last executing test programs:

25m34.642382496s ago: executing program 32 (id=1163):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect$printer(0x5, 0x2d, &(0x7f0000000240)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x8, 0xa0, 0xbd, [{{0x9, 0x4, 0x0, 0xff, 0x2, 0x7, 0x1, 0x2, 0xe, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x0, 0xf, 0xd}}}}}]}}]}}, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='H\x00\x00\x00\n'], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

24m39.237195676s ago: executing program 4 (id=1458):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x900)
recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)=""/212, 0xd4}], 0x1, 0x0, 0xff6f}, 0x3ff}], 0x4000300, 0x2, 0x0)

24m38.046718006s ago: executing program 4 (id=1459):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fbdbdf252100000008000300", @ANYRES32=r1, @ANYBLOB="04002c"], 0x20}, 0x1, 0x0, 0x0, 0x20}, 0x0)

24m37.865708439s ago: executing program 4 (id=1462):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0100000004000000040000000800000000"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000000)={'veth0_vlan\x00', &(0x7f00000001c0)=@ethtool_dump={0x3e, 0x0, 0x6}})

24m34.031874351s ago: executing program 4 (id=1476):
syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
exit(0x5)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r0, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x4e20, @broadcast}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_buf(r3, 0x107, 0xb, &(0x7f0000000100)=""/41, &(0x7f0000000180)=0x29)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

24m33.004666936s ago: executing program 4 (id=1483):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000009c0)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000340)=""/49, 0x31}, {&(0x7f0000000440)=""/187, 0xbb}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}, {&(0x7f0000000900)=""/172, 0xac}], 0x5, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r3 = io_uring_setup(0xd71, &(0x7f0000000580)={0x0, 0x78ba, 0x2, 0x2, 0x3d6})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

24m32.682501245s ago: executing program 4 (id=1484):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x33, 0x301, 0x270bd26, 0x25dfdbfc, {0x3, 0x0, 0x4000}}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x80c0}, 0x8004)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x800)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x5608, 0x3)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)

24m32.503822208s ago: executing program 33 (id=1484):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x33, 0x301, 0x270bd26, 0x25dfdbfc, {0x3, 0x0, 0x4000}}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x80c0}, 0x8004)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x800)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x5608, 0x3)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)

23m21.69851765s ago: executing program 6 (id=1779):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[], 0x180}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000280)='f2fs_update_extent_tree_range\x00', r5}, 0x18)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

23m20.67768135s ago: executing program 6 (id=1782):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2002, 0x3b9}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)

23m20.407771661s ago: executing program 6 (id=1783):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001a00000a8500000007000000c50000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[], 0xe)

23m19.657026841s ago: executing program 6 (id=1788):
syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
exit(0x5)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r0, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x4e20, @broadcast}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_buf(r3, 0x107, 0xb, &(0x7f0000000100)=""/41, &(0x7f0000000180)=0x29)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)

23m18.692721139s ago: executing program 6 (id=1792):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x900)
recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)=""/212, 0xd4}], 0x1, 0x0, 0xff6f}, 0x3ff}], 0x4000300, 0x2, 0x0)

23m17.673134246s ago: executing program 6 (id=1795):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x3}}, @decl_tag={0x2, 0x0, 0x0, 0x11, 0x2}, @volatile={0x7, 0x0, 0x0, 0x9, 0x2}]}, {0x0, [0x6f]}}, &(0x7f0000000340)=""/188, 0x4f, 0xbc, 0x0, 0x9, 0x10000, @value=r4}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0xe, 0x5, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

23m16.731333155s ago: executing program 34 (id=1795):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x3}}, @decl_tag={0x2, 0x0, 0x0, 0x11, 0x2}, @volatile={0x7, 0x0, 0x0, 0x9, 0x2}]}, {0x0, [0x6f]}}, &(0x7f0000000340)=""/188, 0x4f, 0xbc, 0x0, 0x9, 0x10000, @value=r4}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0xe, 0x5, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

15m3.635523921s ago: executing program 7 (id=3741):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000005b574e69622bf85eda07b3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000400)={0x0, 0x31, 0x81, "fea6e7361b5cb7de165356c5b23395325a1da08a4c7dcce6d42fcd346bbe9a967763103688184a959ca03d078be997757933676165f78e4d7593204b6d660ae869639f1b9bdbc4803d0f0eb4a4df8b962639fd37ab46feebe110cb27f7518773e1669be6cc3994827ea01032a337d7451209ecfca6f0ac92336b08ceb01f4b3690"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x40, 0x1c, 0x1, 0xe4}, 0x0, 0x0})
ioctl$HIDIOCGUCODE(r1, 0xc018480d, 0x0)

15m0.283704437s ago: executing program 7 (id=3750):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r7}], 0x1, 0x0, 0x0, 0x0)
close(r5)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090c00000000006ba3ddcf2d27a044a8650b0ee8d000000000eaff0200170000205dddfdcac0cf3a141400000000000000000002000100000400000000000000fffffb030007000000000002000000ac1e000100000000000000000200"], 0x60}}, 0x0)

14m56.939690083s ago: executing program 7 (id=3761):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b0400000000000000000200000044000480400001800a0001006d6174636800000030000280"], 0x98}}, 0x4048010)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000200)={0x10000802, 0x0, 0x40000, 0x40000}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x5, 0x1, 0xfff, 0x5, @dev={0xfe, 0x80, '\x00', 0xf}, @empty, 0x40, 0x0, 0x19, 0x801}})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000206050800000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800064000000000050005000000000005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0)
socket$kcm(0x11, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000580)={&(0x7f00000006c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x4}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2d}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_DESC={0x20, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x1c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x90}, 0x1, 0x0, 0x0, 0x20014840}, 0xc010)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

14m56.729099756s ago: executing program 7 (id=3763):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
utime(&(0x7f0000000000)='./file0\x00', 0x0)
rmdir(0x0)

14m55.757562014s ago: executing program 7 (id=3765):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

14m55.604105387s ago: executing program 7 (id=3767):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getresgid(0x0, &(0x7f0000000180), &(0x7f00000016c0))
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
flistxattr(r3, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'sit0\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r4})

14m55.514451156s ago: executing program 0 (id=3768):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="63b95fb1d30fd68f835b2dd5c30ec994cbe6b22567ead43adb00d8cc0d47acf2842e8006573f54bf6c8e1895536e04675a60f5f1973a405f52b7b2f4d2b423abaf1acc3738980b60b6ac09d247a5e56af87dee2e056d32e213b6999f79a1032333f54eb4b2524148a7ed0960742b8ad88be4526b22429d40e77b070737864fa053932476645a1446a037ac2a2def8a951896d6a36c211c843bcbf3a1035b2e608990"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

14m54.557472588s ago: executing program 0 (id=3772):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
creat(&(0x7f0000001380)='./file0\x00', 0x0)

14m54.427991953s ago: executing program 0 (id=3774):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r0 = getpid()
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000580)=ANY=[], 0x20e)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x20)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x3, 0x1000000000000000, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x2, 0x100000000004}, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000080)=0x2c, &(0x7f00000000c0)=0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r6, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005"], 0xe4}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

14m53.48906586s ago: executing program 0 (id=3778):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="12000000120001000200000000000000100000000c00001700000000000000000f10"], 0x30}], 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

14m52.754830635s ago: executing program 0 (id=3780):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

14m52.715470997s ago: executing program 0 (id=3781):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x3}}, @decl_tag={0x2, 0x0, 0x0, 0x11, 0x2}]}, {0x0, [0x6f]}}, 0x0, 0x43, 0x0, 0x0, 0x9, 0x10000, @value=r2}, 0x28)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xac, 0xac, 0xa, [@restrict={0xc, 0x0, 0x0, 0xb, 0x3}, @float={0x10, 0x0, 0x0, 0x10, 0x2}, @union={0xd, 0x7, 0x0, 0x5, 0x1, 0x1, [{0xf, 0x5, 0x10001}, {0xc, 0x0, 0x3}, {0xe, 0x2, 0x9}, {0x2, 0x0, 0x40}, {0x9, 0x0, 0xe81}, {0x3, 0x4, 0x19}, {0x0, 0x3, 0x5}]}, @enum64={0x6, 0x1, 0x0, 0x13, 0x1, 0xe, [{0x7, 0x2, 0x2}]}, @const={0x3, 0x0, 0x0, 0xa, 0x5}, @decl_tag={0xa, 0x0, 0x0, 0x11, 0x5, 0x8}]}, {0x0, [0x5f, 0x71, 0x5f, 0x5f, 0x61, 0x30, 0x5f, 0x30]}}, 0x0, 0xce, 0x0, 0x0, 0xffff, 0x10000, @value=r2}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

14m40.523409548s ago: executing program 35 (id=3767):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getresgid(0x0, &(0x7f0000000180), &(0x7f00000016c0))
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
flistxattr(r3, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'sit0\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r4})

14m37.400399503s ago: executing program 36 (id=3781):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x3}}, @decl_tag={0x2, 0x0, 0x0, 0x11, 0x2}]}, {0x0, [0x6f]}}, 0x0, 0x43, 0x0, 0x0, 0x9, 0x10000, @value=r2}, 0x28)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xac, 0xac, 0xa, [@restrict={0xc, 0x0, 0x0, 0xb, 0x3}, @float={0x10, 0x0, 0x0, 0x10, 0x2}, @union={0xd, 0x7, 0x0, 0x5, 0x1, 0x1, [{0xf, 0x5, 0x10001}, {0xc, 0x0, 0x3}, {0xe, 0x2, 0x9}, {0x2, 0x0, 0x40}, {0x9, 0x0, 0xe81}, {0x3, 0x4, 0x19}, {0x0, 0x3, 0x5}]}, @enum64={0x6, 0x1, 0x0, 0x13, 0x1, 0xe, [{0x7, 0x2, 0x2}]}, @const={0x3, 0x0, 0x0, 0xa, 0x5}, @decl_tag={0xa, 0x0, 0x0, 0x11, 0x5, 0x8}]}, {0x0, [0x5f, 0x71, 0x5f, 0x5f, 0x61, 0x30, 0x5f, 0x30]}}, 0x0, 0xce, 0x0, 0x0, 0xffff, 0x10000, @value=r2}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12m45.76217862s ago: executing program 3 (id=4095):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
close(r5)
close_range(r4, 0xffffffffffffffff, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090c00000000006ba3ddcf2d27a044a8650b0ee8d000000000eaff0200170000205dddfdcac0cf3a141400000000000000000002000100000400000000000000fffffb030007000000000002000000ac1e000100000000000000000200"], 0x60}}, 0x0)

12m44.706394616s ago: executing program 3 (id=4097):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a000000020000", 0x7)
recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000840)=""/163, 0xa3}, {&(0x7f0000001c40)=""/4074, 0xfea}, {&(0x7f0000000980)=""/202, 0xca}], 0x3}, 0x6}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000340)=""/242, 0xf2}, {&(0x7f0000000540)=""/89, 0x59}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000b40)=""/252, 0xfc}, {&(0x7f0000000c40)=""/199, 0xc7}], 0x7}}, {{0x0, 0x0, 0x0}, 0x27}], 0x5, 0x20, 0x0)

12m43.443383157s ago: executing program 3 (id=4100):
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10)
syz_usb_connect(0x0, 0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000f3c7c820da059a009562010203010902340001000000000904920003"], 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001400), 0x0, 0x2004c050)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000200)={0x800, r1})
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, 0x0, &(0x7f00000000c0))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = epoll_create1(0x0)
epoll_pwait(r2, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffff3, 0x0, 0x0)

12m38.026438679s ago: executing program 3 (id=4114):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0x5, 0x1ff, 0x5})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, 0x0)
dup(r2)
close_range(r0, 0xffffffffffffffff, 0x0)

12m37.960293492s ago: executing program 3 (id=4115):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

12m37.752291627s ago: executing program 3 (id=4118):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000c5008005000100000000f8e5543d", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
keyctl$clear(0x5, 0xffffffffffffffff)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
syz_usb_connect(0x6, 0x75, &(0x7f0000000780)=ANY=[], &(0x7f0000000280)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x9, 0x2, 0xf4, 0x20, 0x93}, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x8400, 0x0)
prlimit64(r2, 0x7, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
write$P9_RSTATu(r5, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40186f40, &(0x7f0000000440)=0x1f)
setns(r1, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', 0xffffffffffffffff, 0x0, 0x10000004}, 0x18)

12m22.198186567s ago: executing program 37 (id=4118):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000c5008005000100000000f8e5543d", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
keyctl$clear(0x5, 0xffffffffffffffff)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
syz_usb_connect(0x6, 0x75, &(0x7f0000000780)=ANY=[], &(0x7f0000000280)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x9, 0x2, 0xf4, 0x20, 0x93}, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x8400, 0x0)
prlimit64(r2, 0x7, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
write$P9_RSTATu(r5, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40186f40, &(0x7f0000000440)=0x1f)
setns(r1, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', 0xffffffffffffffff, 0x0, 0x10000004}, 0x18)

30.928962024s ago: executing program 2 (id=5846):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
unshare(0x2c020400)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)={0x10000000})
signalfd4(r0, &(0x7f0000000180), 0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r2, 0x2, &(0x7f00000000c0)={0x1, 0x2}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_MARK={0x8}]}, {0xfffffffffffffe4b}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0xf, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f00000007c0)=@newtclass={0x104, 0x28, 0x400, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x2}, {0x0, 0x10}, {0x7, 0xfff2}}, [@tclass_kind_options=@c_fq_codel={0xd}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_hfsc={{0x9}, {0x74, 0x2, [@TCA_HFSC_RSC={0x10, 0x1, {0x3, 0x6, 0x7}}, @TCA_HFSC_USC={0x10, 0x3, {0xffffffff, 0xffff, 0x5}}, @TCA_HFSC_RSC={0x10, 0x1, {0x80, 0x4420f45e, 0x800}}, @TCA_HFSC_RSC={0x10, 0x1, {0x9, 0x8, 0xa00000}}, @TCA_HFSC_RSC={0x10, 0x1, {0x40, 0xff, 0xfffffff9}}, @TCA_HFSC_FSC={0x10, 0x2, {0x3, 0x10, 0x6}}, @TCA_HFSC_USC={0x10, 0x3, {0x7, 0x7a3, 0xfa}}]}}, @TCA_RATE={0x6, 0x5, {0x27, 0x9}}, @tclass_kind_options=@c_multiq={0xb}, @tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0xe}}}, @TCA_RATE={0x6, 0x5, {0x4, 0x8}}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_tbf={0x8}]}, 0x104}, 0x1, 0x0, 0x0, 0x4040}, 0x1)

30.265635469s ago: executing program 2 (id=5848):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$netlink(0x10, 0x3, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)

28.5892054s ago: executing program 2 (id=5851):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="63b95fb1d30fd68f835b2dd5c30ec994cbe6b22567ead43adb00d8cc0d47acf2842e8006573f54bf6c8e1895536e04675a60f5f1973a405f52b7b2f4d2b423abaf1acc3738980b60b6ac09d247a5e56af87dee2e056d32e213b6999f79a1032333f54eb4b2524148a7ed0960742b8ad88be4526b22429d40e77b070737864fa053932476645a1446a037ac2a2def8a951896d6a36c211c84"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

26.540569525s ago: executing program 2 (id=5856):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x2, 0x6e, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
socket$packet(0x11, 0xa, 0x300)
r3 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r3, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x6c, &(0x7f0000000140)=ANY=[], 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fcntl$setlease(r6, 0x400, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))

25.307259089s ago: executing program 2 (id=5859):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008040)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r3, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5)
writev(r3, 0x0, 0x0)
shutdown(r3, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
clock_gettime(0x0, &(0x7f0000000380))

22.963907242s ago: executing program 2 (id=5868):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x3b3c03, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
semget$private(0x0, 0x6, 0x0)
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
tee(r1, r2, 0xfffffffffffffc01, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r3, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x14)
connect$802154_dgram(r3, &(0x7f000000b900)={0x24, @none={0x0, 0xffff}}, 0x14)

14.121014959s ago: executing program 8 (id=5893):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r0 = getpid()
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_pidfd_open(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x3, 0x1000000000000000, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0x0, 0x0)

13.099354752s ago: executing program 8 (id=5895):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x18)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRES16], 0x48)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r6}, 0x18)
r7 = gettid()
rt_sigqueueinfo(r7, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r8, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$pppl2tp(r3, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x8, 0x0, 0xfffe, 0x0, {0xa, 0x4e20, 0x0, @local, 0x400000}}}, 0x32)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='mountinfo\x00')

12.133260452s ago: executing program 8 (id=5897):
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000001740)=@multiplanar_fd={0x33b114d4, 0x4, 0x4, 0x1002, 0x6, {0x0, 0x2710}, {0x1, 0xd, 0x7, 0x0, 0x8, 0x8, "79e0ce6d"}, 0x81, 0x4, {&(0x7f0000001600)=[{0x35, 0xf3, {}, 0x1}, {0x7, 0x8, {}, 0x2}]}, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000008)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000013c0), 0x210000, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, 0x0, &(0x7f00000001c0))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000012c0)=@IORING_OP_SHUTDOWN={0x22, 0x22, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r2 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
pread64(r1, &(0x7f0000000280)=""/57, 0x39, 0xc)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
ftruncate(r4, 0x2007ffb)
lseek(r4, 0x0, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r5, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)

11.468033069s ago: executing program 5 (id=5900):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)

10.231746953s ago: executing program 1 (id=5902):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r6, &(0x7f00000021c0)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000000040)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r6, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
close(r6)
close_range(r5, 0xffffffffffffffff, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090c00000000006ba3ddcf2d27a044a8650b0ee8d000000000eaff0200170000205dddfdcac0cf3a141400000000000000000002000100000400000000000000fffffb030007000000000002000000ac1e000100000000000000000200"], 0x60}}, 0x0)

9.197666187s ago: executing program 1 (id=5904):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB, @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r7}], 0x1, 0x0, 0x0, 0x0)
close(r5)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090c00000000006ba3ddcf2d27a044a8650b0ee8d000000000eaff0200170000205dddfdcac0cf3a141400000000000000000002000100000400000000000000fffffb030007000000000002000000ac1e000100000000000000000200"], 0x60}}, 0x0)

9.108526552s ago: executing program 9 (id=5905):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000c00000004000000010000840203000000000000030000000000000000000000000000010500000020000000000000000000000b02000000006100302e"], 0x0, 0x58}, 0x28)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000001040)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x12, 0x600, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "0000000000000019b5115c2aee68d23a465cd431e150c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baeb8989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b500", 0x2}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r8, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r9 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r9, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
close(r6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x2, 0xf, 0x8, 0x0, 0x14, 0x0, 0x2, 0x25dfdbfe, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e20, 0xe, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x19}}, 0x9}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x32, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@dev={0xfe, 0x80, '\x00', 0x18}}}, @sadb_address={0x5, 0x6, 0x0, 0x20, 0x0, @in6={0xa, 0x4e21, 0xe28, @rand_addr=' \x01\x00', 0x9}}]}, 0xa0}}, 0x0)

9.002756759s ago: executing program 5 (id=5906):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008040)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x900}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r3, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5)
writev(r3, 0x0, 0x0)
shutdown(r3, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
clock_gettime(0x0, &(0x7f0000000380))

7.857983917s ago: executing program 1 (id=5907):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x18)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRES16], 0x48)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r6}, 0x18)
r7 = gettid()
rt_sigqueueinfo(r7, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r8, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
connect$pppl2tp(r3, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x8, 0x0, 0xfffe, 0x0, {0xa, 0x4e20, 0x0, @local, 0x400000}}}, 0x32)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='mountinfo\x00')

7.851219808s ago: executing program 9 (id=5908):
syz_open_dev$video4linux(&(0x7f0000000000), 0x3fe, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000080), 0x34, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f00000002c0))
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000100)=<r5=>0xffffffffffffffff)
ioctl$MEDIA_REQUEST_IOC_QUEUE(r5, 0x7c80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)

6.576957997s ago: executing program 9 (id=5909):
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
pipe(0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0xd0fb1000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = epoll_create1(0x0)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x3, 0x0, &(0x7f0000044000))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r6}, 0x10)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRESOCT=r1, @ANYRESDEC=r6], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x18)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="300000002e00030500000000000000", @ANYRES32, @ANYBLOB="87b5c50bac7c1bd0475868f5165a301c9799bf5f197bfdb259d2b3935ac6a4607286ac7ecac914e171e2647200"], 0x30}], 0x1}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000000)={0x90000001})

6.56696741s ago: executing program 1 (id=5910):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

5.141455959s ago: executing program 8 (id=5911):
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
io_uring_setup(0x6c27, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getrlimit(0xa, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
sendmmsg(0xffffffffffffffff, &(0x7f00000059c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4821)

5.053286267s ago: executing program 9 (id=5912):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000b80)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)='v', 0xf4240}], 0x1}], 0x1, 0x8004)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$usbfs(0x0, 0x200800000800078, 0x80501)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x500000, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80383, 0x0)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f00000000c0)={0x9, 0x102, 0x0, {0x400e802, 0x81, 0xfffffff7, 0xfff}})

4.157559841s ago: executing program 5 (id=5913):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x18)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRES16], 0x48)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r6}, 0x18)
r7 = gettid()
rt_sigqueueinfo(r7, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r8, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
connect$pppl2tp(r3, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x8, 0x0, 0xfffe, 0x0, {0xa, 0x4e20, 0x0, @local, 0x400000}}}, 0x32)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='mountinfo\x00')

3.362419648s ago: executing program 1 (id=5914):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = dup(0xffffffffffffffff)
read$FUSE(r3, &(0x7f0000019300)={0x2020}, 0x2020)
sendfile(0xffffffffffffffff, r3, 0x0, 0x80006)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, &(0x7f00000019c0)={&(0x7f0000000400)=@vsock={0x28, 0x0, 0xffffffff}, 0x80, 0x0}, 0x20040010)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})

3.076061638s ago: executing program 5 (id=5915):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a000000020000", 0x7)
recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000840)=""/163, 0xa3}, {&(0x7f0000001c40)=""/4074, 0xfea}, {&(0x7f0000000980)=""/202, 0xca}], 0x3}, 0x6}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000340)=""/242, 0xf2}, {&(0x7f0000000540)=""/89, 0x59}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000b40)=""/252, 0xfc}, {0x0}], 0x7}}, {{0x0, 0x0, 0x0}, 0x27}], 0x5, 0x20, 0x0)

2.662871998s ago: executing program 1 (id=5916):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000000000040f30454070000000000010902240001000040b1090400000103000100092101010001220500090581"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000080)={0x0, 0x6, 0x9, {0x9, 0x11, "46ff4490d70a1e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2)
ioctl$HIDIOCGRAWPHYS(r1, 0x80404805, &(0x7f0000000100))

2.177534795s ago: executing program 8 (id=5917):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r7}], 0x1, 0x0, 0x0, 0x0)
close(r5)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090c00000000006ba3ddcf2d27a044a8650b0ee8d000000000eaff0200170000205dddfdcac0cf3a141400000000000000000002000100000400000000000000fffffb030007000000000002000000ac1e000100000000000000000200"], 0x60}}, 0x0)

1.92873768s ago: executing program 5 (id=5918):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r3, 0x4000)
close(r3)

1.005053859s ago: executing program 9 (id=5919):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6092c01f00082f00fe8000000000000000000000000000bb00"], 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000280), 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)

915.101311ms ago: executing program 8 (id=5920):
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000001740)=@multiplanar_fd={0x33b114d4, 0x4, 0x4, 0x1002, 0x6, {0x0, 0x2710}, {0x1, 0xd, 0x7, 0x0, 0x8, 0x8, "79e0ce6d"}, 0x81, 0x4, {&(0x7f0000001600)=[{0x35, 0xf3, {}, 0x1}, {0x7, 0x8, {}, 0x2}]}, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000008)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000013c0), 0x210000, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, 0x0, &(0x7f00000001c0))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000012c0)=@IORING_OP_SHUTDOWN={0x22, 0x22, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r2 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
pread64(r1, &(0x7f0000000280)=""/57, 0x39, 0xc)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
ftruncate(r4, 0x2007ffb)
lseek(r4, 0x0, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r5, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)

731.764472ms ago: executing program 5 (id=5921):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0)
r4 = dup(r3)
read$FUSE(r4, &(0x7f0000019300)={0x2020}, 0x2020)
sendfile(r3, r4, 0x0, 0x80006)

0s ago: executing program 9 (id=5922):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x81c0, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000180)={0x4000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4, 0x0, 0x8}, 0x18)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000080)=0x3)
landlock_restrict_self(r0, 0x0)

kernel console output (not intermixed with test programs):

netlink: 4 bytes leftover after parsing attributes in process `syz.1.4770'.
[ 1586.484280][T22650] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4771'.
[ 1586.644789][T22656] openvswitch: netlink: Flow key attr not present in new flow.
[ 1588.262451][T22666] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4775'.
[ 1592.443080][T22692] openvswitch: netlink: Flow key attr not present in new flow.
[ 1593.971890][ T5931] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1594.252076][ T5931] usb 9-1: Using ep0 maxpacket: 8
[ 1594.266990][ T5931] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[ 1594.278543][ T5931] usb 9-1: config 0 has no interface number 0
[ 1594.373462][T22714] /dev/nullb0: Can't open blockdev
[ 1595.124276][ T5931] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1595.159910][ T5931] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1595.187141][ T5931] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1595.200404][ T5931] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1595.218541][ T5931] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1595.229650][ T5931] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1595.278161][ T5931] usb 9-1: config 0 descriptor??
[ 1595.316924][ T5931] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1595.368508][   T30] kauditd_printk_skb: 26 callbacks suppressed
[ 1595.368524][   T30] audit: type=1326 audit(1751600338.576:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1595.520246][ T5931] usb 9-1: USB disconnect, device number 23
[ 1595.549383][   T30] audit: type=1326 audit(1751600338.576:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1595.988111][ T5931] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[ 1596.007093][   T30] audit: type=1326 audit(1751600338.576:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1596.093736][   T30] audit: type=1326 audit(1751600338.576:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1596.117691][   T30] audit: type=1326 audit(1751600338.576:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1596.149597][   T30] audit: type=1326 audit(1751600338.576:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1596.174254][   T30] audit: type=1326 audit(1751600338.576:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1596.209254][   T30] audit: type=1326 audit(1751600338.576:2839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1597.205667][   T30] audit: type=1326 audit(1751600338.576:2840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1597.231799][   T30] audit: type=1326 audit(1751600338.576:2841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22715 comm="syz.5.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1600.128494][T22749] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4797'.
[ 1600.976985][T22751] overlayfs: overlapping lowerdir path
[ 1601.065665][T22754] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1601.222917][T22741] syz.1.4795 (22741): drop_caches: 3
[ 1601.253766][T22760] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1601.652013][ T5931] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1601.832095][ T5931] usb 2-1: Using ep0 maxpacket: 8
[ 1601.841665][ T5931] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1601.856510][ T5931] usb 2-1: config 0 has no interface number 0
[ 1601.880574][ T5931] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1601.906259][ T5931] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1601.946942][ T5931] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1601.970257][ T5931] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1602.029651][ T5931] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1602.073850][ T5931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1602.112750][ T5931] usb 2-1: config 0 descriptor??
[ 1602.146308][ T5931] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1604.371647][T18892] usb 2-1: USB disconnect, device number 37
[ 1604.752116][T18892] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[ 1605.535982][T22790] syz.2.4808 (22790): drop_caches: 2
[ 1605.575981][T22790] syz.2.4808 (22790): drop_caches: 2
[ 1606.631510][T22794] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1607.281454][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.338251][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1609.984744][T22822] openvswitch: netlink: Flow key attr not present in new flow.
[ 1610.446359][T22816] syz.1.4814 (22816): drop_caches: 3
[ 1610.471923][ T5824] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1610.738725][ T5824] usb 3-1: device descriptor read/64, error -71
[ 1610.794386][T22828] syz.8.4817 (22828): drop_caches: 2
[ 1610.812148][T22828] syz.8.4817 (22828): drop_caches: 2
[ 1611.352206][ T5824] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1611.721822][ T5824] usb 3-1: device descriptor read/64, error -71
[ 1612.612217][ T5824] usb usb3-port1: attempt power cycle
[ 1613.797516][T22850] syz.5.4823 (22850): drop_caches: 2
[ 1613.811812][T22850] syz.5.4823 (22850): drop_caches: 2
[ 1615.124966][   T30] kauditd_printk_skb: 26 callbacks suppressed
[ 1615.124984][   T30] audit: type=1800 audit(1751600357.986:2868): pid=22862 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.4826" name="bus" dev="overlay" ino=2213 res=0 errno=0
[ 1616.007468][T22869] overlayfs: overlapping lowerdir path
[ 1617.029812][   T30] audit: type=1800 audit(1751600359.376:2869): pid=22873 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.4829" name="bus" dev="overlay" ino=2227 res=0 errno=0
[ 1617.089725][T22869] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1617.712170][T22884] syz.9.4833 (22884): drop_caches: 2
[ 1617.723790][T22884] syz.9.4833 (22884): drop_caches: 2
[ 1619.420192][T22897] openvswitch: netlink: Flow key attr not present in new flow.
[ 1620.392005][ T5931] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 1620.552059][ T5931] usb 6-1: Using ep0 maxpacket: 32
[ 1620.582772][ T5931] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1620.701608][ T5931] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1620.837730][ T5931] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1620.979331][ T5931] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[ 1621.148925][ T5931] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1621.158808][ T5931] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1621.169417][ T5931] usb 6-1: config 0 descriptor??
[ 1624.368849][T19001] usb 6-1: USB disconnect, device number 70
[ 1624.540211][T22939] netlink: 156 bytes leftover after parsing attributes in process `syz.5.4846'.
[ 1625.335148][   T30] audit: type=1800 audit(1751600368.546:2870): pid=22936 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.4844" name="bus" dev="overlay" ino=757 res=0 errno=0
[ 1625.911917][T11245] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1626.571892][T11245] usb 9-1: Using ep0 maxpacket: 32
[ 1626.674372][T11245] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1626.884426][T11245] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1626.995598][T11245] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1627.660918][T22963] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1627.781746][T11245] usb 9-1: Product: syz
[ 1627.793689][T11245] usb 9-1: Manufacturer: syz
[ 1627.798346][T11245] usb 9-1: SerialNumber: syz
[ 1627.815591][T11245] usb 9-1: config 0 descriptor??
[ 1628.057287][   T30] audit: type=1800 audit(1751600371.266:2871): pid=22972 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.4855" name="bus" dev="overlay" ino=776 res=0 errno=0
[ 1628.079033][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1628.483835][T19001] usb 9-1: USB disconnect, device number 24
[ 1628.887272][T22978] syz.1.4856 (22978): drop_caches: 2
[ 1628.920549][T22978] syz.1.4856 (22978): drop_caches: 2
[ 1630.435508][T22982] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4859'.
[ 1635.157147][T22997] syz.8.4860 (22997): drop_caches: 3
[ 1635.168533][T22998] syz.9.4861 (22998): drop_caches: 3
[ 1636.401561][   T30] audit: type=1800 audit(1751600378.726:2872): pid=23026 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.4867" name="bus" dev="overlay" ino=2278 res=0 errno=0
[ 1636.727143][T23028] syz.9.4868 (23028): drop_caches: 2
[ 1636.830018][T23028] syz.9.4868 (23028): drop_caches: 2
[ 1637.162703][T23038] syz.8.4873 (23038): drop_caches: 3
[ 1637.177789][   T30] audit: type=1326 audit(1751600380.386:2873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1637.205196][T23038] syz.8.4873 (23038): drop_caches: 3
[ 1638.072016][   T30] audit: type=1326 audit(1751600380.416:2874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1638.095822][   T30] audit: type=1326 audit(1751600380.416:2875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1638.126025][   T30] audit: type=1326 audit(1751600380.416:2876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1638.156596][   T30] audit: type=1326 audit(1751600380.416:2877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1638.185939][   T30] audit: type=1326 audit(1751600380.426:2878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1638.210467][   T30] audit: type=1326 audit(1751600380.426:2879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1638.234556][   T30] audit: type=1326 audit(1751600380.426:2880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1639.266034][   T30] audit: type=1326 audit(1751600380.426:2881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23033 comm="syz.5.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1639.480716][T23054] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4879'.
[ 1641.638435][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 1641.638460][   T30] audit: type=1800 audit(1751600384.386:2911): pid=23072 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.4882" name="bus" dev="overlay" ino=712 res=0 errno=0
[ 1642.808978][T23086] syz.5.4887 (23086): drop_caches: 2
[ 1642.817989][T23086] syz.5.4887 (23086): drop_caches: 2
[ 1643.828391][   T30] audit: type=1326 audit(1751600386.906:2912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1644.295371][   T30] audit: type=1326 audit(1751600386.906:2913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1644.339941][   T30] audit: type=1326 audit(1751600386.906:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1644.387324][   T30] audit: type=1326 audit(1751600386.906:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1646.454525][   T30] audit: type=1326 audit(1751600386.916:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1646.893549][   T30] audit: type=1326 audit(1751600386.916:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1646.917858][   T30] audit: type=1326 audit(1751600386.916:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1646.970080][   T30] audit: type=1326 audit(1751600386.916:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1647.324126][T23095] overlayfs: failed to resolve './file0': -2
[ 1647.332556][   T30] audit: type=1326 audit(1751600386.916:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1647.357920][   T30] audit: type=1326 audit(1751600386.916:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1647.402163][   T30] audit: type=1326 audit(1751600386.916:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1647.463354][   T30] audit: type=1326 audit(1751600386.916:2923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1647.506766][   T30] audit: type=1326 audit(1751600386.916:2924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbfd9d858e7 code=0x7ffc0000
[ 1647.610638][   T30] audit: type=1326 audit(1751600386.916:2925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbfd9d2ab19 code=0x7ffc0000
[ 1648.027561][   T30] audit: type=1326 audit(1751600386.916:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23083 comm="syz.9.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1649.493287][T23126] syz.1.4899 (23126): drop_caches: 2
[ 1649.529810][T23126] syz.1.4899 (23126): drop_caches: 2
[ 1654.774240][T23167] syz.8.4910 (23167): drop_caches: 3
[ 1654.913656][T23167] syz.8.4910 (23167): drop_caches: 3
[ 1655.581825][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 1655.581845][   T30] audit: type=1800 audit(1751600398.786:2952): pid=23178 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.8.4913" name="bus" dev="overlay" ino=1260 res=0 errno=0
[ 1658.903157][T23204] overlayfs: failed to resolve './file0': -2
[ 1664.014353][T23247] netlink: 'syz.9.4933': attribute type 12 has an invalid length.
[ 1664.749607][   T30] audit: type=1800 audit(1751600407.636:2953): pid=23254 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.4934" name="bus" dev="overlay" ino=908 res=0 errno=0
[ 1665.733460][T23262] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4935'.
[ 1668.251765][   T30] audit: type=1800 audit(1751600410.626:2954): pid=23279 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.9.4942" name="bus" dev="overlay" ino=1310 res=0 errno=0
[ 1668.716277][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.724300][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1672.431789][ T5931] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[ 1672.656009][ T5931] usb 10-1: device descriptor read/64, error -71
[ 1674.201507][ T5931] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[ 1674.333345][ T5931] usb 10-1: device descriptor read/64, error -71
[ 1674.398390][T23336] openvswitch: netlink: Flow key attr not present in new flow.
[ 1675.209809][ T5931] usb usb10-port1: attempt power cycle
[ 1676.209953][   T30] audit: type=1800 audit(1751600419.416:2955): pid=23344 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.8.4960" name="bus" dev="overlay" ino=1320 res=0 errno=0
[ 1677.557397][T23353] openvswitch: netlink: Flow key attr not present in new flow.
[ 1680.310719][T23373] openvswitch: netlink: Flow key attr not present in new flow.
[ 1681.128282][T23376] netlink: 156 bytes leftover after parsing attributes in process `syz.8.4967'.
[ 1681.441993][T19001] usb 10-1: new high-speed USB device number 34 using dummy_hcd
[ 1681.594404][T23384] openvswitch: netlink: Flow key attr not present in new flow.
[ 1682.293164][   T30] audit: type=1326 audit(1751600425.506:2956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.335838][   T30] audit: type=1326 audit(1751600425.526:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.361286][   T30] audit: type=1326 audit(1751600425.526:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.385311][T19001] usb 10-1: device descriptor read/64, error -71
[ 1682.472776][   T30] audit: type=1326 audit(1751600425.526:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.944528][   T30] audit: type=1326 audit(1751600425.526:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.969617][   T30] audit: type=1326 audit(1751600425.536:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.969648][   T30] audit: type=1326 audit(1751600425.536:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.969672][   T30] audit: type=1326 audit(1751600425.536:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.969694][   T30] audit: type=1326 audit(1751600425.536:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1682.969719][   T30] audit: type=1326 audit(1751600425.536:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23386 comm="syz.5.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1683.362874][T19001] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[ 1683.591851][T19001] usb 10-1: device descriptor read/64, error -71
[ 1684.556379][T19001] usb usb10-port1: attempt power cycle
[ 1687.351210][T23435] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4984'.
[ 1687.819449][   T30] kauditd_printk_skb: 64 callbacks suppressed
[ 1687.829643][   T30] audit: type=1800 audit(1751600430.956:3030): pid=23430 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.4983" name="bus" dev="overlay" ino=2389 res=0 errno=0
[ 1690.359225][    T9] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1690.864541][    T9] usb 2-1: device descriptor read/64, error -71
[ 1691.596015][    T9] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1691.732001][    T9] usb 2-1: device descriptor read/64, error -71
[ 1691.960945][    T9] usb usb2-port1: attempt power cycle
[ 1692.941704][    T9] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1692.965712][    T9] usb 2-1: device descriptor read/8, error -71
[ 1693.774450][T23490] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4999'.
[ 1694.028735][T23497] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5000'.
[ 1701.411850][ T5931] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1701.561893][ T5931] usb 2-1: Using ep0 maxpacket: 32
[ 1701.572290][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1701.584709][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1701.922214][ T5931] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1701.938530][ T5931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1702.024711][ T5931] usb 2-1: config 0 descriptor??
[ 1703.495113][ T5931] ft260 0003:0403:6030.0028: chip code: 6424 8183
[ 1703.706964][ T5931] ft260 0003:0403:6030.0028: failed to retrieve system status
[ 1703.740070][ T5931] ft260 0003:0403:6030.0028: probe with driver ft260 failed with error -71
[ 1704.229052][ T5931] usb 2-1: USB disconnect, device number 42
[ 1706.085568][   T30] audit: type=1800 audit(1751600449.286:3031): pid=23625 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.9.5034" name="bus" dev="overlay" ino=1409 res=0 errno=0
[ 1706.478775][T23637] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5036'.
[ 1708.998857][T23663] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5040'.
[ 1711.353376][    T9] usb 10-1: new high-speed USB device number 37 using dummy_hcd
[ 1711.549495][    T9] usb 10-1: Using ep0 maxpacket: 32
[ 1711.589882][    T9] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1712.095695][    T9] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1712.111348][    T9] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1712.181723][    T9] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1712.195155][    T9] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1712.205058][    T9] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1712.220682][    T9] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1712.243769][    T9] usb 10-1: Product: syz
[ 1712.255734][    T9] usb 10-1: Manufacturer: syz
[ 1712.362694][    T9] usb 10-1: SerialNumber: syz
[ 1713.499081][    T9] usb 10-1: config 0 descriptor??
[ 1713.580948][    T9] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1713.616922][    T9] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1714.417754][T23712] netlink: 156 bytes leftover after parsing attributes in process `syz.8.5053'.
[ 1715.059576][T23718] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5055'.
[ 1716.081759][   T30] audit: type=1800 audit(1751600458.466:3032): pid=23721 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.8.5056" name="bus" dev="overlay" ino=1446 res=0 errno=0
[ 1716.083443][    T9] usb 10-1: USB disconnect, device number 37
[ 1716.116928][    T9] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1716.411833][ T5931] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 1716.971758][ T5931] usb 3-1: Using ep0 maxpacket: 32
[ 1716.981578][ T5931] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1717.142045][ T5931] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1717.151834][ T5931] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1717.161587][ T5931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1717.182140][ T5931] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1717.651534][ T5931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1717.672142][ T5931] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1717.691921][ T5931] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1717.701108][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1717.730582][ T5931] usb 3-1: config 0 descriptor??
[ 1718.555505][   T30] audit: type=1800 audit(1751600461.036:3033): pid=23737 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.9.5061" name="bus" dev="overlay" ino=1454 res=0 errno=0
[ 1720.367330][T18892] usb 3-1: USB disconnect, device number 85
[ 1721.479808][T23771] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5068'.
[ 1721.755792][    T9] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1722.341763][    T9] usb 2-1: Using ep0 maxpacket: 32
[ 1722.711332][    T9] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1722.736723][    T9] usb 2-1: config 0 has no interface number 0
[ 1722.748376][    T9] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1722.758673][    T9] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1722.768392][    T9] usb 2-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3
[ 1722.944860][    T9] usb 2-1: Product: syz
[ 1722.945607][   T30] audit: type=1326 audit(1751600466.156:3034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1722.949074][    T9] usb 2-1: Manufacturer: syz
[ 1722.949091][    T9] usb 2-1: SerialNumber: syz
[ 1722.972583][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1723.018596][    T9] usb 2-1: config 0 descriptor??
[ 1723.437812][    T9] smsc75xx v1.0.0
[ 1723.887927][   T30] audit: type=1326 audit(1751600466.156:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.039110][   T30] audit: type=1326 audit(1751600466.206:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.111977][   T30] audit: type=1326 audit(1751600466.206:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.218319][   T30] audit: type=1326 audit(1751600466.206:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.241818][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1724.296413][   T30] audit: type=1326 audit(1751600466.216:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.417518][   T30] audit: type=1326 audit(1751600466.216:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.441749][   T30] audit: type=1326 audit(1751600466.226:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1724.475471][   T30] audit: type=1326 audit(1751600466.226:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1725.514010][   T30] audit: type=1326 audit(1751600466.226:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23783 comm="syz.9.5074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1725.717547][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[ 1725.767372][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1726.220291][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1726.245168][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1726.271249][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1727.122965][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1727.232181][    T9] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[ 1727.319004][    T9] usb 2-1: USB disconnect, device number 43
[ 1730.209933][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.216340][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.262016][T18892] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1730.872134][T18892] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1730.888590][T18892] usb 2-1: config 27 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 1730.912226][T18892] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1730.926062][T18892] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1730.978981][T18892] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1731.000803][T18892] usb 2-1: invalid MIDI out EP 0
[ 1731.068706][T18892] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1731.230792][T18892] usb 2-1: USB disconnect, device number 44
[ 1731.317485][T23859] fuse: Bad value for 'fd'
[ 1731.717673][T21428] udevd[21428]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1731.745500][   T30] kauditd_printk_skb: 15 callbacks suppressed
[ 1731.745517][   T30] audit: type=1326 audit(1751600474.956:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1731.804457][    T9] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 1732.056673][   T30] audit: type=1326 audit(1751600474.996:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1732.093870][   T30] audit: type=1326 audit(1751600474.996:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1732.117665][   T30] audit: type=1326 audit(1751600474.996:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1732.144933][   T30] audit: type=1326 audit(1751600474.996:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1732.168911][   T30] audit: type=1326 audit(1751600474.996:3064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1733.252109][    T9] usb 6-1: Using ep0 maxpacket: 32
[ 1733.258938][   T30] audit: type=1326 audit(1751600474.996:3065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1733.284266][    T9] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1733.333650][   T30] audit: type=1326 audit(1751600474.996:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1733.357057][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1733.381728][    T9] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1733.390391][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1733.412118][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1733.437737][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1733.457997][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1733.489031][   T30] audit: type=1326 audit(1751600474.996:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1733.515516][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1733.548961][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1733.572156][   T30] audit: type=1326 audit(1751600474.996:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23861 comm="syz.9.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1733.580062][    T9] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1733.614695][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1733.697892][    T9] usb 6-1: config 0 descriptor??
[ 1735.393621][    T9] usb 6-1: can't set config #0, error -71
[ 1735.429059][    T9] usb 6-1: USB disconnect, device number 71
[ 1736.930182][T23904] overlayfs: failed to resolve './file0': -2
[ 1738.242242][T18892] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1738.259724][ T5931] usb 10-1: new high-speed USB device number 38 using dummy_hcd
[ 1738.442475][T18892] usb 2-1: Using ep0 maxpacket: 8
[ 1738.565101][T18892] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1738.573517][ T5931] usb 10-1: Using ep0 maxpacket: 32
[ 1738.585116][ T5931] usb 10-1: config 0 has an invalid interface number: 184 but max is 0
[ 1738.602648][T18892] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1738.613339][ T5931] usb 10-1: config 0 has no interface number 0
[ 1738.619535][ T5931] usb 10-1: config 0 interface 184 has no altsetting 0
[ 1738.631907][T18892] usb 2-1: config 0 has no interface number 0
[ 1738.638297][T18892] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1738.672595][ T5931] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1738.700877][T18892] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1738.710449][ T5931] usb 10-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3
[ 1738.723979][ T5931] usb 10-1: Product: syz
[ 1738.728287][ T5931] usb 10-1: Manufacturer: syz
[ 1738.738918][T18892] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1738.753598][ T5931] usb 10-1: SerialNumber: syz
[ 1738.787614][T18892] usb 2-1: config 0 descriptor??
[ 1738.795475][ T5931] usb 10-1: config 0 descriptor??
[ 1738.824726][T18892] ldusb 2-1:0.55: Interrupt in endpoint not found
[ 1738.864214][ T5931] smsc75xx v1.0.0
[ 1739.088030][    T9] usb 2-1: USB disconnect, device number 45
[ 1739.105592][T19001] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1739.581908][T19001] usb 9-1: Using ep0 maxpacket: 8
[ 1740.091762][T19001] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[ 1740.099910][T19001] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1740.151747][T19001] usb 9-1: config 0 has no interface number 0
[ 1740.162232][T19001] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1740.183917][T19001] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1740.201883][T19001] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1740.348737][ T5931] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[ 1741.151214][T19001] usb 9-1: config 0 descriptor??
[ 1741.156891][ T5931] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[ 1741.156898][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1741.156910][   T30] audit: type=1800 audit(1751600483.536:3085): pid=23930 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.5112" name="bus" dev="overlay" ino=2501 res=0 errno=0
[ 1741.195737][T19001] ldusb 9-1:0.55: Interrupt in endpoint not found
[ 1741.238819][ T5931] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[ 1741.390350][ T5931] smsc75xx 10-1:0.184: probe with driver smsc75xx failed with error -32
[ 1741.617095][T19001] usb 9-1: USB disconnect, device number 25
[ 1741.754771][T23940] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5116'.
[ 1741.965624][    T9] usb 10-1: USB disconnect, device number 38
[ 1742.748100][T23953] overlayfs: failed to resolve './file0': -2
[ 1743.609094][    T9] usb 10-1: new high-speed USB device number 39 using dummy_hcd
[ 1744.281860][    T9] usb 10-1: Using ep0 maxpacket: 32
[ 1745.138053][   T30] audit: type=1326 audit(1751600488.346:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1745.161900][   T30] audit: type=1326 audit(1751600488.346:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1745.185861][   T30] audit: type=1326 audit(1751600488.386:3088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1745.210045][    T9] usb 10-1: device descriptor read/all, error -71
[ 1745.219340][   T30] audit: type=1326 audit(1751600488.386:3089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1745.412086][   T30] audit: type=1326 audit(1751600488.386:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1745.501853][T19001] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1745.594036][   T30] audit: type=1326 audit(1751600488.386:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1746.131882][   T30] audit: type=1326 audit(1751600488.386:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1746.164998][   T30] audit: type=1326 audit(1751600488.386:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1746.189181][T19001] usb 2-1: Using ep0 maxpacket: 32
[ 1746.200959][T19001] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1746.221542][T19001] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1746.238927][   T30] audit: type=1326 audit(1751600488.416:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1746.379864][T19001] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1746.384146][   T30] audit: type=1326 audit(1751600488.416:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1746.525801][T19001] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1746.537726][T19001] usb 2-1: config 0 descriptor??
[ 1746.543132][   T30] audit: type=1326 audit(1751600488.416:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.084393][   T30] audit: type=1326 audit(1751600488.416:3097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.109500][   T30] audit: type=1326 audit(1751600488.416:3098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.132996][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1747.183359][   T30] audit: type=1326 audit(1751600488.416:3099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.420367][   T30] audit: type=1326 audit(1751600488.416:3100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.911842][T19001] usbhid 2-1:0.0: can't add hid device: -71
[ 1747.917962][T19001] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1747.937043][   T30] audit: type=1326 audit(1751600488.416:3101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.963442][T19001] usb 2-1: USB disconnect, device number 46
[ 1747.973686][   T30] audit: type=1326 audit(1751600488.426:3102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz.5.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1747.997210][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1748.914667][T24010] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5135'.
[ 1748.924066][T24010] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5135'.
[ 1748.944448][T19001] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1749.251841][T19001] usb 2-1: Using ep0 maxpacket: 32
[ 1749.261112][T19001] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1749.279347][T19001] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1749.333714][T19001] usb 2-1: config 0 descriptor??
[ 1749.355013][T19001] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1750.028886][T19001] gspca_nw80x: reg_w err -110
[ 1750.033762][T19001] nw80x 2-1:0.0: probe with driver nw80x failed with error -110
[ 1750.210235][T24021] overlayfs: failed to resolve './file0': -2
[ 1752.239752][T19001] usb 2-1: USB disconnect, device number 47
[ 1752.501704][T24051] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5146'.
[ 1752.510826][T24051] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5146'.
[ 1752.884177][T24055] fuse: Bad value for 'group_id'
[ 1752.889217][T24055] fuse: Bad value for 'group_id'
[ 1755.461270][T24078] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5151'.
[ 1755.470508][T24078] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5151'.
[ 1755.855687][T24084] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5153'.
[ 1757.968459][T24100] binder: 24095:24100 ioctl c0306201 200000000540 returned -14
[ 1758.753014][ T5931] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1758.948047][T24109] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5161'.
[ 1758.957375][T24109] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5161'.
[ 1759.343795][ T5931] usb 3-1: Using ep0 maxpacket: 32
[ 1759.363439][ T5931] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1759.377717][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1759.521937][T16512] usb 6-1: new high-speed USB device number 72 using dummy_hcd
[ 1759.529732][ T5931] usb 3-1: config 0 descriptor??
[ 1759.560684][ T5931] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1759.672067][T16512] usb 6-1: Using ep0 maxpacket: 32
[ 1759.700241][T16512] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1759.719657][T16512] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1759.885127][T16512] usb 6-1: config 0 descriptor??
[ 1760.251883][T23985] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1760.388247][ T5931] gspca_nw80x: reg_w err -71
[ 1760.393116][T16512] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1760.399339][ T5931] nw80x 3-1:0.0: probe with driver nw80x failed with error -71
[ 1760.410842][ T5931] usb 3-1: USB disconnect, device number 86
[ 1760.551725][T23985] usb 2-1: Using ep0 maxpacket: 32
[ 1760.558434][T23985] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1760.567247][T23985] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1760.580372][T23985] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1760.590605][T23985] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1760.662544][T16512] gspca_nw80x: reg_r err -32
[ 1760.670469][T16512] nw80x 6-1:0.0: probe with driver nw80x failed with error -32
[ 1760.673677][T23985] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1760.686772][T16512] usb 6-1: USB disconnect, device number 72
[ 1760.708866][T23985] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1760.719033][T23985] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[ 1760.732655][T23985] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1760.742648][T23985] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1760.754934][T23985] usb 2-1: config 0 descriptor??
[ 1762.383567][   T30] kauditd_printk_skb: 19 callbacks suppressed
[ 1762.383584][   T30] audit: type=1326 audit(1751600505.596:3122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24129 comm="syz.9.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1763.065734][T24146] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5172'.
[ 1763.074972][T24146] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5172'.
[ 1763.093908][T16512] usb 2-1: USB disconnect, device number 48
[ 1767.332132][ T5931] usb 6-1: new full-speed USB device number 73 using dummy_hcd
[ 1768.044339][ T5931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1768.056603][ T5931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1768.091602][ T5931] usb 6-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[ 1768.146360][ T5931] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1768.272526][ T5931] usb 6-1: config 0 descriptor??
[ 1769.250867][ T5931] hid-generic 0003:04F3:0754.0029: failed to start in urb: -90
[ 1769.272766][ T5931] hid-generic 0003:04F3:0754.0029: hidraw0: USB HID v1.01 Device [HID 04f3:0754] on usb-dummy_hcd.5-1/input0
[ 1769.289743][T24197] geneve2: left allmulticast mode
[ 1769.535863][T24212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5189'.
[ 1769.795984][T23985] usb 6-1: USB disconnect, device number 73
[ 1771.185408][T24209] fido_id[24209]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1771.280293][T24225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5192'.
[ 1771.320067][   T30] audit: type=1326 audit(1751600514.526:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24219 comm="syz.2.5191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7fc00000
[ 1772.147393][T24241] netlink: 'syz.2.5196': attribute type 10 has an invalid length.
[ 1772.169727][T24241] bridge0: port 1(team0) entered blocking state
[ 1772.176491][T24241] bridge0: port 1(team0) entered disabled state
[ 1772.183145][T24241] team0: entered allmulticast mode
[ 1772.306051][T24242] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1772.866585][T24241] team_slave_0: entered allmulticast mode
[ 1772.901936][T24241] team_slave_1: entered allmulticast mode
[ 1772.903943][T24241] team0: entered promiscuous mode
[ 1772.903969][T24241] team_slave_0: entered promiscuous mode
[ 1772.911203][T24241] team_slave_1: entered promiscuous mode
[ 1774.589467][T24270] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5205'.
[ 1774.606695][T24270] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5205'.
[ 1774.674828][T24272] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5204'.
[ 1774.684355][T24272] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5204'.
[ 1777.456782][T24297] overlayfs: overlapping lowerdir path
[ 1777.505322][T24297] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1777.661704][T24302] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5214'.
[ 1778.811713][T24310] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5217'.
[ 1778.820947][T24310] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5217'.
[ 1779.555493][T24315] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5218'.
[ 1781.784573][T16512] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1781.952529][T16512] usb 9-1: Using ep0 maxpacket: 32
[ 1781.970470][T16512] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1781.980524][T16512] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1781.995004][T16512] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1782.009611][T16512] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1782.021753][T16512] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1782.034203][T16512] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1782.308603][T16512] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1782.456781][T16512] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1783.144826][T16512] usb 9-1: config 0 descriptor??
[ 1783.171212][   T30] audit: type=1326 audit(1751600526.376:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24332 comm="syz.9.5224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1783.464047][T24348] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1784.123786][T16512] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1784.272864][T16512] usb 9-1: USB disconnect, device number 26
[ 1784.522593][   T30] audit: type=1400 audit(1751600527.726:3125): avc:  denied  { view } for  pid=24350 comm="syz.8.5229" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1784.528673][T16512] usblp0: removed
[ 1784.756162][   T30] audit: type=1326 audit(1751600527.966:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.756885][   T30] audit: type=1326 audit(1751600527.966:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.756917][   T30] audit: type=1326 audit(1751600527.966:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.756939][   T30] audit: type=1326 audit(1751600527.966:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.758475][   T30] audit: type=1326 audit(1751600527.966:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.758508][   T30] audit: type=1326 audit(1751600527.966:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.758531][   T30] audit: type=1326 audit(1751600527.966:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1784.758554][   T30] audit: type=1326 audit(1751600527.966:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24355 comm="syz.9.5232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1785.366659][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1786.070590][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1787.672033][T23985] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 1788.103954][T23985] usb 3-1: Using ep0 maxpacket: 32
[ 1789.208417][T23985] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1789.216972][T23985] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1789.226160][T23985] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1789.235497][T23985] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1789.245533][T23985] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1789.255289][T23985] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1789.268451][T23985] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1789.352271][T23985] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1789.376868][T23985] usb 3-1: config 0 descriptor??
[ 1789.907165][T23985] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 87 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1790.245306][T23985] usb 3-1: USB disconnect, device number 87
[ 1790.584384][T24403] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5244'.
[ 1790.602993][T23985] usblp0: removed
[ 1792.033929][T24420] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1792.104147][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.110613][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.996483][T24436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5257'.
[ 1793.051970][    T9] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 1793.155822][T24441] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5258'.
[ 1793.165171][T24441] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5258'.
[ 1793.265323][    T9] usb 10-1: Using ep0 maxpacket: 32
[ 1793.272428][    T9] usb 10-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1793.281603][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1793.495286][    T9] usb 10-1: config 0 descriptor??
[ 1793.510107][    T9] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1794.174805][    T9] gspca_nw80x: reg_w err -110
[ 1794.492206][    T9] nw80x 10-1:0.0: probe with driver nw80x failed with error -110
[ 1795.661845][    T9] usb 2-1: new low-speed USB device number 49 using dummy_hcd
[ 1795.906879][T19001] usb 10-1: USB disconnect, device number 41
[ 1796.273423][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1796.316029][    T9] usb 2-1: config 0 has no interface number 0
[ 1796.778378][    T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 59471, setting to 8
[ 1796.805176][    T9] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1797.061717][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1797.122868][    T9] usb 2-1: config 0 descriptor??
[ 1797.128575][T24463] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1797.253134][    T9] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1799.673570][    T9] usb 2-1: USB disconnect, device number 49
[ 1800.092113][ T5931] usb 10-1: new high-speed USB device number 42 using dummy_hcd
[ 1800.351804][ T5931] usb 10-1: Using ep0 maxpacket: 32
[ 1800.360879][ T5931] usb 10-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1800.370259][ T5931] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1800.385196][ T5931] usb 10-1: config 0 descriptor??
[ 1800.399517][ T5931] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1800.714025][   T30] kauditd_printk_skb: 33 callbacks suppressed
[ 1800.714042][   T30] audit: type=1326 audit(1751600543.926:3167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24510 comm="syz.5.5279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7fc00000
[ 1800.817638][ T5931] gspca_nw80x: reg_r err -71
[ 1800.833439][ T5931] nw80x 10-1:0.0: probe with driver nw80x failed with error -71
[ 1801.011242][ T5931] usb 10-1: USB disconnect, device number 42
[ 1806.914056][T24578] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1808.027822][T23985] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1808.672036][T23985] usb 2-1: Using ep0 maxpacket: 16
[ 1808.846330][T23985] usb 2-1: device descriptor read/all, error -71
[ 1810.239646][T24611] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5307'.
[ 1810.249251][T24611] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5307'.
[ 1814.731840][T19001] usb 10-1: new full-speed USB device number 43 using dummy_hcd
[ 1815.853987][T19001] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1815.880081][T19001] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1815.890205][T19001] usb 10-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[ 1815.900087][T19001] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1815.919195][T19001] usb 10-1: config 0 descriptor??
[ 1815.921856][   T30] audit: type=1326 audit(1751600559.116:3168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24636 comm="syz.2.5316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7fc00000
[ 1816.330004][T24655] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5321'.
[ 1816.339178][T24655] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5321'.
[ 1816.559205][    C0] raw-gadget.0 gadget.9: ignoring, device is not running
[ 1816.566722][    C0] raw-gadget.0 gadget.9: ignoring, device is not running
[ 1816.575004][T19001] usbhid 10-1:0.0: can't add hid device: -71
[ 1816.581051][T19001] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1816.657495][T24658] random: crng reseeded on system resumption
[ 1816.839762][   T30] audit: type=1400 audit(1751600559.996:3169): avc:  denied  { firmware_load } for  pid=48 comm="kworker/u8:3" path="/lib/firmware/regulatory.db.p7s" dev="sda1" ino=449 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[ 1817.557291][T19001] usb 10-1: USB disconnect, device number 43
[ 1818.724750][   T30] audit: type=1326 audit(1751600561.936:3170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1818.818012][   T30] audit: type=1326 audit(1751600561.936:3171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1819.186251][   T30] audit: type=1326 audit(1751600561.936:3172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1819.578304][   T30] audit: type=1326 audit(1751600561.936:3173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1819.794763][   T30] audit: type=1326 audit(1751600561.936:3174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1819.829890][   T30] audit: type=1326 audit(1751600561.936:3175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1819.853461][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1819.864874][   T30] audit: type=1326 audit(1751600561.936:3176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1819.888359][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1819.979607][   T30] audit: type=1326 audit(1751600561.936:3177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24670 comm="syz.9.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7fc00000
[ 1821.563307][T24711] random: crng reseeded on system resumption
[ 1822.153358][T24713] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1824.178991][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1824.179010][   T30] audit: type=1326 audit(1751600567.366:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24721 comm="syz.1.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7fc00000
[ 1825.872000][   T30] audit: type=1400 audit(1751600569.076:3183): avc:  denied  { connect } for  pid=24753 comm="syz.1.5348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1826.379943][T24770] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1829.144931][T24805] overlayfs: overlapping lowerdir path
[ 1829.654146][T24808] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1830.273529][T24812] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5362'.
[ 1830.364883][T24805] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1831.313381][T24827] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1833.853038][T24852] binder: 24850:24852 ioctl c0306201 200000000540 returned -14
[ 1836.331001][   T30] audit: type=1326 audit(1751600579.536:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24873 comm="syz.2.5381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7fc00000
[ 1839.284519][T24916] syz.9.5390 (24916): drop_caches: 2
[ 1839.297239][T24916] syz.9.5390 (24916): drop_caches: 2
[ 1840.830286][   T30] audit: type=1326 audit(1751600584.036:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24917 comm="syz.5.5391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7fc00000
[ 1841.628659][   T30] audit: type=1326 audit(1751600584.796:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1841.969609][   T30] audit: type=1326 audit(1751600584.796:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1842.008267][   T30] audit: type=1326 audit(1751600584.806:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f84fc18d290 code=0x7ffc0000
[ 1842.031764][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1842.047373][   T30] audit: type=1326 audit(1751600584.806:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f84fc190157 code=0x7ffc0000
[ 1842.114450][   T30] audit: type=1326 audit(1751600584.806:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1842.296318][   T30] audit: type=1326 audit(1751600584.806:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f84fc190157 code=0x7ffc0000
[ 1842.335858][   T30] audit: type=1326 audit(1751600584.816:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f84fc18d58a code=0x7ffc0000
[ 1842.388320][   T30] audit: type=1326 audit(1751600584.816:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1842.412014][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1842.511187][   T30] audit: type=1326 audit(1751600584.816:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1842.737300][   T30] audit: type=1326 audit(1751600584.836:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24936 comm="syz.8.5396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1842.760767][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1842.889730][T24955] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5400'.
[ 1848.727206][T24989] netlink: 'syz.5.5410': attribute type 10 has an invalid length.
[ 1848.747340][T24989] bridge0: port 1(team0) entered blocking state
[ 1848.759367][T24989] bridge0: port 1(team0) entered disabled state
[ 1848.786005][T24989] team0: entered allmulticast mode
[ 1848.798982][T24989] team_slave_0: entered allmulticast mode
[ 1848.813683][T24989] team_slave_1: entered allmulticast mode
[ 1849.206391][T24989] team0: entered promiscuous mode
[ 1849.230348][T24989] team_slave_0: entered promiscuous mode
[ 1849.240557][T24989] team_slave_1: entered promiscuous mode
[ 1849.858453][T25011] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1850.233198][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1850.233214][   T30] audit: type=1326 audit(1751600593.436:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24997 comm="syz.2.5413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7fc00000
[ 1851.031980][T19001] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1851.201710][   T30] audit: type=1326 audit(1751600594.406:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25008 comm="syz.5.5417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7fc00000
[ 1851.308593][T25023] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5420'.
[ 1851.317852][T25023] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5420'.
[ 1851.327177][T19001] usb 2-1: Using ep0 maxpacket: 16
[ 1851.365308][T19001] usb 2-1: config 0 has an invalid interface number: 68 but max is 0
[ 1851.384181][T19001] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1851.394857][T19001] usb 2-1: config 0 has no interface number 0
[ 1851.401115][T19001] usb 2-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1851.426530][T19001] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[ 1851.435986][T19001] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1851.458025][T19001] usb 2-1: Product: syz
[ 1851.466809][T19001] usb 2-1: Manufacturer: syz
[ 1851.477161][T19001] usb 2-1: SerialNumber: syz
[ 1851.513062][T19001] usb 2-1: config 0 descriptor??
[ 1851.692520][T19001] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1852.500583][T23985] usb 2-1: USB disconnect, device number 52
[ 1852.955239][   T48] usb 2-1: Failed to submit usb control message: -71
[ 1852.990362][   T48] usb 2-1: unable to send the bmi data to the device: -71
[ 1853.018157][   T48] usb 2-1: unable to get target info from device
[ 1853.030809][   T48] usb 2-1: could not get target info (-71)
[ 1853.040728][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.047334][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.144200][   T48] usb 2-1: could not probe fw (-71)
[ 1854.952978][T25070] fuse: Bad value for 'user_id'
[ 1854.957963][T25070] fuse: Bad value for 'user_id'
[ 1858.770531][   T30] audit: type=1326 audit(1751600601.966:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1858.794433][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1858.903636][   T30] audit: type=1326 audit(1751600601.966:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1858.927676][   T30] audit: type=1326 audit(1751600601.966:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1858.964093][   T30] audit: type=1326 audit(1751600601.966:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.001926][   T30] audit: type=1326 audit(1751600601.976:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.025978][   T30] audit: type=1326 audit(1751600601.976:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.053223][   T30] audit: type=1326 audit(1751600601.976:3207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.061706][T23985] usb 3-1: new low-speed USB device number 88 using dummy_hcd
[ 1859.077388][   T30] audit: type=1326 audit(1751600601.976:3208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.118396][   T30] audit: type=1326 audit(1751600601.976:3209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.264189][   T30] audit: type=1326 audit(1751600601.976:3210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25099 comm="syz.8.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1859.400057][T25109] fuse: Bad value for 'user_id'
[ 1859.405225][T25109] fuse: Bad value for 'user_id'
[ 1859.820098][T23985] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1859.828308][T23985] usb 3-1: config 0 has no interface number 0
[ 1859.834724][T23985] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1859.845885][T23985] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1859.855807][T23985] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1859.864982][T23985] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1860.388228][T23985] usb 3-1: config 0 descriptor??
[ 1860.409411][T23985] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1860.646077][T25103] iowarrior 3-1:0.1: Error -90 while submitting URB
[ 1860.663088][T16512] usb 3-1: USB disconnect, device number 88
[ 1861.668890][T25134] random: crng reseeded on system resumption
[ 1863.500007][T25151] overlayfs: overlapping lowerdir path
[ 1863.509260][T25151] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1863.728025][T25157] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5456'.
[ 1864.201877][T23985] usb 10-1: new low-speed USB device number 44 using dummy_hcd
[ 1864.210036][   T30] kauditd_printk_skb: 58 callbacks suppressed
[ 1864.210051][   T30] audit: type=1326 audit(1751600607.416:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25152 comm="syz.8.5454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1864.241743][   T30] audit: type=1326 audit(1751600607.416:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25152 comm="syz.8.5454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1864.394054][T23985] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1864.412673][T23985] usb 10-1: config 0 has no interface number 0
[ 1864.426655][T23985] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1864.438464][T23985] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1864.449390][T23985] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1864.462335][T23985] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1864.476818][T23985] usb 10-1: config 0 descriptor??
[ 1864.486983][T23985] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1864.751783][T25167] iowarrior 10-1:0.1: Error -90 while submitting URB
[ 1865.019793][T25179] syz.2.5464 (25179): drop_caches: 2
[ 1865.029398][T25179] syz.2.5464 (25179): drop_caches: 2
[ 1865.640923][T16512] usb 10-1: USB disconnect, device number 44
[ 1866.656592][T25197] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5470'.
[ 1866.724357][T25199] netlink: 'syz.8.5471': attribute type 10 has an invalid length.
[ 1866.724505][T25199] bridge0: port 1(team0) entered blocking state
[ 1866.724659][T25199] bridge0: port 1(team0) entered disabled state
[ 1866.724844][T25199] team0: entered allmulticast mode
[ 1866.724861][T25199] team_slave_0: entered allmulticast mode
[ 1866.724918][T25199] team_slave_1: entered allmulticast mode
[ 1866.726814][T25199] team0: entered promiscuous mode
[ 1866.726838][T25199] team_slave_0: entered promiscuous mode
[ 1866.726989][T25199] team_slave_1: entered promiscuous mode
[ 1866.727575][T25199] bridge0: port 1(team0) entered blocking state
[ 1866.727663][T25199] bridge0: port 1(team0) entered forwarding state
[ 1870.522088][T25248] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5486'.
[ 1870.531345][T25248] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5486'.
[ 1871.660700][T25265] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[ 1871.677553][T25265] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1873.658530][T25283] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5497'.
[ 1877.167332][T25331] overlayfs: failed to resolve './file1': -2
[ 1877.714043][T25329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5510'.
[ 1878.181988][T25335] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5512'.
[ 1879.421846][T16512] usb 6-1: new low-speed USB device number 74 using dummy_hcd
[ 1879.582918][T16512] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1879.601439][T16512] usb 6-1: config 0 has no interface number 0
[ 1879.637654][T16512] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1879.655374][T16512] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1879.666633][T16512] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1879.679889][T16512] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1879.709494][T16512] usb 6-1: config 0 descriptor??
[ 1879.735971][T16512] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1879.988266][T25347] iowarrior 6-1:0.1: Error -90 while submitting URB
[ 1880.295797][T19001] usb 6-1: USB disconnect, device number 74
[ 1880.439032][T25366] bridge0: port 3(syz_tun) entered blocking state
[ 1880.465879][T25366] bridge0: port 3(syz_tun) entered disabled state
[ 1880.488983][T25366] syz_tun: entered allmulticast mode
[ 1880.507881][T25366] syz_tun: entered promiscuous mode
[ 1880.526658][T25366] bridge0: port 3(syz_tun) entered blocking state
[ 1880.533450][T25366] bridge0: port 3(syz_tun) entered forwarding state
[ 1881.988083][T25374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5526'.
[ 1882.685884][T25379] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5525'.
[ 1886.523561][T25412] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1886.572489][T25412] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1886.750086][T25415] overlayfs: overlapping lowerdir path
[ 1886.767080][T25415] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1888.330592][T25438] fuse: Bad value for 'group_id'
[ 1888.335730][T25438] fuse: Bad value for 'group_id'
[ 1889.287575][T25447] overlayfs: failed to resolve './file0': -2
[ 1890.268100][T25465] overlayfs: overlapping lowerdir path
[ 1890.302169][T25465] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1893.987631][T25494] fuse: Bad value for 'group_id'
[ 1893.987690][T25494] fuse: Bad value for 'group_id'
[ 1894.474237][T25502] random: crng reseeded on system resumption
[ 1894.754060][T25505] overlayfs: overlapping lowerdir path
[ 1894.798907][T25505] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1896.248452][T25519] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5566'.
[ 1899.477376][T25553] overlayfs: overlapping lowerdir path
[ 1899.568100][T25554] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1900.898951][T25574] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1901.362022][T25574] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1901.771804][T23985] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1902.381717][T23985] usb 2-1: Using ep0 maxpacket: 16
[ 1903.882011][T23985] usb 2-1: device descriptor read/all, error -71
[ 1907.843858][T25636] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5598'.
[ 1907.853207][T25636] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5598'.
[ 1909.065385][T25642] syz.8.5601 (25642): drop_caches: 2
[ 1909.073305][T25642] syz.8.5601 (25642): drop_caches: 2
[ 1909.193326][T25651] netdevsim netdevsim9 netdevsim0: entered promiscuous mode
[ 1909.389828][T25651] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1912.651833][T25690] syz.2.5615 (25690): drop_caches: 2
[ 1912.657453][T25690] syz.2.5615 (25690): drop_caches: 2
[ 1913.671396][T25700] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5617'.
[ 1913.758572][T25697] binder: 25692:25697 ioctl c0306201 200000000540 returned -14
[ 1914.475871][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.551193][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1915.779953][   T30] audit: type=1326 audit(1751600658.866:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.807939][   T30] audit: type=1326 audit(1751600658.866:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.807981][   T30] audit: type=1326 audit(1751600658.866:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808015][   T30] audit: type=1326 audit(1751600658.866:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808046][   T30] audit: type=1326 audit(1751600658.866:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808077][   T30] audit: type=1326 audit(1751600658.866:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808108][   T30] audit: type=1326 audit(1751600658.866:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808141][   T30] audit: type=1326 audit(1751600658.866:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808172][   T30] audit: type=1326 audit(1751600658.866:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1916.808206][   T30] audit: type=1326 audit(1751600658.866:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25708 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f414758e929 code=0x7ffc0000
[ 1917.359278][T25719] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5621'.
[ 1917.884161][T25725] fuse: Bad value for 'rootmode'
[ 1918.726114][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1918.773789][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1919.576723][T23985] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 1919.781897][T23985] usb 9-1: Using ep0 maxpacket: 16
[ 1919.884828][T23985] usb 9-1: config 0 has an invalid interface number: 68 but max is 0
[ 1920.045897][T23985] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1920.084461][T23985] usb 9-1: config 0 has no interface number 0
[ 1920.712410][T23985] usb 9-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1920.746899][T23985] usb 9-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[ 1920.771652][T23985] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1920.898351][T23985] usb 9-1: Product: syz
[ 1921.096441][T23985] usb 9-1: Manufacturer: syz
[ 1921.096468][T23985] usb 9-1: SerialNumber: syz
[ 1921.102799][T23985] usb 9-1: config 0 descriptor??
[ 1921.187326][T23985] usb 9-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1921.337762][   T30] kauditd_printk_skb: 24 callbacks suppressed
[ 1921.337785][   T30] audit: type=1326 audit(1751600664.526:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1921.947754][   T30] audit: type=1326 audit(1751600664.526:3306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1922.039101][T11245] usb 9-1: USB disconnect, device number 27
[ 1922.045316][ T5990] usb 9-1: Failed to submit usb control message: -71
[ 1922.085222][ T5990] usb 9-1: unable to send the bmi data to the device: -71
[ 1922.097115][   T30] audit: type=1326 audit(1751600664.526:3307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1922.120660][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1922.141762][ T5990] usb 9-1: unable to get target info from device
[ 1922.149264][ T5990] usb 9-1: could not get target info (-71)
[ 1922.156075][ T5990] usb 9-1: could not probe fw (-71)
[ 1922.360209][   T30] audit: type=1326 audit(1751600664.536:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1922.445876][   T30] audit: type=1326 audit(1751600664.536:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1922.516562][   T30] audit: type=1326 audit(1751600664.536:3310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1923.492076][T25779] fuse: Bad value for 'rootmode'
[ 1923.515423][   T30] audit: type=1326 audit(1751600664.536:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1923.540181][   T30] audit: type=1326 audit(1751600664.536:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1923.661364][   T30] audit: type=1326 audit(1751600664.536:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1923.694455][   T30] audit: type=1326 audit(1751600664.536:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25763 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f85fd38e929 code=0x7ffc0000
[ 1924.823602][T25794] overlayfs: failed to resolve './file1': -2
[ 1925.311674][ T5931] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[ 1925.828844][T25806] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5644'.
[ 1925.838285][T25806] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5644'.
[ 1925.847697][ T5931] usb 9-1: Using ep0 maxpacket: 32
[ 1925.860943][ T5931] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1925.886159][ T5931] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1925.897377][ T5931] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1925.907017][ T5931] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1925.917056][ T5931] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1925.955582][ T5931] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1925.970960][ T5931] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1925.997871][ T5931] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1926.047674][ T5931] usb 9-1: config 0 descriptor??
[ 1926.322070][ T5931] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 28 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1926.358517][ T5931] usb 9-1: USB disconnect, device number 28
[ 1926.392403][ T5931] usblp0: removed
[ 1926.984245][   T30] kauditd_printk_skb: 66 callbacks suppressed
[ 1926.984262][   T30] audit: type=1326 audit(1751600670.116:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25808 comm="syz.9.5645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1927.041704][   T30] audit: type=1326 audit(1751600670.116:3382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25808 comm="syz.9.5645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd9d8e929 code=0x7ffc0000
[ 1928.303444][T25831] syz.2.5651 (25831): drop_caches: 2
[ 1928.310414][T25831] syz.2.5651 (25831): drop_caches: 2
[ 1932.821230][T25876] fuse: Unknown parameter 'grou00000000000000000000'
[ 1935.049397][T25897] random: crng reseeded on system resumption
[ 1936.576003][T25915] fuse: Unknown parameter 'grou00000000000000000000'
[ 1939.794874][T25950] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1940.422327][T25946] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5685'.
[ 1940.431801][T25946] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5685'.
[ 1940.848002][T25958] fuse: Unknown parameter 'grou00000000000000000000'
[ 1942.812997][ T5824] usb 6-1: new high-speed USB device number 75 using dummy_hcd
[ 1943.131621][ T5824] usb 6-1: Using ep0 maxpacket: 16
[ 1943.182464][ T5824] usb 6-1: config 0 has an invalid interface number: 68 but max is 0
[ 1943.241724][ T5824] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1943.323581][ T5824] usb 6-1: config 0 has no interface number 0
[ 1943.465646][ T5824] usb 6-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1943.603133][ T5824] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[ 1943.612574][ T5824] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1943.641741][ T5824] usb 6-1: Product: syz
[ 1943.646097][ T5824] usb 6-1: Manufacturer: syz
[ 1943.650712][ T5824] usb 6-1: SerialNumber: syz
[ 1943.694133][ T5824] usb 6-1: config 0 descriptor??
[ 1943.861964][ T5824] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1944.934361][ T5931] usb 6-1: USB disconnect, device number 75
[ 1944.985687][ T4286] usb 6-1: Failed to submit usb control message: -71
[ 1945.029378][ T4286] usb 6-1: unable to send the bmi data to the device: -71
[ 1945.037631][ T4286] usb 6-1: unable to get target info from device
[ 1945.044558][ T4286] usb 6-1: could not get target info (-71)
[ 1945.050409][ T4286] usb 6-1: could not probe fw (-71)
[ 1948.841337][T26040] random: crng reseeded on system resumption
[ 1952.094735][T26068] No control pipe specified
[ 1953.412559][T26081] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5721'.
[ 1953.421685][T26081] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5721'.
[ 1954.296043][   T30] audit: type=1326 audit(1751600697.016:3383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1954.410750][   T30] audit: type=1326 audit(1751600697.016:3384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1954.464828][   T30] audit: type=1326 audit(1751600697.026:3385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f84fc18d290 code=0x7ffc0000
[ 1954.488375][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1954.700285][   T30] audit: type=1326 audit(1751600697.026:3386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f84fc190157 code=0x7ffc0000
[ 1954.723826][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1954.731182][   T30] audit: type=1326 audit(1751600697.026:3387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1954.754711][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1954.766942][   T30] audit: type=1326 audit(1751600697.026:3388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f84fc190157 code=0x7ffc0000
[ 1954.801092][   T30] audit: type=1326 audit(1751600697.026:3389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f84fc18d58a code=0x7ffc0000
[ 1955.297125][   T30] audit: type=1326 audit(1751600697.026:3390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1955.322814][   T30] audit: type=1326 audit(1751600697.026:3391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1955.354175][   T30] audit: type=1326 audit(1751600697.046:3392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26079 comm="syz.8.5722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1955.597192][T26107] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5729'.
[ 1955.606703][T26107] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5729'.
[ 1956.061870][T16512] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1956.286480][T16512] usb 2-1: Using ep0 maxpacket: 32
[ 1956.301891][T26113] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5731'.
[ 1956.314505][T16512] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1956.329057][T16512] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1956.441700][T16512] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1956.514543][T16512] usb 2-1: config 0 descriptor??
[ 1957.278903][T26113] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5731'.
[ 1959.191723][ T5824] usb 2-1: USB disconnect, device number 55
[ 1960.056595][T26162] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5743'.
[ 1960.065812][T26162] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5743'.
[ 1960.662144][T26171] random: crng reseeded on system resumption
[ 1962.161844][T16512] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[ 1962.431712][T16512] usb 9-1: Using ep0 maxpacket: 16
[ 1962.438592][T16512] usb 9-1: config 0 has an invalid interface number: 68 but max is 0
[ 1962.446849][T16512] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1962.457102][T16512] usb 9-1: config 0 has no interface number 0
[ 1962.463433][T16512] usb 9-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1962.480111][T16512] usb 9-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[ 1962.551716][T16512] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1962.560552][T16512] usb 9-1: Product: syz
[ 1962.564882][T16512] usb 9-1: Manufacturer: syz
[ 1962.569526][T16512] usb 9-1: SerialNumber: syz
[ 1962.582090][T16512] usb 9-1: config 0 descriptor??
[ 1962.699109][T16512] usb 9-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1963.068179][T16512] usb 9-1: USB disconnect, device number 29
[ 1963.076526][T19689] usb 9-1: Failed to submit usb control message: -71
[ 1963.311626][T19689] usb 9-1: unable to send the bmi data to the device: -71
[ 1963.342068][T19689] usb 9-1: unable to get target info from device
[ 1963.450068][T19689] usb 9-1: could not get target info (-71)
[ 1963.470208][T19689] usb 9-1: could not probe fw (-71)
[ 1965.255278][T26212] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[ 1967.034825][T26236] syz.2.5763 (26236): drop_caches: 2
[ 1967.040453][T26236] syz.2.5763 (26236): drop_caches: 2
[ 1967.908473][T26256] random: crng reseeded on system resumption
[ 1969.166818][T26260] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1969.716598][T26263] random: crng reseeded on system resumption
[ 1974.448189][T26309] netlink: 52 bytes leftover after parsing attributes in process `syz.5.5782'.
[ 1974.590325][T26311] fuse: Bad value for 'user_id'
[ 1974.595331][T26311] fuse: Bad value for 'user_id'
[ 1975.108916][T26315] syz.2.5784 (26315): drop_caches: 2
[ 1975.115494][T26315] syz.2.5784 (26315): drop_caches: 2
[ 1976.177995][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.184392][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1977.086056][T26344] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5789'.
[ 1977.390676][T26344] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5789'.
[ 1978.963232][T26360] fuse: Bad value for 'fd'
[ 1979.094447][T26362] fuse: Bad value for 'user_id'
[ 1979.099429][T26362] fuse: Bad value for 'user_id'
[ 1980.184897][T26371] syz.9.5798 (26371): drop_caches: 2
[ 1980.185154][T26371] syz.9.5798 (26371): drop_caches: 2
[ 1980.494407][T26376] lo speed is unknown, defaulting to 1000
[ 1981.300813][T26388] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1982.000438][T26395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5804'.
[ 1982.009529][T26395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5804'.
[ 1982.411681][    T9] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[ 1982.611818][    T9] usb 9-1: Using ep0 maxpacket: 16
[ 1982.612109][T26403] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5806'.
[ 1982.799741][T26403] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5806'.
[ 1982.840878][    T9] usb 9-1: config 0 has an invalid interface number: 105 but max is 0
[ 1982.861548][    T9] usb 9-1: config 0 has an invalid descriptor of length 67, skipping remainder of the config
[ 1982.889887][    T9] usb 9-1: config 0 has no interface number 0
[ 1982.913210][    T9] usb 9-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1982.923082][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1982.946935][    T9] usb 9-1: Product: syz
[ 1982.958182][    T9] usb 9-1: Manufacturer: syz
[ 1982.996281][    T9] usb 9-1: SerialNumber: syz
[ 1983.136456][    T9] usb 9-1: config 0 descriptor??
[ 1983.233852][    T9] usb 9-1: Found UVC 0.00 device syz (046d:08f3)
[ 1983.259796][    T9] usb 9-1: No valid video chain found.
[ 1983.317088][T26413] fuse: Bad value for 'fd'
[ 1984.202982][T24112] usb 9-1: USB disconnect, device number 30
[ 1984.700086][T26424] syz.1.5812 (26424): drop_caches: 2
[ 1984.707678][T26424] syz.1.5812 (26424): drop_caches: 2
[ 1985.285722][T26434] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5813'.
[ 1985.285786][T26434] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5813'.
[ 1986.728424][T26451] random: crng reseeded on system resumption
[ 1987.563514][T26456] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5820'.
[ 1987.573085][T26456] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5820'.
[ 1988.261680][T26464] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1992.876369][T26503] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5834'.
[ 1992.886451][T26503] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5834'.
[ 1993.438520][T26512] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5836'.
[ 1993.695340][T26512] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5836'.
[ 1994.444148][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1994.444165][   T30] audit: type=1326 audit(1751600737.656:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1994.539165][   T30] audit: type=1326 audit(1751600737.686:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1994.569431][   T30] audit: type=1326 audit(1751600737.686:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.412685][   T30] audit: type=1326 audit(1751600737.686:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.450854][   T30] audit: type=1326 audit(1751600737.686:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.556293][T26532] lo speed is unknown, defaulting to 1000
[ 1995.562247][   T30] audit: type=1326 audit(1751600737.686:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.619386][   T30] audit: type=1326 audit(1751600737.686:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.647806][   T30] audit: type=1326 audit(1751600737.686:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.721884][   T30] audit: type=1326 audit(1751600737.686:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.776615][   T30] audit: type=1326 audit(1751600737.686:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26523 comm="syz.8.5840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 1995.892723][T24112] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1996.431630][T24112] usb 2-1: Using ep0 maxpacket: 16
[ 1996.444623][T24112] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[ 1996.500765][T24112] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1996.512578][T24112] usb 2-1: config 0 has no interface number 0
[ 1996.522512][T24112] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1996.610460][T26548] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5846'.
[ 1996.621335][T26548] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5846'.
[ 1996.647985][T24112] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1996.656760][T24112] usb 2-1: Product: syz
[ 1996.661208][T24112] usb 2-1: Manufacturer: syz
[ 1996.666353][T24112] usb 2-1: SerialNumber: syz
[ 1996.680363][T24112] usb 2-1: config 0 descriptor??
[ 1996.889948][T24112] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[ 1996.896956][T24112] usb 2-1: No valid video chain found.
[ 1997.630049][T26557] autofs: Unknown parameter '0x0000000000000000'
[ 1998.261163][ T5824] usb 2-1: USB disconnect, device number 56
[ 2000.668490][T26580] netdevsim netdevsim5 netdevsim0: left promiscuous mode
[ 2002.181890][    T9] usb 10-1: new high-speed USB device number 45 using dummy_hcd
[ 2003.202467][    T9] usb 10-1: Using ep0 maxpacket: 32
[ 2003.209753][    T9] usb 10-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 2003.219691][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2003.395686][T26610] autofs: Unknown parameter '0x0000000000000000'
[ 2003.554405][    T9] usb 10-1: config 0 descriptor??
[ 2003.565552][    T9] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 2003.967473][    T9] gspca_nw80x: reg_r err -32
[ 2004.937334][    T9] nw80x 10-1:0.0: probe with driver nw80x failed with error -32
[ 2004.959584][    T9] usb 10-1: USB disconnect, device number 45
[ 2005.791806][T26648] lo speed is unknown, defaulting to 1000
[ 2006.164396][    T9] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[ 2006.461950][    T9] usb 9-1: Using ep0 maxpacket: 16
[ 2006.542719][    T9] usb 9-1: config 0 has an invalid interface number: 105 but max is 0
[ 2006.786550][T26664] fuse: Bad value for 'fd'
[ 2006.814611][    T9] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2006.831806][    T9] usb 9-1: config 0 has no interface number 0
[ 2006.867841][    T9] usb 9-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 2006.894324][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2006.915550][    T9] usb 9-1: Product: syz
[ 2006.924294][    T9] usb 9-1: Manufacturer: syz
[ 2006.934242][    T9] usb 9-1: SerialNumber: syz
[ 2006.947788][    T9] usb 9-1: config 0 descriptor??
[ 2006.960095][    T9] usb 9-1: Found UVC 0.00 device syz (046d:08f3)
[ 2006.967972][    T9] usb 9-1: No valid video chain found.
[ 2007.183971][T23964] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2007.198908][T23964] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2007.729701][T23964] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2007.745654][T23964] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2007.747373][    T9] usb 9-1: USB disconnect, device number 31
[ 2007.759442][T23964] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2007.895107][T26667] lo speed is unknown, defaulting to 1000
[ 2008.163108][T26680] netdevsim netdevsim9 netdevsim0: left promiscuous mode
[ 2008.296667][T26682] autofs: Unknown parameter '0x0000000000000000'
[ 2009.791849][T16512] usb 6-1: new high-speed USB device number 76 using dummy_hcd
[ 2009.832248][T23964] Bluetooth: hci3: command tx timeout
[ 2010.027525][T16512] usb 6-1: Using ep0 maxpacket: 16
[ 2010.036901][T16512] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[ 2010.051612][T16512] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2010.132991][T26703] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 2010.545760][T16512] usb 6-1: config 0 has no interface number 0
[ 2010.568815][T26667] chnl_net:caif_netlink_parms(): no params data found
[ 2010.590140][T16512] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 2010.599553][T16512] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2010.600053][T26697] lo speed is unknown, defaulting to 1000
[ 2010.608695][T16512] usb 6-1: Product: syz
[ 2010.618722][T16512] usb 6-1: Manufacturer: syz
[ 2010.637055][T16512] usb 6-1: SerialNumber: syz
[ 2010.649895][T16512] usb 6-1: config 0 descriptor??
[ 2010.690418][T16512] usb 6-1: Found UVC 0.00 device syz (046d:08f3)
[ 2010.706328][T16512] usb 6-1: No valid video chain found.
[ 2011.174708][T26667] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2011.190654][T26667] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2011.208957][T26667] bridge_slave_0: entered allmulticast mode
[ 2011.223454][T26667] bridge_slave_0: entered promiscuous mode
[ 2011.254226][T26667] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2011.266295][   T30] kauditd_printk_skb: 33 callbacks suppressed
[ 2011.266311][   T30] audit: type=1326 audit(1751600754.476:3438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2011.296196][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2011.407351][T26667] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2011.922839][T26713] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 2011.932067][T23964] Bluetooth: hci3: command tx timeout
[ 2011.949815][T26667] bridge_slave_1: entered allmulticast mode
[ 2011.981665][T26667] bridge_slave_1: entered promiscuous mode
[ 2012.100138][   T30] audit: type=1326 audit(1751600754.516:3439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.430710][   T30] audit: type=1326 audit(1751600754.516:3440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.460950][   T30] audit: type=1326 audit(1751600754.516:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.510816][   T30] audit: type=1326 audit(1751600754.516:3442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.540520][   T30] audit: type=1326 audit(1751600754.516:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.564072][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2012.594737][   T30] audit: type=1326 audit(1751600754.516:3444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.657197][   T30] audit: type=1326 audit(1751600754.516:3445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.680781][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2012.722709][T26667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2012.765913][   T30] audit: type=1326 audit(1751600754.516:3446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2012.775470][T26667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2012.915872][   T30] audit: type=1326 audit(1751600754.516:3447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26712 comm="syz.8.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f84fc18e929 code=0x7ffc0000
[ 2013.538365][T26733] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2013.545559][T26733] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2013.639932][T26733] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2013.654349][T26733] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2013.766992][T26733] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2013.776228][T26733] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2013.785157][T26733] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2013.794060][T26733] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2013.806281][T26733] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[ 2013.943690][T26667] team0: Port device team_slave_0 added
[ 2013.953903][T26667] team0: Port device team_slave_1 added
[ 2013.991895][T23964] Bluetooth: hci3: command tx timeout
[ 2014.660194][T26667] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2014.681344][T26667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2014.708374][T26667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2014.796880][T26667] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2014.812964][T26667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2014.849809][T26667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2015.233131][T26667] hsr_slave_0: entered promiscuous mode
[ 2015.241397][T26667] hsr_slave_1: entered promiscuous mode
[ 2015.256074][T26667] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2015.264271][T26667] Cannot create hsr debugfs directory
[ 2015.430852][ T5824] usb 6-1: USB disconnect, device number 76
[ 2016.071717][T23964] Bluetooth: hci3: command tx timeout
[ 2016.982371][T26771] fuse: Bad value for 'fd'
[ 2018.077958][T26776] fuse: Unknown parameter '0x0000000000000008'
[ 2018.499639][T26782] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 2019.303120][   T30] kauditd_printk_skb: 121 callbacks suppressed
[ 2019.303137][   T30] audit: type=1326 audit(1751600762.516:3569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.411742][   T30] audit: type=1326 audit(1751600762.516:3570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.411797][   T30] audit: type=1326 audit(1751600762.526:3571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.411829][   T30] audit: type=1326 audit(1751600762.526:3572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.429989][   T30] audit: type=1326 audit(1751600762.636:3573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.430042][   T30] audit: type=1326 audit(1751600762.636:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.431484][   T30] audit: type=1326 audit(1751600762.636:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.431534][   T30] audit: type=1326 audit(1751600762.636:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.431651][   T30] audit: type=1326 audit(1751600762.636:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2019.431691][   T30] audit: type=1326 audit(1751600762.636:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26787 comm="syz.1.5907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6ad8e929 code=0x7ffc0000
[ 2020.363714][T26667] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2020.408986][T26667] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2020.908320][T26798] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5909'.
[ 2021.382454][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2021.382579][T26667] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2021.384612][T26667] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2021.941089][T26667] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2021.983117][T26667] 8021q: adding VLAN 0 to HW filter on device team0
[ 2022.011342][T19689] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2022.018615][T19689] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2022.237992][ T3489] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2022.245169][ T3489] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2024.208993][T26667] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2024.262572][T26667] veth0_vlan: entered promiscuous mode
[ 2024.708475][T26667] veth1_vlan: entered promiscuous mode
[ 2025.161098][T26667] veth0_macvtap: entered promiscuous mode
[ 2025.184085][T26667] veth1_macvtap: entered promiscuous mode
[ 2025.192255][ T5824] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[ 2025.430026][T26842] fuse: Unknown parameter 'fd0x0000000000000008'
[ 2025.833633][ T5824] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2025.846603][ T5824] usb 2-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[ 2025.856643][T26667] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2025.870383][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2025.876744][T26667] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2025.896291][T26667] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2025.905297][T26667] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2025.925687][T26667] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2025.936696][ T5824] usb 2-1: config 0 descriptor??
[ 2025.972319][ T5824] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 2026.012432][T26667] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2026.955146][T19689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2026.964394][T19689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2027.095208][T23397] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2027.111730][    C1] ==================================================================
[ 2027.119840][    C1] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x45a/0x4d0
[ 2027.127726][    C1] Read of size 2 at addr ffff888061e7b02a by task syz.9.5922/26861
[ 2027.135596][    C1] 
[ 2027.137903][    C1] CPU: 1 UID: 0 PID: 26861 Comm: syz.9.5922 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[ 2027.137917][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2027.137924][    C1] Call Trace:
[ 2027.137930][    C1]  <IRQ>
[ 2027.137935][    C1]  dump_stack_lvl+0x116/0x1f0
[ 2027.137954][    C1]  print_report+0xcd/0x680
[ 2027.137969][    C1]  ? __virt_addr_valid+0x81/0x610
[ 2027.137981][    C1]  ? __phys_addr+0xe8/0x180
[ 2027.137992][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[ 2027.138006][    C1]  kasan_report+0xe0/0x110
[ 2027.138020][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[ 2027.138035][    C1]  rose_timer_expiry+0x45a/0x4d0
[ 2027.138049][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[ 2027.138062][    C1]  call_timer_fn+0x197/0x620
[ 2027.138077][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 2027.138092][    C1]  ? mark_held_locks+0x49/0x80
[ 2027.138108][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[ 2027.138122][    C1]  __run_timers+0x6ef/0x960
[ 2027.138139][    C1]  ? __pfx___run_timers+0x10/0x10
[ 2027.138157][    C1]  run_timer_base+0x114/0x190
[ 2027.138171][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 2027.138187][    C1]  run_timer_softirq+0x1a/0x40
[ 2027.138201][    C1]  handle_softirqs+0x219/0x8e0
[ 2027.138216][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2027.138229][    C1]  __irq_exit_rcu+0x109/0x170
[ 2027.138240][    C1]  irq_exit_rcu+0x9/0x30
[ 2027.138251][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2027.138268][    C1]  </IRQ>
[ 2027.138271][    C1]  <TASK>
[ 2027.138275][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2027.138289][    C1] RIP: 0010:lock_acquire+0x62/0x350
[ 2027.138305][    C1] Code: 63 34 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 32 9b 0f 0f 0f 82 74 02 00 00 8b 35 1a cd 0f 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 c9 62 34 12 0f 85 c7 02 00 00 48 83 c4
[ 2027.138316][    C1] RSP: 0018:ffffc900049c70c8 EFLAGS: 00000206
[ 2027.138326][    C1] RAX: 0000000000000046 RBX: ffffffff8e764100 RCX: ffffffff93d96700
[ 2027.138333][    C1] RDX: 0000000000000000 RSI: ffffffff8ddf51e3 RDI: ffffffff8c157da0
[ 2027.138340][    C1] RBP: 0000000000000000 R08: e2d10b1c5e3c824c R09: 0000000000000000
[ 2027.138346][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 2027.138353][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2027.138365][    C1]  fs_reclaim_acquire+0x102/0x150
[ 2027.138375][    C1]  ? prepare_alloc_pages+0x162/0x610
[ 2027.138385][    C1]  prepare_alloc_pages+0x162/0x610
[ 2027.138395][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2027.138409][    C1]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2027.138423][    C1]  ? __pfx_native_flush_tlb_one_user+0x10/0x10
[ 2027.138439][    C1]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2027.138452][    C1]  ? mark_held_locks+0x49/0x80
[ 2027.138467][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2027.138483][    C1]  ? __lock_acquire+0x622/0x1c90
[ 2027.138498][    C1]  ? __lock_acquire+0x622/0x1c90
[ 2027.138512][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2027.138529][    C1]  ? policy_nodemask+0xea/0x4e0
[ 2027.138544][    C1]  alloc_pages_mpol+0x1fb/0x550
[ 2027.138559][    C1]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2027.138575][    C1]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 2027.138591][    C1]  vma_alloc_folio_noprof+0xed/0x1e0
[ 2027.138608][    C1]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 2027.138624][    C1]  ? rcu_read_unlock+0x2d/0xb0
[ 2027.138638][    C1]  do_wp_page+0x1136/0x4f20
[ 2027.138656][    C1]  ? __pfx_do_wp_page+0x10/0x10
[ 2027.138672][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2027.138684][    C1]  __handle_mm_fault+0x2223/0x5490
[ 2027.138698][    C1]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2027.138709][    C1]  ? __pfx_mt_find+0x10/0x10
[ 2027.138727][    C1]  ? find_vma+0xbf/0x140
[ 2027.138742][    C1]  ? __pfx_find_vma+0x10/0x10
[ 2027.138757][    C1]  handle_mm_fault+0x589/0xd10
[ 2027.138769][    C1]  ? __pkru_allows_pkey+0x41/0xb0
[ 2027.138783][    C1]  do_user_addr_fault+0x7a6/0x1370
[ 2027.138799][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2027.138811][    C1]  exc_page_fault+0x5c/0xb0
[ 2027.138825][    C1]  asm_exc_page_fault+0x26/0x30
[ 2027.138834][    C1] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[ 2027.138850][    C1] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 c1 5a 03 00 90 90 90 90 90 90 90 90 90 90
[ 2027.138860][    C1] RSP: 0018:ffffc900049c79f8 EFLAGS: 00050246
[ 2027.138868][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000039030
[ 2027.138874][    C1] RDX: 0000000000080000 RSI: ffffffff894eeb13 RDI: 0000000000000005
[ 2027.138881][    C1] RBP: ffffc900049c7d98 R08: 0000000000000005 R09: 0000000000000000
[ 2027.138887][    C1] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000000
[ 2027.138893][    C1] R13: 0000200000039000 R14: ffffc900049c7ddc R15: 0000000000000002
[ 2027.138902][    C1]  ? ____sys_recvmsg+0x2e3/0x6b0
[ 2027.138914][    C1]  ____sys_recvmsg+0x2ee/0x6b0
[ 2027.138926][    C1]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 2027.138938][    C1]  ? kfree+0x24f/0x4d0
[ 2027.138948][    C1]  ? __lock_acquire+0x622/0x1c90
[ 2027.138964][    C1]  ___sys_recvmsg+0x114/0x1a0
[ 2027.138978][    C1]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2027.138995][    C1]  ? __pfx___might_resched+0x10/0x10
[ 2027.139009][    C1]  do_recvmmsg+0x2fe/0x750
[ 2027.139024][    C1]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2027.139039][    C1]  ? css_rstat_updated+0x9d/0xd30
[ 2027.139055][    C1]  ? find_held_lock+0x2b/0x80
[ 2027.139067][    C1]  __x64_sys_recvmmsg+0x22a/0x280
[ 2027.139082][    C1]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 2027.139098][    C1]  do_syscall_64+0xcd/0x4c0
[ 2027.139114][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2027.139124][    C1] RIP: 0033:0x7fbfd9d8e929
[ 2027.139133][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2027.139143][    C1] RSP: 002b:00007fbfdabea038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2027.139152][    C1] RAX: ffffffffffffffda RBX: 00007fbfd9fb6080 RCX: 00007fbfd9d8e929
[ 2027.139159][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[ 2027.139165][    C1] RBP: 00007fbfd9e10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2027.139171][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 2027.139177][    C1] R13: 0000000000000001 R14: 00007fbfd9fb6080 R15: 00007ffed53d75d8
[ 2027.139187][    C1]  </TASK>
[ 2027.139191][    C1] 
[ 2027.755895][    C1] Allocated by task 24756:
[ 2027.760293][    C1]  kasan_save_stack+0x33/0x60
[ 2027.764963][    C1]  kasan_save_track+0x14/0x30
[ 2027.769629][    C1]  __kasan_kmalloc+0xaa/0xb0
[ 2027.774207][    C1]  rose_rt_ioctl+0x87e/0x1d40
[ 2027.778871][    C1]  rose_ioctl+0x64d/0x7d0
[ 2027.783184][    C1]  sock_do_ioctl+0x118/0x280
[ 2027.787759][    C1]  sock_ioctl+0x227/0x6b0
[ 2027.792072][    C1]  __x64_sys_ioctl+0x18b/0x210
[ 2027.796820][    C1]  do_syscall_64+0xcd/0x4c0
[ 2027.801313][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2027.807190][    C1] 
[ 2027.809499][    C1] Freed by task 26565:
[ 2027.813546][    C1]  kasan_save_stack+0x33/0x60
[ 2027.818212][    C1]  kasan_save_track+0x14/0x30
[ 2027.822894][    C1]  kasan_save_free_info+0x3b/0x60
[ 2027.827932][    C1]  __kasan_slab_free+0x51/0x70
[ 2027.832698][    C1]  kfree+0x2b4/0x4d0
[ 2027.836579][    C1]  rose_remove_neigh+0x25e/0x370
[ 2027.841504][    C1]  rose_rt_device_down+0x2dc/0x430
[ 2027.846608][    C1]  rose_device_event+0xfc/0x120
[ 2027.851443][    C1]  notifier_call_chain+0xb9/0x410
[ 2027.856462][    C1]  call_netdevice_notifiers_info+0xbe/0x140
[ 2027.862343][    C1]  __dev_notify_flags+0x1f7/0x2e0
[ 2027.867357][    C1]  netif_change_flags+0x108/0x160
[ 2027.872369][    C1]  dev_change_flags+0xba/0x250
[ 2027.877115][    C1]  dev_ifsioc+0x1498/0x1f70
[ 2027.881607][    C1]  dev_ioctl+0x223/0x10e0
[ 2027.885922][    C1]  sock_do_ioctl+0x19d/0x280
[ 2027.890497][    C1]  sock_ioctl+0x227/0x6b0
[ 2027.894813][    C1]  __x64_sys_ioctl+0x18b/0x210
[ 2027.899561][    C1]  do_syscall_64+0xcd/0x4c0
[ 2027.904055][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2027.909932][    C1] 
[ 2027.912243][    C1] The buggy address belongs to the object at ffff888061e7b000
[ 2027.912243][    C1]  which belongs to the cache kmalloc-512 of size 512
[ 2027.926281][    C1] The buggy address is located 42 bytes inside of
[ 2027.926281][    C1]  freed 512-byte region [ffff888061e7b000, ffff888061e7b200)
[ 2027.939973][    C1] 
[ 2027.942284][    C1] The buggy address belongs to the physical page:
[ 2027.948677][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61e78
[ 2027.957422][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2027.965903][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 2027.973431][    C1] page_type: f5(slab)
[ 2027.977398][    C1] raw: 00fff00000000040 ffff88801b841c80 ffffea000130d300 dead000000000002
[ 2027.985985][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 2027.994556][    C1] head: 00fff00000000040 ffff88801b841c80 ffffea000130d300 dead000000000002
[ 2028.003211][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 2028.011868][    C1] head: 00fff00000000002 ffffea0001879e01 00000000ffffffff 00000000ffffffff
[ 2028.020528][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 2028.029177][    C1] page dumped because: kasan: bad access detected
[ 2028.035571][    C1] page_owner tracks the page as allocated
[ 2028.041271][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 18844, tgid 18844 (syz-executor), ts 1149942385224, free_ts 1149922394486
[ 2028.063136][    C1]  post_alloc_hook+0x1c0/0x230
[ 2028.067890][    C1]  get_page_from_freelist+0x1321/0x3890
[ 2028.073426][    C1]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 2028.079308][    C1]  alloc_pages_mpol+0x1fb/0x550
[ 2028.084154][    C1]  new_slab+0x23b/0x330
[ 2028.088294][    C1]  ___slab_alloc+0xd9c/0x1940
[ 2028.092955][    C1]  __slab_alloc.constprop.0+0x56/0xb0
[ 2028.098315][    C1]  __kmalloc_noprof+0x2f2/0x510
[ 2028.103156][    C1]  fib6_info_alloc+0x40/0x160
[ 2028.107824][    C1]  ip6_route_info_create+0x14c/0x870
[ 2028.113100][    C1]  ip6_route_add.part.0+0x22/0x1d0
[ 2028.118202][    C1]  ip6_route_add+0x45/0x60
[ 2028.122605][    C1]  addrconf_add_mroute+0x1dd/0x350
[ 2028.127706][    C1]  addrconf_add_dev+0x14e/0x1c0
[ 2028.132550][    C1]  addrconf_init_auto_addrs+0x3f3/0x8f0
[ 2028.138080][    C1]  addrconf_notify+0xe93/0x19e0
[ 2028.142917][    C1] page last free pid 16442 tgid 16442 stack trace:
[ 2028.149397][    C1]  __free_frozen_pages+0x7fe/0x1180
[ 2028.154585][    C1]  __folio_put+0x329/0x450
[ 2028.158989][    C1]  device_release+0xa1/0x240
[ 2028.163565][    C1]  kobject_put+0x1e7/0x5a0
[ 2028.167976][    C1]  netdev_run_todo+0x7e9/0x1320
[ 2028.172836][    C1]  tun_chr_close+0xea/0x230
[ 2028.177328][    C1]  __fput+0x402/0xb70
[ 2028.181301][    C1]  task_work_run+0x150/0x240
[ 2028.185875][    C1]  do_exit+0x86c/0x2bd0
[ 2028.190019][    C1]  do_group_exit+0xd3/0x2a0
[ 2028.194512][    C1]  get_signal+0x2673/0x26d0
[ 2028.199008][    C1]  arch_do_signal_or_restart+0x8f/0x7d0
[ 2028.204561][    C1]  exit_to_user_mode_loop+0x84/0x110
[ 2028.209831][    C1]  do_syscall_64+0x3f6/0x4c0
[ 2028.214413][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2028.220293][    C1] 
[ 2028.222602][    C1] Memory state around the buggy address:
[ 2028.228219][    C1]  ffff888061e7af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2028.236266][    C1]  ffff888061e7af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2028.244327][    C1] >ffff888061e7b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2028.252370][    C1]                                   ^
[ 2028.257719][    C1]  ffff888061e7b080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2028.265763][    C1]  ffff888061e7b100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2028.273805][    C1] ==================================================================
[ 2028.281965][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2028.289145][    C1] CPU: 1 UID: 0 PID: 26861 Comm: syz.9.5922 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[ 2028.301179][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2028.311211][    C1] Call Trace:
[ 2028.314483][    C1]  <IRQ>
[ 2028.317307][    C1]  dump_stack_lvl+0x3d/0x1f0
[ 2028.321881][    C1]  panic+0x71c/0x800
[ 2028.325757][    C1]  ? __pfx_panic+0x10/0x10
[ 2028.330151][    C1]  ? mark_held_locks+0x49/0x80
[ 2028.334911][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[ 2028.340003][    C1]  ? check_panic_on_warn+0x1f/0xb0
[ 2028.345095][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[ 2028.350185][    C1]  check_panic_on_warn+0xab/0xb0
[ 2028.355103][    C1]  end_report+0x107/0x170
[ 2028.359414][    C1]  kasan_report+0xee/0x110
[ 2028.363811][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[ 2028.368901][    C1]  rose_timer_expiry+0x45a/0x4d0
[ 2028.373818][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[ 2028.379254][    C1]  call_timer_fn+0x197/0x620
[ 2028.383825][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 2028.388917][    C1]  ? mark_held_locks+0x49/0x80
[ 2028.393662][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[ 2028.399101][    C1]  __run_timers+0x6ef/0x960
[ 2028.403589][    C1]  ? __pfx___run_timers+0x10/0x10
[ 2028.408602][    C1]  run_timer_base+0x114/0x190
[ 2028.413267][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 2028.418447][    C1]  run_timer_softirq+0x1a/0x40
[ 2028.423191][    C1]  handle_softirqs+0x219/0x8e0
[ 2028.427934][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2028.433202][    C1]  __irq_exit_rcu+0x109/0x170
[ 2028.437857][    C1]  irq_exit_rcu+0x9/0x30
[ 2028.442077][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2028.447693][    C1]  </IRQ>
[ 2028.450601][    C1]  <TASK>
[ 2028.453528][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2028.459488][    C1] RIP: 0010:lock_acquire+0x62/0x350
[ 2028.464673][    C1] Code: 63 34 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 32 9b 0f 0f 0f 82 74 02 00 00 8b 35 1a cd 0f 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 c9 62 34 12 0f 85 c7 02 00 00 48 83 c4
[ 2028.484261][    C1] RSP: 0018:ffffc900049c70c8 EFLAGS: 00000206
[ 2028.490305][    C1] RAX: 0000000000000046 RBX: ffffffff8e764100 RCX: ffffffff93d96700
[ 2028.498255][    C1] RDX: 0000000000000000 RSI: ffffffff8ddf51e3 RDI: ffffffff8c157da0
[ 2028.506204][    C1] RBP: 0000000000000000 R08: e2d10b1c5e3c824c R09: 0000000000000000
[ 2028.514153][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 2028.522100][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2028.530068][    C1]  fs_reclaim_acquire+0x102/0x150
[ 2028.535073][    C1]  ? prepare_alloc_pages+0x162/0x610
[ 2028.540353][    C1]  prepare_alloc_pages+0x162/0x610
[ 2028.545444][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2028.550188][    C1]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2028.556061][    C1]  ? __pfx_native_flush_tlb_one_user+0x10/0x10
[ 2028.562217][    C1]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2028.568527][    C1]  ? mark_held_locks+0x49/0x80
[ 2028.573279][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2028.578474][    C1]  ? __lock_acquire+0x622/0x1c90
[ 2028.583394][    C1]  ? __lock_acquire+0x622/0x1c90
[ 2028.588329][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2028.594226][    C1]  ? policy_nodemask+0xea/0x4e0
[ 2028.599068][    C1]  alloc_pages_mpol+0x1fb/0x550
[ 2028.603902][    C1]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2028.609256][    C1]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 2028.614611][    C1]  vma_alloc_folio_noprof+0xed/0x1e0
[ 2028.619876][    C1]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 2028.625751][    C1]  ? rcu_read_unlock+0x2d/0xb0
[ 2028.630513][    C1]  do_wp_page+0x1136/0x4f20
[ 2028.635033][    C1]  ? __pfx_do_wp_page+0x10/0x10
[ 2028.639876][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2028.645229][    C1]  __handle_mm_fault+0x2223/0x5490
[ 2028.650322][    C1]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2028.655780][    C1]  ? __pfx_mt_find+0x10/0x10
[ 2028.660354][    C1]  ? find_vma+0xbf/0x140
[ 2028.664579][    C1]  ? __pfx_find_vma+0x10/0x10
[ 2028.669243][    C1]  handle_mm_fault+0x589/0xd10
[ 2028.673983][    C1]  ? __pkru_allows_pkey+0x41/0xb0
[ 2028.678988][    C1]  do_user_addr_fault+0x7a6/0x1370
[ 2028.684081][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2028.688824][    C1]  exc_page_fault+0x5c/0xb0
[ 2028.693314][    C1]  asm_exc_page_fault+0x26/0x30
[ 2028.698140][    C1] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[ 2028.703840][    C1] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 c1 5a 03 00 90 90 90 90 90 90 90 90 90 90
[ 2028.723427][    C1] RSP: 0018:ffffc900049c79f8 EFLAGS: 00050246
[ 2028.729469][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000039030
[ 2028.737418][    C1] RDX: 0000000000080000 RSI: ffffffff894eeb13 RDI: 0000000000000005
[ 2028.745366][    C1] RBP: ffffc900049c7d98 R08: 0000000000000005 R09: 0000000000000000
[ 2028.753314][    C1] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000000
[ 2028.761261][    C1] R13: 0000200000039000 R14: ffffc900049c7ddc R15: 0000000000000002
[ 2028.769212][    C1]  ? ____sys_recvmsg+0x2e3/0x6b0
[ 2028.774146][    C1]  ____sys_recvmsg+0x2ee/0x6b0
[ 2028.778884][    C1]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 2028.784166][    C1]  ? kfree+0x24f/0x4d0
[ 2028.788222][    C1]  ? __lock_acquire+0x622/0x1c90
[ 2028.793144][    C1]  ___sys_recvmsg+0x114/0x1a0
[ 2028.797803][    C1]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2028.802986][    C1]  ? __pfx___might_resched+0x10/0x10
[ 2028.808249][    C1]  do_recvmmsg+0x2fe/0x750
[ 2028.812644][    C1]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2028.817561][    C1]  ? css_rstat_updated+0x9d/0xd30
[ 2028.822568][    C1]  ? find_held_lock+0x2b/0x80
[ 2028.827223][    C1]  __x64_sys_recvmmsg+0x22a/0x280
[ 2028.832246][    C1]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 2028.837790][    C1]  do_syscall_64+0xcd/0x4c0
[ 2028.842288][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2028.848159][    C1] RIP: 0033:0x7fbfd9d8e929
[ 2028.852550][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2028.872149][    C1] RSP: 002b:00007fbfdabea038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2028.880538][    C1] RAX: ffffffffffffffda RBX: 00007fbfd9fb6080 RCX: 00007fbfd9d8e929
[ 2028.888489][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[ 2028.896437][    C1] RBP: 00007fbfd9e10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2028.904389][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 2028.912341][    C1] R13: 0000000000000001 R14: 00007fbfd9fb6080 R15: 00007ffed53d75d8
[ 2028.920290][    C1]  </TASK>
[ 2028.923528][    C1] Kernel Offset: disabled
[ 2028.927833][    C1] Rebooting in 86400 seconds..