last executing test programs:

16m13.644069187s ago: executing program 2 (id=1770):
socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x34, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x2, 0x1, 0x0, 0x3f3}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
socket$phonet(0x23, 0x2, 0x1)
socket$kcm(0x2, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0xfffffffffffffffe)

16m10.883492436s ago: executing program 2 (id=1778):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0)

16m9.070804146s ago: executing program 2 (id=1783):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000080)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000240)={0x0, 0x17}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

16m5.500385856s ago: executing program 2 (id=1796):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000140)=0x3, 0x12)
setreuid(0xee00, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
fchdir(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000280)=0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
ioctl$SIOCX25SCALLUSERDATA(r1, 0x89e5, &(0x7f00000004c0)={0x12, "684a54aef8b161b1359ac4d728263bebda8bff1ccf964259c1bf9249ef3dfc05c0aa7b65e4655023e8b95b766a45f9495fec1ff5b1a11475af641979470eb9dec6f577230837a90c694d9f5fcd176be04a5d369f4a4870d9832639ca97567fcbae27b1991f8ac6c446e60400000000000000008000"})
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT=r7, @ANYRES32, @ANYRES8=r8, @ANYBLOB="0f0000adf5809f2bafd45c000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES16], 0x48)
pread64(r8, &(0x7f0000000140)=""/15, 0xf, 0x4)
r9 = getpid()
r10 = syz_pidfd_open(r9, 0x0)
ioctl$FITRIM(r10, 0xff0a, 0x0)
ioctl$VIDIOC_ENUM_FREQ_BANDS(0xffffffffffffffff, 0xc0405665, &(0x7f0000000080)={0xffffffff, 0x4, 0x0, 0x0, 0x20000000, 0x1})

16m5.400962772s ago: executing program 2 (id=1797):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r5, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x0, 0x1, 0x2}}}}, 0x30}}, 0x0)

16m4.363921321s ago: executing program 2 (id=1800):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace(0x10, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000081}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x7, 0x8, 0x8000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

15m48.924908844s ago: executing program 32 (id=1800):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace(0x10, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000081}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x7, 0x8, 0x8000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

10m15.867046208s ago: executing program 4 (id=2561):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x0, @empty, 0x9}}, 0x0, 0x0, 0x3fc, 0x0, 0x32, 0x7}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, 0x0, 0x0)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x80000, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

10m14.850952677s ago: executing program 4 (id=2564):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x102001, 0x0)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000))
r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0xb3d)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x1b)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x2}, 0x10}, 0x94)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000340)="d4d7efad020efa27e4b5b271825ef53d030f992ff58468566c6fc090ac508f876b89a6004f4d6aa59f13c8af", 0x2c, 0x10, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000c00)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x8000}}, {{0xa, 0x0, 0x0, @private1, 0x4}}}, 0x108)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = fsopen(&(0x7f00000018c0)='binfmt_misc\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fspick(r6, &(0x7f00000002c0)='.\x00', 0x0)
close(r4)

10m12.006940053s ago: executing program 4 (id=2569):
r0 = socket(0xa, 0x3, 0x3a)
r1 = syz_open_dev$usbfs(0x0, 0x205, 0x2581)
fcntl$dupfd(r1, 0x0, r1)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000100)={0x18, 0x0, {0xfffd, @random="c0c13c2baeb6", 'macvlan1\x00'}}, 0x1e)
sendmmsg$sock(r3, &(0x7f0000001dc0), 0x40000a6, 0x48850)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$VIDIOC_ENUMSTD(r2, 0xc0485619, &(0x7f00000003c0)={0x10008, 0x320000, "88ccc573e70c6feac9dd00967393bca9408705edf628163e", {0x7, 0x40}, 0x9})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x13, &(0x7f0000000000), 0x4)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(0xffffffffffffffff, 0x0, 0x82)

10m9.473846685s ago: executing program 4 (id=2576):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x102001, 0x0)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000))
ioctl$TIOCGPTPEER(r2, 0x5441, 0xb3d)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000100)=0x2)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x2}, 0x10}, 0x94)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000340)="d4d7efad020efa27e4b5b271825ef53d030f992ff58468566c6fc090ac508f876b89a6004f4d6aa59f13c8af", 0x2c, 0x10, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000c00)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x8000}}, {{0xa, 0x0, 0x0, @private1, 0x4}}}, 0x108)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = fsopen(&(0x7f00000018c0)='binfmt_misc\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fspick(r5, &(0x7f00000002c0)='.\x00', 0x0)
close(r3)

10m2.785397726s ago: executing program 4 (id=2587):
syz_open_dev$sndpcmp(&(0x7f0000000100), 0x8, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffffffffbffc)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x3)
splice(r3, 0x0, r2, 0x0, 0x406f413, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000000300)=""/169, 0xa9)
read$msr(r4, &(0x7f0000019680)=""/102384, 0x18ff0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000880)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
getgroups(0x4, &(0x7f0000000640)=[0x0, 0x0, 0x0, r5])
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r7, 0x0, &(0x7f0000000500)=""/120}, 0x20)

10m2.210553282s ago: executing program 4 (id=2589):
socket(0xa, 0x3, 0x3a)
r0 = syz_open_dev$usbfs(0x0, 0x205, 0x2581)
fcntl$dupfd(r0, 0x0, r0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0xfffd, @random="c0c13c2baeb6", 'macvlan1\x00'}}, 0x1e)
sendmmsg$sock(r1, &(0x7f0000001dc0), 0x40000a6, 0x48850)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8e}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
socket$packet(0x11, 0x3, 0x300)

9m46.01218859s ago: executing program 33 (id=2589):
socket(0xa, 0x3, 0x3a)
r0 = syz_open_dev$usbfs(0x0, 0x205, 0x2581)
fcntl$dupfd(r0, 0x0, r0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0xfffd, @random="c0c13c2baeb6", 'macvlan1\x00'}}, 0x1e)
sendmmsg$sock(r1, &(0x7f0000001dc0), 0x40000a6, 0x48850)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8e}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
socket$packet(0x11, 0x3, 0x300)

17.169435309s ago: executing program 5 (id=3858):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r2, &(0x7f0000000000)=0x2b00, 0x12)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x2040)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r6, 0xc0403d08, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r7, 0x4, 0x2)

13.520432809s ago: executing program 3 (id=3865):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="7f454c46"], 0xa78)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x4, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x81)
r4 = socket$netlink(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x24008080}, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x6], 0x0, 0x0, 0x1}}, 0x40)
ioctl$USBDEVFS_RESETEP(r0, 0x80045503, 0xffffffffffffffff)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r10}, 0x10)

13.05722809s ago: executing program 5 (id=3867):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r4, &(0x7f0000000200)="9a9c94a4", 0x4, 0x20000800, &(0x7f0000001080)={0x2, 0x4e24, @multicast1}, 0x10)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000200)={0x48})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$FBIOGET_FSCREENINFO(r5, 0x4602, &(0x7f0000000540))
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000001030101000000000a000000000000000c0002000000000000000069"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000e1310a10f0031d58b776050203010902240001000000000904310002ff0107ff09058a02100000fa000905ff"], 0x0)

12.332170822s ago: executing program 0 (id=3868):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r4, &(0x7f0000000200)="9a9c94a4ff", 0x5, 0x20000800, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000200)={0x48})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$FBIOGET_FSCREENINFO(r5, 0x4602, &(0x7f0000000540))
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000001030101000000000a000000000000000c0002000000000000000069"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000e1310a10f0031d58b776050203010902240001000000000904310002ff0107ff09058a02100000fa000905ff"], 0x0)

11.991538363s ago: executing program 3 (id=3870):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r4, &(0x7f0000000200)="9a9c94", 0x3, 0x20000800, &(0x7f0000001080)={0x2, 0x4e24, @multicast1}, 0x10)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000200)={0x48})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$FBIOGET_FSCREENINFO(r5, 0x4602, &(0x7f0000000540))
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000001030101000000000a000000000000000c0002000000000000000069"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000e1310a10f0031d58b776050203010902240001000000000904310002ff0107ff09058a02100000fa000905ff"], 0x0)

10.435552045s ago: executing program 6 (id=3872):
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x3, 0x6)
sendto$inet(r2, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, 0x0, 0x22902, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$FBIOBLANK(r3, 0x4611, 0x3)
ioctl$FBIOGET_FSCREENINFO(r3, 0x4602, &(0x7f0000000540))
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x14)

10.189815902s ago: executing program 1 (id=3873):
syz_open_dev$I2C(0x0, 0x0, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x237, 0x0, &(0x7f00000000c0)=<r1=>0x0, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa0}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_io_uring_submit(r1, 0x0, 0x0)
io_uring_enter(r0, 0x47bc, 0x3bf6, 0x7, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
setrlimit(0x4, &(0x7f0000000480)={0x6, 0x7c9ddb4d})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r4, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0xf8, 0x0, 0x9, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x19}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x4}}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x1}, @NFCTH_TUPLE={0x10, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0xa4, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x3b}}, {0x14, 0x4, @private1}}}]}]}, 0xf8}}, 0x20000000)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x3}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
syz_emit_vhci(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'wlan0\x00'})

9.592820121s ago: executing program 1 (id=3874):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
creat(0x0, 0x58)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x40, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffff}, [@tail_call, @ringbuf_query, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x4}, @ringbuf_query, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @generic={0xfe, 0x6, 0x9, 0x3, 0x4e}, @alu={0x3, 0x0, 0x2, 0x0, 0xb, 0xffffffffffffffc4, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @alu={0x3, 0x1, 0xc, 0x9, 0xa, 0xffffffffffffffff, 0xffffffffffffffff}, @tail_call, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r7 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r6, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4)

8.831034449s ago: executing program 6 (id=3875):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r2, &(0x7f0000000000)=0x2b00, 0x12)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x2040)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r6, 0xc0403d08, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r7, 0x4, 0x2)

8.677777449s ago: executing program 1 (id=3876):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r4, &(0x7f0000000200)="9a9c94a4ff", 0x5, 0x20000800, &(0x7f0000001080)={0x2, 0x4e24, @multicast1}, 0x10)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000200)={0x48})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$FBIOGET_FSCREENINFO(r5, 0x4602, &(0x7f0000000540))
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000001030101000000000a000000000000000c0002000000000000000069"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000e1310a10f0031d58b776050203010902240001000000000904310002ff0107ff09058a02100000fa000905ff"], 0x0)

8.552474958s ago: executing program 5 (id=3877):
r0 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="db46", 0x2}], 0x1)
readv(r1, &(0x7f00000001c0), 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x90)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r5, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r6 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r6, 0x627, 0x4c1, 0x43, 0x0, 0x30)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r3, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000a2101002cbd7000fbdbdf25"], 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4c0a6)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)

8.295484466s ago: executing program 3 (id=3878):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="7f454c46d2180f"], 0xa78)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x81)
r4 = socket$netlink(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x24008080}, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x6], 0x0, 0x0, 0x1}}, 0x40)
ioctl$USBDEVFS_RESETEP(r0, 0x80045503, 0xffffffffffffffff)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r10}, 0x10)

7.58470631s ago: executing program 0 (id=3879):
r0 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="db46", 0x2}], 0x1)
readv(r2, &(0x7f00000001c0), 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r7 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r7, 0x627, 0x4c1, 0x43, 0x0, 0x30)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r4, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r11 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000a2101002cbd7000fbdbdf25"], 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4c0a6)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)

6.831454198s ago: executing program 3 (id=3880):
r0 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="db46", 0x2}], 0x1)
readv(r2, &(0x7f00000001c0), 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r7 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r7, 0x627, 0x4c1, 0x43, 0x0, 0x30)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r4, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r11 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000a2101002cbd7000fbdbdf25"], 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4c0a6)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)

6.17911945s ago: executing program 6 (id=3881):
r0 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="db46", 0x2}], 0x1)
readv(r2, &(0x7f00000001c0), 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r7 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r7, 0x627, 0x4c1, 0x43, 0x0, 0x30)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r4, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r11 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000a2101002cbd7000fbdbdf25"], 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4c0a6)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)

5.752514692s ago: executing program 0 (id=3882):
syz_open_dev$I2C(0x0, 0x0, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x237, 0x0, &(0x7f00000000c0)=<r1=>0x0, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa0}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_io_uring_submit(r1, 0x0, 0x0)
io_uring_enter(r0, 0x47bc, 0x3bf6, 0x7, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
setrlimit(0x4, &(0x7f0000000480)={0x6, 0x7c9ddb4d})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r4, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0xf8, 0x0, 0x9, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x19}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x4}}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x1}, @NFCTH_TUPLE={0x10, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0xa4, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x3b}}, {0x14, 0x4, @private1}}}]}]}, 0xf8}}, 0x20000000)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x3}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
syz_emit_vhci(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'wlan0\x00'})

5.21283305s ago: executing program 3 (id=3883):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r4, &(0x7f0000000200)="9a9c94a4ff", 0x5, 0x20000800, &(0x7f0000001080)={0x2, 0x4e24, @multicast1}, 0x10)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000200)={0x48})
r5 = openat$fb0(0xffffffffffffff9c, 0x0, 0x22902, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$FBIOGET_FSCREENINFO(r5, 0x4602, &(0x7f0000000540))
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000001030101000000000a000000000000000c0002000000000000000069"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000e1310a10f0031d58b776050203010902240001000000000904310002ff0107ff09058a02100000fa000905ff"], 0x0)

5.178049744s ago: executing program 5 (id=3884):
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
syz_open_dev$usbmon(&(0x7f0000000080), 0x6a2, 0x20000)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x0, 0x120004000000, 0x2, 0x500, 0x1, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x20000080000002}, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000004c0)={0x14, 0x6a, 0xfcdfa0f79c183163, 0x0, 0x25dfdbfc, "", [@generic="8ef5"]}, 0x14}], 0x1, 0x0, 0x0, 0x20048000}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x34, r9, 0x1, 0x2, 0x0, {0x7}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xfffffffffffffffb}, @L2TP_ATTR_IFNAME={0x14}]}, 0x34}}, 0x0)
syz_emit_ethernet(0x4c, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c2000000ece65fbcee5586dd6001010000161100fe800000000000000000000000d7c894bd6c51ad8fff56f08a09e9a244000100000000000000000000000000000000aa00030e22001690780203000000000000ffb00afe4e70"], 0x0)

4.919643472s ago: executing program 6 (id=3885):
r0 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="db46", 0x2}], 0x1)
readv(r2, &(0x7f00000001c0), 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r7 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r7, 0x627, 0x4c1, 0x43, 0x0, 0x30)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r4, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r11 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000a2101002cbd7000fbdbdf25"], 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4c0a6)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)

4.761355787s ago: executing program 0 (id=3886):
r0 = socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="db46", 0x2}], 0x1)
readv(r1, &(0x7f00000001c0), 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x90)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r5, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r6 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r6, 0x627, 0x4c1, 0x43, 0x0, 0x30)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r3, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000a2101002cbd7000fbdbdf25"], 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4c0a6)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)

3.698736986s ago: executing program 5 (id=3887):
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
syz_open_dev$usbmon(&(0x7f0000000080), 0x6a2, 0x20000)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x0, 0x120004000000, 0x2, 0x500, 0x1, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x20000080000002}, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000004c0)={0x14, 0x6a, 0xfcdfa0f79c183163, 0x0, 0x25dfdbfc, "", [@generic="8ef5"]}, 0x14}], 0x1, 0x0, 0x0, 0x20048000}, 0x0)
r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x18c, r7, 0x600, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x4c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x2c, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9c}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x54}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1eb22245}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0xf4, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3d6f31ca}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x119a760c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7822be1c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7ed5}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6cb6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x87d8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xee3b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x74f38888}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f78ed8a}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x637c}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6247ad10}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x13a16b2d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2509}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbff1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7f6d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x41a4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4716}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x34a5a511}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5ceb3afc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x19d84d10}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x63a87ce3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6b6a0509}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfe4d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6a6ca214}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf690}]}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x34, r10, 0x1, 0x2, 0x0, {0x7}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xfffffffffffffffb}, @L2TP_ATTR_IFNAME={0x14}]}, 0x34}}, 0x0)
syz_emit_ethernet(0x4c, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c2000000ece65fbcee5586dd6001010000161100fe800000000000000000000000d7c894bd6c51ad8fff56f08a09e9a244000100000000000000000000000000000000aa00030e22001690780203000000000000ffb00afe4e70"], 0x0)

3.568905574s ago: executing program 0 (id=3888):
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
syz_open_dev$usbmon(&(0x7f0000000080), 0x6a2, 0x20000)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x0, 0x120004000000, 0x2, 0x500, 0x1, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x20000080000002}, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000004c0)={0x14, 0x6a, 0xfcdfa0f79c183163, 0x0, 0x25dfdbfc, "", [@generic="8ef5"]}, 0x14}], 0x1, 0x0, 0x0, 0x20048000}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x34, r9, 0x1, 0x2, 0x0, {0x7}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xfffffffffffffffb}, @L2TP_ATTR_IFNAME={0x14}]}, 0x34}}, 0x0)
syz_emit_ethernet(0x4c, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c2000000ece65fbcee5586dd6001010000161100fe800000000000000000000000d7c894bd6c51ad8fff56f08a09e9a244000100000000000000000000000000000000aa00030e22001690780203000000000000ffb00afe4e70"], 0x0)

3.533222542s ago: executing program 1 (id=3889):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
creat(0x0, 0x58)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x3f, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffff}, [@tail_call, @ringbuf_query, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x4}, @ringbuf_query, @exit, @generic={0xfe, 0x6, 0x9, 0x3, 0x4e}, @alu={0x3, 0x0, 0x2, 0x0, 0xb, 0xffffffffffffffc4, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @alu={0x3, 0x1, 0xc, 0x9, 0xa, 0xffffffffffffffff, 0xffffffffffffffff}, @tail_call, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r7 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r6, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4)

2.406129501s ago: executing program 1 (id=3890):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000004c0)="c69ab8e290f8ef6630f8cad4379288f29a049dfb74f9ce311f65f3c109941294bb300df0e6576f91b6b6f2bf5e29cd695e0f07add78cf6e839a58be97e7fd5b68f4158157ebb3a60e5312da670e424abed9e771cc02c8bc6a52d8d2d568fcf15f4955780a7b5931c380ba320fdffaa743ea5a646c0ba622be8742ca462ec0b65164d6691253ce82d77113b8c03a1cd895dcdb23f8ee8540747c47ae4c725b427611b248b06d3dc218e8352675fc7f5bb39fede838bf9364562660699acf57d987423167cea311591157deb11483b9314dcda0544cd57ddddb86da52188b906c8f3afdcd08f4f7ed1b2879d1fd0642d403851d9e86d4be98b1f3a316f000dbf717f8783f6ec4c7b1edcd0d149d50d3b89066f53ab0959b71582f7cf12a62688003c8dfeccbbeb74366977dad443cb477acd466816d256669fa548f10befe49a57dfd748ebdd627fdbaf047f1811ddb55d6be952f996d2bf2fb39df1d047139a4d0f4a9374f65442627546f7d5d26f7101cfe98690399a94072afd01d08cf7c5e4d881703246c63495a1e27a9b43df293dd02df5cec9477272155c47731a024f715753bbe1c0aa0799353006cc33cd30786f0602bb207c11ce7c0e02bf3a25975503dba50877c0142326e83a68d3939080b74c9c625098dd74f4fdf4db29d4b097a52b93ceccb74d9a14b9b151bc4d821fd5bfe47c9d7027d44b1a995272ed6937c09e7fde3ff93200d8019f0d577cf7d0b3a594d588f28548588ecc021315a34b1186a39c022539180daa6016beca3ce6b151b9076c09791d60a75292a5d0f2ad7195971635caf293fe79d71f91407b786ab2d81b7326c1878e21ec02d6418c7cf724cce2f18538f0287d722862d0063551ac45086ec48562c769080169e5032c31dcda6ce7a82b4bbd1cbd5ff95a6123f4e02e47bf3caf6d3a2ccbf91a1895b97e2843738904a858a44302b7573ead3c10ce707b0d4b70adc7c25d5c5c02e3240dc686aa71b4994ada202effbfe599d5fba92166c2d9ebfc97538d9d54def9a7ce1edec29e38c55485308af77cf65d0e65576b22b721bf945f8e9e78767174e43bf94aea507992b5579e82f81967a9a2369f220ad7753f9467df9a4b02d5156bf3c9227e079d839bc6439f153ea62a7f2517cb70f4df03f186b2cce9d0c5932f958e224956eadb2ca5fec623f6d2102bfe4a7e05611f5611ce30e9d72c50b2faffeda9c568ee449d575f6bc20f11cb92eb4bcfd63ca89bbbe7f790184febd143c3507901f3e2fbefdaa13e4bccb15fd1739af3acc34e48d093af28ac4494b240fb3dcb0ca93f185e72ba45ddd6d07501a2d121d94649345cf5951449cbf28bbd87a34366cf50aee6f4be9830cbcd03b20e9357bf4406bbc348dbf1baf684c971576bdc682df76f8ddf12eed07d7e1cc9d4c3eca80a11abdbb1cda3a4facb68b46220382bccbebaf4c4655bd145a7e9e4ea3db56b6662480fc3595dbc1db0bdac7edca899caec99657ca2476edf9355cdb8902c7216e4127899bb1ec9e9ef3ecfabb9e59728417a17ab3704883652e468ee790abfba7dbf26473e503910600ad1ca7d28bdfe94202f126d3d4154242166a093c231b7ee379d2b24627ed7b25ddd198fe8d1fb75c1a865480d4ee38bd183947d57e60b6d005c972c34e31cbf5fd0660ab02977b5e2474a6bceb9edbf0d1cf3d4583f326bc6a6805ebc1c1e634d6d266fb3135f7f395cda67be761ad128dd69cdabb12b55b27550fcbf0115cffa358fe8003f68705178e0053bea1558a7bd5285b29ba5dc65aab9ab0c08e913379af2173776acb26a4f1eb384fae3a8087882d29c46773d6c82b622c1b7d428cbf6ab71e8271f00ac222ff2581ca1b785b8559f436b73b6e931b80a3f9c4cd93b23eb9652cbaadc3998a823b39bbf46fda42717dc9cb8e7d5d9a649af7bf9ab36206239645a384c3316c5c93769a1b9024071ec8800333e28880eadb940166a8f1430c212c9cf3b89fee0cb39a125013283f4e400ddb1fe67475b3231de1476ba6711b6c6aed1e699a55a5d502bb52ceb5e1be50f1249cdc7b0773343fb0aa0ba0c099c99c12e77091e06eb20cc2de9f638b8f545f0bbfa3a20546a800e62eb15eb2de2ce9f9426448d178e478cb375a06dcf8295c48db141e52808b27f7fc798a2fa1e925cdabd3bd764ff88e2d95e15da6c14f17ebfe10f5fe532fd50ec6e65901cc6386c97252360404e528d85d8dbda8a02312c2ddac3f4fe20ad4fa06b29dc2332087062e343c843a7dabd1a68a30fe6d73f5ddd55b7ea654bc8ae6728fb5fc56043a85b73db9a3e021bf522e290205e17a5cabc815bf7702286541a5f66811d198653eccca4a52a561b99d46b3847a45c3429aee1b322bafe95239063d1dd3dda7b281e2b16127e60ba6830f9dfa9e11c76802c900de1e4aa97608bbffeb5dc43a20ea669fcd91eb574981f2b065ba0cccd50af65143443696af77e8ac70fc8a1c740657ca2a06962b96499336ea96885c9da0c9482dcb94b71634c1246077880ab0c7a70f88c50f7c19f3f8ce38b76535dc4c7a164bc36211ba74526cb3b491f2850fdf83de9c7a4a91721154cce5dc87863c14a9b735c0050675c800d6bc28b429a9c7f53a3fa390bc2a748297b62d5cdad4dc88dfd744fafc4d0520395271e4dec0f47a5d59dea46ac566fa07e3261a7bae5c7f592bc00baef1eeed93b91463fc4ca69a48be9c83f280ca017bb216084f909d5fd5caf6af268720f8e23def727df05e77a5c466d9954698d08f8f51977340ff404bc5c2edcb413661941e34577afcd5fa6d2aa1b14391a8e0070a16444d64ccff10b86d7f58b02af40361db2969d8c3964f4007d0a90f9b00ebbf3c87e793fccc4fed29a40ceda549b80602f339ac0a63add3a0a762790377061ec8893f4da41206fbf94f3cc40f999ed2810148b3cd0c06aa856ed49913b5f84318f0fe34a3819925348b20b03370079b12c670c8a06d7b202a48c03dcfceeddee574fcf4bde657cabacb98a8a40eb2499f432a86a88a0f2fdfc328922e52c6faa189c0dcd1ea68a089b3a321bbb00bd446acd3ee0092836e10f8d40c8f9c8643ec2726c9f8e5ea2ac9618e093357c3aee29d0e7dc4d9e41048a270dd1151f75fb1e540435bcd2dfa80e1b007d64edcd5838c2d2a7eb8e43bf7723fe97a387775988103430295617f530702f98800f1d8928b730a2f0741c62a270caf63af7e49352dc447e405b1ef395a09af3ca8e4b956ff19ca455df425f8d0370c7b9fd7c9cd6b05f2acd871e88d16a02e68fec4ca58f96395ed71a3e24342c13f7465539b9f661c4f1500503d4124e6cd3584b2725f8d07560edd982f40dac4b3f72e069fe7a0674a10de291fe7308d8162303665e9964c93f436ab6736d4cf8166dcc6278f6b9f949cf44d71318a478afee20768fd2689a050b086e2eb1b25c48678a5e85bcce8e887c7d85363277e9c0d6658bef805d0fecf33158dcb759c029bdb0df10bbd61db06a4a1291b44ef85fd4ab4694490a644cda926fc9eeba72701ee31f2efff3a89a9d7e4b43796741ed70df19be984ddb9dd4b540e034587ccfaf3c307d0e21c006a04d2386540ae3d9855ed5dcbb32e12cf99ca18c8dea0928fcc283640da30091a9123b703b4116d7e1fbe0c213867ebfd1a032399c0b8590e7ff8eb1e965e30850e2a1161ac02fc2377d72ec4f93edfd55450680dea2481de2133eefa4710f4224ebac1d34db87a0daf241993214c71bdbea1c9b759b99108684efeef18e3e0a60b22a4a673a8cf2af5bf4728c82f5c90a3aed2e016135b40e7351069fb6b3d31e9d5cb6e0bdb69349e03b8aecc859955f2e7f29c33654e6aeb353e33f50a8ed516fdd049542e30114e14ad4426441a6505c470fc33d71de8c44555f3056d883f3649b0a0321d52d71db278afc3ed3b1c3d35f5ad1b9303bb6d51ddc3005ec69fb7761d6f815ecb14cea2a5a4ef5fe0ea4e151aeae62dbf8f9fb59f331c0679efed844b0a88d686e15c91bbc26e04bec1fedd1b3943ad8ba5f595469d348b6a816e89562a9cba3059f0489b6681a07d47d6d454487e4b66ab91c10c5c893122e5974389c20789612ab2da9ade141166521674b3920a5a2409d578f1849923f95a3fa72ee06778128fcd3297f852aed16259fd75f767a32d247e914ead3517346cf0e0eff7c6d358dff36994ad61517a0aca09269632cfc2874b2dfb691616a6677f12df3329c4c77e91411ed470890eb5807e34b508d5950cd7659418e3cae10eb277060b33bec60ff03d428c8cb5be38b61934dbd5f693cb7cf60e3598bc64f2f480a92d2ba7906a041c49e3940f1df9b5453182fb93ea9622bfbe6306ca56958b67305fca6c2b0a3408fa3fe950c42316da2336b1afe865135f81aafce7ae86a6a314b1bd527499a7917ecb6aee58b5d56c8cabb269b5342d08297d82920a821a0f3994e6abe3bc88ff9cbf8aac00bcafa00c5872aa193d42f92b650e2d2c0785cd7867a377d843b7e1aa39ec8521035d5340ff98b0769288a8413e468333ef8c7b5f11fa53d6a4fbad6637dc14ec98bd58feca2c48b17a13d263dbce6573b8c58bdc644eacdd71ab54c12cb597c4650948ca28ecbacd2fbd903027c8613f09e82514a85dc7f09abc2e9e6c38306b84ad85571c2e8f0fbd3510a74df7b9e7a81e818740a73f3b21df35a4dacb220267eaf72cdc826a128baf32503eee12e424f7958e85b13ba538aac003e4a7113f6c5a0c636436e854ef5f99fbff9d619ffa7cc78a55440476f6179c0f45983803ebccac502044b11de1eb85548f2a218e102be2dc1e0a7d7e73e6d2ad08dd737c48a734fa2fc2a63b83622822a8b6048bee30faba953ef99b75cf0ebb9969bcef1ad49106bc053f2dcdd90e7edeb557068f9cb38dedb9d91a76eb241ec2dec3cb0ab3e0b3cd6d510f686607f9ef78fefa83dc371b06539d736454beb077ed34c78a2d791dd6ce72b6a2ea9ce96a40aee1f40c382921a10f4a8a62558882d699c398f75e1c8c5b7afc6f2c0acbc3737c9d5c658d8d2dff876ef316d9ce089f61b4a1b13517ba1069b6765fda9ebae17199818aca2a569159e8b3dcbe16d0c7ecd864a32c4a976b46387c9e4ed8e7af882fe1e350179722fce8452c922678b55baa5613a193605bd7dff3ec25d197f20d2af86c65d98bd7e51b120e3568f89e382b43556d75d7a1e5039123a535b3d3240907bfd794b48beda06f8c6c581c098a27a2c854316c35275ebec550b9a881184395cde952b41e89d8c55f57d9e9cd0e0cdbfc196f30476f0d378f04919164d945e519fd75aa79511d886802c7849b79bbaa23e89f8da06ccac66d7013be95093c4d57a5d0c15e96b67e9484c6d5ef61a24f475d27c1d217a1d332a383df161a895004567006e0221ff81c8242a7e860155aa55457b976a0f172c57ab58c7e132a8a2d8da95656eddb61db10f74442a5d6a2ca44e317015e7996540ce5df4206f6b089c7d4986f6bd0f49b3cab01280b1ccd774a7c462622ba2d65c3d01e329cf3b8d79ae24aaf86f9bf2991009cba047515ff99425be5ea70ba545e74571b726d12d8e3f32703471dbe513789ecd502905314234bcb9ce0dcf009785bf57da974946a52b97560bc2d664ac49641d0850400422e09a7752c6bb44ab3d6f41b5b2e38cec83769adc5d2f41a3c1d6f04d121fd2a041d3840a4d48fa08abb8d892767eca4de7dde774bd299c529098d7b742410ee6e61e6007c649f7d13637c2ce5f13f02d53ae19afc9e8cf751665292d1253d30c813ed57ef9a86001671bba6d2e3e191c05aab56ea15563185e292c135ad57f34b6467d90d80c60eb48b47f334a9e2daf36684265be8ebfbdc9fcc79059ffe1e964420135bdb0d0f66f02e8dc557824b04786bcd8515d0f723dc7f8ff73ea4fdef5502b4660d5989c84be20e5385ffd029efd3b5ce9e4d786b2f4c33e3e7004f138b6e6d4bc3bbfd3a2f3974f4f483b32bba6ec88535f9923ff1114127ff88460db3154d40a0199c2c6c984f0b8d60761ba9e18c804e69f9a3bc652c369e83a634afd95eb15706995fffe0931dd8e1c4bec8a925f10460ec0896b507a0ca2040d63ab2f5c60aa7ea7ed18aa5bf19e20a3112706fd931c3e746fd208a39c1ed5862057240a8342d9198e2cb3bd8c63f2ab6728d3e7567f298c79b0d35627d17da214e0b1811a072c6553477ac0d72f4fdd40cb30e8f7c255ac59a6aa9a583f13002c548abc82f2b8f7fbba5e6f265a4449e9d24523353e78f421ed89e93100ce6a2bdff1ccf07eb4baca04a82aa716c32a745abe09fc7d86a811c9e97e4f65034c330f1323f64e25a6e4a61433aa460c813bbeaca4e406ef8a83b473491b26bce2f61e09182a29bcd625e33ae44e0c723285862ac46ffd9aa9cb926acb4217d09b8779fcc0d4aa2c86e0ac7e799597777a96ba3207c6fb83e134cc4e33360fd05008a6589f2e11dd947fe145e8c4534730a4bab6f133c557c80b0b21fa9cf5c1013d887acdb9d7c87ce4b187bb87280b58fdba33813ac4e59aef7f7ac6dc5e04347feb33212f5188d444514249d4f11f6580fc556eabb75abdfd2bffbd01e51635fba1d2f731ef938be41b750aae486c67ae460354a55267cf5d24e870c3fa67c687bf513ecb953fe00fdc5bb8284a1cd414e04d9221539613e4f71802ff274a7a71f1eb97155c69ce5c90fd341c7c153ab57674d2b1b50ceea3ab376e328c3071c43df46954b4fd5e8d6c91c9c140d70469b3f75b75399bf99e1de2aecf9deb6782b0cc8a99089a1e68ec77a22b401a6f99c2d6e6a4ab31de7aa3ebbcea9988af307c8fee4386ce26d5cb1b9e7b71428cf7f42eabfec734dda594f3c5e148b32261f98fc1f2cd871d9190fcdad1a4577b9f56517fb4587203423674f1a3c18b555692a649f1a359e499f9b05854f9a9f1be114a43673d12124095cb4febd9fe8310af59b519295e47d6a887f15c2289275d029e66147063035eedbf112883ce8cbfd25187967e6bf6fc10e174d4b6a6ceef5ba6a8bef521b891e332828aa5ed31b5c562689a4eb9ea5b5fb7f0324f048b46a1dae3596b09c275072b5573307c418f4033f7c469ad07a9011a5ec877d51a43096029a8cda81e4c1655c3ca8fab03e35a7fe7d92af466fe47488ac493c760c241bac90720b0ace8526bc6082e8c4d7eade5cd34ca5215858fd79602f61bc46ddc2173f5321052db481437c5385439aa000c58d4bb9e5ac0df7841d1537b39a98bbefebf8c7753b0fc5c3ef2a23fdff59b162529e0df52afc0b00a881b3b211089996c4575858db1e82de767254ab29716b1795545d192f3867d90a23309a33dc6a18c7b70f26a52f7a224e61d23c6b0d8cf583edcec47b4e5a8463933dccb47f3548b4b7c185b7576d7bed2d8ea26ba227cd6f946c9660ad42c0774a90a6d2d0a340d1ff50bb6165b1cb9d64885002c19990cd2edf6eddeea11d99de0982b889394d84a2c380a2b9171dd59303e5cd994482cbee7aeb8fba8cf7d0de663bfe331eda03b703ed85d164947b10f0d3852add8cf2670ef0c3ce68688421e6942c4f37f968241b8f5c0bcfd0a223368e00162467528f2919dbf6c12d6789c3cbdeca25b81916fb43d77a38d48dfbdbafdea7515580659abdf3f279e877e0c11d9a2cb81bbd15abe5af69b7d9aa411ca6c9e9f77ddf3149b5a59cc86a859a9b242a6c5c2b0418a237726e74b5ed856556b9ccd88945a028e84fa4ed274c83e99c21c025784b0b0df2f7e29d74c08c589335eed3d462ea560b25426ce2bb87ccaa8380566e4130c5809fcd62318e0732d1a1d86c04d377e3ce15e9d4c78db5f70e302cb7fad7c36f054db9dfb395c6c6c57fdd91a2b56b522341b0d054593ffff2db7803c0621e0a03f9b2e2a5923fb181885469988eff45b993714077c96b69b53da2c90313a2f336413683bfab8bf60f982f8eb4400304862f6db1bc681f84dacea618bef42d111deb4142fdc65239f20176b8935ac85d5b284bf2e52dba61d7d3fa43f1d78b7059432aaeda7b60b5a8f868798b685237043e9ce318091bfd53749bf136d0f046776a36e044be1ade25d42b31d976be0e4e4579f281db2538ffff65bcb4721d1553e80578dc416081d8e5e3327806490038ff02f335f6744e699bcf85a82bcb433119a810d3651032e61bfe97ebc2ae59e4c907966c54bea166ae1be133bbe29e98ed901c13395fe2521bbd223bd89687ea53a83e4356d3938b44b526466a76f1198abf2ccd81e7d26b9503456364dea47aa14c8359f032d684523b954b97dfaab71f553cdddc51cb6c76d7339631f311d114f2541d9da51eae88d17d03570383a74f367b874f7bf552741328d4ad7f0890d8684923dc3c9e38351050cc5a6ea5e33c9ce07df61e9df6f2a1774658e67c3427ab93230c5204e1e83051e1bf73e193100e7d854b3f9a0d79990353c5fa0a226e3b6447de71d6bceff9e35af071f1d5c88e4e708da6d5179740cb3d2a0cdb195651ede0bd127e1bf5ae0eef9db23eafa2a6dc9d77131b1853934d54e96570e8cde202a66df0445d5278199c0464d5dc433dbd83e1ba156b33869536d3e4cade3ddac7589722ec142231256d46e6997fcce11d0edfaf66c96a28898930b082165be791e8455e8265ebeb7196a43a5f4438037e11612304886cbe3078b38b9dc0a0e41cba93c36ffb893ec21b5991085f8af4a5f9e4547a8e8c1a74327eb936d5681f9ad4c74f6ed0ca87e38ae2b7830253bb1deb539dbe268c9ea8dfbba01849547d04a9e95fc3dba9cbb49ae95c2ccd7aab6b4ebf02619d1176f491f4b40a00f0c1bae594c01a58a38257f770d717e563a1393aaa1873d823a89d3e135dcd2a11cb637c3aff8ea901db32a2b89a662e34053c694172bb76747f397741d4c67d4c85ced5b974769fa444ca1e452feceb2fbe36c0b14c2618888441804a02b32b4645cf98b91aba04c0e03b0743f948b2d3b6a718c918fbd20764b93bb6472f9882c02713832e090288efd0a54473e1abbe7cbb07088844ae5473d734350e1f284bde7fd2d01289b2944df1fc5b52148b60cd07561a86257ba8bb7aaab1e17b5c07c947fccd77dfcf43a260eeb97fc2b18484ed1cbc99aaf3d41ffb58599722244ee7150e1e2a12105221da40af6667379e915ae10ba4cc4aa2dd51e68e0b2d31bfcec908e3cda0ea6e9e7a4ba5786b49477c490a519a129e6bcc6705668967e05dbcc515674850a8f88474f7acb93109c6f249598ac8e6815a79119b9934de9dd9c73838cb4664a3b6d660f8eb2367d67bca0b0a154371e038a79880085f424b2683f6154297f916026bef41f24bd88ba994c65d3f8e3241559c1d65141f02af04c197642b3724f180065446fde4f6c23f5f5dae369e366c95d634ba1ac56cbf9dc12328f74cd597167e0fdba91ada62660962519ce57dbd393984d5e12620525628259e79069a57bcde28b1914b61484d14d817ac344139f7cd3b919f3b962e99267d327b4eff86ef45a69f82b8eb6a37cd08762122b28ede92aa9dcc3d27182bab5bfea46ba0458974f8bb87866ab83665b8ad5d6e5c3d04e2c0f904dc5dd368d2411049b06aed164f5759bcf99bcb9b6b9818a3256edd47915420a7c4f29576dbac22b95e94805d0f040ae7b60249393505f74b2ce3761aab7855bcf534589836afafda2fac256290af19572044b5fc5fbea03db6702cbeafa9f2afcf65ea470d00f14cce37342c984ed60f8a3d46a4412ae8e6e6bda970c97d961bb45233580e251712ad3ddaa16fe489d9f7b08c6dd481e4652d555e2b680e59de6c3610b835921b7c46fa4e9d7440c8cf29e904090d30eeb774e891bc6619df08c0d3e40874385b35b536da29c872700580e754ab542d75babfed540ac689ebada1e13738b79fd898aae556dcc09ef5efd0c897d523016674d9e74900f41faa9d02e262817e6276253d3dafdf65c17a78c78de25845ff0da9e4b44efd0197b0f0ef2deab2a069b642c535c10f21e1f3970efc9126d1bca7d775a9376daef5920614f7b208023df9c4ec07420494f72dde183e7bc4e130f139fcbe17e1d99615a2cf009262b16525e88e5f68a1239746bbe0c92cec80669bca235f81bd3e23d80ade18170ddc89f62f4b8a648fd1b268c9839addfd63084a6a948d768249effcd92c32d70063f9c48c6e3367ba0aba0095b6e7dfa57e82d1a9ae885feabae964e7d1c8edd590715c25ec6668a800bd07b3ff93133366126ef97c11cca05e828d4562407515de7d24b2805703c21aa222f6780447309b092cce06681e8051a6702c10232ebffac17a6d1f21942729a5b0f60e5b3f8759960eba6677256d0af760b60ef62718d5786a4ca97ba394a3a12a79dc4955a7bb269ae905441453a9bfae30ce17183c72c0611377cb22bc566a8d1870dd2e17b0af9b6811191c34c59dfbfa2bfb974e05f18ab1a4d9d4674923530f4e9a9c0e0ada084b476b9709f5543f0bbe764ff888b32ffa5eb3ac80b1490b9e0d27514c13d3c51312b1a50ff8376f5e0ddc2304ad02e27a06b9f0172163471d2dd23f36cf04278afc9ae217640d59d00ba13edca66fcfafd0e2a4e83980e8ef25187d3f00895842d395e72225a6d8cc0632eb11688d350c2746c32c84e85c84f5febe59a7b2e24217de826bc064808f2c98cc7cd2b68573c8450592d12a659a05242c2bf0e978ef45a0ee0a30f8ae71c9f263a3cfa4dbb3e13090eddf8b0cf19d53917b364b232a3a0d766a1e8f4ecc5b03821d4783bf35ce5c10d4e2afaf7ef955fc3b3de9453afac0dc16cc0107800ad35eac8a36c4d8a5b0f872064006c3881e53ed4d03ab7f75f3d6e60efa14422d294d3c67b12cdd81186ac8ebf8fb4df84fad21b5309aa59396115b86535f2085cf2f538a1d98b12a54b64a071605879c79a11445ae4cdf282eabc9bd3706161dc034e0abe4eca5da653c15aeaab93aa9288dcf434229f2ff529fe30c019bc6f73c2659b8f6a8a3cd4815c8d49e605c56d4304e29b2e7d999adc90d1c81b188c7dd0f12437c3f50858f989d15d10a37770c4e3b0fb45033fc183fb07c36124762f2f9ccad5d0f6555be58feb748ac9e04ed35d9c62e9e47d5bde0ff606cc07f4212696ff86b0da3713dcf810c4175c6d0a2442d167451b5adecdc628b52cbcfa21815f70cb846546c9ef7f5cc8cf705db3a6aa84288e12b4fcb2e036966f605b9bf272955a75054eb19888a872973f09b82d0f852f29a2211956c04788a39b965108c2ff216441270c64277b6036bcffdb3e6eff32585b9da36998bd7f310317323c7a715c05fe1b90c85e4fd003654a0a9ce4fcab4303401716f3179edb677b0e9211672633c88a69be3512c17afa8ee58883a2d7e09cb5572580df043fc7e2889e8dd510c2cfe8389b4fa70639eef5af703ce266af73beb7796fc9a6fa105d8a5e8f49acf543116a0f069416515375fd031fa45f59fe2fb3ce08e958004b2d0fffeae56fb3ac59e98da65d7cce1b66df06c1112eabd258203999ff58cd0a26f9d1f26d3abe81a0ab37fad8cf0fcd0e3ce4406d", 0x2000, &(0x7f00000056c0)={&(0x7f0000000240)={0x50, 0x0, 0xf, {0x7, 0x2b, 0x7fffffff, 0x840, 0x200, 0xf, 0x6, 0x6, 0x0, 0x0, 0x20, 0x9}}, &(0x7f0000000180)={0x18, 0x0, 0x100000000, {0x1}}, &(0x7f00000002c0)={0x18, 0x0, 0x1, {0x3}}, &(0x7f0000000380)={0x18, 0xfffffffffffffffe, 0x66a5, {0x26}}, &(0x7f0000000400)={0x18, 0xb, 0xfffffffffffffff1, {0x3}}, &(0x7f00000024c0)={0x28, 0x0, 0xffffffff, {{0x5200, 0xffffffff, 0x3, r5}}}, &(0x7f0000002500)={0x60, 0xfffffffffffffff5, 0xffffffff, {{0x3, 0x7fff, 0x101, 0x1, 0x3, 0xfffffff9, 0x6}}}, &(0x7f0000002580)={0x18, 0x0, 0x8, {0x2}}, &(0x7f00000025c0)={0x15, 0x0, 0x6, {'\xaf/\'!\x00'}}, &(0x7f0000002600)={0x20, 0x0, 0x1, {0x0, 0x10}}, &(0x7f0000004680)={0x78, 0x0, 0x3, {0x7, 0x4, 0x0, {0x5, 0x2ca, 0x0, 0x5, 0x8, 0x9de, 0x6e, 0x8, 0xffe0000, 0x2000, 0x3, 0x0, 0x0, 0x1, 0x2}}}, &(0x7f0000004780)={0x90, 0x0, 0x2, {0x0, 0x0, 0x34, 0xd202, 0x401, 0x3, {0x2, 0x8, 0x9, 0x3, 0x7fffffff, 0x4, 0x5, 0x1, 0x40, 0x6000, 0x81000000, 0x0, 0xffffffffffffffff, 0xe, 0x4}}}, &(0x7f0000004840)=ANY=[@ANYBLOB="900000000000000005000000000000000100000000000000000000800100000002000000000000022d5b00000000000003000000000000000100000000000000040bf4d81ac4b1410b2d7d400000000004000000000000000700000000000000040000007f00000068746200000000000300000000000000f8ffffffffffffff0400000001feffff6270660000000000"], &(0x7f0000004ec0)=ANY=[@ANYBLOB="c00500000000000008000000000000000200000000000000010000000000000004000000000000000100000000000000e00000002b00000005000000000000000900000000000000feffffffffffffff0200000000000000ffffffffffffff7f050000000000000005000000080000004a0c00000080000009000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="0900000004000000000000000000000000000000ffffffffffffff7f03000000030000002d5c5c0000000000000000000000000003000000000000000900000000000000ffffffffffffffff0e000000ffffff7f030000000000000071ba00000000000080000000000000000100000000000000180400000000000005000000000000007f00000001feffffff0300040040000008000000", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="01000100080000000000000001000000000000000000000000000000010000000000000000000000000000000400000000000000000000000000000008000000000000007f000000000000000900000070000000000000000000000005000000000000000800000000000000c6ffffffffffffff0200000000000000ffffff7f0000000064a5ee71ffff0000080000000080000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="6700000008000000000000000100000000000000010100000000000009000000c6e600006d707463705f706d000000000000000004000000000000000000000000000000d30d000000000000020000000000000008000000f8dc00000000000000000000050000000000000004000000000000000f0000000000000005000000000000000200000000000000070000003bbdb0510400000000c0000006000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="030000000100000000000000040000000000000006000000000000000400000003000000687462000000000006000000000000000300000000000000c3070000000000000400000000000000090000000300000003000000000000000000000000000000010000000000000002000000000000000a0000000000000009000000000000000a00000008000000090000000020000008000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="7f0000006d0f000000000000010000000000000000800000000000000000000006000000060000000000000000000000000000000600000000000000070000000000000001000000ff00000000000000000000000600000000000000030000000000000002000000000000004a2d0000000000000100000000000000030000000a000000860000000060000007000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0600000022000000000000000200000000000000ff0f000000000000040000000300000068746200000000000400000000000000030000000000000000000000000000000000403c01000000010000000900000000000000000000006b000000000000000000010000000000000000000000000005000000000000000c0000000000000001000000e50500000000000000a00000b11e0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0300000080000000000000010000000000000001000000000000000000000004000000030000000000000001000000000000000300000000000000090000000000000080000000ff7f0000060000000000000002000000000000000700000000000000e602000000000000090c000000000000dbffffffffffffff7b00000005000000060000000040000008000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ce2d0000090000000000000003000000000000000200000000000080190000000300000073797374656d2e706f7369785f61636c5f64656661756c7400000000000000000600000000000000000000000000000006000000000000000500000000000000800000000500000002000000000000000008000000000000ffffffffffffffff03000000000000000c00000000000000680000000000000080000000000800000002000000000000a3e30000", @ANYRES32=0xee01, @ANYRES32, @ANYBLOB="00000000010000ad6031ea0cc4309a0000000000020000000000000004000000010000006270660000000000"], &(0x7f0000005480)={0xa0, 0x0, 0x81, {{0x3, 0x0, 0xb, 0xd22, 0xe6, 0x1, {0x3, 0xb66f, 0x7fffffffffffffff, 0x7fffffff, 0xd8, 0x4f8d, 0x200, 0x3, 0x6, 0x8000, 0xd6, 0x0, 0x0, 0x6, 0x7fff}}, {0x0, 0x1}}}, &(0x7f0000005540)={0x20, 0x0, 0x14d, {0xffff, 0x0, 0x4, 0x494}}, &(0x7f0000005580)={0x130, 0x0, 0x1, {0x1, 0xd, 0x0, '\x00', {0x200, 0x9692, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x7, 0x3c, 0x12000000000, 0x9, {0xffffffffffffffff, 0x4}, {0x5, 0xb0f}, {0xffffffffffffffff, 0x7f}, {0xad, 0xe}, 0x9, 0xd, 0x400, 0x4}}}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newtfilter={0x70, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x8}, {0xfff2}, {0xfff1, 0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0x44, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_vlan={0x30, 0x9, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0x70}}, 0x0)
socket$packet(0x11, 0x3, 0x300)

1.431947742s ago: executing program 6 (id=3891):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="7f454c46d2180f"], 0xa78)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x4, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x81)
r4 = socket$netlink(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x24008080}, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x6], 0x0, 0x0, 0x1}}, 0x40)
ioctl$USBDEVFS_RESETEP(r0, 0x80045503, 0xffffffffffffffff)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r10}, 0x10)

1.364992439s ago: executing program 1 (id=3892):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r2, &(0x7f0000000000)=0x2b00, 0x12)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x2040)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r6, 0xc0403d08, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r7, 0x4, 0x2)

334.580637ms ago: executing program 6 (id=3893):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r2, &(0x7f0000000000)=0x2b00, 0x12)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x2040)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r6, 0xc0403d08, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r7, 0x4, 0x2)

186.884807ms ago: executing program 5 (id=3894):
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
syz_open_dev$usbmon(&(0x7f0000000080), 0x6a2, 0x20000)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x0, 0x120004000000, 0x2, 0x500, 0x1, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x20000080000002}, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000004c0)={0x14, 0x6a, 0xfcdfa0f79c183163, 0x0, 0x25dfdbfc, "", [@generic="8ef5"]}, 0x14}], 0x1, 0x0, 0x0, 0x20048000}, 0x0)
r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x18c, r7, 0x600, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x4c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x2c, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9c}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x54}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1eb22245}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0xf4, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3d6f31ca}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x119a760c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7822be1c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7ed5}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6cb6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x87d8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xee3b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x74f38888}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f78ed8a}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x637c}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6247ad10}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x13a16b2d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2509}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbff1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7f6d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x41a4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4716}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x34a5a511}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5ceb3afc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x19d84d10}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x63a87ce3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6b6a0509}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfe4d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6a6ca214}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd3a6}]}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x34, r10, 0x1, 0x2, 0x0, {0x7}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xfffffffffffffffb}, @L2TP_ATTR_IFNAME={0x14}]}, 0x34}}, 0x0)
syz_emit_ethernet(0x4c, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c2000000ece65fbcee5586dd6001010000161100fe800000000000000000000000d7c894bd6c51ad8fff56f08a09e9a244000100000000000000000000000000000000aa00030e22001690780203000000000000ffb00afe4e70"], 0x0)

139.254169ms ago: executing program 0 (id=3895):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r2, &(0x7f0000000000)=0x2b00, 0x12)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x2040)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r6, 0xc0403d08, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r7, 0x4, 0x2)

0s ago: executing program 3 (id=3896):
syz_open_dev$sndpcmp(&(0x7f0000000100), 0x8, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffffffffbffc)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x3)
splice(r3, 0x0, r2, 0x0, 0x406f413, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000000300)=""/169, 0xa9)
read$msr(r4, &(0x7f0000019680)=""/102384, 0x18ff0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000880)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
getgroups(0x4, &(0x7f0000000640)=[0x0, 0x0, 0x0, r5])
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@newtaction={0x18, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x4}]}, 0x18}}, 0x2000a804)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x8, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x2, 0x1, 0xc8}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r8, 0x0, &(0x7f0000000500)=""/120}, 0x20)

kernel console output (not intermixed with test programs):

 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1385.083586][T20162] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1385.129384][T20162] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1385.167717][T20162] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1385.231478][T20162] usb 2-1: Product: syz
[ 1385.255527][T20162] usb 2-1: Manufacturer: syz
[ 1385.260148][T20162] usb 2-1: SerialNumber: syz
[ 1385.266140][T14423] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1385.301597][T20162] usb 2-1: config 0 descriptor??
[ 1385.318008][T20803] usb usb8: usbfs: process 20803 (syz.5.3290) did not claim interface 0 before use
[ 1385.330708][T20785] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1386.513530][T17483] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1386.558627][T20822] program syz.3.3294 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1386.833536][T17483] usb 7-1: Using ep0 maxpacket: 16
[ 1386.840767][T17483] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1386.860699][T17483] usb 7-1: config 0 has no interface number 0
[ 1386.882845][T17483] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1386.923632][T17483] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1386.953662][T17483] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1387.021496][T17483] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1387.035420][T17483] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1387.057845][T17483] usb 7-1: Product: syz
[ 1387.079879][T17483] usb 7-1: Manufacturer: syz
[ 1387.113408][T17483] usb 7-1: SerialNumber: syz
[ 1387.151208][T17483] usb 7-1: config 0 descriptor??
[ 1387.214241][T20818] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1387.354926][T20162] usb 2-1: USB disconnect, device number 43
[ 1390.566290][ T5978] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1390.916885][T20874] usb usb8: usbfs: process 20874 (syz.0.3302) did not claim interface 0 before use
[ 1391.583592][T12273] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1391.598844][T17483] usb 7-1: USB disconnect, device number 9
[ 1391.793869][T12273] usb 6-1: Using ep0 maxpacket: 16
[ 1391.976805][T14423] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1392.197043][T12273] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1392.225979][T12273] usb 6-1: config 0 has no interface number 0
[ 1392.240269][T12273] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1392.278513][T12273] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1392.332329][T12273] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1392.629566][T12273] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1392.641578][T12273] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1392.659733][T12273] usb 6-1: Product: syz
[ 1392.697768][T12273] usb 6-1: Manufacturer: syz
[ 1392.702703][T12273] usb 6-1: SerialNumber: syz
[ 1392.825761][T20904] netlink: 'syz.6.3308': attribute type 1 has an invalid length.
[ 1392.833690][T20904] netlink: 'syz.6.3308': attribute type 2 has an invalid length.
[ 1392.841446][T20904] netlink: 'syz.6.3308': attribute type 2 has an invalid length.
[ 1392.849259][T20904] netlink: 'syz.6.3308': attribute type 1 has an invalid length.
[ 1392.857044][T20904] netlink: 'syz.6.3308': attribute type 1 has an invalid length.
[ 1393.113155][T12273] usb 6-1: config 0 descriptor??
[ 1393.137142][T20878] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1393.433579][T12270] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 1394.273524][T12270] usb 4-1: Using ep0 maxpacket: 16
[ 1394.454528][T20915] netlink: 'syz.6.3310': attribute type 1 has an invalid length.
[ 1394.462345][T20915] netlink: 'syz.6.3310': attribute type 2 has an invalid length.
[ 1394.470194][T20915] netlink: 'syz.6.3310': attribute type 2 has an invalid length.
[ 1394.477994][T20915] netlink: 'syz.6.3310': attribute type 1 has an invalid length.
[ 1394.485780][T20915] netlink: 'syz.6.3310': attribute type 1 has an invalid length.
[ 1394.738854][T12270] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1394.761455][T12270] usb 4-1: config 0 has no interface number 0
[ 1395.047315][T12270] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1395.073809][T12270] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1395.099038][T12270] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1395.167269][T20921] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3311'.
[ 1395.962062][T12273] usb 6-1: USB disconnect, device number 10
[ 1396.263707][T17483] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1396.366815][T20938] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3314'.
[ 1396.738354][T12270] usb 4-1: string descriptor 0 read error: -71
[ 1396.779245][T12270] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1396.790423][T12270] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1396.824842][T12270] usb 4-1: config 0 descriptor??
[ 1396.830543][T12270] usb 4-1: can't set config #0, error -71
[ 1396.836389][T17483] usb 7-1: Using ep0 maxpacket: 16
[ 1396.881794][T17483] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1396.892934][T17483] usb 7-1: config 0 has no interface number 0
[ 1396.907352][T17483] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1396.977756][T12270] usb 4-1: USB disconnect, device number 56
[ 1397.032758][T17483] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1397.285544][T20946] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3316'.
[ 1397.313014][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1397.313027][   T30] audit: type=1326 audit(1765549104.524:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1397.405175][T17483] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1397.422336][T17483] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1397.431935][T17483] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1397.440119][T17483] usb 7-1: Product: syz
[ 1397.444377][T17483] usb 7-1: Manufacturer: syz
[ 1397.448973][T17483] usb 7-1: SerialNumber: syz
[ 1397.455334][T17483] usb 7-1: config 0 descriptor??
[ 1397.489583][T20931] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1397.519027][   T30] audit: type=1326 audit(1765549104.524:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1397.924733][   T30] audit: type=1326 audit(1765549104.524:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1397.959554][   T30] audit: type=1326 audit(1765549104.524:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1398.120158][   T30] audit: type=1326 audit(1765549104.524:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1398.148681][   T30] audit: type=1326 audit(1765549104.524:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1398.638603][   T30] audit: type=1326 audit(1765549104.524:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1398.694351][   T30] audit: type=1326 audit(1765549104.524:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1398.792279][   T30] audit: type=1326 audit(1765549104.524:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1398.961381][   T30] audit: type=1326 audit(1765549104.524:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20940 comm="syz.1.3312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1399.223608][T20162] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 1399.793486][T20162] usb 4-1: Using ep0 maxpacket: 16
[ 1399.824810][T20162] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1399.837647][T20162] usb 4-1: config 0 has no interface number 0
[ 1399.852629][T20162] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1399.886259][T17483] usb 7-1: USB disconnect, device number 10
[ 1399.970550][T20975] usb usb8: usbfs: process 20975 (syz.5.3321) did not claim interface 0 before use
[ 1400.005402][T20162] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1400.023502][T20162] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1400.061519][T20162] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1400.077530][T20162] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1400.103511][T20162] usb 4-1: Product: syz
[ 1400.107873][T20162] usb 4-1: Manufacturer: syz
[ 1400.118083][T20162] usb 4-1: SerialNumber: syz
[ 1400.158798][T20162] usb 4-1: config 0 descriptor??
[ 1400.539395][T20965] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1402.191497][T17483] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1402.465682][T17483] usb 2-1: Using ep0 maxpacket: 16
[ 1402.790856][T17483] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1402.815657][T17483] usb 2-1: config 0 has no interface number 0
[ 1402.828255][T17483] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1402.854352][T17483] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1402.897001][T17483] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1402.984753][T17483] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1402.994368][T17483] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1403.014818][T17483] usb 2-1: Product: syz
[ 1403.024090][T20162] usb 4-1: USB disconnect, device number 57
[ 1403.071789][T17483] usb 2-1: Manufacturer: syz
[ 1403.149489][T17483] usb 2-1: SerialNumber: syz
[ 1403.160010][T17483] usb 2-1: config 0 descriptor??
[ 1403.170825][T20992] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1404.643275][T21016] validate_nla: 5 callbacks suppressed
[ 1404.643309][T21016] netlink: 'syz.6.3331': attribute type 1 has an invalid length.
[ 1404.657006][T21016] netlink: 'syz.6.3331': attribute type 2 has an invalid length.
[ 1404.664823][T21016] netlink: 'syz.6.3331': attribute type 2 has an invalid length.
[ 1404.672593][T21016] netlink: 'syz.6.3331': attribute type 1 has an invalid length.
[ 1404.680389][T21016] netlink: 'syz.6.3331': attribute type 1 has an invalid length.
[ 1405.166355][T17483] usb 2-1: USB disconnect, device number 44
[ 1405.317688][T21028] usb usb8: usbfs: process 21028 (syz.6.3334) did not claim interface 0 before use
[ 1405.495348][T21030] usb usb8: usbfs: process 21030 (syz.1.3335) did not claim interface 0 before use
[ 1406.863532][T21045] netlink: 'syz.6.3339': attribute type 1 has an invalid length.
[ 1406.871326][T21045] netlink: 'syz.6.3339': attribute type 2 has an invalid length.
[ 1406.879210][T21045] netlink: 'syz.6.3339': attribute type 2 has an invalid length.
[ 1406.887097][T21045] netlink: 'syz.6.3339': attribute type 1 has an invalid length.
[ 1406.894995][T21045] netlink: 'syz.6.3339': attribute type 1 has an invalid length.
[ 1407.200212][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1407.200229][   T30] audit: type=1326 audit(1765549114.404:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.277754][   T30] audit: type=1326 audit(1765549114.404:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.368738][   T30] audit: type=1326 audit(1765549114.404:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.402897][   T30] audit: type=1326 audit(1765549114.404:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.438393][   T30] audit: type=1326 audit(1765549114.404:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.463739][   T30] audit: type=1326 audit(1765549114.404:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.672498][T21051] program syz.6.3341 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1407.843823][   T30] audit: type=1326 audit(1765549114.404:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.867519][   T30] audit: type=1326 audit(1765549114.404:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.891220][   T30] audit: type=1326 audit(1765549114.404:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1407.964113][T21053] usb usb8: usbfs: process 21053 (syz.1.3340) did not claim interface 0 before use
[ 1407.981711][   T30] audit: type=1326 audit(1765549114.404:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21037 comm="syz.3.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1409.021379][T21068] netlink: 220 bytes leftover after parsing attributes in process `syz.5.3343'.
[ 1410.963567][T17481] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1411.175450][T17481] usb 7-1: Using ep0 maxpacket: 16
[ 1411.340811][T17481] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1411.350315][T21090] usb usb8: usbfs: process 21090 (syz.5.3351) did not claim interface 0 before use
[ 1411.394731][T17481] usb 7-1: config 0 has no interface number 0
[ 1411.400988][T17481] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1411.468624][T17481] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1411.552595][T17481] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1411.573976][T20162] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 1411.621379][T17481] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1411.639942][T17481] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1411.669665][T17481] usb 7-1: Product: syz
[ 1411.679839][T17481] usb 7-1: Manufacturer: syz
[ 1411.692093][T17481] usb 7-1: SerialNumber: syz
[ 1411.776341][T17481] usb 7-1: config 0 descriptor??
[ 1411.782384][T21079] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1411.795668][T20162] usb 4-1: Using ep0 maxpacket: 16
[ 1411.864480][T20162] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1411.908378][T20162] usb 4-1: config 0 has no interface number 0
[ 1411.920658][T20162] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1412.057640][T20162] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1412.188308][T20162] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1412.487331][T20162] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1412.523515][T20162] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1412.551458][T20162] usb 4-1: Product: syz
[ 1412.656930][T20162] usb 4-1: Manufacturer: syz
[ 1412.704887][T20162] usb 4-1: SerialNumber: syz
[ 1412.724820][T20162] usb 4-1: config 0 descriptor??
[ 1412.783800][T21089] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1414.506940][T17481] usb 7-1: USB disconnect, device number 11
[ 1414.685701][T21131] usb usb8: usbfs: process 21131 (syz.5.3358) did not claim interface 0 before use
[ 1414.892308][T20162] usb 4-1: USB disconnect, device number 58
[ 1416.284417][T21163] debugfs: 'ptm80' already exists in 'caif_serial'
[ 1416.463536][T12282] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1416.756366][T21173] usb usb8: usbfs: process 21173 (syz.3.3364) did not claim interface 0 before use
[ 1416.789695][T12282] usb 2-1: Using ep0 maxpacket: 16
[ 1417.122685][T12282] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1417.137622][T12282] usb 2-1: config 0 has no interface number 0
[ 1417.151748][T12282] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1417.186847][T12282] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1417.226649][T12282] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1417.310869][T12282] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1417.320470][T12282] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1417.328747][T12282] usb 2-1: Product: syz
[ 1417.339084][T12282] usb 2-1: Manufacturer: syz
[ 1417.352849][T12282] usb 2-1: SerialNumber: syz
[ 1417.370739][T12282] usb 2-1: config 0 descriptor??
[ 1417.389693][T21161] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1417.621672][T21186] usb usb8: usbfs: process 21186 (syz.5.3365) did not claim interface 0 before use
[ 1419.783788][T12282] usb 2-1: USB disconnect, device number 45
[ 1421.905025][T21229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3372'.
[ 1422.510425][T21235] program syz.6.3373 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1422.571252][   T50] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1424.044131][T21265] usb usb8: usbfs: process 21265 (syz.3.3379) did not claim interface 0 before use
[ 1426.830359][   T30] kauditd_printk_skb: 14 callbacks suppressed
[ 1426.830374][   T30] audit: type=1326 audit(1765549134.034:2597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.160586][   T30] audit: type=1326 audit(1765549134.034:2598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.267045][   T30] audit: type=1326 audit(1765549134.034:2599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.431379][   T30] audit: type=1326 audit(1765549134.034:2600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.507955][T12268] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1427.713943][   T30] audit: type=1326 audit(1765549134.044:2601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.809710][   T30] audit: type=1326 audit(1765549134.044:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.861202][   T30] audit: type=1326 audit(1765549134.044:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1427.923645][T12268] usb 7-1: Using ep0 maxpacket: 16
[ 1427.931814][T12268] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1427.940725][T12268] usb 7-1: config 0 has no interface number 0
[ 1427.963107][T12268] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1427.988343][T12268] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1428.013527][   T30] audit: type=1326 audit(1765549134.044:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1428.199673][   T30] audit: type=1326 audit(1765549134.044:2605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1428.276116][T12268] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1428.366317][T12268] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1428.392552][   T30] audit: type=1326 audit(1765549134.044:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21275 comm="syz.0.3385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1428.416047][T12268] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1428.491004][T12268] usb 7-1: Product: syz
[ 1428.516873][T12268] usb 7-1: Manufacturer: syz
[ 1428.553241][T12268] usb 7-1: SerialNumber: syz
[ 1428.595572][T12268] usb 7-1: config 0 descriptor??
[ 1428.707314][T21279] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1429.673494][T17481] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1429.953618][T17481] usb 6-1: Using ep0 maxpacket: 32
[ 1429.996862][T17481] usb 6-1: config 32 has an invalid interface number: 85 but max is 0
[ 1430.123879][T17481] usb 6-1: config 32 has no interface number 0
[ 1430.170682][T12268] usb 7-1: USB disconnect, device number 12
[ 1430.237623][T21331] tmpfs: User quota block hardlimit too large.
[ 1430.361724][T17481] usb 6-1: config 32 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1430.543532][T17481] usb 6-1: config 32 interface 85 has no altsetting 0
[ 1430.595583][T17481] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1430.606667][T17481] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1430.631778][T17481] usb 6-1: Product: syz
[ 1430.636242][T17481] usb 6-1: Manufacturer: syz
[ 1430.646316][T17481] usb 6-1: SerialNumber: syz
[ 1431.245733][T17481] appletouch 6-1:32.85: Failed to read mode from device.
[ 1431.253121][T17481] appletouch 6-1:32.85: probe with driver appletouch failed with error -5
[ 1431.588708][T21357] debugfs: 'ptm80' already exists in 'caif_serial'
[ 1431.828278][T21362] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3400'.
[ 1432.454088][T17481] usb 6-1: USB disconnect, device number 11
[ 1432.503694][T12270] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1432.532919][T21368] validate_nla: 10 callbacks suppressed
[ 1432.532947][T21368] netlink: 'syz.6.3399': attribute type 1 has an invalid length.
[ 1432.547967][T21368] netlink: 'syz.6.3399': attribute type 2 has an invalid length.
[ 1432.555789][T21368] netlink: 'syz.6.3399': attribute type 2 has an invalid length.
[ 1432.563660][T21368] netlink: 'syz.6.3399': attribute type 1 has an invalid length.
[ 1432.571416][T21368] netlink: 'syz.6.3399': attribute type 1 has an invalid length.
[ 1432.983524][T12270] usb 4-1: Using ep0 maxpacket: 16
[ 1433.009830][T12270] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1433.028504][T12270] usb 4-1: config 0 has no interface number 0
[ 1433.119976][T21374] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3401'.
[ 1433.482423][T12270] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1433.787963][T12270] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1433.869963][T12270] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1433.918045][T12270] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1433.927362][T12270] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1434.107903][T12270] usb 4-1: Product: syz
[ 1434.543883][T12270] usb 4-1: Manufacturer: syz
[ 1434.548509][T12270] usb 4-1: SerialNumber: syz
[ 1434.577174][T12270] usb 4-1: config 0 descriptor??
[ 1434.751080][T21400] usb usb8: usbfs: process 21400 (syz.5.3404) did not claim interface 0 before use
[ 1434.886453][T21401] usb usb8: usbfs: process 21401 (syz.1.3406) did not claim interface 0 before use
[ 1435.253607][T12273] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1435.419187][T21406] program syz.0.3407 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1435.814161][T12273] usb 7-1: Using ep0 maxpacket: 16
[ 1435.886488][T12273] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1435.934199][T12273] usb 7-1: config 0 has no interface number 0
[ 1435.975896][T12273] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1435.994358][T12273] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1436.103793][T12270] usb 4-1: can't set config #0, error -71
[ 1436.117181][T12273] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1436.137705][T12270] usb 4-1: USB disconnect, device number 59
[ 1436.427683][T12273] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1436.440442][T12273] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1436.450527][T12273] usb 7-1: Product: syz
[ 1436.467292][T12273] usb 7-1: Manufacturer: syz
[ 1436.473302][T12273] usb 7-1: SerialNumber: syz
[ 1436.507177][T12273] usb 7-1: config 0 descriptor??
[ 1436.523347][T21418] tmpfs: User quota block hardlimit too large.
[ 1436.547747][T21399] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1437.680444][T21432] netlink: 220 bytes leftover after parsing attributes in process `syz.1.3411'.
[ 1437.743732][T12270] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1437.983831][T12270] usb 4-1: Using ep0 maxpacket: 16
[ 1438.021082][T12270] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1438.058494][T12270] usb 4-1: config 0 has no interface number 0
[ 1438.114986][T12270] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1438.227367][T12270] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1438.262413][T12273] usb 7-1: USB disconnect, device number 13
[ 1438.318285][T12270] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1438.353963][T21442] usb usb8: usbfs: process 21442 (syz.5.3413) did not claim interface 0 before use
[ 1438.421845][T12270] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1438.440182][T12270] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1438.463865][T12270] usb 4-1: Product: syz
[ 1438.470286][T12270] usb 4-1: Manufacturer: syz
[ 1438.492594][T12270] usb 4-1: SerialNumber: syz
[ 1438.589828][T12270] usb 4-1: config 0 descriptor??
[ 1438.624565][T21433] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1438.877070][T21449] program syz.0.3415 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1439.883528][T12273] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1440.054567][T12273] usb 2-1: Using ep0 maxpacket: 16
[ 1440.119919][T12273] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1440.236925][T12273] usb 2-1: config 0 has no interface number 0
[ 1440.264501][T12273] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1440.357665][T12273] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1440.435549][T12273] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1440.474681][T12273] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1440.492323][T12273] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1440.502651][T12273] usb 2-1: Product: syz
[ 1440.512051][T12273] usb 2-1: Manufacturer: syz
[ 1440.519427][T12273] usb 2-1: SerialNumber: syz
[ 1440.595150][T12273] usb 2-1: config 0 descriptor??
[ 1440.734704][T21464] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1441.164290][T14423] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1441.183799][T12268] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1441.350774][T12270] usb 4-1: USB disconnect, device number 60
[ 1441.516026][T12268] usb 6-1: Using ep0 maxpacket: 16
[ 1441.797544][T12268] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1441.805930][T12268] usb 6-1: config 0 has no interface number 0
[ 1441.812147][T12268] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1441.823513][T12268] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1441.835695][T12268] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1441.871151][T12268] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1441.880771][T12268] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1441.894196][T12268] usb 6-1: Product: syz
[ 1441.898474][T12268] usb 6-1: Manufacturer: syz
[ 1441.919353][T12268] usb 6-1: SerialNumber: syz
[ 1441.962553][T12268] usb 6-1: config 0 descriptor??
[ 1442.193313][T14423] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1442.203616][T14423] CPU: 1 UID: 0 PID: 14423 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1442.203651][T14423] Tainted: [L]=SOFTLOCKUP
[ 1442.203657][T14423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1442.203671][T14423] Workqueue: hci3 hci_rx_work
[ 1442.203702][T14423] Call Trace:
[ 1442.203709][T14423]  <TASK>
[ 1442.203717][T14423]  dump_stack_lvl+0x16c/0x1f0
[ 1442.203737][T14423]  sysfs_warn_dup+0x7f/0xa0
[ 1442.203760][T14423]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1442.203780][T14423]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1442.203815][T14423]  kobject_add_internal+0x2c4/0x9d0
[ 1442.203841][T14423]  kobject_add+0x16e/0x240
[ 1442.203864][T14423]  ? __pfx_kobject_add+0x10/0x10
[ 1442.203890][T14423]  ? kobject_put+0xaf/0x6f0
[ 1442.203908][T14423]  ? _raw_spin_unlock+0x3e/0x50
[ 1442.203943][T14423]  device_add+0x288/0x1980
[ 1442.203970][T14423]  ? __pfx_dev_set_name+0x10/0x10
[ 1442.203987][T14423]  ? __pfx_device_add+0x10/0x10
[ 1442.204013][T14423]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1442.204044][T14423]  hci_conn_add_sysfs+0x1a8/0x260
[ 1442.204062][T14423]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1442.204090][T14423]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1442.204114][T14423]  ? irqentry_exit+0x1dd/0x8c0
[ 1442.204129][T14423]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1442.204148][T14423]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1442.204177][T14423]  hci_le_meta_evt+0x357/0x610
[ 1442.204193][T14423]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1442.204219][T14423]  hci_event_packet+0x685/0x1210
[ 1442.204241][T14423]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1442.204258][T14423]  ? __pfx_hci_event_packet+0x10/0x10
[ 1442.204287][T14423]  ? kcov_remote_start+0x3a9/0x680
[ 1442.204314][T14423]  hci_rx_work+0x2c9/0x1020
[ 1442.204343][T14423]  process_one_work+0x9ba/0x1b20
[ 1442.204375][T14423]  ? __pfx_process_one_work+0x10/0x10
[ 1442.204404][T14423]  ? assign_work+0x1a0/0x250
[ 1442.204425][T14423]  worker_thread+0x6c8/0xf10
[ 1442.204451][T14423]  ? __kthread_parkme+0x19e/0x250
[ 1442.204467][T14423]  ? __pfx_worker_thread+0x10/0x10
[ 1442.204487][T14423]  kthread+0x3c5/0x780
[ 1442.204508][T14423]  ? __pfx_kthread+0x10/0x10
[ 1442.204530][T14423]  ? rcu_is_watching+0x12/0xc0
[ 1442.204546][T14423]  ? __pfx_kthread+0x10/0x10
[ 1442.204567][T14423]  ret_from_fork+0x983/0xb10
[ 1442.204588][T14423]  ? __pfx_ret_from_fork+0x10/0x10
[ 1442.204610][T14423]  ? __switch_to+0x7af/0x10d0
[ 1442.204635][T14423]  ? __pfx_kthread+0x10/0x10
[ 1442.204657][T14423]  ret_from_fork_asm+0x1a/0x30
[ 1442.204697][T14423]  </TASK>
[ 1442.204843][T14423] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1442.495961][T14423] Bluetooth: hci3: failed to register connection device
[ 1442.519268][T21478] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1442.904681][T21511] usb usb8: usbfs: process 21511 (syz.6.3424) did not claim interface 0 before use
[ 1443.350178][T12273] usb 2-1: USB disconnect, device number 46
[ 1443.621788][T21522] usb usb8: usbfs: process 21522 (syz.1.3426) did not claim interface 0 before use
[ 1444.116572][T12268] usb 6-1: USB disconnect, device number 12
[ 1444.563603][T18475] Bluetooth: hci3: command 0x0406 tx timeout
[ 1444.705804][T21535] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3428'.
[ 1445.174766][T12268] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1445.363577][T12268] usb 6-1: Using ep0 maxpacket: 16
[ 1445.455335][T21543] usb usb8: usbfs: process 21543 (syz.0.3429) did not claim interface 0 before use
[ 1445.674963][T12268] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1445.702902][T12268] usb 6-1: config 0 has no interface number 0
[ 1445.721316][T12268] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1445.756364][T12268] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1445.833477][T12273] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1445.858235][T12268] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1446.051280][T12268] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1446.553026][T12268] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1446.561131][T12268] usb 6-1: Product: syz
[ 1446.565366][T12268] usb 6-1: Manufacturer: syz
[ 1446.569991][T12268] usb 6-1: SerialNumber: syz
[ 1446.634415][T12268] usb 6-1: config 0 descriptor??
[ 1446.655042][T14423] Bluetooth: hci3: command 0x0406 tx timeout
[ 1446.788069][T21531] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1446.863527][T12273] usb 4-1: Using ep0 maxpacket: 16
[ 1446.905701][T12273] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1446.954744][T12273] usb 4-1: config 0 has no interface number 0
[ 1447.118970][T12273] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1447.230115][T12273] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1447.332729][T12273] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1447.399715][T12273] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1447.408952][T12273] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1447.417198][T12273] usb 4-1: Product: syz
[ 1447.421432][T12273] usb 4-1: Manufacturer: syz
[ 1447.428586][T12273] usb 4-1: SerialNumber: syz
[ 1447.452207][T12273] usb 4-1: config 0 descriptor??
[ 1447.466361][T21545] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1447.523607][T17481] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1447.693516][T17481] usb 7-1: Using ep0 maxpacket: 32
[ 1447.707025][T17481] usb 7-1: config 32 has an invalid interface number: 85 but max is 0
[ 1447.726148][T17481] usb 7-1: config 32 has no interface number 0
[ 1447.787632][T17481] usb 7-1: config 32 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1447.819688][T17481] usb 7-1: config 32 interface 85 has no altsetting 0
[ 1447.855352][T17481] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1447.866743][T17481] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1447.944327][T21568] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3434'.
[ 1447.957974][T17481] usb 7-1: Product: syz
[ 1447.971557][T17481] usb 7-1: Manufacturer: syz
[ 1447.987584][T17481] usb 7-1: SerialNumber: syz
[ 1448.340163][T17481] appletouch 7-1:32.85: Failed to read mode from device.
[ 1448.357246][T21576] usb usb8: usbfs: process 21576 (syz.1.3435) did not claim interface 0 before use
[ 1448.417178][T17481] appletouch 7-1:32.85: probe with driver appletouch failed with error -5
[ 1448.642156][T17481] usb 7-1: USB disconnect, device number 14
[ 1448.745706][T12268] usb 6-1: USB disconnect, device number 13
[ 1449.264695][T12273] usb 4-1: USB disconnect, device number 61
[ 1449.426922][T21592] usb usb8: usbfs: process 21592 (syz.6.3437) did not claim interface 0 before use
[ 1450.888758][T12273] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1451.054390][T21622] usb usb8: usbfs: process 21622 (syz.0.3442) did not claim interface 0 before use
[ 1451.117752][T12273] usb 4-1: Using ep0 maxpacket: 16
[ 1451.230760][T12273] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1451.239317][T12273] usb 4-1: config 0 has no interface number 0
[ 1451.280420][T12273] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1451.293631][T12282] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1451.321842][T12273] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1451.365830][T12273] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1451.427571][T12273] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1451.436749][T12273] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1451.468264][T12273] usb 4-1: Product: syz
[ 1451.473653][T12282] usb 2-1: Using ep0 maxpacket: 16
[ 1451.494085][T12273] usb 4-1: Manufacturer: syz
[ 1451.538618][T12273] usb 4-1: SerialNumber: syz
[ 1451.544184][T12282] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1451.546645][T12273] usb 4-1: config 0 descriptor??
[ 1451.565163][T12282] usb 2-1: config 0 has no interface number 0
[ 1451.575736][T21595] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1451.592862][T12282] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1451.632913][T12282] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1451.822524][T12282] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1451.885389][T12282] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1451.904917][T12282] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1451.933919][T12282] usb 2-1: Product: syz
[ 1451.949792][T12282] usb 2-1: Manufacturer: syz
[ 1451.966296][T12282] usb 2-1: SerialNumber: syz
[ 1452.025086][T12282] usb 2-1: config 0 descriptor??
[ 1452.058944][T21619] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1452.736879][T21642] usb usb8: usbfs: process 21642 (syz.5.3444) did not claim interface 0 before use
[ 1453.132568][T21652] usb usb8: usbfs: process 21652 (syz.0.3445) did not claim interface 0 before use
[ 1453.313591][T20162] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1453.573537][T20162] usb 7-1: Using ep0 maxpacket: 16
[ 1453.644875][T20162] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1453.665759][T20162] usb 7-1: config 0 has no interface number 0
[ 1453.676466][T20162] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1453.823494][T20162] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1453.887251][T20162] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1453.996354][T20162] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1454.052840][T20162] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1454.095170][T12273] usb 4-1: USB disconnect, device number 62
[ 1454.128681][T20162] usb 7-1: Product: syz
[ 1454.151784][T12282] usb 2-1: USB disconnect, device number 47
[ 1454.170090][T20162] usb 7-1: Manufacturer: syz
[ 1454.188450][T20162] usb 7-1: SerialNumber: syz
[ 1454.235488][T20162] usb 7-1: config 0 descriptor??
[ 1454.295747][T21651] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1454.348327][T21664] usb usb8: usbfs: process 21664 (syz.3.3447) did not claim interface 0 before use
[ 1454.440780][T21667] usb usb8: usbfs: process 21667 (syz.1.3448) did not claim interface 0 before use
[ 1454.563485][   T50] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1455.233041][T21675] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3450'.
[ 1456.303868][   T30] kauditd_printk_skb: 14 callbacks suppressed
[ 1456.303885][   T30] audit: type=1326 audit(1765549163.364:2621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1456.368474][   T30] audit: type=1326 audit(1765549163.364:2622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1456.461509][   T30] audit: type=1326 audit(1765549163.364:2623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1456.547993][   T30] audit: type=1326 audit(1765549163.364:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1456.649175][   T30] audit: type=1326 audit(1765549163.364:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1456.726056][   T30] audit: type=1326 audit(1765549163.364:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1456.879756][   T30] audit: type=1326 audit(1765549163.364:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1457.023974][   T30] audit: type=1326 audit(1765549163.364:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1457.048027][   T30] audit: type=1326 audit(1765549163.364:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1457.080342][   T30] audit: type=1326 audit(1765549163.364:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21679 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1457.716011][T20162] usb 7-1: USB disconnect, device number 15
[ 1458.567624][T21717] usb usb8: usbfs: process 21717 (syz.3.3456) did not claim interface 0 before use
[ 1459.112716][T21727] usb usb8: usbfs: process 21727 (syz.5.3457) did not claim interface 0 before use
[ 1459.149072][T21730] program syz.1.3459 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1459.263529][T12268] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[ 1459.444199][T12268] usb 7-1: Using ep0 maxpacket: 16
[ 1459.455183][T12268] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1459.476024][T12268] usb 7-1: config 0 has no interface number 0
[ 1459.499969][T12268] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1459.548259][T12268] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1459.620842][T12268] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1459.707752][T12268] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1459.745647][T12268] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1459.793550][T12268] usb 7-1: Product: syz
[ 1459.817687][T12268] usb 7-1: Manufacturer: syz
[ 1459.842554][T12268] usb 7-1: SerialNumber: syz
[ 1459.874893][T12268] usb 7-1: config 0 descriptor??
[ 1459.890984][T21743] usb usb8: usbfs: process 21743 (syz.5.3460) did not claim interface 0 before use
[ 1459.995791][T21744] program syz.0.3461 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1460.099504][T21725] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1461.261605][T21766] usb usb8: usbfs: process 21766 (syz.3.3463) did not claim interface 0 before use
[ 1462.426968][T12268] usb 7-1: USB disconnect, device number 16
[ 1462.944796][T18475] Bluetooth: hci3: Invalid handle: 0x20c9 > 0x0eff
[ 1463.199229][T21772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1463.206533][T21772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1463.599944][T21794] program syz.1.3468 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1464.060424][T21772] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1464.105752][T21772] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1464.208125][T21808] usb usb8: usbfs: process 21808 (syz.3.3470) did not claim interface 0 before use
[ 1464.480604][   T71] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1464.515060][   T71] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1464.834516][   T71] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1464.888081][   T71] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1464.906689][   T71] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1464.924602][   T71] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1464.934293][   T71] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1464.943239][   T71] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1466.143685][T18475] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[ 1466.157120][T18475] CPU: 0 UID: 0 PID: 18475 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1466.157153][T18475] Tainted: [L]=SOFTLOCKUP
[ 1466.157160][T18475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1466.157173][T18475] Workqueue: hci5 hci_rx_work
[ 1466.157205][T18475] Call Trace:
[ 1466.157211][T18475]  <TASK>
[ 1466.157219][T18475]  dump_stack_lvl+0x16c/0x1f0
[ 1466.157239][T18475]  sysfs_warn_dup+0x7f/0xa0
[ 1466.157261][T18475]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1466.157290][T18475]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1466.157308][T18475]  ? find_held_lock+0x2b/0x80
[ 1466.157342][T18475]  ? do_raw_spin_unlock+0x172/0x230
[ 1466.157369][T18475]  kobject_add_internal+0x2c4/0x9d0
[ 1466.157396][T18475]  kobject_add+0x16e/0x240
[ 1466.157419][T18475]  ? __pfx_kobject_add+0x10/0x10
[ 1466.157443][T18475]  ? kobject_put+0xaf/0x6f0
[ 1466.157460][T18475]  ? _raw_spin_unlock+0x28/0x50
[ 1466.157495][T18475]  device_add+0x288/0x1980
[ 1466.157522][T18475]  ? __pfx_dev_set_name+0x10/0x10
[ 1466.157541][T18475]  ? __pfx_device_add+0x10/0x10
[ 1466.157569][T18475]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1466.157604][T18475]  hci_conn_add_sysfs+0x1a8/0x260
[ 1466.157623][T18475]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1466.157656][T18475]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1466.157688][T18475]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1466.157721][T18475]  hci_le_meta_evt+0x357/0x610
[ 1466.157737][T18475]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1466.157767][T18475]  hci_event_packet+0x685/0x1210
[ 1466.157793][T18475]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1466.157810][T18475]  ? __pfx_hci_event_packet+0x10/0x10
[ 1466.157838][T18475]  ? kcov_remote_start+0x399/0x680
[ 1466.157857][T18475]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1466.157880][T18475]  hci_rx_work+0x2c9/0x1020
[ 1466.157909][T18475]  process_one_work+0x9ba/0x1b20
[ 1466.157941][T18475]  ? __pfx_process_one_work+0x10/0x10
[ 1466.157969][T18475]  ? assign_work+0x1a0/0x250
[ 1466.157992][T18475]  worker_thread+0x6c8/0xf10
[ 1466.158023][T18475]  ? __kthread_parkme+0x19e/0x250
[ 1466.158042][T18475]  ? __pfx_worker_thread+0x10/0x10
[ 1466.158064][T18475]  kthread+0x3c5/0x780
[ 1466.158084][T18475]  ? __pfx_kthread+0x10/0x10
[ 1466.158106][T18475]  ? rcu_is_watching+0x12/0xc0
[ 1466.158122][T18475]  ? __pfx_kthread+0x10/0x10
[ 1466.158145][T18475]  ret_from_fork+0x983/0xb10
[ 1466.158167][T18475]  ? __pfx_ret_from_fork+0x10/0x10
[ 1466.158187][T18475]  ? rcu_is_watching+0x12/0xc0
[ 1466.158204][T18475]  ? __switch_to+0x7af/0x10d0
[ 1466.158226][T18475]  ? __pfx_kthread+0x10/0x10
[ 1466.158248][T18475]  ret_from_fork_asm+0x1a/0x30
[ 1466.158296][T18475]  </TASK>
[ 1466.158321][T18475] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1466.473522][T18475] Bluetooth: hci5: failed to register connection device
[ 1466.857072][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1466.857105][   T30] audit: type=1400 audit(1765549174.064:2634): avc:  denied  { nlmsg_read } for  pid=21829 comm="syz.1.3475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1467.495331][T21834] program syz.0.3474 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1468.471864][T21858] program syz.6.3478 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1468.501890][T14423] Bluetooth: hci5: command 0x0405 tx timeout
[ 1468.827400][T21866] usb usb8: usbfs: process 21866 (syz.3.3479) did not claim interface 0 before use
[ 1470.055183][T21881] program syz.0.3481 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1470.065615][T12282] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1470.233468][T12282] usb 2-1: Using ep0 maxpacket: 16
[ 1470.249659][T12282] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1470.260620][T12282] usb 2-1: config 0 has no interface number 0
[ 1470.295971][T12282] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1470.320158][T12282] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1470.484564][T21889] program syz.3.3484 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1470.618637][T14423] Bluetooth: hci5: command 0x0405 tx timeout
[ 1470.621620][T12282] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1470.914781][T12282] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1470.925320][T12282] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1470.943614][T12282] usb 2-1: Product: syz
[ 1470.954013][T12282] usb 2-1: Manufacturer: syz
[ 1470.960043][T12282] usb 2-1: SerialNumber: syz
[ 1470.972299][T12282] usb 2-1: config 0 descriptor??
[ 1470.998099][T21870] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1471.133789][T20162] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1471.383387][T20162] usb 7-1: Using ep0 maxpacket: 16
[ 1471.907446][T20162] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1471.921324][T20162] usb 7-1: config 0 has no interface number 0
[ 1471.985967][T20162] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1471.997268][T20162] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1472.027803][T20162] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1472.155149][T21907] netlink: 'syz.3.3486': attribute type 1 has an invalid length.
[ 1472.162907][T21907] netlink: 'syz.3.3486': attribute type 2 has an invalid length.
[ 1472.170719][T21907] netlink: 'syz.3.3486': attribute type 2 has an invalid length.
[ 1472.178437][T21907] netlink: 'syz.3.3486': attribute type 1 has an invalid length.
[ 1472.186157][T21907] netlink: 'syz.3.3486': attribute type 1 has an invalid length.
[ 1472.277505][T20162] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1472.297325][T20162] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1472.315090][T20162] usb 7-1: Product: syz
[ 1472.347494][T20162] usb 7-1: Manufacturer: syz
[ 1472.389222][T20162] usb 7-1: SerialNumber: syz
[ 1472.423866][T20162] usb 7-1: config 0 descriptor??
[ 1472.445460][T21899] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1473.318473][   T30] audit: type=1326 audit(1765549180.534:2635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1473.463196][   T30] audit: type=1326 audit(1765549180.564:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1473.619577][   T30] audit: type=1326 audit(1765549180.564:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1473.673372][T12282] usb 2-1: USB disconnect, device number 48
[ 1473.781713][   T30] audit: type=1326 audit(1765549180.564:2638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1474.041472][T21934] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3489'.
[ 1474.448682][T21935] program syz.1.3490 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1474.581518][   T30] audit: type=1326 audit(1765549180.564:2639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1474.684330][   T30] audit: type=1326 audit(1765549180.564:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1474.733725][   T30] audit: type=1326 audit(1765549180.564:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1474.773534][   T30] audit: type=1326 audit(1765549180.564:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1474.833539][   T30] audit: type=1326 audit(1765549180.564:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1474.927613][T20162] usb 7-1: USB disconnect, device number 17
[ 1474.935292][   T30] audit: type=1326 audit(1765549180.564:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21910 comm="syz.5.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1475.932496][T21945] program syz.6.3492 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1476.493605][T12268] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1476.578312][T21966] usb usb8: usbfs: process 21966 (syz.0.3494) did not claim interface 0 before use
[ 1476.694488][T12268] usb 6-1: Using ep0 maxpacket: 16
[ 1476.840744][T12268] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1476.848947][T12268] usb 6-1: config 0 has no interface number 0
[ 1476.872140][T12268] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1476.937251][T12282] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1476.977664][T12268] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1477.153126][T12268] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1477.153453][T12282] usb 2-1: Using ep0 maxpacket: 16
[ 1477.348972][T12268] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1477.394165][T12268] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1477.402160][T12268] usb 6-1: Product: syz
[ 1477.463698][T12268] usb 6-1: Manufacturer: syz
[ 1477.470002][T12268] usb 6-1: SerialNumber: syz
[ 1477.499560][T12268] usb 6-1: config 0 descriptor??
[ 1477.512387][T21956] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1477.625579][T21971] program syz.6.3497 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1477.704326][T12282] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1477.986860][T12282] usb 2-1: config 0 has no interface number 0
[ 1478.056635][T12282] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1478.110315][T12282] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1478.196141][T12282] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1478.213467][T21984] netlink: 'syz.3.3495': attribute type 1 has an invalid length.
[ 1478.221335][T21984] netlink: 'syz.3.3495': attribute type 2 has an invalid length.
[ 1478.229258][T21984] netlink: 'syz.3.3495': attribute type 2 has an invalid length.
[ 1478.237778][T21984] netlink: 'syz.3.3495': attribute type 1 has an invalid length.
[ 1478.245726][T21984] netlink: 'syz.3.3495': attribute type 1 has an invalid length.
[ 1478.348392][T12282] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1478.493209][T12282] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1478.502402][T12282] usb 2-1: Product: syz
[ 1478.506772][T12282] usb 2-1: Manufacturer: syz
[ 1478.516556][T12282] usb 2-1: SerialNumber: syz
[ 1478.542373][T12282] usb 2-1: config 0 descriptor??
[ 1478.604102][T21964] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1480.228047][T12268] usb 6-1: USB disconnect, device number 14
[ 1480.349902][T12282] usb 2-1: USB disconnect, device number 49
[ 1481.213504][T12282] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1481.933477][T12282] usb 6-1: Using ep0 maxpacket: 16
[ 1482.076049][T12282] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1482.084525][T12282] usb 6-1: config 0 has no interface number 0
[ 1482.090660][T12282] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1482.146737][T12282] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1482.182103][T12282] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1482.198881][T22035] program syz.6.3505 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1482.388640][T12282] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1482.397760][T12282] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1482.407364][T12282] usb 6-1: Product: syz
[ 1482.411552][T12282] usb 6-1: Manufacturer: syz
[ 1482.417505][T12282] usb 6-1: SerialNumber: syz
[ 1482.426842][T12282] usb 6-1: config 0 descriptor??
[ 1482.883053][T22027] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1483.365611][T22057] netlink: 'syz.3.3508': attribute type 1 has an invalid length.
[ 1483.373533][T22057] netlink: 'syz.3.3508': attribute type 2 has an invalid length.
[ 1483.383388][T22057] netlink: 'syz.3.3508': attribute type 2 has an invalid length.
[ 1483.392345][T22057] netlink: 'syz.3.3508': attribute type 1 has an invalid length.
[ 1483.400209][T22057] netlink: 'syz.3.3508': attribute type 1 has an invalid length.
[ 1485.502592][T22084] netlink: 'syz.6.3514': attribute type 1 has an invalid length.
[ 1485.510566][T22084] netlink: 'syz.6.3514': attribute type 2 has an invalid length.
[ 1485.518518][T22084] netlink: 'syz.6.3514': attribute type 2 has an invalid length.
[ 1485.526388][T22084] netlink: 'syz.6.3514': attribute type 1 has an invalid length.
[ 1485.534192][T22084] netlink: 'syz.6.3514': attribute type 1 has an invalid length.
[ 1485.736067][T12282] usb 6-1: USB disconnect, device number 15
[ 1486.133596][T14423] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection
[ 1486.838237][T22101] tmpfs: User quota block hardlimit too large.
[ 1487.078154][T22109] usb usb8: usbfs: process 22109 (syz.6.3517) did not claim interface 0 before use
[ 1488.298980][T22125] program syz.1.3522 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1488.757068][T22130] netlink: 'syz.0.3521': attribute type 1 has an invalid length.
[ 1488.764910][T22130] netlink: 'syz.0.3521': attribute type 2 has an invalid length.
[ 1488.772663][T22130] netlink: 'syz.0.3521': attribute type 2 has an invalid length.
[ 1488.780518][T22130] netlink: 'syz.0.3521': attribute type 1 has an invalid length.
[ 1488.788363][T22130] netlink: 'syz.0.3521': attribute type 1 has an invalid length.
[ 1489.217709][T22134] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3523'.
[ 1491.344882][T12268] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1492.067692][T12268] usb 2-1: Using ep0 maxpacket: 16
[ 1492.084335][T12268] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1492.112851][T12268] usb 2-1: config 0 has no interface number 0
[ 1492.123081][T12268] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1492.134554][T12268] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1492.146505][T12268] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1492.188020][T12268] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1492.216310][T12268] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1492.225210][T12268] usb 2-1: Product: syz
[ 1492.229385][T12268] usb 2-1: Manufacturer: syz
[ 1492.234350][T12268] usb 2-1: SerialNumber: syz
[ 1492.244403][T12268] usb 2-1: config 0 descriptor??
[ 1492.374983][T22185] program syz.5.3533 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1492.384508][T22161] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1492.515744][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1492.515763][   T30] audit: type=1326 audit(1765549199.664:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1492.689902][   T30] audit: type=1326 audit(1765549199.664:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.157339][   T30] audit: type=1326 audit(1765549199.664:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.260309][   T30] audit: type=1326 audit(1765549199.664:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.312338][   T30] audit: type=1326 audit(1765549199.664:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.345772][   T30] audit: type=1326 audit(1765549199.664:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.483548][   T30] audit: type=1326 audit(1765549199.664:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.622931][   T30] audit: type=1326 audit(1765549199.664:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.717865][   T30] audit: type=1326 audit(1765549199.664:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1493.834442][T22198] program syz.3.3534 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1493.843732][   T30] audit: type=1326 audit(1765549199.664:2660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22175 comm="syz.3.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1494.231204][T22206] netlink: 220 bytes leftover after parsing attributes in process `syz.6.3535'.
[ 1494.711230][T12268] usb 2-1: USB disconnect, device number 50
[ 1495.151924][T22224] usb usb8: usbfs: process 22224 (syz.1.3537) did not claim interface 0 before use
[ 1495.390868][T22230] program syz.0.3539 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1496.101180][T22236] usb usb8: usbfs: process 22236 (syz.5.3540) did not claim interface 0 before use
[ 1496.657250][T14423] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1497.270321][T22249] tmpfs: User quota block hardlimit too large.
[ 1498.209396][T22257] netlink: 'syz.1.3546': attribute type 1 has an invalid length.
[ 1498.217202][T22257] netlink: 'syz.1.3546': attribute type 2 has an invalid length.
[ 1498.224979][T22257] netlink: 'syz.1.3546': attribute type 2 has an invalid length.
[ 1498.232674][T22257] netlink: 'syz.1.3546': attribute type 1 has an invalid length.
[ 1498.240388][T22257] netlink: 'syz.1.3546': attribute type 1 has an invalid length.
[ 1499.679124][T22279] usb usb8: usbfs: process 22279 (syz.5.3549) did not claim interface 0 before use
[ 1499.837738][T22280] netlink: 'syz.3.3552': attribute type 1 has an invalid length.
[ 1499.845663][T22280] netlink: 'syz.3.3552': attribute type 2 has an invalid length.
[ 1499.853500][T22280] netlink: 'syz.3.3552': attribute type 2 has an invalid length.
[ 1499.861241][T22280] netlink: 'syz.3.3552': attribute type 1 has an invalid length.
[ 1499.869071][T22280] netlink: 'syz.3.3552': attribute type 1 has an invalid length.
[ 1500.849589][T22290] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3553'.
[ 1501.847028][T22297] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3555'.
[ 1502.753869][T17481] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1502.883475][T22308] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65535 sclass=netlink_xfrm_socket pid=22308 comm=syz.0.3558
[ 1504.044143][T14423] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection
[ 1504.111231][T17481] usb 7-1: Using ep0 maxpacket: 16
[ 1504.284240][T17481] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1504.302763][T17481] usb 7-1: config 0 has no interface number 0
[ 1504.326833][T17481] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1504.355381][T17481] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1504.370920][T17481] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1504.408296][T17481] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1504.417925][T17481] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1504.454553][T17481] usb 7-1: Product: syz
[ 1504.463221][T17481] usb 7-1: Manufacturer: syz
[ 1504.557920][T22327] usb usb8: usbfs: process 22327 (syz.0.3562) did not claim interface 0 before use
[ 1504.624210][T17481] usb 7-1: SerialNumber: syz
[ 1504.772254][T22332] program syz.5.3563 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1504.856476][T17481] usb 7-1: config 0 descriptor??
[ 1504.861952][T22301] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1505.241007][T22345] netlink: 'syz.1.3561': attribute type 1 has an invalid length.
[ 1505.248942][T22345] netlink: 'syz.1.3561': attribute type 2 has an invalid length.
[ 1505.256823][T22345] netlink: 'syz.1.3561': attribute type 2 has an invalid length.
[ 1505.264649][T22345] netlink: 'syz.1.3561': attribute type 1 has an invalid length.
[ 1505.272404][T22345] netlink: 'syz.1.3561': attribute type 1 has an invalid length.
[ 1505.911354][T22350] program syz.5.3565 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1506.294009][T22354] netlink: 'syz.1.3566': attribute type 1 has an invalid length.
[ 1506.301865][T22354] netlink: 'syz.1.3566': attribute type 2 has an invalid length.
[ 1506.309698][T22354] netlink: 'syz.1.3566': attribute type 2 has an invalid length.
[ 1506.317563][T22354] netlink: 'syz.1.3566': attribute type 1 has an invalid length.
[ 1506.325424][T22354] netlink: 'syz.1.3566': attribute type 1 has an invalid length.
[ 1507.119087][T17481] usb 7-1: USB disconnect, device number 18
[ 1507.310486][T22371] usb usb8: usbfs: process 22371 (syz.1.3569) did not claim interface 0 before use
[ 1507.556178][T22380] usb usb8: usbfs: process 22380 (syz.3.3571) did not claim interface 0 before use
[ 1507.673477][T12268] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1507.700057][T22373] cgroup: fork rejected by pids controller in /syz3
[ 1507.837168][T12268] usb 6-1: Using ep0 maxpacket: 16
[ 1507.843012][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1507.843024][   T30] audit: type=1326 audit(1765549215.034:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1507.877494][T12268] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1507.889756][T12268] usb 6-1: config 0 has no interface number 0
[ 1507.901400][T12268] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1507.917257][T12268] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1507.948044][   T30] audit: type=1326 audit(1765549215.044:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1508.087664][T12268] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1508.109428][T12268] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1508.156495][T12268] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1508.217077][T12268] usb 6-1: Product: syz
[ 1508.255669][T12268] usb 6-1: Manufacturer: syz
[ 1508.282548][T12268] usb 6-1: SerialNumber: syz
[ 1508.313711][   T30] audit: type=1326 audit(1765549215.044:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1508.344286][T12268] usb 6-1: config 0 descriptor??
[ 1508.472511][T22372] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1508.526175][   T30] audit: type=1326 audit(1765549215.044:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1508.552315][   T30] audit: type=1326 audit(1765549215.044:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1508.822346][   T30] audit: type=1326 audit(1765549215.044:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1509.220583][   T30] audit: type=1326 audit(1765549215.044:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1509.280935][   T30] audit: type=1326 audit(1765549215.044:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1509.388774][   T30] audit: type=1326 audit(1765549215.044:2671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1509.526314][   T30] audit: type=1326 audit(1765549215.044:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22377 comm="syz.6.3573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2c1178f749 code=0x7ffc0000
[ 1509.758258][T22508] usb usb8: usbfs: process 22508 (syz.3.3575) did not claim interface 0 before use
[ 1510.288577][T12268] usb 6-1: USB disconnect, device number 16
[ 1510.648417][T22517] netlink: 220 bytes leftover after parsing attributes in process `syz.5.3578'.
[ 1511.625629][T22535] program syz.1.3582 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1511.747429][T22523] program syz.6.3577 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1511.829385][T22538] usb usb8: usbfs: process 22538 (syz.5.3581) did not claim interface 0 before use
[ 1511.914942][T22542] validate_nla: 5 callbacks suppressed
[ 1511.914954][T22542] netlink: 'syz.3.3583': attribute type 1 has an invalid length.
[ 1511.928614][T22542] netlink: 'syz.3.3583': attribute type 2 has an invalid length.
[ 1511.936340][T22542] netlink: 'syz.3.3583': attribute type 2 has an invalid length.
[ 1511.944076][T22542] netlink: 'syz.3.3583': attribute type 1 has an invalid length.
[ 1511.951762][T22542] netlink: 'syz.3.3583': attribute type 1 has an invalid length.
[ 1511.970965][T22544] usb usb8: usbfs: process 22544 (syz.0.3580) did not claim interface 0 before use
[ 1512.202377][T22554] usb usb8: usbfs: process 22554 (syz.3.3584) did not claim interface 0 before use
[ 1512.218456][T22555] usb usb8: usbfs: process 22555 (syz.6.3585) did not claim interface 0 before use
[ 1513.148921][T22566] tmpfs: User quota block hardlimit too large.
[ 1515.817312][T22599] netlink: 220 bytes leftover after parsing attributes in process `syz.5.3591'.
[ 1516.359383][T22604] netlink: 'syz.0.3594': attribute type 1 has an invalid length.
[ 1516.367267][T22604] netlink: 'syz.0.3594': attribute type 2 has an invalid length.
[ 1516.375064][T22604] netlink: 'syz.0.3594': attribute type 2 has an invalid length.
[ 1516.382756][T22604] netlink: 'syz.0.3594': attribute type 1 has an invalid length.
[ 1516.390482][T22604] netlink: 'syz.0.3594': attribute type 1 has an invalid length.
[ 1519.221556][T22627] program syz.5.3599 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1521.113225][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1521.113239][   T30] audit: type=1326 audit(1765549228.314:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1521.279793][T14423] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[ 1521.496004][T14423] CPU: 1 UID: 0 PID: 14423 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1521.496026][T14423] Tainted: [L]=SOFTLOCKUP
[ 1521.496031][T14423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1521.496040][T14423] Workqueue: hci5 hci_rx_work
[ 1521.496061][T14423] Call Trace:
[ 1521.496065][T14423]  <TASK>
[ 1521.496069][T14423]  dump_stack_lvl+0x16c/0x1f0
[ 1521.496083][T14423]  sysfs_warn_dup+0x7f/0xa0
[ 1521.496096][T14423]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1521.496108][T14423]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1521.496119][T14423]  ? find_held_lock+0x2b/0x80
[ 1521.496137][T14423]  ? do_raw_spin_unlock+0x172/0x230
[ 1521.496154][T14423]  kobject_add_internal+0x2c4/0x9d0
[ 1521.496170][T14423]  kobject_add+0x16e/0x240
[ 1521.496183][T14423]  ? __pfx_kobject_add+0x10/0x10
[ 1521.496204][T14423]  device_add+0x288/0x1980
[ 1521.496221][T14423]  ? __pfx_dev_set_name+0x10/0x10
[ 1521.496232][T14423]  ? __pfx_device_add+0x10/0x10
[ 1521.496247][T14423]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1521.496267][T14423]  hci_conn_add_sysfs+0x1a8/0x260
[ 1521.496279][T14423]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1521.496298][T14423]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1521.496316][T14423]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1521.496334][T14423]  hci_le_meta_evt+0x357/0x610
[ 1521.496344][T14423]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1521.496361][T14423]  hci_event_packet+0x685/0x1210
[ 1521.496377][T14423]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1521.496387][T14423]  ? __pfx_hci_event_packet+0x10/0x10
[ 1521.496405][T14423]  ? kcov_remote_start+0x3a9/0x680
[ 1521.496419][T14423]  hci_rx_work+0x2c9/0x1020
[ 1521.496437][T14423]  process_one_work+0x9ba/0x1b20
[ 1521.496456][T14423]  ? __pfx_process_one_work+0x10/0x10
[ 1521.496472][T14423]  ? assign_work+0x1a0/0x250
[ 1521.496486][T14423]  worker_thread+0x6c8/0xf10
[ 1521.496503][T14423]  ? __kthread_parkme+0x19e/0x250
[ 1521.496514][T14423]  ? __pfx_worker_thread+0x10/0x10
[ 1521.496527][T14423]  kthread+0x3c5/0x780
[ 1521.496539][T14423]  ? __pfx_kthread+0x10/0x10
[ 1521.496551][T14423]  ? rcu_is_watching+0x12/0xc0
[ 1521.496561][T14423]  ? __pfx_kthread+0x10/0x10
[ 1521.496573][T14423]  ret_from_fork+0x983/0xb10
[ 1521.496585][T14423]  ? __pfx_ret_from_fork+0x10/0x10
[ 1521.496597][T14423]  ? __switch_to+0x7af/0x10d0
[ 1521.496611][T14423]  ? __pfx_kthread+0x10/0x10
[ 1521.496623][T14423]  ret_from_fork_asm+0x1a/0x30
[ 1521.496645][T14423]  </TASK>
[ 1521.496659][T14423] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1521.761840][T14423] Bluetooth: hci5: failed to register connection device
[ 1521.885955][   T30] audit: type=1326 audit(1765549228.314:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1522.376955][   T30] audit: type=1326 audit(1765549228.314:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1522.703240][   T30] audit: type=1326 audit(1765549228.314:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1522.730541][   T30] audit: type=1326 audit(1765549228.324:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1522.765386][T22648] program syz.6.3605 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1522.795100][   T30] audit: type=1326 audit(1765549228.324:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1522.838871][   T30] audit: type=1326 audit(1765549228.324:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1522.931980][T22663] usb usb8: usbfs: process 22663 (syz.5.3608) did not claim interface 0 before use
[ 1523.103031][   T30] audit: type=1326 audit(1765549228.324:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1523.733753][   T30] audit: type=1326 audit(1765549228.324:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1523.817075][   T30] audit: type=1326 audit(1765549228.324:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22637 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca838f749 code=0x7ffc0000
[ 1523.906682][T18475] Bluetooth: hci5: command 0x0405 tx timeout
[ 1524.202815][T17481] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1524.297216][T22678] netlink: 'syz.0.3611': attribute type 1 has an invalid length.
[ 1524.305121][T22678] netlink: 'syz.0.3611': attribute type 2 has an invalid length.
[ 1524.312854][T22678] netlink: 'syz.0.3611': attribute type 2 has an invalid length.
[ 1524.320693][T22678] netlink: 'syz.0.3611': attribute type 1 has an invalid length.
[ 1524.328524][T22678] netlink: 'syz.0.3611': attribute type 1 has an invalid length.
[ 1524.632203][T17481] usb 4-1: no configurations
[ 1524.638715][T17481] usb 4-1: can't read configurations, error -22
[ 1524.779792][T22681] netlink: 220 bytes leftover after parsing attributes in process `syz.1.3612'.
[ 1525.163658][T17481] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1525.424261][T17481] usb 4-1: no configurations
[ 1525.479663][T22689] netlink: 'syz.1.3613': attribute type 1 has an invalid length.
[ 1525.487599][T22689] netlink: 'syz.1.3613': attribute type 2 has an invalid length.
[ 1525.495438][T22689] netlink: 'syz.1.3613': attribute type 2 has an invalid length.
[ 1525.503245][T22689] netlink: 'syz.1.3613': attribute type 1 has an invalid length.
[ 1525.511129][T22689] netlink: 'syz.1.3613': attribute type 1 has an invalid length.
[ 1525.674238][T17481] usb 4-1: can't read configurations, error -22
[ 1525.699797][T17481] usb usb4-port1: attempt power cycle
[ 1525.923736][T14423] Bluetooth: hci5: command 0x0405 tx timeout
[ 1526.218934][T22701] tmpfs: User quota block hardlimit too large.
[ 1526.369225][T22706] usb usb8: usbfs: process 22706 (syz.3.3616) did not claim interface 0 before use
[ 1527.235117][T22722] program syz.6.3619 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1527.633492][T12268] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1527.783478][T12268] usb 6-1: Using ep0 maxpacket: 16
[ 1527.790419][T12268] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1527.816431][T12268] usb 6-1: config 0 has no interface number 0
[ 1527.843092][T12268] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1527.878585][T12268] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1527.957227][T12268] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1528.243903][T12268] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1528.257717][T12268] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1528.278234][T12268] usb 6-1: Product: syz
[ 1528.282422][T12268] usb 6-1: Manufacturer: syz
[ 1528.321403][T12268] usb 6-1: SerialNumber: syz
[ 1528.352298][T12268] usb 6-1: config 0 descriptor??
[ 1528.372913][T22718] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1528.981039][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1528.981055][   T30] audit: type=1400 audit(1765549236.174:2688): avc:  denied  { bind } for  pid=22740 comm="syz.1.3623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1529.136344][T12268] usb 6-1: USB disconnect, device number 17
[ 1532.113068][T22872] bridge0: port 1(gretap0) entered blocking state
[ 1532.119594][T22872] bridge0: port 1(gretap0) entered disabled state
[ 1532.126167][T22872] gretap0: entered allmulticast mode
[ 1532.132170][T22872] gretap0: entered promiscuous mode
[ 1532.607732][T22878] program syz.3.3629 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1533.154095][T22891] validate_nla: 15 callbacks suppressed
[ 1533.154113][T22891] netlink: 'syz.0.3631': attribute type 1 has an invalid length.
[ 1533.167592][T22891] netlink: 'syz.0.3631': attribute type 2 has an invalid length.
[ 1533.175474][T22891] netlink: 'syz.0.3631': attribute type 2 has an invalid length.
[ 1533.183289][T22891] netlink: 'syz.0.3631': attribute type 1 has an invalid length.
[ 1533.191164][T22891] netlink: 'syz.0.3631': attribute type 1 has an invalid length.
[ 1535.185159][T22924] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3637'.
[ 1537.525534][T22935] bridge0: port 1(gretap0) entered blocking state
[ 1537.532274][T22935] bridge0: port 1(gretap0) entered disabled state
[ 1537.539345][T22935] gretap0: entered allmulticast mode
[ 1537.553124][T22935] gretap0: entered promiscuous mode
[ 1539.345477][T22945] usb usb8: usbfs: process 22945 (syz.0.3640) did not claim interface 0 before use
[ 1545.123743][T12282] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1545.248370][T23012] usb usb8: usbfs: process 23012 (syz.1.3649) did not claim interface 0 before use
[ 1545.614234][T12282] usb 6-1: no configurations
[ 1545.618974][T12282] usb 6-1: can't read configurations, error -22
[ 1545.754651][T23015] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3651'.
[ 1546.223604][T12282] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1546.325780][T23020] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3652'.
[ 1546.574147][T12282] usb 6-1: no configurations
[ 1546.580756][T12282] usb 6-1: can't read configurations, error -22
[ 1546.910609][T12282] usb usb6-port1: attempt power cycle
[ 1547.383527][T12282] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1547.603485][T12282] usb 6-1: device not accepting address 20, error -71
[ 1547.680026][T23110] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3655'.
[ 1548.997948][T23143] usb usb8: usbfs: process 23143 (syz.1.3658) did not claim interface 0 before use
[ 1549.096857][T23146] tmpfs: User quota block hardlimit too large.
[ 1549.133639][T17481] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1549.343467][T17481] usb 4-1: Using ep0 maxpacket: 16
[ 1549.359056][T17481] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1549.368931][T17481] usb 4-1: config 0 has no interface number 0
[ 1549.383492][T17481] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1549.395020][T17481] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1549.413840][T17481] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1549.428842][T17481] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1549.438368][T17481] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1549.458254][T17481] usb 4-1: Product: syz
[ 1549.465092][T17481] usb 4-1: Manufacturer: syz
[ 1549.473542][T17481] usb 4-1: SerialNumber: syz
[ 1550.461891][T17481] usb 4-1: config 0 descriptor??
[ 1550.482973][T23141] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1550.860913][T17481] usb 4-1: USB disconnect, device number 66
[ 1551.834153][T23187] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1554.031316][T23215] netlink: 220 bytes leftover after parsing attributes in process `syz.5.3668'.
[ 1555.707576][T23232] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3672'.
[ 1556.416091][T12282] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1556.641068][T23240] program syz.0.3674 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1556.803457][T12282] usb 7-1: Using ep0 maxpacket: 16
[ 1556.814478][T12282] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1556.977241][T12282] usb 7-1: config 0 has no interface number 0
[ 1557.938561][T12282] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1557.957091][T12282] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1558.271653][T12282] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1558.522519][T23255] tmpfs: User quota block hardlimit too large.
[ 1558.730270][T23261] usb usb8: usbfs: process 23261 (syz.5.3678) did not claim interface 0 before use
[ 1558.833843][T23262] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3677'.
[ 1559.926437][T23273] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3679'.
[ 1560.583718][T12282] usb 7-1: string descriptor 0 read error: -71
[ 1560.603588][T12282] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1560.623554][T12282] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1560.653803][T12282] usb 7-1: config 0 descriptor??
[ 1560.673414][T12282] usb 7-1: can't set config #0, error -71
[ 1560.887775][T12282] usb 7-1: USB disconnect, device number 19
[ 1561.061852][T23287] bridge0: port 3(gretap0) entered blocking state
[ 1561.068781][T23287] bridge0: port 3(gretap0) entered disabled state
[ 1561.076025][T23287] gretap0: entered allmulticast mode
[ 1561.087219][T23287] gretap0: entered promiscuous mode
[ 1563.799454][T23301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3682'.
[ 1568.150225][T23314] netlink: 'syz.5.3685': attribute type 1 has an invalid length.
[ 1568.158076][T23314] netlink: 'syz.5.3685': attribute type 2 has an invalid length.
[ 1568.166047][T23314] netlink: 'syz.5.3685': attribute type 2 has an invalid length.
[ 1568.173990][T23314] netlink: 'syz.5.3685': attribute type 1 has an invalid length.
[ 1568.181761][T23314] netlink: 'syz.5.3685': attribute type 1 has an invalid length.
[ 1568.937727][T23330] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3689'.
[ 1570.120904][T23343] netlink: 'syz.0.3691': attribute type 1 has an invalid length.
[ 1570.128873][T23343] netlink: 'syz.0.3691': attribute type 2 has an invalid length.
[ 1570.136722][T23343] netlink: 'syz.0.3691': attribute type 2 has an invalid length.
[ 1570.144598][T23343] netlink: 'syz.0.3691': attribute type 1 has an invalid length.
[ 1570.152346][T23343] netlink: 'syz.0.3691': attribute type 1 has an invalid length.
[ 1572.663457][T17050] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1573.354011][T17050] usb 7-1: no configurations
[ 1573.358646][T17050] usb 7-1: can't read configurations, error -22
[ 1573.553675][T17050] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1574.274626][T17050] usb 7-1: no configurations
[ 1574.279497][T17050] usb 7-1: can't read configurations, error -22
[ 1574.321851][T23399] usb usb8: usbfs: process 23399 (syz.0.3699) did not claim interface 0 before use
[ 1574.355384][T17050] usb usb7-port1: attempt power cycle
[ 1574.967511][T23406] program syz.3.3701 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1576.480004][T23431] program syz.6.3707 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1579.838546][T23580] program syz.1.3713 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1583.658802][T23636] netlink: 'syz.1.3720': attribute type 1 has an invalid length.
[ 1583.666744][T23636] netlink: 'syz.1.3720': attribute type 2 has an invalid length.
[ 1583.674617][T23636] netlink: 'syz.1.3720': attribute type 2 has an invalid length.
[ 1583.682362][T23636] netlink: 'syz.1.3720': attribute type 1 has an invalid length.
[ 1583.690352][T23636] netlink: 'syz.1.3720': attribute type 1 has an invalid length.
[ 1584.069753][T23642] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3722'.
[ 1585.232171][T12268] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1585.347679][T23660] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3725'.
[ 1585.853553][T12268] usb 2-1: Using ep0 maxpacket: 16
[ 1586.142019][T12268] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1586.197664][T12268] usb 2-1: config 0 has no interface number 0
[ 1586.208491][T12268] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1586.221128][T12268] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1586.477980][T12268] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1586.620449][T12268] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1586.639804][T12268] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1586.670488][T12268] usb 2-1: Product: syz
[ 1586.691905][T12268] usb 2-1: Manufacturer: syz
[ 1587.107283][T12268] usb 2-1: SerialNumber: syz
[ 1587.116111][T12268] usb 2-1: config 0 descriptor??
[ 1587.122355][T23649] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1588.043481][T17481] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1588.412897][T17481] usb 7-1: Using ep0 maxpacket: 16
[ 1588.496164][T17481] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1588.526264][T17481] usb 7-1: config 0 has no interface number 0
[ 1588.558697][T17481] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1588.685447][T23706] program syz.3.3733 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1588.865735][T17481] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1588.908691][T17481] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1588.939630][T23705] usb usb8: usbfs: process 23705 (syz.0.3732) did not claim interface 0 before use
[ 1588.965300][T12268] usb 2-1: USB disconnect, device number 51
[ 1589.052937][T17481] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1589.355074][T17481] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1589.427813][T17481] usb 7-1: Product: syz
[ 1589.432005][T17481] usb 7-1: Manufacturer: syz
[ 1589.542639][T17481] usb 7-1: SerialNumber: syz
[ 1589.587251][T17481] usb 7-1: config 0 descriptor??
[ 1589.592817][T23690] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1590.779689][T23731] usb usb8: usbfs: process 23731 (syz.3.3736) did not claim interface 0 before use
[ 1592.097910][T17481] usb 7-1: USB disconnect, device number 23
[ 1593.622290][T23780] usb usb8: usbfs: process 23780 (syz.3.3742) did not claim interface 0 before use
[ 1595.073538][T12273] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1595.283567][T12273] usb 2-1: Using ep0 maxpacket: 16
[ 1595.295234][T12273] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1595.304055][T12273] usb 2-1: config 0 has no interface number 0
[ 1595.383641][T12273] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1595.422447][T12273] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1595.452717][T12273] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1595.510332][T12273] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1595.519500][T12273] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1595.528024][T12273] usb 2-1: Product: syz
[ 1595.532238][T12273] usb 2-1: Manufacturer: syz
[ 1595.538942][T12273] usb 2-1: SerialNumber: syz
[ 1595.870389][T12273] usb 2-1: config 0 descriptor??
[ 1596.020131][T23791] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1596.029723][T23807] usb usb8: usbfs: process 23807 (syz.0.3747) did not claim interface 0 before use
[ 1596.901943][T23819] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3749'.
[ 1598.853920][T12273] usb 2-1: can't set config #0, error -71
[ 1598.899124][T12273] usb 2-1: USB disconnect, device number 52
[ 1599.699240][T23857] usb usb8: usbfs: process 23857 (syz.1.3754) did not claim interface 0 before use
[ 1600.240605][T23865] program syz.3.3757 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1603.902485][T17050] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1604.117725][T17050] usb 2-1: Using ep0 maxpacket: 16
[ 1604.132247][T17050] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1604.140778][T17050] usb 2-1: config 0 has no interface number 0
[ 1604.157190][T17050] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1604.317214][T17050] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1604.342936][T17050] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1604.732497][T17050] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1604.741598][T17050] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1604.752255][T17050] usb 2-1: Product: syz
[ 1604.762394][T17050] usb 2-1: Manufacturer: syz
[ 1604.772530][T17050] usb 2-1: SerialNumber: syz
[ 1604.778529][T17050] usb 2-1: config 0 descriptor??
[ 1605.280026][T23910] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1606.579863][T17050] usb 2-1: USB disconnect, device number 53
[ 1606.941426][T23968] usb usb8: usbfs: process 23968 (syz.5.3773) did not claim interface 0 before use
[ 1607.064931][   T30] audit: type=1326 audit(1765549314.284:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1607.327202][   T30] audit: type=1326 audit(1765549314.314:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1607.400534][   T30] audit: type=1326 audit(1765549314.314:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1607.462853][T23977] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3774'.
[ 1608.053457][T17481] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1608.183848][   T30] audit: type=1326 audit(1765549314.314:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1608.277965][   T30] audit: type=1326 audit(1765549314.314:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1608.384761][T17481] usb 2-1: Using ep0 maxpacket: 16
[ 1608.396560][T17481] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1608.421358][   T30] audit: type=1326 audit(1765549314.314:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1608.445415][T17481] usb 2-1: config 0 has no interface number 0
[ 1608.523538][T17481] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1608.723523][T17481] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1608.773109][T17481] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1608.834184][T23991] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3775'.
[ 1609.198116][   T30] audit: type=1326 audit(1765549314.314:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1609.228170][   T30] audit: type=1326 audit(1765549314.314:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1609.256501][T17481] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1609.271064][T17481] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1609.285372][T17481] usb 2-1: Product: syz
[ 1609.290653][   T30] audit: type=1326 audit(1765549314.314:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1609.315037][T17481] usb 2-1: Manufacturer: syz
[ 1609.322589][T17481] usb 2-1: SerialNumber: syz
[ 1609.338591][T17481] usb 2-1: config 0 descriptor??
[ 1609.433808][   T30] audit: type=1326 audit(1765549314.314:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23959 comm="syz.3.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49f6d8f749 code=0x7ffc0000
[ 1609.463939][T23976] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1609.673612][T23999] usb usb8: usbfs: process 23999 (syz.6.3776) did not claim interface 0 before use
[ 1610.097830][T17481] usb 2-1: USB disconnect, device number 54
[ 1610.565652][T24011] usb usb8: usbfs: process 24011 (syz.3.3778) did not claim interface 0 before use
[ 1611.290077][T24018] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3780'.
[ 1611.505414][T24014] cgroup: fork rejected by pids controller in /syz0
[ 1612.000124][T24128] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3781'.
[ 1613.470377][T24141] usb usb8: usbfs: process 24141 (syz.5.3783) did not claim interface 0 before use
[ 1618.118915][   T30] audit: type=1326 audit(1765549324.864:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24173 comm="syz.1.3789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1618.326290][   T30] audit: type=1326 audit(1765549324.864:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24173 comm="syz.1.3789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa814f8f749 code=0x7ffc0000
[ 1618.992869][T24198] bridge0: port 3(gretap0) entered blocking state
[ 1619.002870][T24198] bridge0: port 3(gretap0) entered disabled state
[ 1619.009446][T24198] gretap0: entered allmulticast mode
[ 1619.015776][T24198] gretap0: entered promiscuous mode
[ 1619.743897][T24214] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3794'.
[ 1620.653638][T12271] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1620.914094][T24228] usb usb8: usbfs: process 24228 (syz.5.3797) did not claim interface 0 before use
[ 1621.065620][T12271] usb 2-1: Using ep0 maxpacket: 16
[ 1621.215254][T12271] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1621.603487][T12271] usb 2-1: config 0 has no interface number 0
[ 1621.613593][T12271] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1621.650004][T12271] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1621.973669][T12271] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1622.054432][T24343] usb usb8: usbfs: process 24343 (syz.6.3799) did not claim interface 0 before use
[ 1622.120413][T12271] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1622.129995][T12271] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1622.138205][T12271] usb 2-1: Product: syz
[ 1622.142440][T12271] usb 2-1: Manufacturer: syz
[ 1622.147282][T12271] usb 2-1: SerialNumber: syz
[ 1622.272743][T12271] usb 2-1: config 0 descriptor??
[ 1622.296484][T24209] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1622.843241][T12271] usb 2-1: USB disconnect, device number 55
[ 1623.937107][   T30] audit: type=1326 audit(1765549331.064:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1624.492411][   T30] audit: type=1326 audit(1765549331.064:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1624.524890][   T30] audit: type=1326 audit(1765549331.074:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1624.563584][   T30] audit: type=1326 audit(1765549331.074:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1624.763468][   T30] audit: type=1326 audit(1765549331.074:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1624.886575][   T30] audit: type=1326 audit(1765549331.074:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1625.434076][T24487] usb usb8: usbfs: process 24487 (syz.3.3806) did not claim interface 0 before use
[ 1625.493519][   T30] audit: type=1326 audit(1765549331.074:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1625.536141][   T30] audit: type=1326 audit(1765549331.074:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1625.575714][T17481] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[ 1625.669180][   T30] audit: type=1326 audit(1765549331.074:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1625.725078][   T30] audit: type=1326 audit(1765549331.074:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24365 comm="syz.5.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb44778f749 code=0x7ffc0000
[ 1625.853458][T17481] usb 7-1: Using ep0 maxpacket: 16
[ 1625.867369][T17481] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1625.875932][T17481] usb 7-1: config 0 has no interface number 0
[ 1625.927898][T17481] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1626.103511][T12270] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1626.174781][T24501] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3809'.
[ 1626.489444][T17481] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1626.501088][T17481] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1626.661026][T17481] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1626.673929][T12270] usb 2-1: Using ep0 maxpacket: 16
[ 1626.682670][T12270] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1626.773309][T12270] usb 2-1: config 0 has no interface number 0
[ 1626.813419][T12270] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1626.896836][T12270] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1627.157306][T17481] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1627.197787][T12270] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1627.219920][T17481] usb 7-1: Product: syz
[ 1627.383454][T17481] usb 7-1: Manufacturer: syz
[ 1627.388162][T17481] usb 7-1: SerialNumber: syz
[ 1627.494276][T24516] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3811'.
[ 1627.832783][T12270] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1627.891230][T17481] usb 7-1: config 0 descriptor??
[ 1627.917647][T12270] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1627.946898][T12270] usb 2-1: Product: syz
[ 1627.975434][T12270] usb 2-1: Manufacturer: syz
[ 1628.006071][T12270] usb 2-1: SerialNumber: syz
[ 1628.158685][T12270] usb 2-1: config 0 descriptor??
[ 1628.267526][T24497] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1628.461487][T24528] usb usb8: usbfs: process 24528 (syz.5.3812) did not claim interface 0 before use
[ 1628.639436][T17481] usb 7-1: can't set config #0, error -71
[ 1628.675981][T17481] usb 7-1: USB disconnect, device number 24
[ 1628.707541][T24532] usb usb8: usbfs: process 24532 (syz.3.3813) did not claim interface 0 before use
[ 1629.848677][T24547] usb usb8: usbfs: process 24547 (syz.0.3815) did not claim interface 0 before use
[ 1629.973544][T12270] usb 2-1: USB disconnect, device number 56
[ 1631.441082][T24566] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3818'.
[ 1632.660724][T18475] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1632.670939][T18475] CPU: 1 UID: 0 PID: 18475 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1632.670969][T18475] Tainted: [L]=SOFTLOCKUP
[ 1632.670975][T18475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1632.670986][T18475] Workqueue: hci3 hci_rx_work
[ 1632.671014][T18475] Call Trace:
[ 1632.671021][T18475]  <TASK>
[ 1632.671027][T18475]  dump_stack_lvl+0x16c/0x1f0
[ 1632.671039][T18475]  sysfs_warn_dup+0x7f/0xa0
[ 1632.671052][T18475]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1632.671064][T18475]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1632.671074][T18475]  ? find_held_lock+0x2b/0x80
[ 1632.671094][T18475]  ? do_raw_spin_unlock+0x172/0x230
[ 1632.671111][T18475]  kobject_add_internal+0x2c4/0x9d0
[ 1632.671125][T18475]  kobject_add+0x16e/0x240
[ 1632.671139][T18475]  ? __pfx_kobject_add+0x10/0x10
[ 1632.671154][T18475]  ? kobject_put+0xaf/0x6f0
[ 1632.671165][T18475]  ? _raw_spin_unlock+0x3e/0x50
[ 1632.671184][T18475]  device_add+0x288/0x1980
[ 1632.671200][T18475]  ? __pfx_dev_set_name+0x10/0x10
[ 1632.671211][T18475]  ? __pfx_device_add+0x10/0x10
[ 1632.671226][T18475]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1632.671246][T18475]  hci_conn_add_sysfs+0x1a8/0x260
[ 1632.671257][T18475]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1632.671281][T18475]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1632.671301][T18475]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1632.671321][T18475]  hci_le_meta_evt+0x357/0x610
[ 1632.671331][T18475]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1632.671349][T18475]  hci_event_packet+0x685/0x1210
[ 1632.671365][T18475]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1632.671377][T18475]  ? __pfx_hci_event_packet+0x10/0x10
[ 1632.671396][T18475]  ? kcov_remote_start+0x3a9/0x680
[ 1632.671412][T18475]  hci_rx_work+0x2c9/0x1020
[ 1632.671430][T18475]  process_one_work+0x9ba/0x1b20
[ 1632.671449][T18475]  ? __pfx_process_one_work+0x10/0x10
[ 1632.671466][T18475]  ? assign_work+0x1a0/0x250
[ 1632.671479][T18475]  worker_thread+0x6c8/0xf10
[ 1632.671499][T18475]  ? __pfx_worker_thread+0x10/0x10
[ 1632.671513][T18475]  kthread+0x3c5/0x780
[ 1632.671526][T18475]  ? __pfx_kthread+0x10/0x10
[ 1632.671539][T18475]  ? rcu_is_watching+0x12/0xc0
[ 1632.671549][T18475]  ? __pfx_kthread+0x10/0x10
[ 1632.671561][T18475]  ret_from_fork+0x983/0xb10
[ 1632.671573][T18475]  ? __pfx_ret_from_fork+0x10/0x10
[ 1632.671585][T18475]  ? rcu_is_watching+0x12/0xc0
[ 1632.671594][T18475]  ? __switch_to+0x7af/0x10d0
[ 1632.671607][T18475]  ? __pfx_kthread+0x10/0x10
[ 1632.671619][T18475]  ret_from_fork_asm+0x1a/0x30
[ 1632.671642][T18475]  </TASK>
[ 1632.673094][T18475] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1632.928382][T18475] Bluetooth: hci3: failed to register connection device
[ 1633.604047][T17481] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[ 1633.913473][T17481] usb 6-1: Using ep0 maxpacket: 16
[ 1634.017306][T17481] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1634.033960][T17481] usb 6-1: config 0 has no interface number 0
[ 1634.443439][T17481] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1634.481158][T17481] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1635.585628][T14423] Bluetooth: hci3: command 0x0406 tx timeout
[ 1635.818894][T17481] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1635.830948][T17481] usb 6-1: string descriptor 0 read error: -71
[ 1635.837216][T17481] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1636.646822][T17481] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1636.788180][T17481] usb 6-1: config 0 descriptor??
[ 1636.915045][T24623] usb usb8: usbfs: process 24623 (syz.5.3824) did not claim interface 0 before use
[ 1636.959210][T17481] usb 6-1: can't set config #0, error -71
[ 1636.973820][T17481] usb 6-1: USB disconnect, device number 22
[ 1637.088438][T24618] bridge0: port 3(gretap0) entered blocking state
[ 1637.095175][T24618] bridge0: port 3(gretap0) entered disabled state
[ 1637.101666][T24618] gretap0: entered allmulticast mode
[ 1637.107793][T24618] gretap0: entered promiscuous mode
[ 1637.693497][T14423] Bluetooth: hci3: command 0x0406 tx timeout
[ 1638.241385][T24636] netlink: 'syz.3.3830': attribute type 1 has an invalid length.
[ 1638.253278][T24636] netlink: 'syz.3.3830': attribute type 2 has an invalid length.
[ 1638.261260][T24636] netlink: 'syz.3.3830': attribute type 2 has an invalid length.
[ 1638.269392][T24636] netlink: 'syz.3.3830': attribute type 1 has an invalid length.
[ 1638.277306][T24636] netlink: 'syz.3.3830': attribute type 1 has an invalid length.
[ 1638.519446][T24635] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[ 1638.529211][T24635] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[ 1638.538804][T24635] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1639.751725][T24651] usb usb8: usbfs: process 24651 (syz.1.3833) did not claim interface 0 before use
[ 1640.475608][T24662] usb usb8: usbfs: process 24662 (syz.6.3835) did not claim interface 0 before use
[ 1640.667159][T24669] usb usb8: usbfs: process 24669 (syz.0.3837) did not claim interface 0 before use
[ 1641.464421][T24675] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1643.125999][T24704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3842'.
[ 1646.236637][T24751] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3848'.
[ 1647.801433][T24765] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3850'.
[ 1649.029460][T17481] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[ 1649.204426][T17481] usb 7-1: Using ep0 maxpacket: 16
[ 1649.264287][T17481] usb 7-1: config 0 has an invalid interface number: 49 but max is 0
[ 1649.276692][T17481] usb 7-1: config 0 has no interface number 0
[ 1649.436420][T17481] usb 7-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1649.776758][T17481] usb 7-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1650.035698][T17481] usb 7-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1650.124282][T17481] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1650.133810][T17481] usb 7-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1650.147339][T17481] usb 7-1: Product: syz
[ 1650.151547][T17481] usb 7-1: Manufacturer: syz
[ 1650.174951][T17481] usb 7-1: SerialNumber: syz
[ 1650.185318][T17481] usb 7-1: config 0 descriptor??
[ 1650.191016][T24783] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1650.272894][T24808] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3855'.
[ 1650.534244][T24810] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3857'.
[ 1652.004806][T17481] usb 7-1: USB disconnect, device number 25
[ 1656.363570][ T5979] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1656.533444][T17481] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1656.553719][T24901] usb usb8: usbfs: process 24901 (syz.1.3871) did not claim interface 0 before use
[ 1656.783573][T17481] usb 4-1: Using ep0 maxpacket: 16
[ 1656.804804][ T5979] usb 6-1: Using ep0 maxpacket: 16
[ 1656.878091][ T5979] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[ 1656.888351][ T5979] usb 6-1: config 0 has no interface number 0
[ 1656.894488][ T5979] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1656.923137][T17481] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1656.937396][ T5979] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1656.950922][T17481] usb 4-1: config 0 has no interface number 0
[ 1656.966035][T17481] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1656.989350][ T5979] usb 6-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1657.004254][T17481] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1657.036934][ T5979] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1657.048946][ T5979] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1657.063619][ T5979] usb 6-1: Product: syz
[ 1657.130552][T17481] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1657.228149][ T5979] usb 6-1: Manufacturer: syz
[ 1657.232766][ T5979] usb 6-1: SerialNumber: syz
[ 1657.309947][T17481] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1657.370125][ T5979] usb 6-1: config 0 descriptor??
[ 1657.377405][T17481] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1657.556932][T17481] usb 4-1: Product: syz
[ 1657.570075][T17481] usb 4-1: Manufacturer: syz
[ 1657.573495][T24877] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1657.582001][T17481] usb 4-1: SerialNumber: syz
[ 1657.685067][T17481] usb 4-1: config 0 descriptor??
[ 1657.823741][T24889] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1659.456445][ T5979] usb 6-1: USB disconnect, device number 23
[ 1659.714577][T17481] usb 4-1: USB disconnect, device number 67
[ 1659.913450][T20162] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1660.634209][T20162] usb 2-1: Using ep0 maxpacket: 16
[ 1661.032238][T20162] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[ 1661.098628][T20162] usb 2-1: config 0 has no interface number 0
[ 1661.233103][T20162] usb 2-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1661.290506][T20162] usb 2-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1661.393674][T20162] usb 2-1: config 0 interface 49 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1661.484207][T20162] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1661.769007][T20162] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1661.796076][T20162] usb 2-1: Product: syz
[ 1661.801445][T20162] usb 2-1: Manufacturer: syz
[ 1661.830193][T20162] usb 2-1: SerialNumber: syz
[ 1661.857275][T20162] usb 2-1: config 0 descriptor??
[ 1661.892784][T24940] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1662.514910][T24970] netlink: 'syz.0.3882': attribute type 1 has an invalid length.
[ 1662.522786][T24970] netlink: 'syz.0.3882': attribute type 2 has an invalid length.
[ 1662.530735][T24970] netlink: 'syz.0.3882': attribute type 1 has an invalid length.
[ 1662.538603][T24970] netlink: 'syz.0.3882': attribute type 1 has an invalid length.
[ 1663.251609][T24981] usb usb8: usbfs: process 24981 (syz.5.3884) did not claim interface 0 before use
[ 1663.380239][T12271] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1663.563525][T12271] usb 4-1: Using ep0 maxpacket: 16
[ 1663.627311][T12271] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1663.794442][T12271] usb 4-1: config 0 has no interface number 0
[ 1663.899698][T12271] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1663.910071][T12271] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1663.937557][T12271] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1663.967000][T12271] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1663.983571][T12271] usb 4-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1664.007770][T12271] usb 4-1: Product: syz
[ 1664.022851][T12271] usb 4-1: Manufacturer: syz
[ 1664.042952][T12271] usb 4-1: SerialNumber: syz
[ 1664.070781][T12271] usb 4-1: config 0 descriptor??
[ 1664.088407][T24977] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1664.399223][T20162] usb 2-1: USB disconnect, device number 57
[ 1665.187755][T25016] usb usb8: usbfs: process 25016 (syz.5.3887) did not claim interface 0 before use
[ 1665.247438][T25020] usb usb8: usbfs: process 25020 (syz.0.3888) did not claim interface 0 before use
[ 1666.147091][T25024] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3890'.
[ 1667.996079][T12271] usb 4-1: USB disconnect, device number 68
[ 1668.015345][T25051] usb usb8: usbfs: process 25051 (syz.5.3894) did not claim interface 0 before use
[ 1668.328994][ T1294] ==================================================================
[ 1668.337093][ T1294] BUG: KASAN: slab-use-after-free in tty_write_room+0x7d/0x90
[ 1668.344556][ T1294] Read of size 8 at addr ffff88807a0b1020 by task aoe_tx0/1294
[ 1668.352087][ T1294] 
[ 1668.354407][ T1294] CPU: 1 UID: 0 PID: 1294 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1668.354427][ T1294] Tainted: [L]=SOFTLOCKUP
[ 1668.354432][ T1294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1668.354440][ T1294] Call Trace:
[ 1668.354447][ T1294]  <TASK>
[ 1668.354454][ T1294]  dump_stack_lvl+0x116/0x1f0
[ 1668.354472][ T1294]  print_report+0xcd/0x630
[ 1668.354489][ T1294]  ? __virt_addr_valid+0x81/0x610
[ 1668.354502][ T1294]  ? __phys_addr+0xe8/0x180
[ 1668.354513][ T1294]  ? tty_write_room+0x7d/0x90
[ 1668.354529][ T1294]  kasan_report+0xe0/0x110
[ 1668.354544][ T1294]  ? tty_write_room+0x7d/0x90
[ 1668.354561][ T1294]  tty_write_room+0x7d/0x90
[ 1668.354575][ T1294]  handle_tx+0x14f/0x630
[ 1668.354591][ T1294]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1668.354613][ T1294]  dev_hard_start_xmit+0x97/0x6e0
[ 1668.354630][ T1294]  __dev_queue_xmit+0x6d7/0x4650
[ 1668.354647][ T1294]  ? rcu_is_watching+0x12/0xc0
[ 1668.354659][ T1294]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1668.354680][ T1294]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1668.354697][ T1294]  ? __lock_acquire+0x436/0x2890
[ 1668.354712][ T1294]  ? ref_tracker_free+0x37c/0x830
[ 1668.354730][ T1294]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1668.354747][ T1294]  ? find_held_lock+0x2b/0x80
[ 1668.354765][ T1294]  ? skb_dequeue+0x126/0x180
[ 1668.354778][ T1294]  ? find_held_lock+0x2b/0x80
[ 1668.354796][ T1294]  ? rcu_is_watching+0x12/0xc0
[ 1668.354809][ T1294]  tx+0xcc/0x190
[ 1668.354822][ T1294]  ? __pfx_tx+0x10/0x10
[ 1668.354834][ T1294]  kthread+0x1e4/0x3e0
[ 1668.354852][ T1294]  ? find_held_lock+0x2b/0x80
[ 1668.354870][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1668.354888][ T1294]  ? __pfx_default_wake_function+0x10/0x10
[ 1668.354908][ T1294]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1668.354922][ T1294]  ? __kthread_parkme+0x19e/0x250
[ 1668.354939][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1668.354956][ T1294]  kthread+0x3c5/0x780
[ 1668.354971][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1668.354985][ T1294]  ? rcu_is_watching+0x12/0xc0
[ 1668.354997][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1668.355011][ T1294]  ret_from_fork+0x983/0xb10
[ 1668.355026][ T1294]  ? __pfx_ret_from_fork+0x10/0x10
[ 1668.355040][ T1294]  ? __switch_to+0x7af/0x10d0
[ 1668.355056][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1668.355070][ T1294]  ret_from_fork_asm+0x1a/0x30
[ 1668.355093][ T1294]  </TASK>
[ 1668.355097][ T1294] 
[ 1668.579859][ T1294] Allocated by task 24867:
[ 1668.584250][ T1294]  kasan_save_stack+0x33/0x60
[ 1668.588911][ T1294]  kasan_save_track+0x14/0x30
[ 1668.593567][ T1294]  __kasan_kmalloc+0xaa/0xb0
[ 1668.598135][ T1294]  alloc_tty_struct+0x96/0x8c0
[ 1668.602874][ T1294]  tty_init_dev.part.0+0x1e/0x500
[ 1668.607872][ T1294]  tty_open+0xa4f/0xf90
[ 1668.612003][ T1294]  chrdev_open+0x234/0x6a0
[ 1668.616403][ T1294]  do_dentry_open+0x748/0x1590
[ 1668.621145][ T1294]  vfs_open+0x82/0x3f0
[ 1668.625195][ T1294]  path_openat+0x2078/0x3140
[ 1668.629764][ T1294]  do_filp_open+0x20b/0x470
[ 1668.634246][ T1294]  do_sys_openat2+0x11f/0x280
[ 1668.638895][ T1294]  __x64_sys_openat+0x174/0x210
[ 1668.643720][ T1294]  do_syscall_64+0xcd/0xf80
[ 1668.648203][ T1294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1668.654073][ T1294] 
[ 1668.656375][ T1294] Freed by task 12282:
[ 1668.660416][ T1294]  kasan_save_stack+0x33/0x60
[ 1668.665069][ T1294]  kasan_save_track+0x14/0x30
[ 1668.669727][ T1294]  kasan_save_free_info+0x3b/0x60
[ 1668.674743][ T1294]  __kasan_slab_free+0x5f/0x80
[ 1668.679488][ T1294]  kfree+0x2f8/0x6e0
[ 1668.683364][ T1294]  process_one_work+0x9ba/0x1b20
[ 1668.688281][ T1294]  worker_thread+0x6c8/0xf10
[ 1668.692849][ T1294]  kthread+0x3c5/0x780
[ 1668.696894][ T1294]  ret_from_fork+0x983/0xb10
[ 1668.701463][ T1294]  ret_from_fork_asm+0x1a/0x30
[ 1668.706206][ T1294] 
[ 1668.708508][ T1294] Last potentially related work creation:
[ 1668.714196][ T1294]  kasan_save_stack+0x33/0x60
[ 1668.718852][ T1294]  kasan_record_aux_stack+0xa7/0xc0
[ 1668.724035][ T1294]  insert_work+0x36/0x230
[ 1668.728344][ T1294]  __queue_work+0x94f/0x10e0
[ 1668.732914][ T1294]  queue_work_on+0x1a4/0x1f0
[ 1668.737483][ T1294]  release_tty+0x4de/0x5d0
[ 1668.741880][ T1294]  tty_release_struct+0xb7/0xe0
[ 1668.746711][ T1294]  tty_release+0xe2d/0x1470
[ 1668.751196][ T1294]  __fput+0x402/0xb70
[ 1668.755150][ T1294]  task_work_run+0x150/0x240
[ 1668.759721][ T1294]  do_exit+0x87f/0x2bd0
[ 1668.763853][ T1294]  do_group_exit+0xd3/0x2a0
[ 1668.768332][ T1294]  get_signal+0x2671/0x26d0
[ 1668.772830][ T1294]  arch_do_signal_or_restart+0x8f/0x7e0
[ 1668.778358][ T1294]  exit_to_user_mode_loop+0x8c/0x540
[ 1668.783625][ T1294]  do_syscall_64+0x4ee/0xf80
[ 1668.788190][ T1294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1668.794057][ T1294] 
[ 1668.796362][ T1294] The buggy address belongs to the object at ffff88807a0b1000
[ 1668.796362][ T1294]  which belongs to the cache kmalloc-cg-2k of size 2048
[ 1668.810649][ T1294] The buggy address is located 32 bytes inside of
[ 1668.810649][ T1294]  freed 2048-byte region [ffff88807a0b1000, ffff88807a0b1800)
[ 1668.824417][ T1294] 
[ 1668.826721][ T1294] The buggy address belongs to the physical page:
[ 1668.833105][ T1294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807a0b7000 pfn:0x7a0b0
[ 1668.843139][ T1294] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1668.851611][ T1294] memcg:ffff888076e01f81
[ 1668.855823][ T1294] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1668.864297][ T1294] page_type: f5(slab)
[ 1668.868258][ T1294] raw: 00fff00000000240 ffff88813ff303c0 ffffea0000d23c10 ffffea0001600410
[ 1668.876819][ T1294] raw: ffff88807a0b7000 0000000000080007 00000000f5000000 ffff888076e01f81
[ 1668.885378][ T1294] head: 00fff00000000240 ffff88813ff303c0 ffffea0000d23c10 ffffea0001600410
[ 1668.894026][ T1294] head: ffff88807a0b7000 0000000000080007 00000000f5000000 ffff888076e01f81
[ 1668.902671][ T1294] head: 00fff00000000003 ffffea0001e82c01 00000000ffffffff 00000000ffffffff
[ 1668.911318][ T1294] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1668.919959][ T1294] page dumped because: kasan: bad access detected
[ 1668.926345][ T1294] page_owner tracks the page as allocated
[ 1668.932032][ T1294] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 23632, tgid 23631 (syz.0.3721), ts 1585045158467, free_ts 1585039818749
[ 1668.953718][ T1294]  post_alloc_hook+0x1af/0x220
[ 1668.958467][ T1294]  get_page_from_freelist+0xd0b/0x31a0
[ 1668.963899][ T1294]  __alloc_frozen_pages_noprof+0x25f/0x2430
[ 1668.969766][ T1294]  alloc_pages_mpol+0x1fb/0x550
[ 1668.974596][ T1294]  new_slab+0x2c3/0x430
[ 1668.978732][ T1294]  ___slab_alloc+0xe18/0x1c90
[ 1668.983388][ T1294]  __slab_alloc.constprop.0+0x63/0x110
[ 1668.988829][ T1294]  __kmalloc_node_track_caller_noprof+0x4d6/0x930
[ 1668.995221][ T1294]  kmemdup_noprof+0x29/0x60
[ 1668.999701][ T1294]  neigh_sysctl_register+0xb2/0x670
[ 1669.004882][ T1294]  addrconf_sysctl_register+0xb9/0x1f0
[ 1669.010316][ T1294]  ipv6_add_dev+0xb31/0x15f0
[ 1669.014883][ T1294]  addrconf_notify+0x53e/0x19f0
[ 1669.019712][ T1294]  notifier_call_chain+0xbc/0x3e0
[ 1669.024713][ T1294]  call_netdevice_notifiers_info+0xbe/0x110
[ 1669.030581][ T1294]  register_netdevice+0x1792/0x21d0
[ 1669.035755][ T1294] page last free pid 23632 tgid 23631 stack trace:
[ 1669.042225][ T1294]  __free_frozen_pages+0x7df/0x1170
[ 1669.047402][ T1294]  __put_partials+0x130/0x170
[ 1669.052054][ T1294]  qlist_free_all+0x4c/0xf0
[ 1669.056533][ T1294]  kasan_quarantine_reduce+0x195/0x1e0
[ 1669.061970][ T1294]  __kasan_slab_alloc+0x69/0x90
[ 1669.066800][ T1294]  __kmalloc_cache_noprof+0x282/0x800
[ 1669.072155][ T1294]  kset_create_and_add+0x4d/0x190
[ 1669.077159][ T1294]  netdev_register_kobject+0x1ef/0x3d0
[ 1669.082594][ T1294]  register_netdevice+0x13ac/0x21d0
[ 1669.087766][ T1294]  nsim_create+0xdd5/0x13f0
[ 1669.092245][ T1294]  __nsim_dev_port_add+0x451/0x7a0
[ 1669.097335][ T1294]  nsim_dev_reload_up+0x5b8/0x860
[ 1669.102335][ T1294]  devlink_reload+0x325/0x7c0
[ 1669.106994][ T1294]  devlink_nl_reload_doit+0xd7a/0x1360
[ 1669.112432][ T1294]  genl_family_rcv_msg_doit+0x209/0x2f0
[ 1669.117957][ T1294]  genl_rcv_msg+0x55c/0x800
[ 1669.122439][ T1294] 
[ 1669.124740][ T1294] Memory state around the buggy address:
[ 1669.130343][ T1294]  ffff88807a0b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1669.138380][ T1294]  ffff88807a0b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1669.146418][ T1294] >ffff88807a0b1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1669.154453][ T1294]                                ^
[ 1669.159537][ T1294]  ffff88807a0b1080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1669.167573][ T1294]  ffff88807a0b1100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1669.175606][ T1294] ==================================================================
[ 1669.183742][ T1294] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1669.190933][ T1294] CPU: 1 UID: 0 PID: 1294 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1669.201521][ T1294] Tainted: [L]=SOFTLOCKUP
[ 1669.205837][ T1294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1669.215875][ T1294] Call Trace:
[ 1669.219133][ T1294]  <TASK>
[ 1669.222052][ T1294]  dump_stack_lvl+0x3d/0x1f0
[ 1669.226643][ T1294]  vpanic+0x640/0x6f0
[ 1669.230619][ T1294]  panic+0xca/0xd0
[ 1669.234326][ T1294]  ? __pfx_panic+0x10/0x10
[ 1669.238730][ T1294]  ? check_panic_on_warn+0x1f/0xb0
[ 1669.243823][ T1294]  check_panic_on_warn+0xab/0xb0
[ 1669.248744][ T1294]  end_report+0x107/0x160
[ 1669.253057][ T1294]  kasan_report+0xee/0x110
[ 1669.257454][ T1294]  ? tty_write_room+0x7d/0x90
[ 1669.262112][ T1294]  tty_write_room+0x7d/0x90
[ 1669.266598][ T1294]  handle_tx+0x14f/0x630
[ 1669.270823][ T1294]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1669.276619][ T1294]  dev_hard_start_xmit+0x97/0x6e0
[ 1669.281629][ T1294]  __dev_queue_xmit+0x6d7/0x4650
[ 1669.286549][ T1294]  ? rcu_is_watching+0x12/0xc0
[ 1669.291292][ T1294]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1669.297082][ T1294]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1669.302440][ T1294]  ? __lock_acquire+0x436/0x2890
[ 1669.307358][ T1294]  ? ref_tracker_free+0x37c/0x830
[ 1669.312365][ T1294]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1669.317375][ T1294]  ? find_held_lock+0x2b/0x80
[ 1669.322036][ T1294]  ? skb_dequeue+0x126/0x180
[ 1669.326602][ T1294]  ? find_held_lock+0x2b/0x80
[ 1669.331261][ T1294]  ? rcu_is_watching+0x12/0xc0
[ 1669.336002][ T1294]  tx+0xcc/0x190
[ 1669.339530][ T1294]  ? __pfx_tx+0x10/0x10
[ 1669.343660][ T1294]  kthread+0x1e4/0x3e0
[ 1669.347713][ T1294]  ? find_held_lock+0x2b/0x80
[ 1669.352372][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1669.356943][ T1294]  ? __pfx_default_wake_function+0x10/0x10
[ 1669.362732][ T1294]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1669.367907][ T1294]  ? __kthread_parkme+0x19e/0x250
[ 1669.372910][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1669.377483][ T1294]  kthread+0x3c5/0x780
[ 1669.381531][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1669.386103][ T1294]  ? rcu_is_watching+0x12/0xc0
[ 1669.390844][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1669.395415][ T1294]  ret_from_fork+0x983/0xb10
[ 1669.399985][ T1294]  ? __pfx_ret_from_fork+0x10/0x10
[ 1669.405074][ T1294]  ? __switch_to+0x7af/0x10d0
[ 1669.409734][ T1294]  ? __pfx_kthread+0x10/0x10
[ 1669.414305][ T1294]  ret_from_fork_asm+0x1a/0x30
[ 1669.419058][ T1294]  </TASK>
[ 1669.422333][ T1294] Kernel Offset: disabled
[ 1669.426631][ T1294] Rebooting in 86400 seconds..