last executing test programs:

9m15.856083651s ago: executing program 1 (id=177):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000040))
r1 = socket$inet6_sctp(0xa, 0x1, 0x84) (async)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000080)={0x1, [<r2=>0x0]}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={r2, 0x10000}, 0x8) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000140)={r2, 0x4, 0x322}, 0x8) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r5, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x10000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000004) (async)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r4)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r6, 0x200, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008094}, 0x4000000) (async)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000440), r4)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r4, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x74, r7, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x30, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x80}]}, 0x74}}, 0x0) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r8) (async)
r9 = openat$cgroup(r0, &(0x7f00000005c0)='syz0\x00', 0x200002, 0x0)
r10 = openat$cgroup_ro(r9, &(0x7f0000000600)='blkio.bfq.empty_time\x00', 0x0, 0x0)
fadvise64(r4, 0x8, 0x3, 0x0) (async)
ioctl$DMA_HEAP_IOCTL_ALLOC(r10, 0xc0184800, &(0x7f0000000640)={0x4, <r11=>r10, 0x2})
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) (async)
getsockopt$inet_IP_IPSEC_POLICY(r11, 0x0, 0x10, &(0x7f0000000840)={{{@in6=@mcast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@private0}, 0x0, @in=@local}}, &(0x7f0000000940)=0xe8) (async)
fstat(r8, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}) (async)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000b80)={<r14=>0x0}, &(0x7f0000000bc0)=0xc) (async)
fstat(r11, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, <r15=>0x0}) (async)
fcntl$getownex(r0, 0x10, &(0x7f0000000c80)={0x0, <r16=>0x0})
r17 = geteuid()
r18 = socket$tipc(0x1e, 0x2, 0x0)
r19 = syz_clone(0x80, &(0x7f0000000cc0)="535e7b1f00aa8f34ca0f0b287fe0547a022dccbca708336c6e6a5829a4c893e4bfdc49ef4c06520302f3b5f73aaa477da928ea6291f7da214ecd3603a02f8d82cbdcc429c303c839a87ee184206150a26cbf767f2067175703fb4a96ebf194f8ccb6653fdffe729126b8406a9d49c6346201", 0x72, &(0x7f0000000d40), &(0x7f0000000d80), &(0x7f0000000dc0)="e67d7f4b590f2faf388df280ed53cff2eacd4f5e67ae27684868428e36741ab91cb24244729c1a8607c31cfd692aa9da23a27f5ea59ba188e786100c74ce3d2e40ca4c8faba46f228359c8376fc4c4c657a47614ad375813b10823cc1f")
sendmmsg$unix(r11, &(0x7f0000001440)=[{{&(0x7f0000000680)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000700)="4181057a4947c6025bd624508343ace60ae0d0b11be16c5cab59f33b85e12a92643d831ae70103d79f5e854677441524df1287169ac9387d07f5c6fd8b78a6329d8c5ed3bab2df71bba9fe3d694f1d87686295208d5abea88819e536dbc483eec8db0474094fb7664520698dcaa683fd6217cb39dc1d33f03d65fca7bbef0c489977f045534de2092bdc48cd57ef2c682af7679d7d8f6000c9ffc57d141c2dc7dbf59914289ae7945250b5ead2f591092454406777776bc306cd5a7fe218622656f90031a965e4c6eecf3783e3fb1f3f68a1a651b88757a749b5195400af3d7b4ca9e8378d7c35a9ee2cba5fdda6322d4f6023d4a1162af1c2", 0xf9}], 0x1, &(0x7f0000000a00)=[@cred={{0x1c, 0x1, 0x2, {0x0, r12, r13}}}], 0x20, 0x50}}, {{&(0x7f0000000a40)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000b40)=[{&(0x7f0000000ac0)="2934a223cd828f80a44b615c9360b92fc5eee520e2d4660e75085f1d69def47489ce916f0eef26252c54a08884b0749003acf0277e1bd61713a8b8862a06e875e76e607458e0d26a9665e8d3da3aea7906c02388cc893f7622c921d31e0fab110d4626ab71d20260ec53b8ef5149cb976f", 0x71}], 0x1, &(0x7f0000001340)=[@cred={{0x1c, 0x1, 0x2, {r14, r15}}}, @cred={{0x1c, 0x1, 0x2, {r16, r17, 0xffffffffffffffff}}}, @rights={{0x38, 0x1, 0x1, [r9, r8, r11, r3, r10, r8, r8, r10, r4, r18]}}, @rights={{0x24, 0x1, 0x1, [r10, r1, r10, r10, r8]}}, @cred={{0x1c, 0x1, 0x2, {r19}}}, @rights={{0x38, 0x1, 0x1, [r4, 0xffffffffffffffff, r11, 0xffffffffffffffff, r4, r0, r1, r3, r9, 0xffffffffffffffff]}}], 0xf8, 0x20040000}}], 0x2, 0x20000000)

9m15.515263859s ago: executing program 1 (id=180):
r0 = socket$inet(0x2, 0x2, 0x0)
accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1c0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x318, 0x20a, 0x278, 0x318, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2, 0x4}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB="0c000280060001"], 0x24}}, 0x4004000)

9m15.385157864s ago: executing program 1 (id=181):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'veth0_to_batadv\x00', 0x1})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
accept(r2, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x850}, 0x0)
r6 = syz_io_uring_setup(0x5c2, &(0x7f00000002c0)={0x0, 0x0, 0x80, 0x3, 0x3d9}, 0x0, &(0x7f0000000700))
r7 = creat(0x0, 0xd931d3864d39dcca)
ioctl$KVM_SET_PIT2(r7, 0x4070aea0, 0x0)
io_uring_enter(r6, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, 0x0, 0x0)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r8, &(0x7f0000000400)={0x5, 0x10, 0xfa00, {&(0x7f00000001c0)}}, 0x18)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x25, &(0x7f0000000080)={@multicast1, @local}, 0xc)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)

9m12.548002606s ago: executing program 1 (id=188):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0xc8, 0x1, 0x4, 0x2, 0x1, 0x1, 0xff, 0x5, 0x0, 0xe, 0x9, 0xa, 0x2, 0xd, 0x5}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x2, 0x7, 0x0, 0x180, 0x7, 0x0, 0xf1, 0x0, 0x8000000000000, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0xbd9], 0x1, 0x3c4210})
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x8000000, 0x50)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) (async)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801) (async)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20000, 0x0) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0xc8, 0x1, 0x4, 0x2, 0x1, 0x1, 0xff, 0x5, 0x0, 0xe, 0x9, 0xa, 0x2, 0xd, 0x5}}) (async)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x2, 0x7, 0x0, 0x180, 0x7, 0x0, 0xf1, 0x0, 0x8000000000000, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0xbd9], 0x1, 0x3c4210}) (async)
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x8000000, 0x50) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)

9m11.84759047s ago: executing program 1 (id=192):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
r1 = fsopen(&(0x7f0000000200)='iso9660\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
lstat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$TUNSETGROUP(r2, 0x400454ce, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x3, 0xfff, 0x0, 0xb49, 0xc, 0x8, 0x0, 0x3}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)='T', 0x1, 0x8910, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000340)='@&--)]]\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000004c0)='5', 0x2b}], 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000380)=@ethtool_drvinfo={0x3, "a4c3eabfbc4a051fc8f66eedf1c6676b4e9ac471123ee41b102a78284f881840", "c493c69907ac61ee57f3ff6656218f8c880cab0b7f5f977f29b54144914986b5", "7795433781033bb967429b7c68c2566066943f3a566d7fd05557583a535a3b9e", "cba936683f411a1265d9ffb369dbe16de72fd8ee91c60f531196c136add25f43", "3fda464b4ffcb83f5c89e20fe8814b4e26bb81519905d65c5a0ae43be09d9f7b", "9906605a099270427859ce54", 0x43dd5e67, 0x9, 0x4, 0x5, 0xfffffffe}})
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0x6}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
writev(r0, &(0x7f0000000100)=[{&(0x7f00000000c0)="a4f350090000000000c064d0cd56e30000", 0x11}], 0x1)

9m11.404128457s ago: executing program 1 (id=196):
syz_io_uring_setup(0x3a7d, &(0x7f0000000080)={0x0, 0x20000000, 0x20, 0x0, 0x362}, &(0x7f0000000200), &(0x7f00000002c0))
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$kcm(0x2, 0x1000000000000002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
memfd_secret(0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x4, 0x0, 0xac, 0x80000000, 0x38, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x0, 0x0, 0x80}})
io_uring_setup(0x115e, &(0x7f0000000000)={0x0, 0x8ade, 0x10406, 0x3, 0x177})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
r1 = socket$inet6(0xa, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'virt_wifi0\x00'})
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x27, 0x0, 0x21002000, 0x66d, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40, 0xfffffffa}}, 0x50)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000840)={0x0}, 0x1, 0x0, 0x0, 0x24048000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x2, 0x0, 0x0)
syz_io_uring_setup(0x5d6f, &(0x7f0000000140)={0x0, 0x1b32, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

9m10.211853885s ago: executing program 32 (id=196):
syz_io_uring_setup(0x3a7d, &(0x7f0000000080)={0x0, 0x20000000, 0x20, 0x0, 0x362}, &(0x7f0000000200), &(0x7f00000002c0))
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$kcm(0x2, 0x1000000000000002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
memfd_secret(0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x4, 0x0, 0xac, 0x80000000, 0x38, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x0, 0x0, 0x80}})
io_uring_setup(0x115e, &(0x7f0000000000)={0x0, 0x8ade, 0x10406, 0x3, 0x177})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
r1 = socket$inet6(0xa, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'virt_wifi0\x00'})
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x27, 0x0, 0x21002000, 0x66d, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40, 0xfffffffa}}, 0x50)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000840)={0x0}, 0x1, 0x0, 0x0, 0x24048000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x2, 0x0, 0x0)
syz_io_uring_setup(0x5d6f, &(0x7f0000000140)={0x0, 0x1b32, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

8m43.540005577s ago: executing program 3 (id=268):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x7, @mcast1}, r1}}, 0x48)
r2 = syz_io_uring_setup(0x2cea, &(0x7f0000000200)={0x0, 0xb730, 0x20, 0x3, 0x74}, &(0x7f00000000c0), &(0x7f0000000280))
r3 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x10fa, 0x100, 0x0, 0xffffffe, 0x0, r2}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)
setitimer(0x2, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
getitimer(0x2, &(0x7f0000000400))
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x2982, 0x0)
ioctl$TCFLSH(r6, 0x540b, 0x2)

8m43.020059125s ago: executing program 3 (id=271):
socket$alg(0x26, 0x5, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/crash_elfcorehdr_size', 0x8201, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000044d564b0000000005"])
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
modify_ldt$write2(0x11, &(0x7f0000000040), 0x10)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x80000)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0xb4001, 0x0)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r4, 0xc0844123, &(0x7f0000000000))
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f00000000c0)={{@my=0x0, 0xfffffffd}, 0x1})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r5, 0x7a6, &(0x7f0000004440)={0x100003, 0x20000000008, 0x100000000006, 0x7ff, 0x80008, 0x200d0})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x639cea306a9e12d0}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r8, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040800}, 0x800)
r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000002c0)={0x8, 0x3000, 0xc9aff64d24a427ff, r9, 0x6})
setsockopt$inet6_int(r6, 0x29, 0x1a, &(0x7f0000000040)=0x3, 0x4)
syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x1000000, &(0x7f0000000300)="cc729c4e1cace04044ad65e689ef28156184806584141ab088d072e644c521c57c7fcffce845b84290da3c95244c11366d0e249446a2b802615cd7fe672df136ab", 0x41, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="fd171db9ab9fb194f1122910b2290669114470add0eab4a71f37b4e9330bbccb4e8185784c38a9a67e7fca258fabd0dc292d64d07d000184b070c68b3228fc3004f9")

8m40.030292667s ago: executing program 3 (id=279):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x10, 0x8c}}, 0x24, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000140)={0x84, &(0x7f0000000000)={0x20, 0x16, 0x3, "58cb02"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)

8m37.399577862s ago: executing program 3 (id=284):
getresgid(&(0x7f0000000080), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_int(r0, 0x1, 0x9, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x20000, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}})
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="54000000090801020000000000000000050000000900020073797a320000000024000880100007800c00fa400000000000000001100007800a00bb0000080009400000085e050001000700d0a8"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x20000051)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

8m36.956898804s ago: executing program 3 (id=287):
syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xfffffffffffffffe, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200))
pwritev(r0, 0x0, 0x0, 0xfffffffc, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
openat$ppp(0xffffffffffffff9c, 0x0, 0x800000, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000880)}}], 0x2, 0x10014)
munmap(&(0x7f0000373000/0x3000)=nil, 0x3000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={<r3=>0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

8m36.582994137s ago: executing program 3 (id=291):
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000480), 0x4)
recvmmsg(r3, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000a40)=""/188, 0xbc}], 0x1, &(0x7f0000000280)=""/98, 0x62}}], 0x1, 0x2180, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000000000000000000000feffffff00"/144]}, 0x108)
syz_usb_connect(0x0, 0x24, &(0x7f0000000e40)={{0x12, 0x1, 0x0, 0x12, 0x4c, 0x25, 0x20, 0x17cc, 0x1020, 0xb4bf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x53, 0xd9, 0x45}}]}}]}}, 0x0)

8m36.098402306s ago: executing program 33 (id=291):
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000480), 0x4)
recvmmsg(r3, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000a40)=""/188, 0xbc}], 0x1, &(0x7f0000000280)=""/98, 0x62}}], 0x1, 0x2180, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000000000000000000000feffffff00"/144]}, 0x108)
syz_usb_connect(0x0, 0x24, &(0x7f0000000e40)={{0x12, 0x1, 0x0, 0x12, 0x4c, 0x25, 0x20, 0x17cc, 0x1020, 0xb4bf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x53, 0xd9, 0x45}}]}}]}}, 0x0)

9.295768158s ago: executing program 6 (id=1968):
r0 = creat(&(0x7f0000019080)='./file0\x00', 0xecf86c37d530494c)
close(r0)
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r2, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x200000)

8.876653186s ago: executing program 6 (id=1969):
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8)
read(r2, &(0x7f00000002c0)=""/199, 0xc7)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
creat(0x0, 0x20)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008280)="cab1f92d585917232bcfa47f91900c936355a83b5a41f6f43bd8b0d1a1e13674b6a8596a8376e6851e0b96decd071d92ce4887ddad2b82183858d82c7d11948024607d92ec0f1c23a4e755f29fa557d1353a3ced680f530e822eed64b4d1aaf20d1320f3583cadb9dfde95993487f96bc290dc10cfccc5ec8ea864590fc1678b79b0a36c9668b27ae142d22c305496881af0d0546076ec21e31bdab2465010e779e7140036d2b12f59b971792cfed8d07f0b8ae13ee944268f573ec11c1b14d53880a64fd2fdbe981f4d9af8863191efc03a39d5a3f19badf65dd49443297b38bf0c009eafad5879cb78e63b00e961de7d7180941f0d1e87a2635294bcb4619e9d84be1816784325d23fcb9c66388b586c8e719f3edfa2aa37cc3f6511add854c10fe546d1c11f11eeaff24cecc0d47ec8fd336ec08470f06227e4a9410074a3d715eb6a697b04bdfeda0b6753d880d012ef8fada7f4ed649ca214609e31cace9a33937813012e4c1b787d8f71ce9b495a69e5c8810ff9954b7b96743dcdd7e52ebbf526f339d3c8ad2550326d3a396de5ac90787b352feabe013c4044ca813344c97f836851d6daf2de3a8b07a61d1052bd302a641706af7629a042dc2f0374671b287f1325763e1818beba9f7cab9e25d6f8749f7dea4c5ef684723d33938aca32e19b1c6a6237d899fb397e9023764b3f4d6399885533a802e4d3ca76f2e0234ed6d7257f8cebddc900af88cc21ee2816513045e92f71fc8523894d684678f17b5fdb4adeda98fc019c0ba05efeffeff3bbda1d6d84a98002a74237cb8d13cb30d8a9a7e47e4da8273a47df4e6ea53036b5b154b9597e6eb00fcad29ed04a820b1ce807bf1818344122a6f0aac52d24426feeba0af56925cb4a1e70a84251f2b4d4693e689518a0e159647b5b60a62db699a25275520c208652ce4401bb5dcd633e7c889758d3d213f4dbe69c9bb76e80b6e892bb5f5809e042ee5cb1982a2373b1886711d1e68d0bc3d4c9d69ac605432bf84cd81104e77c71cd7c0708244fc9428edd52f8cc8f3023b4c6d3bbad7a9b874111098c4652b34c428a8f789c5e5f3f84354ab7afec1a7b11d2a34771ebad2f15c169a61b431c8a1cca9ca1596fce65242d03814ebf977da9bbde5707b22b5002cce68bd0f6d196df341c96bd0cf0916b8775e75021663ea82c99a90b844cc5f8b6c56b21b1fbbbf6fb40ed0c29ee4ecc2998df2cbe3a4d75025ef73dd9f3aa5bc7aa694fe573a73453c9ff873d0a8840afd91be319181836de45260b4e252394edae58f840858a9b64f0ff37bb1820031e563250e62ceea5a7c4d2cd4d5d10e57176fcf576e774920db06b36ea02f9cae9c1087bd1866fb4bcf7fbf393093b339860a61c61248000a2a1bbc982fa691e311fa1bf2a38afdf08b574eed0df42bdc30c3db7cdcb71687f48070077f91fef93e8e47e248d3e53e8a79fcb5a8f8aa39b3bfa2dd88d5c5840d517ae8c132d423a37a8be3301d62a99753bc72f674205a11850e045430abbdc4e68223a93c76d6d2f1d646af10a15705793e2fc5a532af3dda88f52063a091f1f79cd5a5b23ea7742b149eab1aa43c21c2f15227a1f94b5580adbb1e1c49ade49d6e8b838cff43aa2426651817f479252c8ef7af9e4a5ad33839be6c15b50016c59f13c26cfca796cfc01207acc69e9d3952f6e71c975bc77d5a001f6f6c044770f54d86a4518a4898e3136988d643dd2ded07859f0b4d4de2a2d461ba5e05cff49eda86772799b2e7947fdbb89fc5b0347e87f1b9dbb94842cc1457d07f3e0c41342510f5ccb551cdf0fcac1a758041bff75812de1b2abf341ed5f667c9b0581d2c33e0b17f1b46c2287399c62252edb9c1cf2b80b7a1b4c3c903aa4cf5332a2998b9072f61f589ae5df1168f8d18e98fce2bec1d5d876f9757017b73495a4e8f4f2423cde8875aa8c95a9ce180cac6690657b8a70e5541d5ef46575cd74e063759fe4889f4d9737a6c9732f8b7f7836508814093b9bdac5733938e761b3642910d4df0b646c1b9583a502246988e9ab78de3d011e8590e48eadfcdb70c8aad6dfbe1dbd3ef20d9ba393db4e6cf91e3bb4e84883c60dc20ed974a5decde12d3c5a1c9a00999f8eefc244465f518425820b9713cbfc6027f427b9cd8756edec5b3a0301a01ebb12c6d412ee3422aeb8b291619f62f4ce41511156f73e54b5097051ea777af7cb73b36e1274ce1a3892007466cc793eb0515b8984acb99c04c7eaa51e175bd73d99bc0c67c8ea84d808a7906a6ad330ba2c9651b2ab82d0781a969873dcddb068c15b7899fd560a1c3d44b34e81cce079c46fd86522052659e2c3151c79a8ccab1dfcdb91f53ca067ea1b2aa507278e4166e817eb0d7dea67cde1598a1bdb76a8caf82add2b43fdd10bf80b0d2f32365849c425d6ac3d2d88a76378d23961eb96c8422e785ea61f33e4daec02393d51f44b177755749fe84b43f5246d20177800af05752af524265f34f62bd5167fa647d2118aa905a1af53f07e7447bee29675cc23f547339af140c0818aa974ca16da33e767d508e4f56726c7076acce57a9957d08348ef84a39188e800ca44682fccaa9ee1b42e1aaf7738dced1dce3ef2dadfcba2863f36b5f8080ed22539b5176bc2c57e52e4cfde659c1ce9e179c79f85d60ca51c7453dad593190b19a1be8f5c5b0249d70079f10f9d0f07f25a98bd95e6e6f71101842b55347ee008d58522e8f7598c1636c58fd20984a6bb17fd47e7db4bc72854054e7900cac4174cf0b4eda2406842955fd8a2ba00ea4d490dbbab02d659cea4c449d9ee37c8f35daa4740b3273693ee2c1b00965a79d18ad98ae92bf2e1ea84ff1e6181937d38765cb353c6223ead1257d88a8844cb0be17aecc2dd56b78dcd6e2999fe695db248dd68275a5ad0f223a4629b17a040a766b2bd2376d77a422375de14a3daaf4fee92f23ca831452826bc66d0cee2049acbde07bdbb6ce228147f9ed4f9437301e8ca9e1ace0684700e9623a1534212d4c557712a3196d86c86077e97172d7e89436e95e1d7e7629d5bc908e346e504839498890210ca15bea51bb2840f1275d36b99490ff0706aa3ca9e89f33fd99df863acc3bca504c15501ba9d987999ee118f47b7737d2dfe73ab257d680f983da1f5fd5975491ad966989f7b15e76e4e6b1a2987801adb3b7cd4cb1d2c9d0454429c2955643c8fb82ccf8e93051cc10081f8181af0d143deee686f67ec42db1e9914ed047e4bf0006af01028e3839451fa3e17d33586022c63cafaf6d0fc773c96143473316988d32f9943d7477604a27ae4b8a7093bee2cefe10cc02109c748d0676692a2411e5c3b4c4c1b9ac7f9b71a1a7126dacf4615e8c9c3d38f536e8b32e37f406b3dc44db80a00d6e423deec869edb32a411986be1517b6ea45e1f984a6fbd08edb25a305122fe5a90cc46af48ebc36433a1f27f43d85492ea60fd2f43125e7328da93f7aad97f97910112fed7ae7b1785822356a525df1f3ab4637b68d92ecd8d7f234973c686fb11821bb1de5f8459b57892f1dae08aae1924ee60a904d7be6e6611ec3d00002152ab7e0c29c7bf124dbec9a6eff25e619d89c27d187e3ffff63c996c33f4b7e967b607f36a8ac8dba6beb43395c9c9b2e3e36de29b07f9c2d60cdfd1d02813d4e508c56b99405b752758a01cc25bb5436ea1efd52c536fa1d2fb1cd9b1ee006d42b58600be2c1aba59c480cb6e9224d7a4df920598950634033087d3e356f35cd2f8b021d30f4ba79bc60eb6715c6c9bed84648552395cffa97c8cdb8f562f8f127f0e6f86dc61fab11ff782560d88cf2872d0e07a27f38120a0831a93c377298c2ed4fe180eb078422e5f030540fd21ebd414e6c42f1fa5491b5b8fdcada476376732edbfd66e10a475e2c0a43ccf6a41f7879f4577e987695d8d5097f6920fbe2b9ac2cb424de7afded1b5b7db89f3612c487770d58a7bb7517f1fa7a98ff6db3778d40c5f36b27d233a0c18587220f900f4a8e867e33e24c1981acb3445de995132d8fcc58f79ddb1475ba69c464071e95c0707c396c0b1b710cceb51efba5f30a271cd456d5f7216d90b412156ecb01dd41f15ac31980649c5eabc7fbb085a38318d43b0683cba055deb9dde4dc4584935473508837c1023993d50b434b311f126df6a0be0653b97a97bbc9b165098dac8dfd6ed6f033ccf7b32cfa3292296222aebfaec4dcd5066b66be45696067dfab907e2984f1bb6067c170e0617e245c9c09a85a061c4b7e2873ce0571b48d557007d5c7ddf5cc2ffa533e2a3975f3687a6d08a09dc1d285cfed129ec887d70bb5aded429b676c242d57c8f36721bf5732b1f25eced0ffedba7254486c9caab3fb3e0ad3b2dc332a06dadd39e5483a314b1d3086cc198b6b6b272fb56e35e0388b1dcddd484fde0ef9d855ca7bd98ebf0f686cec7d5e37f7b5dffbe4ab28c4422adbaef0c45649b0b830dfff90bbea3b7103ea9dd87d856ba7c5bb485319eecc71acc943c733f489ad72e13b1b232cd1eb4ce87917daad4b0405c9905f7a35501c75332d9acb36057715a6abd0958061fda860c00000000bc9aeac4f47acd022927c381012150fed83a99c2d7b268ff2e1c8d162d3feae2c5bdee747aa10566a94f13d4e1a00a4043bd179310e72ec8e4c68659be77907bba82fc416a72c0d2076821f77e8afdbeac769195a01515ab45ba73ec85a2f8a52146dbbc8d585def095aef4e4491362b596a84d2e9fd0131de2c72b71c4bd239146011eaa209957b2bb3f74bf2f42a17440749688d66a18a9d4a7d1e2bbb34dbb2a45460e69a1ec43467665c59438d35fe9b04a94e408ec4bcf7ba1a25bfc287d6189b65711904be9860f8a68d1bab99eed54890f963caef1fa0179224b650f090f67dca59f1241c2a25bc921d522f61e57d2bad88c057d3f7729499a0391fca3a62b27cc0a9b976da3eef333d88ad128ea757697ffdd50633b66b73ea3ddb565bc3d8780f9c0bb2347551969aaa500e7c030da2a92eb3f78d88b91eb547dba2e9be7ab2aa617f0890c39c73c8c2b35ff7ec529f6b8d08e3fcf2630e454bdb6474185ae72ba69310654c9c0b3ba158fe223954e1d46f9d27b0a4e090b0084918b2964bdcee31d258325b89ef96790ed1df4842b482023f1d22fb3e01280f1c8616153035f10bd65de57c1fa7d5a17e77b12e348bd3019092ef548c5249694168dd24df8a7318eccd779da4f547e9f162f484eb3ab9f5bd196f6b68656725d2624b61d09f73586753a1fb7eeb1721973f8e15522487f1dd1412b0f4846801d1abbfe53b755f15047981b162a1de04d52b4d4762ac877e4d718619e8cdba16df688fe95bdc9a1ee99c21004ba7e72985752d89d6892a4169296703fde314457f014ed89c129a4c83b5bee0bb93cb69a83313442837bc03679ee317cf8d1b908b70fae1b1461a398f310ac073642f954ab39e0eda329a94a5c12cf262ca4a25831dbc10aecf83d9d54776c379c230bb488cd6c9295bc31cfab61eb9b5486726f5c854db8aad2642d4468643f3bc8b25cdc9fda7aad04b06b61b185868a44acd46a0bd8debc1e431f19aeddfa3d0e480949bd361f6c988744acafae954c140192306c3066e8e434f70e8cd67b65a59923d166a95ca5e0515e2059e1f1aa9a74bfd49e4e37638bfa6b6117b790c4ec7f536d046c38f8ab6eedac1713bcb8860a18cac43e9add3c68c3ce5d17fbf76e966afcd3ed7795540650e093d39926f5e3719156baa54307b4f5e934f24951b3644a7657e798525d3f1207b28527a5bcdeb33e296c6c0e9e1757941ddd24a0d15c9a21918514a3143ef3fc2e775345ea10aeba6767686e9cfa646da377e88fd759a33ff20c9b258fd37d063d02fe22f090c5e324b507cd3bc42248a7abb2c7d0b1b85ecb5a67bf53a2f25d139ea523808678942e1588fd677df161b67b563a446a2cc69d9126fbf308258a13fcd6f53d92d9947311e3de4fa5acd7c2684d9eb3b4feb024e05bbf090836d92e30b68df6a7619542c9acbbb69dc73c781bdc7ef4b25c2af77186f493a5038a56508cc56b7085e13f4264e02a2a3bb515e15301371520481302f2367c883a5ac503ae4269cbbc8fb2f0f77ecaea7b8af04bc24aa90f677a72bbecfdb225864714344a8fd1c07ef664abaefe53bd76ba12c8bf45860a316812af87348682ee7005ac6a00523f4313102742ee5502d8c61c3321d1b872780192f4d00b12b38d0aedd34619c42f49b81d7bddc4ca481ed8f448bc3ad98b13f7176748838d623e007a24948480e978b80ce67ec952eca613091ad4f81cd521b2851bb8b2a6b1da0420eca80aecac9c0887988e1f29906c9ce65b990a00f22ba6f115a7a0001f511ec35dbcd401130173fded8b2e23365caf3d6d7c8f404383f16fcd76b17c220f88c1fe96211bd92c5803c63d9537a2ceb258508d9b1d74ca43174eaefd677ed6db63bb3d7712c9558c7879fbe67b7396c721407953db9dad13291f96d7d0290ad56cf1f65ccf58d3f5b8ba1f78f81d86ae0ea50926ff352d73629da44a6d31598dcdcf81355faed4f5a6ad8cc39d4a414b97f193c896bd3c270097cc96e4a5e36ca9a56a27c52a03decc4837d7b008acc1fd2724f97e0e9591afb5de3af3ec5fc16e1bee79098cc94d638375d69ae5065bedaed575e11b1b0a4d1189830856e8d48a6c50bf18cb9f8919fd8a55ad0b2f7d8c096c7f549fec8e1522be0de2a69699afe47e899ac6d5405c08e2e374326808ba76259d85b971dcce55aceed11583603dd280fd15c8e7b206e8bade3f6d83c6041838ea8b489fb9f92ab220ad5d3cd2af3f45cb2df7094d550b2cfea314469943a159e12c01897a7cc42904eeb24cc507e7ce7ffb4d22efdcd5cb5d75975582e14960fb0f2b83cb774faea32dfba7ed0e8b6a749785166cb5c77dde7498f67f7f20d0b85a7fe6e7f8a8e3f95bd795165f36440d84434cef17f81697816030e3a86bf003272ca4868ab935fa0d465fb10637a706c9fd04fa4d4eb421e87aa6628a1d6174833af4dbfceab7fc5989550c0847bf27a5243e3b318fffde95d11cf507bc4e092180dd228df9f89d193a160d50c223309eae580a09f2e78855f17f8ad25c1f5814becdfca7948c7045b242e22d5efab676fe717eb34d2f0fcb77289c8b12caadd2377b7ccdcfab61900971b4a2ac132587174117428739ebb109fa133e483956bd499dfa530cbb3d1df42309f6f0755b043d85776807f25c3b4b518a2274671eb38f3e82ad4397377f85201771877a7cc43b838791a4d4d655ecadf03d8c1687e961c83dbb64c4d54d4b745a3abca7e381a00c6f51f48f6f7ce29ec656d89a1fab216675febedfe6b08c35add5aeb8cf6c0b226d309a222e1783e45e560f6ea64bf7706787f199116341f874321b52b1135830ab8979ae5546aad4ecfdac0045d4d15b4ed2fe26e484793db6aa61d40333355fa96ac5d1b8a5b5fc033475cba14f344007bfd82deb64b5c2eda6c0d528e4de0c21802d6b27554c0e2090f2c4ebd19208ce904cc02756b44bb2f8ebc1d37961c0957a4815487cbf76fdbe1f2b77b563a5663a00952c92579399f7acc1d41d9289ea0345f02f6f760ced802c8e0b14760a43dd04e6c371ceab9f5cb3617cd7ab31457b6821c6a4f34b243fba61f5c553e58ca253d5723382cf5d3f8357347ee2af2d48d86367f993e4b80b849dd3f50b2a89338af97e11b9a796ae2548856cce01334bca0c558e160f16e74699c7eaefd699acdf4d5019bf70f2d9c083f62b5254262f05c01dba59b1779502d3ad310a3039447d730a2cebb1242331a9849921c07336e985a844c55ce6129a650b3fd7cbda52a0cfdf0ef566f24adb8c959e442e9d5663fa16561b185cfb18355863d9b9f91c3829c4b0ba580668402a7a100fcd4a4e901b660863a9537f46e4f36446945e8f62e53e8282ccd7cfe14fca161d7daf592188eb2e11e275f616f4e692db8f318e8fb635d1a2582a3c8ad3050995f4cd810c04b23aaa6b26a2276133b443280f0526c9b1c016a7fdc052eff91d167b2813ec4f868c2da5fd9568da148e0ced0229f415716c1caddba880efa2017a82829125e734b96333da0b15340c149b50be86e3017bdaae3d80ae51c35df37e67684e81b5933cc7bfbe7ef0486d57e3901f9ae3eb1d592eb3fc244ce6555d3d69922dd3dcefecbba207fcbd5144a5ff97bf2216c046348a633284db59c10662350c7484ced762f353cd01a971c88d0eabb68eef856d585e8f5a684dc948b094754362ba8d606f85a755a27895ff5b6b4ea0387574afdf362a43b5535a2838b3f00f24612b9ae47e95f15d8b828efe56152d77871cfda0e0ff9936db3fe9c49f0d0f5ef9b71b81efd2e92d0166a4970254950a51235b66866d5402740adaa584e892572a6f46714704660cfbcaa56cc27cb538a908d1ee2fc7adaa674ce7a717f6e0481a2374f768fa3df8368bf4281bce6f9777f958f36502908d7c921ba745d0cc16b8a9a67f15c26d4b005788b1e90b19cc13f3e925fc14ef31d624c7500710d8f80e5bd4b14dd6bf70c210db6077c69d2d1751fe999442502d3542be12b732e3793e6c5e5c33a15a792ea344b0ed0be1ebb1d4e896e3e62d8d85afad2ae134dabc4f0d3fc719c6245d3bfafa42f0cdc9c0d5c4ba5c20b9da975bfd2f211bee8589ce1dc9652c2c3cee2a5e8a00049e42afe4403a905b60e0dcda1120d32ce36b91719d6308c93dfaa16c23a3b37e88194778be77d5e9e64b39477b76b4644ca32525b73bcf1fd9dc9af7776f2149e368053c58e1c93e1ec4575cb5e0b2da61d5e6b19436f3c095cdb4af4ddfc3364975700e5ff5275f9336b8cb3b959a1cd94f6b9c3a33f35e9ba4b7fea0466edf54e5e2e06a79bd170392c02b09749f3d111ef60baa8016dbf9ba581beab2c43d094add0d7fb7e16f198f3050641255f30a57c3045c1b51dd6e5d65613167596365b9c67aaa36fc89c44fbc4c8c96c328554a63a15511b04692651dd5e30780caf0dfce976c665e7b05fa6143914837bc82fb9d9dc5a1660e28a697e8a0a32eb8db109c5a045243d86ea11847fb64ec450112d77ecba32de418629a4ea2ae3f7ed3625b26def5c19813a6386ab4e43838c1fad3d4e92dfd7d3f98b3cf46d6e20304851899c59661e9639f3ff52fa023114907d930d74d605f3f7c5fd9ebb446d807e96cf3bf3517e369dc98f489026ec035a86f3719e1e50a48c0381f7fd2a7eea1d3a09ef7a0ba50b2ae28c2c955db4761ac005226ebc0c18d108e8ac066371be249b80eed88afee799411a50381cacb2d5164f0827720eb9d11b5cc548c2e145291dfbc5d4f70646dfbca077ce8ad3a3f8c627021295cbef70f5013c53e8fce32116e678a7b1dc535d43b429d330e9193f8de1a6c1da4353a86bc722ef1cffe59a012ff9c5f45b85e55ebdaa6b36a519c544ef8a86095e522d7dfbb9cac41e826fcc4bc676297141195f839ebcd8f64599fb15856960f97bc70d2336507d5060282d0988f354eb757c6f4b0ee77e2c0889e5336633ac28e2651c98e7f2fa4c163f8fc196b6798c1400c46710abed12a33a95afa56c7fe55de0b48cc984c80f6d98d212daeefdbcb457217b3962436e481d70967cab6b0943d5da59021ea9fbebf66e86943e029ef95d46d347b834098e1c8fb4c35d15945bc2e336f74c6c80430ad5fc4f5b9c6b41245ecf151eea90763ce3e09e050ae1c0925fa7a5ddbb7f210226cdcf9ee406041b73a5988646b90ed382d08e7a147078f9de025f5617017ec70f65dd25d7ccdb47ad7209474f4ca461ca46f0afe3cb405c3b72d320016d01b62def93fa4fa5a34df145c526fc497329a9e29ce17a929893f7beb417c88804418271dbeb51115821db4737b9cc467f190209649f543675defbf95640d20cdd124e85788b703213f4e99b4f36b74b5d44b67b7bc995ba133da4ae92f3a3db49c9ec039e0285001fc16760da0d07552e1ad621a4bac6d0b6409316e8a78273b79aa70df0e3ca024336d42c530550be8c68897bfa6a44f595bf5be48f8b25b48825ebcba815db4b3124522bc71e3970dbcafd479a6dab40f745a655cc3f9dd5aeb046d25baaaa160ba21f8b3c0292329ae107483c8caafcd70d041facfbf705dda95370a91879fc0ab9132e3b7b02cad69417178c4f34909df7a373bacb289476c25c901be7b52aabfdfcb3415ef3a565c7de2f0128c63e16984e2e98ad23e06b890f22894ebeceefdb472192e501e2c791232933b52ea4b9c4e9fe3654b8b1e08048fbcf58fada1cd49ca6658ce6ecd12102d90c81eac26090efa36514553abb298f7cf1a43bd6d473c1436b6be9e87445de726cfffb00c72de49db0585d677d5b245e15f9a53b4c258ba2fd67d38afd9ccd0d409c0bad675fcfbc1f4e5166fd1b29203274f758f55a266b8f7c9ec8ef1dd4913727fa392ce6b11baf902ea708adddd836982a609718c1dfb810aee6f21e47c27dc6b4eeebe5fc21aae6fe7d2908679c873e2aa45a1ee14cd7e10586216d5e17cdbfacd4bfedf00b7ba7fc46d4ac90667329ba76b4fcc6b991a55c9ed159a2fb9525c975bc0aa4a291fdde14a78b95adcde52fcb5a893ee7b4df6631b3ed5a9d9d9ebe36c7cedea777a9e67faad7f7004f0a820aeb6636f24685a15d12abc639aab2233b36584670c667f9e7a3fe1195d35b268d1052d5b4c9625dc963640c2c5e6c37d36acc31755b34f3ee2af7b7ba5dbe105322a3741c567c9edd817f6488fe69301b19481fe2e2cf74b19d4b224598b0ce1fa151fa1ef3d69aaeaab397a5eac72e0b969a09b85e3258e891db207393bc281afa93468b29b7e55cc2decf8292fc68e1a02b2faa873a846680992b37a548c8f724c0125027faa58be5b2836206cc34c063b50270d7fc968dab0d38072ca90bdef91119b72ab417d811d2f32bd41e6ab2bc5b5293f92f7a0a4f172bfea5403cd418db95e1a4232f78f6afd3d13978e206d85fa9ebe2abe444db065d03b6169bc9f0dbfc19237a74bd13c1ef844f839b20018fdaf1be6f1a171f6f3ce2205fdcce38330b88ceba0c5eae812e12be99993d265f806e61ec42c9527287967a1c3b27afb1edc35a5d17bb7f4d20ea708c62c9170ba2ab710f2d7f5dca7b33e0f9434cf0b6ee846fc8bc45d39f252ec682732fb090f46032491155d83a30894a259e037e57de7523481bcc2d704d8d728fbdf048df30f7e4861f62b8e63de47b3838b5062ccd2c125bc581024ea76bd4b1f53057f37d329f7861a2a70fd3b6d6fe252a1b892192ed75c585ab809f702e27e237c4aa2dc947585c2086eeaa29c3ff7e02cb7d3a0aa3a8156d2897daa9c45a2e28ba14fd40c8a3a058805e4b5b10641c3c25b9ab80cce83206b13a1e2bc362eb5ab7e0e677c01fc0486aa32862ad0afa4f1cc8496b961a0eec71c26ad107ead599d8ddd59d85adceb3ea442efcf8ed64f4c66547344dc81ef5b6ac102434395203f58d59656d41dcc192774d70f4f2964e304efde831126d402a240325e603347aa43626b5eb69b0", 0x2000, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0xfffffffffffffffe, 0xe9a, {0x1, 0x4, 0x0, 0x4, 0x4, 0x0, {0x0, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x3, 0xfffffffc, 0x0, 0x0, 0x1000, 0x6, 0x0, 0xee01}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r6 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$setopts(0x4200, r6, 0x7, 0x10005e)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r5, &(0x7f0000000380)={0x2, 0x4f21, @local}, 0x42)
sendmmsg(r5, 0x0, 0x0, 0x4000)
close(r5)

7.899320539s ago: executing program 0 (id=1973):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r2, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
syz_io_uring_setup(0x88f, &(0x7f00000001c0)={0x0, 0xaee2, 0x20, 0x200002, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0))
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000400)='4', 0x1}], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xc12, 0x0, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace(0x10, r7)
ptrace(0x420e, r7)
fcntl$lock(r5, 0x25, &(0x7f0000000580)={0x1, 0x4, 0x1, 0x81, r7})
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000020}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYRESOCT=r4, @ANYBLOB="200028bd7000fbdbdf2501000000050006000900000014001f00fe8000000000000000000000000000aa0500070003000000140020002001000000000000000000000000000108001700", @ANYRES32=r6], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x20044044)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
r9 = getpid()
kcmp(r9, r9, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
getsockname$packet(r6, &(0x7f0000000180)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x11, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r10, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)
socket$packet(0x11, 0x3, 0x300)

7.401594437s ago: executing program 0 (id=1977):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2179, 0x53, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0xc5}}}}}]}}]}}, 0x0)
pipe2(&(0x7f0000000200)={<r1=>0x0, <r2=>0x0}, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x40001043, r1, 0x0)
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r7, 0x0, r5, 0x0, 0x2, 0x0)
vmsplice(r4, &(0x7f00000013c0)=[{&(0x7f0000001400)='b', 0x1}], 0x1, 0x0)
write$binfmt_elf64(r6, &(0x7f0000001440)=ANY=[@ANYRES32=r2, @ANYBLOB="3436e5eb952da38546f444f39e8509d6bdf98d2ce7fdad0abfe1ecdea1b497a711e3ac016a7f1d8e2bc563d34aa5f1a4a9ebc20d0699d0ee6c5d23c2a53257d21b8d3797b1294310fc5fd9fa60573c0b01698d0a5c11c3c73da9cc090e5bcaa2819059a14d43f31a3a94a30b86297745e35d213ba051d269b09b9a5b24f4a7a461da8a9a4ae319c62802229c6c8bc362503669a68d69a054f616be4be17d8a28fb3e77261ed8101d9027c7f01de67d9a99f44e3b2f54e732b241fe7eac5b8052aa589f8c39d52cb7b73cd072ffa2437d1902cb2ff1d5e8522a5f41a254875ce5d86a0d5b0632edec518c8626e5e7f05bf76c7727da6c980586c13123c5bab1ad1521da3b83eccde02e0c8e8ebdd91f77e5a74d12b1cda67625ff9e633c0df07ad8b3e3fa3f0c74f2d263fad30802785a0608f342d80a1201fad1bd4945ec6b2572526151b995054cdfe907f11ad33c3520348cdf372d79e9ccc38c852eeae3b7235720f2f85cfb9386f6080b866e72beea836b3de71f4433b3c7febb8c1a33203f49540e91f3bd3fc63f7ae183bf8a3a48252bceb2aefa5c6b6616f01fc979dd9da46af08226291060852a59957425fb2212d7f27d191a32ab05f79efe60d0b2830a20f4581713fd0fdf277e7a11f4b0c85d58b9c848067397916b713c8e80319bf59010d42e657da53b94d4b12176f09a864adc7027a8e1520d3d5fbd8369b236422e46381f08b848cf33353651796a948cfb1a2c33290eaac900047d5676fc19b3ed4dd04952e3bc25c6a404a4d5b7d2f6f8dd1fc0af7fdf7203273224737758f73b792679f6280c6394343321ebbf09f4f22e7553df9bbd738599a26621706c051f220cdab3c0de10b72b0a38c0a1b0b18408efa666bb7573d4a9c01e1584a29784d5bc04ad6ff9179a49607ebedd0b01565ba761e12a9cea012013da92a5c780bdddf7f5bff6bc456076485cd47a462bafc70246ee66ba2d8e38b46016a68b7bb42436703454c64f117dc775a6b310a546c1452b80c399aa3a4c7322b6558a52f8a29ce10e2f76ba2ed7fc00f1d068059b1e7975835b93638675523b4a712f12ad69b4804539081afd5a453a1d02a7847e5d9b1f52bafa464de091b7a424c2331935f058ebe04a7a3bffa6c1d48ffee4e2de22b89c7c43fec71b2b6189ad22df52fe0f0dac000c6699e90e237f6ae3cf1e16e5bf7f7cea3e865aeee4cf01e1e430761b43340da74b014372c2dd0718ba18d1efb351d8c07c74f338fab3995594acc3146398391e6f46ddac38781b8d95d95ddfce05a840b660e035cca3302f6d5310f0acadc114a4dc1cf35010b2d9545ff40b71df8bb948ca8f612c13f8d1671da723feda755dc23815a7261f0129f6b89b447aa4e71cc50a9d97fb95e6fc65b3d8b4036a4703148bbe0bfd5cff7bb621aa50973d79958caa4ea176dd8f75d3f61d44a385e4e1bebc1cea77366c8407052a83cfb2f13fffb8fcbb16eda10dc779d675ae1d629921c4c8f285676c821aede17df7cc8272b6ec788e27f370848ff5b70d883541b8d8d2783ca25224346cbcc326b7eeff0e49c6566c78d5b5ac12165635ee77c74c1d74bdab684e648eddff5ca94451dfd7a8507f99e8bef7bb0607e81b41970dfe862178970eb285904d71cb83c4e378ac229779021fb0d113c80f00d6d6f7120bd5ea9302218cad25229bc863d0486b34993d7f8215c17cb7f9766ccfbe31be9b7073d4c722cec4a9566f0d4d8ab94fe8316cf833bdabc299aecc759ff2ea9dfeb60e6b1c56d9a1e753c05a3a952d063205349f989ea3237f389319a00f8df9bff603f3aa75f024ba249af864320a40116ff7717d011ec2e8382c3c9bb7247940507d807162c9fd465488be01f672b60cd46e37eaa9dbf2bf7bbc8ac38b26423ca18de9787ff85c7520ad6f2c91e4c9a53f4e25b486138137e1d671436bf1f6190ba40c91897b7c3a2a6fb17688a8720d99fd0575508c1198a812efb594259c5a13a7f6416e78bcdc9ee52aa0b7beda0cc5a24dd921bcd465e24c80d830c4f0de450ba59c828a93a031def5bf5553e1519230d978d2236d925598b60b98ddefb636dcb041601dda36d0ca66202097f13a1063accf7abb2358551a8370e6c4d8bf2f0f1931acd83858720bac44a59a2a535e974438bf87080e3b63b107e85641ab0e2127f0a8507d77df2d9e8a7f9b46428986641fbe6dc28bd8ccbef73ea867034a849e989c0348b9a1d370b63f9e403e4bee147c0748c662f92c3dc26b3e76ca98927a3546a856a8e0250d210005bccfe7ef2f5f560e6d2f6c3ef212b275c587625c389cebf398893c0c5940f65d30f6d20760227e2b8944b301e56093ea4294d262f08bdcbc0e2b86898fe681179752468b361e35dffd4cd156f3b2d6f976b2df3edfef2c45f04121a57338c62fd23aa59c771e713737a6b78714e3371d9ffec54fdc41c736b24a91b242fa5d78b59706b57699ff57d8e03eb8e5a8b72d95785c88fbba81004b71ca219e47545e70fb56a81138e17deb006772e2823bb8a5003ef29966c46cac2aa903c7814f538bdbe88da43db2240876ee4bfc5cbc3d37b7b55e4d86ed831718fbe51948b08d90996f43b85b435e9cf685167362a0dc9df74db60a6b55a8301a225466d2ef72707bff382b18d86a288f3cf9c61daefac4b3d2da9aa44f7bc991ca65a2251df287357fd3d93abbaddbd1b578a81064709d80735379c2ec7b71ddcd7203dcd24af717020a4c9967cf7b8ae8104d1b0dc45438e02f04b51691551df940828497a09eb60004f26603ad7cd21792e9df29bd49dedeb12e0199ee72611568fd9c8ca92b39fccbc52cced8cf5a5d8167d620fad2c83ffdf7e511bc3477c668599d66913a5b1ba9621c7656652ebd4af9ce0c453db607fc4493c2751e1ddf5d3238d61c093730176b6b8931ff02c3600f605f3f0ac1b899ce055a8c5bd841546c1cf3ae78471b622dc84210db6d327f56000c884dbfa9887464347bb70f02325a19fccb30fc8e91eecaf25db76b7dd45b4e29311d7e9d2628d36955e207bcda8345b8f53c4e3937f958121207a25e885ce1cd85f6d1ba1d6b763e03667da5252fe7afa4aee86f88cf800bb3de6b0a0a346f1a49158faa7c409342be785baff5314d20ca933b280f8f5bc483c1c15beb5335fa5c28001239a1de599b36b9df70d2e03c5ab31ce63ed3ad2d22332663fbc89187cf3dfd9bec56a1e8dd0355e4ec68e9eeb74c1954751b2cc40e0805cdb91b3096dd441999fa988e62679787d33083c0fddf7fe2537f1ab6cbfa1bd5a4f4406955761bcf870c5932a23b7c90b4055b6dd814d710772f32ce5d336d9a9126fc234a8926d4d0161dafc88e81a68ed0c6ab5e7d84a368bbc156e1207c1f81e5b495d1a2cb6eee28f7b2379f88616f4455aba1b40c060c4264daf871ccd053b8373f82f0adf2ac87bee7db2a2a028778d10c6f5e1e66147278afd5dafaec931888cfc44c9cfc9f7af324293bcd01bf71dd23e18ac514c8d59418fd6a4db4547613e048e57d6516c2b4dfd68d158b26fe1170288292a7d4ec745c8b356ceb3187813750dadb266f5f01bf299f00009867d79bdb7ee73f08e886be716367eb65310875ad42f02c49582b31be192c0246503eb2d03493451d8c609c3cde3aaf19bd0fad7e47bd5d948180b4a53e5b313ea291cd1380af179b4c38280b7196d9121cdc7b67abdc170e6e14438a91aa3302eac463b584e4427e323394052ebc3ff0889ed3f09c338b9fad4e84cc003d5c7cb41e8bb1dbd9fc865a9381e436a24bc17ea5b4eaac75c59fdb47be67544a0d24bfd52bedfb37c854d95000f7b7975d81de78de95bc1dc8ee89d7ad2b8ce9fd1eed32859bf4482b8d8d44e682e0a74ad51bbf0654ff09623bf1a9fe6edf720a8fd8bbccd68433b69d101ac7f1dd30731482dfdef51e534cc44062b25ff2b21111606f30dcffc34aaf3fe00c73070a0a0accd6f2e4f00e92bc487bc87ce9bf17e1977e2840407e183cd8b3efb57fdb87ee9985380ff835a67fbe6aba3773971920ec9d4c073163a49c672faed7d864bf2d0633189c507e4b04f1ee21060ec67ac67a05ca33b3c5308c2a9bd952939777ed1d1a5a40f99d7d3c16c195fb9db5906f74489cb26f7e860aba641a7ee8d5e250bd1d7401cdab6109e08d36bd61c657501deb7ec9c2bcedf4d1a9a4f1d4eedb3421e21fb414cf07df7289198e795d252d4889d65c195f8683b0e0b8cda7ab6be2d38304276662375385407b860b42168f2ac661bb610615a59fcca16f3aafc5c3c6183ebc8377df3e5bf7f6f11be0b7ebe68f4e3c148468bf3def378d59df462a9a30337c78fb62c4a26409484008ca7be7f0b87da904d76851617933c99d148df577c70ebda695dbf1b78a7dca0b0186ff0aadbaa29f0992f31af6efa45fc9a1a123ee26e258d2039e27584dd7d9fc2605a20e96849086348aaf5f856dfa2cabcef0b30d24e00e89b85c5af37e95ddc72bd0eb8fd43fbb0a9cb2fd74354dcf4d7f21c7e370cd12088a6f0958da1a1384e18a30f4b1e446ad420898a7533ad9732c985329a5d9cb5c091534359b08f0c6f88498a398574e3a13068f474bb84eadcc1b7a738fa4ff33d235acb90a03271f005f35df0163e991e70725b12856049434dfb10d3126a5f1ec5d33f5ba47d48498f10639f44ccbb98e5befae8878619663c5240b5adc73f196ea1ac47656fe345c1fcb28c4a389f00889e6eaef8adde53bee45b7870c3fc8114fcf58a5d42cec49c14e4b417443a5f6b8a967ad3e208465ddffcc0eee644af5a57ae8a2b6702a10d2ffede92d0712e4ab9a5f57e2e4c9fcf786fea5164ccfaf532c484485dcc32af730f38b3d1de73ca711dace0684764d64e0e3c47bbe797456ea700b4e6dbbebcb29f847146a7a373946e2bd9a471ab8fa278173fde9389c630ea66ecd015479f7cc07eed666f5f7e367c8cc13f50ee152c59241159364fba8012cfddc28c3f669cee9f116aeba97edb3958fed54e53d7460028b626cc91e1dc486787fa72180b2a974ca1e1b779a914e08e3957cf667b7a61b09fb2c3e43a7ea680bada6a9203a213e6ae06023d14fb8c270e239d2b76046328afbf60e30840ff12d051a08ac9da9a6bd9cb1de94b3be09086a97f304877ed2c221b29e9deca9c44865290613b41a145076ada2392d33d3c7e8e10a5a444e78e94bf2aa76eef3db68215eccb9b57430037c7e9d302986f5e65812d23bf105ee9a21180e9fc725dce5d08c8380fb1f8283ce0eb1946a468fd0d5ef0fdfd9f10c511a1808a290861ebbb9c04dbcc690ab11fa3173e8fbe97ca19a79d0452c04f0e7fd5f1e5251d6e55eaadb21dfcce299d1fc203017f91c3779cc29a8e5bd4d3fb7041f3929a1458eafa371366f6e6911e7d110aed1b6c418c151f3d4bad4dc4f4d967a248ccfc7ea11d45c747a005b3e7257353f44d2ef36215a5b73c59aadb1e26a1432587e08c2c698023a31ed404895748ddd1656353848319a4fe85dabdacd638e9e3cc8a87951ddef2fe50ac1721e8eda41fa8c9b323da9fc8dcb38bf74f1c467448c54f2a92ac61d3e2a266c131b723cfb345dd9e26546079abaff6dfb3c424590ecff812bca12455c94893d4762ddc60ec6482fd31a0555f26180c72d70e81803570e53e94540ff00e1dfc6db3a582cfdb33df0de00a083bd4443c536c25ec9e1c714442d017e5da3c77520902e05e49cc6632ca5ebe2202885bfb0a6148f769487026a2886e78814730eb69453217f57726f840328f7"], 0x18c6)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

7.34809404s ago: executing program 4 (id=1978):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a30000000005c000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000900120800014000000000140003007665746830"], 0xa4}}, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f00000000c0)={0xe8158d36e0e1d816})
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="28000000120001"], 0x28}}, 0x802)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = syz_clone(0x8000, &(0x7f0000001740), 0x0, &(0x7f00000017c0), 0x0, &(0x7f0000001840)="ec32a3e2bfb79967f28955afa4b7beddba8eb18c03")
ptrace(0x10, r3)
setsockopt$inet_tcp_int(r2, 0x6, 0x2c, &(0x7f0000000080)=0x2800, 0x4)

6.933161514s ago: executing program 4 (id=1979):
unshare(0x400)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1}) (fail_nth: 20)

6.259026044s ago: executing program 4 (id=1980):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8) (async)
setsockopt$inet6_int(r4, 0x29, 0x38, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r4, &(0x7f0000003b00)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x2, 0x0) (async, rerun: 64)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000080)="0f20e06635800000000f22e067d9f0baf80c66b8986c108966efbafc0c66b83100000066ef0f20e06635000001000f22e00ffd5f030f5b5579660f14662066b800d000000f23d00f21f866351000000f0f23f8f264f20f23170fc77a00", 0x5d}], 0x1, 0x28, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (rerun: 64)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0xaa001)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f00000001c0)={r7, <r8=>0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000600)={0x0, 0x0, r8, r9, 0x93, 0x8, 0x9, 0x80, {0x8, 0x0, 0x3, 0x4, 0x4, 0xd, 0xe, 0x2ddb, 0x6, 0x7ff, 0x4, 0x7, 0x7, 0xff, "e2777565f804000043ad5fd3d8c7ff1500"}}) (async, rerun: 32)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f00000003c0)=ANY=[@ANYBLOB="000e2d00000071"], 0x0, 0x0, 0x0, 0x0}) (rerun: 32)

5.932201792s ago: executing program 5 (id=1982):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84) (async, rerun: 32)
r1 = socket$inet(0x2, 0x1, 0x0) (rerun: 32)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000280)={@multicast1, @local}, 0xc) (async)
setsockopt$inet_mreqn(r1, 0x0, 0x28, &(0x7f0000000040)={@multicast1, @local}, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
rseq(0x0, 0x0, 0x0, 0x0) (async)
fchown(r2, 0x0, 0x0)
shutdown(r0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x80, @dev={0xfe, 0x80, '\x00', 0x18}, 0x7}], 0x1c)

5.712122168s ago: executing program 6 (id=1983):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x20102, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
mknod(&(0x7f0000000080)='./file0\x00', 0x2, 0x5) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001840)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0xfc0, 0x66, 0x0, 0xb, 0x2, 0x0, @rand_addr=0x64010120, @broadcast}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf9205000000000000001eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b7589ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c00e106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c99172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72cd67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19415e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae04753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb91010763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14c17564b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c35ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c3df04affee49612a735907d3c4d310a54a6f609873ad56f29a138f4d5661f6865e030487429a8da93c5e2a14f727ce675818"}}, 0xfce) (async)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)

5.519866936s ago: executing program 5 (id=1984):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) (async)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4880) (async)
r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0xc0202, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000bc0)={'team0\x00', <r3=>0x0}) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x2000000, 0x2, 0x0, 0x3, 0xffffffff}, [@TCA_NETEM_RATE64={0xc, 0x8, 0xa7b69fda41b958e8}]}}}]}, 0x58}}, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000c80)={'ip6tnl0\x00', &(0x7f0000000c00)={'syztnl1\x00', <r7=>0x0, 0x4, 0xc5, 0x6, 0xfffffffd, 0x10, @loopback, @local, 0x10, 0x700, 0x6cb4, 0x400}})
sendmsg$inet(r1, &(0x7f0000000dc0)={&(0x7f0000000300)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000000b40)=[{&(0x7f0000000700)}, {&(0x7f0000000740)="9482a6719772e370e1a5ef2760f5325514eda7a2f5ad35b2a84d66a1d1c9ac303c5295c7198124df9bad745a5df7c546cc95461ee7a09b5da253d7a1d445ee4c501bc5cc6461b17439eb9077a339b25de488c22a7b1c423933f22076fbafcacf9298162077188dd7d3259a40d5973e1f4791f34ea550950a1c750f59f21d3243b0d77f8d5d80838e59ce26ebd6293ae3e254173b3bff638d83669aabbb2327f7d23d4789399ba5f2f50b638a26ad64ce30dea7faa11fa23e07e762dc8239b0cc0b128119a052c047be1fc4609d80686e7f662874ca6c5eb7ed9d9878726e182086e5f540", 0xe4}, {&(0x7f0000000840)="77008cc32766a2c8e81156fd5b48b1b53013c478c0534a8f049734ac75b6769d6826a44d1c51bd5cfa31566803f34b733438d4aed6f2531eb662eda0e282b9f826bd68c42920db111019863b7c027daa4276e489d2d6106991dd9e1a2368f2e3803eba00f1a6acd68acadc9c830bbbefa23e2dedcc69fbaeccafce9ac487673484bfe6905aee385b8280", 0x8a}, {&(0x7f0000000900)="414c5f9064a4ca7078898ca4ad21e552a76e64ae2aa2cb4538278ee7d0e73d82d03d231fa9dafdf45ae2fe1e895e9bc4c443689d6267cc1b368b981088e0434d3a037c0fcf214ad34cebb31c0c5418f34e7ab09cdca9accd2ae089c6448104625a9409d455c1a667a84cba39d0535b699ae5af0bc90832eaf5eedaa8d7d48b33fb5c77a6a555ab9a05034aa3f8e38ecdc730b55c079eeca3da9e3b96704d6517c64122a2", 0xa4}, {&(0x7f00000009c0)="9e31007bd0d632d4d8f52506c759e929c6e5f85de8b0894dda1eddd1f33e60d18179a7b4b502d8fd6f797bb7fcd39e9600b964762f74b0ae3dd8923444d2fbbf7600ca906a0d704e33f6ee2bd1472d554ec19c51c2ba57709072bc19dcd2268762239b6997d4151eac26662cfb3dd9ff27673ecf5839f43fcdf3", 0x7a}, {&(0x7f0000000a40)="0201449f8b2674", 0x7}, {&(0x7f0000000a80)="b4a1e382b15c0a3952a12d0c40e2a74b8916e0067c9c8f83dec7ca015a2aa89e00ba66c8db50346961206a8a0bfbad00a3bd43e385cd11eb039eeb5d23399dc40f61e3de2362a27cad7d91e2309c8de88f9768fe73337164b4ee0e1de6ace51e5dc5cfa04e6db208dfd24869d17a82a0de30ed696ebd44697b6edc8a6b47a9f267056a8689e0c2de48181f996ffa36ffa79e4453dd", 0x95}], 0x7, &(0x7f0000000cc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}, @ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_ttl={{0x14}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @local, @dev={0xac, 0x14, 0x14, 0x30}}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xc}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x101}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}], 0xf0}, 0x24040010) (async)
read$nci(r2, &(0x7f0000000100)=""/107, 0x6b)
write$nci(r2, 0x0, 0x4)
r8 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
read$dsp(r8, &(0x7f00000000c0)=""/229, 0xe5)
preadv(r8, &(0x7f00000006c0)=[{&(0x7f0000000400)=""/135, 0x87}], 0x1, 0x7, 0x0) (async)
setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, &(0x7f0000000340), 0x4)
r9 = socket(0x2a, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r9, 0x890b, 0x0) (async)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc) (async)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x0, 0x1b1c, 0x1c08, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x3, 0x80, 0x4, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x3, 0x1, 0x1, 0xd8, {0x9, 0x21, 0x3, 0x10, 0x1, {0x22, 0x37e}}, {{{0x9, 0x5, 0x81, 0x3, 0x1c028e41a62e6341, 0x6, 0x1, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x76, 0x3, 0x8}}]}}}]}}]}}, &(0x7f0000000640)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x201, 0x9f, 0x0, 0x6, 0x20, 0x9}, 0xc, &(0x7f0000000200)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0xe, 0x1, 0x4, 0x982a}]}, 0x4, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x447}}, {0x70, &(0x7f0000000280)=@string={0x70, 0x3, "ba18e84f86f334a883b56746bf3e723fb9889026d1ab7b66ac903b945ceb5586ee343607d6873188039728694e3655033f8a515b0e96821b0b15626fe66fbc1219129ec62f53c0c0f34c724dfc6c85324973c71d55091a7c1bfb195fcd4e1ce891ab84fde6796138b20c9cd07db7"}}, {0xa0, &(0x7f00000004c0)=@string={0xa0, 0x3, "a2d3a875316ec8a2a653e93ee442fb5f4d474dd64cc2e55d81b40151c7f309e7cbf229830dd9b33bdfc44af10bc076c37e094864e849e9e63b63281d9648dc5e7bb372cb97d285dc4a0a42e4e117ad1a05d7909c7d8c81be3e568ef0caf4013cf158741a52e912025cec174285b29e39773dabb7b0c4fa8e21d546038cd1a5d538b3f4658dd9545e59c814191f865536de3570b48c36660342dfa29c1a80"}}, {0xa3, &(0x7f0000000580)=@string={0xa3, 0x3, "e4a57c47ac89076839d4e466808acf74e8900d0606b1c9e069dd2b3f70c1c405b83e24394b53d891fa9ea1c46b4e5d50167775f1e141f3b7140d0387a347af39d062d4f440251b43ad111b95527c7c6c90b64ea53eba9c6f1c2e541fd7dd9ca7db10d238d06be804a7d78b272b194af0076cb6306b518bac05b2c1d65114aebe73dc017d70f132bb5424b154180e0509caf92760393b5a17fb17a369bc4f87d9a4"}}]})

5.177872899s ago: executing program 6 (id=1985):
r0 = socket$packet(0x11, 0xa, 0x300)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000b80)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x40000, @private0}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000340)='P', 0x1}], 0x1}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
shutdown(r1, 0x1)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2c00000000000000000000000700000044150503"], 0x30}, 0x7e8166965e22236a)
setsockopt(r1, 0x84, 0x80, &(0x7f00000002c0)="1af3050000f2bd5b", 0x8)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x4, &(0x7f0000000000)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x25, 0xf9}, {0x83, 0x9, 0x9, 0x26c}, {0xb4, 0x5, 0x1, 0x9}]}, 0x10)

5.00621726s ago: executing program 0 (id=1986):
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)

4.868012421s ago: executing program 6 (id=1987):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r2, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
syz_io_uring_setup(0x88f, &(0x7f00000001c0)={0x0, 0xaee2, 0x20, 0x200002, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0))
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000400)='4', 0x1}], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xc12, 0x0, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace(0x10, r7)
ptrace(0x420e, r7)
fcntl$lock(r5, 0x25, &(0x7f0000000580)={0x1, 0x4, 0x1, 0x81, r7})
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB, @ANYRES16=r9, @ANYBLOB="01002bbd7000fedbdf250500a4b81b887a1fe6023d125df1631d44e60000081309000200000008000c00aa0a0008000001000500000008000b00020000000500120001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x2000c181}, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000020}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYRESOCT=r4, @ANYBLOB="200028bd7000fbdbdf2501000000050006000900000014001f00fe8000000000000000000000000000aa0500070003000000140020002001000000000000000000000000000108001700", @ANYRES32=r6], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x20044044)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
r10 = getpid()
kcmp(r10, r10, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
getsockname$packet(r6, &(0x7f0000000180)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x11, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r11, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)
socket$packet(0x11, 0x3, 0x300)

4.851691482s ago: executing program 0 (id=1988):
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000a000007"], 0x14}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)="1c00000021006bcd210002006e04000081000010000000017aa60864", 0x1c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xb0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x88, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x50, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0x1c, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x15, 0x1, "16d3e518a7c6a3803e5ed94825780abfe6"}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x124}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0x64f, 0x6, 0x6, 0xfffffffffffffffc, 0x4ffff, 0x29]})
bind$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, 0x1c)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.819504974s ago: executing program 4 (id=1989):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r1, @ANYBLOB="0100000000000000001101000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce8514000400e76a686bac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)

4.735838777s ago: executing program 5 (id=1990):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000bc0)=@raw={'raw\x00', 0x8, 0x3, 0x3c0, 0x0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x2f0, 0xffffffff, 0xffffffff, 0x2f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @empty, [0xffffffff, 0xff000000, 0xffffff00, 0xff], [0xff000000, 0x0, 0xffffff00], 'veth0_macvtap\x00', 'ipvlan1\x00', {0xff}, {}, 0x2f, 0xd}, 0x0, 0x1a0, 0x1e0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x5, 0xfffffffe, 0x93402881c9950fca, 0x1, 'syz0\x00'}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x2, 0x200, 0x1, 0x9, 0x2, 0x3ff, 0x7, 0x325]}}}, {{@ipv6={@private0, @remote, [0xffffffff, 0x0, 0xffffffff, 0xffffffff], [0xffffff00, 0x2f, 0xffffffff, 0xff000000], 'syzkaller0\x00', 'vlan0\x00', {0xff}, {0xff}, 0x3b, 0xd, 0x0, 0x41}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x12, 0xb4e1, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x420)

4.537844917s ago: executing program 4 (id=1992):
syz_emit_ethernet(0xd04, &(0x7f0000000440)={@local, @remote, @void, {@llc={0x4, {@llc={0xaa, 0xd4, 's', "1839b3fd4aabb47e7a8d974f5490345f2d132d3d113716a797cf81698bb78903bda8b5f4ab70a8f607d6f340a027f804f955181b36fea45c64761f2f16e67f066de5155c1c4490a9635f530660d3f380bb4cb1f01b7bdb12e6786ef4f6c9e286eefca0aca655d16cd9c4c93502e74c7056c67bd48df90e012a9d96298376ebd52402263a49830d82d7cdf05f5d68439be91fd0e0cbf8a72e89886669a9508a9d56fa25d1fd5112848992c77c91f73e4af09716c0a1d83925e899fd8dbb90e1b1256bad82d909d2a5b426e6096e7ebff1a16ec4bad97183290ec41cc8364259c8b6d90dc33a97eaaddd785282aee58c6f78215afe1fe370153f560bd11f566fcde783092ce480feda0523cfe4e19d38a8586e7907336059a2feef66eff435b30e12af1a09f3c2a3de4601201d3ae033f3a0098de2787d0961fffcbe56c8c1692b555d44a9a67eed3460cbcddd34b02f7c973c9d6a4c20e1defc5b83f2018ca10c689b33e9a23b02267e3a2cf2a3846af4c34b57bd6a047c67ede0c6990c23f1bc6e3eaac1dcd92905660e30f0d560c1b35af4c5f9735286115b016b6ee0abff6718cfb7320f5382f5cbbeab573fa83d976ba5045702dded5f63596e2b897e2ec8f5a93b1c99c10745f1e143e6db26274945c431475cd4d74cd8e0fe4567aadcf27ddfec0e79661d92a8da4477a62520459680efb809267e0982bb7a40cad12fa779d6f85e5c4125b087f73be86a6a62c051e51b3ebac44992af3e37a359192a4ca5b8dec85469daad14a3853d1b33ca64b12ffeaf2dd05a650c439b2843af446f364ea219f0fd6df94691a05b329e4f2a1e96ffc783937440aa89638450489947b54b3ae815009e5c6b94aad78235ecce1f96d94420b8e299f600a3b8a92c88289c7940032d12fb843de12067c10428eb12875ae0c080368e7c863e46d755672e987050e23d04fce970ae07cb41d32bbbb4c9bfd3aeea66696e39b3a220222f2b940c52aaacd34ac6242c8e7113d6ee848f717ec915a8c331e3870ac75dc6fb4c4b6cff7acb6a57ae1ac8405caeaa45c5114dbfb7072194a61a0e44eec730c3763fbc52ed0a1bab089b4a370b38091c203e8f96993795670d498485f7784c1c872bff67f4478c6afeb8cf57a521180acbba6973b73ad892e872316bbc7f75fc803ebff23847177d38dd5ec6490dcf1ebd90904cc2fd6012ac4f5262bfb2a26c36ad28c3e447816e7a63796d452189f0f1b62e526e496fa29c4bd2849f0d3644fe7d3aa0cc07c496299b161ede98dc202832295cb88037741f80fc38e9282a307d485731015fadb4975a496372f706d1ff6b36da9c021ee3f945f3a10958e2df9456e7b3620eb011e4a39a2c56268a16f377ebc9bcae283b37a7ebc69b9404935dc33a325aa23fae29401378e0281e795640116573cd517bb2b085362007ad125e95c72e1c431354cbf77b0e610a76c18a66d112c97aac305b3fdb58ef8d6a601da095614c5d47c3c91fd942dfb715be50fe0b87aba778ec1d576a3bc3b6a911e29fba92012e77fb5fc52000f3589e901b3d76989389eea90422119aa38b3bcd2a1462be1cc9667da8901357c89b1dc75e4cd596a994f7a7d7231db740d110a0d3d79af52d7be9cd9c6229a26c363e618ddd4c5677d4434cb6ed30bbb121586a8877544f14481eb495d4ee5f20bdceb4ba904e87eba51ff09da07a4f8defcb243e44b0ff2b2f2cd41af04a07e54752d583aeb2b36cb7eef7cfaaac7919c85287a0bdf0a5e41e1bf3dbd9cd2ab07e5a4f358f4d12c691f3a377c93beb61b75178f43269c627559b2eba71f2859a186986a6c5305b3a6eedc02815be9f3bef7b899878eb60834844c1d81e70bee0fa54c82719ece1ce4bd8122d20cdf40b1f13c36996c31cd46b5e800eb2fe854a08a57141a516f94f531b81170acebc4b2b64d79a385db5272a23263e6b305a1e2982b319469c8ebd84beae0a138fcc261f403fe068188f001d4c317f690b8fe9ab8d8f15cf58d8b420b431e51a9a0601327f4c31ac9adde6c49740adc89a800e14e00a0cf4ae0277d72c6635034e52d98e02ef3dab8105b59d136860403dc621128fd85a83432e39cbfc3498b11ae51d0426eab2a4d7e5ddc86f6f2e44c92d7551b17bb2d13b38fd151f7aa19070287413f05156078fb949a12ef6c25ac280df02c0aa5ad4c7bfaedbb7aadfcb559620c66f8f11bdb9a847042b9ce8634d658a028b108e2cd5ae9ab6a3e7018748b1d258db7de6a16f2df234bfa563a9d27d7a42401a717cf458e5553a69092512634bb08c3b7608d4323d62a8e67993192fc6c1ecee3d6b4a2730d35b7e651ac31fe8898aa054afa8e9eb044787cde3566e843bde913debf0c33678096989e9a4cf4693bc702fd06259062c1b13f7061b8d5fa0c39b89a7442e66d56d9b63be633d0b49e10a1f6fb2cbcbde54d5f7495b16edf656613c13412b9aac45ea8b7df77d9732b262aff57871aa23999996c154861c5c65b4c8fffa4eba2014265d5eff7a4ecdbb39f307204f801bc9b54f8fef91e542c8abe1a58eda5e6991cc973da95070aa27ffef0bd4f2efdaafd29b2ad23bde729cf33ec470255f36fbfb4695dd662ddd8a2bcd7ed1baccb5a97ec0cfb1f82f2ca8110c34b436bfe5d7376f9e943435cbba344dda421bad8183f4dafcabad7bb5373301a7640fa1414b856628cccd6f7495339dd6d8a4193d51b1ba41907635c31775a79bd7628d97ff48270108c52f95f8181c876eeed7eb04fe1645cab1ad22ad331ec5c266b8c3775dd3e75d6c5989fbac06931981678efdfb51bcfd6f4f898c5ee8861681362d3536c954a24149e6dec454970ce12925c2c73107cd2d915e557eb330c855b99ca8976062dce0125161c1eef7de0e8e2fd8c82da1099826ac81ffb99ee1c81fe832065663ab447772d1f10cd403cb62ff82828233390ebdec0e4884b50ff03f045d4e9715a94eedcfa5293f10c252b8df593cfc08b7cfcfec304b0f30f7260c207dfe189bedfdd7eedb9a91321f7337f67615081499f1f7652b63c03093cb73eb4449f1ba4fab13cdc70b35499dbe56a952dab13cd76783125b97bae687abfcf5ba3853296f82aaf4697a1e7a1951a4cdb270c41b59ee1a69ff023d2feaba9f64277a07ea780714560927c637f48928a5b1b4c81d0e8d40b40861c6cab2010bf12e52abf9a5e97497105a423ff49abd14be7322b917d9b9525068aef9665274e595f1989461d459ad724d84cfbe27f67c37323ea59143b67fedc47f5135ea57703af837e06dd5767b81784814b4cebf76496f19988f45f1bd5d5d6e04529bfe14623277fba4e3325685a509d83b2b4ca5b8254d9164636f02f503883f8b112073194c441d5738ea99a180dbfec2dd69d5cc5fa4a7754c6769ba72d83b838f1e5ef56620dd0789cba637c68d936c713e0fde830d62e0afe10ec80ea012b0cb9be0d51f5983f7a31d2d911b666cdfb6d7a506c76c07602f68822bd819b3af4e1d5f02004a0737076f9e5ed9fee9dc666fd69729226bf91a313728055ffa8c13cb742a18dd95eb7e02d5e8a5379f6ecc3f5da2e8933b6fdaac8b0db8f51aa18232bc5ce6742b7f476eb26a6cef1de73e3e78e4ab3762460ff607e09012473576ea6dd90a199c11ebcdb22bf35799d39c78546c8bb43550bc5e03d96aff5f96ebfcf4ad13c3bcd9d82ccf81b2f57be57bc0c0dc933a4428354287d539d6d12ef4c8f53c19882a7276b5d0c4e4fa674d1a40f93c47ee4db67ee56c985a1ebdc7e1c59cdb22c24febedbf385ac747dc07e68fa1e078995aebc475daeebc7c9d83ac769c5d7599b7b0ce7e8738081e636568aaf41dd2281152c6904e79a04c5d93ebd755a31e635a05371d441dbd0b3827e64594740b14e4f82e6d9b011f0a91b54f52b41f88e471160ce7f9425d4ffcb8e3bd1d4edc55b4fd6f915d6da38bbf4a6bc1fa95f61203bd1acf16062c330e6b4550e42c2101ce1999b06db4a89bdad886a265f3eb96b0695a65ff2ea7c807d05e1c9c22a228282a519fd513f2be0a9bdf8da7a617845a1ec4536f5d1ca9f3f95300bb67cfcddb95932b7c3830ab5bce5a6155b174289b1981e2b4d45a0894f92471ff277bbe1a6e28f6a29544363052a58a7af274275b232df967e5e16fd38b86580f0bf5ba5194dcaa1d96c9cb997705faf1d357743d3d1d1bfb80f894b7c9d0522fc2ab07fd1b1fd0738ac147aa7486dcc34061ef80493d6031ce549f0e3afcc1a3b447c5d9a76ca1d8b6f5f98ec846443afa94e81b6dc4d5a5628fb27703f45e30382deac420f71baf08e370c4923da85f4c581a9d2379d3106a762110c8c102fd7332269cfaef1fdfe25d89a452e4762838d589370f47b3927741485d3a8e15578fca9b918d058da1541b9bd246b5ff3813a72c27887b4b912cd7da3c30903a52f435cb50602853364b762c105ca1dcfb4c22034596e9284e929a0cd24501e9d66eaa1089c345e7a13e0ae3924a0a4118d0053bdb2296ecdd09cdcaf9f705a7a977178230d3d1e44005be887b0523ceb19429c1ac2ccf8b45b01437c5d7850d9c9c7380a4f03556cac3ac91c58f484bd67974d0ef9458852995c4b47f190a2eafa5fe2faaf88ced1167f000989dc67696b0c666a5fb9ffed1007457e725b393eed3e0e39fc361de2c36237991bca6"}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
sendfile(r1, r2, 0x0, 0xfffffffffffffaac)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r4, 0x4038ae7a, &(0x7f0000000000)={0x0, 0x40000105, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, 0x2, 0x6, 0x202, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_REVISION={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000002000040257d15a44000010400010902"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0xfd9b, 0x10100, 0x2}, &(0x7f0000000080), &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
pipe2(0x0, 0x4000)

4.468189062s ago: executing program 5 (id=1993):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x2c, &(0x7f0000000080)=0x2800, 0x4) (fail_nth: 2)

4.329778859s ago: executing program 2 (id=1994):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80002, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
unshare(0x22020600) (async)
r0 = socket(0x18, 0x5, 0x2)
connect$vsock_stream(r0, 0x0, 0x0) (async)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={0x2, 0x3, 0x0, 0x2, 0x12, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "a3"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_nat_t_type={0x1}, @sadb_x_nat_t_port={0x1, 0x16}]}, 0x90}, 0x1, 0x7}, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map, 0x1, 0x0, 0xfffffff7, &(0x7f0000000080)=[0x0], 0x1, 0x0, &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000200)={@ifindex, r2, 0x2e, 0x2014, 0x0, @value, @void, @void, @void, r3}, 0x20) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async)
getpeername$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)

3.626914146s ago: executing program 5 (id=1995):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x34, 0x70, 0x9d, 0x40, 0x55f, 0xc230, 0xb6ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf2, 0xa7, 0xcc}}]}}]}}, 0x0) (async)
r1 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000003c0)='name', &(0x7f0000000540)='}\xf7\x1aD,\xfcSJ\x1d\x11\x9e\xea=\x9d\xc0o\xec\xc0\x83\x91d`\xb9\xa1\xf0\v\xed\x14\t\x00q9\'\xba\x17\xd51\xef\x03\x1b\xa1LEr8\xbb\xc85\x017unH\xd7\x98\'V((\xed3\x15\xa9\xcf\xea2Q\xdd\xff{\xe5$j\x9b\xd5O,o0;\xc0e\x96]$\xb97%=\xc6\x18\x7f\xa8\x98\x93r\xe1\x9f3\xbdN\x96\xc5\xcb`X8\x9a@\xeby/\x00\xf8k72S\x11y\xec\xa5\xd4\xad\xeb\xef\xab\xe8f50\x92\xd5kK\xf2\xf8*\xb1\x14\x8f\x8bu\xe5\xb8X\re\xfb\xbfR\x8b\xfe|\x1b\x94\x9buP\xe4\x12\x01}\xcd\x1c\x8eV\x81\x18\x14e\xc0b\x8fJ\xe4\xd0\x94s\x06/ \xb5\x96@\xdc\x95\x86\xef7[g\xdb\x86,xNA\xe4.\xcckx\xe3\xc3\x05\xab\x00\x80\t\xa3\xff\xa0\xa2\r\x88\x92m\xa0\xdc\xec|\x00\xb6b\xfa\x03\xd6MyGx\x05\xd7y}h\xf8\xcf)#\xd0z\xccp\xe8\xb5_\xef\x13ZY\x9f\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x97p:\x8at\xd3\x88\x95*;5\xc4\x98\x90\xed\f\x83\x91\x02\x89^\xe5\xbaT\x91\xacg\xf4\x87h7\xad\x00N\xa4B?\x89q\xf6\x91\x1a\xec\xd8t\xbb\xf7\x8a\xbfh\xac:\xd6\x8f\x9e\r\x14<i_\r~*C\xdc6o\xeb\x85gFmY\xec+\x8b\xf0\xb7\xba\x1f\xcd\x19@\x89\xf4\xc8', 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000dc0)={0x2c, &(0x7f0000000ac0)={0x0, 0x9, 0x1, "af"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async, rerun: 64)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000007c0)={0x34, &(0x7f0000000280)={0x20, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0}) (rerun: 64)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000001800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000180)={0x0, 0xe}, 0x0, 0x0}) (async)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="c07b", 0x2}, {0x0}], 0x2, 0x7, 0x83, 0x8) (async)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f00000002c0)=ANY=[@ANYBLOB="263003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.472083831s ago: executing program 6 (id=1996):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000840)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@ipv4_delrule={0x30, 0x21, 0x105, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x7}, @FRA_GENERIC_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x1}]}, 0x30}}, 0x0)
syz_usb_connect(0x5, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="120110031fcd1b08cf100355af750102030109022d00020809", @ANYRESHEX=r1, @ANYRES16=r2, @ANYRES8=r1, @ANYRESDEC=r1], &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'poly1305-simd\x00'}})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0x7}}, './file0\x00'})
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x40002, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x41045508, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
close_range(r4, r5, 0x0)

3.425008329s ago: executing program 0 (id=1997):
socket$xdp(0x2c, 0x3, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x20bc, 0x5500, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x6}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$hiddev(&(0x7f00000000c0), 0x5, 0xa0f80)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, "be"}]}}, 0x0}, 0x0)
r1 = syz_io_uring_setup(0x23d, &(0x7f0000000200)={0x0, 0x1, 0x1000, 0x2, 0xfffffffe}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002700)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r5, &(0x7f00000004c0)=ANY=[], 0x78)
sendfile(r4, r5, &(0x7f00000001c0), 0x8)
fcntl$addseals(r5, 0x409, 0x8)
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)

3.352080887s ago: executing program 5 (id=1998):
syz_open_dev$usbmon(&(0x7f00000001c0), 0x0, 0x0)
fanotify_init(0x200, 0x0)
syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0xffffffff, 0x13100, 0x1, 0x282}, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000000)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)

3.350185784s ago: executing program 2 (id=1999):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000a40)={0x15c, 0x10, 0x509, 0x0, 0x0, "", [@generic="6f6d8864d23e3f2ffaa46c88bc", @nested={0x139, 0x145, 0x0, 0x1, [@generic="6f01b2fe248f5a0978ec0ff7e9da0561d72b063919d3fafeed16b9d9b8a0a8a0a016da86cb39aa2b7ebdfeb5038151fb8a80a95a0725576a8b88b0c5e3906622cd21c80e17472f7ad3655a2a61b5ab4751192b712e", @nested={0x4, 0x11e}, @nested={0x7f, 0x40, 0x0, 0x1, [@typed={0x8, 0x81, 0x0, 0x0, @u32=0x4}, @generic="2c613f75cd3390fa2d7b4fa87bc078eb17ce89f845364bd918efedd5c703be28e71aaea0d0959b81ac03d95375059f35cd2b083b0d49f7f0388859ab171bfb42dd9f49e99f39bfd974627326cd35521d6f6d4483b16a24a5106eff625701df8b7939674241d451305833124a592ff815a97522"]}, @generic="f27feee68b0d1418303979c092b514b9edd7fb20d266bf9348882c66e98686b9bfe3e599cde0727e1c0c4faca5aa638cb681f589988e019dc5acc1ffa685e0b4b1fe8e760c22c80fbe6bad7288def788f30e0d76dd8be3ef98e9ef89"]}]}, 0x15c}], 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000140)={'gre0\x00', <r4=>0x0, 0x708, 0x1, 0x6, 0x6, {{0x23, 0x4, 0x0, 0x33, 0x8c, 0x64, 0x0, 0x80, 0x2f, 0x0, @remote, @loopback, {[@ra={0x94, 0x4}, @timestamp_addr={0x44, 0x1c, 0x10, 0x1, 0x9, [{@empty, 0x9}, {@broadcast, 0x4}, {@broadcast, 0x6}]}, @cipso={0x86, 0x44, 0x0, [{0x0, 0x11, "36996d189f22094037cc2e8c220118"}, {0x2, 0x8, "123def03d906"}, {0x7, 0xc, "e8bbd47df69b0a5a8f20"}, {0x4, 0x6, "67aa9ecc"}, {0x2, 0x5, "91a2df"}, {0x1, 0xe, "ef65d7761c2727c382cd8dbc"}]}, @generic={0x86, 0x11, "f2f24bd2e243dfb4e2dd56e14fae6a"}, @noop]}}}}})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = inotify_init()
inotify_add_watch(r8, &(0x7f0000000300)='.\x00', 0x121)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
io_setup(0x2e, &(0x7f0000000200)=<r10=>0x0)
io_submit(r10, 0x1, &(0x7f0000000380)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x4}])
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4}]}}]}, 0x90}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'sit0\x00', <r12=>0x0, 0x7, 0x2f44abd8653b4d75, 0xbdcd, 0x72, {{0x14, 0x4, 0x0, 0x2, 0x50, 0x64, 0x0, 0x3, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x21}, @private=0xa010101, {[@rr={0x7, 0x7, 0x4e, [@local]}, @timestamp={0x44, 0xc, 0x45, 0x0, 0x1, [0xf6ae, 0x3]}, @rr={0x7, 0x27, 0x5a, [@private=0xa010101, @remote, @multicast1, @broadcast, @broadcast, @empty, @private=0xa010100, @rand_addr=0x64010100, @empty]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000380)={'team0\x00', <r13=>0x0})
r14 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r15=>0x0})
sendmsg$nl_route_sched(r14, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x28, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r15, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'batadv0\x00', <r16=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000400)={'team0\x00', <r17=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r18=>0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0], 0x0, 0x5a, &(0x7f0000000500)=[{}], 0x8, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x28, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000780)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80002004}, 0xc, &(0x7f0000000740)={&(0x7f00000008c0)=ANY=[@ANYBLOB="580100005400010028bd7000fedbdf2507000000", @ANYRES32=r4, @ANYBLOB="1f000100", @ANYRES32=r5, @ANYBLOB="01020000ac1414190000000000000000000000000800000020000100", @ANYRES32=r7, @ANYBLOB="01020000ac1414aa00000000000000000000000086dd000020000100", @ANYRES32=r12, @ANYBLOB="01000400fe8000000000000000000000000000bb0000000020000100", @ANYRES32=r13, @ANYBLOB="01020100200100000000000000000000000000000000000020000100", @ANYRES32=r15, @ANYBLOB="01010100e00000020000000000000000000000000400000020000100", @ANYRES32=r16, @ANYBLOB="00020000000000000000000000000000000000008edd000020000100", @ANYRES32=r17, @ANYBLOB="010300002001000000000000000000000000000086dd000020000100", @ANYRES32=0x0, @ANYBLOB="01010400ac14142c0000000000000000000000008edd000020000100", @ANYRES32=r18, @ANYBLOB="01000100fc0200000000000000000000000000000400000020000100", @ANYRES32=0x0, @ANYBLOB="01010300fc0100000000000000000000000000000c000000"], 0x158}, 0x1, 0x0, 0x0, 0x20000000}, 0x880)
r19 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r19, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="2e0f01c3f30f0d33b810018ed8b88f000f00d8baf80c66b85402d78166efbafc0cec660f0feda62e0f01c20fc79c49000f01fc0f01df", 0x36}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000bc0)="66807a002466b9800000c00f326635008000000f30640fc73e0a00f30f1efb66b8007000000f23d80f21f86635400000b00f23f80f35baf80c66b809c5ff8066efbafc0cb0a4ee650ff7de660f38811b6766c7442400f28200006766c7442402460000006766c744240600000000670f011c24", 0x73}], 0x1, 0x0, 0x0, 0x0)

2.545418945s ago: executing program 2 (id=2000):
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000700))
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000300)={0x16, 0x0, 0x20, 0x70bd26, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4008080}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x56, 0xfffe, 0x0, {0x0, 0x1}, {0x80, 0x2}, @const={0x0, {0x1000, 0x0, 0xfffc}}})
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2250)
ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000000100)=""/240)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
unshare(0x2040400)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x275a, 0x0)
fgetxattr(r3, &(0x7f0000000180)=@random={'user.', '+\\{--{o\\,,\x00'}, 0x0, 0x0)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda0000200001000000000280000000000003"], 0x69)
close(r2)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

2.294860083s ago: executing program 2 (id=2001):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
sendfile(r0, r0, &(0x7f0000000040)=0x20000000004, 0x3)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x70, 0xd, 0x6, 0x101, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x70}, 0x1, 0x0, 0x0, 0x4004010}, 0x1)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040ac0562420000000000010902"], 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES32=r1], 0x2b)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x42280, 0x0)
close(r4)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r4, 0x4020aed2, &(0x7f0000000040)={0x399000, 0x399000, 0x8})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r4, 0x4020aed2, &(0x7f0000000080)={0xf000, 0x388000})
sendfile(r2, r1, 0x0, 0x4000000053d2)

999.346673ms ago: executing program 0 (id=2002):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x4}}, './file0\x00'})
mkdirat$cgroup(r0, &(0x7f0000000040)='syz1\x00', 0x1ff)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000080)={'nicvf0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x27, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x100}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x9, 0x6, 0x1, 0xf, 0x80000001}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffff7}}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x9}, @jmp={0x5, 0x0, 0x3, 0x9, 0x0, 0x20, 0xfffffffffffffffc}, @ldst={0x2, 0x0, 0x4, 0x8, 0x6, 0xfffffffffffffff0, 0xfffffffffffffffc}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x400, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000280)={0x200, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0x8, 0x4, 0x9}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000300)=[r0, r0, r0, r0, r0], &(0x7f0000000340)=[{0x4, 0x2, 0xd, 0x1}], 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000000c0)='nilfs2_segment_usage_allocated\x00', r1, 0x0, 0x9}, 0x18)
write$sndseq(r0, &(0x7f0000000480)=[{0xb, 0x6, 0xb4, 0x0, @time={0xff, 0x10000}, {0x3a, 0x8}, {0x8, 0x3}, @raw32={[0x81, 0x6, 0xffffffff]}}, {0x64, 0x9, 0x4, 0x3, @tick=0x6, {0x3, 0x7}, {0x1, 0x9}, @raw8={"0ba64c130f65830e4ff6b39a"}}, {0xfe, 0x1, 0x52, 0xb, @tick=0x4, {0x40}, {0x2, 0x7}, @raw32={[0x200, 0x8, 0x2]}}], 0x54)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000500))
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
r4 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000540)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x48, 0x46d, 0xc218, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xa7, 0x10, 0xd2, [{{0x9, 0x4, 0x0, 0xb, 0x1, 0x3, 0x1, 0x2, 0x9, {0x9, 0x21, 0x40, 0x6, 0x1, {0x22, 0xb63}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x80, 0x72}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x4, 0x3, 0x3}}]}}}]}}]}}, &(0x7f0000000900)={0xa, &(0x7f0000000580)={0xa, 0x6, 0x0, 0xb, 0xf3, 0x3, 0x20, 0x6}, 0x4c, &(0x7f00000005c0)={0x5, 0xf, 0x4c, 0x4, [@wireless={0xb, 0x10, 0x1, 0x8, 0x24, 0x1, 0x8, 0x752, 0x7}, @ssp_cap={0x14, 0x10, 0xa, 0x2, 0x2, 0x68f5, 0xf00, 0x3, [0xc0, 0x3fc0]}, @ss_container_id={0x14, 0x10, 0x4, 0xe7, "09d0083aadeefc135c817f4dbda022a5"}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "229a0e54d3ff4b3b10f29da97f75bfcc"}]}, 0x5, [{0x1c, &(0x7f0000000640)=@string={0x1c, 0x3, "0ff44b10cbcd4b2fb845efba00f038ffb0714762b87383c54c93"}}, {0xd0, &(0x7f0000000680)=@string={0xd0, 0x3, "84a6f4d334571b1ca74892d930dd7de756cb78c52654d1782f48f046dba6efa4e3b8b65e675bea66145744aa997e8858a7a9941b77fc3bb98ce310ed537d236389276e3765097d3f27d27e89159d7634e571c24955baada236a039606eddc7227be5075dd438cddc0f72ea671c5c6387a29bf9387380baee30c9eda01c1fc3e1a04a0759feee43eb2b2333291ba08ad4d72557e3cd8f04292c1f2d950f364c86d0b133fe4c1323cc534b94835424e0ac962ea42a0d222309cd0b8cf6868f1bb2fdaccb14140375afa68e155c30ce"}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0xc04}}, {0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x3001}}, {0xc2, &(0x7f0000000800)=@string={0xc2, 0x3, "200ef481016acc43f53a501dbc5ccb6988787cde677ee332bf4cf900de8aeeeb65e9b5006a4396bdf6a4ddbac8e9a6abd4831743bd99e99882ca390d133dddb88ccfac21eeaa973887824054b87c57785cd882fb6a8b63045a39c1057fc3c61b0e3b2e46ecc9dc2eaf2fc428177ec9cf0163d13dbb337a3fd6b243b79a5f162a27157a21f8270d8b3da2b84f566a954ea73a525d62fe9aca07811110ea0f3641b60d5838d0d36c363d968e5735a9646f806f92f3c1f225fd4c7d71679137a9e4"}}]})
syz_usb_control_io$hid(r4, &(0x7f0000000ac0)={0x24, &(0x7f0000000980)={0x0, 0x21, 0x73, {0x73, 0x23, "c33aaa2b58b2f2487a4255674f57518ff5fb76738e97d9f4f2b3fa47232ef72d0d63cdb8c59882acf00ebd33f3b86885bf20d11604563a84f0b39f7bd105fbee8a33442f8385b8ebe339b871439810cfc2a0095f57f99804989ceea160a8ec099bb0b473149ef7a393dace256b25f99124"}}, &(0x7f0000000a00)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2819}}, &(0x7f0000000a40)={0x0, 0x22, 0x11, {[@local=@item_012={0x1, 0x2, 0xa, 'V'}, @main=@item_012={0x0, 0x0, 0xb}, @main=@item_012={0x0, 0x0, 0xe}, @local=@item_012={0x2, 0x2, 0x3, "fc5a"}, @local=@item_012={0x0, 0x2, 0x5}, @global, @main=@item_4={0x3, 0x0, 0xb, "a77baab2"}, @local=@item_012={0x1, 0x2, 0x4, 'd'}, @main=@item_012={0x0, 0x0, 0xc}]}}, &(0x7f0000000a80)={0x0, 0x21, 0x9, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x749}}}}, &(0x7f0000000d40)={0x2c, &(0x7f0000000b00)={0x20, 0x14, 0xe0, "b2cad6faec892e6ff62e7dc8a2e292cf1a0b05ce42346762bbfcb1c4a6e01a295dbdc78f8edda2ee611b2d825ab286c3d6c758d6ac21897f58524fd9047f678edd51ef2f3e73edad2b8261c7a3918f237dbc13a599d4b0c4b8e9c44586b8ef0a9d2bcbbfac222bf78bd5fffc1ebe33e97490f8fb01e0d0622941926e3324b45cec9e965ad9ba4ff42aae157c4a89d091e42528a00a0f55e3250b78f48f2f4341763ee2e66beb153e5babd261202c5859c62f68cd2d147cebdf858007fbda4b7b8275b712b55b5b3c28c3433aa064457e7084a6ca17a78e3d8cfbbd558649bffa"}, &(0x7f0000000c00)={0x0, 0xa, 0x1, 0x7f}, &(0x7f0000000c40)={0x0, 0x8, 0x1}, &(0x7f0000000c80)={0x20, 0x1, 0x3b, "9359d5f3440b78e8f46cf631bfe339b98a51097c7c218f1ea8ad01b6d4751df196f381e352255a01dc2d6b1356fa183b34898c756135f55a88b948"}, &(0x7f0000000d00)={0x20, 0x3, 0x1, 0xff}})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000d80), 0x2, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r0, 0xc0403d08, &(0x7f0000000dc0))
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e40)={&(0x7f0000000e00)='initcall_level\x00', r0, 0x0, 0x10001}, 0x18)
setsockopt$MRT_DONE(r0, 0x0, 0xc9, 0x0, 0x0)
write$apparmor_exec(r0, &(0x7f0000000e80)={'exec ', 'nicvf0\x00'}, 0xc)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000ec0)={0x4, @vbi={0x800, 0x3, 0x3, 0x3432564e, [0x3fc0000, 0x101], [0x5, 0x100000], 0x139}})
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f0000000fc0)=""/182)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000001880)=<r8=>0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000018c0)={0x2, 0x0, {0xffffffffffffffff}, {<r9=>0x0}, 0x0, 0x8})
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000001a80)=<r10=>0x0)
read$FUSE(r0, &(0x7f0000001ac0)={0x2020, 0x0, 0x0, <r11=>0x0}, 0x2020)
statx(r0, &(0x7f0000003b00)='./file0\x00', 0x1100, 0x400, &(0x7f0000003b40)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
syz_clone3(&(0x7f0000003e40)={0x2022000, &(0x7f0000003c40), &(0x7f0000003c80), &(0x7f0000003cc0)=<r13=>0x0, {0x36}, &(0x7f0000003d00)=""/176, 0xb0, &(0x7f0000003dc0)=""/58, &(0x7f0000003e00)=[0xffffffffffffffff, 0x0, 0x0], 0x3, {r0}}, 0x58)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000003ec0)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in=@private}}, &(0x7f0000003fc0)=0xe8)
newfstatat(0xffffffffffffff9c, &(0x7f0000004000)='./file1\x00', &(0x7f0000004040)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x800)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000040c0)={0x3, 0x8001, {<r16=>0xffffffffffffffff}, {0xee01}, 0x8, 0x30})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000004100)={{0x1, 0x1, 0x18, r6, {0xee01, <r17=>0xffffffffffffffff}}, './file0\x00'})
r18 = getpgid(0xffffffffffffffff)
sendmmsg$unix(r0, &(0x7f0000006c80)=[{{&(0x7f0000001080)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000013c0)=[{&(0x7f0000001100)="c5e17a277cc5bf0d3613c484686c2de74e07a98d5f7b8f1e858825dce185c6d5271002ef8cbbd2a4ca08fc8234532b8ec0caedde672b2f8ba100b10b2006c807e5666b38a2bcbfd6da8224ae6aaab9f4aeae0d", 0x53}, {&(0x7f0000001180)="35a68799b32e900853a9e08fb98bfe384c27a6e24c7af6741a5f5d653b15125250bed2e0c5e4222d21ba555c29646a3774953477145039070eb37d533488fffdb9faba778fb4edd90a27ef31adecebaba40af62f0532ac06ec7f7cb2bd0989d377749b95785be397359c5f54375dacd9f35bcd2029ad3da86d879abc1b839bacb359e81f1fbeab4d4920ce85a8d65d56fd393da56ac7e3c40a9a5be837d13d6115208f8fecbe416299aeb45820cd1192b5de853d9e5e07dcfd6f324b61822356113a8faccad739c4c86a", 0xca}, {&(0x7f0000001280)="e42ec3c10e8e0a2feff48913036122cd5875d57acc194cd7284d1aed2962ca1104463dc2891efad5a54f2b7fb0fb525d9df886f678602c8ca02b8b3ad89d5cb0c3a11fe7273c7b1a9681b5", 0x4b}, {&(0x7f0000001300)="0efbcde2f850875b2f6ec2dc2c6974e717ad6a4a20c5a29114164beb4332cf96866b02d54b0f9577b91d91ea1fd3c48b8898cbdc46d288d8ef1a0dd928c36c63b28d03a642377b51a2e345e5a9a85509cd1e2e401e499972f029c8dab08b77984164bc4a7e37a31748ac0f3371cd6d6c4ab799d50789d8f96dcf85db2411f86cf3ccc2eb44", 0x85}], 0x4, 0x0, 0x0, 0x8000}}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001400)="5259a65f7ecd2bc760c9e53617e614e63c8d83eb440f377a66fa2c4d78f846b3e8821f5292c4f47e5ed264679ffd69251710d61d4150b5e3e4a5aabff0c33dd0002a54eecbd5f0224dabbd739978cdbc7760cbfcd0bfafd49e26d37e45917679d962b7932d8c25b0f40d597288e047e90f3f313d6daf6258fb1b478b896588fd8888b49d1b9058b2a21507bb293ed4f515957aab66a3431f3751b34a173601bf0dbe9421e9189c67873ca31481729856429612ec5a218b1eab162dd1a4fc1c3e8b3bf369dd5e9e1ddab9ff0805ba44e3308190dc1c7a38d54cf6fb6be0d3c1a6cef3bf146c1a2b99e5174225", 0xec}, {&(0x7f0000001500)="d3b6968e02444f8821bd5ee54c002a1adfb76d904fc49e30fc64a3f01c05864f297526d01bfa134586aaf7fe82966c1d71921580dfb96438e5b80f68b4e83513c94f9435783ab1e4b229ab1c853524a63f836e0d0f5be6bb7dc6a9af441bd9fa0e0d613f757e5bc1af63af456c27f2989acd0a15a9810e5e0edb7a2442b190f3f89c3073f223d957fceab9d5c4829a2b2b17d3003fcc77df514c852f4becac33e0", 0xa1}, {&(0x7f00000015c0)="80b6", 0x2}, {&(0x7f0000001600)="ffbd02311df44fd83c525704ca6079e86e62d1644669939eb794b40c8116a43c9313767bb1dd225cf8617d3929d53b229f60788257b2f7ea20848b7bc50dcc61f9072374f01c68af2e5146336d309184c18f28ca01673ec37b1902558c2538bd8305ea06b1d4586daffc6917da336a96fae52251b0b3b71e86f9a40ca0678276e1", 0x81}, {&(0x7f00000016c0)="25d3a57e6993706a8deb3d0e605b83761ad8d0dabc114d24f6011148182adcd52032edad9f561e0e72a781698d4ebd14f128f1692ac83c7c3b259e5880643283d73bc54d67", 0x45}, {&(0x7f0000001740)="43a922227849e65d523cd8d42751f55ab8b988c50908c89d3af844db7abc8205b61757b5ce4f2074c1ecc0433bedf1418f825bc3f6f6441f0e2a7c340ac74dce55a78ab42dbd319ca9ebb0c739084f28c47935170e42e116f6bce36d016f27e199a7c7994aec86ff5bf9c7329b299feae98b2d373ee6ec01e8dfaf8072d422a70b1ebf6f7600c24cb3c5127d44a8fcacd7b050c8d674d9400103264c820f3aec6d288dbff926196c794a2a9b03c2e9c438665215ac28b7c64eccf1435a79", 0xbe}], 0x6, &(0x7f0000001900)=[@cred={{0x1c, 0x1, 0x2, {r8, r9}}}, @rights={{0x18, 0x1, 0x1, [r0, r7]}}], 0x38, 0x40000}}, {{&(0x7f0000001940)=@abs={0x2, 0x0, 0x4e21}, 0x6e, &(0x7f0000001a40)=[{&(0x7f00000019c0)="8e42857dd14eb1d03622881091338492a6e9b5809d74614bbbf0a3b1521fb0099a8724de069b686c62c8dd79bc6d32d8ae1cc022de7554d80e729fbf2d7932e040029e4fd09cadc60d5099be2aa7d91faa94a2dee0361cbc02", 0x59}], 0x1, &(0x7f0000004500)=[@cred={{0x1c, 0x1, 0x2, {r10, r11, r12}}}, @cred={{0x1c, 0x1, 0x2, {r13, r14, r15}}}, @cred={{0x1c, 0x1, 0x2, {r16, 0xffffffffffffffff, r17}}}, @cred={{0x1c, 0x1, 0x2, {r18}}}, @cred={{0x1c}}], 0xa0, 0x840}}, {{&(0x7f00000045c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000004640), 0x0, &(0x7f00000046c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r3]}}], 0x18, 0x20044810}}, {{&(0x7f0000004700)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004c00)=[{&(0x7f0000004780)="2609f0fb93c853f9db859e64b9910d9f18af54d3a6077bfecebd630985e9f0d4ddb409cdae7c4168340a3bd4b0af4ba49f3bc39c72e60dd490b006e00c6ad0b7fb3beb005628cc68c8d11218bc6ccfb55925afbf513f8d0a48e6e20275f34987b4749c0cf122db556197ea2b59cf74026bfd2e8d69986a5f653c2e07202aa7aceaf81d2efc6eecb2cc12b6cbbf63cdf0e8b653d1822968c3e571bc", 0x9b}, {&(0x7f0000004840)="9e04eed47789e632f39bb88fb74d34fd15d624d9dc58808798dbe5a7ace3e3decec8b07b6cb9eaa03443f233e91d3237ad4e392228263797df6a6c49b2ed640aad67c59f1a436ab78565265c9b47b7ac76ab696e02b6cce56e6598a6bffc42a1ddf43c1ea66cbcfca5bfd70e214c0b34fe3e63ce747aba7b596c53ac45284f7ec14ac092c8b8e64c797c71622f58644f49bcccbbadf88b3a51b269c04b3fff017b36d0e3e543359ab38a32a68cd1d1d64228d7c0ac2b42bed0cc7486a1efa6be101dbe72db138afdef9a64b7e4a714", 0xcf}, {&(0x7f0000004940)="241f593bd49de9b3b8882ad9541ff95bedf8fe76db10afe8850445fb88078835d0dcfdad3b3a8fe4a53a3a81bd9585d6e3a5f42d3dba02adda9d4b08fd5602168e61521172c46fdf7669a2cfb06f821edc220bd4467b9a7e027f5ebda66882980721029023833e2032f36aacf16a4f92f02b2e7271ff31f025462751d6c84b3dabb7bcbc72e18550d1039a6dcdea5488d05950a74a97", 0x96}, {&(0x7f0000004a00)="6fdaf8fc3b6db6034ef9af10d751ebc3a0a70d8fdc35543ed936d1a3ba375c415d515475cdb4a2bd9fc47be57b54d6523a8f0a7903caf28610c1efe66a34cd5fcb45957bb5e7915dc852a81abd26f22fea4aaa2341726832c8bb40f495b7ab5213ea5b80b45e28cd1346811a", 0x6c}, {&(0x7f0000004a80)="57c8c069900418134b2eed08b816051dbef45cdb899fc49896b095705ce9e440998be5516658be8471bbdc54d507a357b5b853f7ee8c4adffb9265456dcac44a93bca0c0fb47deb78a2a6d44344d1ad1766194fc9e2571ee1c0baf746db0daffba31867ee74e146c90254ffffe0f360a33e9bf2a0fbe5b384944fcb09bdac31761e21cf32174cd39112240a2ee657d3de08851cf6be3c17961acb2d02fe37269081852bdd6cb031d316f08e350451b441facbeda443c2a6e7766006e6882", 0xbe}, {&(0x7f0000004b40)="f34bb55f22357941d7e22e336be07b32ed8147b7f0af346189c68dd455d0cc731ec7883758a923b004340ea5c07dfe01513655de227fd537a74276bc4e010b58983b3ada42fe1fba95cb2cce93826d20872125b8dac1e4cef826784309c86fde0a335cdc04d6947b7cf4cb0a107317e6255db627a88195441de71f12a5d418dd56a7fab5feaa0951d7a6ef435c6429017763b40430dd02d6e46642e21e01d259a13ae91b9781", 0xa6}], 0x6, &(0x7f0000006300)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}, @rights={{0x28, 0x1, 0x1, [r2, r5, r5, r2, r6, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe8, 0x44984}}, {{0x0, 0x0, &(0x7f0000006500)=[{&(0x7f0000006400)="3e082693a1ad441c889e9cc229f7498bd8b72fd1bb1dbc62b3434a4603acd707bbe7453791ddc9cf052f04f53887aea3776f495aa0751a2ab6d5aabf67028b6aad34e10de7c4275478ac3b4413e799ce7b021220573c302820571acbfa1259c85f74ac93044796eee880445748a0783ce8da38128844f54d67f5c2ff3c931b57b314c6677734c73c6959ea93bc0a72173e2ab2faec4b8b8703548a5d90259a8ea810c3392ad6660c4285ce1dd37c6b2dcb200d8203196e8c2f79de08a17473ff01deab56d2d0c012d4cd678118210c8b22a77f", 0xd3}], 0x1, &(0x7f0000006540)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18, 0x10}}, {{0x0, 0x0, &(0x7f0000006980)=[{&(0x7f0000006580)="560ca9242a873246f2d3ff751ca6f493f0507355460bc838d3781c93fd21497bdba1821f7cd6def6331e39", 0x2b}, {&(0x7f00000065c0)="befcd83a1d691d792955045845e102cc421417f07f985dc7707b166859efebd6c4c07b45cdae54feb9c21a351eb7d386a60dd6f93f53ac180b1a4f69f2611e996c4bbe4d53ecd6ae101d9cc4f7a1086420a8ff48933d6ba9241d5e92d17ab713d0c7f18c817527c998124d9c38387065f9bf9f8e208ab16442307e2c305ec0372a0557264cac74b0c48f5b675b77e70aa373c3c41b40db54ae79bec01f3fc5084bcf6a7470b76e66e4b021c0c13364abac4b71d80d776dfa7d7e7492afefdab2d4f0fbf027bdeffe833467382d887fa1268a10bcd7d89d88f98c91543a6b299de1f5f474b3180ae8ce6d0be6048ea91be2912c8a876b", 0xf6}, {&(0x7f00000066c0)="6806ecd8b2e9726e7a2dafcf89e1e36d2adaa522abc6a9b24cf17374ec06e4ac1ddade85856563c0dad5d5450ea44a56383d5685d47cf060c6fb47332a32f8021645085bcd93b3effda52730f4b3f8ec492376fc940f63b5f4ea5a107de31f39e9d4cb95b2bec4c6d4ec4a8e96ea43b0df04a3ca635881e2d5", 0x79}, {&(0x7f0000006740)="b9fcd56d0f8297f7d9ad8b90b095494e878d3dcfef6460391823e88ca2b2936a60940e7f3f926d87b2b41833c4cadd8f1653341d0dee6b5323875bf73450afccb957e7a3cc8a5ad24a775af9134133d84a0b885131923bf92724a1ee3e4ae583e3c76116c25f1a331ad30a282adf9a1a68fe3716a29c548d65418faa237ac29187", 0x81}, {&(0x7f0000006800)="9a8d196908a717a7120a0a9229df7daf7b47b143aa", 0x15}, {&(0x7f0000006840)}, {&(0x7f0000006880)="31e7abed6e90d2597b5ad1ce89b2ce8e9205bde298e1aefa2633bd348f17e77ff97096d691490b3dcba27b708351166f9c7935fb31d58f619b59efdd2eca9f2747accb92ee1f685d9b238bcd5f8e2e07c42df60d753e4219ad987e01d8dec46ce2eb5d5abec6485e93b5391c425e1bc4a5d6b8b6978745a14eca5f549866aad49dfba098581f5857c158b18f344af0067f400ea5", 0x94}, {&(0x7f0000006940)="890f9017", 0x4}], 0x8, &(0x7f0000006ac0)=[@rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x18, 0x1, 0x1, [r1, r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0x50}}, {{&(0x7f0000006b40)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000006c40)=[{&(0x7f0000006bc0)="9a80336f5220e62e21d5c800e1fafcf7599a6fa5672f8eb66e2a36e9654fd09f29838c9a97045865439c3010cb74bd5e02b0db9edaa62aaf6438c1681484cb5d575c7a6eb1298f38bcc8c58a0861cc3d1a5101a2f3cb11", 0x57}], 0x1, 0x0, 0x0, 0x8030}}], 0x8, 0x1)

808.17369ms ago: executing program 2 (id=2003):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000bc0)=@raw={'raw\x00', 0x8, 0x3, 0x3c0, 0x0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x2f0, 0xffffffff, 0xffffffff, 0x2f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @empty, [0xffffffff, 0xff000000, 0xffffff00, 0xff], [0xff000000, 0x0, 0xffffff00], 'veth0_macvtap\x00', 'ipvlan1\x00', {0xff}, {}, 0x2f, 0xd}, 0x0, 0x1a0, 0x1e0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x5, 0xfffffffe, 0x93402881c9950fca, 0x1, 'syz0\x00'}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x2, 0x200, 0x1, 0x9, 0x2, 0x3ff, 0x7, 0x325]}}}, {{@ipv6={@private0, @remote, [0xffffffff, 0x0, 0xffffffff, 0xffffffff], [0xffffff00, 0x1e0, 0xffffffff, 0xff000000], 'syzkaller0\x00', 'vlan0\x00', {0xff}, {0xff}, 0x3b, 0xd, 0x0, 0x41}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x12, 0xb4e1, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x420)

600.716951ms ago: executing program 2 (id=2004):
unshare(0x400)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1}) (fail_nth: 22)

0s ago: executing program 4 (id=2005):
r0 = socket$nl_route(0x10, 0x3, 0x0)
keyctl$get_keyring_id(0x0, 0x0, 0x2fb)
r1 = syz_usb_connect(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000df2bfd404b0c0001cad7010203010902240001000000000904450002c9cee40009050802ff03000000090582030004"], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)='::,\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae', 0xfeffffff00000000)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r3=>0x0)
connect$can_bcm(r2, &(0x7f0000000280), 0xa)
io_submit(r3, 0x1, &(0x7f00000012c0)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f0000000000ff030f02000000003f420f00000000003bf81b05ff000000", 0x38}])
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000002840)={0x0, @in6={{0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, '\x00', 0x3f}}}, 0x404, 0x5}, 0x90)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYRES16=r3, @ANYRESOCT=r7])
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="01"])
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="64000000020601080000000800000000000000000900020073797a3100000000050004000000000015000300686173683a69702c700872742c6e657400000000140007800800084000000084080006400000000005000500020000000500010006000000cde79e6c29d135598c34df73f1b2c4096076dd2832bbcb64f8cb015e17a814ed0a923f941de9a7e5e56eb10b06f01e112445f9d879b629cb5bc8191689da0d7139e9404eb766520129887118db1c277cb60268dc49d12c77b7"], 0x64}}, 0x0)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd21, 0x0, {0x0, 0x0, 0x0, r10, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4050}, 0x80)
ioctl$sock_inet_SIOCSIFDSTADDR(r9, 0x8918, &(0x7f0000000140)={'netpci0\x00', {0x2, 0x4e22, @loopback}})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000480)={{0x1, 0x1, 0x18, <r11=>r2, {0x101}}, './file0\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
r12 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
syz_open_pts(r11, 0x280104)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vm(r13, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x0, 0x8001, &(0x7f0000000440)=0x8001})
ioctl$SG_IO(r12, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0xff, 0x0, @scatter={0x3d, 0x0, 0x0}, &(0x7f0000001780)="bfab7fe1381962400412a668000000003cb99b22a50a7aedd65982ea7a58cd746371e959a6de694cc8091553ba072affba329d0bb345b5d2085eb17eea8e1654ea468f8a97943ea3c2234df7a164b6732a4b33ecf17ac9816e0479d515789712550a4f7da6acd92ff96ddcc2f0e7040f74610bd2ab1a9537465b90a0cfaa7cffac36f14529f90b96c76f2272f85892331207b0ba5c16ad428b0cf50b949e9c02c76c94165b9a3bc6d60f5e2fe61c212ecd7220853904b18d79fcc4b8ea7b113b90d8305c8c8e1fb861dcffeafe2b2492970c5e7c4b31fc77177c8cb9fa5ffed743d871e06097ca413cde5d4b6386e70e066bf24adbb2b6176a6d5825262a0e", 0x0, 0x0, 0x0, 0xffffffff, 0x0})
r14 = socket(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r14)

kernel console output (not intermixed with test programs):

page read
[  626.595610][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.617062][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.654680][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.743948][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.764415][ T5895] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  626.800359][ T5895] ath9k_htc: Failed to initialize the device
[  626.806131][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.830883][T13733] veth4: entered allmulticast mode
[  626.836769][T13733] veth5: entered allmulticast mode
[  626.860718][ T5898] usb 6-1: ath9k_htc: USB layer deinitialized
[  626.915498][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.949796][T13729] ldm_validate_partition_table(): Disk read failed.
[  626.973121][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.988937][T13729] Buffer I/O error on dev loop6, logical block 0, async page read
[  626.997616][T13729] Dev loop6: unable to read RDB block 0
[  627.003554][T13729]  loop6: unable to read partition table
[  627.036880][T13729] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  627.168640][ T5211] ldm_validate_partition_table(): Disk read failed.
[  627.199898][ T5211] Dev loop6: unable to read RDB block 0
[  627.212892][ T5211]  loop6: unable to read partition table
[  627.598444][   T30] audit: type=1326 audit(1745356934.143:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13774 comm="syz.2.1697" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ffeb8e169 code=0x0
[  627.714368][ T5895] usb 7-1: new high-speed USB device number 100 using dummy_hcd
[  627.895494][ T5898] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  628.024630][ T5895] usb 7-1: Using ep0 maxpacket: 8
[  628.058339][ T5898] usb 1-1: config 0 has no interfaces?
[  628.068604][ T5898] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  628.077840][ T5898] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  628.084388][ T5895] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  628.107859][ T5895] usb 7-1: config 16 interface 0 has no altsetting 0
[  628.121781][ T5895] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  628.151424][ T5898] usb 1-1: Product: syz
[  628.167425][ T5898] usb 1-1: Manufacturer: syz
[  628.186733][ T5898] usb 1-1: SerialNumber: syz
[  628.218145][ T5895] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.276484][ T5898] usb 1-1: config 0 descriptor??
[  630.480019][ T5897] usb 1-1: USB disconnect, device number 9
[  630.932749][ T5897] usb 7-1: USB disconnect, device number 100
[  631.012490][T13800] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1704'.
[  631.444459][ T3078] usb 1-1: new low-speed USB device number 10 using dummy_hcd
[  631.617267][ T3078] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  631.634519][ T5898] usb 7-1: new high-speed USB device number 101 using dummy_hcd
[  631.642379][ T3078] usb 1-1: config 0 has no interface number 0
[  631.655654][ T3078] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  631.673131][ T3078] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  631.687327][ T3078] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  631.710064][ T3078] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.726816][ T3078] usb 1-1: config 0 descriptor??
[  631.746106][T13807] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  631.766168][ T3078] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  631.790643][ T5898] usb 7-1: config 0 has no interfaces?
[  631.813455][ T5898] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  631.833032][ T5898] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.867785][ T5898] usb 7-1: Product: syz
[  631.881327][ T5898] usb 7-1: Manufacturer: syz
[  631.908975][ T5898] usb 7-1: SerialNumber: syz
[  631.925431][ T5898] usb 7-1: config 0 descriptor??
[  631.984985][T13807] input: syz0 as /devices/virtual/input/input41
[  632.009828][T13807] input: failed to attach handler leds to device input41, error: -6
[  632.133232][T13828] ip6t_srh: unknown srh match flags  B153
[  632.671127][T13838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.682942][T13838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  633.484374][ T5897] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  633.638755][ T5897] usb 5-1: config 0 has no interfaces?
[  633.648700][ T5897] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  633.660784][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  633.673389][ T5897] usb 5-1: Product: syz
[  633.683165][ T5897] usb 5-1: Manufacturer: syz
[  633.730275][ T5897] usb 5-1: config 0 descriptor??
[  634.008732][T13841] FAULT_INJECTION: forcing a failure.
[  634.008732][T13841] name failslab, interval 1, probability 0, space 0, times 0
[  634.044452][T13841] CPU: 0 UID: 0 PID: 13841 Comm: syz.4.1714 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  634.044486][T13841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  634.044499][T13841] Call Trace:
[  634.044508][T13841]  <TASK>
[  634.044518][T13841]  dump_stack_lvl+0x241/0x360
[  634.044557][T13841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  634.044589][T13841]  ? __pfx__printk+0x10/0x10
[  634.044624][T13841]  ? __pfx___might_resched+0x10/0x10
[  634.044652][T13841]  should_fail_ex+0x424/0x570
[  634.044690][T13841]  should_failslab+0xac/0x100
[  634.044709][T13841]  __kmalloc_cache_noprof+0x73/0x370
[  634.044725][T13841]  ? tcf_block_get_ext+0x656/0x1670
[  634.044755][T13841]  tcf_block_get_ext+0x656/0x1670
[  634.044786][T13841]  ? fq_codel_change+0xb5c/0xff0
[  634.044824][T13841]  tcf_block_get+0xfa/0x150
[  634.044851][T13841]  ? __pfx_tcf_block_get+0x10/0x10
[  634.044874][T13841]  ? __pfx_tcf_chain_head_change_dflt+0x10/0x10
[  634.044900][T13841]  ? __raw_spin_lock_init+0x45/0x100
[  634.044922][T13841]  fq_codel_init+0x3ba/0x980
[  634.044955][T13841]  ? __pfx_fq_codel_init+0x10/0x10
[  634.044982][T13841]  qdisc_create+0x70b/0xdf0
[  634.045014][T13841]  tc_modify_qdisc+0x156d/0x2610
[  634.045054][T13841]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  634.045074][T13841]  ? trace_contention_end+0x3c/0x120
[  634.045096][T13841]  ? __mutex_lock+0x380/0x10c0
[  634.045119][T13841]  ? aa_get_newest_label+0x101/0x6f0
[  634.045180][T13841]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  634.045205][T13841]  rtnetlink_rcv_msg+0x7c2/0xd70
[  634.045231][T13841]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  634.045263][T13841]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  634.045287][T13841]  ? __lock_acquire+0xad5/0xd80
[  634.045326][T13841]  netlink_rcv_skb+0x208/0x480
[  634.045365][T13841]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  634.045395][T13841]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  634.045440][T13841]  ? netlink_deliver_tap+0x2e/0x1b0
[  634.045468][T13841]  ? netlink_deliver_tap+0x2e/0x1b0
[  634.045492][T13841]  netlink_unicast+0x7f8/0x9a0
[  634.045515][T13841]  ? __pfx_netlink_unicast+0x10/0x10
[  634.045542][T13841]  ? skb_put+0x114/0x1f0
[  634.045579][T13841]  netlink_sendmsg+0x8c3/0xcd0
[  634.045620][T13841]  ? __pfx_netlink_sendmsg+0x10/0x10
[  634.045651][T13841]  ? aa_sock_msg_perm+0x91/0x160
[  634.045680][T13841]  ? __pfx_netlink_sendmsg+0x10/0x10
[  634.045698][T13841]  __sock_sendmsg+0x221/0x270
[  634.045723][T13841]  ____sys_sendmsg+0x523/0x860
[  634.045767][T13841]  ? __pfx_____sys_sendmsg+0x10/0x10
[  634.045799][T13841]  ? __fget_files+0x2a/0x420
[  634.045822][T13841]  ? __fget_files+0x2a/0x420
[  634.045854][T13841]  __sys_sendmsg+0x271/0x360
[  634.045882][T13841]  ? __pfx___sys_sendmsg+0x10/0x10
[  634.045968][T13841]  ? do_syscall_64+0xb6/0x210
[  634.045995][T13841]  do_syscall_64+0xf3/0x210
[  634.046017][T13841]  ? clear_bhb_loop+0x45/0xa0
[  634.046043][T13841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.046058][T13841] RIP: 0033:0x7fa54578e169
[  634.046073][T13841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  634.046087][T13841] RSP: 002b:00007fa546565038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  634.046111][T13841] RAX: ffffffffffffffda RBX: 00007fa5459b5fa0 RCX: 00007fa54578e169
[  634.046128][T13841] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 000000000000000e
[  634.046143][T13841] RBP: 00007fa546565090 R08: 0000000000000000 R09: 0000000000000000
[  634.046156][T13841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  634.046170][T13841] R13: 0000000000000000 R14: 00007fa5459b5fa0 R15: 00007fa545adfa28
[  634.046202][T13841]  </TASK>
[  634.408304][    C0] vkms_vblank_simulate: vblank timer overrun
[  634.714863][ T5895] usb 1-1: USB disconnect, device number 10
[  634.779113][ T3078] usb 5-1: USB disconnect, device number 10
[  634.839053][ T5898] usb 7-1: USB disconnect, device number 101
[  635.794425][ T5898] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  635.956681][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  636.123806][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  636.193135][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  636.246912][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  636.293743][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  636.324409][ T3078] usb 6-1: new high-speed USB device number 122 using dummy_hcd
[  636.341872][ T5898] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  636.372728][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.414904][ T5898] usb 5-1: Product: syz
[  636.419134][ T5898] usb 5-1: Manufacturer: syz
[  636.423833][ T5898] usb 5-1: SerialNumber: syz
[  636.458229][ T5898] usb 5-1: config 0 descriptor??
[  636.488663][ T5898] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input42
[  636.514626][ T3078] usb 6-1: Using ep0 maxpacket: 8
[  636.530569][ T3078] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  636.584184][ T3078] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  636.609584][ T3078] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  636.652991][ T3078] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  636.688511][ T3078] usb 6-1: config 0 descriptor??
[  636.914492][ T5898] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  636.961738][ T5838] usb 5-1: USB disconnect, device number 11
[  637.087893][ T3078] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  637.132570][ T5898] usb 1-1: Using ep0 maxpacket: 16
[  637.189956][ T5898] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  637.202946][ T5898] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  637.276933][T13902] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1729'.
[  637.288865][T13902] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1729'.
[  637.302662][ T3078] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  637.319568][ T3078] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  637.406011][ T5898] usb 1-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  637.414354][ T3078] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  637.429397][ T3078] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  637.438570][ T3078] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.463920][ T3078] usb 3-1: config 0 descriptor??
[  637.464135][ T5898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.484382][ T5838] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  637.557483][ T5898] usb 1-1: config 0 descriptor??
[  637.712652][ T5838] usb 5-1: config 0 has no interfaces?
[  637.724698][ T5838] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  637.738500][ T5838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  637.771778][ T5838] usb 5-1: Product: syz
[  637.785176][ T5838] usb 5-1: Manufacturer: syz
[  637.798453][ T5838] usb 5-1: SerialNumber: syz
[  637.831155][ T5838] usb 5-1: config 0 descriptor??
[  637.922365][ T3078] plantronics 0003:047F:FFFF.001C: No inputs registered, leaving
[  638.021994][ T3078] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  638.165349][T13900] netlink: 'syz.4.1730': attribute type 8 has an invalid length.
[  638.433274][ T3078] usb 3-1: USB disconnect, device number 5
[  639.133779][ T5897] usb 6-1: USB disconnect, device number 122
[  639.335743][T13916] FAULT_INJECTION: forcing a failure.
[  639.335743][T13916] name failslab, interval 1, probability 0, space 0, times 0
[  639.381414][T13916] CPU: 0 UID: 0 PID: 13916 Comm: syz.6.1732 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  639.381446][T13916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  639.381460][T13916] Call Trace:
[  639.381469][T13916]  <TASK>
[  639.381479][T13916]  dump_stack_lvl+0x241/0x360
[  639.381518][T13916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  639.381550][T13916]  ? __pfx__printk+0x10/0x10
[  639.381585][T13916]  ? __pfx___might_resched+0x10/0x10
[  639.381611][T13916]  should_fail_ex+0x424/0x570
[  639.381648][T13916]  should_failslab+0xac/0x100
[  639.381673][T13916]  kmem_cache_alloc_noprof+0x78/0x390
[  639.381695][T13916]  ? __pmd_alloc+0x118/0x440
[  639.381723][T13916]  __pmd_alloc+0x118/0x440
[  639.381749][T13916]  ? __pfx___pmd_alloc+0x10/0x10
[  639.381785][T13916]  handle_mm_fault+0xf7a/0x1bf0
[  639.381807][T13916]  ? mt_find+0x28a/0x8f0
[  639.381857][T13916]  ? __pfx_handle_mm_fault+0x10/0x10
[  639.381923][T13916]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  639.381950][T13916]  exc_page_fault+0x2bb/0x920
[  639.381980][T13916]  asm_exc_page_fault+0x26/0x30
[  639.382001][T13916] RIP: 0010:rep_movs_alternative+0x33/0x90
[  639.382031][T13916] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  639.382051][T13916] RSP: 0018:ffffc90004f1fd48 EFLAGS: 00050212
[  639.382072][T13916] RAX: 0000000000000000 RBX: 00002000000004d0 RCX: 0000000000000010
[  639.382087][T13916] RDX: 0000000000000000 RSI: ffffc90004f1fdc0 RDI: 00002000000004c0
[  639.382101][T13916] RBP: ffffc90004f1fe30 R08: ffffc90004f1fdcf R09: 1ffff920009e3fb9
[  639.382117][T13916] R10: dffffc0000000000 R11: fffff520009e3fba R12: 0000000000000010
[  639.382134][T13916] R13: 00007ffffffff000 R14: ffffc90004f1fdc0 R15: 00002000000004c0
[  639.382169][T13916]  _copy_to_user+0x8b/0xb0
[  639.382200][T13916]  put_timespec64+0xfc/0x160
[  639.382233][T13916]  ? __pfx_put_timespec64+0x10/0x10
[  639.382273][T13916]  __x64_sys_clock_getres+0x20b/0x280
[  639.382308][T13916]  ? __pfx___x64_sys_clock_getres+0x10/0x10
[  639.382345][T13916]  ? do_syscall_64+0xb6/0x210
[  639.382371][T13916]  do_syscall_64+0xf3/0x210
[  639.382394][T13916]  ? clear_bhb_loop+0x45/0xa0
[  639.382420][T13916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.382441][T13916] RIP: 0033:0x7fddc778e169
[  639.382459][T13916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.382477][T13916] RSP: 002b:00007fddc55f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e5
[  639.382511][T13916] RAX: ffffffffffffffda RBX: 00007fddc79b5fa0 RCX: 00007fddc778e169
[  639.382521][T13916] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  639.382531][T13916] RBP: 00007fddc55f6090 R08: 0000000000000000 R09: 0000000000000000
[  639.382540][T13916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  639.382549][T13916] R13: 0000000000000001 R14: 00007fddc79b5fa0 R15: 00007fddc7adfa28
[  639.382571][T13916]  </TASK>
[  639.847250][    T9] usb 1-1: USB disconnect, device number 11
[  639.984339][ T3078] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  640.294462][ T3078] usb 3-1: Using ep0 maxpacket: 8
[  640.392764][ T3078] usb 3-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  640.486988][ T3078] usb 3-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0xEC, changing to 0x8C
[  640.527333][ T3078] usb 3-1: config 6 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[  640.575958][ T3078] usb 3-1: config 6 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 0
[  640.620330][ T3078] usb 3-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  640.629824][ T3078] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.642633][ T3078] usb 3-1: Product: syz
[  640.647259][ T3078] usb 3-1: Manufacturer: syz
[  640.657023][ T3078] usb 3-1: SerialNumber: syz
[  640.695676][ T3078] hso 3-1:6.0: Can't find BULK OUT endpoint
[  641.339852][    T9] usb 5-1: USB disconnect, device number 12
[  642.491287][T13946] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  642.715173][T13952] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1741'.
[  642.725621][T13952] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1741'.
[  642.734561][ T5838] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  642.845013][ T5897] usb 3-1: USB disconnect, device number 6
[  642.908607][ T5838] usb 1-1: config 0 has an invalid interface number: 3 but max is 0
[  642.917433][ T5838] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  642.948565][ T5838] usb 1-1: config 0 has no interface number 0
[  642.966304][ T5838] usb 1-1: config 0 interface 3 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 20
[  643.052939][ T5838] usb 1-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  643.084374][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  643.112869][ T5838] usb 1-1: Product: syz
[  643.132683][ T5838] usb 1-1: Manufacturer: syz
[  643.149644][ T5838] usb 1-1: SerialNumber: syz
[  643.189907][ T5838] usb 1-1: config 0 descriptor??
[  643.216023][ T5838] gspca_main: conex-2.14.0 probing 0572:0041
[  643.494605][ T5897] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  643.632718][ T5838] usb 1-1: USB disconnect, device number 12
[  643.659896][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  643.708584][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  643.729501][ T5897] usb 5-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00
[  643.741550][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  643.784484][ T5897] usb 5-1: config 0 descriptor??
[  643.884543][    T9] usb 7-1: new high-speed USB device number 102 using dummy_hcd
[  643.973784][T13971] ptrace attach of "./syz-executor exec"[5858] was attempted by "./syz-executor exec"[13971]
[  644.050954][    T9] usb 7-1: Using ep0 maxpacket: 8
[  644.081567][    T9] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 13
[  644.104162][    T9] usb 7-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  644.136251][    T9] usb 7-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  644.162124][    T9] usb 7-1: Product: syz
[  644.166885][    T9] usb 7-1: Manufacturer: syz
[  644.172089][    T9] usb 7-1: SerialNumber: syz
[  644.188253][    T9] usb 7-1: config 0 descriptor??
[  644.207231][    T9] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  644.216284][ T5897] aquacomputer_d5next 0003:0C70:F00D.001D: unknown main item tag 0x0
[  644.225266][ T5897] aquacomputer_d5next 0003:0C70:F00D.001D: unknown main item tag 0x0
[  644.233514][ T5897] aquacomputer_d5next 0003:0C70:F00D.001D: unknown main item tag 0x0
[  644.242355][ T5897] aquacomputer_d5next 0003:0C70:F00D.001D: unknown main item tag 0x0
[  644.314083][ T5897] aquacomputer_d5next 0003:0C70:F00D.001D: unknown main item tag 0x0
[  644.426092][ T5897] aquacomputer_d5next 0003:0C70:F00D.001D: hidraw0: USB HID v0.00 Device [HID 0c70:f00d] on usb-dummy_hcd.4-1/input0
[  644.594408][ T5838] usb 1-1: new low-speed USB device number 13 using dummy_hcd
[  645.085940][    T9] gspca_zc3xx: reg_w_i err -71
[  645.317568][ T5838] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  645.350294][ T5838] usb 1-1: config 0 has no interface number 0
[  645.384500][ T5838] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  645.408327][ T5838] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  645.439223][ T5838] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  645.472917][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.553189][ T5838] usb 1-1: config 0 descriptor??
[  645.569531][T13981] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  645.602359][ T5838] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  645.714408][    T9] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  645.720909][    T9] gspca_zc3xx 7-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  645.729986][ T5897] usb 5-1: reset high-speed USB device number 13 using dummy_hcd
[  645.898926][    T9] usb 7-1: USB disconnect, device number 102
[  646.235683][    T9] usb 7-1: new high-speed USB device number 103 using dummy_hcd
[  646.464636][    T9] usb 7-1: Using ep0 maxpacket: 8
[  646.474545][T13989] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1750'.
[  646.487283][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  646.498146][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  646.542400][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  646.577697][    T9] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  646.602173][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  646.660012][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  646.721489][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.773692][    T9] usb 7-1: config 0 descriptor??
[  646.794333][ T5899] usb 6-1: new full-speed USB device number 123 using dummy_hcd
[  646.817846][    T9] usb 7-1: can't set config #0, error -71
[  646.847530][    T9] usb 7-1: USB disconnect, device number 103
[  646.948762][ T5899] usb 6-1: New USB device found, idVendor=14f7, idProduct=0500, bcdDevice=44.85
[  646.958449][ T5899] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.991099][ T5899] usb 6-1: Product: syz
[  647.002326][ T5899] usb 6-1: Manufacturer: syz
[  647.081471][ T5899] usb 6-1: SerialNumber: syz
[  647.132316][ T5899] usb 6-1: config 0 descriptor??
[  647.162011][ T1208] usb 1-1: USB disconnect, device number 13
[  647.199473][ T5899] usb 6-1: selecting invalid altsetting 1
[  647.212780][ T5899] technisat-usb2: could not set alternate setting to 0
[  647.362368][ T5899] technisat-usb2: firmware version: 0.0
[  647.382760][ T5899] dvb-usb: found a 'Technisat SkyStar USB HD (DVB-S/S2)' in warm state.
[  647.467348][ T5898] usb 5-1: USB disconnect, device number 13
[  647.489259][T13995] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1752'.
[  647.515434][T13995] team1 (uninitialized): Failed to send options change via netlink (err -105)
[  647.577332][ T5899] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  647.630712][ T5899] dvb-usb: Technisat SkyStar USB HD (DVB-S/S2) error while loading driver (-19)
[  647.682046][ T5899] usb 6-1: USB disconnect, device number 123
[  647.776428][T13995] 8021q: adding VLAN 0 to HW filter on device team1
[  647.924487][ T5898] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  647.986933][T14007] xt_recent: Unsupported userspace flags (000000ca)
[  648.104547][ T5898] usb 5-1: Using ep0 maxpacket: 8
[  648.114590][ T5898] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  648.124138][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.218233][ T5898] usb 5-1: Product: syz
[  648.222556][ T5898] usb 5-1: Manufacturer: syz
[  648.248318][ T5898] usb 5-1: SerialNumber: syz
[  648.259080][T14017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1756'.
[  648.272448][ T5898] usb 5-1: config 0 descriptor??
[  648.293083][ T5898] radio-usb-si4713 5-1:0.0: Si4713 development board discovered: (10C4:8244)
[  648.378672][ T5838] usb 7-1: new high-speed USB device number 104 using dummy_hcd
[  648.549858][ T5838] usb 7-1: config 0 has an invalid interface number: 48 but max is 0
[  648.558374][ T5838] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  648.890175][T14000] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  649.100353][ T5838] usb 7-1: config 0 has no interface number 0
[  649.141132][ T5838] usb 7-1: too many endpoints for config 0 interface 48 altsetting 120: 48, using maximum allowed: 30
[  649.163312][ T5838] usb 7-1: config 0 interface 48 altsetting 120 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  649.190683][ T5838] usb 7-1: config 0 interface 48 has no altsetting 0
[  649.197813][ T5838] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  649.207162][ T5838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.228933][ T5838] usb 7-1: config 0 descriptor??
[  649.447659][ T5898] radio-usb-si4713 5-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  649.474946][ T5898] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  649.483837][ T5838] usb 7-1: string descriptor 0 read error: -71
[  649.495078][ T5898] usb 5-1: USB disconnect, device number 14
[  649.514952][ T5838] usb 7-1: USB disconnect, device number 104
[  649.687055][T14024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1761'.
[  650.043636][ T5838] usb 7-1: new high-speed USB device number 105 using dummy_hcd
[  650.261137][ T5838] usb 7-1: config 0 has an invalid interface number: 48 but max is 0
[  650.283746][ T5838] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  650.360815][ T5838] usb 7-1: config 0 has no interface number 0
[  650.376897][ T5838] usb 7-1: too many endpoints for config 0 interface 48 altsetting 120: 48, using maximum allowed: 30
[  650.400628][ T5838] usb 7-1: config 0 interface 48 altsetting 120 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  650.434310][ T5838] usb 7-1: config 0 interface 48 has no altsetting 0
[  650.441196][ T5838] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  650.454156][ T5838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  650.505395][ T5838] usb 7-1: config 0 descriptor??
[  650.690090][ T5850] Bluetooth: hci0: unexpected event 0x31 length: 3 < 6
[  650.802840][ T5838] usb 7-1: string descriptor 0 read error: -32
[  651.114402][ T5898] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  651.284330][ T5898] usb 1-1: Using ep0 maxpacket: 8
[  651.291853][ T5898] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  651.300375][ T5898] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  651.322449][ T5898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  651.359561][ T5898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  651.388443][ T5898] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  651.431193][ T5898] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  651.461997][ T5898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.708734][T14042] netlink: 'syz.0.1767': attribute type 1 has an invalid length.
[  651.716771][T14042] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1767'.
[  651.728100][ T5898] usb 1-1: GET_CAPABILITIES returned 0
[  651.733732][ T5898] usbtmc 1-1:16.0: can't read capabilities
[  651.962257][ T5898] usb 7-1: USB disconnect, device number 105
[  651.970699][   T30] audit: type=1326 audit(1745356958.573:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.001100][   T30] audit: type=1326 audit(1745356958.603:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.026980][   T30] audit: type=1326 audit(1745356958.633:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.084307][   T30] audit: type=1326 audit(1745356958.633:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.108846][   T30] audit: type=1326 audit(1745356958.633:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.192029][   T30] audit: type=1326 audit(1745356958.653:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.211730][ T5898] usb 1-1: USB disconnect, device number 14
[  652.245282][T14055] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  652.273984][T14055] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  652.286063][   T30] audit: type=1326 audit(1745356958.653:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.350625][   T30] audit: type=1326 audit(1745356958.653:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.403271][   T30] audit: type=1326 audit(1745356958.653:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.404391][T14060] FAULT_INJECTION: forcing a failure.
[  652.404391][T14060] name failslab, interval 1, probability 0, space 0, times 0
[  652.441364][   T30] audit: type=1326 audit(1745356958.753:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  652.530094][T14060] CPU: 0 UID: 0 PID: 14060 Comm: syz.5.1771 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  652.530129][T14060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  652.530143][T14060] Call Trace:
[  652.530153][T14060]  <TASK>
[  652.530162][T14060]  dump_stack_lvl+0x241/0x360
[  652.530202][T14060]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.530234][T14060]  ? __pfx__printk+0x10/0x10
[  652.530269][T14060]  ? __pfx___might_resched+0x10/0x10
[  652.530295][T14060]  should_fail_ex+0x424/0x570
[  652.530332][T14060]  should_failslab+0xac/0x100
[  652.530357][T14060]  __kmalloc_noprof+0xdf/0x4d0
[  652.530379][T14060]  ? _iommufd_object_alloc+0x24/0x1a0
[  652.530408][T14060]  _iommufd_object_alloc+0x24/0x1a0
[  652.530435][T14060]  iommufd_test+0x68f/0x56a0
[  652.530482][T14060]  ? __pfx_iommufd_test+0x10/0x10
[  652.530549][T14060]  ? __lock_acquire+0xad5/0xd80
[  652.530614][T14060]  iommufd_fops_ioctl+0x4fc/0x610
[  652.530645][T14060]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  652.530695][T14060]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  652.530724][T14060]  __se_sys_ioctl+0xf1/0x160
[  652.530755][T14060]  do_syscall_64+0xf3/0x210
[  652.530780][T14060]  ? clear_bhb_loop+0x45/0xa0
[  652.530806][T14060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.530827][T14060] RIP: 0033:0x7f1c8318e169
[  652.530853][T14060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.530872][T14060] RSP: 002b:00007f1c840bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  652.530896][T14060] RAX: ffffffffffffffda RBX: 00007f1c833b5fa0 RCX: 00007f1c8318e169
[  652.530912][T14060] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  652.530926][T14060] RBP: 00007f1c840bc090 R08: 0000000000000000 R09: 0000000000000000
[  652.530939][T14060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  652.530952][T14060] R13: 0000000000000000 R14: 00007f1c833b5fa0 R15: 00007f1c834dfa28
[  652.530984][T14060]  </TASK>
[  653.225914][ T3078] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  653.348876][T14071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1774'.
[  653.371302][T14073] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1776'.
[  653.414788][ T3078] usb 1-1: config 0 has no interfaces?
[  653.430985][ T3078] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  653.457058][ T3078] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  653.494418][T13203] usb 7-1: new low-speed USB device number 106 using dummy_hcd
[  653.511808][ T3078] usb 1-1: Product: syz
[  653.520686][ T3078] usb 1-1: Manufacturer: syz
[  653.555717][ T3078] usb 1-1: config 0 descriptor??
[  653.656508][T13203] usb 7-1: Invalid ep0 maxpacket: 16
[  653.814449][T13203] usb 7-1: new low-speed USB device number 107 using dummy_hcd
[  653.884911][ T5898] usb 1-1: USB disconnect, device number 15
[  654.014458][T13203] usb 7-1: Invalid ep0 maxpacket: 16
[  654.022630][T13203] usb usb7-port1: attempt power cycle
[  654.094472][ T3078] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  654.254646][ T3078] usb 3-1: Using ep0 maxpacket: 32
[  654.272565][ T3078] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  654.306218][ T3078] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  654.368529][ T3078] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  654.388265][ T3078] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  654.408626][T13203] usb 7-1: new low-speed USB device number 108 using dummy_hcd
[  654.464904][ T3078] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  654.479619][ T3078] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  654.493381][T13203] usb 7-1: Invalid ep0 maxpacket: 16
[  654.505489][ T3078] usb 3-1: New USB device found, idVendor=04e7, idProduct=6651, bcdDevice=ba.8a
[  654.524048][ T3078] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.542540][ T3078] usb 3-1: Product: syz
[  654.554872][ T3078] usb 3-1: Manufacturer: syz
[  654.559540][ T3078] usb 3-1: SerialNumber: syz
[  654.595742][ T3078] usb 3-1: config 0 descriptor??
[  654.607204][ T3078] usb 3-1: bad CDC descriptors
[  654.612761][ T3078] cdc_acm 3-1:0.0: Zero length descriptor references
[  654.634881][T13203] usb 7-1: new low-speed USB device number 109 using dummy_hcd
[  654.654388][ T3078] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22
[  654.675008][T13203] usb 7-1: Invalid ep0 maxpacket: 16
[  654.680857][T13203] usb usb7-port1: unable to enumerate USB device
[  654.784567][ T5898] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  654.958066][ T5898] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  654.976817][ T5899] usb 3-1: USB disconnect, device number 7
[  655.002314][ T5898] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  655.025992][ T5898] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  655.061071][ T5898] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  655.080752][ T5898] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  655.102318][ T5898] usb 1-1: Product: syz
[  655.120331][ T5898] usb 1-1: Manufacturer: syz
[  655.131526][ T5898] usb 1-1: SerialNumber: syz
[  655.165830][ T5898] usb 1-1: config 0 descriptor??
[  655.172759][T14086] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  655.202378][T14086] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  655.304977][ T5898] usb 1-1: ucan: probing device on interface #0
[  655.636386][T14101] program syz.4.1783 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  655.841025][ T5898] usb 1-1: ucan: could not read protocol version, ret=-71
[  655.901021][ T5898] usb 1-1: ucan: probe failed; try to update the device firmware
[  655.990621][ T5898] usb 1-1: USB disconnect, device number 16
[  656.174389][ T5899] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  656.357379][ T5899] usb 3-1: Using ep0 maxpacket: 16
[  656.401311][ T5899] usb 3-1: too many configurations: 37, using maximum allowed: 8
[  656.415674][ T5899] usb 3-1: unable to read config index 0 descriptor/start: -61
[  656.423809][ T5899] usb 3-1: can't read configurations, error -61
[  656.556416][T14113] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1787'.
[  656.694738][ T5899] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  656.934585][ T5899] usb 3-1: Using ep0 maxpacket: 16
[  656.948302][ T5899] usb 3-1: too many configurations: 37, using maximum allowed: 8
[  656.959534][ T5899] usb 3-1: unable to read config index 0 descriptor/start: -61
[  656.974575][ T5898] usb 7-1: new low-speed USB device number 110 using dummy_hcd
[  657.005694][ T5899] usb 3-1: can't read configurations, error -61
[  657.027662][ T5899] usb usb3-port1: attempt power cycle
[  657.150389][ T5898] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  657.165814][ T5898] usb 7-1: config 0 has no interface number 0
[  657.172468][ T5898] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  657.185522][ T5898] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  657.204346][ T5898] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  657.213989][ T5898] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  657.234777][ T5898] usb 7-1: config 0 descriptor??
[  657.245758][T14116] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  657.257841][ T5898] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  657.435168][ T5899] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  657.557163][T13203] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  657.643299][ T5899] usb 3-1: Using ep0 maxpacket: 16
[  657.742762][ T5899] usb 3-1: too many configurations: 37, using maximum allowed: 8
[  657.794437][ T5898] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[  657.811541][ T5899] usb 3-1: unable to read config index 0 descriptor/start: -61
[  657.822536][ T5899] usb 3-1: can't read configurations, error -61
[  657.829638][T13203] usb 1-1: Using ep0 maxpacket: 8
[  657.845566][T13203] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  657.859952][T13203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.868874][T13203] usb 1-1: Product: syz
[  657.946135][T13203] usb 1-1: Manufacturer: syz
[  657.974887][ T5898] usb 6-1: Using ep0 maxpacket: 16
[  658.024403][ T5899] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  658.030826][T13203] usb 1-1: SerialNumber: syz
[  658.065812][ T5899] usb 3-1: Using ep0 maxpacket: 16
[  658.067898][T13203] usb 1-1: config 0 descriptor??
[  658.091460][ T5899] usb 3-1: too many configurations: 37, using maximum allowed: 8
[  658.282393][ T5899] usb 3-1: unable to read config index 0 descriptor/start: -61
[  658.324141][T13203] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  658.353201][ T5899] usb 3-1: can't read configurations, error -61
[  658.370825][ T5899] usb usb3-port1: unable to enumerate USB device
[  658.704458][ T3078] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  658.909386][T14136] fuse: Unknown parameter '0xffffffffffffffff0177777777777777777777700000000000000000000'
[  659.031864][T14138] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1793'.
[  659.202415][ T3078] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  659.213731][ T3078] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  659.315560][ T3078] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 13155, setting to 64
[  659.785470][ T5895] usb 7-1: USB disconnect, device number 110
[  659.839332][ T3078] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  659.927184][ T3078] usb 5-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  659.936727][ T3078] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.948817][ T3078] usb 5-1: Product: syz
[  659.974330][ T3078] usb 5-1: Manufacturer: syz
[  660.005749][ T3078] usb 5-1: SerialNumber: syz
[  660.028512][ T3078] usb 5-1: config 0 descriptor??
[  660.051244][T14131] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[  660.284401][ T3078] rc_core: IR keymap rc-imon-rsc not found
[  660.297346][T14131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.307894][T14131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.322348][ T3078] Registered IR keymap rc-empty
[  660.367143][ T3078] rc rc0: iMON Station as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  660.413046][ T3078] input: iMON Station as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input43
[  660.491720][ T3078] usb 5-1: USB disconnect, device number 15
[  660.824673][T13203] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  660.995866][ T5898] usb 6-1: unable to get BOS descriptor or descriptor too short
[  661.019138][ T5898] usb 6-1: unable to read config index 0 descriptor/start: -71
[  661.069746][ T5898] usb 6-1: can't read configurations, error -71
[  661.257791][T14157] FAULT_INJECTION: forcing a failure.
[  661.257791][T14157] name failslab, interval 1, probability 0, space 0, times 0
[  661.277481][T14157] CPU: 1 UID: 0 PID: 14157 Comm: syz.5.1798 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  661.277507][T14157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  661.277517][T14157] Call Trace:
[  661.277524][T14157]  <TASK>
[  661.277531][T14157]  dump_stack_lvl+0x241/0x360
[  661.277561][T14157]  ? __pfx_dump_stack_lvl+0x10/0x10
[  661.277584][T14157]  ? __pfx__printk+0x10/0x10
[  661.277609][T14157]  ? __pfx___might_resched+0x10/0x10
[  661.277629][T14157]  should_fail_ex+0x424/0x570
[  661.277659][T14157]  should_failslab+0xac/0x100
[  661.277677][T14157]  __kmalloc_cache_noprof+0x73/0x370
[  661.277695][T14157]  ? nfnetlink_rcv+0x1037/0x28f0
[  661.277722][T14157]  nfnetlink_rcv+0x1037/0x28f0
[  661.277772][T14157]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  661.277848][T14157]  ? skb_clone+0x240/0x390
[  661.277891][T14157]  ? netlink_deliver_tap+0x2e/0x1b0
[  661.277922][T14157]  ? netlink_deliver_tap+0x2e/0x1b0
[  661.277944][T14157]  netlink_unicast+0x7f8/0x9a0
[  661.277967][T14157]  ? __pfx_netlink_unicast+0x10/0x10
[  661.277986][T14157]  ? skb_put+0x114/0x1f0
[  661.278011][T14157]  netlink_sendmsg+0x8c3/0xcd0
[  661.278041][T14157]  ? __pfx_netlink_sendmsg+0x10/0x10
[  661.278063][T14157]  ? aa_sock_msg_perm+0x91/0x160
[  661.278088][T14157]  ? __pfx_netlink_sendmsg+0x10/0x10
[  661.278106][T14157]  __sock_sendmsg+0x221/0x270
[  661.278127][T14157]  ____sys_sendmsg+0x523/0x860
[  661.278157][T14157]  ? __pfx_____sys_sendmsg+0x10/0x10
[  661.278178][T14157]  ? __fget_files+0x2a/0x420
[  661.278196][T14157]  ? __fget_files+0x2a/0x420
[  661.278217][T14157]  __sys_sendmsg+0x271/0x360
[  661.278244][T14157]  ? __pfx___sys_sendmsg+0x10/0x10
[  661.278307][T14157]  ? do_syscall_64+0xb6/0x210
[  661.278326][T14157]  do_syscall_64+0xf3/0x210
[  661.278343][T14157]  ? clear_bhb_loop+0x45/0xa0
[  661.278361][T14157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.278376][T14157] RIP: 0033:0x7f1c8318e169
[  661.278391][T14157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.278404][T14157] RSP: 002b:00007f1c840bc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  661.278422][T14157] RAX: ffffffffffffffda RBX: 00007f1c833b5fa0 RCX: 00007f1c8318e169
[  661.278434][T14157] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  661.278444][T14157] RBP: 00007f1c840bc090 R08: 0000000000000000 R09: 0000000000000000
[  661.278453][T14157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  661.278462][T14157] R13: 0000000000000000 R14: 00007f1c833b5fa0 R15: 00007f1c834dfa28
[  661.278485][T14157]  </TASK>
[  661.315054][ T5899] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  661.559416][ T1208] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  661.727387][ T5899] usb 5-1: device descriptor read/64, error -71
[  661.744475][ T1208] usb 3-1: Using ep0 maxpacket: 16
[  661.753660][ T1208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  661.767925][ T1208] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  661.805446][ T1208] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  661.815560][ T1208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.839389][ T1208] usb 3-1: config 0 descriptor??
[  661.977771][ T5899] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  662.074526][ T5898] usb 6-1: new high-speed USB device number 125 using dummy_hcd
[  662.098391][    T9] usb 1-1: USB disconnect, device number 17
[  662.126044][ T5899] usb 5-1: device descriptor read/64, error -71
[  662.226617][ T5898] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  662.249449][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.262920][ T1208] ryos 0003:1E7D:3138.001E: unknown main item tag 0x0
[  662.275117][ T5899] usb usb5-port1: attempt power cycle
[  662.282049][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.293741][ T1208] ryos 0003:1E7D:3138.001E: unknown main item tag 0x0
[  662.302373][ T1208] ryos 0003:1E7D:3138.001E: unknown main item tag 0x0
[  662.315367][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.326236][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.340819][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.355041][ T1208] ryos 0003:1E7D:3138.001E: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.2-1/input0
[  662.380171][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.390303][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.430882][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.462705][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.482909][ T3078] usb 3-1: USB disconnect, device number 12
[  662.490946][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.515567][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.528602][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.543286][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.552696][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.565213][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.580953][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  662.580973][   T30] audit: type=1326 audit(1745356969.183:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  662.601691][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.644850][ T5899] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  662.667948][   T30] audit: type=1326 audit(1745356969.213:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  662.672164][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.703532][ T5899] usb 5-1: device descriptor read/8, error -71
[  662.714976][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.723246][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.731862][   T30] audit: type=1326 audit(1745356969.233:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  662.753821][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.778535][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.785675][   T30] audit: type=1326 audit(1745356969.233:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  662.793684][ T5898] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  662.830359][ T5898] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  662.853932][ T5898] usb 6-1: config 0 interface 0 has no altsetting 0
[  662.855228][   T30] audit: type=1326 audit(1745356969.233:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  662.871330][ T5898] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  662.913851][ T5898] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  662.916602][   T30] audit: type=1326 audit(1745356969.233:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  662.945020][ T5898] usb 6-1: Product: syz
[  662.945049][ T5898] usb 6-1: Manufacturer: syz
[  662.953851][ T5898] usb 6-1: SerialNumber: syz
[  662.958894][ T5899] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  662.985150][ T5899] usb 5-1: device descriptor read/8, error -71
[  662.992733][ T5898] usb 6-1: config 0 descriptor??
[  663.003365][   T30] audit: type=1326 audit(1745356969.233:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  663.025256][ T5898] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  663.090482][   T30] audit: type=1326 audit(1745356969.233:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  663.094937][ T5899] usb usb5-port1: unable to enumerate USB device
[  663.148175][   T30] audit: type=1326 audit(1745356969.233:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  663.186820][   T30] audit: type=1326 audit(1745356969.233:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  663.230585][T14162] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  663.424421][ T5838] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  663.587280][ T5838] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  663.607012][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.627271][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.646344][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.655565][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.669623][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.684142][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.692771][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.701977][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.713048][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.721183][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.730193][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.741215][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.749115][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.758154][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.785327][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.795152][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.804120][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.823450][T13203] usb 6-1: USB disconnect, device number 125
[  663.845574][T13203] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  663.860183][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.888829][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.903971][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.906026][T14185] CIFS: iocharset name too long
[  663.915502][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.926854][ T3078] usb 7-1: new low-speed USB device number 111 using dummy_hcd
[  663.939088][ T5838] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  663.948356][ T5838] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  663.959592][ T5838] usb 3-1: config 0 interface 0 has no altsetting 0
[  663.969328][ T5838] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  663.979072][ T5838] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  663.988388][ T5838] usb 3-1: Product: syz
[  663.992678][ T5838] usb 3-1: Manufacturer: syz
[  663.997618][ T5838] usb 3-1: SerialNumber: syz
[  664.006045][ T5838] usb 3-1: config 0 descriptor??
[  664.017842][ T5838] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  664.097899][ T3078] usb 7-1: Invalid ep0 maxpacket: 64
[  664.240430][T14178] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1805'.
[  664.279290][ T3078] usb 7-1: new low-speed USB device number 112 using dummy_hcd
[  664.319904][ T5899] usb 3-1: USB disconnect, device number 13
[  664.333441][ T5899] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  664.454316][ T3078] usb 7-1: Invalid ep0 maxpacket: 64
[  664.474536][ T3078] usb usb7-port1: attempt power cycle
[  664.504580][T13203] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  664.678818][T13203] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  664.704334][T13203] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  664.713432][T13203] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  664.736870][T13203] usb 5-1: config 0 descriptor??
[  664.814409][ T3078] usb 7-1: new low-speed USB device number 113 using dummy_hcd
[  664.855038][ T3078] usb 7-1: Invalid ep0 maxpacket: 64
[  664.994355][ T3078] usb 7-1: new low-speed USB device number 114 using dummy_hcd
[  665.045108][ T3078] usb 7-1: Invalid ep0 maxpacket: 64
[  665.054394][ T3078] usb usb7-port1: unable to enumerate USB device
[  665.359616][T13203] usbhid 5-1:0.0: can't add hid device: -71
[  665.372534][T13203] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  665.394727][T13203] usb 5-1: USB disconnect, device number 20
[  666.384907][ T3078] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  666.494423][T13203] usb 6-1: new high-speed USB device number 126 using dummy_hcd
[  666.599370][ T3078] usb 5-1: Using ep0 maxpacket: 16
[  666.619783][ T3078] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  666.669773][ T3078] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  666.693368][T13203] usb 6-1: config 0 has no interfaces?
[  666.704030][T13203] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  666.723917][T13203] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.734022][ T3078] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023
[  666.808318][T13203] usb 6-1: Product: syz
[  666.812621][T13203] usb 6-1: Manufacturer: syz
[  666.832209][ T3078] usb 5-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  666.841813][ T3078] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.854612][T13203] usb 6-1: SerialNumber: syz
[  666.868070][ T3078] usb 5-1: Product: syz
[  666.904523][ T3078] usb 5-1: Manufacturer: syz
[  666.916177][T13203] usb 6-1: config 0 descriptor??
[  666.935564][ T3078] usb 5-1: SerialNumber: syz
[  667.036537][ T3078] usb 5-1: config 0 descriptor??
[  667.052614][T14205] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  667.240229][ T3078] mcba_usb 5-1:0.0 can0: failed tx_urb -90
[  667.273867][ T3078] mcba_usb 5-1:0.0 can0: Failed to send cmd (169)
[  667.304854][ T3078] mcba_usb 5-1:0.0 can0: failed tx_urb -90
[  667.372076][ T3078] mcba_usb 5-1:0.0 can0: Failed to send cmd (169)
[  667.424072][ T3078] mcba_usb 5-1:0.0: Microchip CAN BUS Analyzer connected
[  667.553431][ T3078] usb 5-1: USB disconnect, device number 21
[  667.622989][ T3078] mcba_usb 5-1:0.0 can0: device disconnected
[  668.024670][ T3078] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  668.164327][ T3078] usb 5-1: device descriptor read/64, error -71
[  668.414382][ T3078] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  668.552073][T14233] program syz.6.1822 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  668.574418][ T3078] usb 5-1: device descriptor read/64, error -71
[  668.705281][ T3078] usb usb5-port1: attempt power cycle
[  669.055023][ T3078] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  669.091860][ T3078] usb 5-1: device descriptor read/8, error -71
[  669.334476][ T3078] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  669.381542][ T3078] usb 5-1: device descriptor read/8, error -71
[  669.496903][ T3078] usb usb5-port1: unable to enumerate USB device
[  669.584851][ T5895] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  669.855376][ T3078] usb 6-1: USB disconnect, device number 126
[  669.904784][T14251] netlink: 168 bytes leftover after parsing attributes in process `syz.5.1829'.
[  670.054922][ T5895] usb 1-1: Using ep0 maxpacket: 32
[  670.112896][ T5895] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  670.121579][ T5895] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  670.146488][ T5895] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  670.164568][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  670.174614][ T5895] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  670.184388][ T5895] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  670.197660][ T5895] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  670.206781][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  670.220985][ T5895] usb 1-1: config 0 descriptor??
[  670.528176][ T5895] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 18 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  670.621107][ T5895] usb 1-1: USB disconnect, device number 18
[  670.691010][ T5895] usblp0: removed
[  670.962319][ T5899] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  671.059166][ T5895] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  671.142714][ T5899] usb 5-1: config 0 has an invalid interface number: 74 but max is 0
[  671.153216][ T5899] usb 5-1: config 0 has no interface number 0
[  671.167899][ T5899] usb 5-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice=d0.db
[  671.177891][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  671.186799][ T5899] usb 5-1: Product: syz
[  671.197436][ T5899] usb 5-1: Manufacturer: syz
[  671.202432][ T5899] usb 5-1: SerialNumber: syz
[  671.227278][ T5899] usb 5-1: config 0 descriptor??
[  671.264353][ T5895] usb 1-1: Using ep0 maxpacket: 32
[  671.277023][ T5895] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  671.291630][ T5895] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  671.338438][ T5895] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  671.348178][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  671.358619][ T5895] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  671.369717][ T5895] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  671.382951][ T5895] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  671.392212][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.403333][ T5895] usb 1-1: config 0 descriptor??
[  671.485359][T14270] ptrace attach of "./syz-executor exec"[12953] was attempted by " Àÿ      Ðÿ      ð¥      Àÿ      Àÿ      Ðÿ      àÿ              ðÿ      °ÿ      Àÿ                 ÿÿÿÿ                                                                                                                                                                                                                                                                                        ./mnt                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ./mnt"[14270]
[  671.794474][ T5895] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  671.818063][ T5895] usb 1-1: USB disconnect, device number 19
[  671.830306][ T5898] usb 5-1: USB disconnect, device number 26
[  671.883701][ T5895] usblp0: removed
[  672.074471][ T5899] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  672.204495][ T5899] usb 3-1: device descriptor read/64, error -71
[  672.444452][ T5899] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  672.596792][ T5899] usb 3-1: device descriptor read/64, error -71
[  672.644533][T14297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1840'.
[  672.715143][ T5899] usb usb3-port1: attempt power cycle
[  672.824340][ T1208] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  673.014352][ T1208] usb 5-1: Using ep0 maxpacket: 16
[  673.028639][ T1208] usb 5-1: config 0 has no interfaces?
[  673.041383][ T1208] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  673.054773][ T5899] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  673.083024][ T1208] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.113534][ T5899] usb 3-1: device descriptor read/8, error -71
[  673.124994][ T1208] usb 5-1: config 0 descriptor??
[  673.375090][ T5899] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  673.415445][ T5899] usb 3-1: device descriptor read/8, error -71
[  673.634027][ T5899] usb usb3-port1: unable to enumerate USB device
[  673.838398][T14316] netlink: 'syz.6.1843': attribute type 4 has an invalid length.
[  674.082395][T14313] netlink: 'syz.6.1843': attribute type 4 has an invalid length.
[  674.863442][T14331] netlink: 'syz.6.1849': attribute type 4 has an invalid length.
[  674.883613][T14331] netlink: 'syz.6.1849': attribute type 4 has an invalid length.
[  675.054316][ T3078] usb 6-1: new low-speed USB device number 127 using dummy_hcd
[  675.234950][ T3078] usb 6-1: Invalid ep0 maxpacket: 32
[  675.364460][ T3078] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  675.371969][ T5896] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  675.527293][ T5896] usb 1-1: Using ep0 maxpacket: 8
[  675.532436][ T3078] usb 6-1: Invalid ep0 maxpacket: 32
[  675.542446][ T5898] usb 5-1: USB disconnect, device number 27
[  675.552013][ T3078] usb usb6-port1: attempt power cycle
[  675.562806][ T5896] usb 1-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  675.573238][ T5896] usb 1-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  675.588821][ T5896] usb 1-1: Product: syz
[  675.593043][ T5896] usb 1-1: Manufacturer: syz
[  675.621749][ T5896] usb 1-1: SerialNumber: syz
[  675.655421][ T5896] usb 1-1: config 0 descriptor??
[  675.668735][ T5896] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  675.771366][T14354] xt_hashlimit: size too large, truncated to 1048576
[  675.881242][ T5896] gspca_zc3xx: reg_w_i err -71
[  675.902726][ T5896] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  675.911900][ T3078] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[  675.933998][ T5896] usb 1-1: USB disconnect, device number 20
[  675.995427][ T3078] usb 6-1: Invalid ep0 maxpacket: 32
[  676.020009][T14364] netlink: 'syz.6.1857': attribute type 27 has an invalid length.
[  676.134419][ T3078] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  676.195240][ T3078] usb 6-1: Invalid ep0 maxpacket: 32
[  676.208526][ T3078] usb usb6-port1: unable to enumerate USB device
[  677.035814][ T5899] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  677.080044][T14383] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  677.088466][T14383] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  677.254377][ T5899] usb 1-1: Using ep0 maxpacket: 8
[  677.362344][ T5899] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  677.375989][ T5899] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.377033][T14389] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  677.422362][ T5899] usb 1-1: config 0 descriptor??
[  677.678176][ T5899] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  678.187238][ T5899] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  678.203711][ T5899] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  678.220168][ T5899] asix 1-1:0.0: probe with driver asix failed with error -71
[  678.242699][ T5899] usb 1-1: USB disconnect, device number 21
[  678.304944][ T3078] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  678.372014][T14402] FAULT_INJECTION: forcing a failure.
[  678.372014][T14402] name failslab, interval 1, probability 0, space 0, times 0
[  678.396497][T14402] CPU: 0 UID: 0 PID: 14402 Comm: syz.0.1870 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  678.396529][T14402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  678.396543][T14402] Call Trace:
[  678.396553][T14402]  <TASK>
[  678.396562][T14402]  dump_stack_lvl+0x241/0x360
[  678.396601][T14402]  ? __pfx_dump_stack_lvl+0x10/0x10
[  678.396631][T14402]  ? __pfx__printk+0x10/0x10
[  678.396664][T14402]  ? __pfx___might_resched+0x10/0x10
[  678.396690][T14402]  should_fail_ex+0x424/0x570
[  678.396727][T14402]  should_failslab+0xac/0x100
[  678.396750][T14402]  __kmalloc_node_track_caller_noprof+0xe2/0x4d0
[  678.396774][T14402]  ? kobject_set_name_vargs+0x61/0x120
[  678.396802][T14402]  kvasprintf+0xe1/0x190
[  678.396834][T14402]  ? __pfx_kvasprintf+0x10/0x10
[  678.396871][T14402]  ? kvasprintf_const+0x51/0x170
[  678.396902][T14402]  kobject_set_name_vargs+0x61/0x120
[  678.396930][T14402]  kobject_init_and_add+0xe0/0x190
[  678.396967][T14402]  ? __pfx_kobject_init_and_add+0x10/0x10
[  678.396993][T14402]  ? __kasan_kmalloc+0x9d/0xb0
[  678.397027][T14402]  ? __raw_spin_lock_init+0x45/0x100
[  678.397055][T14402]  swnode_register+0x390/0x540
[  678.397097][T14402]  fwnode_create_software_node+0x199/0x1f0
[  678.397152][T14402]  device_create_managed_software_node+0xd5/0x1f0
[  678.397173][T14402]  ? iommufd_test+0x2efb/0x56a0
[  678.397209][T14402]  iommufd_test+0x3335/0x56a0
[  678.397242][T14402]  ? __pfx___schedule+0x10/0x10
[  678.397285][T14402]  ? __pfx_iommufd_test+0x10/0x10
[  678.397331][T14402]  ? __lock_acquire+0xad5/0xd80
[  678.397396][T14402]  iommufd_fops_ioctl+0x4fc/0x610
[  678.397428][T14402]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  678.397477][T14402]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  678.397506][T14402]  __se_sys_ioctl+0xf1/0x160
[  678.397549][T14402]  do_syscall_64+0xf3/0x210
[  678.397572][T14402]  ? clear_bhb_loop+0x45/0xa0
[  678.397597][T14402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.397618][T14402] RIP: 0033:0x7fbd7c18e169
[  678.397636][T14402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.397654][T14402] RSP: 002b:00007fbd7cf99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  678.397677][T14402] RAX: ffffffffffffffda RBX: 00007fbd7c3b5fa0 RCX: 00007fbd7c18e169
[  678.397693][T14402] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  678.397707][T14402] RBP: 00007fbd7cf99090 R08: 0000000000000000 R09: 0000000000000000
[  678.397720][T14402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  678.397733][T14402] R13: 0000000000000000 R14: 00007fbd7c3b5fa0 R15: 00007fbd7c4dfa28
[  678.397764][T14402]  </TASK>
[  678.397855][T14402] kobject: can not set name properly!
[  678.691432][T14402] iommufd_mock iommufd_mock0: add pasid-num-bits property failed, rc: -12
[  678.849116][ T3078] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  678.970702][ T3078] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  678.992000][ T3078] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.043025][ T3078] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  679.079246][ T3078] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2
[  679.114391][ T5899] usb 7-1: new high-speed USB device number 115 using dummy_hcd
[  679.137293][ T5890] udevd[5890]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  679.304414][ T5899] usb 7-1: Using ep0 maxpacket: 8
[  679.316313][ T5899] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  679.329942][ T5899] usb 7-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b
[  679.385435][ T5899] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  679.471090][ T5899] usb 7-1: Product: syz
[  679.515119][ T3078] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  679.603048][ T5899] usb 7-1: Manufacturer: syz
[  679.640216][ T5899] usb 7-1: SerialNumber: syz
[  679.677649][ T5899] usb 7-1: config 0 descriptor??
[  679.691304][T14422] delete_channel: no stack
[  679.706134][ T5899] gspca_main: stk014-2.14.0 probing 05e1:0893
[  679.712359][ T5899] usb 7-1: selecting invalid altsetting 1
[  679.744500][ T3078] usb 1-1: Using ep0 maxpacket: 32
[  679.815520][ T3078] usb 1-1: config index 0 descriptor too short (expected 292, got 36)
[  679.881112][ T3078] usb 1-1: config 0 has an invalid interface number: 184 but max is -1
[  679.889533][ T5899] gspca_stk014: reg_r err -71
[  679.889620][ T5899] stk014 7-1:0.0: probe with driver stk014 failed with error -71
[  679.902339][ T3078] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  679.911368][ T5899] usb 7-1: USB disconnect, device number 115
[  679.934707][ T3078] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  679.958648][ T3078] usb 1-1: config 0 has no interface number 0
[  679.965650][ T3078] usb 1-1: config 0 interface 184 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  679.978896][ T3078] usb 1-1: config 0 interface 184 has no altsetting 0
[  679.993190][ T3078] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  680.002846][ T3078] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.020143][ T3078] usb 1-1: Product: syz
[  680.025283][ T3078] usb 1-1: Manufacturer: syz
[  680.031450][ T3078] usb 1-1: SerialNumber: syz
[  680.042660][ T3078] usb 1-1: config 0 descriptor??
[  680.053728][ T3078] smsc75xx v1.0.0
[  680.057893][ T3078] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  680.073312][ T3078] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -22
[  680.219767][T14429] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1876'.
[  680.238602][T14430] loop6: detected capacity change from 0 to 63
[  680.309933][ T5890] buffer_io_error: 23 callbacks suppressed
[  680.309951][ T5890] Buffer I/O error on dev loop6, logical block 0, async page read
[  680.315596][ T5890] Buffer I/O error on dev loop6, logical block 1, async page read
[  680.315689][ T5890] Buffer I/O error on dev loop6, logical block 2, async page read
[  680.315784][ T5890] Buffer I/O error on dev loop6, logical block 3, async page read
[  680.324091][T14427] Buffer I/O error on dev loop6, logical block 0, async page read
[  680.324193][T14427] Buffer I/O error on dev loop6, logical block 1, async page read
[  680.325390][T14427] Buffer I/O error on dev loop6, logical block 2, async page read
[  680.325490][T14427] Buffer I/O error on dev loop6, logical block 3, async page read
[  680.325739][T14427] Buffer I/O error on dev loop6, logical block 0, async page read
[  680.325950][T14427] Buffer I/O error on dev loop6, logical block 1, async page read
[  681.069560][T14445] FAULT_INJECTION: forcing a failure.
[  681.069560][T14445] name failslab, interval 1, probability 0, space 0, times 0
[  681.088528][T14445] CPU: 1 UID: 0 PID: 14445 Comm: syz.5.1881 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  681.088562][T14445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  681.088577][T14445] Call Trace:
[  681.088586][T14445]  <TASK>
[  681.088596][T14445]  dump_stack_lvl+0x241/0x360
[  681.088636][T14445]  ? __pfx_dump_stack_lvl+0x10/0x10
[  681.088668][T14445]  ? __pfx__printk+0x10/0x10
[  681.088703][T14445]  ? __pfx___might_resched+0x10/0x10
[  681.088731][T14445]  should_fail_ex+0x424/0x570
[  681.088769][T14445]  should_failslab+0xac/0x100
[  681.088795][T14445]  __kmalloc_node_track_caller_noprof+0xe2/0x4d0
[  681.088821][T14445]  ? __kernfs_new_node+0xa2/0x890
[  681.088861][T14445]  kstrdup+0x42/0x100
[  681.088882][T14445]  __kernfs_new_node+0xa2/0x890
[  681.088906][T14445]  ? __lock_acquire+0xad5/0xd80
[  681.088940][T14445]  ? __pfx___kernfs_new_node+0x10/0x10
[  681.088980][T14445]  ? kernfs_root+0x1c/0x230
[  681.089003][T14445]  ? kernfs_root+0x1c/0x230
[  681.089026][T14445]  kernfs_new_node+0x114/0x220
[  681.089053][T14445]  kernfs_create_dir_ns+0x43/0x120
[  681.089079][T14445]  sysfs_create_dir_ns+0x1a2/0x3f0
[  681.089115][T14445]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  681.089157][T14445]  kobject_add_internal+0x435/0x8d0
[  681.089192][T14445]  kobject_init_and_add+0x126/0x190
[  681.089223][T14445]  ? __pfx_kobject_init_and_add+0x10/0x10
[  681.089249][T14445]  ? __kasan_kmalloc+0x9d/0xb0
[  681.089283][T14445]  ? __raw_spin_lock_init+0x45/0x100
[  681.089311][T14445]  swnode_register+0x390/0x540
[  681.089353][T14445]  fwnode_create_software_node+0x199/0x1f0
[  681.089391][T14445]  device_create_managed_software_node+0xd5/0x1f0
[  681.089412][T14445]  ? iommufd_test+0x2efb/0x56a0
[  681.089446][T14445]  iommufd_test+0x3335/0x56a0
[  681.089491][T14445]  ? __pfx_iommufd_test+0x10/0x10
[  681.089536][T14445]  ? __lock_acquire+0xad5/0xd80
[  681.089599][T14445]  iommufd_fops_ioctl+0x4fc/0x610
[  681.089629][T14445]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  681.089677][T14445]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  681.089706][T14445]  __se_sys_ioctl+0xf1/0x160
[  681.089756][T14445]  do_syscall_64+0xf3/0x210
[  681.089780][T14445]  ? clear_bhb_loop+0x45/0xa0
[  681.089805][T14445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.089828][T14445] RIP: 0033:0x7f1c8318e169
[  681.089846][T14445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.089866][T14445] RSP: 002b:00007f1c840bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  681.089888][T14445] RAX: ffffffffffffffda RBX: 00007f1c833b5fa0 RCX: 00007f1c8318e169
[  681.089903][T14445] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  681.089916][T14445] RBP: 00007f1c840bc090 R08: 0000000000000000 R09: 0000000000000000
[  681.089929][T14445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  681.089941][T14445] R13: 0000000000000000 R14: 00007f1c833b5fa0 R15: 00007f1c834dfa28
[  681.089978][T14445]  </TASK>
[  681.089999][T14445] kobject: kobject_add_internal failed for node0 (error: -12 parent: software_nodes)
[  681.425754][T14445] iommufd_mock iommufd_mock0: add pasid-num-bits property failed, rc: -12
[  681.628286][ T3078] usb 5-1: USB disconnect, device number 28
[  682.174107][T14450] ip6tnl1: entered promiscuous mode
[  682.305878][T14452] usb usb8: usbfs: process 14452 (syz.4.1883) did not claim interface 0 before use
[  682.337213][T14452] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  682.779377][T14463] netlink: 452 bytes leftover after parsing attributes in process `syz.2.1884'.
[  683.373466][ T5896] usb 1-1: USB disconnect, device number 22
[  683.715308][ T3078] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  683.886172][ T3078] usb 6-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  683.908075][ T3078] usb 6-1: config 36 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  683.959431][ T3078] usb 6-1: config 36 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  684.004301][ T5896] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  684.016652][ T3078] usb 6-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  684.053713][ T3078] usb 6-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  684.062258][ T3078] usb 6-1: Manufacturer: syz
[  684.067118][ T3078] usb 6-1: SerialNumber: syz
[  684.074344][ T5899] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  684.204620][ T5896] usb 1-1: Using ep0 maxpacket: 8
[  684.266636][ T5896] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  684.275446][ T5896] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  684.288165][ T5896] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  684.296349][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  684.298697][ T5896] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  684.321550][ T3078] yealink 6-1:36.0: invalid payload size 0, expected 16
[  684.332801][ T3078] input: Yealink usb-p1k as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:36.0/input/input44
[  684.356163][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  684.356215][ T5896] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  684.380735][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.387737][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.394959][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.401954][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.408920][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.415914][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.422853][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.429821][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  684.436768][    C1] yealink 6-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  684.445605][ T5896] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  684.458330][ T3078] usb 6-1: USB disconnect, device number 5
[  684.474353][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  684.483319][ T5899] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  684.528050][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  684.558357][ T5899] usb 5-1: config 0 descriptor??
[  684.637758][T14494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  684.711117][ T5896] usb 1-1: GET_CAPABILITIES returned 0
[  684.744475][ T5896] usbtmc 1-1:16.0: can't read capabilities
[  684.814612][ T3078] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  684.851876][T14498] FAULT_INJECTION: forcing a failure.
[  684.851876][T14498] name failslab, interval 1, probability 0, space 0, times 0
[  684.880123][T14498] CPU: 1 UID: 0 PID: 14498 Comm: syz.2.1893 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  684.880157][T14498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  684.880175][T14498] Call Trace:
[  684.880184][T14498]  <TASK>
[  684.880194][T14498]  dump_stack_lvl+0x241/0x360
[  684.880234][T14498]  ? __pfx_dump_stack_lvl+0x10/0x10
[  684.880266][T14498]  ? __pfx__printk+0x10/0x10
[  684.880301][T14498]  ? __pfx___might_resched+0x10/0x10
[  684.880328][T14498]  should_fail_ex+0x424/0x570
[  684.880374][T14498]  should_failslab+0xac/0x100
[  684.880399][T14498]  kmem_cache_alloc_noprof+0x78/0x390
[  684.880422][T14498]  ? __kernfs_new_node+0xdf/0x890
[  684.880449][T14498]  __kernfs_new_node+0xdf/0x890
[  684.880473][T14498]  ? __lock_acquire+0xad5/0xd80
[  684.880509][T14498]  ? __pfx___kernfs_new_node+0x10/0x10
[  684.880543][T14498]  ? kernfs_root+0x1c/0x230
[  684.880565][T14498]  ? kernfs_root+0x1c/0x230
[  684.880589][T14498]  kernfs_new_node+0x114/0x220
[  684.880617][T14498]  kernfs_create_dir_ns+0x43/0x120
[  684.880645][T14498]  sysfs_create_dir_ns+0x1a2/0x3f0
[  684.880682][T14498]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  684.880725][T14498]  kobject_add_internal+0x435/0x8d0
[  684.880761][T14498]  kobject_init_and_add+0x126/0x190
[  684.880793][T14498]  ? __pfx_kobject_init_and_add+0x10/0x10
[  684.880820][T14498]  ? __kasan_kmalloc+0x9d/0xb0
[  684.880855][T14498]  ? __raw_spin_lock_init+0x45/0x100
[  684.880884][T14498]  swnode_register+0x390/0x540
[  684.880927][T14498]  fwnode_create_software_node+0x199/0x1f0
[  684.880964][T14498]  device_create_managed_software_node+0xd5/0x1f0
[  684.880986][T14498]  ? iommufd_test+0x2efb/0x56a0
[  684.881023][T14498]  iommufd_test+0x3335/0x56a0
[  684.881069][T14498]  ? __pfx_iommufd_test+0x10/0x10
[  684.881114][T14498]  ? __lock_acquire+0xad5/0xd80
[  684.881179][T14498]  iommufd_fops_ioctl+0x4fc/0x610
[  684.881210][T14498]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  684.881259][T14498]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  684.881290][T14498]  __se_sys_ioctl+0xf1/0x160
[  684.881321][T14498]  do_syscall_64+0xf3/0x210
[  684.881344][T14498]  ? clear_bhb_loop+0x45/0xa0
[  684.881377][T14498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.881399][T14498] RIP: 0033:0x7f6ffeb8e169
[  684.881417][T14498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  684.881436][T14498] RSP: 002b:00007f6fff9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  684.881460][T14498] RAX: ffffffffffffffda RBX: 00007f6ffedb5fa0 RCX: 00007f6ffeb8e169
[  684.881476][T14498] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  684.881490][T14498] RBP: 00007f6fff9e7090 R08: 0000000000000000 R09: 0000000000000000
[  684.881503][T14498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  684.881516][T14498] R13: 0000000000000000 R14: 00007f6ffedb5fa0 R15: 00007f6ffeedfa28
[  684.881549][T14498]  </TASK>
[  684.881606][T14498] kobject: kobject_add_internal failed for node0 (error: -12 parent: software_nodes)
[  684.988449][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  684.988510][   T30] audit: type=1326 audit(1745356991.513:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  684.991098][T14498] iommufd_mock iommufd_mock0: add pasid-num-bits property failed, rc: -12
[  685.006573][   T30] audit: type=1326 audit(1745356991.523:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.006663][   T30] audit: type=1326 audit(1745356991.523:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.136714][ T3078] usb 6-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  685.145597][   T30] audit: type=1326 audit(1745356991.523:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.304663][ T3078] usb 6-1: config 36 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  685.344434][ T3078] usb 6-1: config 36 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  685.370768][ T3078] usb 6-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  685.424602][ T3078] usb 6-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  685.478063][ T3078] usb 6-1: Manufacturer: syz
[  685.478095][   T30] audit: type=1326 audit(1745356991.523:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.517844][ T3078] usb 6-1: SerialNumber: syz
[  685.545889][   T30] audit: type=1326 audit(1745356991.523:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.611152][   T30] audit: type=1326 audit(1745356991.523:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.697255][   T30] audit: type=1326 audit(1745356991.523:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.773393][   T30] audit: type=1326 audit(1745356991.523:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.804187][T14477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.804396][   T30] audit: type=1326 audit(1745356991.523:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.0.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x7ffc0000
[  685.845393][T14477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.876635][T14477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.893777][T14477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.913783][ T3078] yealink 6-1:36.0: invalid payload size 0, expected 16
[  685.937828][ T3078] input: Yealink usb-p1k as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:36.0/input/input45
[  685.972078][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  685.982040][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  686.277601][ T5899] usbhid 5-1:0.0: can't add hid device: -71
[  686.284640][ T5899] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  686.379326][ T5899] usb 5-1: USB disconnect, device number 29
[  686.578738][    T9] usb 1-1: USB disconnect, device number 23
[  686.754485][ T5898] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  686.914317][ T5898] usb 3-1: Using ep0 maxpacket: 16
[  686.926966][ T5898] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  686.948387][ T5898] usb 3-1: config 0 has no interface number 0
[  687.072023][    T9] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  687.087388][ T5898] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  687.097524][ T5898] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.110998][ T5898] usb 3-1: Product: syz
[  687.144831][ T5898] usb 3-1: Manufacturer: syz
[  687.150187][ T5898] usb 3-1: SerialNumber: syz
[  687.177559][ T5898] usb 3-1: config 0 descriptor??
[  687.191621][ T5898] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  687.224325][    T9] usb 1-1: device descriptor read/64, error -71
[  687.464350][    T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  687.575771][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.582814][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.589960][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.596973][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.603977][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.610954][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.617961][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  687.624773][    C1] yealink 6-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  687.627763][    T9] usb 1-1: device descriptor read/64, error -71
[  687.642020][ T1208] usb 6-1: USB disconnect, device number 6
[  687.787717][    T9] usb usb1-port1: attempt power cycle
[  687.926609][T14525] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1899'.
[  688.056309][T14529] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1901'.
[  688.073709][T14515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  688.103079][T14529] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1901'.
[  688.124648][T14515] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  688.154636][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  688.191792][T14532] 
@ÿ: renamed from bond_slave_0
[  688.216936][ T5898] gspca_spca1528: reg_r err -71
[  688.221945][ T5898] spca1528 3-1:0.1: probe with driver spca1528 failed with error -71
[  688.231141][    T9] usb 1-1: device descriptor read/8, error -71
[  688.272114][T14529] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1901'.
[  688.286011][ T5898] usb 3-1: USB disconnect, device number 18
[  688.494714][    T9] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  688.535334][    T9] usb 1-1: device descriptor read/8, error -71
[  688.645370][    T9] usb usb1-port1: unable to enumerate USB device
[  688.662737][T14546] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  690.258840][ T5899] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  690.529714][ T5899] usb 5-1: Using ep0 maxpacket: 16
[  690.591228][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  690.619017][ T5899] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  690.647544][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.661341][ T5899] usb 5-1: Product: syz
[  690.674680][ T5899] usb 5-1: Manufacturer: syz
[  690.684340][ T5899] usb 5-1: SerialNumber: syz
[  690.794600][ T5899] usb 5-1: config 0 descriptor??
[  691.200585][T14583] netlink: 64 bytes leftover after parsing attributes in process `syz.6.1915'.
[  691.492869][ T5899] usb 5-1: USB disconnect, device number 30
[  691.885511][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  691.885528][   T30] audit: type=1800 audit(1745356998.433:708): pid=14595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1918" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=52561 res=0 errno=0
[  692.594480][ T5899] usb 7-1: new high-speed USB device number 116 using dummy_hcd
[  692.771844][ T5899] usb 7-1: Using ep0 maxpacket: 32
[  692.802800][ T5899] usb 7-1: config 0 interface 0 has no altsetting 0
[  692.809779][ T5899] usb 7-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  692.819464][ T5899] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  692.840498][ T5899] usb 7-1: config 0 descriptor??
[  693.106465][T14618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1927'.
[  693.116945][T14621] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1926'.
[  693.309811][ T5899] uclogic 0003:5543:0522.001F: collection stack underflow
[  693.333380][ T5899] uclogic 0003:5543:0522.001F: item 0 0 0 12 parsing failed
[  693.378846][ T5899] uclogic 0003:5543:0522.001F: parse failed
[  693.419339][ T5899] uclogic 0003:5543:0522.001F: probe with driver uclogic failed with error -22
[  693.524881][ T5898] usb 7-1: USB disconnect, device number 116
[  693.744330][ T5899] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  693.964371][ T5899] usb 5-1: Using ep0 maxpacket: 32
[  693.971412][ T5899] usb 5-1: config 0 has an invalid interface number: 83 but max is 0
[  693.984800][ T5899] usb 5-1: config 0 has no interface number 0
[  693.999966][ T5899] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=92.f7
[  694.026860][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.037852][ T5899] usb 5-1: Product: syz
[  694.042354][ T5899] usb 5-1: Manufacturer: syz
[  694.063222][ T5899] usb 5-1: SerialNumber: syz
[  694.078160][ T5899] usb 5-1: config 0 descriptor??
[  694.369357][T14644] overlayfs: missing 'lowerdir'
[  694.646137][T14628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.658719][T14628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  694.694534][ T5899] peak_usb 5-1:0.83 can0: unable to request usb[type=0 value=0] err=-71
[  694.743892][ T5899] peak_usb 5-1:0.83: unable to read PCAN-USB Pro bootloader info (err -71)
[  694.945682][ T5899] peak_usb 5-1:0.83: probe with driver peak_usb failed with error -71
[  694.961018][ T5899] usb 5-1: USB disconnect, device number 31
[  695.003718][T14646] xt_recent: Unsupported userspace flags (000000ca)
[  695.573599][T14656] netlink: 'syz.6.1939': attribute type 4 has an invalid length.
[  698.585410][T14685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1944'.
[  698.881641][   T30] audit: type=1326 audit(1745357005.483:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14689 comm="syz.0.1947" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x0
[  698.903830][T14688] xt_recent: Unsupported userspace flags (000000ca)
[  698.964982][   T30] audit: type=1326 audit(1745357005.483:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14689 comm="syz.0.1947" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd7c18e169 code=0x0
[  699.930684][T14707] FAULT_INJECTION: forcing a failure.
[  699.930684][T14707] name failslab, interval 1, probability 0, space 0, times 0
[  699.950420][T14707] CPU: 0 UID: 0 PID: 14707 Comm: syz.0.1950 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  699.950452][T14707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  699.950466][T14707] Call Trace:
[  699.950475][T14707]  <TASK>
[  699.950484][T14707]  dump_stack_lvl+0x241/0x360
[  699.950522][T14707]  ? __pfx_dump_stack_lvl+0x10/0x10
[  699.950552][T14707]  ? __pfx__printk+0x10/0x10
[  699.950586][T14707]  ? __pfx___might_resched+0x10/0x10
[  699.950612][T14707]  should_fail_ex+0x424/0x570
[  699.950649][T14707]  should_failslab+0xac/0x100
[  699.950673][T14707]  kmem_cache_alloc_noprof+0x78/0x390
[  699.950695][T14707]  ? skb_clone+0x20c/0x390
[  699.950721][T14707]  skb_clone+0x20c/0x390
[  699.950740][T14707]  ? netlink_broadcast_filtered+0x702/0x12a0
[  699.950768][T14707]  netlink_broadcast_filtered+0x710/0x12a0
[  699.950814][T14707]  netlink_broadcast+0x39/0x50
[  699.950838][T14707]  kobject_uevent_net_broadcast+0x38f/0x580
[  699.950870][T14707]  kobject_uevent_env+0x57d/0x8e0
[  699.950901][T14707]  swnode_register+0x4b3/0x540
[  699.950937][T14707]  fwnode_create_software_node+0x199/0x1f0
[  699.950968][T14707]  device_create_managed_software_node+0xd5/0x1f0
[  699.950985][T14707]  ? iommufd_test+0x2efb/0x56a0
[  699.951015][T14707]  iommufd_test+0x3335/0x56a0
[  699.951054][T14707]  ? __pfx_iommufd_test+0x10/0x10
[  699.951097][T14707]  ? __lock_acquire+0xad5/0xd80
[  699.951151][T14707]  iommufd_fops_ioctl+0x4fc/0x610
[  699.951176][T14707]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  699.951217][T14707]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  699.951241][T14707]  __se_sys_ioctl+0xf1/0x160
[  699.951266][T14707]  do_syscall_64+0xf3/0x210
[  699.951286][T14707]  ? clear_bhb_loop+0x45/0xa0
[  699.951307][T14707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.951325][T14707] RIP: 0033:0x7fbd7c18e169
[  699.951360][T14707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  699.951376][T14707] RSP: 002b:00007fbd7cf99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  699.951397][T14707] RAX: ffffffffffffffda RBX: 00007fbd7c3b5fa0 RCX: 00007fbd7c18e169
[  699.951411][T14707] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  699.951423][T14707] RBP: 00007fbd7cf99090 R08: 0000000000000000 R09: 0000000000000000
[  699.951435][T14707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  699.951446][T14707] R13: 0000000000000000 R14: 00007fbd7c3b5fa0 R15: 00007fbd7c4dfa28
[  699.951473][T14707]  </TASK>
[  699.960833][T14707] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  700.526305][T14728] tipc: Started in network mode
[  700.531250][T14728] tipc: Node identity ac1414aa, cluster identity 4711
[  700.541377][T14728] tipc: Enabled bearer <udp:s>, priority 10
[  700.711742][T14731] xt_recent: Unsupported userspace flags (000000ca)
[  700.804329][ T5896] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  701.011133][T14736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1960'.
[  701.070747][ T5896] usb 1-1: config 0 has no interfaces?
[  701.085979][ T5896] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  701.114043][T14736] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1960'.
[  701.141642][ T5899] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  701.158133][ T5896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.180455][ T5899] hid-generic 0000:0000:0000.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  701.248614][ T5896] usb 1-1: Product: syz
[  701.307442][ T5896] usb 1-1: Manufacturer: syz
[  701.312114][ T5896] usb 1-1: SerialNumber: syz
[  701.421446][ T5896] usb 1-1: config 0 descriptor??
[  701.562672][ T3078] tipc: Node number set to 2886997162
[  702.717041][T14757] FAULT_INJECTION: forcing a failure.
[  702.717041][T14757] name failslab, interval 1, probability 0, space 0, times 0
[  702.767815][T14757] CPU: 1 UID: 0 PID: 14757 Comm: syz.6.1967 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  702.767856][T14757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  702.767870][T14757] Call Trace:
[  702.767880][T14757]  <TASK>
[  702.767889][T14757]  dump_stack_lvl+0x241/0x360
[  702.767929][T14757]  ? __pfx_dump_stack_lvl+0x10/0x10
[  702.767961][T14757]  ? __pfx__printk+0x10/0x10
[  702.767995][T14757]  ? __pfx___might_resched+0x10/0x10
[  702.768024][T14757]  should_fail_ex+0x424/0x570
[  702.768062][T14757]  should_failslab+0xac/0x100
[  702.768087][T14757]  __kmalloc_cache_noprof+0x73/0x370
[  702.768110][T14757]  ? device_add+0xc1/0xbf0
[  702.768137][T14757]  device_add+0xc1/0xbf0
[  702.768160][T14757]  ? device_create_managed_software_node+0x198/0x1f0
[  702.768182][T14757]  ? iommufd_test+0x2efb/0x56a0
[  702.768217][T14757]  iommufd_test+0x3350/0x56a0
[  702.768262][T14757]  ? __pfx_iommufd_test+0x10/0x10
[  702.768312][T14757]  ? __lock_acquire+0xad5/0xd80
[  702.768378][T14757]  iommufd_fops_ioctl+0x4fc/0x610
[  702.768409][T14757]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  702.768458][T14757]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  702.768488][T14757]  __se_sys_ioctl+0xf1/0x160
[  702.768519][T14757]  do_syscall_64+0xf3/0x210
[  702.768543][T14757]  ? clear_bhb_loop+0x45/0xa0
[  702.768569][T14757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.768589][T14757] RIP: 0033:0x7fddc778e169
[  702.768608][T14757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.768626][T14757] RSP: 002b:00007fddc55f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  702.768650][T14757] RAX: ffffffffffffffda RBX: 00007fddc79b5fa0 RCX: 00007fddc778e169
[  702.768666][T14757] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  702.768680][T14757] RBP: 00007fddc55f6090 R08: 0000000000000000 R09: 0000000000000000
[  702.768693][T14757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  702.768707][T14757] R13: 0000000000000000 R14: 00007fddc79b5fa0 R15: 00007fddc7adfa28
[  702.768738][T14757]  </TASK>
[  703.717109][ T5899] usb 1-1: USB disconnect, device number 28
[  704.214463][ T5899] usb 7-1: new high-speed USB device number 117 using dummy_hcd
[  704.389171][ T5899] usb 7-1: config 0 has no interfaces?
[  704.408735][ T5899] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  704.423384][ T5899] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.453369][ T5899] usb 7-1: Product: syz
[  704.473641][ T5899] usb 7-1: Manufacturer: syz
[  704.492881][ T5899] usb 7-1: SerialNumber: syz
[  704.532769][ T5899] usb 7-1: config 0 descriptor??
[  704.807688][T14774] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1973'.
[  705.072735][T14774] netlink: 'syz.0.1973': attribute type 4 has an invalid length.
[  705.381543][T14792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1978'.
[  705.564701][ T3078] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  705.734689][ T3078] usb 1-1: Using ep0 maxpacket: 16
[  705.765875][ T3078] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 197, changing to 11
[  705.826007][T14796] FAULT_INJECTION: forcing a failure.
[  705.826007][T14796] name failslab, interval 1, probability 0, space 0, times 0
[  705.828711][ T3078] usb 1-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  705.884577][ T3078] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.893028][T14796] CPU: 0 UID: 0 PID: 14796 Comm: syz.4.1979 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  705.893056][T14796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  705.893069][T14796] Call Trace:
[  705.893077][T14796]  <TASK>
[  705.893086][T14796]  dump_stack_lvl+0x241/0x360
[  705.893122][T14796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  705.893151][T14796]  ? __pfx__printk+0x10/0x10
[  705.893181][T14796]  ? __pfx___might_resched+0x10/0x10
[  705.893208][T14796]  should_fail_ex+0x424/0x570
[  705.893245][T14796]  should_failslab+0xac/0x100
[  705.893268][T14796]  __kmalloc_node_track_caller_noprof+0xe2/0x4d0
[  705.893293][T14796]  ? __kernfs_new_node+0xa2/0x890
[  705.893312][T14796]  ? kernel_text_address+0xa7/0xe0
[  705.893347][T14796]  kstrdup+0x42/0x100
[  705.893362][T14796]  __kernfs_new_node+0xa2/0x890
[  705.893378][T14796]  ? __lock_acquire+0xad5/0xd80
[  705.893402][T14796]  ? __pfx___kernfs_new_node+0x10/0x10
[  705.893424][T14796]  ? kernfs_root+0x1c/0x230
[  705.893439][T14796]  ? kernfs_root+0x1c/0x230
[  705.893454][T14796]  kernfs_new_node+0x114/0x220
[  705.893473][T14796]  kernfs_create_dir_ns+0x43/0x120
[  705.893491][T14796]  sysfs_create_dir_ns+0x1a2/0x3f0
[  705.893516][T14796]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  705.893545][T14796]  kobject_add_internal+0x435/0x8d0
[  705.893569][T14796]  kobject_add+0x15b/0x230
[  705.893587][T14796]  ? kobject_put+0x43d/0x480
[  705.893605][T14796]  ? __pfx_kobject_add+0x10/0x10
[  705.893622][T14796]  ? bus_get_dev_root+0x127/0x160
[  705.893639][T14796]  ? get_device_parent+0x405/0x410
[  705.893654][T14796]  ? device_add+0x318/0xbf0
[  705.893671][T14796]  device_add+0x4e5/0xbf0
[  705.893688][T14796]  ? iommufd_test+0x2efb/0x56a0
[  705.893713][T14796]  iommufd_test+0x3350/0x56a0
[  705.893745][T14796]  ? __pfx_iommufd_test+0x10/0x10
[  705.893775][T14796]  ? __lock_acquire+0xad5/0xd80
[  705.893819][T14796]  iommufd_fops_ioctl+0x4fc/0x610
[  705.893840][T14796]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  705.893873][T14796]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  705.893893][T14796]  __se_sys_ioctl+0xf1/0x160
[  705.893914][T14796]  do_syscall_64+0xf3/0x210
[  705.893931][T14796]  ? clear_bhb_loop+0x45/0xa0
[  705.893949][T14796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  705.893963][T14796] RIP: 0033:0x7fa54578e169
[  705.893981][T14796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  705.894000][T14796] RSP: 002b:00007fa546565038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  705.894024][T14796] RAX: ffffffffffffffda RBX: 00007fa5459b5fa0 RCX: 00007fa54578e169
[  705.894038][T14796] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  705.894055][T14796] RBP: 00007fa546565090 R08: 0000000000000000 R09: 0000000000000000
[  705.894068][T14796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  705.894079][T14796] R13: 0000000000000000 R14: 00007fa5459b5fa0 R15: 00007fa545adfa28
[  705.894108][T14796]  </TASK>
[  705.894156][T14796] kobject: kobject_add_internal failed for iommufd_mock0 (error: -12 parent: devices)
[  706.208396][ T3078] usb 1-1: config 0 descriptor??
[  706.704370][ T5898] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  706.848155][   T30] audit: type=1326 audit(1745357013.453:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  706.877678][ T5898] usb 5-1: Using ep0 maxpacket: 16
[  706.894878][ T5896] usb 7-1: USB disconnect, device number 117
[  706.933561][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  706.950578][   T30] audit: type=1326 audit(1745357013.453:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  706.959731][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  707.028816][T14810] syzkaller1: entered promiscuous mode
[  707.038148][T14810] syzkaller1: entered allmulticast mode
[  707.048730][   T30] audit: type=1326 audit(1745357013.493:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.056853][ T5898] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  707.078282][ T3078] usbhid 1-1:0.0: can't add hid device: -71
[  707.102139][ T3078] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  707.127529][ T3078] usb 1-1: USB disconnect, device number 29
[  707.133645][   T30] audit: type=1326 audit(1745357013.493:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.141832][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.193454][ T5898] usb 5-1: Product: syz
[  707.207925][   T30] audit: type=1326 audit(1745357013.493:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.219286][ T5898] usb 5-1: Manufacturer: syz
[  707.268170][   T30] audit: type=1326 audit(1745357013.493:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.276425][ T5898] usb 5-1: SerialNumber: syz
[  707.321494][   T30] audit: type=1326 audit(1745357013.493:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.351802][ T5898] usb 5-1: config 0 descriptor??
[  707.368991][ T5898] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  707.391484][   T30] audit: type=1326 audit(1745357013.493:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.424619][ T5898] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  707.490290][   T30] audit: type=1326 audit(1745357013.493:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.543469][   T30] audit: type=1326 audit(1745357013.493:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14806 comm="syz.5.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c8318e169 code=0x7ffc0000
[  707.764695][ T5898] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  707.783016][ T5898] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  707.802915][ T5898] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  707.811279][T14826] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1987'.
[  707.844718][ T5898] em28xx 5-1:0.0: No AC97 audio processor
[  707.899878][ T5898] usb 5-1: USB disconnect, device number 32
[  707.937533][ T5898] em28xx 5-1:0.0: Disconnecting em28xx
[  707.982323][ T5898] em28xx 5-1:0.0: Freeing device
[  708.002319][T14833] xt_recent: Unsupported userspace flags (000000ca)
[  708.114615][T14837] FAULT_INJECTION: forcing a failure.
[  708.114615][T14837] name failslab, interval 1, probability 0, space 0, times 0
[  708.143289][T14826] netlink: 'syz.6.1987': attribute type 4 has an invalid length.
[  708.154509][T14837] CPU: 1 UID: 0 PID: 14837 Comm: syz.2.1991 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  708.154541][T14837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  708.154554][T14837] Call Trace:
[  708.154563][T14837]  <TASK>
[  708.154572][T14837]  dump_stack_lvl+0x241/0x360
[  708.154610][T14837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  708.154640][T14837]  ? __pfx__printk+0x10/0x10
[  708.154672][T14837]  ? __pfx___might_resched+0x10/0x10
[  708.154697][T14837]  should_fail_ex+0x424/0x570
[  708.154734][T14837]  should_failslab+0xac/0x100
[  708.154758][T14837]  kmem_cache_alloc_noprof+0x78/0x390
[  708.154779][T14837]  ? __kernfs_new_node+0xdf/0x890
[  708.154805][T14837]  __kernfs_new_node+0xdf/0x890
[  708.154828][T14837]  ? __lock_acquire+0xad5/0xd80
[  708.154861][T14837]  ? __pfx___kernfs_new_node+0x10/0x10
[  708.154893][T14837]  ? kernfs_root+0x1c/0x230
[  708.154914][T14837]  ? kernfs_root+0x1c/0x230
[  708.154937][T14837]  kernfs_new_node+0x114/0x220
[  708.154962][T14837]  kernfs_create_dir_ns+0x43/0x120
[  708.154989][T14837]  sysfs_create_dir_ns+0x1a2/0x3f0
[  708.155023][T14837]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  708.155065][T14837]  kobject_add_internal+0x435/0x8d0
[  708.155100][T14837]  kobject_add+0x15b/0x230
[  708.155125][T14837]  ? kobject_put+0x43d/0x480
[  708.155147][T14837]  ? __pfx_kobject_add+0x10/0x10
[  708.155172][T14837]  ? bus_get_dev_root+0x127/0x160
[  708.155196][T14837]  ? get_device_parent+0x405/0x410
[  708.155217][T14837]  ? device_add+0x318/0xbf0
[  708.155240][T14837]  device_add+0x4e5/0xbf0
[  708.155263][T14837]  ? iommufd_test+0x2efb/0x56a0
[  708.155305][T14837]  iommufd_test+0x3350/0x56a0
[  708.155349][T14837]  ? __pfx_iommufd_test+0x10/0x10
[  708.155391][T14837]  ? __lock_acquire+0xad5/0xd80
[  708.155452][T14837]  iommufd_fops_ioctl+0x4fc/0x610
[  708.155481][T14837]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  708.155529][T14837]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  708.155557][T14837]  __se_sys_ioctl+0xf1/0x160
[  708.155585][T14837]  do_syscall_64+0xf3/0x210
[  708.155608][T14837]  ? clear_bhb_loop+0x45/0xa0
[  708.155633][T14837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.155653][T14837] RIP: 0033:0x7f6ffeb8e169
[  708.155671][T14837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.155689][T14837] RSP: 002b:00007f6fff9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  708.155711][T14837] RAX: ffffffffffffffda RBX: 00007f6ffedb5fa0 RCX: 00007f6ffeb8e169
[  708.155726][T14837] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  708.155740][T14837] RBP: 00007f6fff9e7090 R08: 0000000000000000 R09: 0000000000000000
[  708.155753][T14837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  708.155766][T14837] R13: 0000000000000000 R14: 00007f6ffedb5fa0 R15: 00007f6ffeedfa28
[  708.155796][T14837]  </TASK>
[  708.155826][T14837] kobject: kobject_add_internal failed for iommufd_mock0 (error: -12 parent: devices)
[  708.198872][T14841] FAULT_INJECTION: forcing a failure.
[  708.198872][T14841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  708.470688][T14841] CPU: 0 UID: 0 PID: 14841 Comm: syz.5.1993 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  708.470721][T14841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  708.470735][T14841] Call Trace:
[  708.470744][T14841]  <TASK>
[  708.470753][T14841]  dump_stack_lvl+0x241/0x360
[  708.470793][T14841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  708.470823][T14841]  ? __pfx__printk+0x10/0x10
[  708.470863][T14841]  should_fail_ex+0x424/0x570
[  708.470900][T14841]  _copy_to_user+0x31/0xb0
[  708.470930][T14841]  simple_read_from_buffer+0xc4/0x170
[  708.470966][T14841]  proc_fail_nth_read+0x1ef/0x260
[  708.470991][T14841]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  708.471042][T14841]  ? rw_verify_area+0x246/0x630
[  708.471069][T14841]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  708.471092][T14841]  vfs_read+0x21f/0xb90
[  708.471130][T14841]  ? __pfx_vfs_read+0x10/0x10
[  708.471155][T14841]  ? kfree+0x54/0x430
[  708.471173][T14841]  ? do_sock_setsockopt+0x3ea/0x710
[  708.471203][T14841]  ? tcp_setsockopt+0x3e/0xf0
[  708.471233][T14841]  ? do_sock_setsockopt+0x3ea/0x710
[  708.471278][T14841]  ksys_read+0x19d/0x2d0
[  708.471308][T14841]  ? __pfx_ksys_read+0x10/0x10
[  708.471343][T14841]  ? do_syscall_64+0xb6/0x210
[  708.471369][T14841]  do_syscall_64+0xf3/0x210
[  708.471392][T14841]  ? clear_bhb_loop+0x45/0xa0
[  708.471418][T14841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.471438][T14841] RIP: 0033:0x7f1c8318cb7c
[  708.471458][T14841] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  708.471477][T14841] RSP: 002b:00007f1c840bc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  708.471500][T14841] RAX: ffffffffffffffda RBX: 00007f1c833b5fa0 RCX: 00007f1c8318cb7c
[  708.471516][T14841] RDX: 000000000000000f RSI: 00007f1c840bc0a0 RDI: 0000000000000004
[  708.471531][T14841] RBP: 00007f1c840bc090 R08: 0000000000000000 R09: 0000000000000000
[  708.471544][T14841] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  708.471558][T14841] R13: 0000000000000000 R14: 00007f1c833b5fa0 R15: 00007f1c834dfa28
[  708.471583][T14841]  </TASK>
[  709.314117][T14862] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1999'.
[  709.527731][ T5896] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  709.594757][    T9] usb 7-1: new high-speed USB device number 118 using dummy_hcd
[  709.695877][ T5896] usb 1-1: Using ep0 maxpacket: 32
[  709.706530][ T5896] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  709.728027][ T5896] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  709.790111][    T9] usb 7-1: Using ep0 maxpacket: 8
[  709.797960][    T9] usb 7-1: unable to get BOS descriptor or descriptor too short
[  709.946099][    T9] usb 7-1: config 8 has an invalid descriptor of length 48, skipping remainder of the config
[  710.064857][ T5896] usb 1-1: config 0 interface 0 has no altsetting 0
[  710.071556][ T5896] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  710.081318][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  710.104356][    T9] usb 7-1: config 8 has 0 interfaces, different from the descriptor's value: 2
[  710.108660][ T5896] usb 1-1: config 0 descriptor??
[  710.149105][    T9] usb 7-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  710.164433][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.193003][    T9] usb 7-1: Product: syz
[  710.211475][    T9] usb 7-1: Manufacturer: syz
[  710.216799][    T9] usb 7-1: SerialNumber: syz
[  710.304336][ T3078] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  710.498161][T14865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  710.508602][T14865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  710.584327][ T5899] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  710.607180][ T5896] betop 0003:20BC:5500.0021: unknown main item tag 0x0
[  710.629348][ T5896] betop 0003:20BC:5500.0021: hidraw0: USB HID v0.00 Device [HID 20bc:5500] on usb-dummy_hcd.0-1/input0
[  710.666180][ T5896] betop 0003:20BC:5500.0021: no inputs found
[  710.716811][ T3078] usb 5-1: config 0 has no interfaces?
[  710.725160][ T3078] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  710.734632][ T3078] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  710.742735][ T3078] usb 5-1: Product: syz
[  710.748432][ T3078] usb 5-1: Manufacturer: syz
[  710.757237][ T5899] usb 3-1: config 0 has no interfaces?
[  710.782730][ T3078] usb 5-1: config 0 descriptor??
[  710.788072][ T5899] usb 3-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  710.881187][ T5899] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  710.923014][ T5899] usb 3-1: config 0 descriptor??
[  711.034660][ T5896] usb 1-1: USB disconnect, device number 30
[  711.250431][ T5899] usb 3-1: USB disconnect, device number 19
[  711.896271][ T5896] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  711.914067][T14878] xt_recent: Unsupported userspace flags (000000ca)
[  712.034308][ T5896] usb 1-1: device descriptor read/64, error -71
[  712.090259][T14880] FAULT_INJECTION: forcing a failure.
[  712.090259][T14880] name failslab, interval 1, probability 0, space 0, times 0
[  712.241938][ T5899] usb 5-1: USB disconnect, device number 33
[  712.286329][T14880] CPU: 1 UID: 0 PID: 14880 Comm: syz.2.2004 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  712.286363][T14880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  712.286377][T14880] Call Trace:
[  712.286386][T14880]  <TASK>
[  712.286396][T14880]  dump_stack_lvl+0x241/0x360
[  712.286438][T14880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  712.286470][T14880]  ? __pfx__printk+0x10/0x10
[  712.286505][T14880]  ? __pfx___might_resched+0x10/0x10
[  712.286536][T14880]  should_fail_ex+0x424/0x570
[  712.286574][T14880]  should_failslab+0xac/0x100
[  712.286600][T14880]  kmem_cache_alloc_noprof+0x78/0x390
[  712.286622][T14880]  ? __kernfs_new_node+0xdf/0x890
[  712.286656][T14880]  __kernfs_new_node+0xdf/0x890
[  712.286681][T14880]  ? irqentry_exit+0x63/0x90
[  712.286709][T14880]  ? __pfx___kernfs_new_node+0x10/0x10
[  712.286741][T14880]  ? kernfs_root+0x1c/0x230
[  712.286764][T14880]  ? kernfs_root+0x1c/0x230
[  712.286787][T14880]  kernfs_new_node+0x114/0x220
[  712.286815][T14880]  kernfs_create_link+0xa5/0x1f0
[  712.286848][T14880]  sysfs_do_create_link_sd+0x85/0x110
[  712.286884][T14880]  software_node_notify+0xd9/0x1b0
[  712.286922][T14880]  device_add+0x513/0xbf0
[  712.286946][T14880]  ? iommufd_test+0x2efb/0x56a0
[  712.286982][T14880]  iommufd_test+0x3350/0x56a0
[  712.287026][T14880]  ? __pfx_iommufd_test+0x10/0x10
[  712.287070][T14880]  ? __lock_acquire+0xad5/0xd80
[  712.287133][T14880]  iommufd_fops_ioctl+0x4fc/0x610
[  712.287164][T14880]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  712.287212][T14880]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  712.287241][T14880]  __se_sys_ioctl+0xf1/0x160
[  712.287271][T14880]  do_syscall_64+0xf3/0x210
[  712.287294][T14880]  ? clear_bhb_loop+0x45/0xa0
[  712.287320][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.287341][T14880] RIP: 0033:0x7f6ffeb8e169
[  712.287361][T14880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  712.287380][T14880] RSP: 002b:00007f6fff9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  712.287404][T14880] RAX: ffffffffffffffda RBX: 00007f6ffedb5fa0 RCX: 00007f6ffeb8e169
[  712.287420][T14880] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  712.287435][T14880] RBP: 00007f6fff9e7090 R08: 0000000000000000 R09: 0000000000000000
[  712.287449][T14880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  712.287461][T14880] R13: 0000000000000000 R14: 00007f6ffedb5fa0 R15: 00007f6ffeedfa28
[  712.287494][T14880]  </TASK>
[  712.291791][T14880] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  712.663735][T14880] ==================================================================
[  712.671884][T14880] BUG: KASAN: slab-use-after-free in software_node_notify_remove+0x1bc/0x1c0
[  712.680741][T14880] Read of size 1 at addr ffff88803078ad08 by task syz.2.2004/14880
[  712.688626][T14880] 
[  712.690951][T14880] CPU: 0 UID: 0 PID: 14880 Comm: syz.2.2004 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  712.690970][T14880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  712.690980][T14880] Call Trace:
[  712.690988][T14880]  <TASK>
[  712.690995][T14880]  dump_stack_lvl+0x241/0x360
[  712.691021][T14880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  712.691042][T14880]  ? rcu_is_watching+0x15/0xb0
[  712.691056][T14880]  ? __virt_addr_valid+0x183/0x530
[  712.691076][T14880]  ? lock_release+0x4e/0x3e0
[  712.691098][T14880]  ? __virt_addr_valid+0x183/0x530
[  712.691116][T14880]  ? __virt_addr_valid+0x183/0x530
[  712.691135][T14880]  print_report+0x16e/0x5b0
[  712.691148][T14880]  ? __virt_addr_valid+0x183/0x530
[  712.691166][T14880]  ? __virt_addr_valid+0x183/0x530
[  712.691184][T14880]  ? __virt_addr_valid+0x45f/0x530
[  712.691201][T14880]  ? __phys_addr+0xba/0x170
[  712.691219][T14880]  ? software_node_notify_remove+0x1bc/0x1c0
[  712.691234][T14880]  kasan_report+0x143/0x180
[  712.691248][T14880]  ? software_node_notify_remove+0x1bc/0x1c0
[  712.691266][T14880]  software_node_notify_remove+0x1bc/0x1c0
[  712.691282][T14880]  device_del+0x594/0x9b0
[  712.691301][T14880]  ? __pfx_device_del+0x10/0x10
[  712.691320][T14880]  device_unregister+0x20/0xc0
[  712.691337][T14880]  iommufd_fops_release+0x1bd/0x390
[  712.691359][T14880]  ? __pfx_iommufd_fops_release+0x10/0x10
[  712.691380][T14880]  ? evm_file_release+0x10c/0x1e0
[  712.691419][T14880]  ? __pfx_iommufd_fops_release+0x10/0x10
[  712.691439][T14880]  __fput+0x3e9/0x9f0
[  712.691460][T14880]  task_work_run+0x251/0x310
[  712.691482][T14880]  ? __pfx_task_work_run+0x10/0x10
[  712.691504][T14880]  ? switch_task_namespaces+0xe4/0x110
[  712.691528][T14880]  do_exit+0xa11/0x27f0
[  712.691549][T14880]  ? do_raw_spin_lock+0x151/0x370
[  712.691567][T14880]  ? __pfx_do_exit+0x10/0x10
[  712.691585][T14880]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  712.691610][T14880]  do_group_exit+0x207/0x2c0
[  712.691628][T14880]  ? _raw_spin_unlock_irq+0x23/0x50
[  712.691651][T14880]  ? lockdep_hardirqs_on+0x9d/0x150
[  712.691667][T14880]  get_signal+0x1696/0x1730
[  712.691695][T14880]  ? __pfx_get_signal+0x10/0x10
[  712.691721][T14880]  arch_do_signal_or_restart+0x98/0x810
[  712.691747][T14880]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  712.691775][T14880]  ? syscall_exit_to_user_mode+0xa3/0x340
[  712.691792][T14880]  syscall_exit_to_user_mode+0xce/0x340
[  712.691809][T14880]  do_syscall_64+0x100/0x210
[  712.691825][T14880]  ? clear_bhb_loop+0x45/0xa0
[  712.691843][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.691863][T14880] RIP: 0033:0x7f6ffeb8e169
[  712.691877][T14880] Code: Unable to access opcode bytes at 0x7f6ffeb8e13f.
[  712.691886][T14880] RSP: 002b:00007f6fff9e70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  712.691902][T14880] RAX: fffffffffffffe00 RBX: 00007f6ffedb5fa8 RCX: 00007f6ffeb8e169
[  712.691914][T14880] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6ffedb5fa8
[  712.691924][T14880] RBP: 00007f6ffedb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  712.691934][T14880] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6ffedb5fac
[  712.691944][T14880] R13: 0000000000000000 R14: 00007f6ffeedf940 R15: 00007f6ffeedfa28
[  712.691960][T14880]  </TASK>
[  712.691966][T14880] 
[  712.714387][ T5896] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  712.717309][T14880] Allocated by task 14880:
[  712.717325][T14880]  kasan_save_track+0x3f/0x80
[  712.914354][ T5896] usb 1-1: device descriptor read/64, error -71
[  712.916667][T14880]  __kasan_kmalloc+0x9d/0xb0
[  713.029689][T14880]  __kmalloc_cache_noprof+0x236/0x370
[  713.035089][T14880]  swnode_register+0x5a/0x540
[  713.039769][T14880]  fwnode_create_software_node+0x199/0x1f0
[  713.045622][T14880]  device_create_managed_software_node+0xd5/0x1f0
[  713.052032][T14880]  iommufd_test+0x3335/0x56a0
[  713.056713][T14880]  iommufd_fops_ioctl+0x4fc/0x610
[  713.061736][T14880]  __se_sys_ioctl+0xf1/0x160
[  713.066321][T14880]  do_syscall_64+0xf3/0x210
[  713.070812][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.076699][T14880] 
[  713.079027][T14880] Freed by task 14880:
[  713.083083][T14880]  kasan_save_track+0x3f/0x80
[  713.087779][T14880]  kasan_save_free_info+0x40/0x50
[  713.092804][T14880]  __kasan_slab_free+0x59/0x70
[  713.097572][T14880]  kfree+0x198/0x430
[  713.101471][T14880]  kobject_put+0x22f/0x480
[  713.105955][T14880]  software_node_notify_remove+0x159/0x1c0
[  713.111775][T14880]  device_del+0x594/0x9b0
[  713.116108][T14880]  device_unregister+0x20/0xc0
[  713.120876][T14880]  iommufd_fops_release+0x1bd/0x390
[  713.126073][T14880]  __fput+0x3e9/0x9f0
[  713.130051][T14880]  task_work_run+0x251/0x310
[  713.134637][T14880]  do_exit+0xa11/0x27f0
[  713.138792][T14880]  do_group_exit+0x207/0x2c0
[  713.143376][T14880]  get_signal+0x1696/0x1730
[  713.147881][T14880]  arch_do_signal_or_restart+0x98/0x810
[  713.153424][T14880]  syscall_exit_to_user_mode+0xce/0x340
[  713.158963][T14880]  do_syscall_64+0x100/0x210
[  713.163633][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.169525][T14880] 
[  713.171843][T14880] The buggy address belongs to the object at ffff88803078ac00
[  713.171843][T14880]  which belongs to the cache kmalloc-512 of size 512
[  713.185896][T14880] The buggy address is located 264 bytes inside of
[  713.185896][T14880]  freed 512-byte region [ffff88803078ac00, ffff88803078ae00)
[  713.199686][T14880] 
[  713.202005][T14880] The buggy address belongs to the physical page:
[  713.208435][T14880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30788
[  713.217199][T14880] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  713.225690][T14880] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  713.233228][T14880] page_type: f5(slab)
[  713.237204][T14880] raw: 00fff00000000040 ffff88801b041c80 dead000000000100 dead000000000122
[  713.245781][T14880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  713.254358][T14880] head: 00fff00000000040 ffff88801b041c80 dead000000000100 dead000000000122
[  713.263044][T14880] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  713.271721][T14880] head: 00fff00000000002 ffffea0000c1e201 00000000ffffffff 00000000ffffffff
[  713.280399][T14880] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  713.289126][T14880] page dumped because: kasan: bad access detected
[  713.295547][T14880] page_owner tracks the page as allocated
[  713.301258][T14880] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5856, tgid 5856 (syz-executor), ts 91840684644, free_ts 91812808218
[  713.322622][T14880]  post_alloc_hook+0x1f4/0x240
[  713.327391][T14880]  get_page_from_freelist+0x360a/0x37a0
[  713.332939][T14880]  __alloc_frozen_pages_noprof+0x211/0x5b0
[  713.338746][T14880]  alloc_pages_mpol+0x339/0x690
[  713.343588][T14880]  allocate_slab+0x8f/0x3b0
[  713.348089][T14880]  ___slab_alloc+0xc3b/0x1500
[  713.352762][T14880]  __slab_alloc+0x58/0xa0
[  713.357087][T14880]  __kmalloc_noprof+0x2ea/0x4d0
[  713.361952][T14880]  fib6_info_alloc+0x2e/0xf0
[  713.366541][T14880]  ip6_route_info_create+0x445/0x12c0
[  713.371918][T14880]  ip6_route_add+0x28/0x160
[  713.376417][T14880]  addrconf_add_dev+0x371/0x530
[  713.381262][T14880]  addrconf_init_auto_addrs+0x8f1/0xfe0
[  713.386810][T14880]  addrconf_notify+0xaff/0x1020
[  713.391681][T14880]  notifier_call_chain+0x1a5/0x3f0
[  713.396788][T14880]  __dev_notify_flags+0x209/0x410
[  713.401814][T14880] page last free pid 5890 tgid 5890 stack trace:
[  713.408129][T14880]  __free_frozen_pages+0xde8/0x10a0
[  713.413327][T14880]  __put_partials+0x160/0x1c0
[  713.418021][T14880]  put_cpu_partial+0x17e/0x250
[  713.422787][T14880]  __slab_free+0x294/0x390
[  713.427203][T14880]  qlist_free_all+0x9a/0x140
[  713.431792][T14880]  kasan_quarantine_reduce+0x14f/0x170
[  713.437253][T14880]  __kasan_slab_alloc+0x23/0x80
[  713.442106][T14880]  __kmalloc_noprof+0x238/0x4d0
[  713.446971][T14880]  inotify_handle_inode_event+0x1b7/0x5f0
[  713.452704][T14880]  inotify_ignored_and_remove_idr+0x29/0x70
[  713.458592][T14880]  __se_sys_inotify_rm_watch+0xc2/0x130
[  713.464133][T14880]  do_syscall_64+0xf3/0x210
[  713.468631][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.474522][T14880] 
[  713.476843][T14880] Memory state around the buggy address:
[  713.482483][T14880]  ffff88803078ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  713.490540][T14880]  ffff88803078ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  713.498608][T14880] >ffff88803078ad00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  713.506659][T14880]                       ^
[  713.510977][T14880]  ffff88803078ad80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  713.519034][T14880]  ffff88803078ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  713.527110][T14880] ==================================================================
[  713.545559][T14880] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  713.552892][T14880] CPU: 1 UID: 0 PID: 14880 Comm: syz.2.2004 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) 
[  713.564966][T14880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  713.575036][T14880] Call Trace:
[  713.578326][T14880]  <TASK>
[  713.581265][T14880]  dump_stack_lvl+0x241/0x360
[  713.585965][T14880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  713.591186][T14880]  ? __pfx__printk+0x10/0x10
[  713.595795][T14880]  ? vscnprintf+0x5d/0x90
[  713.600153][T14880]  panic+0x349/0x880
[  713.604062][T14880]  ? check_panic_on_warn+0x21/0xb0
[  713.609188][T14880]  ? __pfx_panic+0x10/0x10
[  713.613613][T14880]  ? _raw_spin_unlock_irqrestore+0x134/0x140
[  713.619615][T14880]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  713.625955][T14880]  ? print_report+0x519/0x5b0
[  713.630637][T14880]  check_panic_on_warn+0x86/0xb0
[  713.635583][T14880]  ? software_node_notify_remove+0x1bc/0x1c0
[  713.641570][T14880]  end_report+0x77/0x160
[  713.645815][T14880]  kasan_report+0x154/0x180
[  713.650322][T14880]  ? software_node_notify_remove+0x1bc/0x1c0
[  713.656307][T14880]  software_node_notify_remove+0x1bc/0x1c0
[  713.662124][T14880]  device_del+0x594/0x9b0
[  713.666462][T14880]  ? __pfx_device_del+0x10/0x10
[  713.671325][T14880]  device_unregister+0x20/0xc0
[  713.676095][T14880]  iommufd_fops_release+0x1bd/0x390
[  713.681315][T14880]  ? __pfx_iommufd_fops_release+0x10/0x10
[  713.687053][T14880]  ? evm_file_release+0x10c/0x1e0
[  713.692096][T14880]  ? __pfx_iommufd_fops_release+0x10/0x10
[  713.697828][T14880]  __fput+0x3e9/0x9f0
[  713.701826][T14880]  task_work_run+0x251/0x310
[  713.706430][T14880]  ? __pfx_task_work_run+0x10/0x10
[  713.711554][T14880]  ? switch_task_namespaces+0xe4/0x110
[  713.717033][T14880]  do_exit+0xa11/0x27f0
[  713.721199][T14880]  ? do_raw_spin_lock+0x151/0x370
[  713.726236][T14880]  ? __pfx_do_exit+0x10/0x10
[  713.730845][T14880]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  713.736229][T14880]  do_group_exit+0x207/0x2c0
[  713.740833][T14880]  ? _raw_spin_unlock_irq+0x23/0x50
[  713.746044][T14880]  ? lockdep_hardirqs_on+0x9d/0x150
[  713.751246][T14880]  get_signal+0x1696/0x1730
[  713.755784][T14880]  ? __pfx_get_signal+0x10/0x10
[  713.760648][T14880]  arch_do_signal_or_restart+0x98/0x810
[  713.766210][T14880]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  713.772380][T14880]  ? syscall_exit_to_user_mode+0xa3/0x340
[  713.778102][T14880]  syscall_exit_to_user_mode+0xce/0x340
[  713.783660][T14880]  do_syscall_64+0x100/0x210
[  713.788259][T14880]  ? clear_bhb_loop+0x45/0xa0
[  713.792944][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.798841][T14880] RIP: 0033:0x7f6ffeb8e169
[  713.803262][T14880] Code: Unable to access opcode bytes at 0x7f6ffeb8e13f.
[  713.810277][T14880] RSP: 002b:00007f6fff9e70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  713.818703][T14880] RAX: fffffffffffffe00 RBX: 00007f6ffedb5fa8 RCX: 00007f6ffeb8e169
[  713.826682][T14880] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6ffedb5fa8
[  713.834661][T14880] RBP: 00007f6ffedb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  713.842634][T14880] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6ffedb5fac
[  713.850617][T14880] R13: 0000000000000000 R14: 00007f6ffeedf940 R15: 00007f6ffeedfa28
[  713.858602][T14880]  </TASK>
[  713.861906][T14880] Kernel Offset: disabled
[  713.866242][T14880] Rebooting in 86400 seconds..