last executing test programs:

3m18.329016187s ago: executing program 1 (id=1751):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r1}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="141300009cbe8c8a62c952ce5b0d00006be2e2965d7c7e98a44ad200000000", 0x1f}], 0x1}, 0x20004010)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
pipe2$9p(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
read$FUSE(r3, &(0x7f0000000bc0)={0x2020}, 0x2020)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000100)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002840)=ANY=[@ANYBLOB="b7000000810003c3bfa300000000000007030000f0ffffff720af1fff8ffffff71a4f0ff0000000065040200000000ff2d400400000000003400000001ede4ff7b1300ff000000001d440100000000007a0af0ff00ffffffdb030000a1000000b500f7ff350900009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4fc2495f74baaa876156de9078d687348ef1e50becb19bc461e94f4061cff1db39271a7168e51815548000000000000000275dff00000001b6bf01c8e8b19aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cd90eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a950812d7aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031bc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d040000000000000090205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d86047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23886ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a97429ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10ef454c7702c98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad801800"/3221], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000000c0)=0x1)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d9b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006)

3m17.177530387s ago: executing program 1 (id=1757):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x22401, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x4004085)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0xffa8)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0xfffffffffffffe88, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x152, 0x29, 0x20000e4c, 0xfffe, 0x3, 0x3865, 0x8, 0x4, 0x1, 0x45, 0x4, 0x81}}, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x78, &(0x7f0000000340)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2a}}, @in6={0xa, 0x4e22, 0x6, @remote, 0x80}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e23, 0x101, @loopback, 0x9a99}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}]}, &(0x7f0000000240)=0x10)
socket$nl_route(0x10, 0x3, 0x0)
read$FUSE(r0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x51}}], 0x2, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
syz_usb_control_io(r4, &(0x7f0000000140)={0x2c, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r4, &(0x7f0000000000)={0x14, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x43, @string={0x43, 0x3, "28fe0c02113c887118238fe8ee8387754ebaeed861ebe28effc065d68df14c6b545927fde0f5a291c247998ce9391e1c99238cd6b9c329f0737783cacca8066ec6"}}}, 0x0)

3m16.127208788s ago: executing program 1 (id=1763):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket(0x11, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="44000000160001"], 0x44}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FBIOPUTCMAP(r1, 0x4605, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10)

3m14.617357565s ago: executing program 1 (id=1765):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x3b7)

3m13.720454073s ago: executing program 1 (id=1772):
syz_usb_connect(0x2, 0x9a2, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aec000000000a01020000000000000000050000020900010073797a300000000008000240000000023c0006e808cf7384552f120183af56c4b2b79056586784bdcd8587885c60e5aa03d08d86c3f3fb99dac62aecd67dae229b4fb1f5e5cc1fdb5a5790010c00044000000000000000027300060019b59eb8f88251e50df3a7832fa66219e3adfb6f7f9e540e5d75f5287b5e577d484288d63bf01771d1421e03c82f09584c5fccf3c638eda875b512ced355af6eac1595e41486cd23fbd7165585760593db53e7aaf06ae70b4224d1c9d423d0daa28bf927198015adbbcc6fd9c1e56000080002400000000314000000110001"], 0x114}, 0x1, 0x0, 0x0, 0x8004}, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r2, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x121902)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x44, 0x79, 0xbb, 0x10, 0xeb1, 0x7007, 0x200, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xfd, 0x0, 0x90, 0x2, [{{0x9, 0x4, 0xb8, 0x2, 0x0, 0xff, 0x0, 0xff}}]}}]}}, 0x0)
writev(r3, &(0x7f0000000840), 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x2, &(0x7f0000000200)=<r5=>0x0)
io_submit(r5, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r4, &(0x7f0000000180)='\x00', 0xfdfe}])

3m10.300694635s ago: executing program 1 (id=1781):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x410420, 0x0)
r0 = open$dir(&(0x7f0000000500)='./file1\x00', 0x94180, 0x28)
openat$incfs(r0, &(0x7f0000000440)='.pending_reads\x00', 0x70040, 0xe4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0808060001080006040001ffffffffffffe0000002bbbbbbbbbb090000000212a5025938dd6871ca5c3d1cdbb97f7b98b219"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
waitid(0x0, 0x0, &(0x7f0000002ff9), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
sync()
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}, {0x0}], 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f000001fc40)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x119000, 0x3c)
mknodat$loop(r3, &(0x7f0000001600)='./file1\x00', 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000140)='./file1\x00', &(0x7f0000000280)='./bus\x00')
linkat(r3, &(0x7f0000000200)='./file1\x00', r3, &(0x7f0000000240)='./bus\x00', 0x0)
add_key(&(0x7f0000002100)='asymmetric\x00', 0x0, &(0x7f00000008c0)="3080", 0x2, 0xfffffffffffffffe)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000a00)=ANY=[@ANYBLOB="1201100300000010961b080040000102030109022d00010102c00309040086020301006a092109008101227c0009058103200004016b0905020320aed3d25700fc6b64980afe49b56e0dd4cffb2cea053d24aab9079f931bd09ff07a2a754bb128988c66e67cf399a6387c4cf208f79aad3eac38602fa2178e6a3c2179414ab91df637c640a2ad14d887107e6b482601cfd2223dc874985f8d40d627b07807726ba5dd6bae26ca31da3f256807670fe946ab2770c6ed4e7a6bca5d5e94e9cef23722f6228ebb4a595b69cc6c63eaea3ad9dc3c2ab376078514c75a695ddc75823ee5601ecc8b"], &(0x7f00000007c0)={0xa, &(0x7f0000000540)={0xa, 0x6, 0x200, 0x1, 0x7, 0xc, 0x40, 0x9}, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="0505f016d295203b2a4fb808c10f1900020a1003000000040900080a1003c692d1000600032ad479673192396d1879fe8f4945c2729211927782eb8eb2f704ec135e0223719b1f363f32b577a302e5907219942c31a1d85db155d768673c4435f9a161"], 0x4, [{0xdd, &(0x7f00000005c0)=ANY=[@ANYRES16=r2]}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x340b}}, {0x81, &(0x7f0000000700)=ANY=[@ANYBLOB="810313d9479e2a805f5f9c6114d915a59196935df7a5e4a9a8a8e510f65337a1658c4c9f1694ac9414fb0b62534983ce8168fb42ae3214f2e74f1ade887f88071b0994c1153238847c8267d9ae946acebe3a77c72c316790d353c737117ce21441183e9181cfd3293f2084e9c31d77069db4272ed675639b3fea43e52682ff70ce"]}, {0xc6, &(0x7f0000000900)=ANY=[]}]})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
fsopen(&(0x7f0000000580)='rpc_pipefs\x00', 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f000000aec0), 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0)

2m55.199277062s ago: executing program 32 (id=1781):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x410420, 0x0)
r0 = open$dir(&(0x7f0000000500)='./file1\x00', 0x94180, 0x28)
openat$incfs(r0, &(0x7f0000000440)='.pending_reads\x00', 0x70040, 0xe4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0808060001080006040001ffffffffffffe0000002bbbbbbbbbb090000000212a5025938dd6871ca5c3d1cdbb97f7b98b219"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
waitid(0x0, 0x0, &(0x7f0000002ff9), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
sync()
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}, {0x0}], 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f000001fc40)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x119000, 0x3c)
mknodat$loop(r3, &(0x7f0000001600)='./file1\x00', 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000140)='./file1\x00', &(0x7f0000000280)='./bus\x00')
linkat(r3, &(0x7f0000000200)='./file1\x00', r3, &(0x7f0000000240)='./bus\x00', 0x0)
add_key(&(0x7f0000002100)='asymmetric\x00', 0x0, &(0x7f00000008c0)="3080", 0x2, 0xfffffffffffffffe)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000a00)=ANY=[@ANYBLOB="1201100300000010961b080040000102030109022d00010102c00309040086020301006a092109008101227c0009058103200004016b0905020320aed3d25700fc6b64980afe49b56e0dd4cffb2cea053d24aab9079f931bd09ff07a2a754bb128988c66e67cf399a6387c4cf208f79aad3eac38602fa2178e6a3c2179414ab91df637c640a2ad14d887107e6b482601cfd2223dc874985f8d40d627b07807726ba5dd6bae26ca31da3f256807670fe946ab2770c6ed4e7a6bca5d5e94e9cef23722f6228ebb4a595b69cc6c63eaea3ad9dc3c2ab376078514c75a695ddc75823ee5601ecc8b"], &(0x7f00000007c0)={0xa, &(0x7f0000000540)={0xa, 0x6, 0x200, 0x1, 0x7, 0xc, 0x40, 0x9}, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="0505f016d295203b2a4fb808c10f1900020a1003000000040900080a1003c692d1000600032ad479673192396d1879fe8f4945c2729211927782eb8eb2f704ec135e0223719b1f363f32b577a302e5907219942c31a1d85db155d768673c4435f9a161"], 0x4, [{0xdd, &(0x7f00000005c0)=ANY=[@ANYRES16=r2]}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x340b}}, {0x81, &(0x7f0000000700)=ANY=[@ANYBLOB="810313d9479e2a805f5f9c6114d915a59196935df7a5e4a9a8a8e510f65337a1658c4c9f1694ac9414fb0b62534983ce8168fb42ae3214f2e74f1ade887f88071b0994c1153238847c8267d9ae946acebe3a77c72c316790d353c737117ce21441183e9181cfd3293f2084e9c31d77069db4272ed675639b3fea43e52682ff70ce"]}, {0xc6, &(0x7f0000000900)=ANY=[]}]})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
fsopen(&(0x7f0000000580)='rpc_pipefs\x00', 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f000000aec0), 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0)

17.950408998s ago: executing program 4 (id=2277):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x217, @time={0x65757100, 0x8}, 0x0, {}, 0x67, 0x2})

17.693361388s ago: executing program 4 (id=2279):
openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00')
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000001f80)=ANY=[@ANYBLOB="7a0af8ff7525732cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5956fc4a33ca263e2b5d47b2b00000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000010000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e3841bef895c5a637b0bf2eac3cb07b74a72291a1a2b523dd81b6651b1ee29e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b18914781ceb10814cf4ee23ddb79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8fdf3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c980000cfb215af2c1a3c22243cce23b00000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x20000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x1e1000, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x14}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syslog(0x4, &(0x7f0000000440)=""/223, 0xdf)

17.671294354s ago: executing program 5 (id=2280):
sched_setscheduler(0x0, 0x1, 0x0)
openat$mixer(0xffffffffffffff9c, 0x0, 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
socket$nl_generic(0x10, 0x3, 0x10)
getcwd(0x0, 0xfffffffffffffe7d)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xffffffffffffffff)

16.386204475s ago: executing program 5 (id=2283):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000080)={0x209d}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB], 0xbc}, 0x1, 0x0, 0x0, 0x44001}, 0x0)
setsockopt$inet_int(r4, 0x0, 0x1, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x2)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xc8)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r7 = accept4(r6, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000005c0)=""/34, 0x22}, {&(0x7f00000006c0)=""/188, 0xbc}], 0x2}, 0x7}], 0x1, 0x10000, 0x0)
sendmsg$nl_route_sched_retired(r7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001780)=@newtfilter={0xf8, 0x2c, 0x800, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xffeb, 0xf}, {0xfff1, 0x2}, {0xfff2, 0xffe0}}, [@f_tcindex={{0xc}, {0xc8, 0x2, [@TCA_TCINDEX_ACT={0xc4, 0x7, [@m_mirred={0x70, 0x1f, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x101, 0x8, 0x1, 0x5, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x0, 0x1, 0x3, 0xff}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_tunnel_key={0x50, 0x10, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private1}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @loopback}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0xf8}, 0x1, 0x0, 0x0, 0xc4}, 0x40)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x10001, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)

16.342363121s ago: executing program 4 (id=2285):
syz_open_dev$loop(&(0x7f00000002c0), 0x47ffffc, 0x200)
socket$netlink(0x10, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r0, &(0x7f00000003c0)={0x2, 0x4e22, @remote}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x70, 0x65, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010101, @remote}, @dest_unreach={0x3, 0xc, 0x0, 0x0, 0x6, 0x1f, {0x15, 0x4, 0x3, 0x14, 0x7ff, 0x64, 0x1ce2, 0xd9, 0x1, 0xe5c, @loopback=0xac14140a, @remote, {[@timestamp={0x44, 0xc, 0x37, 0x0, 0x2, [0x7ff, 0x7]}, @timestamp_addr={0x44, 0x34, 0x87, 0x1, 0x0, [{@multicast2, 0x9}, {@loopback, 0x5}, {@loopback, 0x20005}, {@private=0xa010102, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x329}, {@multicast1, 0x4}]}]}}}}}}}, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x80400, 0x0)
socket(0x10, 0x803, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "0e3ad5de"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @main=@item_4={0x3, 0x0, 0x8, "9e3ce079"}]}}, 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xfffffffffffffffc, 0x2, 0x9, 0x4, 0x0, 0xffffffff, 0x8}, 0x0, &(0x7f0000000080)={0x7fc, 0x2, 0x4000000000800000, 0xfffffffffffffffc, 0x0, 0xc3ad}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

14.500633208s ago: executing program 5 (id=2290):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect(r0, &(0x7f0000000280)=@hci={0x1f, 0x2, 0x3}, 0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000ddffff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
mount$nfs4(&(0x7f00000000c0)='#}-$\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="252c2f6465762f666230002c002c2c6d707463705f706d002c2f6465762f66e730002c2c2f6465762f66bb3f5407c30c1c002cfa2c61707072616973655f747970653d696d617369672c00"])
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r2, 0xfffffffc)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xa90})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000440)={0x1, 0x0, 0xeeef0000, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x1a, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r8, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x2000000)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockname$inet(r9, 0x0, &(0x7f0000000080))

13.154301042s ago: executing program 4 (id=2295):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, 0x0, 0x4044080)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x2000000, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000580)={[{@default_permissions}, {@xino_auto}], [{@fowner_lt}, {@appraise_type}, {@smackfshat={'smackfshat', 0x3d, 'sched_switch\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x65, 0x55, 0x31, 0x34, 0x30, 0x39, 0x39], 0x2d, [0x63, 0x33, 0x36, 0x33], 0x2d, [0x37, 0x6fedb0ad667a3716, 0x34, 0x4bbc10f19dea590f], 0x2d, [0x37, 0x66, 0x30, 0x39], 0x2d, [0x36, 0x65, 0x39, 0x32, 0x33, 0x62, 0x36, 0x35]}}}, {@appraise}, {@dont_hash}, {@euid_lt}, {@dont_hash}], 0x2f})
r5 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\x00\xc2\x9aml\r\xcf\xaa\x13\x99\x85B\xc3\x06<\xc2\xa9\xc3\xdb\x88\xee\x85md\xc8\x85HX\xa9%\f\x8fe\xe0\x00\x00\xa8\xfdn\xbe \a\x0e\xa3\xb9\x1d\x9dO\xbdj\x00\x00\xfb\xff\x00c\xb2\xc9\ap\xd0\xa2\x82\x1e\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcb\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2\xa75\x9d\xcb\x1e\x80\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x00uNh\xc5(\xbc\xf3\xac{\x04D2\xf2\xcd\xc2{E\xae\x89\xddI\xc8\xc6\xe9\xef\x98\xf0\x8b\xac\xa7R\x10\x011\x9fi\x00\x00\x00\x00\x00\x00\x00\x00\x002?D\x86\x14\xa52<\x87n\xf4\x04R\x15\t\xb8\xbeT\xb8\xe7K)\x1fP\xb6\xce8\xcc\xabe\xcb\xd0\xf9\xc9\xfe_\v\xaa#\x8f\x8asu\xb2\xfe\xc4\xbe\x03\xd3\x93E\x1d\xaf}\x9b\xac\xc2\x9a\xe6W\x92sD\fn\x9e\xc2s\xc6_4\f\xc1\x8b\x9a\xa4_\xad\x9b\xb9 \v\x0f{>\xdf^.\xb8\x96\x1d\x99vY\xa8\xfa\xd7i\x94i^;\xaa\xe7XA\xd2\xc5\x02\x12I\xbe\xd0Ksq\x96 \xbf\xed\x1c\x91\xeeN\xda&\xddtG\xc2\xa8j\xae\xac)\xfdNu\x19\x91\xa7z\x1b\x0e\xab\xd2k\x16\x87#\xf6p#\x8d\xdd?\x9fXV\x12\xa9\xc7v\x02\x98g:4\xb6\xcaY\xc2~k\xcb\xef]h/\xa2\xaf\xc4\xec\xdc\xd4H\xed\x94qNY\x85\x87&\xf1\xbb\f\x02\x0fo\xae\xf4\x19|\xc4\xfcL\xdb\x00\xedrK\x13\xb5J?s\x93\xe6\xda\xf0\xf3B\x8d\xb4\xd8>\x12\xb0\x8e\x8d\xdaQ\xa2\xd0\xbc\x92d\x9e^\xbc\xd5\x8aNf\xefa\v*\xb08\xfc\xd2\xa4\x11`\xae\x98\xcc\xe1\xea\xc2\x1dKR\x0e\x1cK\x86\v\xba\xdfz\xa8\xdf\xb6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xe9\xb3@\xe8\a0\x1e\xb8L\x83\xc4\xa8\xb2\xc1\xf8\xae\x1d\x198\x0f\xfa\t\x88+\xdc\xe1\x01@\xbd\x8ba\"|\x14\x1bF\x9b\xd3\xff7\a\x1c:U\xba\xf4\t\xdc\xef\xe3\x11\xdb^\xee\x8c0\xee\xde6:\x80t\xfb\xbc^K\xb4\x8c9\xb0\xec\x82\x127!\x0e\xa3\xc9\xe0\xea\xfa\x0f\xbb\x0e \xc3\xef\xb2<S\xd8\x11\x8b\x9a0\xea1\xde_\xcfW\xfa', 0x7)
fsetxattr$security_ima(r5, 0x0, &(0x7f0000000280)=ANY=[], 0xfe49, 0x0)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
r6 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r6, &(0x7f0000000100)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='macvlan0\x00', 0x10)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000200)='\b\x00', 0x2}], 0x1, 0x0, 0x0, 0x60000000}, 0x20000004)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r7, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_settings={0x9, 0x8, @raw_hdlc=&(0x7f0000000400)={0xe, 0x5}}})

11.738186494s ago: executing program 4 (id=2297):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r4, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="050000000000000600000600000008000300", @ANYRES32, @ANYBLOB="1fc430"], 0x24}}, 0x0)

11.464823723s ago: executing program 2 (id=2298):
socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c07, 0x6, 0x0, 0x100000})
r1 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x40000014})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xc3afe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
capset(0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x7ff, @empty, 0x1}, {0xa, 0x4e20, 0x17f, @dev={0xfe, 0x80, '\x00', 0xb}, 0x9}, 0xffffffffffffffff, 0xb}}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000000)={0xe, 0x18, 0xfa00, @ib_path={0x0, r7, 0x1, 0x7ffffffe}}, 0x20)

9.529758923s ago: executing program 2 (id=2301):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000080)={0x209d}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB], 0xbc}, 0x1, 0x0, 0x0, 0x44001}, 0x0)
setsockopt$inet_int(r4, 0x0, 0x1, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x2)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xc8)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r7 = accept4(r6, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000005c0)=""/34, 0x22}, {&(0x7f00000006c0)=""/188, 0xbc}], 0x2}, 0x7}], 0x1, 0x10000, 0x0)
sendmsg$nl_route_sched_retired(r7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001780)=@newtfilter={0xf8, 0x2c, 0x800, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xffeb, 0xf}, {0xfff1, 0x2}, {0xfff2, 0xffe0}}, [@f_tcindex={{0xc}, {0xc8, 0x2, [@TCA_TCINDEX_ACT={0xc4, 0x7, [@m_mirred={0x70, 0x1f, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x101, 0x8, 0x1, 0x5, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x0, 0x1, 0x3, 0xff}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_tunnel_key={0x50, 0x10, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private1}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @loopback}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0xf8}, 0x1, 0x0, 0x0, 0xc4}, 0x40)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x10001, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)

8.654294606s ago: executing program 3 (id=2302):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
userfaultfd(0x80800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x8802)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
syz_open_dev$sndpcmp(&(0x7f0000000100), 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r4, 0x3b88, &(0x7f0000000000)={0xc, r5})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000340)={0x28, 0x2, r5, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10})
ioctl$IOMMU_VFIO_SET_IOMMU(r4, 0x3b66, 0x1)
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x4, r5, 0x0, &(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x8000000000000000})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r4, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB="1800007f000000000020000000000000000100"])
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={'\x00', 0x7f, 0x1, 0x0, 0x200, 0x0, <r7=>0xffffffffffffffff})
ioprio_set$pid(0x0, r7, 0x6000)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e220000060005405e"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

7.687064121s ago: executing program 3 (id=2303):
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x4}}, './file0\x00'})
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000040)=0x8001, 0x4)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000080)={0x7, 0x101, 0xb5, 0x4, 0x3, "3a7e54afba9d2b308d06c43ac8cbb94de249f2", 0x8, 0x9})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x60)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x9, 0x3, 0x290, 0x120, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1f8, 0xffffffff, 0xffffffff, 0x1f8, 0xffffffff, 0x3, &(0x7f0000000100), {[{{@uncond, 0x0, 0xb8, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x5, 0x6, 0x8, 0x7fff, 'pptp\x00', 'syz0\x00', {0xb7aa}}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1a, 0x4, 0x3, 0x9, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000440)={{0x0, 0x0, 0x2, 0x0, 0x4}, 0x100000001, 0xfffffffffffffff8, 0x5})
fsetxattr$trusted_overlay_redirect(r1, &(0x7f00000004c0), &(0x7f0000000500)='./file1\x00', 0x8, 0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000540)=0x16)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_int(r3, 0x29, 0x34, &(0x7f0000000580), &(0x7f00000005c0)=0x4)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, './file1\x00'})
write$P9_RSETATTR(r4, &(0x7f0000000640)={0x7, 0x1b, 0x1}, 0x7)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r4, 0x89f4, &(0x7f00000006c0)={'sit0\x00', &(0x7f0000000680)={@dev={0xac, 0x14, 0x14, 0x20}, 0x0, 0x0, 0x20, 0x0, [{@empty}, {@remote}]}})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000700)={0x2, r4})
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000780)={'sit0\x00', &(0x7f0000000740)={@dev={0xfe, 0x80, '\x00', 0x26}, @loopback, 0x6}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa0, 0xa0, 0xb, [@union={0xa, 0x6, 0x0, 0x5, 0x0, 0x6, [{0x10, 0x4, 0x6}, {0x4, 0x3, 0x5}, {0x2, 0x4, 0x401}, {0x5, 0x4, 0xe}, {0x6, 0x4, 0x53}, {0xf, 0x2, 0x7}]}, @func={0x1, 0x0, 0x0, 0xc, 0x4}, @int={0xa, 0x0, 0x0, 0x1, 0x0, 0x71, 0x0, 0x26, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x4, 0x10}}, @type_tag={0x1, 0x0, 0x0, 0x12, 0x4}, @float={0xc, 0x0, 0x0, 0x10, 0x8}]}, {0x0, [0x30, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, 0x5f]}}, &(0x7f00000008c0)=""/11, 0xc3, 0xb, 0x0, 0x8}, 0x28)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000980), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r5, &(0x7f0000000b00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000ac0)={&(0x7f00000009c0)={0xc8, r6, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0x88, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xdecb870}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7a31145b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x414}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x10da36fd}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xeed0}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc5c6}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd6e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb4e8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1b3ca565}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x77a522b8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6203}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5a4e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4fec1ec7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe259}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4000}, 0x4000800)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000b40)={<r7=>0x0}, &(0x7f0000000b80)=0xc)
sched_setscheduler(r7, 0x5, &(0x7f0000000bc0)=0x9)
getdents(r4, &(0x7f0000000c00)=""/234, 0xea)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r5, &(0x7f0000000d40)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x2}, 0xc, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x4000040}, 0x4040005)
open(&(0x7f0000000d80)='./file0\x00', 0xca40, 0x0)
r8 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000dc0), 0x2, 0x0)
ioctl$VIDIOC_S_PARM(r8, 0xc0cc5616, &(0x7f0000000e00)={0x2, @raw_data="ce10ef82156c74785da33524dc57cf49929075de63121fe2d1631fcb85861a6bc236b1512b9d9828e081e1ba3bb331b31b61a72de198867563bc9d4e544446ca1ce44d50eb1762d0c390668112beca4066ecc4aad06a694e7418fb713b0238fa852be429a7ee44490b42834d2c30068ca3ef2ec2e2a2aab684f66f9b3621377fde1a2cd3c0e2411a63bfbd116de440afe8a8d9e45546a99b58ff8d689c63ddab7c329e3b36fb02664243d473c72d2c5f8c61088454fe9bcfa509be40d824df0643ea33266a680bc8"})
write$P9_RAUTH(r4, &(0x7f0000000f00)={0x14, 0x67, 0x1, {0x40, 0x3, 0x6}}, 0x14)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000f40)={0x40, 0x9})

7.174289648s ago: executing program 0 (id=2304):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SG_GET_COMMAND_Q(0xffffffffffffffff, 0x2270, &(0x7f00000000c0))
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r2, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f0000000380)=[{&(0x7f00000006c0)="d6b5", 0x2}, {&(0x7f0000000280)="d51f75267bbfca63471230134926041e819fbcbe0974c2084ed67aa2e8b39cd6c9f050c178f8dffd8a16d6a2357aaf72912636b2b7", 0x35}], 0x2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)="5c00000014006b03000000d86e6c1d00028440fcffff564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f6", 0x40}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000180)=@newtfilter={0x48, 0x2c, 0xd2b, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x8, 0x7}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'batadv_slave_0\x00'}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2404c044}, 0x0)
setsockopt$MRT_ASSERT(r4, 0x0, 0xcf, &(0x7f0000000140)=0x1, 0x4)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCSFLAGS1(r7, 0x40047459, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000032680)=""/102400, 0x19000)
syz_open_dev$cec(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r9)
sendmsg$DEVLINK_CMD_RATE_SET(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x44, r10, 0x801, 0x70bd2a, 0x0, {0x2a}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x58}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0xd4209235c937efa7}, 0x0)

6.61492026s ago: executing program 4 (id=2305):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
add_key(0x0, 0x0, &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, 0x0, 0x0, 0x0)
keyctl$read(0xb, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000240))
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000100), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f00000000c0)={0x3, 0x0, 0x2000000, 0x401, 0xa, 0x1ff, 0x1})

6.577602273s ago: executing program 2 (id=2306):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, 0x0, 0x4044080)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x2000000, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000580)={[{@default_permissions}, {@xino_auto}], [{@fowner_lt}, {@appraise_type}, {@smackfshat={'smackfshat', 0x3d, 'sched_switch\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x65, 0x55, 0x31, 0x34, 0x30, 0x39, 0x39], 0x2d, [0x63, 0x33, 0x36, 0x33], 0x2d, [0x37, 0x6fedb0ad667a3716, 0x34, 0x4bbc10f19dea590f], 0x2d, [0x37, 0x66, 0x30, 0x39], 0x2d, [0x36, 0x65, 0x39, 0x32, 0x33, 0x62, 0x36, 0x35]}}}, {@appraise}, {@dont_hash}, {@euid_lt}, {@dont_hash}], 0x2f})
r5 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\x00\xc2\x9aml\r\xcf\xaa\x13\x99\x85B\xc3\x06<\xc2\xa9\xc3\xdb\x88\xee\x85md\xc8\x85HX\xa9%\f\x8fe\xe0\x00\x00\xa8\xfdn\xbe \a\x0e\xa3\xb9\x1d\x9dO\xbdj\x00\x00\xfb\xff\x00c\xb2\xc9\ap\xd0\xa2\x82\x1e\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcb\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2\xa75\x9d\xcb\x1e\x80\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x00uNh\xc5(\xbc\xf3\xac{\x04D2\xf2\xcd\xc2{E\xae\x89\xddI\xc8\xc6\xe9\xef\x98\xf0\x8b\xac\xa7R\x10\x011\x9fi\x00\x00\x00\x00\x00\x00\x00\x00\x002?D\x86\x14\xa52<\x87n\xf4\x04R\x15\t\xb8\xbeT\xb8\xe7K)\x1fP\xb6\xce8\xcc\xabe\xcb\xd0\xf9\xc9\xfe_\v\xaa#\x8f\x8asu\xb2\xfe\xc4\xbe\x03\xd3\x93E\x1d\xaf}\x9b\xac\xc2\x9a\xe6W\x92sD\fn\x9e\xc2s\xc6_4\f\xc1\x8b\x9a\xa4_\xad\x9b\xb9 \v\x0f{>\xdf^.\xb8\x96\x1d\x99vY\xa8\xfa\xd7i\x94i^;\xaa\xe7XA\xd2\xc5\x02\x12I\xbe\xd0Ksq\x96 \xbf\xed\x1c\x91\xeeN\xda&\xddtG\xc2\xa8j\xae\xac)\xfdNu\x19\x91\xa7z\x1b\x0e\xab\xd2k\x16\x87#\xf6p#\x8d\xdd?\x9fXV\x12\xa9\xc7v\x02\x98g:4\xb6\xcaY\xc2~k\xcb\xef]h/\xa2\xaf\xc4\xec\xdc\xd4H\xed\x94qNY\x85\x87&\xf1\xbb\f\x02\x0fo\xae\xf4\x19|\xc4\xfcL\xdb\x00\xedrK\x13\xb5J?s\x93\xe6\xda\xf0\xf3B\x8d\xb4\xd8>\x12\xb0\x8e\x8d\xdaQ\xa2\xd0\xbc\x92d\x9e^\xbc\xd5\x8aNf\xefa\v*\xb08\xfc\xd2\xa4\x11`\xae\x98\xcc\xe1\xea\xc2\x1dKR\x0e\x1cK\x86\v\xba\xdfz\xa8\xdf\xb6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xe9\xb3@\xe8\a0\x1e\xb8L\x83\xc4\xa8\xb2\xc1\xf8\xae\x1d\x198\x0f\xfa\t\x88+\xdc\xe1\x01@\xbd\x8ba\"|\x14\x1bF\x9b\xd3\xff7\a\x1c:U\xba\xf4\t\xdc\xef\xe3\x11\xdb^\xee\x8c0\xee\xde6:\x80t\xfb\xbc^K\xb4\x8c9\xb0\xec\x82\x127!\x0e\xa3\xc9\xe0\xea\xfa\x0f\xbb\x0e \xc3\xef\xb2<S\xd8\x11\x8b\x9a0\xea1\xde_\xcfW\xfa', 0x7)
fsetxattr$security_ima(r5, 0x0, &(0x7f0000000280)=ANY=[], 0xfe49, 0x0)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
r6 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r6, &(0x7f0000000100)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='macvlan0\x00', 0x10)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e21, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x60000000}, 0x20000004)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r7, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_settings={0x9, 0x8, @raw_hdlc=&(0x7f0000000400)={0xe, 0x5}}})

6.414228541s ago: executing program 3 (id=2307):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, 0x0, 0x4044080)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x2000000, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000580)={[{@default_permissions}, {@xino_auto}], [{@fowner_lt}, {@appraise_type}, {@smackfshat={'smackfshat', 0x3d, 'sched_switch\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x65, 0x55, 0x31, 0x34, 0x30, 0x39, 0x39], 0x2d, [0x63, 0x33, 0x36, 0x33], 0x2d, [0x37, 0x6fedb0ad667a3716, 0x34, 0x4bbc10f19dea590f], 0x2d, [0x37, 0x66, 0x30, 0x39], 0x2d, [0x36, 0x65, 0x39, 0x32, 0x33, 0x62, 0x36, 0x35]}}}, {@appraise}, {@dont_hash}, {@euid_lt}, {@dont_hash}], 0x2f})
r5 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\x00\xc2\x9aml\r\xcf\xaa\x13\x99\x85B\xc3\x06<\xc2\xa9\xc3\xdb\x88\xee\x85md\xc8\x85HX\xa9%\f\x8fe\xe0\x00\x00\xa8\xfdn\xbe \a\x0e\xa3\xb9\x1d\x9dO\xbdj\x00\x00\xfb\xff\x00c\xb2\xc9\ap\xd0\xa2\x82\x1e\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcb\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2\xa75\x9d\xcb\x1e\x80\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x00uNh\xc5(\xbc\xf3\xac{\x04D2\xf2\xcd\xc2{E\xae\x89\xddI\xc8\xc6\xe9\xef\x98\xf0\x8b\xac\xa7R\x10\x011\x9fi\x00\x00\x00\x00\x00\x00\x00\x00\x002?D\x86\x14\xa52<\x87n\xf4\x04R\x15\t\xb8\xbeT\xb8\xe7K)\x1fP\xb6\xce8\xcc\xabe\xcb\xd0\xf9\xc9\xfe_\v\xaa#\x8f\x8asu\xb2\xfe\xc4\xbe\x03\xd3\x93E\x1d\xaf}\x9b\xac\xc2\x9a\xe6W\x92sD\fn\x9e\xc2s\xc6_4\f\xc1\x8b\x9a\xa4_\xad\x9b\xb9 \v\x0f{>\xdf^.\xb8\x96\x1d\x99vY\xa8\xfa\xd7i\x94i^;\xaa\xe7XA\xd2\xc5\x02\x12I\xbe\xd0Ksq\x96 \xbf\xed\x1c\x91\xeeN\xda&\xddtG\xc2\xa8j\xae\xac)\xfdNu\x19\x91\xa7z\x1b\x0e\xab\xd2k\x16\x87#\xf6p#\x8d\xdd?\x9fXV\x12\xa9\xc7v\x02\x98g:4\xb6\xcaY\xc2~k\xcb\xef]h/\xa2\xaf\xc4\xec\xdc\xd4H\xed\x94qNY\x85\x87&\xf1\xbb\f\x02\x0fo\xae\xf4\x19|\xc4\xfcL\xdb\x00\xedrK\x13\xb5J?s\x93\xe6\xda\xf0\xf3B\x8d\xb4\xd8>\x12\xb0\x8e\x8d\xdaQ\xa2\xd0\xbc\x92d\x9e^\xbc\xd5\x8aNf\xefa\v*\xb08\xfc\xd2\xa4\x11`\xae\x98\xcc\xe1\xea\xc2\x1dKR\x0e\x1cK\x86\v\xba\xdfz\xa8\xdf\xb6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xe9\xb3@\xe8\a0\x1e\xb8L\x83\xc4\xa8\xb2\xc1\xf8\xae\x1d\x198\x0f\xfa\t\x88+\xdc\xe1\x01@\xbd\x8ba\"|\x14\x1bF\x9b\xd3\xff7\a\x1c:U\xba\xf4\t\xdc\xef\xe3\x11\xdb^\xee\x8c0\xee\xde6:\x80t\xfb\xbc^K\xb4\x8c9\xb0\xec\x82\x127!\x0e\xa3\xc9\xe0\xea\xfa\x0f\xbb\x0e \xc3\xef\xb2<S\xd8\x11\x8b\x9a0\xea1\xde_\xcfW\xfa', 0x7)
fsetxattr$security_ima(r5, 0x0, &(0x7f0000000280)=ANY=[], 0xfe49, 0x0)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
r6 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r6, &(0x7f0000000100)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='macvlan0\x00', 0x10)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000200)='\b\x00', 0x2}], 0x1, 0x0, 0x0, 0x60000000}, 0x20000004)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r7, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_settings={0x9, 0x8, @raw_hdlc=&(0x7f0000000400)={0xe, 0x5}}})

5.185292344s ago: executing program 2 (id=2308):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f, 0xbfe, 0x202, 0x0, 0x0, 0x6}}, 0x50)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv6_getaddrlabel={0x24, 0x1e, 0x492dfc465ae32a8d, 0x0, 0x0, {}, [@IFAL_LABEL={0x8, 0x2, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)
syz_usb_connect(0x6, 0x34, &(0x7f0000000040)=ANY=[@ANYRESOCT=0x0], 0x0)
r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x418000, 0x0)
read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000300)={0x50, 0xfffffffffffffffe, r4, {0x7, 0x2b, 0x5, 0x20000, 0x3, 0x9, 0x7, 0x5, 0x0, 0x0, 0x0, 0x80000000}}, 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e220000060005"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

5.184241344s ago: executing program 3 (id=2309):
openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00')
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000001f80)=ANY=[@ANYBLOB="7a0af8ff7525732cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5956fc4a33ca263e2b5d47b2b00000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000010000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e3841bef895c5a637b0bf2eac3cb07b74a72291a1a2b523dd81b6651b1ee29e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b18914781ceb10814cf4ee23ddb79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8fdf3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c980000cfb215af2c1a3c22243cce23b00000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x20000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x1e1000, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x14}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syslog(0x4, &(0x7f0000000440)=""/223, 0xdf)

3.898996896s ago: executing program 5 (id=2310):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1bb2512b86180e01, 0x0)
ioctl$TUNGETFEATURES(r1, 0x800454cf, 0xfffffffffffffffe)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000600)={{0xfffc, 0x6, 0x100, 0x403}, 'syz0\x00', 0x2})
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x7, 0x48002)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f00000002c0)=0xffffff7f)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f0000000280)={&(0x7f00000004c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1}}}], 0x20}, 0x8804)
sendmsg$inet(r5, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x2, 0x0, 0x0, 0x0, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0xfffc, 0x4}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1f4}}}}]}]}, 0x84}}, 0x800)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', 0x0})
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000240), &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)
r6 = timerfd_create(0x0, 0x0)
readv(r6, &(0x7f00000001c0)=[{&(0x7f0000001640)=""/4097, 0x693d4f623b09dbf1}], 0x1)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="000000003f0dc5da924212fda5cf0b9f3f36128e5028bb488113b78b8e4f23bb38c7916f8778155071710d59b1a6", @ANYRES16=r5, @ANYBLOB="010067bd7000fbdbdf25010000005400018014000300fe8000000000000000000000000000bb060001000a00000008000600777272000c0007002e000000050000000800090039000000060002001100000008000800000000000600040001150000"], 0x68}, 0x1, 0x0, 0x0, 0x20004084}, 0x20008800)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="4400000010000104fcffffff8000000000000000", @ANYRES32=0x0, @ANYBLOB="0315000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB="1479e1a91092ba6dd4250f859653f95dd4927210db40e76a8ee9e657376b6e6027fd34a1667ec9a2365e2d29319720400383050b100740983a6ab13d34bb3ab7754f65cdeddb29a92d"], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0xed)

3.822109126s ago: executing program 0 (id=2311):
socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c07, 0x6, 0x0, 0x100000})
r1 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x40000014})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xc3afe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
capset(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000000)={0xe, 0x18, 0xfa00, @ib_path={0x0, r7, 0x1, 0x7ffffffe}}, 0x20)

3.233659025s ago: executing program 3 (id=2312):
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r2 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
tkill(r2, 0xb)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[], 0x2c}}, 0x40)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
lsm_get_self_attr(0x67, 0x0, &(0x7f0000000080), 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f00000002c0)={<r7=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000380)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, {0xa, 0x0, 0x2000000, @loopback, 0xfffffffc}, r7, 0x400}}, 0x48)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r6, &(0x7f0000000980)={0x16, 0x98, 0xfa00, {0x0, 0x2, r7, 0x30, 0x0, @ib={0x1b, 0x0, 0x1, {"00000000000000405c5b29d14c100680"}, 0x7, 0x100000000005, 0x2}}}, 0xa0)

3.101428649s ago: executing program 2 (id=2313):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
userfaultfd(0x80800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x8802)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
syz_open_dev$sndpcmp(&(0x7f0000000100), 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r4, 0x3b88, &(0x7f0000000000)={0xc, r5})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000340)={0x28, 0x2, r5, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10})
ioctl$IOMMU_VFIO_SET_IOMMU(r4, 0x3b66, 0x1)
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x4, r5, 0x0, &(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x8000000000000000})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r4, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB="1800007f000000000020000000000000000100"])
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={'\x00', 0x7f, 0x1, 0x0, 0x200, 0x0, <r7=>0xffffffffffffffff})
ioprio_set$pid(0x0, r7, 0x6000)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e220000060005405e"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

2.866622608s ago: executing program 0 (id=2314):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002600)=@delchain={0x590, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x2}, {0x0, 0xe}, {0x6, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x560, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x8065738cbab9bcb1}, @TCA_FLOW_EMATCHES={0xb8, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x68, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x9, 0x3, 0xa2f}, {0x828, 0x10001, 0x3, 0x6}}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x7, 0x2, 0x4}, {0x4, 0x1, 0x6, "eb"}}}, @TCF_EM_CONTAINER={0x18, 0x3, 0x0, 0x0, {{0x4, 0x0, 0xb}, "d0fa3d16cd50d147ba"}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1, 0x3, 0x81}, {0x10, 0xe, 0x6, 0xd4c}}}]}, @TCA_EMATCH_TREE_LIST={0x44, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xffd3, 0x8, 0x8}, {0x3, 0x6}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0xf0a, 0x3, 0x6c0}, {0x5, 0x0, 0x3, 0x7ff}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0xf, 0x7, 0x7f}, {{0x4, 0x1, 0x0, 0x1}, {0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}, @TCA_FLOW_XOR={0x8, 0x7, 0xffffff7b}, @TCA_FLOW_PERTURB={0x8}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_ACT={0x47c, 0x9, 0x0, 0x1, [@m_gact={0x140, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9d, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2ca8b8d7ec1784b0, 0x2680, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x1abe}}]}, {0xed, 0x6, "f2984ea5ae0b0909ca5198b5e56548da1af4efe458d68e8346a5ad6fa8d75b3efbcec03667694b23e57efb5dea177c9fec912eda500f92ad241d4a3e1eb9b05c2461a1e89e99a22f43eb3b64257b78512c9df802c3ea23ede5e978e8db3be47630f9b48cdfcee2130369da2ce7473e6324d4fc0342cb38a9e544eb6f4e0148acb294b877f68eb4b6b13e38196c311c9ebb06d7a5ee9ead5689128fa35472611715963d35fb43d3014ff74e144932866ca97f5c001aab6053dd7ce7d38a407074614c2a21063cc49a687085d3ab9d042fcc913d8377863381be46ad8fade1f71945e9d5053fd5d1123d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ct={0xb0, 0x1b, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0xffff}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @rand_addr=0x64010101}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @dev={0xac, 0x14, 0x14, 0x30}}]}, {0x65, 0x6, "effbbfbb9975b98b391b34602a99202c04f8aff0f475c3649e7f9024793790e685860edfb7d78570905ca6acc9165a1fb42c399f209c0f00a8f4866f081cd17e904ddc3210cc30ec49b70f2b1fb3ead1fe143d5356ac58b602d03fa75b270e66d3"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_skbmod={0x148, 0x1f, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x3, 0xe1a3, 0x6, 0x3, 0x6}, 0x4}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x8000}, @TCA_SKBMOD_SMAC={0xa, 0x4, @local}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x236}]}, {0xd9, 0x6, "364a95306a0125f7c7762d651b8604a6d91ec4567f627089ed8d3453859a3d2c79d3d70f085dca8af621c4a5da976ca910f38151f1a68c0e0730e7273e6af4eab8e2ea5df8cb0f6ab249f7561ea8c0dd3e562e5e6a1db3a546a7f7c5f1d0ae94557d9f43b53f0c2e3edaf804191d2d3a1cbdae068d8e342ed2d4e751b25b639e2536238fb6a4824a50b9c6bb62944110874faeed2eb2a6db4dfa6ff7d67302260dd8c80e3c4c3a3a11f1d204106eec615119eaaa73bd0bb3e2d774039d9c7e0d445019a712cc0c16707a7b8505b7c94133ceccee82"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_tunnel_key={0xd0, 0x3, 0x0, 0x0, {{0xf}, {0x88, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast1}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x54, 0xffffffffffffffff, 0x10, 0xfffff001}, 0x2}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0xffffffff, 0x10000000, 0x3, 0x3ff}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x19, 0x6, "6c73dc20ec0f1f62d72faf3465d04d6e1f1e4cf9b5"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_xt={0x70, 0xe, 0x0, 0x0, {{0x7}, {0x4}, {0x48, 0x6, "2a0caebad864038ff40a5d287f3088600ceb92031a440f806744f2c29cd762b34d1c3e200652a37a380abee23790e6050e067b4335afeb4ae4a0dfe9fa72cc1df8546432"}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x590}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1.836767935s ago: executing program 2 (id=2315):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team_slave_1\x00', 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000009c0)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002bbd700004000000000000000000000000000000000000016401010200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000002000000000000000002000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000feffffffff7f40000200000000002008000000000000000001000000000000004400050000110000000000000000000000000000000000003c00000002000000e00000010000000000000000000000000600000004"], 0xfc}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
remap_file_pages(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x1402, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x8800}, 0x20048000)
syz_usb_connect(0x0, 0x202, &(0x7f0000000180)=ANY=[@ANYBLOB="1201100152018b401e040740185d000000010902f00101040000030904"], 0x0)

1.671539499s ago: executing program 3 (id=2316):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r4, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="050000000000000600000600000008000300", @ANYRES32, @ANYBLOB="1fc430"], 0x24}}, 0x0)

1.392779608s ago: executing program 0 (id=2317):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800100000400000028000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000558b68aac2ad00b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, 0x0, 0x10)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=r2, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'veth1\x00', <r9=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c000000100003041b00"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7], 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sigaltstack(&(0x7f0000000680)={&(0x7f00000005c0)=""/152, 0x2, 0x98}, &(0x7f0000000740)={&(0x7f00000006c0)=""/90, 0x0, 0x5a})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r10 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x7, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x8000, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x89d2, 0x8, 0x4c77, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xd, 0x407, 0x5, 0x3e, 0x8f, 0x0, 0x6, 0x80000000, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0x2, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0x10, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0x2, 0x4, 0x2e, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x4bd, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x4, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200200, 0x7e, 0x7, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0x2000bf, 0x2, 0x7, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2004, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x8, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xfffffffe, 0x80000003, 0x6, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xffffffff, 0x5, 0x5, 0x8, 0x30b1d693, 0x5, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)

1.269752142s ago: executing program 5 (id=2318):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e27, 0x6, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
remap_file_pages(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x4, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x1402, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x8800}, 0x20048000)

376.786136ms ago: executing program 0 (id=2319):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_TTY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x834, 0x1, 0x70bd27, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)

312.077872ms ago: executing program 0 (id=2320):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
io_uring_register$IORING_REGISTER_MEM_REGION(0xffffffffffffffff, 0x22, &(0x7f0000000280)={0x0}, 0x1)
pipe2(0x0, 0x0)
epoll_create1(0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="d40500004100070100000000fcdbdf25027c000004003180bc050180b805408080849c781e2570afbfa68aab6663505888c949d40d29cd502a7f0551660a22e2636f3a45b79366ac93458be39c13d6320e9dae49024812506dda76e417c2b5684ccfdb37421f8e08669a045a728bd0cf7487b8a25c6effa98bea10252f7f8b44d4421eb2ab25758acc75116c17f73c866207e48259137fc8d22ba8addaded0a512ff07ae539b343ba77465324c6175fecd6e9c2f86af117b7f8c393092669fb3c642f7740a41733d5ce072cb592369df3c7db507f710981b79a6f27f94443f82e9468217993d279b3cd98d43e7a8197a93ac53a20d50fa65dcbc1a77285f4fa8a41aafe7928d9c1c47fee58d1fadbf0a55b3a2ba109efcab6ccd4a4897a30de28477b97274e7c8802b39c25e18a45c7d866f1f4552dae599ae8332c0b6842236ee654753542c141ccdfde080daf5d1fc244f449d5100984dcec6b9aac2515af2069c5844b1444f09dadb830f0dbdd0727ac353c30d01d60d2bd2ef1dc2002b88023697caf780763ecb00f95e212f449bbe8eff689d82ca4dfebfad60aeb989dfc17e36c26aafddcf6ce49e893a4d248c1bf9ad5f8f59d6b6179cdcef47fed73ebb99cd7e44fb3cb269b9d2a1305a8930a9ded7ae7dcfe499350ed9aa68ad0ea9d9ead3833ba10872dd6a8b79ec67dbf0d9dbac5f36a2cbb736f2da8e0d7cc5cb6a4ea67bb22816004ccae86ba17eb2fb282c273cad2297e1208d719fa25e7924e294609a0afb411aa64deeba287852d645fbba7ab4da91a253326823c7f4f6bd1bd2e42b1afb6edfd8193c923a5589d17d970e8d1e4d45569b0dc774ee515ef91b01521ca3db670e321b3b9bf022f5fe9cac1e5ec1c22ab48d23deb50de82980858edb03abada41b51f7173c71e97db095b4b57e55811358b4524b0aa5f4c5d1a0bed1515f684411a80af8d3b6fb042e5e9209195f7d850fde0993e78b825f75f9f56f9177510f3e02e6781432668ce0a4569d28f1d0cc0c27f07175fd9e5a32bc94effddefc5b286e772d8c566e2298754efb3f9b33dd8fd5e54f0dd200e7a4c204845a39157370ca3bd389e2a9b10073deb4d9c7149d15cebb6617f1518f2e7bcd6657ce14c24ba76384e5a9e4d1b781c2072cf42e6521572403f6b139116e50ecee390ff919138c99b47fbd051c92f9f55f2813c215e972856ddf9f8a4feeae39b285b57d9ceefab5bdae067ced734119e7df3b509a7264e5bef5ab8e1fa06a69f666f565cf0d3804dc5029f4b0a9acbe513a1c4f0921a1c0175c8e4cce165f18e67634daa44a4719999f5ed208e19e9e9f522c553a4035f74f9625b69351fc244bb3dcb1d877157a62d799d0d1684fd5787f9e350082b9c63a3b21333c9a0b7745bbebf1fb540e5d873b6c7e1599febc8d4d1e0d41f6e7fc769629d9386f17ab1166ee78024a74736f895bf78c029d706413b410cc8a0da62a1b87bae76d9a415df8d504c706cea05c97727a81390c537ce327b3adf75a800ecc92b88daba2544542cdfda1438be39df05d8c29eb4afd4c25dcdab150056728c2fc83d186e1a07112502ac361b35bf00e5d5286771ad6765fa74d5ebd7b6c55600c80a1cf0fa2b4f1db7d6b41bf53a0e66dfe65659c25e4aa408708233fa128a44520b2cc7b91ea6b368a2ee13bde5251b2181e4cae6da505c47a303f580e8d88f0bdcc23e2f0bb422d93646d5c71933fb91ab52ffd1b820d760765659bf3306fbfc25057f72ad8232c43507379d003ab249ee4d24ec1f69b3dfe49afa65a672d2f314fb658cf0eedb6631fe901dfd02d922d07960220c570e47487e154075afb0bba6c86f80c02db65c34ece7185ba5d81149a8cc338694ec8a110eef640165a36cdad3dcdfc515ae082dc1c6e870c643bb55003fa9e94e075aa8c7629dbf170f04431ecefce57853a4f4b7b8bd9f00a6cad834465957a3926ed3f911c1a72e260ed800245802e4574699906200052ff44de38229216cea820419ec265c34951207f6cb5518a5ef4a45a9b94bcf420e6a961b2abc2dbb9fe2e4b73a167a9bdf2dc0107cc8660f25b8261682bf515bd9404dd380e3dc9d0f692c806c953040078809fc9dd117e58bb1c9f9dcd053a50cbe8f3e1e1d10017f44b19eda60f8b1fdfdd0b4b8c230e41602e3f716576a13afe787cddc2719f3f0f000000000000000000000000168306f1f4687033c43130c979bd939431f0749725689259d67e4e466b993335c56413c9ea436a19d0bde61799c1d2ec4e53ef6f9ea76d97c67e47b99e62963581bddfda7c6833dc533c927d95a448e3848a44f78a7f2caf5b30affd93639f6b9b63e8f3a0aa274b64fee6a9162600631fb48d619b5ef048df8d516567c91659457779be3417e0749cecd25f5b997a841924d32dd793359233f8b02743ea975257ec3f61c5ae061623a4deec31991986d4813dd9"], 0x5d4}}, 0x4010)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0x8, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0xf, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000000200), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2816}, 0x94)
r4 = openat(0xffffffffffffff9c, 0x0, 0x210700, 0x3a)
flock(r4, 0x5)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x3)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="5c00000002060101000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a31000000001036105f7d2b6505ec0001400000000005000500020000000500010006000000"], 0x5c}}, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='jbd2_handle_stats\x00', r3}, 0x18)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1000001)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x19)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

0s ago: executing program 5 (id=2321):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
pipe2(0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="d40500004100070100000000fcdbdf25027c000004003180bc050180b805408080849c781e2570afbfa68aab6663505888c949d40d29cd502a7f0551660a22e2636f3a45b79366ac93458be39c13d6320e9dae49024812506dda76e417c2b5684ccfdb37421f8e08669a045a728bd0cf7487b8a25c6effa98bea10252f7f8b44d4421eb2ab25758acc75116c17f73c866207e48259137fc8d22ba8addaded0a512ff07ae539b343ba77465324c6175fecd6e9c2f86af117b7f8c393092669fb3c642f7740a41733d5ce072cb592369df3c7db507f710981b79a6f27f94443f82e9468217993d279b3cd98d43e7a8197a93ac53a20d50fa65dcbc1a77285f4fa8a41aafe7928d9c1c47fee58d1fadbf0a55b3a2ba109efcab6ccd4a4897a30de28477b97274e7c8802b39c25e18a45c7d866f1f4552dae599ae8332c0b6842236ee654753542c141ccdfde080daf5d1fc244f449d5100984dcec6b9aac2515af2069c5844b1444f09dadb830f0dbdd0727ac353c30d01d60d2bd2ef1dc2002b88023697caf780763ecb00f95e212f449bbe8eff689d82ca4dfebfad60aeb989dfc17e36c26aafddcf6ce49e893a4d248c1bf9ad5f8f59d6b6179cdcef47fed73ebb99cd7e44fb3cb269b9d2a1305a8930a9ded7ae7dcfe499350ed9aa68ad0ea9d9ead3833ba10872dd6a8b79ec67dbf0d9dbac5f36a2cbb736f2da8e0d7cc5cb6a4ea67bb22816004ccae86ba17eb2fb282c273cad2297e1208d719fa25e7924e294609a0afb411aa64deeba287852d645fbba7ab4da91a253326823c7f4f6bd1bd2e42b1afb6edfd8193c923a5589d17d970e8d1e4d45569b0dc774ee515ef91b01521ca3db670e321b3b9bf022f5fe9cac1e5ec1c22ab48d23deb50de82980858edb03abada41b51f7173c71e97db095b4b57e55811358b4524b0aa5f4c5d1a0bed1515f684411a80af8d3b6fb042e5e9209195f7d850fde0993e78b825f75f9f56f9177510f3e02e6781432668ce0a4569d28f1d0cc0c27f07175fd9e5a32bc94effddefc5b286e772d8c566e2298754efb3f9b33dd8fd5e54f0dd200e7a4c204845a39157370ca3bd389e2a9b10073deb4d9c7149d15cebb6617f1518f2e7bcd6657ce14c24ba76384e5a9e4d1b781c2072cf42e6521572403f6b139116e50ecee390ff919138c99b47fbd051c92f9f55f2813c215e972856ddf9f8a4feeae39b285b57d9ceefab5bdae067ced734119e7df3b509a7264e5bef5ab8e1fa06a69f666f565cf0d3804dc5029f4b0a9acbe513a1c4f0921a1c0175c8e4cce165f18e67634daa44a4719999f5ed208e19e9e9f522c553a4035f74f9625b69351fc244bb3dcb1d877157a62d799d0d1684fd5787f9e350082b9c63a3b21333c9a0b7745bbebf1fb540e5d873b6c7e1599febc8d4d1e0d41f6e7fc769629d9386f17ab1166ee78024a74736f895bf78c029d706413b410cc8a0da62a1b87bae76d9a415df8d504c706cea05c97727a81390c537ce327b3adf75a800ecc92b88daba2544542cdfda1438be39df05d8c29eb4afd4c25dcdab150056728c2fc83d186e1a07112502ac361b35bf00e5d5286771ad6765fa74d5ebd7b6c55600c80a1cf0fa2b4f1db7d6b41bf53a0e66dfe65659c25e4aa408708233fa128a44520b2cc7b91ea6b368a2ee13bde5251b2181e4cae6da505c47a303f580e8d88f0bdcc23e2f0bb422d93646d5c71933fb91ab52ffd1b820d760765659bf3306fbfc25057f72ad8232c43507379d003ab249ee4d24ec1f69b3dfe49afa65a672d2f314fb658cf0eedb6631fe901dfd02d922d07960220c570e47487e154075afb0bba6c86f80c02db65c34ece7185ba5d81149a8cc338694ec8a110eef640165a36cdad3dcdfc515ae082dc1c6e870c643bb55003fa9e94e075aa8c7629dbf170f04431ecefce57853a4f4b7b8bd9f00a6cad834465957a3926ed3f911c1a72e260ed800245802e4574699906200052ff44de38229216cea820419ec265c34951207f6cb5518a5ef4a45a9b94bcf420e6a961b2abc2dbb9fe2e4b73a167a9bdf2dc0107cc8660f25b8261682bf515bd9404dd380e3dc9d0f692c806c953040078809fc9dd117e58bb1c9f9dcd053a50cbe8f3e1e1d10017f44b19eda60f8b1fdfdd0b4b8c230e41602e3f716576a13afe787cddc2719f3f0f000000000000000000000000168306f1f4687033c43130c979bd939431f0749725689259d67e4e466b993335c56413c9ea436a19d0bde61799c1d2ec4e53ef6f9ea76d97c67e47b99e62963581bddfda7c6833dc533c927d95a448e3848a44f78a7f2caf5b30affd93639f6b9b63e8f3a0aa274b64fee6a9162600631fb48d619b5ef048df8d516567c91659457779be3417e0749cecd25f5b997a841924d32dd793359233f8b02743ea975257ec3f61c5ae"], 0x5d4}}, 0x4010)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0x8, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0xf, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000000200), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2816}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x210700, 0x3a)
flock(r4, 0x5)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x3)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="5c00000002060101000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a31000000001036105f7d2b6505ec0001400000000005000500020000000500010006000000"], 0x5c}}, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='jbd2_handle_stats\x00', r3}, 0x18)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1000001)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

kernel console output (not intermixed with test programs):

.535597][T14824] veth1: left promiscuous mode
[  730.660772][T14824] bond1: (slave vlan2): making interface the new active one
[  730.854126][T14824] bond1: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  730.888790][T14824] veth1: entered promiscuous mode
[  730.925872][T14824] vlan2: entered promiscuous mode
[  731.048952][T14824] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  731.669810][T14845] netlink: 'syz.5.1957': attribute type 20 has an invalid length.
[  732.450717][T14855] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  732.458569][T14855] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  732.467350][T14855] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  732.475204][T14855] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  732.711543][T14860] netlink: 'syz.0.1961': attribute type 4 has an invalid length.
[  732.806006][T14865] netlink: 'syz.0.1961': attribute type 4 has an invalid length.
[  732.960606][ T5920] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  733.096357][T14860] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1011 sclass=netlink_route_socket pid=14860 comm=syz.0.1961
[  733.140451][ T5920] usb 4-1: device descriptor read/64, error -71
[  733.390863][ T5920] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  733.420536][   T30] audit: type=1400 audit(2000000644.758:661): avc:  denied  { getopt } for  pid=14867 comm="syz.4.1963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  733.498559][T14873] ubi31: attaching mtd0
[  733.506402][T14873] ubi31: scanning is finished
[  733.511388][T14873] ubi31: empty MTD device detected
[  733.530241][ T5920] usb 4-1: device descriptor read/64, error -71
[  733.558908][ T5845] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  733.574849][ T5845] CPU: 1 UID: 0 PID: 5845 Comm: kworker/u9:3 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  733.574879][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  733.574889][ T5845] Workqueue: hci1 hci_rx_work
[  733.574916][ T5845] Call Trace:
[  733.574921][ T5845]  <TASK>
[  733.574927][ T5845]  dump_stack_lvl+0x16c/0x1f0
[  733.574947][ T5845]  sysfs_warn_dup+0x7f/0xa0
[  733.574963][ T5845]  sysfs_create_dir_ns+0x24b/0x2b0
[  733.574978][ T5845]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  733.574992][ T5845]  ? find_held_lock+0x2b/0x80
[  733.575009][ T5845]  ? do_raw_spin_unlock+0x172/0x230
[  733.575022][ T5845]  kobject_add_internal+0x2c4/0x9b0
[  733.575037][ T5845]  kobject_add+0x16e/0x240
[  733.575049][ T5845]  ? __pfx_kobject_add+0x10/0x10
[  733.575061][ T5845]  ? do_raw_spin_unlock+0x172/0x230
[  733.575073][ T5845]  ? kobject_put+0xab/0x5a0
[  733.575087][ T5845]  device_add+0x288/0x1aa0
[  733.575100][ T5845]  ? __pfx_dev_set_name+0x10/0x10
[  733.575114][ T5845]  ? __pfx_device_add+0x10/0x10
[  733.575127][ T5845]  ? mgmt_send_event_skb+0x2fb/0x460
[  733.575146][ T5845]  hci_conn_add_sysfs+0x17e/0x230
[  733.575162][ T5845]  le_conn_complete_evt+0x1075/0x1d70
[  733.575177][ T5845]  ? preempt_count_sub+0x150/0x160
[  733.575193][ T5845]  ? find_held_lock+0x2b/0x80
[  733.575206][ T5845]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  733.575218][ T5845]  ? hci_event_packet+0x459/0x11c0
[  733.575234][ T5845]  ? __mutex_unlock_slowpath+0x163/0x800
[  733.575253][ T5845]  hci_le_conn_complete_evt+0x23c/0x370
[  733.575270][ T5845]  hci_le_meta_evt+0x357/0x5e0
[  733.575285][ T5845]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  733.575301][ T5845]  hci_event_packet+0x685/0x11c0
[  733.575315][ T5845]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  733.575330][ T5845]  ? __pfx_hci_event_packet+0x10/0x10
[  733.575345][ T5845]  ? kcov_remote_start+0x3c9/0x6d0
[  733.575357][ T5845]  ? lockdep_hardirqs_on+0x7c/0x110
[  733.575377][ T5845]  hci_rx_work+0x2c5/0x16b0
[  733.575392][ T5845]  ? rcu_is_watching+0x12/0xc0
[  733.575408][ T5845]  process_one_work+0x9cc/0x1b70
[  733.575426][ T5845]  ? __pfx_process_one_work+0x10/0x10
[  733.575443][ T5845]  ? assign_work+0x1a0/0x250
[  733.575456][ T5845]  worker_thread+0x6c8/0xf10
[  733.575472][ T5845]  ? __kthread_parkme+0x19e/0x250
[  733.575488][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  733.575500][ T5845]  kthread+0x3c5/0x780
[  733.575511][ T5845]  ? __pfx_kthread+0x10/0x10
[  733.575522][ T5845]  ? rcu_is_watching+0x12/0xc0
[  733.575536][ T5845]  ? __pfx_kthread+0x10/0x10
[  733.575547][ T5845]  ret_from_fork+0x5d4/0x6f0
[  733.575558][ T5845]  ? __pfx_kthread+0x10/0x10
[  733.575569][ T5845]  ret_from_fork_asm+0x1a/0x30
[  733.575590][ T5845]  </TASK>
[  733.575604][ T5845] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  733.849904][ T5920] usb usb4-port1: attempt power cycle
[  733.855480][ T5845] Bluetooth: hci1: failed to register connection device
[  734.210808][ T5920] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  734.246343][ T5891] libceph: connect (1)[c::]:6789 error -101
[  734.271253][ T5920] usb 4-1: device descriptor read/8, error -71
[  734.299415][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  734.436102][T14879] ceph: No mds server is up or the cluster is laggy
[  734.550292][ T5920] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  734.568804][ T5891] libceph: connect (1)[c::]:6789 error -101
[  734.581046][ T5920] usb 4-1: device descriptor read/8, error -71
[  734.591297][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  734.701035][ T5920] usb usb4-port1: unable to enumerate USB device
[  735.025527][T14873] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  736.661075][T14900] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  736.809754][   T30] audit: type=1400 audit(2000000648.178:662): avc:  denied  { create } for  pid=14906 comm="syz.3.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  737.009059][   T30] audit: type=1400 audit(2000000648.178:663): avc:  denied  { bind } for  pid=14906 comm="syz.3.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  737.669848][   T30] audit: type=1400 audit(2000000648.178:664): avc:  denied  { setopt } for  pid=14906 comm="syz.3.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  737.705703][   T30] audit: type=1400 audit(2000000648.178:665): avc:  denied  { write } for  pid=14906 comm="syz.3.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  738.086659][T14919] FAULT_INJECTION: forcing a failure.
[  738.086659][T14919] name failslab, interval 1, probability 0, space 0, times 0
[  738.099482][T14919] CPU: 1 UID: 0 PID: 14919 Comm: syz.4.1975 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  738.099497][T14919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  738.099504][T14919] Call Trace:
[  738.099508][T14919]  <TASK>
[  738.099512][T14919]  dump_stack_lvl+0x16c/0x1f0
[  738.099531][T14919]  should_fail_ex+0x512/0x640
[  738.099541][T14919]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  738.099555][T14919]  should_failslab+0xc2/0x120
[  738.099567][T14919]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  738.099578][T14919]  ? skb_clone+0x190/0x3f0
[  738.099596][T14919]  skb_clone+0x190/0x3f0
[  738.099617][T14919]  pfkey_process+0xc6/0x840
[  738.099635][T14919]  ? rcu_is_watching+0x12/0xc0
[  738.099649][T14919]  ? __pfx_pfkey_process+0x10/0x10
[  738.099665][T14919]  ? __mutex_lock+0x1c4/0x10b0
[  738.099695][T14919]  pfkey_sendmsg+0x435/0x850
[  738.099713][T14919]  ____sys_sendmsg+0xa95/0xc70
[  738.099725][T14919]  ? copy_msghdr_from_user+0x10a/0x160
[  738.099741][T14919]  ? __pfx_____sys_sendmsg+0x10/0x10
[  738.099758][T14919]  ___sys_sendmsg+0x134/0x1d0
[  738.099774][T14919]  ? __pfx____sys_sendmsg+0x10/0x10
[  738.099800][T14919]  ? __mutex_unlock_slowpath+0x100/0x800
[  738.099820][T14919]  __sys_sendmsg+0x16d/0x220
[  738.099835][T14919]  ? __pfx___sys_sendmsg+0x10/0x10
[  738.099859][T14919]  do_syscall_64+0xcd/0x4c0
[  738.099877][T14919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.099887][T14919] RIP: 0033:0x7fa86c78eb69
[  738.099897][T14919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.099907][T14919] RSP: 002b:00007fa86d694038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  738.099917][T14919] RAX: ffffffffffffffda RBX: 00007fa86c9b5fa0 RCX: 00007fa86c78eb69
[  738.099924][T14919] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  738.099930][T14919] RBP: 00007fa86d694090 R08: 0000000000000000 R09: 0000000000000000
[  738.099936][T14919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.099942][T14919] R13: 0000000000000000 R14: 00007fa86c9b5fa0 R15: 00007ffcbf4c5498
[  738.099956][T14919]  </TASK>
[  739.635133][   T30] audit: type=1400 audit(2000000650.538:666): avc:  denied  { setopt } for  pid=14929 comm="syz.5.1978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  739.669329][T14934] netlink: 'syz.4.1979': attribute type 1 has an invalid length.
[  739.730651][T14938] warn_alloc: 2 callbacks suppressed
[  739.736039][T14938] syz.0.1980: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  739.751200][T14938] CPU: 1 UID: 0 PID: 14938 Comm: syz.0.1980 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  739.751227][T14938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  739.751240][T14938] Call Trace:
[  739.751247][T14938]  <TASK>
[  739.751255][T14938]  dump_stack_lvl+0x16c/0x1f0
[  739.751289][T14938]  warn_alloc+0x248/0x3a0
[  739.751311][T14938]  ? __pfx_warn_alloc+0x10/0x10
[  739.751330][T14938]  ? __pfx_stack_trace_save+0x10/0x10
[  739.751365][T14938]  ? kasan_save_stack+0x42/0x60
[  739.751385][T14938]  ? kasan_save_stack+0x33/0x60
[  739.751403][T14938]  ? kasan_save_track+0x14/0x30
[  739.751422][T14938]  ? xskq_create+0x52/0x1d0
[  739.751445][T14938]  ? xsk_setsockopt+0x74e/0x9a0
[  739.751466][T14938]  ? do_sock_setsockopt+0xf0/0x1d0
[  739.751487][T14938]  ? xskq_create+0xfb/0x1d0
[  739.751513][T14938]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  739.751551][T14938]  ? xskq_create+0xfb/0x1d0
[  739.751580][T14938]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  739.751616][T14938]  ? xskq_create+0xfb/0x1d0
[  739.751640][T14938]  vmalloc_user_noprof+0x9e/0xe0
[  739.751667][T14938]  ? xskq_create+0xfb/0x1d0
[  739.751692][T14938]  xskq_create+0xfb/0x1d0
[  739.751717][T14938]  xsk_setsockopt+0x74e/0x9a0
[  739.751741][T14938]  ? __pfx_xsk_setsockopt+0x10/0x10
[  739.751764][T14938]  ? find_held_lock+0x2b/0x80
[  739.751793][T14938]  ? selinux_socket_setsockopt+0x6a/0x80
[  739.751815][T14938]  ? __pfx_xsk_setsockopt+0x10/0x10
[  739.751839][T14938]  do_sock_setsockopt+0xf0/0x1d0
[  739.751867][T14938]  __sys_setsockopt+0x1a0/0x230
[  739.751898][T14938]  __x64_sys_setsockopt+0xbd/0x160
[  739.751922][T14938]  ? do_syscall_64+0x91/0x4c0
[  739.751950][T14938]  ? lockdep_hardirqs_on+0x7c/0x110
[  739.751985][T14938]  do_syscall_64+0xcd/0x4c0
[  739.752017][T14938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.752037][T14938] RIP: 0033:0x7fef3698eb69
[  739.752053][T14938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  739.752071][T14938] RSP: 002b:00007fef347d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  739.752088][T14938] RAX: ffffffffffffffda RBX: 00007fef36bb6080 RCX: 00007fef3698eb69
[  739.752101][T14938] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  739.752112][T14938] RBP: 00007fef36a11df1 R08: 0000000000000004 R09: 0000000000000000
[  739.752124][T14938] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  739.752136][T14938] R13: 0000000000000000 R14: 00007fef36bb6080 R15: 00007ffc37a74f48
[  739.752161][T14938]  </TASK>
[  740.018366][T14938] Mem-Info:
[  740.021680][T14938] active_anon:17702 inactive_anon:0 isolated_anon:0
[  740.021680][T14938]  active_file:21913 inactive_file:40851 isolated_file:0
[  740.021680][T14938]  unevictable:768 dirty:218 writeback:0
[  740.021680][T14938]  slab_reclaimable:12221 slab_unreclaimable:102622
[  740.021680][T14938]  mapped:34642 shmem:7110 pagetables:1296
[  740.021680][T14938]  sec_pagetables:0 bounce:0
[  740.021680][T14938]  kernel_misc_reclaimable:0
[  740.021680][T14938]  free:1278874 free_pcp:14228 free_cma:0
[  740.067484][T14938] Node 0 active_anon:70808kB inactive_anon:0kB active_file:87628kB inactive_file:163200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138544kB dirty:868kB writeback:0kB shmem:26904kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12272kB pagetables:5032kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  740.101160][T14938] Node 1 active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  740.131587][T14938] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  740.165007][T14938] lowmem_reserve[]: 0 2479 2481 2481 2481
[  740.260269][T14938] Node 0 DMA32 free:1211676kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:59192kB inactive_anon:0kB active_file:87628kB inactive_file:161872kB unevictable:1536kB writepending:868kB present:3129332kB managed:2539452kB mlocked:0kB bounce:0kB free_pcp:48240kB local_pcp:26312kB free_cma:0kB
[  740.297237][T14938] lowmem_reserve[]: 0 0 1 1 1
[  740.303334][T14938] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:28kB free_cma:0kB
[  740.333100][T14938] lowmem_reserve[]: 0 0 0 0 0
[  740.337959][T14938] Node 1 Normal free:3888944kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20288kB local_pcp:5696kB free_cma:0kB
[  740.370725][T14938] lowmem_reserve[]: 0 0 0 0 0
[  740.375686][T14938] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  740.389088][T14938] Node 0 DMA32: 1135*4kB (UME) 194*8kB (UME) 823*16kB (UME) 645*32kB (UME) 547*64kB (UME) 173*128kB (UM) 84*256kB (UM) 47*512kB (UM) 28*1024kB (UME) 14*2048kB (UM) 247*4096kB (M) = 1211676kB
[  740.408986][T14938] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  740.422014][T14938] Node 1 Normal: 234*4kB (UME) 53*8kB (UME) 44*16kB (UME) 245*32kB (UME) 84*64kB (UE) 13*128kB (UME) 3*256kB (UM) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 944*4096kB (ME) = 3888944kB
[  740.440717][T14938] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  740.450460][T14938] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  740.459791][T14938] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  740.472827][T14938] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  740.482335][T14938] 67021 total pagecache pages
[  740.487029][T14938] 0 pages in swap cache
[  740.491348][T14938] Free swap  = 124996kB
[  740.495531][T14938] Total swap = 124996kB
[  740.499913][T14938] 2097051 pages RAM
[  740.512110][T14938] 0 pages HighMem/MovableOnly
[  740.568146][T14938] 430226 pages reserved
[  740.576323][T14938] 0 pages cma reserved
[  740.607740][T14934] 8021q: adding VLAN 0 to HW filter on device bond3
[  740.722367][T14948] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[  740.732859][T14948] SELinux: failed to load policy
[  741.195176][T14956] netlink: 'syz.0.1983': attribute type 1 has an invalid length.
[  741.339644][T14956] 8021q: adding VLAN 0 to HW filter on device bond2
[  741.349916][T14961] bond1: (slave wlan0): Releasing active interface
[  741.356684][T14961] bond1: (slave wlan0): the permanent HWaddr of slave - 08:02:11:00:00:00 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  741.550305][T10248] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  741.766912][T14961] bond2: (slave wlan0): Enslaving as an active interface with a down link
[  741.826406][ T5920] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  742.177223][T10248] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  742.189173][T10248] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  742.202933][T10248] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  742.212168][T10248] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.221192][ T5920] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  742.229356][T10248] usb 4-1: config 0 descriptor??
[  742.254387][ T5920] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  742.267396][ T5920] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  742.303973][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.324156][T14967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.337462][ T5920] usb 5-1: config 0 descriptor??
[  742.460315][ T1207] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  742.518474][    C1] IPv4: Oversized IP packet from 172.20.20.170
[  742.525670][    C0] IPv4: Oversized IP packet from 172.20.20.170
[  742.533068][    C0] IPv4: Oversized IP packet from 172.20.20.170
[  742.539804][    C0] IPv4: Oversized IP packet from 172.20.20.170
[  742.546671][    C0] IPv4: Oversized IP packet from 172.20.20.170
[  742.554124][    C1] IPv4: Oversized IP packet from 172.20.20.170
[  742.561006][    C1] IPv4: Oversized IP packet from 172.20.20.170
[  742.568506][    C1] IPv4: Oversized IP packet from 172.20.20.170
[  742.576962][    C1] IPv4: Oversized IP packet from 172.20.20.170
[  742.583763][    C1] IPv4: Oversized IP packet from 172.20.20.170
[  742.631779][ T1207] usb 3-1: Using ep0 maxpacket: 32
[  742.638811][ T1207] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  742.650669][ T1207] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  742.662528][ T1207] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  742.682850][T10248] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  742.696913][ T1207] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  742.712108][ T1207] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  742.730507][ T1207] usb 3-1: Product: syz
[  742.734692][ T1207] usb 3-1: Manufacturer: syz
[  742.739278][ T1207] usb 3-1: SerialNumber: syz
[  742.791457][ T5920] plantronics 0003:047F:FFFF.000C: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  742.797785][ T1207] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input30
[  742.925659][T14953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.970550][T14953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.007377][ T5920] usb 4-1: USB disconnect, device number 44
[  743.051818][T14959] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  743.113064][T14959] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.190835][T14966] SELinux: failed to load policy
[  743.203057][ T1207] usb 3-1: USB disconnect, device number 54
[  743.240459][ T1207] appletouch 3-1:1.0: input: appletouch disconnected
[  743.854378][T14993] netlink: 'syz.3.1996': attribute type 1 has an invalid length.
[  743.972542][T14993] 8021q: adding VLAN 0 to HW filter on device bond8
[  744.057478][T14996] bond7: (slave wlan0): Releasing active interface
[  744.512277][T14996] bond8: (slave wlan0): Enslaving as an active interface with a down link
[  744.651440][    T9] usb 5-1: USB disconnect, device number 61
[  746.058075][T15021] netlink: 87 bytes leftover after parsing attributes in process `syz.3.2002'.
[  746.140585][ T5920] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  746.293381][ T5920] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  746.293411][ T5920] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  746.293448][ T5920] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  746.293470][ T5920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.305969][ T5920] usb 3-1: config 0 descriptor??
[  746.780655][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  746.787015][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  747.237121][T15040] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2010'.
[  747.384958][ T5920] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  747.663978][T15020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  747.689482][T15020] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  747.757689][T11625] usb 3-1: USB disconnect, device number 55
[  748.940674][T10248] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  749.040818][T15069] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  749.048765][T15069] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  749.058976][T15069] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  749.067191][T15069] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  749.075576][    T9] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  749.100266][T10248] usb 5-1: Using ep0 maxpacket: 16
[  749.108518][T10248] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  749.118211][T10248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.170449][T10248] usb 5-1: config 0 descriptor??
[  749.178904][T10248] gspca_main: sonixj-2.14.0 probing 0471:0327
[  749.240195][    T9] usb 4-1: Using ep0 maxpacket: 16
[  749.279244][    T9] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  749.286731][T15071] bridge0: entered promiscuous mode
[  749.299870][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.303964][T15071] macsec1: entered promiscuous mode
[  749.311053][    T9] usb 4-1: config 0 descriptor??
[  749.321923][    T9] gspca_main: sonixj-2.14.0 probing 0471:0327
[  749.360457][T15071] bridge0: port 3(macsec1) entered blocking state
[  749.368683][T15071] bridge0: port 3(macsec1) entered disabled state
[  749.377145][T15071] macsec1: entered allmulticast mode
[  749.388095][T15071] bridge0: entered allmulticast mode
[  749.467214][T15071] macsec1: left allmulticast mode
[  749.474092][T15071] bridge0: left allmulticast mode
[  749.476534][T15073] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  749.583321][T15071] bridge0: left promiscuous mode
[  749.960383][T15078] net_ratelimit: 144 callbacks suppressed
[  749.960416][T15078] netlink: zone id is out of range
[  749.971580][T15078] netlink: zone id is out of range
[  749.976772][T15078] netlink: zone id is out of range
[  749.982091][T15078] netlink: zone id is out of range
[  749.987278][T15078] netlink: zone id is out of range
[  749.992722][T15078] netlink: zone id is out of range
[  749.998019][T15078] netlink: zone id is out of range
[  750.003246][T15078] netlink: zone id is out of range
[  750.010432][T15078] netlink: zone id is out of range
[  750.015683][T15078] netlink: zone id is out of range
[  751.000378][T10248] gspca_sonixj: reg_w1 err -110
[  751.020274][T10248] sonixj 5-1:0.0: probe with driver sonixj failed with error -110
[  752.873812][T10248] usb 5-1: USB disconnect, device number 62
[  752.982412][    T9] gspca_sonixj: reg_w1 err -71
[  752.987242][    T9] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[  753.010673][    T9] usb 4-1: USB disconnect, device number 45
[  753.160472][ T5920] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  753.312703][ T5920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  753.324058][ T5920] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  753.360355][ T5920] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  753.370250][   T43] usb 5-1: new full-speed USB device number 63 using dummy_hcd
[  753.384640][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.410985][ T5920] usb 1-1: config 0 descriptor??
[  753.550718][   T43] usb 5-1: device descriptor read/64, error -71
[  753.810460][   T43] usb 5-1: new full-speed USB device number 64 using dummy_hcd
[  753.975507][ T5920] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  753.999996][   T43] usb 5-1: device descriptor read/64, error -71
[  754.194161][   T43] usb usb5-port1: attempt power cycle
[  754.233204][T15108] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  754.711567][T15108] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  754.767748][ T5905] usb 1-1: USB disconnect, device number 45
[  754.982745][   T43] usb 5-1: new full-speed USB device number 65 using dummy_hcd
[  755.034787][   T43] usb 5-1: device descriptor read/8, error -71
[  755.690202][   T43] usb 5-1: new full-speed USB device number 66 using dummy_hcd
[  756.052830][   T43] usb 5-1: device descriptor read/8, error -71
[  756.410347][   T43] usb usb5-port1: unable to enumerate USB device
[  756.671219][T10248] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  756.675848][T15144] net_ratelimit: 112 callbacks suppressed
[  756.675862][T15144] netlink: zone id is out of range
[  756.690206][T15144] netlink: zone id is out of range
[  756.695405][T15144] netlink: zone id is out of range
[  756.701415][T15144] netlink: zone id is out of range
[  756.706590][T15144] netlink: zone id is out of range
[  756.711870][T15144] netlink: zone id is out of range
[  756.717029][T15144] netlink: zone id is out of range
[  756.722500][T15144] netlink: zone id is out of range
[  756.739696][T15144] netlink: zone id is out of range
[  756.739988][ T5845] Bluetooth: hci5: command 0x0405 tx timeout
[  756.750956][T15144] netlink: zone id is out of range
[  757.091373][ T1153] vlan2: left promiscuous mode
[  757.150475][   T43] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  757.366918][T10248] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  757.404290][T10248] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  757.424120][T10248] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.446001][T10248] gspca_main: stv0680-2.14.0 probing 041e:4007
[  757.880197][   T43] usb 5-1: Using ep0 maxpacket: 16
[  757.940535][   T43] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  757.949603][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  758.029611][   T43] usb 5-1: config 0 descriptor??
[  758.067206][   T43] gspca_main: sonixj-2.14.0 probing 0471:0327
[  758.197346][T15154] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  758.292761][T15157] netlink: 'syz.0.2042': attribute type 1 has an invalid length.
[  758.407151][T15157] 8021q: adding VLAN 0 to HW filter on device bond3
[  758.480491][T10248] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  758.493224][T15160] bond2: (slave wlan0): Releasing active interface
[  758.502619][T15160] bond3: (slave wlan0): Enslaving as an active interface with a down link
[  758.532289][T10248] stv0680 3-1:4.0: STV(e): camera ping failed!!
[  758.614113][T10248] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  758.621863][T15166] fuse: Bad value for 'user_id'
[  758.627830][T15166] fuse: Bad value for 'user_id'
[  758.685317][T10248] stv0680 3-1:4.0: last error: 0,  command = 0x0
[  758.694073][T10248] usb 3-1: USB disconnect, device number 56
[  759.749232][   T43] gspca_sonixj: reg_w1 err -110
[  759.813097][   T43] sonixj 5-1:0.0: probe with driver sonixj failed with error -110
[  760.100249][T10248] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  760.250686][T10248] usb 6-1: device descriptor read/64, error -71
[  760.279806][T15197] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  760.289084][T15197] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  760.306872][T15197] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  760.315067][T15197] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  760.408116][T15201] macsec1: entered promiscuous mode
[  760.422646][T15201] bridge0: entered promiscuous mode
[  760.689386][T10248] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  760.738243][T15201] bridge0: port 3(macsec1) entered blocking state
[  760.748992][T15201] bridge0: port 3(macsec1) entered disabled state
[  760.758216][T15201] macsec1: entered allmulticast mode
[  760.763858][T15201] bridge0: entered allmulticast mode
[  760.841698][T15201] macsec1: left allmulticast mode
[  760.847941][T15201] bridge0: left allmulticast mode
[  760.850201][T10248] usb 6-1: device descriptor read/64, error -71
[  760.870667][T15201] bridge0: left promiscuous mode
[  760.970631][T10248] usb usb6-port1: attempt power cycle
[  761.120594][T15209] fuse: Bad value for 'user_id'
[  761.125453][T15209] fuse: Bad value for 'user_id'
[  761.320224][T10248] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  761.901081][T10248] usb 6-1: device descriptor read/8, error -71
[  761.947420][ T5950] usb 5-1: USB disconnect, device number 67
[  762.179392][   T10] libceph: connect (1)[c::]:6789 error -101
[  762.185665][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  762.189589][T15227] netlink: 'syz.4.2062': attribute type 1 has an invalid length.
[  762.202029][T10248] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  763.330959][   T10] libceph: connect (1)[c::]:6789 error -101
[  763.335541][T15227] 8021q: adding VLAN 0 to HW filter on device bond4
[  763.337777][   T30] audit: type=1326 audit(2000000673.648:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15220 comm="syz.0.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  763.378692][T10248] usb 6-1: device descriptor read/8, error -71
[  763.388066][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  763.413806][   T30] audit: type=1326 audit(2000000673.658:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15220 comm="syz.0.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  763.532415][T10248] usb usb6-port1: unable to enumerate USB device
[  763.658132][   T30] audit: type=1326 audit(2000000673.658:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15220 comm="syz.0.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  763.936415][T10248] libceph: connect (1)[c::]:6789 error -101
[  763.940220][T15219] ceph: No mds server is up or the cluster is laggy
[  764.011670][T10248] libceph: mon0 (1)[c::]:6789 connect error
[  764.018802][   T30] audit: type=1326 audit(2000000673.678:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15220 comm="syz.0.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  764.168695][   T30] audit: type=1326 audit(2000000673.678:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15220 comm="syz.0.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  764.802159][T15253] net_ratelimit: 112 callbacks suppressed
[  764.802169][T15253] Set syz0 is full, maxelem 0 reached
[  764.828306][T15253] netlink: 87 bytes leftover after parsing attributes in process `syz.2.2067'.
[  764.857877][T10248] libceph: connect (1)[c::]:6789 error -101
[  764.857972][T10248] libceph: mon0 (1)[c::]:6789 connect error
[  765.112061][T10248] libceph: connect (1)[c::]:6789 error -101
[  765.112161][T10248] libceph: mon0 (1)[c::]:6789 connect error
[  765.971730][    T9] libceph: connect (1)[c::]:6789 error -101
[  765.977813][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  766.011950][T15255] ceph: No mds server is up or the cluster is laggy
[  766.075275][T15275] netlink: 'syz.3.2073': attribute type 1 has an invalid length.
[  766.113968][T15275] 8021q: adding VLAN 0 to HW filter on device bond9
[  766.147922][T15275] bond8: (slave wlan0): Releasing active interface
[  766.206681][T15275] bond9: (slave wlan0): Enslaving as an active interface with a down link
[  767.429787][   T30] audit: type=1326 audit(2000000678.798:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15292 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  768.204083][   T30] audit: type=1326 audit(2000000678.828:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15292 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  768.319516][   T30] audit: type=1326 audit(2000000678.828:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15292 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.419754][   T30] audit: type=1326 audit(2000000678.828:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15292 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.492027][T15308] netlink: 'syz.4.2081': attribute type 1 has an invalid length.
[  769.526994][T15308] 8021q: adding VLAN 0 to HW filter on device bond5
[  769.613985][T15308] bond2: (slave wlan0): Releasing active interface
[  769.634414][T15308] bond2: (slave wlan0): the permanent HWaddr of slave - 08:02:11:00:00:00 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  769.653404][T15308] vlan2: entered promiscuous mode
[  769.680331][   T30] audit: type=1326 audit(2000000678.828:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15292 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.705713][   T30] audit: type=1326 audit(2000000679.878:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15301 comm="syz.0.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.742565][   T30] audit: type=1326 audit(2000000679.878:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15301 comm="syz.0.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.771150][   T30] audit: type=1326 audit(2000000679.878:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15301 comm="syz.0.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.771719][T15314] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  769.797579][   T30] audit: type=1326 audit(2000000679.878:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15301 comm="syz.0.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.826132][T15314] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  769.832585][   T30] audit: type=1326 audit(2000000679.878:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15301 comm="syz.0.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  769.834586][T15314] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  769.861865][T15308] bond5: (slave wlan0): Enslaving as an active interface with a down link
[  769.869158][T15314] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  770.563738][ T1207] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  770.657951][T15325] netlink: 'syz.0.2084': attribute type 1 has an invalid length.
[  770.732569][ T1207] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  770.753230][ T1207] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  770.798496][T15325] 8021q: adding VLAN 0 to HW filter on device bond4
[  770.809684][ T1207] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.830372][T15327] bond3: (slave wlan0): Releasing active interface
[  770.957096][T15327] bond4: (slave wlan0): Enslaving as an active interface with a down link
[  771.011968][ T1207] gspca_main: stv0680-2.14.0 probing 041e:4007
[  771.026533][T15332] fuse: Bad value for 'user_id'
[  771.033514][T15332] fuse: Bad value for 'user_id'
[  771.304070][   T30] audit: type=1400 audit(2000000682.668:682): avc:  denied  { append } for  pid=15339 comm="syz.0.2087" name="video7" dev="devtmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  771.431476][   T30] audit: type=1400 audit(2000000682.798:683): avc:  denied  { mount } for  pid=15339 comm="syz.0.2087" name="/" dev="configfs" ino=1246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  771.715811][ T5905] libceph: connect (1)[c::]:6789 error -101
[  771.724684][ T5905] libceph: mon0 (1)[c::]:6789 connect error
[  771.769425][T15346] ceph: No mds server is up or the cluster is laggy
[  772.010570][ T5905] libceph: connect (1)[c::]:6789 error -101
[  772.647796][ T5905] libceph: mon0 (1)[c::]:6789 connect error
[  772.658275][ T1207] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  772.670156][   T30] audit: type=1326 audit(2000000683.228:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.0.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  772.719391][ T1207] stv0680 3-1:4.0: STV(e): camera ping failed!!
[  772.754391][ T1207] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  772.765578][ T1207] stv0680 3-1:4.0: last error: 0,  command = 0x0
[  772.786963][T15354] netlink: 'syz.2.2091': attribute type 1 has an invalid length.
[  772.806489][ T1207] usb 3-1: USB disconnect, device number 57
[  772.894649][T15354] 8021q: adding VLAN 0 to HW filter on device bond4
[  773.120222][ T5905] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  774.101923][ T5905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  774.148797][T15359] bond3: (slave wlan0): Releasing active interface
[  774.166761][ T5905] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  774.241877][ T5905] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  774.252755][ T5905] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.342012][T15373] netlink: 'syz.5.2096': attribute type 1 has an invalid length.
[  774.382535][T15359] bond4: (slave wlan0): Enslaving as an active interface with a down link
[  774.440055][ T5905] usb 5-1: config 0 descriptor??
[  774.644712][T15373] 8021q: adding VLAN 0 to HW filter on device bond1
[  774.693707][T15376] vlan0: entered allmulticast mode
[  774.700602][T15376] veth1: entered allmulticast mode
[  774.727179][T15376] bond1: (slave vlan0): making interface the new active one
[  774.746424][T15376] bond1: (slave vlan0): Enslaving as an active interface with an up link
[  775.089389][ T5905] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  776.172068][ T5905] usb 5-1: USB disconnect, device number 68
[  776.388454][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  776.388472][   T30] audit: type=1326 audit(2000000687.758:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15404 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  777.439570][T15414] netlink: zone id is out of range
[  777.444853][T15414] netlink: zone id is out of range
[  777.450002][T15414] netlink: zone id is out of range
[  777.455218][T15414] netlink: zone id is out of range
[  777.460439][T15414] netlink: zone id is out of range
[  777.465925][T15414] netlink: zone id is out of range
[  777.471174][T15414] netlink: zone id is out of range
[  777.476335][T15414] netlink: zone id is out of range
[  777.481536][T15414] netlink: zone id is out of range
[  777.487378][T15414] netlink: zone id is out of range
[  777.520405][   T30] audit: type=1326 audit(2000000687.788:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15404 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  777.543796][    C1] vkms_vblank_simulate: vblank timer overrun
[  778.062736][T15412] ceph: No mds server is up or the cluster is laggy
[  778.069586][T10248] libceph: connect (1)[c::]:6789 error -101
[  778.076310][T10248] libceph: mon0 (1)[c::]:6789 connect error
[  778.419771][ T1207] libceph: connect (1)[c::]:6789 error -101
[  778.425805][ T1207] libceph: mon0 (1)[c::]:6789 connect error
[  778.453731][   T30] audit: type=1326 audit(2000000687.788:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15404 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  778.550897][   T30] audit: type=1326 audit(2000000687.798:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15404 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  778.579594][T15422] netlink: 'syz.0.2108': attribute type 1 has an invalid length.
[  778.599654][   T30] audit: type=1326 audit(2000000687.798:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15404 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  778.667962][T15422] 8021q: adding VLAN 0 to HW filter on device bond5
[  778.756585][T15428] bond4: (slave wlan0): Releasing active interface
[  778.806217][T15428] bond5: (slave wlan0): Enslaving as an active interface with a down link
[  779.914924][T15440] syzkaller0: entered promiscuous mode
[  779.948923][T15440] syzkaller0: entered allmulticast mode
[  780.032794][   T30] audit: type=1400 audit(2000000691.408:694): avc:  denied  { write } for  pid=15443 comm="syz.0.2113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  781.188529][ T5920] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  781.460321][ T5920] usb 5-1: Using ep0 maxpacket: 32
[  781.874440][ T1207] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  781.882461][ T5920] usb 5-1: config 8 has an invalid interface number: 203 but max is 0
[  781.899170][ T5920] usb 5-1: config 8 has no interface number 0
[  781.905601][ T5920] usb 5-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[  781.917427][ T5920] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024
[  781.927726][ T5920] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0xB has invalid maxpacket 1023
[  781.937944][ T5920] usb 5-1: config 8 interface 203 has no altsetting 0
[  781.947216][ T5920] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  781.956364][ T5920] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.964502][ T5920] usb 5-1: Product: syz
[  781.968772][ T5920] usb 5-1: Manufacturer: syz
[  781.973490][ T5920] usb 5-1: SerialNumber: syz
[  781.987905][T15454] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  781.995681][T15454] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  782.041715][ T1207] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  782.062284][ T1207] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  782.078622][ T1207] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  782.087908][ T1207] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.167340][ T1207] usb 1-1: config 0 descriptor??
[  782.219727][T15454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  782.252402][T15454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  782.266823][    C1] port100 5-1:8.203: NFC: Urb failure (status -71)
[  782.292041][    C1] port100 5-1:8.203: NFC: Urb failure (status -71)
[  782.303594][ T5920] port100 5-1:8.203: NFC: Could not get supported command types
[  782.338536][ T5920] usb 5-1: USB disconnect, device number 69
[  782.510786][   T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  782.626617][ T1207] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  782.671548][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  782.694316][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  782.708672][   T10] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  782.719345][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.738897][   T10] usb 6-1: config 0 descriptor??
[  782.830706][T15457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  782.840091][T15457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  783.155527][ T5891] usb 1-1: USB disconnect, device number 46
[  783.172827][T15466] net_ratelimit: 112 callbacks suppressed
[  783.172842][T15466] netlink: zone id is out of range
[  783.183939][T15466] netlink: zone id is out of range
[  783.189026][T15466] netlink: zone id is out of range
[  783.194146][T15466] netlink: zone id is out of range
[  783.199235][T15466] netlink: zone id is out of range
[  783.204419][T15466] netlink: zone id is out of range
[  783.209507][T15466] netlink: zone id is out of range
[  783.214618][T15466] netlink: zone id is out of range
[  783.219711][T15466] netlink: zone id is out of range
[  783.224836][T15466] netlink: zone id is out of range
[  783.338506][T15473] FAULT_INJECTION: forcing a failure.
[  783.338506][T15473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  783.353131][T15473] CPU: 1 UID: 0 PID: 15473 Comm: syz.2.2120 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  783.353156][T15473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  783.353166][T15473] Call Trace:
[  783.353172][T15473]  <TASK>
[  783.353186][T15473]  dump_stack_lvl+0x16c/0x1f0
[  783.353217][T15473]  should_fail_ex+0x512/0x640
[  783.353237][T15473]  _copy_to_user+0x32/0xd0
[  783.353258][T15473]  simple_read_from_buffer+0xcb/0x170
[  783.353279][T15473]  proc_fail_nth_read+0x197/0x240
[  783.353301][T15473]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  783.353323][T15473]  ? rw_verify_area+0xcf/0x6c0
[  783.353348][T15473]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  783.353368][T15473]  vfs_read+0x1e4/0xc60
[  783.353388][T15473]  ? __pfx___mutex_lock+0x10/0x10
[  783.353415][T15473]  ? __pfx_vfs_read+0x10/0x10
[  783.353439][T15473]  ? __fget_files+0x20e/0x3c0
[  783.353466][T15473]  ksys_read+0x12a/0x250
[  783.353483][T15473]  ? __pfx_ksys_read+0x10/0x10
[  783.353508][T15473]  do_syscall_64+0xcd/0x4c0
[  783.353536][T15473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.353554][T15473] RIP: 0033:0x7fa49fd8d57c
[  783.353568][T15473] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  783.353586][T15473] RSP: 002b:00007fa4a0b70030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  783.353603][T15473] RAX: ffffffffffffffda RBX: 00007fa49ffb6080 RCX: 00007fa49fd8d57c
[  783.353615][T15473] RDX: 000000000000000f RSI: 00007fa4a0b700a0 RDI: 0000000000000003
[  783.353626][T15473] RBP: 00007fa4a0b70090 R08: 0000000000000000 R09: 0000000000000000
[  783.353636][T15473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.353646][T15473] R13: 0000000000000000 R14: 00007fa49ffb6080 R15: 00007fff4fe41da8
[  783.353670][T15473]  </TASK>
[  783.561082][   T10] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  783.730600][   T10] usb 6-1: USB disconnect, device number 7
[  785.150213][   T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  785.679383][   T30] audit: type=1326 audit(2000000696.378:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.2.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49fd8eb69 code=0x7ffc0000
[  785.773356][   T30] audit: type=1326 audit(2000000696.378:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.2.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49fd8eb69 code=0x7ffc0000
[  785.796723][    C0] vkms_vblank_simulate: vblank timer overrun
[  785.807885][   T30] audit: type=1326 audit(2000000696.378:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.2.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fa49fd8eb69 code=0x7ffc0000
[  785.831228][    C0] vkms_vblank_simulate: vblank timer overrun
[  785.840210][   T30] audit: type=1326 audit(2000000696.388:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.2.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49fd8eb69 code=0x7ffc0000
[  785.863549][    C0] vkms_vblank_simulate: vblank timer overrun
[  785.929246][   T30] audit: type=1326 audit(2000000696.388:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.2.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49fd8eb69 code=0x7ffc0000
[  786.112464][   T10] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  786.130226][   T10] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  786.159833][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.967851][   T10] gspca_main: stv0680-2.14.0 probing 041e:4007
[  787.000362][ T5891] usb 1-1: new full-speed USB device number 47 using dummy_hcd
[  787.825004][ T5891] usb 1-1: no configurations
[  787.840178][ T5891] usb 1-1: can't read configurations, error -22
[  787.980268][ T5891] usb 1-1: new full-speed USB device number 48 using dummy_hcd
[  788.030536][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  788.054077][   T10] stv0680 6-1:4.0: STV(e): camera ping failed!!
[  788.063116][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  788.071476][   T10] stv0680 6-1:4.0: last error: 0,  command = 0x0
[  788.085540][   T10] usb 6-1: USB disconnect, device number 8
[  788.180678][ T5891] usb 1-1: no configurations
[  788.192475][ T5891] usb 1-1: can't read configurations, error -22
[  788.206232][ T5891] usb usb1-port1: attempt power cycle
[  788.980197][ T5891] usb 1-1: new full-speed USB device number 49 using dummy_hcd
[  789.325459][   T30] audit: type=1326 audit(2000000700.068:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15526 comm="syz.5.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  789.594144][ T6290] vlan2: left promiscuous mode
[  789.962749][   T30] audit: type=1326 audit(2000000700.068:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15526 comm="syz.5.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  789.986501][   T30] audit: type=1326 audit(2000000700.068:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15526 comm="syz.5.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  790.010313][   T30] audit: type=1326 audit(2000000700.078:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15526 comm="syz.5.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  790.033962][   T30] audit: type=1326 audit(2000000700.078:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15526 comm="syz.5.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  790.123452][ T5891] usb 1-1: device descriptor read/8, error -71
[  790.585794][T15539] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input39
[  790.698947][T15541] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2137'.
[  790.707891][T15541] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2137'.
[  790.854616][T15532] syzkaller0: entered promiscuous mode
[  790.866362][T15532] syzkaller0: entered allmulticast mode
[  791.183031][T15546] net_ratelimit: 234 callbacks suppressed
[  791.183048][T15546] netlink: zone id is out of range
[  791.196169][T15546] netlink: zone id is out of range
[  791.201489][T15546] netlink: zone id is out of range
[  791.207331][T15546] netlink: zone id is out of range
[  791.212638][T15546] netlink: zone id is out of range
[  791.217805][T15546] netlink: zone id is out of range
[  791.223051][T15546] netlink: zone id is out of range
[  791.228205][T15546] netlink: zone id is out of range
[  791.233445][T15546] netlink: zone id is out of range
[  791.238600][T15546] netlink: zone id is out of range
[  791.463053][T15551] syz.5.2140: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  791.479851][T15551] CPU: 0 UID: 0 PID: 15551 Comm: syz.5.2140 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  791.479878][T15551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  791.479890][T15551] Call Trace:
[  791.479897][T15551]  <TASK>
[  791.479905][T15551]  dump_stack_lvl+0x16c/0x1f0
[  791.479937][T15551]  warn_alloc+0x248/0x3a0
[  791.479960][T15551]  ? __pfx_warn_alloc+0x10/0x10
[  791.479978][T15551]  ? __pfx_stack_trace_save+0x10/0x10
[  791.480013][T15551]  ? kasan_save_stack+0x42/0x60
[  791.480031][T15551]  ? kasan_save_stack+0x33/0x60
[  791.480048][T15551]  ? kasan_save_track+0x14/0x30
[  791.480066][T15551]  ? xskq_create+0x52/0x1d0
[  791.480089][T15551]  ? xsk_setsockopt+0x74e/0x9a0
[  791.480117][T15551]  ? do_sock_setsockopt+0xf0/0x1d0
[  791.480139][T15551]  ? xskq_create+0xfb/0x1d0
[  791.480161][T15551]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  791.480195][T15551]  ? xskq_create+0xfb/0x1d0
[  791.480224][T15551]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  791.480257][T15551]  ? xskq_create+0xfb/0x1d0
[  791.480279][T15551]  vmalloc_user_noprof+0x9e/0xe0
[  791.480306][T15551]  ? xskq_create+0xfb/0x1d0
[  791.480328][T15551]  xskq_create+0xfb/0x1d0
[  791.480352][T15551]  xsk_setsockopt+0x74e/0x9a0
[  791.480376][T15551]  ? __pfx_xsk_setsockopt+0x10/0x10
[  791.480397][T15551]  ? find_held_lock+0x2b/0x80
[  791.480423][T15551]  ? selinux_socket_setsockopt+0x6a/0x80
[  791.480445][T15551]  ? __pfx_xsk_setsockopt+0x10/0x10
[  791.480468][T15551]  do_sock_setsockopt+0xf0/0x1d0
[  791.480491][T15551]  __sys_setsockopt+0x1a0/0x230
[  791.480520][T15551]  __x64_sys_setsockopt+0xbd/0x160
[  791.480543][T15551]  ? do_syscall_64+0x91/0x4c0
[  791.480569][T15551]  ? lockdep_hardirqs_on+0x7c/0x110
[  791.480596][T15551]  do_syscall_64+0xcd/0x4c0
[  791.480626][T15551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.480644][T15551] RIP: 0033:0x7f382b58eb69
[  791.480661][T15551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.480680][T15551] RSP: 002b:00007f382c323038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  791.480699][T15551] RAX: ffffffffffffffda RBX: 00007f382b7b6080 RCX: 00007f382b58eb69
[  791.480712][T15551] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  791.480724][T15551] RBP: 00007f382b611df1 R08: 0000000000000004 R09: 0000000000000000
[  791.480736][T15551] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  791.480748][T15551] R13: 0000000000000000 R14: 00007f382b7b6080 R15: 00007ffcbf08fab8
[  791.480774][T15551]  </TASK>
[  791.732304][T15551] Mem-Info:
[  791.735444][T15551] active_anon:14772 inactive_anon:0 isolated_anon:0
[  791.735444][T15551]  active_file:21913 inactive_file:40871 isolated_file:0
[  791.735444][T15551]  unevictable:768 dirty:598 writeback:0
[  791.735444][T15551]  slab_reclaimable:12355 slab_unreclaimable:105661
[  791.735444][T15551]  mapped:32424 shmem:4240 pagetables:1270
[  791.735444][T15551]  sec_pagetables:0 bounce:0
[  791.735444][T15551]  kernel_misc_reclaimable:0
[  791.735444][T15551]  free:1269376 free_pcp:23725 free_cma:0
[  791.783401][T15551] Node 0 active_anon:59188kB inactive_anon:0kB active_file:87628kB inactive_file:163280kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129672kB dirty:2388kB writeback:0kB shmem:15424kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12712kB pagetables:4928kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  791.815646][T15551] Node 1 active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  791.846336][T15551] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  791.875302][T15551] lowmem_reserve[]: 0 2479 2481 2481 2481
[  791.881188][T15551] Node 0 DMA32 free:1172932kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:59172kB inactive_anon:0kB active_file:87628kB inactive_file:161952kB unevictable:1536kB writepending:2388kB present:3129332kB managed:2539452kB mlocked:0kB bounce:0kB free_pcp:74800kB local_pcp:33736kB free_cma:0kB
[  791.913802][T15551] lowmem_reserve[]: 0 0 1 1 1
[  791.918628][T15551] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:4kB free_cma:0kB
[  791.948205][T15551] lowmem_reserve[]: 0 0 0 0 0
[  792.002652][T15551] Node 1 Normal free:3889200kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20064kB local_pcp:14624kB free_cma:0kB
[  792.051798][T15551] lowmem_reserve[]: 0 0 0 0 0
[  792.056759][T15551] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  792.069899][T15551] Node 0 DMA32: 2165*4kB (U) 721*8kB (UME) 273*16kB (UE) 142*32kB (UME) 416*64kB (ME) 104*128kB (UME) 93*256kB (UME) 48*512kB (UME) 29*1024kB (UM) 10*2048kB (UM) 247*4096kB (UM) = 1173548kB
[  792.089497][T15551] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  792.102250][T15551] Node 1 Normal: 234*4kB (UME) 53*8kB (UME) 44*16kB (UME) 249*32kB (UME) 84*64kB (UE) 12*128kB (UME) 4*256kB (UM) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 944*4096kB (ME) = 3889200kB
[  792.121035][T15551] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  792.130935][T15551] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  792.140833][T15551] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  792.150462][T15551] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  792.165699][T15551] 67021 total pagecache pages
[  792.286819][T15551] 0 pages in swap cache
[  792.295137][T15551] Free swap  = 124996kB
[  792.299295][T15551] Total swap = 124996kB
[  792.303506][T15551] 2097051 pages RAM
[  792.307462][T15551] 0 pages HighMem/MovableOnly
[  792.312767][T15551] 430226 pages reserved
[  792.316968][T15551] 0 pages cma reserved
[  793.910320][   T10] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  795.680304][ T5891] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  797.486559][   T30] audit: type=1326 audit(2000000707.398:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15577 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  797.554078][ T5891] usb 6-1: no configurations
[  797.874449][ T5891] usb 6-1: can't read configurations, error -22
[  797.911729][   T30] audit: type=1326 audit(2000000707.398:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15577 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  797.940629][   T30] audit: type=1326 audit(2000000707.398:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15577 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  797.965961][   T30] audit: type=1326 audit(2000000707.408:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15577 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  798.039657][   T30] audit: type=1326 audit(2000000707.408:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15577 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  798.063327][ T5891] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  798.165533][   T10] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  798.665137][ T5891] usb 6-1: no configurations
[  798.685818][ T5891] usb 6-1: can't read configurations, error -22
[  798.707877][ T5891] usb usb6-port1: attempt power cycle
[  798.724273][T15595] netlink: 'syz.5.2151': attribute type 1 has an invalid length.
[  798.727811][   T10] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  798.748523][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  798.756760][   T10] usb 4-1: Product: syz
[  798.761918][   T10] usb 4-1: Manufacturer: syz
[  798.766672][   T10] usb 4-1: SerialNumber: syz
[  798.779043][   T10] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  798.786967][T15595] 8021q: adding VLAN 0 to HW filter on device bond2
[  798.801021][ T1207] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  798.847159][T15597] bond2: (slave wlan0): Enslaving as an active interface with a down link
[  799.913857][    T9] usb 4-1: USB disconnect, device number 46
[  799.930716][ T1207] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  799.953990][ T1207] ath9k_htc: Failed to initialize the device
[  799.962556][    T9] usb 4-1: ath9k_htc: USB layer deinitialized
[  800.118829][T15608] net_ratelimit: 234 callbacks suppressed
[  800.118860][T15608] netlink: zone id is out of range
[  800.129789][T15608] netlink: zone id is out of range
[  800.135006][T15608] netlink: zone id is out of range
[  800.140226][T15608] netlink: zone id is out of range
[  800.145387][T15608] netlink: zone id is out of range
[  800.150601][T15608] netlink: zone id is out of range
[  800.155732][T15608] netlink: zone id is out of range
[  800.160949][T15608] netlink: zone id is out of range
[  800.166099][T15608] netlink: zone id is out of range
[  800.241919][T15608] netlink: zone id is out of range
[  801.805801][T15624] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  801.890998][    T9] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  801.916446][T15624] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  801.933121][T15624] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  801.960213][T15624] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  802.110641][    T9] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  802.400846][    T9] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  802.440263][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.517699][    T9] gspca_main: stv0680-2.14.0 probing 041e:4007
[  802.880240][ T5891] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  802.901553][T15635] netlink: 'syz.2.2162': attribute type 1 has an invalid length.
[  802.998389][T15635] 8021q: adding VLAN 0 to HW filter on device bond5
[  803.014659][T15639] bond4: (slave wlan0): Releasing active interface
[  803.028262][T15639] bond5: (slave wlan0): Enslaving as an active interface with a down link
[  803.042286][ T5891] usb 6-1: no configurations
[  803.046891][ T5891] usb 6-1: can't read configurations, error -22
[  803.342116][ T5891] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  803.510917][ T5891] usb 6-1: no configurations
[  803.515546][ T5891] usb 6-1: can't read configurations, error -22
[  803.570382][ T5891] usb usb6-port1: attempt power cycle
[  803.724009][    T9] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  803.732521][    T9] stv0680 1-1:4.0: STV(e): camera ping failed!!
[  803.742252][    T9] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  803.753264][    T9] stv0680 1-1:4.0: last error: 0,  command = 0x0
[  804.390200][ T5891] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  804.391314][    T9] usb 1-1: USB disconnect, device number 51
[  804.421636][ T5891] usb 6-1: no configurations
[  804.426235][ T5891] usb 6-1: can't read configurations, error -22
[  804.558160][   T30] audit: type=1326 audit(2000000715.908:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15655 comm="syz.0.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  804.707292][ T5891] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  804.786870][ T5891] usb 6-1: no configurations
[  804.808426][ T5891] usb 6-1: can't read configurations, error -22
[  804.816775][ T5905] libceph: connect (1)[c::]:6789 error -101
[  804.843444][T15661] ceph: No mds server is up or the cluster is laggy
[  804.854948][ T5905] libceph: mon0 (1)[c::]:6789 connect error
[  804.864170][   T30] audit: type=1326 audit(2000000715.908:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15655 comm="syz.0.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  804.900597][ T5891] usb usb6-port1: unable to enumerate USB device
[  804.918300][   T30] audit: type=1326 audit(2000000715.928:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15655 comm="syz.0.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  804.950810][   T30] audit: type=1326 audit(2000000715.928:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15655 comm="syz.0.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3698eb69 code=0x7ffc0000
[  805.307950][T15679] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2170'.
[  805.470349][   T10] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  805.693983][T15691] net_ratelimit: 112 callbacks suppressed
[  805.694000][T15691] netlink: zone id is out of range
[  805.704944][T15691] netlink: zone id is out of range
[  805.710118][T15691] netlink: zone id is out of range
[  805.715241][T15691] netlink: zone id is out of range
[  805.720526][T15691] netlink: zone id is out of range
[  805.725673][T15691] netlink: zone id is out of range
[  805.731121][T15691] netlink: zone id is out of range
[  805.736279][T15691] netlink: zone id is out of range
[  805.741473][T15691] netlink: zone id is out of range
[  805.748888][T15691] netlink: zone id is out of range
[  805.980570][   T10] usb 3-1: Using ep0 maxpacket: 16
[  806.053234][   T10] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  806.069134][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  806.083524][   T10] usb 3-1: config 0 descriptor??
[  806.095566][   T10] gspca_main: sonixj-2.14.0 probing 0471:0327
[  806.977324][   T10] gspca_sonixj: reg_r err -110
[  806.982187][   T10] sonixj 3-1:0.0: probe with driver sonixj failed with error -110
[  808.162509][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  808.168820][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  809.229399][   T30] audit: type=1326 audit(2000000719.788:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15714 comm="syz.4.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  809.253036][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.260412][   T30] audit: type=1326 audit(2000000719.788:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15714 comm="syz.4.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  809.283761][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.290584][   T30] audit: type=1326 audit(2000000719.788:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15714 comm="syz.4.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  809.334451][   T30] audit: type=1326 audit(2000000719.798:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15714 comm="syz.4.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  809.384387][   T30] audit: type=1326 audit(2000000719.798:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15714 comm="syz.4.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  809.436504][   T10] usb 3-1: USB disconnect, device number 59
[  809.497527][T15719] warn_alloc: 1 callbacks suppressed
[  809.497549][T15719] syz.0.2182: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  809.517760][T15719] CPU: 0 UID: 0 PID: 15719 Comm: syz.0.2182 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  809.517789][T15719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  809.517801][T15719] Call Trace:
[  809.517809][T15719]  <TASK>
[  809.517817][T15719]  dump_stack_lvl+0x16c/0x1f0
[  809.517851][T15719]  warn_alloc+0x248/0x3a0
[  809.517875][T15719]  ? __pfx_warn_alloc+0x10/0x10
[  809.517895][T15719]  ? __pfx_stack_trace_save+0x10/0x10
[  809.517930][T15719]  ? kasan_save_stack+0x42/0x60
[  809.517949][T15719]  ? kasan_save_stack+0x33/0x60
[  809.517968][T15719]  ? kasan_save_track+0x14/0x30
[  809.517986][T15719]  ? xskq_create+0x52/0x1d0
[  809.518009][T15719]  ? xsk_setsockopt+0x74e/0x9a0
[  809.518030][T15719]  ? do_sock_setsockopt+0xf0/0x1d0
[  809.518051][T15719]  ? xskq_create+0xfb/0x1d0
[  809.518075][T15719]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  809.518111][T15719]  ? xskq_create+0xfb/0x1d0
[  809.518142][T15719]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  809.518178][T15719]  ? xskq_create+0xfb/0x1d0
[  809.518202][T15719]  vmalloc_user_noprof+0x9e/0xe0
[  809.518235][T15719]  ? xskq_create+0xfb/0x1d0
[  809.518260][T15719]  xskq_create+0xfb/0x1d0
[  809.518286][T15719]  xsk_setsockopt+0x74e/0x9a0
[  809.518311][T15719]  ? __pfx_xsk_setsockopt+0x10/0x10
[  809.518334][T15719]  ? find_held_lock+0x2b/0x80
[  809.518362][T15719]  ? selinux_socket_setsockopt+0x6a/0x80
[  809.518385][T15719]  ? __pfx_xsk_setsockopt+0x10/0x10
[  809.518411][T15719]  do_sock_setsockopt+0xf0/0x1d0
[  809.518435][T15719]  __sys_setsockopt+0x1a0/0x230
[  809.518466][T15719]  __x64_sys_setsockopt+0xbd/0x160
[  809.518490][T15719]  ? do_syscall_64+0x91/0x4c0
[  809.518517][T15719]  ? lockdep_hardirqs_on+0x7c/0x110
[  809.518542][T15719]  do_syscall_64+0xcd/0x4c0
[  809.518572][T15719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.518592][T15719] RIP: 0033:0x7fef3698eb69
[  809.518608][T15719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  809.518627][T15719] RSP: 002b:00007fef347d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  809.518645][T15719] RAX: ffffffffffffffda RBX: 00007fef36bb6080 RCX: 00007fef3698eb69
[  809.518657][T15719] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  809.518669][T15719] RBP: 00007fef36a11df1 R08: 0000000000000004 R09: 0000000000000000
[  809.518680][T15719] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  809.518691][T15719] R13: 0000000000000000 R14: 00007fef36bb6080 R15: 00007ffc37a74f48
[  809.518717][T15719]  </TASK>
[  809.518746][T15719] Mem-Info:
[  809.719369][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.793796][T15719] active_anon:18881 inactive_anon:0 isolated_anon:0
[  809.793796][T15719]  active_file:21913 inactive_file:40877 isolated_file:0
[  809.793796][T15719]  unevictable:768 dirty:360 writeback:0
[  809.793796][T15719]  slab_reclaimable:12322 slab_unreclaimable:102773
[  809.793796][T15719]  mapped:31399 shmem:4242 pagetables:1263
[  809.793796][T15719]  sec_pagetables:0 bounce:0
[  809.793796][T15719]  kernel_misc_reclaimable:0
[  809.793796][T15719]  free:1268115 free_pcp:23793 free_cma:0
[  809.839250][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.845995][T15719] Node 0 active_anon:75524kB inactive_anon:0kB active_file:87628kB inactive_file:163304kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125572kB dirty:1436kB writeback:0kB shmem:15432kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12524kB pagetables:4900kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  809.877882][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.884078][T15719] Node 1 active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  809.914165][T15719] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  809.942990][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.949513][T15719] lowmem_reserve[]: 0 2479 2481 2481 2481
[  809.955483][T15719] Node 0 DMA32 free:1167376kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:75508kB inactive_anon:0kB active_file:87628kB inactive_file:161976kB unevictable:1536kB writepending:1436kB present:3129332kB managed:2539452kB mlocked:0kB bounce:0kB free_pcp:75588kB local_pcp:56216kB free_cma:0kB
[  809.987874][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.993944][T15719] lowmem_reserve[]: 0 0 1 1 1
[  809.998913][T15719] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:4kB free_cma:0kB
[  810.028061][    C0] vkms_vblank_simulate: vblank timer overrun
[  810.034293][T15719] lowmem_reserve[]: 0 0 0 0 0
[  810.039215][T15719] Node 1 Normal free:3889712kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:19552kB local_pcp:14368kB free_cma:0kB
[  810.070533][    C0] vkms_vblank_simulate: vblank timer overrun
[  810.076889][T15719] lowmem_reserve[]: 0 0 0 0 0
[  810.081916][T15719] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  810.095095][T15719] Node 0 DMA32: 3142*4kB (UM) 793*8kB (UME) 355*16kB (UME) 259*32kB (UME) 135*64kB (UME) 106*128kB (UME) 93*256kB (UME) 48*512kB (UME) 29*1024kB (UM) 11*2048kB (UM) 247*4096kB (UM) = 1167408kB
[  810.114846][T15719] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  810.127618][T15719] Node 1 Normal: 234*4kB (UME) 53*8kB (UME) 44*16kB (UME) 257*32kB (UME) 86*64kB (UE) 13*128kB (UME) 4*256kB (UM) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 944*4096kB (ME) = 3889712kB
[  810.146425][T15719] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  810.156344][T15719] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  810.165767][T15719] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  810.175498][T15719] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  810.184888][T15719] 67029 total pagecache pages
[  810.189657][T15719] 0 pages in swap cache
[  810.193880][T15719] Free swap  = 124996kB
[  810.198111][T15719] Total swap = 124996kB
[  810.202370][T15719] 2097051 pages RAM
[  810.206245][T15719] 0 pages HighMem/MovableOnly
[  810.211032][T15719] 430226 pages reserved
[  810.215296][T15719] 0 pages cma reserved
[  811.160272][    T9] usb 1-1: new full-speed USB device number 52 using dummy_hcd
[  811.405599][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  811.445124][    T9] usb 1-1: config 0 has no interfaces?
[  811.486123][    T9] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  811.507001][T15731] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  811.515581][T15731] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  811.529355][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.543908][    T9] usb 1-1: config 0 descriptor??
[  811.549496][ T5891] libceph: connect (1)[c::]:6789 error -101
[  811.566808][T15731] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  811.577145][T15731] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  811.587769][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  812.513171][ T5920] usb 1-1: USB disconnect, device number 52
[  812.526036][T15741] ceph: No mds server is up or the cluster is laggy
[  812.799692][    T9] libceph: connect (1)[c::]:6789 error -101
[  813.032083][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  813.190303][T15757] ceph: No mds server is up or the cluster is laggy
[  813.822182][T10248] libceph: connect (1)[c::]:6789 error -101
[  813.822413][T10248] libceph: mon0 (1)[c::]:6789 connect error
[  814.259589][T15767] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2191'.
[  814.360254][T10248] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  814.762198][T10248] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  814.783051][T10248] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  814.802936][T10248] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  814.818662][T10248] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.828963][T10248] usb 6-1: config 0 descriptor??
[  815.325620][T10248] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  815.593634][T15774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  815.605811][T15774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  815.699019][    T9] usb 6-1: USB disconnect, device number 16
[  815.824087][   T30] audit: type=1400 audit(2000000727.198:719): avc:  denied  { map } for  pid=15792 comm="syz.2.2200" path="/dev/video4" dev="devtmpfs" ino=936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  815.904737][   T30] audit: type=1400 audit(2000000727.278:720): avc:  denied  { read } for  pid=15792 comm="syz.2.2200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  816.083279][T15798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2198'.
[  816.097171][T15798] dummy0: entered promiscuous mode
[  816.425212][T15798] dummy0: left promiscuous mode
[  816.458398][T15800] netlink: 'syz.4.2201': attribute type 1 has an invalid length.
[  816.495791][T15800] 8021q: adding VLAN 0 to HW filter on device bond7
[  816.669293][T15800] bond5: (slave wlan0): Releasing active interface
[  816.717475][T15800] bond7: (slave wlan0): Enslaving as an active interface with a down link
[  817.692699][    T9] libceph: connect (1)[c::]:6789 error -101
[  817.698707][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  818.209508][T10248] libceph: connect (1)[c::]:6789 error -101
[  818.220450][T10248] libceph: mon0 (1)[c::]:6789 connect error
[  818.226651][T15819] ceph: No mds server is up or the cluster is laggy
[  818.280281][    T9] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  818.457336][    T9] usb 5-1: Using ep0 maxpacket: 16
[  818.479570][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11
[  818.502805][    T9] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  818.592134][    T9] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  818.636957][    T9] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 2
[  818.670699][    T9] usb 5-1: config 1 interface 0 has no altsetting 0
[  818.691273][    T9] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  818.709713][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.783774][    T9] ums-sddr09 5-1:1.0: USB Mass Storage device detected
[  819.003558][    T9] scsi host1: usb-storage 5-1:1.0
[  819.339615][T15841] serio: Serial port ttyS3
[  819.534535][T15848] net_ratelimit: 112 callbacks suppressed
[  819.534551][T15848] Set syz0 is full, maxelem 0 reached
[  819.535419][T15848] netlink: 87 bytes leftover after parsing attributes in process `syz.2.2209'.
[  819.571984][T15851] netlink: 996 bytes leftover after parsing attributes in process `syz.3.2210'.
[  819.932895][T15859] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  819.932927][T15859] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  819.933030][T15859] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  819.941315][T15859] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  820.066045][T15860] bridge0: entered promiscuous mode
[  820.066167][T15860] macsec1: entered promiscuous mode
[  820.070734][T15860] bridge0: port 3(macsec1) entered blocking state
[  820.070817][T15860] bridge0: port 3(macsec1) entered disabled state
[  820.070933][T15860] macsec1: entered allmulticast mode
[  820.070947][T15860] bridge0: entered allmulticast mode
[  820.099232][T15860] macsec1: left allmulticast mode
[  820.099259][T15860] bridge0: left allmulticast mode
[  820.103308][   T49] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[  820.146500][T15860] bridge0: left promiscuous mode
[  820.217877][   T49] sd 1:0:0:0: Attached scsi generic sg1 type 0
[  821.101191][T15864] SELinux: failed to load policy
[  822.282142][ T1207] usb 5-1: USB disconnect, device number 70
[  823.229633][T11625] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  823.277938][   T12] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK
[  823.318170][   T12] sd 1:0:0:0: [sdb] Sense not available.
[  823.336730][   T12] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[  823.350943][   T12] sd 1:0:0:0: [sdb] 0-byte physical blocks
[  823.365415][   T12] sd 1:0:0:0: [sdb] Write Protect is off
[  823.382745][   T12] sd 1:0:0:0: [sdb] Asking for cache data failed
[  823.389089][   T12] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[  823.470916][T11625] usb 4-1: Using ep0 maxpacket: 16
[  823.727255][T11625] usb 4-1: device descriptor read/all, error -71
[  823.796126][   T12] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[  824.078662][T15889] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  824.745375][ T7389] udevd[7389]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  825.013270][ T9565] udevd[9565]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  826.420419][ T1207] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  826.916214][T15923] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  826.924594][T15923] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  826.934184][T15923] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  826.942332][T15923] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  826.950215][T10248] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  826.990486][ T1207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  827.007083][ T1207] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  827.034156][T15929] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  827.048349][ T1207] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  827.057674][T15929] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  827.058108][T15930] bridge0: entered promiscuous mode
[  827.066215][T15929] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  827.078990][T15929] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  827.087768][T15930] macsec1: entered promiscuous mode
[  827.185349][T15930] bridge0: port 3(macsec1) entered blocking state
[  827.202123][T10248] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  827.224774][ T1207] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  827.232943][T10248] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  827.254542][T15930] bridge0: port 3(macsec1) entered disabled state
[  827.288610][ T1207] usb 5-1: config 0 descriptor??
[  827.316231][T15930] macsec1: entered allmulticast mode
[  827.323570][T15930] bridge0: entered allmulticast mode
[  827.348936][T15930] macsec1: left allmulticast mode
[  827.354640][T10248] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  827.369204][T15930] bridge0: left allmulticast mode
[  827.374449][T10248] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  827.384411][T15930] bridge0: left promiscuous mode
[  827.421910][T10248] usb 6-1: config 0 descriptor??
[  827.461233][   T10] libceph: connect (1)[c::]:6789 error -101
[  827.467276][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  827.770578][   T10] libceph: connect (1)[c::]:6789 error -101
[  827.777817][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  827.797020][T15936] ceph: No mds server is up or the cluster is laggy
[  828.032109][ T1207] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  828.151947][T15922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  828.160828][T15922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  828.283988][T10248] usbhid 6-1:0.0: can't add hid device: -71
[  828.312361][T15951] fuse: Unknown parameter 'user00000000000000000000'
[  828.319575][T15948] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  828.345354][T10248] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  828.354988][T15914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  828.379419][T15914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  828.431715][T10248] usb 6-1: USB disconnect, device number 17
[  828.443077][ T5891] usb 5-1: USB disconnect, device number 71
[  829.310224][   T10] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  829.562157][   T10] usb 4-1: Using ep0 maxpacket: 32
[  829.730232][   T10] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  829.742913][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.763242][   T10] usb 4-1: Product: syz
[  829.783417][   T10] usb 4-1: Manufacturer: syz
[  829.833822][   T10] usb 4-1: SerialNumber: syz
[  830.139337][   T10] usb 4-1: config 0 descriptor??
[  830.151571][   T10] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  830.182641][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x4
[  830.218757][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x0
[  830.227127][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x0
[  830.308810][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x0
[  830.318219][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x2
[  830.328055][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x0
[  830.337623][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unknown main item tag 0x0
[  830.386221][   T10] gspca_stk1135: reg_w 0x2 err -71
[  830.391488][ T1207] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[  830.429191][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: unexpected long global item
[  830.429201][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  830.429216][   T10] gspca_stk1135: Sensor write failed
[  830.482844][ T5891] hid-generic 0000:007F:FFFFFFFE.0014: probe with driver hid-generic failed with error -22
[  830.514364][T15989] netlink: zone id is out of range
[  830.519736][T15989] netlink: zone id is out of range
[  830.527022][T15989] netlink: zone id is out of range
[  830.532437][T15989] netlink: zone id is out of range
[  830.538594][T15989] netlink: zone id is out of range
[  830.544927][T15989] netlink: zone id is out of range
[  830.550073][T15989] netlink: zone id is out of range
[  830.556083][T15989] netlink: zone id is out of range
[  830.562802][T15989] netlink: zone id is out of range
[  830.572656][T15989] netlink: zone id is out of range
[  830.580646][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  830.589792][   T10] gspca_stk1135: Sensor write failed
[  830.597806][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  830.606620][   T10] gspca_stk1135: Sensor read failed
[  830.614241][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  830.620732][   T10] gspca_stk1135: Sensor read failed
[  830.625941][   T10] gspca_stk1135: Detected sensor type unknown (0x0)
[  830.633104][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  830.644170][T15989] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2243'.
[  830.653290][   T10] gspca_stk1135: Sensor read failed
[  830.660426][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  830.910350][ T1207] usb 6-1: unable to get BOS descriptor or descriptor too short
[  830.918460][ T1207] usb 6-1: too many configurations: 14, using maximum allowed: 8
[  830.981568][   T10] gspca_stk1135: Sensor read failed
[  830.993809][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  831.022029][   T30] audit: type=1400 audit(2000000742.398:721): avc:  denied  { read } for  pid=15995 comm="syz.2.2246" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  831.048706][T15998] fuse: Unknown parameter 'user00000000000000000000'
[  831.057018][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  831.069422][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  831.071109][   T30] audit: type=1400 audit(2000000742.398:722): avc:  denied  { open } for  pid=15995 comm="syz.2.2246" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  831.118961][   T10] gspca_stk1135: Sensor write failed
[  831.283996][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  831.299164][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  831.310197][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  831.319247][   T10] gspca_stk1135: Sensor write failed
[  831.325625][   T10] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  831.411653][   T30] audit: type=1400 audit(2000000742.748:723): avc:  denied  { ioctl } for  pid=15995 comm="syz.2.2246" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  831.555916][T16005] netlink: 137 bytes leftover after parsing attributes in process `syz.2.2246'.
[  831.687388][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  831.703280][   T10] usb 4-1: USB disconnect, device number 49
[  831.722490][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  831.743721][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  831.763534][T16000] syzkaller0: entered promiscuous mode
[  831.769143][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  831.769220][T16000] syzkaller0: entered allmulticast mode
[  831.948115][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  831.963669][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  831.983469][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  832.000167][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  832.024046][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  832.035830][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  832.065070][ T1207] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  832.090971][   T10] usb 4-1: new full-speed USB device number 50 using dummy_hcd
[  832.102092][ T1207] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  832.133266][ T1207] usb 6-1: string descriptor 0 read error: -22
[  832.139826][ T1207] usb 6-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[  832.173355][ T1207] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  832.269763][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  832.287397][   T10] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  832.347070][   T10] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  832.379701][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  832.409326][   T10] usb 4-1: config 0 descriptor??
[  832.508758][   T10] usb 6-1: USB disconnect, device number 18
[  832.750249][ T1207] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  832.812350][   T10] usb 4-1: USB disconnect, device number 50
[  832.920824][ T1207] usb 3-1: Using ep0 maxpacket: 16
[  832.952602][ T1207] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  832.981474][ T1207] usb 3-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config
[  833.013073][T16009] SELinux: failed to load policy
[  833.018099][ T1207] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  833.048201][ T1207] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  833.072019][ T1207] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  833.123478][ T1207] usb 3-1: Product: syz
[  833.147772][ T1207] usb 3-1: Manufacturer: syz
[  833.182033][ T1207] usb 3-1: SerialNumber: syz
[  833.708002][   T30] audit: type=1326 audit(2000000745.078:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  834.359853][ T1207] usb 3-1: 0:2 : does not exist
[  834.364822][   T30] audit: type=1326 audit(2000000745.108:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  834.389007][   T30] audit: type=1326 audit(2000000745.108:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  834.413719][   T30] audit: type=1326 audit(2000000745.118:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  834.438079][   T30] audit: type=1326 audit(2000000745.118:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  834.986379][ T1207] usb 3-1: 1:0: cannot get min/max values for control 4 (id 1)
[  835.157574][ T1207] usb 3-1: USB disconnect, device number 60
[  835.194954][ T9565] udevd[9565]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  835.265446][T16029] netlink: 'syz.5.2254': attribute type 1 has an invalid length.
[  836.909980][T16043] netlink: 'syz.2.2257': attribute type 1 has an invalid length.
[  837.158789][T16048] netlink: 996 bytes leftover after parsing attributes in process `syz.3.2258'.
[  838.071537][T16029] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  838.078768][T16027] bond2: (slave wlan0): Releasing active interface
[  838.290021][T16043] 8021q: adding VLAN 0 to HW filter on device bond6
[  838.308496][T16058] netlink: 'syz.0.2260': attribute type 4 has an invalid length.
[  838.343644][T16044] bond5: (slave wlan0): Releasing active interface
[  838.377107][T16044] bond6: (slave wlan0): Enslaving as an active interface with a down link
[  839.054939][   T30] audit: type=1326 audit(2000000749.828:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16060 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  839.814579][   T30] audit: type=1326 audit(2000000749.828:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16060 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  839.908339][   T30] audit: type=1326 audit(2000000749.838:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16060 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  840.035066][   T30] audit: type=1326 audit(2000000749.838:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16060 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  840.072406][   T30] audit: type=1326 audit(2000000749.838:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16060 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c78eb69 code=0x7ffc0000
[  840.123122][T16077] usb usb1: check_ctrlrecip: process 16077 (syz.4.2267) requesting ep 01 but needs 81
[  840.133873][T16077] usb usb1: usbfs: process 16077 (syz.4.2267) did not claim interface 0 before use
[  840.201519][   T30] audit: type=1326 audit(2000000751.548:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16078 comm="syz.5.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  840.225405][ T5891] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  840.255255][   T30] audit: type=1326 audit(2000000751.548:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16078 comm="syz.5.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  840.288234][   T30] audit: type=1326 audit(2000000751.558:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16078 comm="syz.5.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  840.334714][   T30] audit: type=1326 audit(2000000751.558:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16078 comm="syz.5.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  840.407556][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49634, setting to 1024
[  840.457841][ T5891] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  840.485701][   T30] audit: type=1326 audit(2000000751.568:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16078 comm="syz.5.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f382b58eb69 code=0x7ffc0000
[  840.512833][T11625] usb 5-1: new low-speed USB device number 72 using dummy_hcd
[  840.562227][ T5891] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  840.579176][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.715439][T11625] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  840.731413][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  840.792823][ T5891] usb 4-1: config 0 descriptor??
[  840.845486][T11625] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  840.925175][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  840.976807][T16086] netlink: 996 bytes leftover after parsing attributes in process `syz.0.2269'.
[  841.004168][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  841.098879][T11625] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  841.139278][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  841.199020][T11625] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  841.276366][T16073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  841.297013][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  841.333654][T16073] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  841.393946][ T5891] usbhid 4-1:0.0: can't add hid device: -71
[  841.414438][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  841.494607][ T5891] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  841.703452][T11625] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  841.712040][ T5891] usb 4-1: USB disconnect, device number 51
[  841.718873][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  841.774202][T11625] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  841.810189][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  841.839161][T11625] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  841.854598][T11625] usb 5-1: string descriptor 0 read error: -22
[  841.861360][T11625] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  841.870531][T11625] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.896133][T11625] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  841.900641][   T10] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  842.046397][ T5891] libceph: connect (1)[c::]:6789 error -101
[  842.053787][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  842.105952][   T10] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  842.118979][   T10] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  842.128697][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.144059][T16097] ceph: No mds server is up or the cluster is laggy
[  842.157887][   T10] gspca_main: stv0680-2.14.0 probing 041e:4007
[  842.186710][ T5891] usb 5-1: USB disconnect, device number 72
[  843.200757][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  843.274381][   T10] stv0680 6-1:4.0: STV(e): camera ping failed!!
[  843.282426][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  843.291364][   T10] stv0680 6-1:4.0: last error: 0,  command = 0x0
[  843.299075][   T10] usb 6-1: USB disconnect, device number 19
[  843.642007][T16123] netlink: 'syz.5.2280': attribute type 10 has an invalid length.
[  843.675465][T16123] 8021q: adding VLAN 0 to HW filter on device team0
[  843.696322][T16123] bond0: (slave team0): Enslaving as an active interface with an up link
[  845.100179][   T10] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  845.230205][   T10] usb 5-1: device descriptor read/64, error -71
[  845.280326][ T1207] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  845.643134][ T1207] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  845.681052][ T1207] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  845.730264][   T10] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  845.908353][ T1207] usb 1-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[  845.938856][ T1207] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  845.948524][ T1207] usb 1-1: Product: syz
[  845.952777][ T1207] usb 1-1: Manufacturer: syz
[  845.957365][ T1207] usb 1-1: SerialNumber: syz
[  845.970646][ T1207] usb 1-1: config 0 descriptor??
[  846.060232][   T10] usb 5-1: device descriptor read/64, error -71
[  846.267305][   T10] usb usb5-port1: attempt power cycle
[  846.880914][   T10] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  846.921145][   T10] usb 5-1: device descriptor read/8, error -71
[  846.941886][T11625] libceph: connect (1)[c::]:6789 error -101
[  846.954911][T11625] libceph: mon0 (1)[c::]:6789 connect error
[  847.069797][T16167] ceph: No mds server is up or the cluster is laggy
[  847.779221][T11625] libceph: connect (1)[c::]:6789 error -101
[  847.795245][T10248] usb 1-1: USB disconnect, device number 53
[  847.813878][T11625] libceph: mon0 (1)[c::]:6789 connect error
[  847.843170][   T10] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  849.101628][   T10] usb 5-1: device not accepting address 76, error -71
[  849.116792][   T10] usb usb5-port1: unable to enumerate USB device
[  849.815175][T16194] ptrace attach of "./syz-executor exec"[5844] was attempted by "./syz-executor exec"[16194]
[  850.843721][T16201] FAULT_INJECTION: forcing a failure.
[  850.843721][T16201] name failslab, interval 1, probability 0, space 0, times 0
[  850.843750][T16201] CPU: 0 UID: 0 PID: 16201 Comm: syz.0.2299 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  850.843770][T16201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  850.843781][T16201] Call Trace:
[  850.843787][T16201]  <TASK>
[  850.843793][T16201]  dump_stack_lvl+0x16c/0x1f0
[  850.843821][T16201]  should_fail_ex+0x512/0x640
[  850.843841][T16201]  should_failslab+0xc2/0x120
[  850.843861][T16201]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  850.843879][T16201]  ? skb_clone+0x190/0x3f0
[  850.843906][T16201]  skb_clone+0x190/0x3f0
[  850.843930][T16201]  netlink_deliver_tap+0xabd/0xd30
[  850.843960][T16201]  netlink_unicast+0x71f/0x870
[  850.843988][T16201]  ? __pfx_netlink_unicast+0x10/0x10
[  850.844012][T16201]  ? __pfx_rtm_get_nexthop_bucket+0x10/0x10
[  850.844046][T16201]  netlink_ack+0x696/0xb80
[  850.844078][T16201]  netlink_rcv_skb+0x332/0x420
[  850.844102][T16201]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  850.844129][T16201]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  850.844162][T16201]  ? netlink_deliver_tap+0x1ae/0xd30
[  850.844185][T16201]  netlink_unicast+0x5aa/0x870
[  850.844203][T16201]  ? __pfx_netlink_unicast+0x10/0x10
[  850.844219][T16201]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  850.844240][T16201]  netlink_sendmsg+0x8d1/0xdd0
[  850.844258][T16201]  ? __pfx_netlink_sendmsg+0x10/0x10
[  850.844280][T16201]  ____sys_sendmsg+0xa95/0xc70
[  850.844292][T16201]  ? copy_msghdr_from_user+0x10a/0x160
[  850.844307][T16201]  ? __pfx_____sys_sendmsg+0x10/0x10
[  850.844325][T16201]  ___sys_sendmsg+0x134/0x1d0
[  850.844341][T16201]  ? __pfx____sys_sendmsg+0x10/0x10
[  850.844368][T16201]  ? __mutex_unlock_slowpath+0x100/0x800
[  850.844389][T16201]  __sys_sendmsg+0x16d/0x220
[  850.844405][T16201]  ? __pfx___sys_sendmsg+0x10/0x10
[  850.844429][T16201]  do_syscall_64+0xcd/0x4c0
[  850.844447][T16201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.844458][T16201] RIP: 0033:0x7fef3698eb69
[  850.844467][T16201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.844477][T16201] RSP: 002b:00007fef347f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  850.844487][T16201] RAX: ffffffffffffffda RBX: 00007fef36bb5fa0 RCX: 00007fef3698eb69
[  850.844494][T16201] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[  850.844500][T16201] RBP: 00007fef347f6090 R08: 0000000000000000 R09: 0000000000000000
[  850.844506][T16201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  850.844512][T16201] R13: 0000000000000000 R14: 00007fef36bb5fa0 R15: 00007ffc37a74f48
[  850.844525][T16201]  </TASK>
[  851.810171][   T10] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  852.013442][   T10] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  852.013484][   T10] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  852.013497][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  852.021358][   T10] gspca_main: stv0680-2.14.0 probing 041e:4007
[  852.829411][T16218] syz.3.2302: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  852.829584][T16218] CPU: 0 UID: 0 PID: 16218 Comm: syz.3.2302 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  852.829610][T16218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  852.829622][T16218] Call Trace:
[  852.829629][T16218]  <TASK>
[  852.829636][T16218]  dump_stack_lvl+0x16c/0x1f0
[  852.829671][T16218]  warn_alloc+0x248/0x3a0
[  852.829693][T16218]  ? __pfx_warn_alloc+0x10/0x10
[  852.829712][T16218]  ? __pfx_stack_trace_save+0x10/0x10
[  852.829745][T16218]  ? kasan_save_stack+0x42/0x60
[  852.829763][T16218]  ? kasan_save_stack+0x33/0x60
[  852.829785][T16218]  ? kasan_save_track+0x14/0x30
[  852.829803][T16218]  ? xskq_create+0x52/0x1d0
[  852.829825][T16218]  ? xsk_setsockopt+0x74e/0x9a0
[  852.829846][T16218]  ? do_sock_setsockopt+0xf0/0x1d0
[  852.829866][T16218]  ? xskq_create+0xfb/0x1d0
[  852.829891][T16218]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  852.829928][T16218]  ? xskq_create+0xfb/0x1d0
[  852.829958][T16218]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  852.829994][T16218]  ? xskq_create+0xfb/0x1d0
[  852.830018][T16218]  vmalloc_user_noprof+0x9e/0xe0
[  852.830045][T16218]  ? xskq_create+0xfb/0x1d0
[  852.830073][T16218]  xskq_create+0xfb/0x1d0
[  852.830097][T16218]  xsk_setsockopt+0x74e/0x9a0
[  852.830121][T16218]  ? __pfx_xsk_setsockopt+0x10/0x10
[  852.830143][T16218]  ? find_held_lock+0x2b/0x80
[  852.830172][T16218]  ? selinux_socket_setsockopt+0x6a/0x80
[  852.830195][T16218]  ? __pfx_xsk_setsockopt+0x10/0x10
[  852.830220][T16218]  do_sock_setsockopt+0xf0/0x1d0
[  852.830241][T16218]  __sys_setsockopt+0x1a0/0x230
[  852.830272][T16218]  __x64_sys_setsockopt+0xbd/0x160
[  852.830297][T16218]  ? do_syscall_64+0x91/0x4c0
[  852.830325][T16218]  ? lockdep_hardirqs_on+0x7c/0x110
[  852.830353][T16218]  do_syscall_64+0xcd/0x4c0
[  852.830384][T16218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.830403][T16218] RIP: 0033:0x7ff5f818eb69
[  852.830418][T16218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  852.830435][T16218] RSP: 002b:00007ff5f8f88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  852.830453][T16218] RAX: ffffffffffffffda RBX: 00007ff5f83b6080 RCX: 00007ff5f818eb69
[  852.830466][T16218] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  852.830478][T16218] RBP: 00007ff5f8211df1 R08: 0000000000000004 R09: 0000000000000000
[  852.830489][T16218] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  852.830500][T16218] R13: 0000000000000000 R14: 00007ff5f83b6080 R15: 00007ffee0269588
[  852.830525][T16218]  </TASK>
[  852.830617][T16218] Mem-Info:
[  852.830628][T16218] active_anon:12115 inactive_anon:0 isolated_anon:0
[  852.830628][T16218]  active_file:21910 inactive_file:40895 isolated_file:0
[  852.830628][T16218]  unevictable:768 dirty:539 writeback:0
[  852.830628][T16218]  slab_reclaimable:12280 slab_unreclaimable:103290
[  852.830628][T16218]  mapped:37625 shmem:7113 pagetables:1118
[  852.830628][T16218]  sec_pagetables:0 bounce:0
[  852.830628][T16218]  kernel_misc_reclaimable:0
[  852.830628][T16218]  free:1281459 free_pcp:15479 free_cma:0
[  852.830686][T16218] Node 0 active_anon:48460kB inactive_anon:0kB active_file:87616kB inactive_file:163376kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:150476kB dirty:2156kB writeback:0kB shmem:26916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12456kB pagetables:4320kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  852.830738][T16218] Node 1 active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  852.830866][T16218] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  852.830965][T16218] lowmem_reserve[]: 0 2479 2481 2481 2481
[  852.831084][T16218] Node 0 DMA32 free:1220496kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48444kB inactive_anon:0kB active_file:87616kB inactive_file:162048kB unevictable:1536kB writepending:2156kB present:3129332kB managed:2539452kB mlocked:0kB bounce:0kB free_pcp:42588kB local_pcp:25056kB free_cma:0kB
[  852.831172][T16218] lowmem_reserve[]: 0 0 1 1 1
[  852.831289][T16218] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:4kB free_cma:0kB
[  852.831384][T16218] lowmem_reserve[]: 0 0 0 0 0
[  852.831502][T16218] Node 1 Normal free:3889968kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:19296kB local_pcp:14368kB free_cma:0kB
[  852.831702][T16218] lowmem_reserve[]: 0 0 0 0 0
[  852.831797][T16218] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  852.832127][T16218] Node 0 DMA32: 3834*4kB (UM) 2049*8kB (UME) 756*16kB (UME) 856*32kB (UME) 457*64kB (UME) 107*128kB (UME) 66*256kB (UME) 48*512kB (UME) 28*1024kB (UM) 12*2048kB (UM) 247*4096kB (UM) = 1220592kB
[  852.832608][T16218] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  852.832924][T16218] Node 1 Normal: 234*4kB (UME) 53*8kB (UME) 44*16kB (UME) 259*32kB (UME) 87*64kB (UE) 14*128kB (UME) 4*256kB (UM) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 944*4096kB (ME) = 3889968kB
[  852.833433][T16218] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  852.833471][T16218] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  852.833506][T16218] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  852.833549][T16218] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  852.833585][T16218] 69915 total pagecache pages
[  852.833621][T16218] 0 pages in swap cache
[  852.833630][T16218] Free swap  = 124996kB
[  852.833658][T16218] Total swap = 124996kB
[  852.833695][T16218] 2097051 pages RAM
[  852.833704][T16218] 0 pages HighMem/MovableOnly
[  852.833731][T16218] 430226 pages reserved
[  852.833739][T16218] 0 pages cma reserved
[  853.513787][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  853.513801][   T10] stv0680 1-1:4.0: STV(e): camera ping failed!!
[  853.514312][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  853.514322][   T10] stv0680 1-1:4.0: last error: 0,  command = 0x0
[  853.539481][   T10] usb 1-1: USB disconnect, device number 54
[  853.688721][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  853.688735][   T30] audit: type=1400 audit(2000000765.058:743): avc:  denied  { setattr } for  pid=16219 comm="syz.3.2303" name="NETLINK" dev="sockfs" ino=48780 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  853.921112][    C1] vkms_vblank_simulate: vblank timer overrun
[  854.021243][    C1] vkms_vblank_simulate: vblank timer overrun
[  854.083102][    C1] vkms_vblank_simulate: vblank timer overrun
[  854.111898][    C1] vkms_vblank_simulate: vblank timer overrun
[  854.149890][    C1] vkms_vblank_simulate: vblank timer overrun
[  854.286974][    C1] vkms_vblank_simulate: vblank timer overrun
[  854.422452][    C1] vkms_vblank_simulate: vblank timer overrun
[  856.127761][   T30] audit: type=1326 audit(2000000767.498:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.3.2309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  857.243408][   T30] audit: type=1326 audit(2000000767.498:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.3.2309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  857.435415][   T30] audit: type=1326 audit(2000000767.528:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.3.2309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  857.885371][   T30] audit: type=1326 audit(2000000767.538:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.3.2309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  857.908944][   T30] audit: type=1326 audit(2000000767.538:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.3.2309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5f818eb69 code=0x7ffc0000
[  857.932276][    C0] vkms_vblank_simulate: vblank timer overrun
[  857.974145][T16247] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  857.986308][T16247] F2FS-fs (loop11): Can't find valid F2FS filesystem in 1th superblock
[  858.002379][T16247] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  858.012337][T16247] F2FS-fs (loop11): Can't find valid F2FS filesystem in 2th superblock
[  858.050912][   T10] libceph: connect (1)[c::]:6789 error -101
[  858.059022][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  858.068556][   T10] libceph: connect (1)[c::]:6789 error -101
[  858.095128][T16251] bridge0: entered promiscuous mode
[  858.100592][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  858.109512][T16251] macsec1: entered promiscuous mode
[  858.210830][T16255] ceph: No mds server is up or the cluster is laggy
[  858.322573][T16251] bridge0: port 3(macsec1) entered blocking state
[  858.335361][T16251] bridge0: port 3(macsec1) entered disabled state
[  858.352661][T16251] macsec1: entered allmulticast mode
[  858.358297][T16251] bridge0: entered allmulticast mode
[  859.289626][T16251] macsec1: left allmulticast mode
[  859.440804][T16251] bridge0: left allmulticast mode
[  859.475793][T16251] bridge0: left promiscuous mode
[  859.936404][T16275] netlink: 'syz.0.2317': attribute type 1 has an invalid length.
[  860.010860][    T9] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  860.029865][T16275] 8021q: adding VLAN 0 to HW filter on device bond6
[  860.302235][    T9] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  860.302279][    T9] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  860.302301][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  860.327393][    T9] gspca_main: stv0680-2.14.0 probing 041e:4007
[  860.776911][T16276] bond5: (slave wlan0): Releasing active interface
[  860.779839][T16276] bond6: (slave wlan0): Enslaving as an active interface with a down link
[  860.834527][   T30] audit: type=1400 audit(2000000772.208:749): avc:  denied  { audit_write } for  pid=16288 comm="syz.0.2319" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  860.962462][T16292] net_ratelimit: 112 callbacks suppressed
[  860.962495][T16292] netlink: zone id is out of range
[  860.962561][T16292] netlink: zone id is out of range
[  860.962588][T16292] netlink: zone id is out of range
[  860.962614][T16292] netlink: zone id is out of range
[  860.962639][T16292] netlink: zone id is out of range
[  860.962664][T16292] netlink: zone id is out of range
[  860.962689][T16292] netlink: zone id is out of range
[  860.962718][T16292] netlink: zone id is out of range
[  860.962778][T16292] netlink: zone id is out of range
[  860.962801][T16292] netlink: zone id is out of range
[  861.195155][T16283] ------------[ cut here ]------------
[  861.195226][T16283] WARNING: CPU: 1 PID: 16283 at drivers/gpu/drm/vkms/vkms_crtc.c:97 vkms_get_vblank_timestamp+0x167/0x1b0
[  861.195270][T16283] Modules linked in:
[  861.195319][T16283] CPU: 1 UID: 0 PID: 16283 Comm: syz.3.2316 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  861.195346][T16283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  861.195360][T16283] RIP: 0010:vkms_get_vblank_timestamp+0x167/0x1b0
[  861.195388][T16283] Code: ad fb e8 4c d3 9a fb 4c 89 e1 48 ba 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 11 00 75 43 49 89 04 24 eb c0 e8 9a 77 ad fb 90 <0f> 0b 90 eb b5 e8 cf cb 13 fc e9 dc fe ff ff e8 55 cc 13 fc e9 14
[  861.195411][T16283] RSP: 0018:ffffc90005137050 EFLAGS: 00010283
[  861.195430][T16283] RAX: 0000000000011ba8 RBX: ffff888142740028 RCX: ffffc900151af000
[  861.195445][T16283] RDX: 0000000000080000 RSI: ffffffff860e1b86 RDI: 0000000000000006
[  861.195456][T16283] RBP: 000000c88200c721 R08: 0000000000000006 R09: 000000c88200c721
[  861.195467][T16283] R10: 000000c88200c721 R11: 0000000000000000 R12: ffffc900051371b8
[  861.195480][T16283] R13: 000000c88200c721 R14: 0000000000004e20 R15: ffffffff860e1a20
[  861.195495][T16283] FS:  00007ff5f8f676c0(0000) GS:ffff8881247c6000(0000) knlGS:0000000000000000
[  861.195516][T16283] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  861.195531][T16283] CR2: 00007fff4363f4c8 CR3: 0000000073973000 CR4: 00000000003526f0
[  861.195545][T16283] Call Trace:
[  861.195553][T16283]  <TASK>
[  861.195566][T16283]  drm_crtc_get_last_vbltimestamp+0x105/0x1b0
[  861.195598][T16283]  ? __pfx_drm_crtc_get_last_vbltimestamp+0x10/0x10
[  861.195628][T16283]  ? drm_gem_fb_vmap+0x235/0x4d0
[  861.195652][T16283]  ? kasan_check_range+0x163/0x1b0
[  861.195685][T16283]  drm_crtc_next_vblank_start+0x182/0x300
[  861.195747][T16283]  drm_atomic_helper_wait_for_fences+0x203/0x830
[  861.195779][T16283]  ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10
[  861.195806][T16283]  ? drm_atomic_helper_prepare_planes+0x5aa/0xbb0
[  861.195838][T16283]  drm_atomic_helper_commit+0x1cf/0x380
[  861.195864][T16283]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  861.195891][T16283]  drm_atomic_commit+0x231/0x300
[  861.195917][T16283]  ? __pfx_drm_atomic_commit+0x10/0x10
[  861.195941][T16283]  ? __pfx___drm_printfn_info+0x10/0x10
[  861.195977][T16283]  ? drm_client_rotation+0x4da/0x6a0
[  861.196008][T16283]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  861.196045][T16283]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  861.196071][T16283]  ? __mutex_lock+0x1c4/0x10b0
[  861.196119][T16283]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  861.196159][T16283]  drm_client_modeset_commit_locked+0x14d/0x580
[  861.196190][T16283]  drm_fb_helper_pan_display+0x32d/0xa40
[  861.196223][T16283]  fb_pan_display+0x479/0x7d0
[  861.196250][T16283]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  861.196271][T16283]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  861.196297][T16283]  fb_set_var+0x847/0x1280
[  861.196328][T16283]  ? __pfx_fb_set_var+0x10/0x10
[  861.196380][T16283]  ? __pfx___schedule+0x10/0x10
[  861.196435][T16283]  ? fbcon_switch+0x284/0x14c0
[  861.196460][T16283]  ? fb_videomode_to_var+0x13/0x610
[  861.196494][T16283]  fbcon_switch+0x4dc/0x14c0
[  861.196531][T16283]  ? __pfx_fbcon_switch+0x10/0x10
[  861.196573][T16283]  ? __pfx_bit_cursor+0x10/0x10
[  861.196602][T16283]  ? fbcon_cursor+0x409/0x5f0
[  861.196632][T16283]  ? is_console_locked+0x9/0x20
[  861.196661][T16283]  ? con_is_visible+0x65/0x150
[  861.196689][T16283]  redraw_screen+0x2c1/0x760
[  861.196723][T16283]  ? __pfx_redraw_screen+0x10/0x10
[  861.196753][T16283]  ? fbcon_set_palette+0x401/0x640
[  861.196785][T16283]  fbcon_modechanged+0x456/0x700
[  861.196818][T16283]  fbcon_update_vcs+0x42/0x50
[  861.196848][T16283]  do_fb_ioctl+0x787/0x7e0
[  861.196870][T16283]  ? __pfx_do_fb_ioctl+0x10/0x10
[  861.196906][T16283]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  861.196960][T16283]  ? selinux_file_ioctl+0x180/0x270
[  861.196990][T16283]  fb_ioctl+0xe5/0x150
[  861.197010][T16283]  ? __pfx_fb_ioctl+0x10/0x10
[  861.197031][T16283]  __x64_sys_ioctl+0x18b/0x210
[  861.197064][T16283]  do_syscall_64+0xcd/0x4c0
[  861.197097][T16283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.197118][T16283] RIP: 0033:0x7ff5f818eb69
[  861.197135][T16283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.197155][T16283] RSP: 002b:00007ff5f8f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  861.197176][T16283] RAX: ffffffffffffffda RBX: 00007ff5f83b6160 RCX: 00007ff5f818eb69
[  861.197191][T16283] RDX: 0000200000000380 RSI: 0000000000004601 RDI: 0000000000000005
[  861.197204][T16283] RBP: 00007ff5f8211df1 R08: 0000000000000000 R09: 0000000000000000
[  861.197217][T16283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.197230][T16283] R13: 0000000000000000 R14: 00007ff5f83b6160 R15: 00007ffee0269588
[  861.197259][T16283]  </TASK>
[  861.197270][T16283] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  861.197283][T16283] CPU: 1 UID: 0 PID: 16283 Comm: syz.3.2316 Not tainted 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) 
[  861.197308][T16283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  861.197320][T16283] Call Trace:
[  861.197327][T16283]  <TASK>
[  861.197335][T16283]  dump_stack_lvl+0x3d/0x1f0
[  861.197364][T16283]  vpanic+0x6e8/0x7a0
[  861.197395][T16283]  ? __pfx_vpanic+0x10/0x10
[  861.197431][T16283]  ? vkms_get_vblank_timestamp+0x167/0x1b0
[  861.197454][T16283]  panic+0xca/0xd0
[  861.197482][T16283]  ? __pfx_panic+0x10/0x10
[  861.197524][T16283]  check_panic_on_warn+0xab/0xb0
[  861.197543][T16283]  __warn+0xf6/0x3c0
[  861.197561][T16283]  ? vkms_get_vblank_timestamp+0x167/0x1b0
[  861.197587][T16283]  report_bug+0x3c3/0x580
[  861.197613][T16283]  ? vkms_get_vblank_timestamp+0x167/0x1b0
[  861.197640][T16283]  handle_bug+0x184/0x210
[  861.197659][T16283]  exc_invalid_op+0x17/0x50
[  861.197679][T16283]  asm_exc_invalid_op+0x1a/0x20
[  861.197702][T16283] RIP: 0010:vkms_get_vblank_timestamp+0x167/0x1b0
[  861.197726][T16283] Code: ad fb e8 4c d3 9a fb 4c 89 e1 48 ba 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 11 00 75 43 49 89 04 24 eb c0 e8 9a 77 ad fb 90 <0f> 0b 90 eb b5 e8 cf cb 13 fc e9 dc fe ff ff e8 55 cc 13 fc e9 14
[  861.197744][T16283] RSP: 0018:ffffc90005137050 EFLAGS: 00010283
[  861.197759][T16283] RAX: 0000000000011ba8 RBX: ffff888142740028 RCX: ffffc900151af000
[  861.197772][T16283] RDX: 0000000000080000 RSI: ffffffff860e1b86 RDI: 0000000000000006
[  861.197785][T16283] RBP: 000000c88200c721 R08: 0000000000000006 R09: 000000c88200c721
[  861.197797][T16283] R10: 000000c88200c721 R11: 0000000000000000 R12: ffffc900051371b8
[  861.197809][T16283] R13: 000000c88200c721 R14: 0000000000004e20 R15: ffffffff860e1a20
[  861.197822][T16283]  ? __pfx_vkms_get_vblank_timestamp+0x10/0x10
[  861.197853][T16283]  ? vkms_get_vblank_timestamp+0x166/0x1b0
[  861.197884][T16283]  drm_crtc_get_last_vbltimestamp+0x105/0x1b0
[  861.197916][T16283]  ? __pfx_drm_crtc_get_last_vbltimestamp+0x10/0x10
[  861.197947][T16283]  ? drm_gem_fb_vmap+0x235/0x4d0
[  861.197970][T16283]  ? kasan_check_range+0x163/0x1b0
[  861.197999][T16283]  drm_crtc_next_vblank_start+0x182/0x300
[  861.198030][T16283]  drm_atomic_helper_wait_for_fences+0x203/0x830
[  861.198060][T16283]  ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10
[  861.198084][T16283]  ? drm_atomic_helper_prepare_planes+0x5aa/0xbb0
[  861.198112][T16283]  drm_atomic_helper_commit+0x1cf/0x380
[  861.198136][T16283]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  861.198160][T16283]  drm_atomic_commit+0x231/0x300
[  861.198183][T16283]  ? __pfx_drm_atomic_commit+0x10/0x10
[  861.198206][T16283]  ? __pfx___drm_printfn_info+0x10/0x10
[  861.198238][T16283]  ? drm_client_rotation+0x4da/0x6a0
[  861.198266][T16283]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  861.198300][T16283]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  861.198324][T16283]  ? __mutex_lock+0x1c4/0x10b0
[  861.198369][T16283]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  861.198408][T16283]  drm_client_modeset_commit_locked+0x14d/0x580
[  861.198437][T16283]  drm_fb_helper_pan_display+0x32d/0xa40
[  861.198467][T16283]  fb_pan_display+0x479/0x7d0
[  861.198493][T16283]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  861.198513][T16283]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  861.198538][T16283]  fb_set_var+0x847/0x1280
[  861.198568][T16283]  ? __pfx_fb_set_var+0x10/0x10
[  861.198618][T16283]  ? __pfx___schedule+0x10/0x10
[  861.198671][T16283]  ? fbcon_switch+0x284/0x14c0
[  861.198701][T16283]  ? fb_videomode_to_var+0x13/0x610
[  861.198734][T16283]  fbcon_switch+0x4dc/0x14c0
[  861.198769][T16283]  ? __pfx_fbcon_switch+0x10/0x10
[  861.198810][T16283]  ? __pfx_bit_cursor+0x10/0x10
[  861.198838][T16283]  ? fbcon_cursor+0x409/0x5f0
[  861.198866][T16283]  ? is_console_locked+0x9/0x20
[  861.198894][T16283]  ? con_is_visible+0x65/0x150
[  861.198920][T16283]  redraw_screen+0x2c1/0x760
[  861.198949][T16283]  ? __pfx_redraw_screen+0x10/0x10
[  861.198978][T16283]  ? fbcon_set_palette+0x401/0x640
[  861.199008][T16283]  fbcon_modechanged+0x456/0x700
[  861.199040][T16283]  fbcon_update_vcs+0x42/0x50
[  861.199067][T16283]  do_fb_ioctl+0x787/0x7e0
[  861.199089][T16283]  ? __pfx_do_fb_ioctl+0x10/0x10
[  861.199122][T16283]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  861.199173][T16283]  ? selinux_file_ioctl+0x180/0x270
[  861.199203][T16283]  fb_ioctl+0xe5/0x150
[  861.199221][T16283]  ? __pfx_fb_ioctl+0x10/0x10
[  861.199242][T16283]  __x64_sys_ioctl+0x18b/0x210
[  861.199274][T16283]  do_syscall_64+0xcd/0x4c0
[  861.199305][T16283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.199324][T16283] RIP: 0033:0x7ff5f818eb69
[  861.199339][T16283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.199357][T16283] RSP: 002b:00007ff5f8f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  861.199375][T16283] RAX: ffffffffffffffda RBX: 00007ff5f83b6160 RCX: 00007ff5f818eb69
[  861.199388][T16283] RDX: 0000200000000380 RSI: 0000000000004601 RDI: 0000000000000005
[  861.199400][T16283] RBP: 00007ff5f8211df1 R08: 0000000000000000 R09: 0000000000000000
[  861.199412][T16283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.199424][T16283] R13: 0000000000000000 R14: 00007ff5f83b6160 R15: 00007ffee0269588
[  861.199451][T16283]  </TASK>
[  861.199638][T16283] Kernel Offset: disabled