>
[  147.991370][ T7039]  dump_stack_lvl+0x16c/0x1f0
[  147.996048][ T7039]  should_fail_ex+0x497/0x5b0
[  148.000722][ T7039]  _copy_from_user+0x2e/0xd0
[  148.005309][ T7039]  do_ipv6_getsockopt+0x358/0x30f0
[  148.010425][ T7039]  ? __pfx_do_ipv6_getsockopt+0x10/0x10
[  148.015971][ T7039]  ? hlock_class+0x4e/0x130
[  148.020477][ T7039]  ? __pfx___lock_acquire+0x10/0x10
[  148.025667][ T7039]  ? hlock_class+0x4e/0x130
[  148.030170][ T7039]  ? __lock_acquire+0xcc5/0x3c40
[  148.035111][ T7039]  ? find_held_lock+0x2d/0x110
[  148.039873][ T7039]  ? ipv6_getsockopt+0x126/0x280
[  148.044809][ T7039]  ipv6_getsockopt+0x126/0x280
[  148.049570][ T7039]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  148.054849][ T7039]  ? lock_acquire+0x2f/0xb0
[  148.059345][ T7039]  ? __might_fault+0xe3/0x190
[  148.064037][ T7039]  ? __might_fault+0xe3/0x190
[  148.068705][ T7039]  udpv6_getsockopt+0x61/0xb0
[  148.073380][ T7039]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  148.079281][ T7039]  do_sock_getsockopt+0x3fe/0x800
[  148.084297][ T7039]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  148.089832][ T7039]  ? lock_acquire+0x2f/0xb0
[  148.094323][ T7039]  ? __fget_files+0x40/0x3a0
[  148.098911][ T7039]  ? __fget_files+0x206/0x3a0
[  148.103580][ T7039]  __sys_getsockopt+0x12f/0x260
[  148.108428][ T7039]  __x64_sys_getsockopt+0xbd/0x160
[  148.113535][ T7039]  ? do_syscall_64+0x91/0x250
[  148.118211][ T7039]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.123491][ T7039]  do_syscall_64+0xcd/0x250
[  148.127990][ T7039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.133877][ T7039] RIP: 0033:0x7ff5da97e819
[  148.138288][ T7039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.157882][ T7039] RSP: 002b:00007ff5db6f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  148.166286][ T7039] RAX: ffffffffffffffda RBX: 00007ff5dab35fa0 RCX: 00007ff5da97e819
[  148.174251][ T7039] RDX: 0000000000000001 RSI: 0000000000000029 RDI: 0000000000000003
[  148.182210][ T7039] RBP: 00007ff5db6f2090 R08: 0000000020000100 R09: 0000000000000000
[  148.190168][ T7039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.198129][ T7039] R13: 0000000000000000 R14: 00007ff5dab35fa0 R15: 00007ffc04133c78
[  148.206096][ T7039]  </TASK>
[  148.274442][   T29] audit: type=1400 audit(1732204998.449:351): avc:  denied  { write } for  pid=7040 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  148.364436][   T29] audit: type=1400 audit(1732204998.509:352): avc:  denied  { read } for  pid=7040 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  148.476053][   T25] ath6kl: Failed to read usb control message: -71
[  148.482742][   T25] ath6kl: Unable to read the bmi data from the device: -71
[  148.525537][   T25] ath6kl: unable to read target info byte count: -71
[  148.597307][   T25] ath6kl: Failed to init ath6kl core: -71
[  148.632110][   T25] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  148.721375][   T25] usb 2-1: USB disconnect, device number 14
[  149.531329][   T25] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  149.681553][   T25] usb 2-1: Using ep0 maxpacket: 32
[  150.013544][   T25] usb 2-1: config 0 has an invalid interface number: 219 but max is 0
[  150.022017][   T25] usb 2-1: config 0 has no interface number 0
[  150.028498][   T25] usb 2-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  150.039604][   T25] usb 2-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  150.051429][   T25] usb 2-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  150.062907][   T25] usb 2-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  150.073227][   T25] usb 2-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  150.083398][   T25] usb 2-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  150.103422][   T25] usb 2-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  150.114089][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.499821][   T25] usb 2-1: Product: syz
[  150.512926][   T25] usb 2-1: Manufacturer: syz
[  150.532501][   T25] usb 2-1: SerialNumber: syz
[  150.559820][   T25] usb 2-1: config 0 descriptor??
[  150.732934][ T7048] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  150.745132][ T7048] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  150.930273][   T29] audit: type=1400 audit(1732205001.099:353): avc:  denied  { ioctl } for  pid=7076 comm="syz.0.342" path="socket:[14517]" dev="sockfs" ino=14517 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  151.041683][   T25] etas_es58x 2-1:0.219: Starting syz syz (Serial Number syz)
[  151.079739][   T25] etas_es58x 2-1:0.219: could not retrieve the product info string
[  151.119716][   T25] usb 2-1: USB disconnect, device number 15
[  151.126596][   T25] etas_es58x 2-1:0.219: Disconnecting syz syz
[  151.221359][   T29] audit: type=1400 audit(1732205001.359:354): avc:  denied  { search } for  pid=5500 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  151.351704][   T29] audit: type=1400 audit(1732205001.359:355): avc:  denied  { read } for  pid=5500 comm="dhcpcd" name="n100" dev="tmpfs" ino=3137 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  151.631275][   T29] audit: type=1400 audit(1732205001.359:356): avc:  denied  { open } for  pid=5500 comm="dhcpcd" path="/run/udev/data/n100" dev="tmpfs" ino=3137 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  152.014715][   T29] audit: type=1400 audit(1732205001.359:357): avc:  denied  { getattr } for  pid=5500 comm="dhcpcd" path="/run/udev/data/n100" dev="tmpfs" ino=3137 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  152.188150][ T7101] FAULT_INJECTION: forcing a failure.
[  152.188150][ T7101] name failslab, interval 1, probability 0, space 0, times 0
[  152.191259][   T29] audit: type=1400 audit(1732205001.749:358): avc:  denied  { block_suspend } for  pid=7078 comm="syz.4.341" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  152.240037][ T7101] CPU: 0 UID: 0 PID: 7101 Comm: syz.0.346 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  152.250305][ T7101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  152.260352][ T7101] Call Trace:
[  152.263651][ T7101]  <TASK>
[  152.266577][ T7101]  dump_stack_lvl+0x16c/0x1f0
[  152.271252][ T7101]  should_fail_ex+0x497/0x5b0
[  152.275925][ T7101]  ? fs_reclaim_acquire+0xae/0x150
[  152.281028][ T7101]  should_failslab+0xc2/0x120
[  152.285700][ T7101]  kmem_cache_alloc_node_noprof+0x71/0x310
[  152.291498][ T7101]  ? __alloc_skb+0x2b1/0x380
[  152.296079][ T7101]  __alloc_skb+0x2b1/0x380
[  152.300482][ T7101]  ? __pfx___alloc_skb+0x10/0x10
[  152.305405][ T7101]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  152.311381][ T7101]  netlink_alloc_large_skb+0x69/0x130
[  152.316747][ T7101]  netlink_sendmsg+0x689/0xd70
[  152.321519][ T7101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.326795][ T7101]  ____sys_sendmsg+0xaaf/0xc90
[  152.331553][ T7101]  ? copy_msghdr_from_user+0x10b/0x160
[  152.337001][ T7101]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.342276][ T7101]  ___sys_sendmsg+0x135/0x1e0
[  152.346939][ T7101]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.352140][ T7101]  ? __pfx_lock_release+0x10/0x10
[  152.357151][ T7101]  ? trace_lock_acquire+0x14a/0x1d0
[  152.362347][ T7101]  ? __fget_files+0x206/0x3a0
[  152.367044][ T7101]  __sys_sendmsg+0x16e/0x220
[  152.371621][ T7101]  ? __pfx___sys_sendmsg+0x10/0x10
[  152.376731][ T7101]  do_syscall_64+0xcd/0x250
[  152.381233][ T7101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.387107][ T7101] RIP: 0033:0x7ff5da97e819
[  152.391499][ T7101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.411091][ T7101] RSP: 002b:00007ff5db6f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.419482][ T7101] RAX: ffffffffffffffda RBX: 00007ff5dab35fa0 RCX: 00007ff5da97e819
[  152.427432][ T7101] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  152.435384][ T7101] RBP: 00007ff5db6f2090 R08: 0000000000000000 R09: 0000000000000000
[  152.443337][ T7101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.451288][ T7101] R13: 0000000000000000 R14: 00007ff5dab35fa0 R15: 00007ffc04133c78
[  152.459243][ T7101]  </TASK>
[  152.471428][   T29] audit: type=1400 audit(1732205002.299:359): avc:  denied  { read } for  pid=7096 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  152.507989][ T7098] netlink: 12 bytes leftover after parsing attributes in process `syz.1.345'.
[  152.516965][ T7098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.345'.
[  152.596880][   T29] audit: type=1400 audit(1732205002.299:360): avc:  denied  { open } for  pid=7096 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  152.640202][ T7098] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  152.649235][ T7098] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  152.658072][ T7098] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  152.666795][ T7098] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  152.701415][   T29] audit: type=1400 audit(1732205002.299:361): avc:  denied  { getattr } for  pid=7096 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  152.785201][ T7098] vxlan0: entered promiscuous mode
[  153.521429][   T29] audit: type=1400 audit(1732205003.689:362): avc:  denied  { write } for  pid=7093 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  153.605312][ T7083] rdma_rxe: rxe_newlink: failed to add ipvlan1
[  153.633618][   T29] audit: type=1400 audit(1732205003.719:363): avc:  denied  { add_name } for  pid=7093 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  153.888358][   T29] audit: type=1400 audit(1732205003.719:364): avc:  denied  { create } for  pid=7093 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  153.972079][ T5850] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  154.046121][   T29] audit: type=1400 audit(1732205003.719:365): avc:  denied  { write } for  pid=7093 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.can0.link" dev="tmpfs" ino=3148 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  154.320720][ T5850] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  154.341930][ T5850] usb 3-1: config 0 has no interface number 0
[  154.485404][ T5850] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  154.511285][ T5850] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  154.671315][ T5850] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  154.713315][ T5850] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  154.735692][ T5850] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  154.768267][ T5850] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  154.779854][ T5850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.819443][ T5850] usb 3-1: config 0 descriptor??
[  154.851514][ T7139] 9pnet_fd: Insufficient options for proto=fd
[  154.882453][ T5850] usb 3-1: can't set config #0, error -71
[  155.180208][ T7146] netlink: 'syz.3.352': attribute type 1 has an invalid length.
[  155.675449][ T5850] usb 3-1: USB disconnect, device number 6
[  156.441300][ T5850] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  156.641348][ T5850] usb 3-1: Using ep0 maxpacket: 16
[  156.666548][ T5850] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  156.683846][ T7175] Bluetooth: MGMT ver 1.23
[  156.699149][ T5850] usb 3-1: config 0 has no interface number 0
[  156.740230][ T5850] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  156.759316][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.783336][ T5850] usb 3-1: Product: syz
[  156.801519][ T5850] usb 3-1: Manufacturer: syz
[  156.806323][ T5850] usb 3-1: SerialNumber: syz
[  156.827493][ T5850] usb 3-1: config 0 descriptor??
[  156.849993][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  156.850008][   T29] audit: type=1400 audit(1732205007.009:370): avc:  denied  { unmount } for  pid=5854 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  156.898686][ T5850] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  157.186175][ T1069] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.383456][ T1069] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.520437][ T1069] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.653856][ T1069] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.140559][   T29] audit: type=1400 audit(1732205008.139:371): avc:  denied  { create } for  pid=7180 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  158.321689][ T5850] gspca_spca1528: reg_w err -110
[  158.326986][ T5850] spca1528 3-1:0.1: probe with driver spca1528 failed with error -110
[  158.475905][ T7183] sp0: Synchronizing with TNC
[  158.661618][ T1069] bridge_slave_1: left allmulticast mode
[  158.671614][ T1069] bridge_slave_1: left promiscuous mode
[  158.689086][ T1069] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.715317][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  158.724070][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  158.758228][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  158.775113][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  158.794567][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  158.802392][ T1069] bridge_slave_0: left allmulticast mode
[  158.808319][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  158.903792][   T29] audit: type=1400 audit(1732205009.079:372): avc:  denied  { mounton } for  pid=7196 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  158.931540][ T1069] bridge_slave_0: left promiscuous mode
[  158.941983][ T1069] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.322504][ T5857] Bluetooth: hci4: command tx timeout
[  163.496222][ T5878] usb 3-1: USB disconnect, device number 7
[  163.971401][ T5878] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  163.995726][   T29] audit: type=1400 audit(1732205014.169:373): avc:  denied  { ioctl } for  pid=7242 comm="syz.3.377" path="/dev/cpu/1/msr" dev="devtmpfs" ino=89 ioctlcmd=0x940f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  164.141367][ T5878] usb 2-1: Using ep0 maxpacket: 8
[  164.148628][ T1069] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.150279][ T5878] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  164.169398][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.178109][ T5878] usb 2-1: Product: syz
[  164.182728][ T5878] usb 2-1: Manufacturer: syz
[  164.182900][ T1069] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.187658][ T5878] usb 2-1: SerialNumber: syz
[  164.204989][ T1069] bond0 (unregistering): Released all slaves
[  164.212408][ T5878] usb 2-1: config 0 descriptor??
[  164.341669][ T5857] Bluetooth: hci4: command tx timeout
[  164.442610][ T7257] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  164.450272][ T5878] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  164.460016][ T7257] audit: out of memory in audit_log_start
[  164.596834][ T7257] Cannot find add_set index 0 as target
[  164.653196][ T5878] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  164.789273][   T29] audit: type=1400 audit(1732205014.939:374): avc:  denied  { ioctl } for  pid=7264 comm="syz.0.382" path="socket:[14790]" dev="sockfs" ino=14790 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  164.865440][ T7266] binder_alloc: 7265: binder_alloc_buf, no vma
[  164.886772][   T29] audit: type=1400 audit(1732205014.939:375): avc:  denied  { map } for  pid=7264 comm="syz.0.382" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  165.080925][   T29] audit: type=1400 audit(1732205015.019:376): avc:  denied  { set_context_mgr } for  pid=7265 comm="syz.2.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  165.255014][   T29] audit: type=1400 audit(1732205015.029:377): avc:  denied  { map } for  pid=7265 comm="syz.2.383" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  166.421447][ T5857] Bluetooth: hci4: command tx timeout
[  167.469280][   T29] audit: type=1400 audit(1732205015.029:378): avc:  denied  { call } for  pid=7265 comm="syz.2.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  167.538327][   T29] audit: type=1400 audit(1732205015.029:379): avc:  denied  { transfer } for  pid=7265 comm="syz.2.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  167.591626][ T7282] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  167.607958][ T7282] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  167.615830][ T7282] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  167.623169][ T7282] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  167.660930][ T5878] usb 2-1: USB disconnect, device number 16
[  167.672104][ T7282] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  167.899752][ T1069] hsr_slave_0: left promiscuous mode
[  167.906930][ T1069] hsr_slave_1: left promiscuous mode
[  167.921988][ T7301] FAULT_INJECTION: forcing a failure.
[  167.921988][ T7301] name failslab, interval 1, probability 0, space 0, times 0
[  167.968553][ T7301] CPU: 1 UID: 0 PID: 7301 Comm: syz.2.389 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  167.978834][ T7301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  167.988902][ T7301] Call Trace:
[  167.992190][ T7301]  <TASK>
[  167.995129][ T7301]  dump_stack_lvl+0x16c/0x1f0
[  167.999828][ T7301]  should_fail_ex+0x497/0x5b0
[  168.004524][ T7301]  ? fs_reclaim_acquire+0xae/0x150
[  168.009652][ T7301]  should_failslab+0xc2/0x120
[  168.014354][ T7301]  kmem_cache_alloc_node_noprof+0x71/0x310
[  168.020180][ T7301]  ? __alloc_skb+0x2b1/0x380
[  168.024802][ T7301]  __alloc_skb+0x2b1/0x380
[  168.029207][ T7301]  ? __pfx___alloc_skb+0x10/0x10
[  168.031597][ T1069] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.034123][ T7301]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  168.041717][ T1069] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.047432][ T7301]  netlink_alloc_large_skb+0x69/0x130
[  168.059909][ T7301]  netlink_sendmsg+0x689/0xd70
[  168.064685][ T7301]  ? __pfx_netlink_sendmsg+0x10/0x10
[  168.069972][ T7301]  ____sys_sendmsg+0xaaf/0xc90
[  168.074728][ T7301]  ? copy_msghdr_from_user+0x10b/0x160
[  168.080178][ T7301]  ? __pfx_____sys_sendmsg+0x10/0x10
[  168.085460][ T7301]  ___sys_sendmsg+0x135/0x1e0
[  168.090129][ T7301]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.095329][ T7301]  ? __pfx_lock_release+0x10/0x10
[  168.100346][ T7301]  ? trace_lock_acquire+0x14a/0x1d0
[  168.105541][ T7301]  ? __fget_files+0x206/0x3a0
[  168.110212][ T7301]  __sys_sendmsg+0x16e/0x220
[  168.114798][ T7301]  ? __pfx___sys_sendmsg+0x10/0x10
[  168.119928][ T7301]  do_syscall_64+0xcd/0x250
[  168.124438][ T7301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.130332][ T7301] RIP: 0033:0x7f207717e819
[  168.134745][ T7301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.154357][ T7301] RSP: 002b:00007f2077eba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.163023][ T7301] RAX: ffffffffffffffda RBX: 00007f2077335fa0 RCX: 00007f207717e819
[  168.170996][ T7301] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  168.178958][ T7301] RBP: 00007f2077eba090 R08: 0000000000000000 R09: 0000000000000000
[  168.186916][ T7301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.194876][ T7301] R13: 0000000000000000 R14: 00007f2077335fa0 R15: 00007ffda1750108
[  168.202844][ T7301]  </TASK>
[  168.278440][ T1069] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.291167][ T1069] batman_adv: batadv0: Removing interface: batadv_slave_1
[  168.331411][ T5850] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  168.332640][ T1069] veth1_macvtap: left promiscuous mode
[  168.347351][ T1069] veth0_macvtap: left promiscuous mode
[  168.353284][ T1069] veth1_vlan: left promiscuous mode
[  168.362322][ T7306] FAULT_INJECTION: forcing a failure.
[  168.362322][ T7306] name failslab, interval 1, probability 0, space 0, times 0
[  168.396166][ T7306] CPU: 0 UID: 0 PID: 7306 Comm: syz.3.390 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  168.406452][ T7306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  168.416517][ T7306] Call Trace:
[  168.419796][ T7306]  <TASK>
[  168.422737][ T7306]  dump_stack_lvl+0x16c/0x1f0
[  168.427430][ T7306]  should_fail_ex+0x497/0x5b0
[  168.432121][ T7306]  ? fs_reclaim_acquire+0xae/0x150
[  168.437245][ T7306]  should_failslab+0xc2/0x120
[  168.441944][ T7306]  __kmalloc_noprof+0xcb/0x400
[  168.446722][ T7306]  ? d_absolute_path+0x137/0x1b0
[  168.451677][ T7306]  tomoyo_encode2+0x100/0x3e0
[  168.456376][ T7306]  tomoyo_encode+0x29/0x50
[  168.460800][ T7306]  tomoyo_realpath_from_path+0x19d/0x720
[  168.466453][ T7306]  tomoyo_path_number_perm+0x248/0x590
[  168.471918][ T7306]  ? tomoyo_path_number_perm+0x235/0x590
[  168.477559][ T7306]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  168.483571][ T7306]  ? __pfx_lock_release+0x10/0x10
[  168.488603][ T7306]  ? trace_lock_acquire+0x14a/0x1d0
[  168.493815][ T7306]  ? lock_acquire+0x2f/0xb0
[  168.498321][ T7306]  ? __fget_files+0x40/0x3a0
[  168.502925][ T7306]  ? __fget_files+0x206/0x3a0
[  168.507614][ T7306]  security_file_ioctl+0x9b/0x240
[  168.512649][ T7306]  __x64_sys_ioctl+0xb7/0x200
[  168.517331][ T7306]  do_syscall_64+0xcd/0x250
[  168.521850][ T7306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.527756][ T7306] RIP: 0033:0x7f2e1f17e819
[  168.532178][ T7306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.551790][ T7306] RSP: 002b:00007f2e1ffae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.560180][ T7306] RAX: ffffffffffffffda RBX: 00007f2e1f335fa0 RCX: 00007f2e1f17e819
[  168.568138][ T7306] RDX: 0000000020004a40 RSI: 00000000c0306201 RDI: 0000000000000005
[  168.576087][ T7306] RBP: 00007f2e1ffae090 R08: 0000000000000000 R09: 0000000000000000
[  168.584051][ T7306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.591999][ T7306] R13: 0000000000000000 R14: 00007f2e1f335fa0 R15: 00007ffe92feee78
[  168.599963][ T7306]  </TASK>
[  168.613575][ T1069] veth0_vlan: left promiscuous mode
[  168.625993][ T7306] ERROR: Out of memory at tomoyo_realpath_from_path.
[  168.643438][ T7306] binder_alloc: 7305: binder_alloc_buf, no vma
[  169.209857][ T5850] usb 2-1: device descriptor read/64, error -71
[  169.441159][ T1069] team0 (unregistering): Port device vlan0 removed
[  169.452417][ T5850] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  169.547784][ T7318] netlink: 12 bytes leftover after parsing attributes in process `syz.3.393'.
[  169.583807][ T5850] usb 2-1: device descriptor read/64, error -71
[  169.631456][ T5857] Bluetooth: hci4: command 0x0c1a tx timeout
[  169.637996][ T5857] Bluetooth: hci2: command 0x0406 tx timeout
[  169.645481][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  169.689328][ T1069] team0 (unregistering): Port device team_slave_1 removed
[  169.697249][ T5850] usb usb2-port1: attempt power cycle
[  169.751041][ T1069] team0 (unregistering): Port device team_slave_0 removed
[  170.043143][ T5850] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  170.082165][ T5850] usb 2-1: device descriptor read/8, error -71
[  170.176406][ T7196] chnl_net:caif_netlink_parms(): no params data found
[  170.361599][ T5850] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  170.477637][ T5850] usb 2-1: device descriptor read/8, error -71
[  170.760922][   T29] audit: type=1400 audit(1732205020.929:380): avc:  denied  { setopt } for  pid=7328 comm="syz.2.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  170.892779][ T5850] usb usb2-port1: unable to enumerate USB device
[  170.910895][ T7196] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.291474][ T7196] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.305863][ T7196] bridge_slave_0: entered allmulticast mode
[  171.316192][ T7196] bridge_slave_0: entered promiscuous mode
[  171.437269][ T7196] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.459141][ T7196] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.479133][ T7196] bridge_slave_1: entered allmulticast mode
[  171.496189][ T7196] bridge_slave_1: entered promiscuous mode
[  171.694393][ T7196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.706319][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  171.868372][ T7196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.988922][ T7196] team0: Port device team_slave_0 added
[  171.997537][ T7196] team0: Port device team_slave_1 added
[  172.024275][ T7196] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.032450][ T7196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.073812][ T7196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.105143][ T7196] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.118675][ T7196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.144615][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.196513][ T7196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.242366][ T7196] hsr_slave_0: entered promiscuous mode
[  172.252987][ T7196] hsr_slave_1: entered promiscuous mode
[  172.259123][ T7196] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.267969][ T7196] Cannot create hsr debugfs directory
[  172.669501][ T7196] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  172.779615][ T7196] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  172.852759][ T7196] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  172.913361][ T7196] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  173.337203][ T7196] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.357079][ T7196] 8021q: adding VLAN 0 to HW filter on device team0
[  173.377553][ T3544] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.384729][ T3544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.394494][ T3544] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.401638][ T3544] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.431164][ T7196] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  173.452422][ T7196] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  173.786020][   T29] audit: type=1400 audit(1732205023.929:381): avc:  denied  { setopt } for  pid=7379 comm="syz.0.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  173.791329][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  173.903851][ T7385] 9pnet_fd: Insufficient options for proto=fd
[  173.985043][ T7196] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.328269][ T7196] veth0_vlan: entered promiscuous mode
[  175.364148][ T7196] veth1_vlan: entered promiscuous mode
[  175.417157][ T7196] veth0_macvtap: entered promiscuous mode
[  175.457960][ T7196] veth1_macvtap: entered promiscuous mode
[  175.508591][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.528118][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.538613][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.552072][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.564051][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.575982][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.588004][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.600132][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.617324][ T7196] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.630088][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.645077][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.655760][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.670541][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.683400][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.694409][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.711907][ T7196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.722948][ T7196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.735202][ T7196] batman_adv: batadv0: Interface activated: batadv_slave_1
[  175.757135][ T7196] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.766301][ T7196] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.782101][ T7196] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.795703][ T7196] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.007864][ T6911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.019455][ T6911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.369200][   T29] audit: type=1400 audit(1732205026.539:382): avc:  denied  { listen } for  pid=7422 comm="syz.1.406" lport=50347 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  176.393633][ T6751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.417004][ T6751] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.496094][   T29] audit: type=1400 audit(1732205026.659:383): avc:  denied  { mount } for  pid=7196 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  176.637418][   T29] audit: type=1400 audit(1732205026.719:384): avc:  denied  { mounton } for  pid=7196 comm="syz-executor" path="/root/syzkaller.IPz1rQ/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  176.761839][ T5906] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  177.001275][ T5906] usb 2-1: Using ep0 maxpacket: 8
[  177.072679][ T5906] usb 2-1: config index 0 descriptor too short (expected 65307, got 27)
[  177.081076][ T5906] usb 2-1: config 0 has too many interfaces: 255, using maximum allowed: 32
[  177.106565][ T5906] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.118308][ T5906] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 255
[  177.119658][ T7448] 9pnet_fd: Insufficient options for proto=fd
[  177.129541][ T5906] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  177.155861][ T5906] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.178498][ T5906] usb 2-1: Product: syz
[  177.183145][ T5906] usb 2-1: Manufacturer: syz
[  177.188043][ T5906] usb 2-1: SerialNumber: syz
[  177.212836][   T25] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  177.496747][   T25] usb 1-1: Using ep0 maxpacket: 8
[  177.531959][   T29] audit: type=1400 audit(1732205027.699:385): avc:  denied  { setrlimit } for  pid=7449 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  177.547478][   T25] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  177.552190][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.588752][ T5906] usb 2-1: config 0 descriptor??
[  177.619651][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.620591][ T7452] netlink: 'syz.5.411': attribute type 1 has an invalid length.
[  177.647108][   T25] usb 1-1: Product: syz
[  177.684951][   T25] usb 1-1: Manufacturer: syz
[  177.763781][   T25] usb 1-1: SerialNumber: syz
[  178.137703][   T25] usb 1-1: config 0 descriptor??
[  178.156665][ T7425] netlink: 'syz.1.406': attribute type 4 has an invalid length.
[  178.321942][  T965] usb 2-1: USB disconnect, device number 21
[  178.434806][ T7455] netlink: 'syz.2.412': attribute type 4 has an invalid length.
[  178.461613][   T25] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  178.470466][ T7455] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.412'.
[  178.592212][ T7461] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.413'.
[  178.605591][ T7461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.413'.
[  178.904529][ T7466] xt_NFQUEUE: number of total queues is 0
[  179.290644][   T25] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  179.595666][ T7477] FAULT_INJECTION: forcing a failure.
[  179.595666][ T7477] name failslab, interval 1, probability 0, space 0, times 0
[  179.635188][ T7477] CPU: 0 UID: 0 PID: 7477 Comm: syz.2.416 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  179.645483][ T7477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  179.655551][ T7477] Call Trace:
[  179.658842][ T7477]  <TASK>
[  179.661785][ T7477]  dump_stack_lvl+0x16c/0x1f0
[  179.666483][ T7477]  should_fail_ex+0x497/0x5b0
[  179.671180][ T7477]  ? fs_reclaim_acquire+0xae/0x150
[  179.676310][ T7477]  should_failslab+0xc2/0x120
[  179.681012][ T7477]  kmem_cache_alloc_node_noprof+0x71/0x310
[  179.686845][ T7477]  ? __alloc_skb+0x2b1/0x380
[  179.691465][ T7477]  __alloc_skb+0x2b1/0x380
[  179.695909][ T7477]  ? __pfx___alloc_skb+0x10/0x10
[  179.700871][ T7477]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  179.706893][ T7477]  netlink_alloc_large_skb+0x69/0x130
[  179.712290][ T7477]  netlink_sendmsg+0x689/0xd70
[  179.717078][ T7477]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.722394][ T7477]  ____sys_sendmsg+0xaaf/0xc90
[  179.727178][ T7477]  ? copy_msghdr_from_user+0x10b/0x160
[  179.732658][ T7477]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.737957][ T7477]  ? __lock_acquire+0xcc5/0x3c40
[  179.742934][ T7477]  ___sys_sendmsg+0x135/0x1e0
[  179.747632][ T7477]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.752863][ T7477]  ? trace_lock_acquire+0x14a/0x1d0
[  179.758101][ T7477]  __sys_sendmmsg+0x201/0x420
[  179.762804][ T7477]  ? __pfx___sys_sendmmsg+0x10/0x10
[  179.768029][ T7477]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  179.774038][ T7477]  ? fput+0x67/0x440
[  179.777950][ T7477]  ? ksys_write+0x1ba/0x250
[  179.782462][ T7477]  ? __pfx_ksys_write+0x10/0x10
[  179.787329][ T7477]  __x64_sys_sendmmsg+0x9c/0x100
[  179.792284][ T7477]  ? lockdep_hardirqs_on+0x7c/0x110
[  179.797498][ T7477]  do_syscall_64+0xcd/0x250
[  179.802020][ T7477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.807930][ T7477] RIP: 0033:0x7f207717e819
[  179.812355][ T7477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.831981][ T7477] RSP: 002b:00007f2077eba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  179.840411][ T7477] RAX: ffffffffffffffda RBX: 00007f2077335fa0 RCX: 00007f207717e819
[  179.848395][ T7477] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  179.856381][ T7477] RBP: 00007f2077eba090 R08: 0000000000000000 R09: 0000000000000000
[  179.864372][ T7477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.872356][ T7477] R13: 0000000000000000 R14: 00007f2077335fa0 R15: 00007ffda1750108
[  179.880623][ T7477]  </TASK>
[  179.883757][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.404570][ T5850] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  180.655250][ T5921] usb 1-1: USB disconnect, device number 16
[  181.169119][ T5850] usb 3-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  181.206608][ T5850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.231307][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  181.265024][   T29] audit: type=1400 audit(1732205031.439:386): avc:  denied  { connect } for  pid=7516 comm="syz.3.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  181.284296][    C0] vkms_vblank_simulate: vblank timer overrun
[  181.333699][ T5850] usb 3-1: config 0 descriptor??
[  181.389616][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.408329][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.424013][ T7519] FAULT_INJECTION: forcing a failure.
[  181.424013][ T7519] name failslab, interval 1, probability 0, space 0, times 0
[  181.453359][    T9] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  181.474837][ T7519] CPU: 0 UID: 0 PID: 7519 Comm: syz.5.425 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  181.485128][ T7519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  181.495205][ T7519] Call Trace:
[  181.498489][ T7519]  <TASK>
[  181.501423][ T7519]  dump_stack_lvl+0x16c/0x1f0
[  181.506115][ T7519]  should_fail_ex+0x497/0x5b0
[  181.510804][ T7519]  ? fs_reclaim_acquire+0xae/0x150
[  181.515929][ T7519]  should_failslab+0xc2/0x120
[  181.520620][ T7519]  kmem_cache_alloc_node_noprof+0x71/0x310
[  181.526445][ T7519]  ? __alloc_skb+0x2b1/0x380
[  181.531060][ T7519]  __alloc_skb+0x2b1/0x380
[  181.535496][ T7519]  ? __pfx___alloc_skb+0x10/0x10
[  181.540449][ T7519]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  181.546448][ T7519]  netlink_alloc_large_skb+0x69/0x130
[  181.551848][ T7519]  netlink_sendmsg+0x689/0xd70
[  181.556633][ T7519]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.561944][ T7519]  ____sys_sendmsg+0xaaf/0xc90
[  181.566725][ T7519]  ? copy_msghdr_from_user+0x10b/0x160
[  181.572205][ T7519]  ? __pfx_____sys_sendmsg+0x10/0x10
[  181.577515][ T7519]  ___sys_sendmsg+0x135/0x1e0
[  181.582214][ T7519]  ? __pfx____sys_sendmsg+0x10/0x10
[  181.587439][ T7519]  ? __pfx_lock_release+0x10/0x10
[  181.592470][ T7519]  ? trace_lock_acquire+0x14a/0x1d0
[  181.597697][ T7519]  ? __fget_files+0x206/0x3a0
[  181.602397][ T7519]  __sys_sendmsg+0x16e/0x220
[  181.607008][ T7519]  ? __pfx___sys_sendmsg+0x10/0x10
[  181.612153][ T7519]  do_syscall_64+0xcd/0x250
[  181.616669][ T7519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.622582][ T7519] RIP: 0033:0x7fa6f957e819
[  181.627005][ T7519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.646635][ T7519] RSP: 002b:00007fa6f73f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.655071][ T7519] RAX: ffffffffffffffda RBX: 00007fa6f9735fa0 RCX: 00007fa6f957e819
[  181.663045][ T7519] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  181.671003][ T7519] RBP: 00007fa6f73f6090 R08: 0000000000000000 R09: 0000000000000000
[  181.678985][ T7519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.686943][ T7519] R13: 0000000000000000 R14: 00007fa6f9735fa0 R15: 00007ffe7802bc18
[  181.694913][ T7519]  </TASK>
[  181.698053][    C0] vkms_vblank_simulate: vblank timer overrun
[  181.733095][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.753228][    T9] usb 2-1: config 0 descriptor??
[  181.884403][ T7526] netlink: 24 bytes leftover after parsing attributes in process `syz.3.426'.
[  182.457473][ T5850] hackrf 3-1:0.0: usb_control_msg() failed -110 request 0e
[  182.464809][ T5850] hackrf 3-1:0.0: Could not detect board
[  182.471390][ T5850] hackrf 3-1:0.0: probe with driver hackrf failed with error -110
[  182.480745][    T9] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0
[  182.488108][    T9] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0
[  182.499888][    T9] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0003/input/input8
[  182.589497][ T5850] usb 3-1: USB disconnect, device number 8
[  182.719269][ T7537] FAULT_INJECTION: forcing a failure.
[  182.719269][ T7537] name failslab, interval 1, probability 0, space 0, times 0
[  182.763840][ T7537] CPU: 1 UID: 0 PID: 7537 Comm: syz.3.427 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  182.765327][    T9] cm6533_jd 0003:0D8C:0022.0003: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[  182.774104][ T7537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  182.774143][ T7537] Call Trace:
[  182.774150][ T7537]  <TASK>
[  182.774160][ T7537]  dump_stack_lvl+0x16c/0x1f0
[  182.774189][ T7537]  should_fail_ex+0x497/0x5b0
[  182.774214][ T7537]  ? fs_reclaim_acquire+0xae/0x150
[  182.774237][ T7537]  should_failslab+0xc2/0x120
[  182.774262][ T7537]  __kmalloc_cache_noprof+0x6b/0x300
[  182.774285][ T7537]  ? io_sqe_buffer_register+0x117/0x22d0
[  182.774309][ T7537]  io_sqe_buffer_register+0x117/0x22d0
[  182.838526][ T7537]  ? copy_iovec_from_user+0x138/0x170
[  182.843906][ T7537]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[  182.849811][ T7537]  ? iovec_from_user.part.0+0x7e/0x130
[  182.855299][ T7537]  io_sqe_buffers_register+0x1fa/0x740
[  182.860753][ T7537]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[  182.866728][ T7537]  ? __pfx___mutex_trylock_common+0x10/0x10
[  182.872609][ T7537]  ? __x64_sys_io_uring_register+0x168/0x2a0
[  182.878580][ T7537]  __io_uring_register+0x222f/0x2290
[  182.883856][ T7537]  ? trace_contention_end+0xea/0x140
[  182.889126][ T7537]  ? __pfx___io_uring_register+0x10/0x10
[  182.894749][ T7537]  ? __mutex_lock+0x1cc/0xa60
[  182.899418][ T7537]  ? __fget_files+0x1fc/0x3a0
[  182.904082][ T7537]  ? __x64_sys_io_uring_register+0x168/0x2a0
[  182.910060][ T7537]  ? __pfx_lock_release+0x10/0x10
[  182.915087][ T7537]  ? trace_lock_acquire+0x14a/0x1d0
[  182.920281][ T7537]  ? __pfx___mutex_lock+0x10/0x10
[  182.925298][ T7537]  ? __fget_files+0x40/0x3a0
[  182.929878][ T7537]  ? __fget_files+0x206/0x3a0
[  182.934543][ T7537]  __x64_sys_io_uring_register+0x17a/0x2a0
[  182.940464][ T7537]  do_syscall_64+0xcd/0x250
[  182.944979][ T7537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.950860][ T7537] RIP: 0033:0x7f2e1f17e819
[  182.955259][ T7537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.974857][ T7537] RSP: 002b:00007f2e1ffae038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  182.983257][ T7537] RAX: ffffffffffffffda RBX: 00007f2e1f335fa0 RCX: 00007f2e1f17e819
[  182.991222][ T7537] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000005
[  182.999186][ T7537] RBP: 00007f2e1ffae090 R08: 0000000000000000 R09: 0000000000000000
[  183.007147][ T7537] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001
[  183.015109][ T7537] R13: 0000000000000000 R14: 00007f2e1f335fa0 R15: 00007ffe92feee78
[  183.023077][ T7537]  </TASK>
[  183.498794][    T9] usb 2-1: USB disconnect, device number 22
[  183.582624][ T7549] FAULT_INJECTION: forcing a failure.
[  183.582624][ T7549] name failslab, interval 1, probability 0, space 0, times 0
[  183.655665][ T7549] CPU: 1 UID: 0 PID: 7549 Comm: syz.3.431 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  183.665922][ T7549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  183.675971][ T7549] Call Trace:
[  183.679235][ T7549]  <TASK>
[  183.682163][ T7549]  dump_stack_lvl+0x16c/0x1f0
[  183.686837][ T7549]  should_fail_ex+0x497/0x5b0
[  183.691501][ T7549]  ? fs_reclaim_acquire+0xae/0x150
[  183.696629][ T7549]  should_failslab+0xc2/0x120
[  183.701304][ T7549]  kmem_cache_alloc_node_noprof+0x71/0x310
[  183.707099][ T7549]  ? __alloc_skb+0x2b1/0x380
[  183.711676][ T7549]  __alloc_skb+0x2b1/0x380
[  183.716074][ T7549]  ? __pfx___alloc_skb+0x10/0x10
[  183.720992][ T7549]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  183.726957][ T7549]  netlink_alloc_large_skb+0x69/0x130
[  183.732311][ T7549]  netlink_sendmsg+0x689/0xd70
[  183.737061][ T7549]  ? __pfx_netlink_sendmsg+0x10/0x10
[  183.742348][ T7549]  ____sys_sendmsg+0xaaf/0xc90
[  183.747094][ T7549]  ? copy_msghdr_from_user+0x10b/0x160
[  183.752540][ T7549]  ? __pfx_____sys_sendmsg+0x10/0x10
[  183.757808][ T7549]  ___sys_sendmsg+0x135/0x1e0
[  183.762468][ T7549]  ? __pfx____sys_sendmsg+0x10/0x10
[  183.767653][ T7549]  ? __pfx_lock_release+0x10/0x10
[  183.772656][ T7549]  ? trace_lock_acquire+0x14a/0x1d0
[  183.777842][ T7549]  ? __fget_files+0x206/0x3a0
[  183.782507][ T7549]  __sys_sendmsg+0x16e/0x220
[  183.787087][ T7549]  ? __pfx___sys_sendmsg+0x10/0x10
[  183.792189][ T7549]  do_syscall_64+0xcd/0x250
[  183.796676][ T7549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.802555][ T7549] RIP: 0033:0x7f2e1f17e819
[  183.806950][ T7549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.826542][ T7549] RSP: 002b:00007f2e1ffae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.834934][ T7549] RAX: ffffffffffffffda RBX: 00007f2e1f335fa0 RCX: 00007f2e1f17e819
[  183.842882][ T7549] RDX: 0000000024000004 RSI: 00000000200000c0 RDI: 0000000000000003
[  183.850829][ T7549] RBP: 00007f2e1ffae090 R08: 0000000000000000 R09: 0000000000000000
[  183.858778][ T7549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.866729][ T7549] R13: 0000000000000000 R14: 00007f2e1f335fa0 R15: 00007ffe92feee78
[  183.874690][ T7549]  </TASK>
[  184.027339][ T7561] binder: 7558:7561 ioctl c0306201 200005c0 returned -14
[  184.046605][   T29] audit: type=1400 audit(1732205034.199:387): avc:  denied  { write } for  pid=7558 comm="syz.5.434" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  184.072791][ T5906] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  184.252740][ T5906] usb 3-1: Using ep0 maxpacket: 8
[  184.284677][ T5906] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  184.303586][ T5906] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.330840][ T5906] usb 3-1: Product: syz
[  184.357002][ T5906] usb 3-1: Manufacturer: syz
[  184.398252][ T5906] usb 3-1: SerialNumber: syz
[  184.761007][ T5906] usb 3-1: config 0 descriptor??
[  185.380852][   T29] audit: type=1400 audit(1732205035.549:388): avc:  denied  { ioctl } for  pid=7576 comm="syz.5.438" path="/dev/ptyqe" dev="devtmpfs" ino=133 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  185.430342][ T5906] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  185.452043][ T5833] Bluetooth: hci5: sending frame failed (-49)
[  185.459372][ T5857] Bluetooth: hci5: Entering manufacturer mode failed (-49)
[  185.463180][ T7580] FAULT_INJECTION: forcing a failure.
[  185.463180][ T7580] name failslab, interval 1, probability 0, space 0, times 0
[  185.480381][ T7580] CPU: 1 UID: 0 PID: 7580 Comm: syz.0.439 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  185.490637][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  185.500859][ T7580] Call Trace:
[  185.504130][ T7580]  <TASK>
[  185.507051][ T7580]  dump_stack_lvl+0x16c/0x1f0
[  185.511728][ T7580]  should_fail_ex+0x497/0x5b0
[  185.516398][ T7580]  ? fs_reclaim_acquire+0xae/0x150
[  185.521502][ T7580]  should_failslab+0xc2/0x120
[  185.526179][ T7580]  kmem_cache_alloc_node_noprof+0x71/0x310
[  185.531981][ T7580]  ? __alloc_skb+0x2b1/0x380
[  185.536569][ T7580]  __alloc_skb+0x2b1/0x380
[  185.540978][ T7580]  ? __pfx___alloc_skb+0x10/0x10
[  185.545917][ T7580]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  185.551900][ T7580]  netlink_alloc_large_skb+0x69/0x130
[  185.557266][ T7580]  netlink_sendmsg+0x689/0xd70
[  185.562025][ T7580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.567312][ T7580]  ____sys_sendmsg+0xaaf/0xc90
[  185.572075][ T7580]  ? copy_msghdr_from_user+0x10b/0x160
[  185.577528][ T7580]  ? __pfx_____sys_sendmsg+0x10/0x10
[  185.582804][ T7580]  ? __lock_acquire+0xcc5/0x3c40
[  185.587763][ T7580]  ___sys_sendmsg+0x135/0x1e0
[  185.592458][ T7580]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.597669][ T7580]  ? trace_lock_acquire+0x14a/0x1d0
[  185.602882][ T7580]  __sys_sendmmsg+0x201/0x420
[  185.607564][ T7580]  ? __pfx___sys_sendmmsg+0x10/0x10
[  185.612765][ T7580]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  185.618747][ T7580]  ? fput+0x67/0x440
[  185.622660][ T7580]  ? ksys_write+0x1ba/0x250
[  185.627153][ T7580]  ? __pfx_ksys_write+0x10/0x10
[  185.631995][ T7580]  __x64_sys_sendmmsg+0x9c/0x100
[  185.636930][ T7580]  ? lockdep_hardirqs_on+0x7c/0x110
[  185.642121][ T7580]  do_syscall_64+0xcd/0x250
[  185.646626][ T7580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.652518][ T7580] RIP: 0033:0x7ff5da97e819
[  185.656930][ T7580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.676530][ T7580] RSP: 002b:00007ff5db6f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  185.684941][ T7580] RAX: ffffffffffffffda RBX: 00007ff5dab35fa0 RCX: 00007ff5da97e819
[  185.692900][ T7580] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  185.700867][ T7580] RBP: 00007ff5db6f2090 R08: 0000000000000000 R09: 0000000000000000
[  185.708826][ T7580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.716792][ T7580] R13: 0000000000000000 R14: 00007ff5dab35fa0 R15: 00007ffc04133c78
[  185.724762][ T7580]  </TASK>
[  186.212625][ T5921] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  186.251370][   T29] audit: type=1400 audit(1732205036.329:389): avc:  denied  { write } for  pid=7585 comm="syz.0.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  186.299386][ T5906] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  186.424395][ T5921] usb 4-1: Using ep0 maxpacket: 16
[  186.470027][ T5921] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  186.588956][ T5921] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  186.613631][ T5921] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  186.636789][ T5921] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  186.691352][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  186.732975][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.741630][ T5921] usb 4-1: Product: syz
[  186.748946][ T5921] usb 4-1: Manufacturer: syz
[  186.753709][ T5921] usb 4-1: SerialNumber: syz
[  186.843293][    T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.856600][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  186.869677][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  186.880314][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  186.893642][    T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  186.903041][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.913446][    T9] usb 6-1: config 0 descriptor??
[  187.062973][  T965] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  187.169897][ T5921] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[  187.223048][  T965] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  187.233444][  T965] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  187.243891][  T965] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  187.253169][  T965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  187.262185][  T965] usb 2-1: SerialNumber: syz
[  187.329971][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.341575][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.349011][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.360274][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.368723][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.382864][ T5906] usb 3-1: USB disconnect, device number 9
[  187.387075][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.397883][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.411927][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.419381][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.431511][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.449775][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.458309][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.465890][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.483352][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.496104][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  187.506586][    T9] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  187.608150][    T9] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  188.593786][ T5921] usb 4-1: failed to read current rate; disabling the check
[  188.831939][ T5878] usb 6-1: reset high-speed USB device number 2 using dummy_hcd
[  188.860496][  T965] usb 2-1: 0:2 : does not exist
[  188.891541][ T5921] usb 4-1: USB disconnect, device number 6
[  189.123280][ T7635] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.450'.
[  189.143452][ T5876] usb 2-1: USB disconnect, device number 23
[  189.149133][ T7635] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0
[  189.233126][ T7539] udevd[7539]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  189.820179][ T7646] sch_tbf: burst 6758 is lower than device lo mtu (65550) !
[  189.947194][   T29] audit: type=1400 audit(1732205040.119:390): avc:  denied  { create } for  pid=7655 comm="syz.0.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  190.003790][   T29] audit: type=1400 audit(1732205040.169:391): avc:  denied  { getopt } for  pid=7655 comm="syz.0.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  190.031845][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  190.086182][ T7663] netlink: 'syz.0.456': attribute type 10 has an invalid length.
[  190.181633][ T5878] usb 6-1: device descriptor read/64, error -71
[  190.324088][ T5850] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  190.473744][ T5878] usb 6-1: reset high-speed USB device number 2 using dummy_hcd
[  190.531969][ T5878] usb 6-1: device reset changed ep0 maxpacket size!
[  190.552178][ T5850] usb 3-1: Using ep0 maxpacket: 8
[  190.651081][ T5850] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  190.669278][    T9] usb 6-1: USB disconnect, device number 2
[  190.675307][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.693764][ T5850] usb 3-1: Product: syz
[  190.701776][ T5850] usb 3-1: Manufacturer: syz
[  190.706767][ T5850] usb 3-1: SerialNumber: syz
[  190.726107][ T5850] usb 3-1: config 0 descriptor??
[  190.847475][    T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  190.940424][ T5850] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  191.035637][    T9] usb 6-1: Using ep0 maxpacket: 8
[  191.043984][ T7690] dccp_v6_rcv: dropped packet with invalid checksum
[  191.118175][    T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  191.130602][    T9] usb 6-1: config 0 has no interface number 0
[  191.208739][    T9] usb 6-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  191.231233][    T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  191.254741][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.499502][    T9] usb 6-1: config 0 descriptor??
[  191.508641][    T9] iowarrior 6-1:0.1: no interrupt-in endpoint found
[  191.690908][ T5850] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  192.594187][ T5921] usb 6-1: USB disconnect, device number 3
[  193.057688][ T7719] netlink: 'syz.1.473': attribute type 1 has an invalid length.
[  193.138986][    T9] usb 3-1: USB disconnect, device number 10
[  194.183948][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  194.190504][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  195.900799][ T7773] netlink: 'syz.0.486': attribute type 27 has an invalid length.
[  195.984458][ T7773] bond0: (slave bond_slave_0): Releasing backup interface
[  196.160318][ T5850] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  196.700246][   T29] audit: type=1400 audit(1732205046.349:392): avc:  denied  { setopt } for  pid=7779 comm="syz.3.489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  196.803356][   T29] audit: type=1400 audit(1732205046.979:393): avc:  denied  { recv } for  pid=0 comm="swapper/1" saddr=10.128.0.169 src=30006 daddr=10.128.0.196 dest=47662 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  196.846782][ T5850] usb 2-1: Using ep0 maxpacket: 8
[  196.868584][ T5850] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  196.877902][ T5850] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.920847][ T5850] usb 2-1: Product: syz
[  196.925225][ T5850] usb 2-1: Manufacturer: syz
[  196.929845][ T5850] usb 2-1: SerialNumber: syz
[  196.969570][ T5850] usb 2-1: config 0 descriptor??
[  197.256722][ T5850] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  197.427351][ T7806] netlink: 'syz.3.492': attribute type 1 has an invalid length.
[  197.435142][ T7806] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.492'.
[  198.879787][ T5850] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  198.933884][ T5850] usb 2-1: USB disconnect, device number 24
[  199.401244][   T29] audit: type=1400 audit(1732205049.489:394): avc:  denied  { egress } for  pid=7818 comm="syz.0.495" saddr=fe80::1c daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  199.445406][   T29] audit: type=1400 audit(1732205049.489:395): avc:  denied  { sendto } for  pid=7818 comm="syz.0.495" saddr=fe80::1c daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  199.468491][    C0] vkms_vblank_simulate: vblank timer overrun
[  201.331348][   T29] audit: type=1400 audit(1732205050.719:396): avc:  denied  { write } for  pid=7834 comm="syz.0.498" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  201.451322][   T29] audit: type=1400 audit(1732205050.719:397): avc:  denied  { open } for  pid=7834 comm="syz.0.498" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  201.661037][   T29] audit: type=1400 audit(1732205051.689:398): avc:  denied  { create } for  pid=7847 comm="syz.3.501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  201.753768][   T29] audit: type=1400 audit(1732205051.809:399): avc:  denied  { listen } for  pid=7847 comm="syz.3.501" path=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  201.823047][ T7858] 9pnet_fd: Insufficient options for proto=fd
[  201.865109][ T7861] 9pnet_fd: Insufficient options for proto=fd
[  203.227004][ T7863] netlink: 'syz.1.502': attribute type 1 has an invalid length.
[  203.253395][ T7864] netlink: 'syz.5.503': attribute type 1 has an invalid length.
[  203.529456][ T7875] FAULT_INJECTION: forcing a failure.
[  203.529456][ T7875] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.545589][ T7875] CPU: 1 UID: 0 PID: 7875 Comm: syz.1.506 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  203.555869][ T7875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  203.565938][ T7875] Call Trace:
[  203.569232][ T7875]  <TASK>
[  203.572175][ T7875]  dump_stack_lvl+0x16c/0x1f0
[  203.576871][ T7875]  should_fail_ex+0x497/0x5b0
[  203.581553][ T7875]  _copy_from_user+0x2e/0xd0
[  203.586144][ T7875]  copy_msghdr_from_user+0x99/0x160
[  203.591339][ T7875]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  203.597146][ T7875]  ___sys_sendmsg+0xff/0x1e0
[  203.601731][ T7875]  ? __pfx____sys_sendmsg+0x10/0x10
[  203.606930][ T7875]  ? __pfx_lock_release+0x10/0x10
[  203.611944][ T7875]  ? trace_lock_acquire+0x14a/0x1d0
[  203.617140][ T7875]  ? __fget_files+0x206/0x3a0
[  203.621811][ T7875]  __sys_sendmsg+0x16e/0x220
[  203.626403][ T7875]  ? __pfx___sys_sendmsg+0x10/0x10
[  203.631524][ T7875]  do_syscall_64+0xcd/0x250
[  203.636029][ T7875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.641914][ T7875] RIP: 0033:0x7f313a17e819
[  203.646325][ T7875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.665923][ T7875] RSP: 002b:00007f313afdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.674369][ T7875] RAX: ffffffffffffffda RBX: 00007f313a335fa0 RCX: 00007f313a17e819
[  203.682332][ T7875] RDX: 000000000000ff00 RSI: 00000000200002c0 RDI: 0000000000000004
[  203.690290][ T7875] RBP: 00007f313afdf090 R08: 0000000000000000 R09: 0000000000000000
[  203.698250][ T7875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.706213][ T7875] R13: 0000000000000000 R14: 00007f313a335fa0 R15: 00007ffebabdb1d8
[  203.714182][ T7875]  </TASK>
[  203.734369][ T5881] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  203.805630][ T7876] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.871424][ T5878] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  203.901589][ T5881] usb 1-1: Using ep0 maxpacket: 8
[  203.910365][ T5881] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  203.936981][ T5881] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  203.976177][ T5881] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  203.988766][ T5881] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  204.031342][ T5878] usb 4-1: Using ep0 maxpacket: 8
[  204.036935][ T5878] usb 4-1: no configurations
[  204.049494][ T5878] usb 4-1: can't read configurations, error -22
[  204.056403][ T5881] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  204.071315][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  204.084720][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.191477][ T5878] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  204.221335][    T9] usb 2-1: Using ep0 maxpacket: 8
[  204.229613][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  204.238829][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.249082][    T9] usb 2-1: Product: syz
[  204.274206][    T9] usb 2-1: Manufacturer: syz
[  204.283249][    T9] usb 2-1: SerialNumber: syz
[  204.298304][    T9] usb 2-1: config 0 descriptor??
[  204.307339][ T5881] usb 1-1: GET_CAPABILITIES returned 0
[  204.328919][ T5881] usbtmc 1-1:16.0: can't read capabilities
[  204.342039][ T5878] usb 4-1: Using ep0 maxpacket: 8
[  204.348578][ T5878] usb 4-1: no configurations
[  204.368713][ T5878] usb 4-1: can't read configurations, error -22
[  204.434810][ T5878] usb usb4-port1: attempt power cycle
[  204.813716][    T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  204.851430][ T5878] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  204.883154][ T5878] usb 4-1: Using ep0 maxpacket: 8
[  204.889065][ T5878] usb 4-1: no configurations
[  204.894993][ T5878] usb 4-1: can't read configurations, error -22
[  205.031484][ T5878] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  205.052075][ T5878] usb 4-1: Using ep0 maxpacket: 8
[  205.057925][ T5878] usb 4-1: no configurations
[  205.065990][ T7868] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.076316][ T7868] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.088160][ T5878] usb 4-1: can't read configurations, error -22
[  205.099601][ T5878] usb usb4-port1: unable to enumerate USB device
[  205.157509][ T7918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.169185][ T7918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.018872][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  206.027181][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  206.034581][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  206.042845][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  206.050240][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  206.057749][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  206.098268][    T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  206.115467][    T9] usb 2-1: USB disconnect, device number 25
[  206.331294][ T5906] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  206.383310][ T5921] usb 1-1: USB disconnect, device number 17
[  206.411240][ T7966] 9pnet_fd: Insufficient options for proto=fd
[  206.621270][ T5906] usb 6-1: Using ep0 maxpacket: 16
[  206.628876][ T5906] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.640742][ T5906] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.650807][ T5906] usb 6-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  206.659957][ T5906] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.711359][ T7975] netlink: 'syz.2.516': attribute type 1 has an invalid length.
[  207.035771][ T7979] FAULT_INJECTION: forcing a failure.
[  207.035771][ T7979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.147892][ T7979] CPU: 1 UID: 0 PID: 7979 Comm: syz.3.519 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  207.158194][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  207.168266][ T7979] Call Trace:
[  207.171567][ T7979]  <TASK>
[  207.174508][ T7979]  dump_stack_lvl+0x16c/0x1f0
[  207.179201][ T7979]  should_fail_ex+0x497/0x5b0
[  207.183896][ T7979]  _copy_from_user+0x2e/0xd0
[  207.188506][ T7979]  move_addr_to_kernel+0x68/0x160
[  207.193553][ T7979]  __copy_msghdr+0x386/0x470
[  207.198160][ T7979]  copy_msghdr_from_user+0xc2/0x160
[  207.203371][ T7979]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  207.209190][ T7979]  ? __lock_acquire+0xcc5/0x3c40
[  207.214152][ T7979]  ___sys_sendmsg+0xff/0x1e0
[  207.218759][ T7979]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.223991][ T7979]  ? trace_lock_acquire+0x14a/0x1d0
[  207.229226][ T7979]  __sys_sendmmsg+0x201/0x420
[  207.233919][ T7979]  ? __pfx___sys_sendmmsg+0x10/0x10
[  207.239142][ T7979]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  207.245146][ T7979]  ? fput+0x67/0x440
[  207.249054][ T7979]  ? ksys_write+0x1ba/0x250
[  207.253576][ T7979]  __x64_sys_sendmmsg+0x9c/0x100
[  207.258528][ T7979]  ? lockdep_hardirqs_on+0x7c/0x110
[  207.263738][ T7979]  do_syscall_64+0xcd/0x250
[  207.268256][ T7979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.274164][ T7979] RIP: 0033:0x7f2e1f17e819
[  207.278583][ T7979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.298215][ T7979] RSP: 002b:00007f2e1ffae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  207.306650][ T7979] RAX: ffffffffffffffda RBX: 00007f2e1f335fa0 RCX: 00007f2e1f17e819
[  207.314629][ T7979] RDX: 0000000000000002 RSI: 0000000020000e40 RDI: 0000000000000003
[  207.322621][ T7979] RBP: 00007f2e1ffae090 R08: 0000000000000000 R09: 0000000000000000
[  207.330616][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.338614][ T7979] R13: 0000000000000000 R14: 00007f2e1f335fa0 R15: 00007ffe92feee78
[  207.346622][ T7979]  </TASK>
[  207.352296][ T5906] usb 6-1: config 0 descriptor??
[  207.586730][   T29] audit: type=1400 audit(1732205057.759:400): avc:  denied  { connect } for  pid=7983 comm="syz.2.522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  207.632608][ T7985] FAULT_INJECTION: forcing a failure.
[  207.632608][ T7985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.646234][ T7985] CPU: 0 UID: 0 PID: 7985 Comm: syz.2.522 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  207.656499][ T7985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  207.666569][ T7985] Call Trace:
[  207.669863][ T7985]  <TASK>
[  207.672805][ T7985]  dump_stack_lvl+0x16c/0x1f0
[  207.677516][ T7985]  should_fail_ex+0x497/0x5b0
[  207.682206][ T7985]  _copy_from_user+0x2e/0xd0
[  207.686796][ T7985]  ____sys_sendmsg+0x590/0xc90
[  207.691553][ T7985]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.696829][ T7985]  ? __lock_acquire+0xcc5/0x3c40
[  207.701765][ T7985]  ___sys_sendmsg+0x135/0x1e0
[  207.706441][ T7985]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.711643][ T7985]  ? trace_lock_acquire+0x14a/0x1d0
[  207.716845][ T7985]  __sys_sendmmsg+0x201/0x420
[  207.721515][ T7985]  ? __pfx___sys_sendmmsg+0x10/0x10
[  207.726710][ T7985]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  207.732688][ T7985]  ? fput+0x67/0x440
[  207.736579][ T7985]  ? ksys_write+0x1ba/0x250
[  207.741073][ T7985]  ? __pfx_ksys_write+0x10/0x10
[  207.745914][ T7985]  __x64_sys_sendmmsg+0x9c/0x100
[  207.750843][ T7985]  ? lockdep_hardirqs_on+0x7c/0x110
[  207.756032][ T7985]  do_syscall_64+0xcd/0x250
[  207.760533][ T7985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.766421][ T7985] RIP: 0033:0x7f207717e819
[  207.770825][ T7985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.790417][ T7985] RSP: 002b:00007f2077eba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  207.798815][ T7985] RAX: ffffffffffffffda RBX: 00007f2077335fa0 RCX: 00007f207717e819
[  207.806772][ T7985] RDX: 0000000000000002 RSI: 0000000020000180 RDI: 0000000000000003
[  207.814751][ T7985] RBP: 00007f2077eba090 R08: 0000000000000000 R09: 0000000000000000
[  207.822705][ T7985] R10: 0000000000042094 R11: 0000000000000246 R12: 0000000000000001
[  207.830663][ T7985] R13: 0000000000000000 R14: 00007f2077335fa0 R15: 00007ffda1750108
[  207.838628][ T7985]  </TASK>
[  207.843139][ T5921] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  207.942512][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.523'.
[  207.976199][ T7988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.991475][ T7988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.013473][ T5921] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  208.023955][ T5921] usb 1-1: New USB device found, idVendor=0471, idProduct=0308, bcdDevice=e4.df
[  208.040389][ T5921] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.051364][ T5906] hid (null): unknown global tag 0xd
[  208.056727][ T5906] hid (null): unknown global tag 0xd
[  208.069470][ T5906] hid (null): report_id 40203 is invalid
[  208.086172][ T7989] netlink: 36 bytes leftover after parsing attributes in process `syz.2.523'.
[  208.087944][ T5906] hid (null): invalid report_size -1862471209
[  208.117184][ T5906] hid (null): invalid report_size -1217885453
[  208.124941][ T5921] usb 1-1: config 0 descriptor??
[  208.131582][ T5906] hid (null): unknown global tag 0x36
[  208.138856][ T5921] pwc: Philips PCVC680K (Vesta Pro) USB webcam detected.
[  208.323105][ T7957] sctp: [Deprecated]: syz.5.515 (pid 7957) Use of int in max_burst socket option deprecated.
[  208.323105][ T7957] Use struct sctp_assoc_value instead
[  208.377302][ T5921] pwc: send_video_command error -71
[  208.382616][ T5921] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  208.390195][ T5921] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  208.403775][ T5906] usb 6-1: string descriptor 0 read error: -71
[  208.410419][ T5921] usb 1-1: USB disconnect, device number 18
[  208.544575][ T5906] usb 6-1: Max retries (5) exceeded reading string descriptor 200
[  209.043819][ T5906] letsketch 0003:6161:4D15.0005: probe with driver letsketch failed with error -32
[  209.096099][ T5906] usb 6-1: USB disconnect, device number 4
[  209.673114][ T8011] netlink: 28 bytes leftover after parsing attributes in process `syz.5.529'.
[  209.682147][ T8011] netlink: 28 bytes leftover after parsing attributes in process `syz.5.529'.
[  209.851471][ T5906] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  210.322774][ T5906] usb 1-1: Using ep0 maxpacket: 8
[  210.331119][ T5906] usb 1-1: no configurations
[  210.339142][ T5906] usb 1-1: can't read configurations, error -22
[  210.501462][ T5906] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  210.661671][ T5906] usb 1-1: Using ep0 maxpacket: 8
[  210.680622][ T5906] usb 1-1: no configurations
[  210.709854][ T5906] usb 1-1: can't read configurations, error -22
[  210.746602][ T5906] usb usb1-port1: attempt power cycle
[  210.903983][ T8024] FAULT_INJECTION: forcing a failure.
[  210.903983][ T8024] name failslab, interval 1, probability 0, space 0, times 0
[  210.931466][ T8024] CPU: 1 UID: 0 PID: 8024 Comm: syz.3.534 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  210.941758][ T8024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  210.951823][ T8024] Call Trace:
[  210.955102][ T8024]  <TASK>
[  210.958036][ T8024]  dump_stack_lvl+0x16c/0x1f0
[  210.962729][ T8024]  should_fail_ex+0x497/0x5b0
[  210.967417][ T8024]  ? fs_reclaim_acquire+0xae/0x150
[  210.972545][ T8024]  should_failslab+0xc2/0x120
[  210.977241][ T8024]  __kmalloc_cache_noprof+0x6b/0x300
[  210.982539][ T8024]  ? __xdp_reg_mem_model+0x3eb/0x680
[  210.987844][ T8024]  __xdp_reg_mem_model+0x3eb/0x680
[  210.992975][ T8024]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[  210.998622][ T8024]  ? page_pool_list+0x262/0x2f0
[  211.003494][ T8024]  xdp_reg_mem_model+0x22/0x70
[  211.008271][ T8024]  bpf_test_run_xdp_live+0x1cc/0x500
[  211.013568][ T8024]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  211.019379][ T8024]  ? find_held_lock+0x2d/0x110
[  211.024159][ T8024]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  211.030069][ T8024]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  211.035979][ T8024]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  211.041819][ T8024]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  211.047119][ T8024]  ? 0xffffffffa0003b40
[  211.051281][ T8024]  ? 0xffffffffa0003b40
[  211.055437][ T8024]  ? 0xffffffffa0003b40
[  211.059605][ T8024]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  211.065524][ T8024]  bpf_prog_test_run_xdp+0x827/0x1580
[  211.070936][ T8024]  ? lock_acquire+0x2f/0xb0
[  211.075452][ T8024]  ? __fget_files+0x40/0x3a0
[  211.080052][ T8024]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  211.085870][ T8024]  ? __fget_files+0x206/0x3a0
[  211.090557][ T8024]  ? fput+0x67/0x440
[  211.094462][ T8024]  ? __bpf_prog_get+0xa0/0x290
[  211.099231][ T8024]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  211.105046][ T8024]  __sys_bpf+0xfc6/0x49a0
[  211.109384][ T8024]  ? __pfx_lock_release+0x10/0x10
[  211.114421][ T8024]  ? __pfx___sys_bpf+0x10/0x10
[  211.119192][ T8024]  ? vfs_write+0x306/0x1150
[  211.123720][ T8024]  ? __mutex_unlock_slowpath+0x164/0x690
[  211.129391][ T8024]  ? fput+0x67/0x440
[  211.133312][ T8024]  ? ksys_write+0x1ba/0x250
[  211.137842][ T8024]  ? __pfx_ksys_write+0x10/0x10
[  211.142716][ T8024]  __x64_sys_bpf+0x78/0xc0
[  211.147145][ T8024]  ? lockdep_hardirqs_on+0x7c/0x110
[  211.152359][ T8024]  do_syscall_64+0xcd/0x250
[  211.156879][ T8024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.162793][ T8024] RIP: 0033:0x7f2e1f17e819
[  211.167222][ T8024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.186844][ T8024] RSP: 002b:00007f2e1ffae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  211.195274][ T8024] RAX: ffffffffffffffda RBX: 00007f2e1f335fa0 RCX: 00007f2e1f17e819
[  211.203257][ T8024] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  211.211234][ T8024] RBP: 00007f2e1ffae090 R08: 0000000000000000 R09: 0000000000000000
[  211.219204][ T8024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.227182][ T8024] R13: 0000000000000000 R14: 00007f2e1f335fa0 R15: 00007ffe92feee78
[  211.235187][ T8024]  </TASK>
[  211.321457][ T5906] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  211.352628][ T5906] usb 1-1: Using ep0 maxpacket: 8
[  211.359458][ T5906] usb 1-1: no configurations
[  211.360293][ T8026] netlink: 8 bytes leftover after parsing attributes in process `syz.2.535'.
[  211.371215][ T5906] usb 1-1: can't read configurations, error -22
[  211.531405][ T5906] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  211.603212][ T5906] usb 1-1: Using ep0 maxpacket: 8
[  211.644800][ T5906] usb 1-1: no configurations
[  211.649436][ T5906] usb 1-1: can't read configurations, error -22
[  211.699301][ T5906] usb usb1-port1: unable to enumerate USB device
[  212.735718][ T8044] netlink: 16 bytes leftover after parsing attributes in process `syz.2.540'.
[  212.775856][ T8044] netlink: 68 bytes leftover after parsing attributes in process `syz.2.540'.
[  215.061487][ T5906] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  215.281462][  T965] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  215.381427][ T5906] usb 2-1: Using ep0 maxpacket: 32
[  215.388152][ T5906] usb 2-1: config 0 has an invalid interface number: 244 but max is 0
[  215.401534][ T5906] usb 2-1: config 0 has no interface number 0
[  215.409684][ T5906] usb 2-1: config 0 interface 244 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  215.420658][ T5906] usb 2-1: config 0 interface 244 has no altsetting 0
[  215.429497][ T5906] usb 2-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=26.9c
[  215.438710][ T5906] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.447232][ T5906] usb 2-1: Product: syz
[  215.452033][ T5906] usb 2-1: Manufacturer: syz
[  215.455025][  T965] usb 6-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  215.456632][ T5906] usb 2-1: SerialNumber: syz
[  215.471637][ T5906] usb 2-1: config 0 descriptor??
[  215.471942][  T965] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.495881][ T5906] snd_usb_toneport 2-1:0.244: Line 6 GuitarPort found
[  215.505853][  T965] usb 6-1: Product: syz
[  215.515633][  T965] usb 6-1: Manufacturer: syz
[  215.520268][  T965] usb 6-1: SerialNumber: syz
[  215.536691][  T965] usb 6-1: config 0 descriptor??
[  215.560319][  T965] i2c-tiny-usb 6-1:0.0: version 6d.cc found at bus 006 address 005
[  215.631412][ T5878] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  215.700326][ T5906] snd_usb_toneport 2-1:0.244: cannot get proper max packet size
[  215.711617][ T5906] snd_usb_toneport 2-1:0.244: Line 6 GuitarPort now disconnected
[  215.724968][ T5906] snd_usb_toneport 2-1:0.244: probe with driver snd_usb_toneport failed with error -22
[  215.784466][ T5878] usb 1-1: config index 0 descriptor too short (expected 64767, got 72)
[  215.800977][ T5878] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  215.811585][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.820155][ T5878] usb 1-1: Product: syz
[  215.828726][ T5878] usb 1-1: Manufacturer: syz
[  215.839575][ T5878] usb 1-1: SerialNumber: syz
[  216.035862][   T29] audit: type=1400 audit(1732205066.209:401): avc:  denied  { ioctl } for  pid=8068 comm="syz.5.547" path="socket:[18008]" dev="sockfs" ino=18008 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  216.181165][ T5906] usb 2-1: USB disconnect, device number 26
[  216.263676][  T965]  (null): failure reading functionality
[  216.275769][ T5878] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  216.289309][  T965] i2c i2c-1: failure reading functionality
[  216.325575][    T9] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  216.342363][  T965] i2c i2c-1: connected i2c-tiny-usb device
[  216.472222][  T965] usb 6-1: USB disconnect, device number 5
[  216.732692][   T52] usb 1-1: USB disconnect, device number 23
[  216.961371][ T5906] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  217.121438][ T5906] usb 2-1: Using ep0 maxpacket: 8
[  217.128531][ T5906] usb 2-1: no configurations
[  217.138829][ T5906] usb 2-1: can't read configurations, error -22
[  217.281344][ T5906] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  217.401329][  T965] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  218.302147][    T9] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  218.310525][    T9] ath9k_htc: Failed to initialize the device
[  218.323376][   T52] usb 1-1: ath9k_htc: USB layer deinitialized
[  218.331265][ T5906] usb 2-1: Using ep0 maxpacket: 8
[  218.338003][ T5906] usb 2-1: no configurations
[  218.343189][ T5906] usb 2-1: can't read configurations, error -22
[  218.354169][ T5906] usb usb2-port1: attempt power cycle
[  218.421547][  T965] usb 3-1: Using ep0 maxpacket: 32
[  218.428296][  T965] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  218.439818][  T965] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  218.503155][  T965] usb 3-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=58.6f
[  218.518999][  T965] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.540280][  T965] usb 3-1: Product: syz
[  218.551333][  T965] usb 3-1: Manufacturer: syz
[  218.555945][  T965] usb 3-1: SerialNumber: syz
[  218.570752][  T965] usb 3-1: config 0 descriptor??
[  218.589065][  T965] keyspan 3-1:0.0: Keyspan 1 port adapter converter detected
[  218.601452][  T965] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 87
[  218.636877][  T965] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 7
[  218.649493][  T965] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81
[  218.751156][ T5906] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  218.822891][ T5906] usb 2-1: Using ep0 maxpacket: 8
[  218.828972][ T5906] usb 2-1: no configurations
[  218.839015][ T5906] usb 2-1: can't read configurations, error -22
[  219.074140][  T965] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2
[  219.114046][  T965] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 85
[  219.135052][  T965] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 5
[  219.146473][  T965] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  219.162401][  T965] usb 3-1: USB disconnect, device number 11
[  219.171548][ T5906] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  219.188565][  T965] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  219.200152][  T965] keyspan 3-1:0.0: device disconnected
[  219.213373][ T5906] usb 2-1: Using ep0 maxpacket: 8
[  219.230362][ T5906] usb 2-1: no configurations
[  219.243798][ T5906] usb 2-1: can't read configurations, error -22
[  219.261468][ T5906] usb usb2-port1: unable to enumerate USB device
[  219.334321][ T8112] macvlan0: entered allmulticast mode
[  219.339945][ T8112] veth1_vlan: entered allmulticast mode
[  219.349789][ T8113] veth1_vlan: left allmulticast mode
[  219.382225][ T8113] macvlan0 (unregistering): left allmulticast mode
[  219.898186][ T8118] vlan3: entered allmulticast mode
[  220.064998][   T29] audit: type=1400 audit(1732205070.239:402): avc:  denied  { write } for  pid=8122 comm="syz.1.567" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  220.087947][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.231550][ T5906] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  220.817067][ T5906] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  220.840381][ T5906] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice= 0.03
[  220.850275][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.879424][ T5906] usb 1-1: config 0 descriptor??
[  220.968121][ T5906] pwc: Askey VC010 type 2 USB webcam detected.
[  221.521797][ T8145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.287126][ T5906] pwc: recv_control_msg error -71 req 02 val 2b00
[  222.294099][ T5906] pwc: recv_control_msg error -71 req 02 val 2700
[  222.300945][ T5906] pwc: recv_control_msg error -71 req 02 val 2c00
[  222.316106][ T5906] pwc: recv_control_msg error -71 req 04 val 1000
[  222.352499][ T5906] pwc: recv_control_msg error -71 req 04 val 1300
[  222.366200][ T5906] pwc: recv_control_msg error -71 req 04 val 1400
[  222.380315][ T5906] pwc: recv_control_msg error -71 req 02 val 2000
[  222.771329][ T5906] pwc: recv_control_msg error -71 req 02 val 2100
[  222.786208][ T5906] pwc: recv_control_msg error -71 req 04 val 1500
[  222.799065][ T5906] pwc: recv_control_msg error -71 req 02 val 2500
[  222.808828][ T5906] pwc: recv_control_msg error -71 req 02 val 2400
[  222.824846][ T5906] pwc: recv_control_msg error -71 req 02 val 2600
[  222.837273][ T5906] pwc: recv_control_msg error -71 req 02 val 2900
[  222.849091][ T5906] pwc: recv_control_msg error -71 req 02 val 2800
[  222.876679][ T5906] pwc: recv_control_msg error -71 req 04 val 1100
[  222.897403][ T5906] pwc: recv_control_msg error -71 req 04 val 1200
[  222.951121][   T29] audit: type=1400 audit(1732205073.119:403): avc:  denied  { bind } for  pid=8163 comm="syz.5.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  223.016711][ T5906] pwc: Registered as video103.
[  223.049799][ T5906] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input10
[  223.100442][ T5906] usb 1-1: USB disconnect, device number 24
[  223.283848][   T29] audit: type=1400 audit(1732205073.459:404): avc:  denied  { getopt } for  pid=8173 comm="syz.3.582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  223.441757][ T5876] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  223.499443][   T29] audit: type=1400 audit(1732205073.669:405): avc:  denied  { nlmsg_write } for  pid=8172 comm="syz.2.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  223.521397][   T25] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  223.591606][ T5906] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[  223.611261][ T5876] usb 2-1: Using ep0 maxpacket: 8
[  223.618042][ T5876] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.646349][ T5876] usb 2-1: config 0 has no interfaces?
[  223.668536][ T5876] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  223.686091][   T25] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  223.699968][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.714252][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.777385][ T5906] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  223.795135][   T25] usb 6-1: Product: syz
[  223.799956][ T5876] usb 2-1: Product: syz
[  223.811507][   T25] usb 6-1: Manufacturer: syz
[  223.816316][ T5906] usb 1-1: config 179 has no interface number 0
[  223.823196][ T5876] usb 2-1: Manufacturer: syz
[  223.827967][   T25] usb 6-1: SerialNumber: syz
[  223.835386][ T5876] usb 2-1: SerialNumber: syz
[  223.841545][ T5906] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  223.861997][ T5876] usb 2-1: config 0 descriptor??
[  223.873951][ T5906] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[  223.886957][   T25] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  223.904734][ T5906] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  223.916999][ T5906] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8
[  223.932309][ T5906] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  223.948071][ T5906] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  223.960133][ T5876] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  223.987105][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.011302][ T8167] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  224.020096][ T8167] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  224.258344][ T8167] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  224.313976][ T5850] usb 1-1: USB disconnect, device number 25
[  224.314076][    C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  224.328549][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  224.337582][    C1] ==================================================================
[  224.345663][    C1] BUG: KASAN: slab-use-after-free in register_lock_class+0x1033/0x1240
[  224.353946][    C1] Read of size 1 at addr ffff888079a2d091 by task syz-executor/5852
[  224.361949][    C1] 
[  224.364286][    C1] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  224.374815][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  224.384894][    C1] Call Trace:
[  224.388184][    C1]  <IRQ>
[  224.391035][    C1]  dump_stack_lvl+0x116/0x1f0
[  224.395747][    C1]  print_report+0xc3/0x620
[  224.400200][    C1]  ? __virt_addr_valid+0x5e/0x590
[  224.405254][    C1]  ? __phys_addr+0xc6/0x150
[  224.409789][    C1]  kasan_report+0xd9/0x110
[  224.414237][    C1]  ? register_lock_class+0x1033/0x1240
[  224.419702][    C1]  ? register_lock_class+0x1033/0x1240
[  224.425162][    C1]  register_lock_class+0x1033/0x1240
[  224.430448][    C1]  ? __pfx_register_lock_class+0x10/0x10
[  224.436080][    C1]  __lock_acquire+0x135/0x3c40
[  224.440842][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  224.446035][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  224.451237][    C1]  lock_acquire.part.0+0x11b/0x380
[  224.456345][    C1]  ? __wake_up+0x1c/0x60
[  224.460587][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  224.466226][    C1]  ? rcu_is_watching+0x12/0xc0
[  224.470995][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  224.476196][    C1]  ? __wake_up+0x1c/0x60
[  224.480430][    C1]  ? lock_acquire+0x2f/0xb0
[  224.484926][    C1]  ? __wake_up+0x1c/0x60
[  224.489161][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[  224.494360][    C1]  ? __wake_up+0x1c/0x60
[  224.498594][    C1]  __wake_up+0x1c/0x60
[  224.502656][    C1]  usb_anchor_resume_wakeups+0xc2/0xe0
[  224.508115][    C1]  __usb_hcd_giveback_urb+0x3b7/0x6e0
[  224.513478][    C1]  usb_hcd_giveback_urb+0x396/0x450
[  224.518668][    C1]  dummy_timer+0x17f0/0x3930
[  224.523252][    C1]  ? hlock_class+0x4e/0x130
[  224.527758][    C1]  ? mark_lock+0xb5/0xc60
[  224.532083][    C1]  ? __pfx_mark_lock+0x10/0x10
[  224.536839][    C1]  ? lock_acquire+0x2f/0xb0
[  224.541335][    C1]  ? find_held_lock+0x2d/0x110
[  224.546103][    C1]  ? __hrtimer_run_queues+0x53d/0xae0
[  224.551469][    C1]  ? __pfx_lock_release+0x10/0x10
[  224.556489][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  224.561421][    C1]  ? mark_held_locks+0x9f/0xe0
[  224.566178][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  224.571983][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  224.576913][    C1]  __hrtimer_run_queues+0x20a/0xae0
[  224.582113][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  224.587828][    C1]  ? read_tsc+0x9/0x20
[  224.591900][    C1]  hrtimer_run_softirq+0x17d/0x350
[  224.597009][    C1]  handle_softirqs+0x213/0x8f0
[  224.601772][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  224.607054][    C1]  __irq_exit_rcu+0x109/0x170
[  224.611727][    C1]  irq_exit_rcu+0x9/0x30
[  224.615965][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  224.621596][    C1]  </IRQ>
[  224.624518][    C1]  <TASK>
[  224.627438][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  224.633417][    C1] RIP: 0010:lock_acquire.part.0+0x155/0x380
[  224.639305][    C1] Code: b8 ff ff ff ff 65 0f c1 05 00 9b 97 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
[  224.658910][    C1] RSP: 0018:ffffc90002db7c00 EFLAGS: 00000206
[  224.664974][    C1] RAX: 0000000000000046 RBX: 1ffff920005b6f81 RCX: ffffffff8169fa6e
[  224.672938][    C1] RDX: 0000000000000001 RSI: ffffffff8b6cdd40 RDI: ffffffff8bd1e340
[  224.680898][    C1] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dca19a
[  224.688858][    C1] R10: ffffffff96e50cd7 R11: 0000000000000000 R12: 0000000000000000
[  224.696819][    C1] R13: ffff88802fe489d8 R14: 0000000000000000 R15: 0000000000000000
[  224.704786][    C1]  ? hlock_class+0x4e/0x130
[  224.709296][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  224.714927][    C1]  ? rcu_is_watching+0x12/0xc0
[  224.719693][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  224.724977][    C1]  ? kernel_clone+0x5bf/0x960
[  224.729657][    C1]  ? lock_acquire+0x2f/0xb0
[  224.734153][    C1]  ? kernel_clone+0x5bf/0x960
[  224.738829][    C1]  _raw_spin_lock+0x2e/0x40
[  224.743335][    C1]  ? kernel_clone+0x5bf/0x960
[  224.748010][    C1]  kernel_clone+0x5bf/0x960
[  224.752514][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  224.757572][    C1]  ? find_held_lock+0x59/0x110
[  224.762343][    C1]  ? find_held_lock+0x2d/0x110
[  224.767111][    C1]  __do_sys_clone+0xba/0x100
[  224.771701][    C1]  ? __pfx___do_sys_clone+0x10/0x10
[  224.776896][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  224.782099][    C1]  ? do_user_addr_fault+0x83d/0x13f0
[  224.787380][    C1]  do_syscall_64+0xcd/0x250
[  224.791885][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.797777][    C1] RIP: 0033:0x7f2e1f175093
[  224.802180][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  224.821782][    C1] RSP: 002b:00007ffe92fef108 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  224.830188][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2e1f175093
[  224.838152][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  224.846114][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  224.854096][    C1] R10: 000055557affb7d0 R11: 0000000000000246 R12: 0000000000000000
[  224.862068][    C1] R13: 0000000000036b82 R14: 0000000000036b5a R15: 00007ffe92fef290
[  224.870045][    C1]  </TASK>
[  224.873059][    C1] 
[  224.875372][    C1] Allocated by task 5906:
[  224.879683][    C1]  kasan_save_stack+0x33/0x60
[  224.884378][    C1]  kasan_save_track+0x14/0x30
[  224.889082][    C1]  __kasan_kmalloc+0xaa/0xb0
[  224.893681][    C1]  xpad_probe+0x27e/0x1f50
[  224.898099][    C1]  usb_probe_interface+0x309/0x9d0
[  224.903207][    C1]  really_probe+0x23e/0xa90
[  224.907713][    C1]  __driver_probe_device+0x1de/0x440
[  224.912995][    C1]  driver_probe_device+0x4c/0x1b0
[  224.918015][    C1]  __device_attach_driver+0x1df/0x310
[  224.923385][    C1]  bus_for_each_drv+0x157/0x1e0
[  224.928226][    C1]  __device_attach+0x1e8/0x4b0
[  224.932988][    C1]  bus_probe_device+0x17f/0x1c0
[  224.937851][    C1]  device_add+0x114b/0x1a70
[  224.942369][    C1]  usb_set_configuration+0x10cb/0x1c50
[  224.947834][    C1]  usb_generic_driver_probe+0xb1/0x110
[  224.953292][    C1]  usb_probe_device+0xec/0x3e0
[  224.958059][    C1]  really_probe+0x23e/0xa90
[  224.962557][    C1]  __driver_probe_device+0x1de/0x440
[  224.967856][    C1]  driver_probe_device+0x4c/0x1b0
[  224.972888][    C1]  __device_attach_driver+0x1df/0x310
[  224.978269][    C1]  bus_for_each_drv+0x157/0x1e0
[  224.983116][    C1]  __device_attach+0x1e8/0x4b0
[  224.987879][    C1]  bus_probe_device+0x17f/0x1c0
[  224.992724][    C1]  device_add+0x114b/0x1a70
[  224.997228][    C1]  usb_new_device+0xd90/0x1a10
[  225.001998][    C1]  hub_event+0x2d9a/0x4e10
[  225.006414][    C1]  process_one_work+0x9c5/0x1ba0
[  225.011345][    C1]  worker_thread+0x6c8/0xf00
[  225.015925][    C1]  kthread+0x2c1/0x3a0
[  225.020009][    C1]  ret_from_fork+0x45/0x80
[  225.024415][    C1]  ret_from_fork_asm+0x1a/0x30
[  225.029183][    C1] 
[  225.031494][    C1] Freed by task 5850:
[  225.035459][    C1]  kasan_save_stack+0x33/0x60
[  225.040153][    C1]  kasan_save_track+0x14/0x30
[  225.044858][    C1]  kasan_save_free_info+0x3b/0x60
[  225.049886][    C1]  __kasan_slab_free+0x51/0x70
[  225.054655][    C1]  kfree+0x14f/0x4b0
[  225.058559][    C1]  xpad_disconnect+0x1cf/0x580
[  225.063331][    C1]  usb_unbind_interface+0x1e8/0x970
[  225.068537][    C1]  device_remove+0x122/0x170
[  225.073134][    C1]  device_release_driver_internal+0x44a/0x610
[  225.079213][    C1]  bus_remove_device+0x22f/0x420
[  225.084152][    C1]  device_del+0x396/0x9f0
[  225.088475][    C1]  usb_disable_device+0x36c/0x7f0
[  225.093500][    C1]  usb_disconnect+0x2e1/0x920
[  225.098178][    C1]  hub_event+0x1da5/0x4e10
[  225.102592][    C1]  process_one_work+0x9c5/0x1ba0
[  225.107521][    C1]  worker_thread+0x6c8/0xf00
[  225.112107][    C1]  kthread+0x2c1/0x3a0
[  225.116172][    C1]  ret_from_fork+0x45/0x80
[  225.120580][    C1]  ret_from_fork_asm+0x1a/0x30
[  225.125347][    C1] 
[  225.127656][    C1] The buggy address belongs to the object at ffff888079a2d000
[  225.127656][    C1]  which belongs to the cache kmalloc-1k of size 1024
[  225.141699][    C1] The buggy address is located 145 bytes inside of
[  225.141699][    C1]  freed 1024-byte region [ffff888079a2d000, ffff888079a2d400)
[  225.155573][    C1] 
[  225.157882][    C1] The buggy address belongs to the physical page:
[  225.164282][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888079a2e000 pfn:0x79a28
[  225.174337][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  225.182825][    C1] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  225.191316][    C1] page_type: f5(slab)
[  225.195292][    C1] raw: 00fff00000000240 ffff88801b041dc0 ffffea0001729410 ffffea0001f24e10
[  225.203870][    C1] raw: ffff888079a2e000 000000000010000f 00000001f5000000 0000000000000000
[  225.212446][    C1] head: 00fff00000000240 ffff88801b041dc0 ffffea0001729410 ffffea0001f24e10
[  225.221113][    C1] head: ffff888079a2e000 000000000010000f 00000001f5000000 0000000000000000
[  225.229774][    C1] head: 00fff00000000003 ffffea0001e68a01 ffffffffffffffff 0000000000000000
[  225.238433][    C1] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  225.247089][    C1] page dumped because: kasan: bad access detected
[  225.253493][    C1] page_owner tracks the page as allocated
[  225.259190][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1152, tgid 1152 (kworker/u8:6), ts 64369104578, free_ts 64365560850
[  225.279950][    C1]  post_alloc_hook+0x2d1/0x350
[  225.284733][    C1]  get_page_from_freelist+0xfce/0x2f80
[  225.290198][    C1]  __alloc_pages_noprof+0x223/0x25a0
[  225.295485][    C1]  alloc_pages_mpol_noprof+0x2c9/0x610
[  225.300941][    C1]  new_slab+0x2c9/0x410
[  225.305094][    C1]  ___slab_alloc+0xdac/0x1880
[  225.309766][    C1]  __slab_alloc.constprop.0+0x56/0xb0
[  225.315135][    C1]  __kmalloc_node_track_caller_noprof+0x355/0x430
[  225.321554][    C1]  kmalloc_reserve+0xef/0x2c0
[  225.326229][    C1]  __alloc_skb+0x164/0x380
[  225.330644][    C1]  inet6_rt_notify+0xf0/0x2c0
[  225.335334][    C1]  fib6_add+0x2524/0x4b50
[  225.339677][    C1]  ip6_ins_rt+0xb6/0x110
[  225.343924][    C1]  __ipv6_ifa_notify+0xafc/0xe20
[  225.348866][    C1]  addrconf_dad_completed+0x19d/0x1060
[  225.354341][    C1]  addrconf_dad_work+0x7fb/0x14d0
[  225.359403][    C1] page last free pid 1152 tgid 1152 stack trace:
[  225.365721][    C1]  free_unref_page+0x661/0x1080
[  225.370571][    C1]  __put_partials+0x14c/0x170
[  225.375245][    C1]  qlist_free_all+0x4e/0x120
[  225.379831][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  225.385308][    C1]  __kasan_slab_alloc+0x69/0x90
[  225.390165][    C1]  kmem_cache_alloc_node_noprof+0x153/0x310
[  225.396058][    C1]  __alloc_skb+0x2b1/0x380
[  225.400471][    C1]  alloc_skb_with_frags+0xe4/0x850
[  225.405577][    C1]  sock_alloc_send_pskb+0x7f1/0x980
[  225.410771][    C1]  mld_newpack.isra.0+0x1ed/0x790
[  225.415785][    C1]  add_grhead+0x299/0x340
[  225.420126][    C1]  add_grec+0x111e/0x1670
[  225.424444][    C1]  mld_send_initial_cr.part.0+0xe2/0x260
[  225.430065][    C1]  ipv6_mc_dad_complete+0x22c/0x2b0
[  225.435257][    C1]  addrconf_dad_completed+0xd40/0x1060
[  225.440715][    C1]  addrconf_dad_work+0x7fb/0x14d0
[  225.445740][    C1] 
[  225.448046][    C1] Memory state around the buggy address:
[  225.453658][    C1]  ffff888079a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  225.461704][    C1]  ffff888079a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  225.469752][    C1] >ffff888079a2d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  225.477797][    C1]                          ^
[  225.482372][    C1]  ffff888079a2d100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  225.490422][    C1]  ffff888079a2d180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  225.498465][    C1] ==================================================================
[  225.506514][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  225.513693][    C1] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  225.524184][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  225.534226][    C1] Call Trace:
[  225.537495][    C1]  <IRQ>
[  225.540327][    C1]  dump_stack_lvl+0x3d/0x1f0
[  225.544926][    C1]  panic+0x71d/0x800
[  225.548825][    C1]  ? __pfx_panic+0x10/0x10
[  225.553257][    C1]  ? rcu_is_watching+0x12/0xc0
[  225.558023][    C1]  ? __pfx_lock_release+0x10/0x10
[  225.563039][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  225.568155][    C1]  check_panic_on_warn+0xab/0xb0
[  225.573095][    C1]  end_report+0x117/0x180
[  225.577428][    C1]  kasan_report+0xe9/0x110
[  225.581852][    C1]  ? register_lock_class+0x1033/0x1240
[  225.587308][    C1]  ? register_lock_class+0x1033/0x1240
[  225.592763][    C1]  register_lock_class+0x1033/0x1240
[  225.598045][    C1]  ? __pfx_register_lock_class+0x10/0x10
[  225.603675][    C1]  __lock_acquire+0x135/0x3c40
[  225.608437][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  225.613634][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  225.618831][    C1]  lock_acquire.part.0+0x11b/0x380
[  225.624021][    C1]  ? __wake_up+0x1c/0x60
[  225.628267][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  225.633935][    C1]  ? rcu_is_watching+0x12/0xc0
[  225.638700][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  225.643901][    C1]  ? __wake_up+0x1c/0x60
[  225.648139][    C1]  ? lock_acquire+0x2f/0xb0
[  225.652634][    C1]  ? __wake_up+0x1c/0x60
[  225.656868][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[  225.662063][    C1]  ? __wake_up+0x1c/0x60
[  225.666302][    C1]  __wake_up+0x1c/0x60
[  225.670401][    C1]  usb_anchor_resume_wakeups+0xc2/0xe0
[  225.675893][    C1]  __usb_hcd_giveback_urb+0x3b7/0x6e0
[  225.681274][    C1]  usb_hcd_giveback_urb+0x396/0x450
[  225.686507][    C1]  dummy_timer+0x17f0/0x3930
[  225.691115][    C1]  ? hlock_class+0x4e/0x130
[  225.695628][    C1]  ? mark_lock+0xb5/0xc60
[  225.699963][    C1]  ? __pfx_mark_lock+0x10/0x10
[  225.704726][    C1]  ? lock_acquire+0x2f/0xb0
[  225.709225][    C1]  ? find_held_lock+0x2d/0x110
[  225.713995][    C1]  ? __hrtimer_run_queues+0x53d/0xae0
[  225.719365][    C1]  ? __pfx_lock_release+0x10/0x10
[  225.724383][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  225.729314][    C1]  ? mark_held_locks+0x9f/0xe0
[  225.734072][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  225.739874][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  225.744804][    C1]  __hrtimer_run_queues+0x20a/0xae0
[  225.750003][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  225.755717][    C1]  ? read_tsc+0x9/0x20
[  225.759790][    C1]  hrtimer_run_softirq+0x17d/0x350
[  225.764901][    C1]  handle_softirqs+0x213/0x8f0
[  225.769687][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  225.774973][    C1]  __irq_exit_rcu+0x109/0x170
[  225.779646][    C1]  irq_exit_rcu+0x9/0x30
[  225.783891][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  225.789527][    C1]  </IRQ>
[  225.792452][    C1]  <TASK>
[  225.795371][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  225.801355][    C1] RIP: 0010:lock_acquire.part.0+0x155/0x380
[  225.807246][    C1] Code: b8 ff ff ff ff 65 0f c1 05 00 9b 97 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
[  225.826850][    C1] RSP: 0018:ffffc90002db7c00 EFLAGS: 00000206
[  225.832912][    C1] RAX: 0000000000000046 RBX: 1ffff920005b6f81 RCX: ffffffff8169fa6e
[  225.840875][    C1] RDX: 0000000000000001 RSI: ffffffff8b6cdd40 RDI: ffffffff8bd1e340
[  225.848838][    C1] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dca19a
[  225.856800][    C1] R10: ffffffff96e50cd7 R11: 0000000000000000 R12: 0000000000000000
[  225.864764][    C1] R13: ffff88802fe489d8 R14: 0000000000000000 R15: 0000000000000000
[  225.872731][    C1]  ? hlock_class+0x4e/0x130
[  225.877243][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  225.882869][    C1]  ? rcu_is_watching+0x12/0xc0
[  225.887637][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  225.892840][    C1]  ? kernel_clone+0x5bf/0x960
[  225.897519][    C1]  ? lock_acquire+0x2f/0xb0
[  225.902015][    C1]  ? kernel_clone+0x5bf/0x960
[  225.906700][    C1]  _raw_spin_lock+0x2e/0x40
[  225.911204][    C1]  ? kernel_clone+0x5bf/0x960
[  225.915885][    C1]  kernel_clone+0x5bf/0x960
[  225.920475][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  225.925502][    C1]  ? find_held_lock+0x59/0x110
[  225.930266][    C1]  ? find_held_lock+0x2d/0x110
[  225.935029][    C1]  __do_sys_clone+0xba/0x100
[  225.939617][    C1]  ? __pfx___do_sys_clone+0x10/0x10
[  225.944816][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  225.950026][    C1]  ? do_user_addr_fault+0x83d/0x13f0
[  225.955304][    C1]  do_syscall_64+0xcd/0x250
[  225.959813][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.965707][    C1] RIP: 0033:0x7f2e1f175093
[  225.970115][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  225.989722][    C1] RSP: 002b:00007ffe92fef108 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  225.998133][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2e1f175093
[  226.006103][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  226.014068][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  226.022029][    C1] R10: 000055557affb7d0 R11: 0000000000000246 R12: 0000000000000000
[  226.029990][    C1] R13: 0000000000036b82 R14: 0000000000036b5a R15: 00007ffe92fef290
[  226.037958][    C1]  </TASK>
[  226.041161][    C1] Kernel Offset: disabled
[  226.045494][    C1] Rebooting in 86400 seconds..