last executing test programs:

6m29.538628442s ago: executing program 0 (id=529):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0x138, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x84}}, [@migrate={0xe8, 0x11, [{@in=@dev={0xac, 0x14, 0x14, 0xc}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0xff, 0x0, 0x0, 0x2, 0x2, 0xa}, {@in=@local, @in6=@local, @in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x4, 0x0, 0x3500, 0xa, 0x8}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@private2, @in=@rand_addr=0x64010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x2}]}]}, 0x138}}, 0x0)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3}, 0x18)
connect$can_j1939(r2, &(0x7f0000000080)={0x1d, r3, 0x0, {0x2, 0xf0, 0x1}, 0xfe}, 0x18)
sendmsg$can_j1939(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='\x00', 0x1a00e}}, 0x0)

6m27.073135275s ago: executing program 0 (id=539):
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000df2bfd404b0c0001cad7010203010902240001000000000904450002c9cee40009050802"], 0x0)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r0, 0x0, 0x0)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='map_files\x00')
getdents(r2, 0xfffffffffffffffd, 0x3b)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1, 0x0, {0xa, 0x4e25, 0x6e6, @private2, 0x4}}}, 0x3a)

6m25.422751406s ago: executing program 0 (id=545):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x1e)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r0, 0x0, 0xa4, 0x0, &(0x7f00000007c0)="000600e9ffffffffffffff000000f66c60662d7eb14f7db9502fb111c27ff34be292b6d0c7cdbb2308c9580ce827e5dcf1d15c5d05db78efc57c7356e857848b4b4f5977e6967cfd908cbef46f5b43554a71e3b09a31052e05b09b3e8967d99580563e7379381ba0fccbbd6bf4d191644df54714ee4f7be448f21ecef1be2c2a41cd9c59cad12cc3c1aa347c534f888ba21e5db04870a5bd279ff5d1e6ae395a6a22b588", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3fffffc}, 0xfffffffffffffe9a)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000f00)={'wlan0\x00', 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000180), 0xfffffffffffff998, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r3 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGETD(r3, 0x5424, 0x0)
socket$inet6(0xa, 0x2, 0x0)
syz_io_uring_setup(0x1b14, &(0x7f0000000480)={0x0, 0x6b72, 0x4, 0x0, 0x804e}, 0x0, &(0x7f0000000440))
eventfd2(0x0, 0x40001)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1800000016001581021a73c8a32de51630338638e877f77f3aad7400000000000000090048001c383efba4a9048f70a3944a900ab0e1f3c9fd053d2730c786a4d7cbd9d442fff44df2b8df9a8d34bd58bd03930203e6240d69968d110b2f2d", @ANYRES32=0x0], 0x18}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r5)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x6a0, 0x5, 0x348, 0xb8, 0x160, 0xfeffffff, 0xb8, 0xb8, 0x2b0, 0x2b0, 0xffffffff, 0x2b0, 0x2b0, 0x5, 0x0, {[{{@uncond, 0x3e7, 0x70, 0xb8, 0xe000000}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@remote, @gre_key}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth1_to_batadv\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x7}}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @rand_addr=0x64010101, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x1, @broadcast, @remote, @gre_key}}}}, {{@ip={@dev, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 'batadv_slave_0\x00', 'ipvlan1\x00', {}, {}, 0x0, 0x0, 0x5}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @loopback}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)

6m23.190845402s ago: executing program 0 (id=555):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180)={<r9=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r8, &(0x7f00000001c0)={0x5, 0x10, 0xfa00, {0x0, r9}}, 0x18)

6m22.31457377s ago: executing program 0 (id=559):
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r0, 0x1)
mkdirat(0xffffffffffffffff, &(0x7f0000002040)='./file0\x00', 0x44)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4008010}, 0x4040000)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c20932"], 0x310)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed8"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendto$inet(r2, 0x0, 0xfffffffffffffe1a, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)

6m19.220173484s ago: executing program 0 (id=566):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)}], 0x1}, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0x6, &(0x7f0000000280)={0x10, 0xfffffffffffffffc}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0x0, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r2, 0x0}])
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
r5 = socket$netlink(0x10, 0x3, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100))
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000080", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf2525000000"], 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sched_setaffinity(r4, 0x7, &(0x7f0000000080)=0x6e)
sendmsg$AUDIT_SET(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x6ce2af1890044353}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x3c, 0x3e9, 0x2, 0x70bd29, 0x25dfdbfe, {0x40, 0x7, 0x2, r4, 0x1000, 0x8000, 0x6, 0x10001, 0x0, 0xffff, 0x10}, ["", "", "", "", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_io_uring_setup(0x19d5, &(0x7f0000000040)={0x0, 0x83b0, 0x400, 0x1, 0x68}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r7, 0x19, &(0x7f0000000140)={0xfffffffc, 0xe, 0x9}, 0x0)
socket(0x10, 0x2, 0x0)
r8 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
fsetxattr$security_ima(r8, &(0x7f0000000040), &(0x7f00000003c0)=ANY=[@ANYBLOB="041260882acdbea415e02af6d40e8c7c76075c3911d64e0e3badb20bb60c2acc954310a8e250de854173914f38175b8d1f8cfc45a355c42ad44e0470b8e2de42bbb054525da144261fd93ebc2916d76b8f87e4dc0398f37b96288f0913dc17394b52b28da589b6131e08e40856cc45f3658b7bddbe1ab5e458d92bdbf820ed65dba8107dd7541b4f35d6a9f0a6e6463cdfae4bf79e9511d5"], 0x2, 0x0)
execveat(r8, &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x1000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

6m2.278781045s ago: executing program 32 (id=566):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)}], 0x1}, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0x6, &(0x7f0000000280)={0x10, 0xfffffffffffffffc}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0x0, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r2, 0x0}])
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
r5 = socket$netlink(0x10, 0x3, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100))
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000080", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf2525000000"], 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sched_setaffinity(r4, 0x7, &(0x7f0000000080)=0x6e)
sendmsg$AUDIT_SET(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x6ce2af1890044353}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x3c, 0x3e9, 0x2, 0x70bd29, 0x25dfdbfe, {0x40, 0x7, 0x2, r4, 0x1000, 0x8000, 0x6, 0x10001, 0x0, 0xffff, 0x10}, ["", "", "", "", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_io_uring_setup(0x19d5, &(0x7f0000000040)={0x0, 0x83b0, 0x400, 0x1, 0x68}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r7, 0x19, &(0x7f0000000140)={0xfffffffc, 0xe, 0x9}, 0x0)
socket(0x10, 0x2, 0x0)
r8 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
fsetxattr$security_ima(r8, &(0x7f0000000040), &(0x7f00000003c0)=ANY=[@ANYBLOB="041260882acdbea415e02af6d40e8c7c76075c3911d64e0e3badb20bb60c2acc954310a8e250de854173914f38175b8d1f8cfc45a355c42ad44e0470b8e2de42bbb054525da144261fd93ebc2916d76b8f87e4dc0398f37b96288f0913dc17394b52b28da589b6131e08e40856cc45f3658b7bddbe1ab5e458d92bdbf820ed65dba8107dd7541b4f35d6a9f0a6e6463cdfae4bf79e9511d5"], 0x2, 0x0)
execveat(r8, &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x1000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

13.86310332s ago: executing program 4 (id=1914):
r0 = socket$inet(0x10, 0x5, 0x5200279)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_dev$mouse(&(0x7f0000001c40), 0x3e8, 0x200a00)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000002340)={r1, <r2=>0xffffffffffffffff}, 0x4)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="24000000210007041dfffd946f6105000a0000e8fe02080100010800080006006f460000", 0x24}], 0x1}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f00000000c0)={0x4, 0x2})
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x3, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000519000/0x3000)=nil, 0x3000, 0xb635773f05ebbeea, 0x100010, 0xffffffffffffffff, 0x2908000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000001900)=[{{&(0x7f0000000380)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000a00)=[{&(0x7f0000000580)=""/211, 0xd3}, {&(0x7f0000001440)=""/225, 0xe1}, {&(0x7f0000001280)=""/68, 0xfffffffffffffcff}, {&(0x7f00000008c0)=""/140, 0x8c}, {&(0x7f0000000980)=""/117, 0x75}], 0x5, &(0x7f0000000a80)=""/231, 0xe7}, 0x2}, {{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000001000)=""/194, 0xc2}], 0x1, &(0x7f0000000c80)=""/113, 0x71}, 0x60000000}, {{&(0x7f0000000d00)=@can, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000d80)=""/238, 0xee}, {&(0x7f0000000e80)=""/14, 0xe}, {&(0x7f0000000ec0)=""/170, 0xaa}, {&(0x7f0000001540)=""/64, 0x40}], 0x4, &(0x7f0000001b40)=""/197, 0xc5}, 0x797}, {{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001100)=""/214, 0xd6}, {&(0x7f0000001200)=""/99, 0x63}, {&(0x7f0000000780)=""/135, 0x87}, {&(0x7f0000001340)=""/249, 0xf9}, {&(0x7f0000001a40)=""/196, 0xc4}, {&(0x7f0000001540)}, {&(0x7f0000000680)=""/130, 0x82}, {&(0x7f0000001640)}], 0x8, &(0x7f0000001700)=""/86, 0x56}, 0xc}, {{&(0x7f0000001780)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000100)=""/17, 0x11}], 0x1, &(0x7f0000001880)=""/98, 0x62}, 0x5}], 0x5, 0x2, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000340)=0xfffffff7)
r7 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0xab02)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES8=r2], &(0x7f0000000040)='GPL\x00', 0x9f61, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_page_free_batched\x00', r8}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
ioctl$VIDIOC_S_CROP(r7, 0x4014563c, &(0x7f0000000040)={0x1, {0xf8000001, 0x4403, 0x8, 0x7}})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000000c0)={<r9=>0xffffffffffffffff})
recvmsg(r9, &(0x7f00000001c0)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000f80)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)

13.78626825s ago: executing program 1 (id=1915):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x4c, r0, 0x1, 0x0, 0x25dfdbfb, {0x41}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xfffffffffffffecd}, {0x8, 0x87}}]}, 0x4c}}, 0x200000000000000)

13.498620501s ago: executing program 1 (id=1917):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0xc, 0x7, 0x0, 0x1, @fwd={{0x8}, @void}}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x6}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd0}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000080)=<r2=>0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r5, 0x1, 0x70bd25, 0x25dfdbf4, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000100)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, r2})
unshare(0x24020400)
unshare(0x24020400)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
bind$unix(r6, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
ioprio_set$uid(0x0, r2, 0x4003)
setresuid(r2, r2, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
select(0x40, &(0x7f0000000000)={0x9, 0x7, 0xffff, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000020000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r8}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r7}, 0x20)
r9 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x100, 0x22, 0x1b7}, &(0x7f0000000300)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/15, 0xf}], 0x1})
close(0x3)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a00)=ANY=[@ANYBLOB="80020000160001000000001000000000fe8000000000000000000000000000aaff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8800000000000000000000000000010000000033000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000a0000000000000000000000000000000000000008001f00010000000c0015005c0735"], 0x280}}, 0x0)
sendmsg$nl_xfrm(r12, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYBLOB="f8000000160001000000000000000000ff010000000000000000000000000001ff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe880000000000000000000100000000000000003300000000000000000000000000ffffac14142900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000820000000000000000000000000000000000000000000000000000000000000000000000000a"], 0xf8}}, 0x0)
io_uring_enter(r9, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)

12.966660775s ago: executing program 2 (id=1922):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r1, 0x2000000, 0xe40, 0x60ff, &(0x7f00000001c0)="5cdd3086ddffff6633c9bbac88a8860040dffd00139fb7a884bdfc14f48786dd", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0), 0x4002, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x70}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x5, 0x0}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x4, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0xa0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14)
setsockopt$inet6_mreq(r5, 0x29, 0x1c, &(0x7f00000000c0)={@remote}, 0x14)
syz_emit_ethernet(0x7a, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r0], 0x0)

12.33167654s ago: executing program 1 (id=1924):
socket$inet_tcp(0x2, 0x1, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_DBG_S_REGISTER(0xffffffffffffffff, 0x4038564f, &(0x7f0000000140)={{0x1, @addr=0x9}, 0x8, 0x7, 0xff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f00000003c0)=[{0x6, 0x52, 0x7, 0xde, @tick=0x30, {0x10, 0x6}, {0x9, 0x50}, @raw32={[0x81, 0xee1]}}, {0x1, 0x10, 0x2, 0x6, @time={0x0, 0x98a7}, {0x44, 0x4}, {0xff, 0x9}, @addr={0x5, 0xb}}, {0x7, 0x8, 0x7, 0x7, @tick=0x2, {0x5}, {0x7, 0x81}, @raw32={[0x9, 0x4, 0x4]}}, {0x10, 0x2, 0x6, 0xfb, @time={0x5, 0x5}, {0xaf, 0xa}, {0x6, 0xfe}, @connect={{0x1, 0xff}, {0x2, 0x5}}}, {0x3, 0xa, 0xce, 0x6, @time={0x9, 0x2}, {0x10, 0x5}, {0x4, 0x7f}, @addr={0x9}}, {0x5, 0x33, 0x6, 0x4, @time={0x6, 0x7}, {0x5, 0x54}, {0x3, 0x8}, @control={0x8, 0x40, 0xe0e}}, {0x2, 0x6, 0x9, 0x1, @tick=0x1, {0x0, 0x8}, {0xf4, 0xa3}, @result={0xfffffff3, 0x7fff}}, {0x5, 0x73, 0x5, 0x1, @tick=0x10000, {0x2a, 0xc}, {0x0, 0x59}, @note={0x4, 0x2, 0xef, 0x9, 0xd41}}, {0x95, 0x6, 0x8b, 0x9, @time={0xff, 0x6}, {0x7, 0x8}, {0x4, 0x3}, @ext={0x77, &(0x7f00000000c0)="316887b1097bcd26ced8d42b53d33ec4459dd77056882486fb9055e1d8feb7056e32f8ef0886010168411d9ee5a70c203c818f49584eaffbd40c0373ea01495f6f426fcdfb5f535c612ac3b5f8d0fbfa5f582ead7e63731c42902d1dfa113401509f8f9ee2dca0cc533f14f18695fd222da69c06e00a91"}}], 0xfc)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x32b, @time={0x2, 0xffff}, 0x4, {0x40, 0xb8}, 0x0, 0x2, 0x1})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
fanotify_mark(r3, 0x71, 0x40000009, r4, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x20142, 0x82)
r6 = fanotify_init(0x4, 0x101801)
fanotify_mark(r6, 0x105, 0x40001032, r5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000180)=@abs, 0x6e)
syz_extract_tcp_res$synack(&(0x7f0000000240), 0x1, 0x0)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv2(r9, &(0x7f0000000080)=[{&(0x7f0000002200)=""/4102, 0x1006}], 0x1, 0xd, 0x0, 0x1f)

12.201053472s ago: executing program 2 (id=1926):
socket(0x1d, 0x1, 0x5)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa", 0x1}], 0x2)
r2 = openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000100)=0xfffffff7)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f0000001940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

12.094818062s ago: executing program 4 (id=1927):
mprotect(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x1)
syz_open_dev$media(&(0x7f0000000000), 0x8000009, 0x468800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0xf, &(0x7f0000000080), 0x4)
r2 = getpid()
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x4)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(&(0x7f0000000480)='./file0\x00', 0x6000, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

10.447596766s ago: executing program 1 (id=1929):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000004000000082000040"])
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000280), 0x80000, 0x0)
fdatasync(r4)
r5 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r7 = fsopen(&(0x7f00000003c0)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsmount(r7, 0x0, 0x88)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb3d68000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x4c}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$nl_generic(r9, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0x6, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d37, 0x1dd2, 0x5, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x7, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffffd, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x81, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0x10, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffe, 0x3, 0x7fff, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x400, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x8, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x3, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x80000002, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x5, 0xb, 0x0, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x8, 0x0, 0x60000000, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x800], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x5, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x7f, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r10 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ppoll(&(0x7f00000000c0)=[{r10, 0x603}], 0x1, 0x0, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)

10.189664854s ago: executing program 4 (id=1930):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x4000000004002, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000003c0), 0x141200, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
r3 = userfaultfd(0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
close(r2)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r4 = landlock_create_ruleset(&(0x7f0000000080)={0x8601, 0x2}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = syz_io_uring_setup(0x1237, &(0x7f0000000380)={0x0, 0x80fd, 0x80, 0x3, 0x2b9}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000100)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000080)=@l2tp={0x2, 0x0, @local, 0x3}})
io_uring_enter(r6, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
dup2(r9, r5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r10 = userfaultfd(0x100800)
ioctl$UFFDIO_COPY(r10, 0xc028aa05, &(0x7f0000000180)={&(0x7f0000885000/0x10000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x10000, 0x2, 0x2})
sendfile(r0, r0, &(0x7f0000000080)=0x63a3, 0x200)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="0180000000000000000001000000000000000b"], 0x28}}, 0x40000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0xd, 0xb, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0x8, &(0x7f0000000040)=""/8, 0x0, 0x24, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)

10.188744463s ago: executing program 2 (id=1931):
socket$key(0xf, 0x3, 0x2)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x2a0, 0xffffffff, 0x170, 0x0, 0xa0, 0xffffffff, 0xffffffff, 0x258, 0x258, 0x258, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xa0, 0x0, {0x100000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0x7}, {}, 0xc}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="3232b3c71587", 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffe, 0x0, 0x4, 0x0, 0x0, 0x0, 0x31, 0x0, 0x2f]}}}, {{@ip={@remote, @dev, 0x0, 0x0, 'wlan1\x00', 'team0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r4, 0x0, r1})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

10.082822144s ago: executing program 3 (id=1932):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x66a8, 0x4000, 0xf, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0xd8, 0xa, 0xd0e0000, 0xd8, 0x100, 0x1a8, 0x1d8, 0x1d8, 0x1a8, 0x1d8, 0x3, 0x0, {[{{@ip={@local, @multicast2, 0xffffff00, 0xff, 'veth0\x00', 'team0\x00', {}, {}, 0x2, 0x3, 0x40}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0xffff, 0x800, 0x1, 'syz1\x00', 'syz0\x00', {0x3}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x4, 0x2, 0x4, 0x3, 0x5, 0x3], 0x5, 0x5}, {0x0, [0x6, 0x6, 0x1, 0x7, 0x5, 0x5], 0x3, 0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1}, 0x6e)
socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, './file1\x00'}, 0x6e)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r5, &(0x7f0000000100)=""/166, 0xa6, 0x81)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r7=>r3, {0x5}}, './file1\x00'})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r8}, 0x10)
ioctl$TUNSETFILTEREBPF(r7, 0x800454e1, &(0x7f0000000180)=r8)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000060027000000000008000a00a8"], 0x6c}}, 0x4000011)

9.625178768s ago: executing program 2 (id=1933):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x7, 0x20802)
ioctl$LOOP_SET_STATUS(r0, 0x1277, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r5=>0x0}, 0x0)
splice(r4, &(0x7f0000000040), r5, 0x0, 0x808, 0x0)
ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f00000000c0)={0xd, 0x5, 0xd})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009b02"])

8.792727033s ago: executing program 3 (id=1934):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x25}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'veth0_vlan\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xe32b60fbedc7f0cc}, {0x7}, {0x0, 0xa}}}, 0x24}}, 0x0)
sendmmsg(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000500)="ab", 0x5ea}], 0x1}}], 0x484, 0x24048084)

8.486875201s ago: executing program 2 (id=1935):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1}, 0xe)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000080)={r3, 0x9}, 0x8)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0xfffffff4}}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000fc0)={&(0x7f0000000280)=@hci={0x1f, 0x0, 0x31}, 0x80, &(0x7f0000001000)=[{&(0x7f0000000200)="b893cc1e00c1dba49dbb66ca3ae985e16ac112e3325800f36f66bb0253da1d45784a8880001a88fb", 0x28}], 0x1}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="201006000000065f01"], 0x0, 0x0, 0x0, 0x0}, 0x0)

8.314486428s ago: executing program 3 (id=1937):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
personality(0x400000)
syz_open_dev$dri(&(0x7f0000000100), 0x8000000000000006, 0x80400)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0)={0x1, 0xfd, 0x15, 0x0, 0xfc, 0xff, 0xfc, 0xfc, 0x0, 0x4, 0x81, 0x80, 0x8}, 0xe)
sendto$inet6(r1, &(0x7f0000000040)='T', 0x1, 0x8910, &(0x7f0000000280)={0xa, 0xfffc, 0x0, @loopback, 0x1}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000)=0x4, 0x4)
readv(r1, &(0x7f0000000080)=[{&(0x7f0000001fc0)=""/4096, 0x1000}], 0x1)
pipe(&(0x7f00000000c0))
creat(&(0x7f0000000180)='./file0\x00', 0x0)
io_setup(0x3ff, &(0x7f0000000500))
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sync()
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)

8.198880103s ago: executing program 5 (id=1938):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = getpid()
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=@ipv4_delroute={0x13, 0x19, 0x1, 0x70bd2c, 0x25dfdbff, {0x2, 0x20, 0x80, 0x4, 0xff, 0x4, 0xc8, 0xb, 0xd00}, [@RTA_MULTIPATH={0xc, 0x9, {0x9, 0x20, 0xff}}, @RTA_NH_ID={0x8, 0x1e, 0x7fffffff}]}, 0x30}, 0x1, 0x0, 0x0, 0x44810}, 0x80)
sched_setscheduler(r0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
semget(0x3, 0x1, 0x206)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000100)=[0x4])
semop(0x0, &(0x7f0000002480)=[{}], 0x1)
semop(0x0, &(0x7f00000003c0)=[{}], 0x1)
semctl$IPC_RMID(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_JOIN_FILTERS(r2, 0x65, 0x6, &(0x7f00000001c0), 0x4)

7.988150732s ago: executing program 5 (id=1939):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x7}, @in6=@mcast2, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x79e5a327e49487d3, 0x0, 0xee01}, {0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x2, 0x4c817065, 0x0, 0x101}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x2, 0x0, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x10000000, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x2, 0xb7, 0xffffffff, 0x4d, 0x4}}, 0xe8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10129, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
process_vm_writev(0x0, &(0x7f00000003c0)=[{0x0}, {&(0x7f00000000c0)=""/15, 0xf}], 0x2, &(0x7f0000000a80), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=@newsa={0x138, 0x1a, 0x1, 0x3, 0x25dfdbfd, {{@in=@local, @in=@multicast1=0xac1414bb, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x16}, {@in=@broadcast, 0x4000000, 0x33}, @in=@remote, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x1000000000000}, {0x7b, 0x0, 0x2000}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x6b}, [@algo_auth={0x48, 0x1, {{'hmac(sha1)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0xc75c2b196d661e27}, 0x0)

7.193911496s ago: executing program 1 (id=1940):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x281}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_usb_connect(0x2, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x2000000}, 0x0)

6.946596075s ago: executing program 3 (id=1941):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0100000004800100040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000409674f4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000001"], 0x50)

6.8648451s ago: executing program 5 (id=1942):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=r3], 0x3c}}, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d390987f70e06d038e7ff7fc6e5539b0d650e8b089b3f363b68090890e0878f0e1ac6e7049b3b43959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07470936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r1}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x25, '\x00', r3, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r7}, 0x18)
syz_io_uring_setup(0x1113, &(0x7f0000000280)={0x0, 0xb44a, 0x0, 0x0, 0x21e}, &(0x7f0000000000), &(0x7f0000000040))

6.821956891s ago: executing program 4 (id=1943):
syz_open_dev$usbfs(0x0, 0x800, 0x101100) (async)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xb1003fff) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xfffffffffffffffe) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
r1 = add_key(&(0x7f0000000100)='cifs.idmap\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) (async)
capset(&(0x7f0000000080)={0x20071026}, 0x0) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBLED(r2, 0x4b64, 0x0) (async)
pipe2$watch_queue(0x0, 0x80) (async)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, 0xffffffffffffffff, 0xc)
unshare(0x28000600)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0xffffffffffffffff) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
r4 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1) (async)
read(r4, &(0x7f0000001400)=""/4076, 0xfec)

6.686898779s ago: executing program 5 (id=1944):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x11, &(0x7f0000000380)=[@in={0x2, 0x4e21, @remote}]}, &(0x7f0000000180)=0x10)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r1, @ANYBLOB="10100000000000000800200005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r1], 0x40c}}, 0x0)

6.090224238s ago: executing program 4 (id=1945):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x4004)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r0 = getpid()
sched_setaffinity(r0, 0x8, &(0x7f00000001c0)=0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r1, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/152, 0x98, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f0000004b00)=""/110, 0x6e, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000540)=""/224, 0xe0, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000001000)=""/254, 0xfe, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000780)=""/212, 0xd4, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x61}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x28, 0x0, &(0x7f0000000500)="3d25ab555b19c4cbd001708586dd", 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000180), 0xfffffffffffff998, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.952656129s ago: executing program 5 (id=1946):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000008e00)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000006c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x1, 0xa9, "0bae53d45bd7953bf95a8d77cae003940ea2d9345d04e7abffe074ec0391c5ba428c8535aac0bd5ed99e4e00e68b6f3dacc2751b1392d7108ffaa74b03d9b409c22b88f75180e4665f413938a48f34c27cb62b7a9f904eeeef606c087bf7e673b6f56501ed210321744989abf6f2c4ebd7c12f3b8222283c88497e7354a65a6aa3778f1eb2479a557c044353ebaf3e50b9024fa2773057cff0c1687058ef1f7a35098b751eadbde527"}, 0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f00000003c0)={0x14, &(0x7f0000000240)={0x20, 0x22, 0x59, {0x59, 0x30, "bbed98b5c8be5acd02fd9cafc63733ca5f17188f8e799fc626eae0e6bde8c304cbfffa4c51233a839116613c690f34f3270c76a2b6c1c93cbb9cb060d87cc4074fcf18c83c38aba3d1f74853cb6b7b752e427bfbce91bd"}}, &(0x7f00000002c0)={0x0, 0x3, 0xd0, @string={0xd0, 0x3, "7f5614c9bbcaaf549e54147ae51f0372214552b63cb89e24483845d22f9103ad2db6fca27ce9baaaa4313691b567e55e75a74886bcc4fa646eb54150172a6741cb715ef7e0388d5d2a85c091801c9b7332ed4ac9c92dfd30fc925ca4b8e913e68549bd9a67eb0793b795f162587d09f2c5e2bec8143af9bb7ca5edf5fe2dcde09eb43c4d7f7574eb29e4746ebe0afd7c405385c60978a0eafc53dbef914a1dbb590f27d8a49b341c9adc59aab58d664adeff3dedc52dbfe237e35fb5b7d81e554e3c69c80ece1a7314171334d0a5"}}}, &(0x7f0000000740)={0x44, &(0x7f0000000400)={0x40, 0xc, 0x15, "78e6f424511d277a55c3f23852e4098df0f4bdafc7"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x5}, &(0x7f00000004c0)={0x20, 0x81, 0x3, "abbcb8"}, &(0x7f0000000500)={0x20, 0x82, 0x2, "3ffd"}, &(0x7f0000000640)={0x20, 0x83, 0x3, "9f0c7b"}, &(0x7f0000000680)={0x20, 0x84, 0x4, "f3234cc9"}, &(0x7f0000000700)={0x20, 0x85, 0x3, "4ecd51"}})
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r5, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000180)=0x200, 0x4)
recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x141, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r7 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
close_range(r7, r7, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x2)
recvmmsg(r8, &(0x7f0000001700)=[{{&(0x7f0000000840)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x80, &(0x7f0000000bc0)=[{&(0x7f00000007c0)=""/51, 0x33}, {&(0x7f00000008c0)=""/214, 0xd6}, {&(0x7f00000009c0)=""/70, 0x46}, {&(0x7f0000000a40)=""/103, 0x67}, {&(0x7f0000000ac0)=""/80, 0x50}, {&(0x7f0000000b40)=""/109, 0x6d}], 0x6, &(0x7f0000000c40)=""/106, 0x6a}, 0xabb}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000cc0)=""/91, 0x5b}, {&(0x7f0000000d40)=""/205, 0xcd}, {&(0x7f0000000e40)=""/229, 0xe5}, {&(0x7f0000000f40)=""/177, 0xb1}, {&(0x7f0000001040)=""/215, 0xd7}, {&(0x7f0000001140)=""/59, 0x3b}], 0x6, &(0x7f0000001200)=""/182, 0xb6}, 0x2}, {{&(0x7f00000012c0)=@pppol2tpv3in6, 0x80, &(0x7f0000001640)=[{&(0x7f0000001340)=""/232, 0xe8}, {&(0x7f0000001440)=""/13, 0xd}, {&(0x7f0000001480)=""/148, 0x94}, {&(0x7f0000001540)=""/223, 0xdf}], 0x4, &(0x7f0000001680)=""/93, 0x5d}, 0x79fce49e}], 0x3, 0x0, &(0x7f00000017c0))
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x935b, 0x6, 0x34524742, 0x7, 0x6, 0xfff, 0xa, 0xc, 0x0, 0x1}})
r9 = geteuid()
syz_usb_connect(0x0, 0x38, &(0x7f0000001000)={{0x12, 0x1, 0x0, 0x64, 0x57, 0x26, 0x40, 0x5c6, 0x9215, 0xf39f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x26, 0x2, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x52, 0x1, 0x1, 0x5e, 0x3a, 0x92, 0x7, [], [{{0x9, 0x5, 0x9, 0x8, 0x200, 0x7, 0x1, 0x1, [@generic={0x2, 0x4}]}}]}}, {{0x9, 0x4, 0xb7, 0x18, 0x0, 0xff, 0xff, 0xff, 0x9c}}]}}]}}, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1000000, &(0x7f00000001c0)={[{@none}, {@nofavordynmods}, {@clone_children}, {@xattr}], [{@euid_lt={'euid<', r9}}, {@dont_hash}, {@euid_lt={'euid<', r9}}, {@smackfsdef={'smackfsdef', 0x3d, '[}.%(('}}]})

4.758654559s ago: executing program 2 (id=1947):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(0xffffffffffffffff, 0x2, &(0x7f0000000000)={0x2}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0xff4c)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, 0x0, 0x0)
r4 = memfd_create(&(0x7f0000000280)='/dev/loop#\x00', 0x3)
fallocate(r4, 0x0, 0x0, 0x8800000)

1.168221518s ago: executing program 5 (id=1948):
r0 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)=ANY=[@ANYRESOCT=0x0, @ANYRES32, @ANYBLOB='+\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYRES32], 0x20)
pipe2$9p(&(0x7f0000000240), 0x80000)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x3fff41, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000240), 0x0, 0x40a00)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f0000000640)={0x0, 0x0, {0x0, 0x5c, 0x1012, 0x0, 0x4, 0x0, 0x0, 0xe7}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1a482, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
bind$ax25(r6, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
connect$ax25(r6, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
write$uinput_user_dev(r0, 0x0, 0xffffffffffffff2b)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f00006ad000/0x4000)=nil)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x5e}, [@ldst={0x7, 0x3, 0x0, 0x1c10a1}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xa}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)={0x28, r7, 0x5, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_PATH_REFRESH_TIME={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x40840)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000380)={'geneve1\x00', &(0x7f00000002c0)=@ethtool_coalesce={0xf, 0x7fff, 0x9, 0x0, 0x6, 0xfffffffb, 0x0, 0x7ff, 0x235, 0x3, 0x0, 0x9, 0x7ff, 0x4, 0x10, 0x7422767d, 0xff800000, 0x3, 0x5, 0x3ff, 0x4, 0x8, 0x8}})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x33)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="14ff04d17bf6cd75"], 0x7)

161.293342ms ago: executing program 1 (id=1949):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000180)})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r4 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r4, &(0x7f0000000140)=@OVL_FILEID_V1={0x17, 0x300f8, {'\x00', {0x0, 0xfb, 0x15, 0x7, 0x5, "e8371f2efe0868327a31a705ec978547"}}}, 0x30000)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff8}]})
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ptrace$setregs(0xf, 0xffffffffffffffff, 0x6, 0x0)

160.860814ms ago: executing program 3 (id=1950):
socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce070200"/66, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c0000009078"], 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0), 0x12)
r0 = openat$vcsu(0xffffff9c, &(0x7f0000000180), 0x88080, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x1ff)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0)
r1 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=@polexpire={0xcc, 0x1b, 0x1, 0x0, 0x0, {{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@loopback, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa0, 0x20}, {0x8, 0x0, 0x800000000002, 0x0, 0x5, 0x0, 0x800000000, 0xffffffffffffffff}, {0x100000000, 0x200, 0x367b, 0x3}, 0x0, 0x6e6bb0, 0x0, 0x1, 0x3}}, [@policy_type={0xa}]}, 0xcc}}, 0x40040c0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r7, &(0x7f0000000140)}, 0x20)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f00000001c0)=@security={'security\x00', 0x3a, 0x4, 0x338, 0xffffffff, 0x110, 0x0, 0x1a8, 0x110, 0xffffffff, 0x110, 0x2a0, 0x2a0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xb0, 0x110, 0x0, {}, [@common=@set={{0x40}}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@ip={@empty, @private, 0x0, 0x0, 'vlan0\x00', 'vlan0\x00'}, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@ttl={{0x28}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r10 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
open_tree(r0, &(0x7f0000000580)='./file0\x00', 0x1000)
keyctl$search(0xa, r1, &(0x7f0000000240)='id_resolver\x00', &(0x7f0000000280)={'syz', 0x1}, r10)

105.501573ms ago: executing program 4 (id=1951):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x70bd27, 0x25dfdbfd, {0xa, 0x10, 0x20, 0x10, 0x0, 0x0, 0x0, 0x7, 0x2}}, 0x1c}, 0x1, 0x0, 0x0, 0x4010}, 0x40080)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4e1}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}, 0x1, 0x2000000}, 0x0)

0s ago: executing program 3 (id=1952):
timer_create(0x0, 0x0, &(0x7f0000000100)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x3938700}}, 0x0)
timer_gettime(r0, &(0x7f00000000c0)={{}, {0x0, <r1=>0x0}})
timer_gettime(r0, &(0x7f0000000080))
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x2a0800, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x490400, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0xc})
semget$private(0x0, 0x6, 0x200)
socket$kcm(0x10, 0x2, 0x10)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'wlan0\x00', 0xfffffffe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000840)=[{{&(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x0, &(0x7f0000000700)=[{&(0x7f00000003c0)=""/14}, {&(0x7f0000000480)=""/210}, {&(0x7f0000000580)=""/242}, {&(0x7f0000000680)=""/88}, {&(0x7f0000000400)=""/35}], 0x0, &(0x7f0000000780)=""/134}, 0x2}], 0x1, 0x10000, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_tables_targets\x00')
readv(r7, &(0x7f0000000280)=[{&(0x7f0000000180)=""/193, 0xc1}], 0x1)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r7, 0x114, 0xa, &(0x7f0000000300)=ANY=[@ANYRESDEC=r1], 0x4)
preadv(r7, 0x0, 0x0, 0x64, 0x4000000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x24}}, 0xc00)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)

kernel console output (not intermixed with test programs):

hcd.5-1/input0
[  351.964521][ T5843] usb 6-1: reset full-speed USB device number 6 using dummy_hcd
[  352.076257][ T8577] syzkaller1: entered promiscuous mode
[  352.665679][ T8577] syzkaller1: entered allmulticast mode
[  352.829443][ T5823] Bluetooth: hci3: sending frame failed (-49)
[  352.838647][ T5838] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  352.934472][  T978] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  353.055699][ T8594] FAULT_INJECTION: forcing a failure.
[  353.055699][ T8594] name failslab, interval 1, probability 0, space 0, times 0
[  353.089528][ T8594] CPU: 0 UID: 0 PID: 8594 Comm: syz.2.783 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  353.089561][ T8594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  353.089575][ T8594] Call Trace:
[  353.089583][ T8594]  <TASK>
[  353.089592][ T8594]  dump_stack_lvl+0x189/0x250
[  353.089628][ T8594]  ? __pfx____ratelimit+0x10/0x10
[  353.089660][ T8594]  ? __pfx_dump_stack_lvl+0x10/0x10
[  353.089689][ T8594]  ? __pfx__printk+0x10/0x10
[  353.089714][ T8594]  ? __pfx___might_resched+0x10/0x10
[  353.089743][ T8594]  ? fs_reclaim_acquire+0x7d/0x100
[  353.089780][ T8594]  should_fail_ex+0x414/0x560
[  353.089818][ T8594]  should_failslab+0xa8/0x100
[  353.089849][ T8594]  __kmalloc_noprof+0xcb/0x4f0
[  353.089873][ T8594]  ? tomoyo_encode+0x28b/0x550
[  353.089902][ T8594]  tomoyo_encode+0x28b/0x550
[  353.089933][ T8594]  tomoyo_realpath_from_path+0x58d/0x5d0
[  353.089971][ T8594]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  353.090003][ T8594]  tomoyo_path_number_perm+0x1e8/0x5a0
[  353.090038][ T8594]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  353.090100][ T8594]  ? __lock_acquire+0xab9/0xd20
[  353.090154][ T8594]  ? __fget_files+0x2a/0x420
[  353.090187][ T8594]  ? __fget_files+0x2a/0x420
[  353.090213][ T8594]  ? __fget_files+0x3a0/0x420
[  353.090240][ T8594]  ? __fget_files+0x2a/0x420
[  353.090273][ T8594]  security_file_ioctl+0xcb/0x2d0
[  353.090297][ T8594]  __se_sys_ioctl+0x47/0x170
[  353.090322][ T8594]  do_syscall_64+0xfa/0x3b0
[  353.090350][ T8594]  ? lockdep_hardirqs_on+0x9c/0x150
[  353.090379][ T8594]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.090399][ T8594]  ? clear_bhb_loop+0x60/0xb0
[  353.090423][ T8594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.090442][ T8594] RIP: 0033:0x7fc1fc58e969
[  353.090462][ T8594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.090479][ T8594] RSP: 002b:00007fc1fd314038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  353.090502][ T8594] RAX: ffffffffffffffda RBX: 00007fc1fc7b5fa0 RCX: 00007fc1fc58e969
[  353.090516][ T8594] RDX: 0000200000000040 RSI: 0000000040085112 RDI: 0000000000000003
[  353.090529][ T8594] RBP: 00007fc1fd314090 R08: 0000000000000000 R09: 0000000000000000
[  353.090542][ T8594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.090553][ T8594] R13: 0000000000000000 R14: 00007fc1fc7b5fa0 R15: 00007ffc2bcca628
[  353.090589][ T8594]  </TASK>
[  353.090614][ T8594] ERROR: Out of memory at tomoyo_realpath_from_path.
[  353.358268][  T978] usb 5-1: Using ep0 maxpacket: 16
[  353.417139][  T978] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  353.667421][ T5946] usb 6-1: USB disconnect, device number 6
[  353.673671][  T978] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  353.683774][  T978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.709350][  T978] usb 5-1: config 0 descriptor??
[  353.721863][  T978] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13
[  354.105866][ T8604] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  354.184609][  T978] usb 5-1: USB disconnect, device number 26
[  355.059198][ T8627] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  355.718262][   T30] audit: type=1400 audit(1749003738.769:187): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=8628 comm="syz.5.792" dest=2
[  355.991932][ T8648] vivid-003: disconnect
[  355.996314][ T8647] vivid-003: reconnect
[  356.064470][   T30] audit: type=1400 audit(1749003739.409:188): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=8638 comm="syz.3.796" daddr=ff01::1 dest=20000
[  356.594808][   T24] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  357.160135][   T24] usb 2-1: Using ep0 maxpacket: 32
[  357.253304][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  357.294416][   T24] usb 2-1: config 127 has an invalid interface number: 36 but max is 1
[  357.294451][   T24] usb 2-1: config 127 has an invalid interface number: 51 but max is 1
[  357.294474][   T24] usb 2-1: config 127 has no interface number 0
[  357.294492][   T24] usb 2-1: config 127 has no interface number 1
[  357.294538][   T24] usb 2-1: config 127 interface 36 has no altsetting 0
[  357.294559][   T24] usb 2-1: config 127 interface 51 has no altsetting 0
[  357.308715][   T24] usb 2-1: New USB device found, idVendor=1410, idProduct=a005, bcdDevice=53.d4
[  357.308751][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.308774][   T24] usb 2-1: Product: syz
[  357.308791][   T24] usb 2-1: Manufacturer: syz
[  357.308807][   T24] usb 2-1: SerialNumber: syz
[  357.392165][   T30] audit: type=1400 audit(1749003740.739:189): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=8661 comm="syz.5.803" daddr=::ffff:172.20.20.0
[  357.393754][ T8663] netlink: 16 bytes leftover after parsing attributes in process `syz.5.803'.
[  357.413236][ T8667] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.414107][ T8667] batadv_slave_0: entered promiscuous mode
[  357.678291][   T24] usb 2-1: unknown number of interfaces: 2
[  357.699168][   T24] usb 2-1: USB disconnect, device number 16
[  358.174636][  T978] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  358.495967][  T978] usb 5-1: Using ep0 maxpacket: 8
[  358.789270][  T978] usb 5-1: config 0 has an invalid descriptor of length 43, skipping remainder of the config
[  358.821435][  T978] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  358.853214][  T978] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[  358.886960][  T978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.909472][  T978] usb 5-1: Product: syz
[  358.923487][  T978] usb 5-1: Manufacturer: syz
[  358.931590][  T978] usb 5-1: SerialNumber: syz
[  358.970626][  T978] usb 5-1: config 0 descriptor??
[  359.912632][ T8706] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  359.920783][ T8706] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  360.848065][ T5932] usb 5-1: USB disconnect, device number 27
[  361.488584][ T8730] netlink: 48 bytes leftover after parsing attributes in process `syz.3.823'.
[  361.566913][ T8730] netlink: 32 bytes leftover after parsing attributes in process `syz.3.823'.
[  362.658649][ T8742] fuse: Bad value for 'group_id'
[  362.677068][ T8742] fuse: Bad value for 'group_id'
[  362.918806][ T8746] tipc: Can't bind to reserved service type 0
[  363.945237][ T8755] netlink: 32 bytes leftover after parsing attributes in process `syz.4.832'.
[  364.342284][ T8767] netlink: 8 bytes leftover after parsing attributes in process `syz.3.836'.
[  364.663528][   T30] audit: type=1326 audit(1749003748.009:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  364.724013][   T30] audit: type=1326 audit(1749003748.039:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  364.770244][   T30] audit: type=1326 audit(1749003748.039:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  364.836780][   T30] audit: type=1326 audit(1749003748.039:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb408d90887 code=0x7ffc0000
[  364.922229][   T30] audit: type=1326 audit(1749003748.039:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fb408d907fc code=0x7ffc0000
[  365.135885][   T30] audit: type=1326 audit(1749003748.039:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fb408d90734 code=0x7ffc0000
[  365.165131][   T30] audit: type=1326 audit(1749003748.039:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fb408d90734 code=0x7ffc0000
[  365.955149][   T30] audit: type=1326 audit(1749003748.039:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb408d8d5ca code=0x7ffc0000
[  366.034369][   T30] audit: type=1326 audit(1749003748.039:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  366.290035][   T30] audit: type=1326 audit(1749003748.039:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8773 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  366.569528][   T24] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  366.618830][ T8803] netlink: 8 bytes leftover after parsing attributes in process `syz.5.847'.
[  366.708882][   T24] usb 5-1: device descriptor read/64, error -71
[  366.748552][ T8810] FAULT_INJECTION: forcing a failure.
[  366.748552][ T8810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.762121][ T8810] CPU: 1 UID: 0 PID: 8810 Comm: syz.5.852 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  366.762151][ T8810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  366.762164][ T8810] Call Trace:
[  366.762172][ T8810]  <TASK>
[  366.762181][ T8810]  dump_stack_lvl+0x189/0x250
[  366.762215][ T8810]  ? __pfx____ratelimit+0x10/0x10
[  366.762246][ T8810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.762274][ T8810]  ? __pfx__printk+0x10/0x10
[  366.762296][ T8810]  ? __might_fault+0xb0/0x130
[  366.762336][ T8810]  should_fail_ex+0x414/0x560
[  366.762372][ T8810]  _copy_from_user+0x2d/0xb0
[  366.762399][ T8810]  __sys_connect+0x123/0x440
[  366.762421][ T8810]  ? __fget_files+0x3a0/0x420
[  366.762449][ T8810]  ? __pfx___sys_connect+0x10/0x10
[  366.762486][ T8810]  ? __pfx_ksys_write+0x10/0x10
[  366.762508][ T8810]  ? rcu_is_watching+0x15/0xb0
[  366.762547][ T8810]  __x64_sys_connect+0x7a/0x90
[  366.762570][ T8810]  do_syscall_64+0xfa/0x3b0
[  366.762598][ T8810]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.762627][ T8810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.762647][ T8810]  ? clear_bhb_loop+0x60/0xb0
[  366.762673][ T8810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.762693][ T8810] RIP: 0033:0x7f858b78e969
[  366.762711][ T8810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.762728][ T8810] RSP: 002b:00007f858c53c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  366.762749][ T8810] RAX: ffffffffffffffda RBX: 00007f858b9b5fa0 RCX: 00007f858b78e969
[  366.762764][ T8810] RDX: 000000000000001c RSI: 0000200000000200 RDI: 0000000000000003
[  366.762776][ T8810] RBP: 00007f858c53c090 R08: 0000000000000000 R09: 0000000000000000
[  366.762788][ T8810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.762800][ T8810] R13: 0000000000000000 R14: 00007f858b9b5fa0 R15: 00007ffdf1bffcf8
[  366.762835][ T8810]  </TASK>
[  367.010308][ T8814] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  367.058378][ T8808] netlink: 12 bytes leftover after parsing attributes in process `syz.1.851'.
[  367.145884][   T24] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  367.315748][   T24] usb 5-1: device descriptor read/64, error -71
[  368.178962][   T24] usb usb5-port1: attempt power cycle
[  368.233863][ T8830] fuse: Bad value for 'group_id'
[  368.239105][ T8830] fuse: Bad value for 'group_id'
[  368.532360][   T24] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  368.882721][   T24] usb 5-1: device descriptor read/8, error -71
[  369.438801][   T24] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  369.733544][   T24] usb 5-1: device not accepting address 31, error -71
[  370.699002][   T24] usb usb5-port1: unable to enumerate USB device
[  370.756146][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.4.867'.
[  371.184591][  T978] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  371.261727][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  371.261746][   T30] audit: type=1400 audit(1749003754.609:208): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?000000000033" object="_" requested=w pid=8859 comm="syz.5.868" saddr=fe80::bb daddr=fe80::aa dest=20002 netif=wpan0
[  371.306271][   T30] audit: type=1400 audit(1749003754.649:209): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?000000000033" object="_" requested=w pid=8859 comm="syz.5.868" saddr=fe80::bb src=16384 daddr=fe80::aa dest=20002 netif=wpan0
[  371.377219][  T978] usb 2-1: config 4 has an invalid interface number: 156 but max is 0
[  371.385895][  T978] usb 2-1: config 4 has no interface number 0
[  371.395645][  T978] usb 2-1: New USB device found, idVendor=0fe9, idProduct=db71, bcdDevice=53.3e
[  371.406635][  T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.429901][  T978] usb 2-1: Product: syz
[  371.441497][  T978] usb 2-1: Manufacturer: syz
[  371.454775][  T978] usb 2-1: SerialNumber: syz
[  371.530539][  T978] dvb-usb: found a 'DViCO FusionHDTV DVB-T NANO2 w/o firmware' in warm state.
[  371.561796][  T978] usb 2-1: setting power ON
[  371.575577][  T978] dvb-usb: bulk message failed: -8 (2/0)
[  371.595812][  T978] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  371.657999][  T978] dvb-usb: DViCO FusionHDTV DVB-T NANO2 w/o firmware error while loading driver (-19)
[  371.794791][ T8844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  371.813939][ T8844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  371.839925][ T8871] netlink: 'syz.2.872': attribute type 1 has an invalid length.
[  371.853435][ T8871] netlink: 'syz.2.872': attribute type 2 has an invalid length.
[  371.884301][  T978] dvb_usb_cxusb 2-1:4.156: probe with driver dvb_usb_cxusb failed with error -22
[  371.916578][ T8874] netlink: 'syz.2.872': attribute type 1 has an invalid length.
[  371.963082][ T8874] netlink: 'syz.2.872': attribute type 2 has an invalid length.
[  372.392570][  T978] usb 2-1: USB disconnect, device number 17
[  374.184832][ T8909] fuse: Bad value for 'group_id'
[  374.189856][ T8909] fuse: Bad value for 'group_id'
[  374.641329][   T30] audit: type=1326 audit(1749003757.989:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.685970][   T30] audit: type=1326 audit(1749003757.989:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.720812][   T30] audit: type=1326 audit(1749003758.029:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.752094][   T30] audit: type=1326 audit(1749003758.029:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.818020][   T30] audit: type=1326 audit(1749003758.029:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.847354][   T30] audit: type=1326 audit(1749003758.029:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.874777][   T30] audit: type=1326 audit(1749003758.029:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f957f790887 code=0x7ffc0000
[  374.941264][   T30] audit: type=1326 audit(1749003758.029:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8923 comm="syz.3.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  374.994369][  T978] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  375.154486][  T978] usb 3-1: Using ep0 maxpacket: 16
[  375.164061][  T978] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  375.194382][  T978] usb 3-1: config 0 has no interface number 0
[  375.199219][ T8934] fuse: Bad value for 'group_id'
[  375.206330][ T8934] fuse: Bad value for 'group_id'
[  375.216217][  T978] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  375.247999][  T978] usb 3-1: config 0 interface 3 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 32
[  375.287807][  T978] usb 3-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=68.b5
[  375.307600][  T978] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.351058][ T8941] netlink: 8 bytes leftover after parsing attributes in process `syz.5.897'.
[  375.531173][  T978] usb 3-1: Product: syz
[  375.536797][  T978] usb 3-1: Manufacturer: syz
[  375.542234][  T978] usb 3-1: SerialNumber: syz
[  375.553707][  T978] usb 3-1: config 0 descriptor??
[  375.559817][ T8926] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  375.570230][  T978] ir_toy 3-1:0.3: required endpoints not found
[  376.244727][ T8949] netlink: 20 bytes leftover after parsing attributes in process `syz.4.896'.
[  376.570699][ T5932] usb 3-1: USB disconnect, device number 34
[  377.280016][ T8962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  378.573438][ T8972] netlink: 8 bytes leftover after parsing attributes in process `syz.2.905'.
[  378.582488][ T8972] nbd: must specify a device to reconfigure
[  378.790587][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  379.202446][ T5838] Bluetooth: hci5: Malformed LE Event: 0x02
[  379.286638][ T8977] fuse: Bad value for 'group_id'
[  379.291880][ T8977] fuse: Bad value for 'group_id'
[  382.934905][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  382.934927][   T30] audit: type=1326 audit(1749003766.289:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  382.971768][   T30] audit: type=1326 audit(1749003766.289:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  383.133380][   T30] audit: type=1326 audit(1749003766.319:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  383.181317][   T30] audit: type=1326 audit(1749003766.319:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  383.275686][ T9019] xt_SECMARK: invalid mode: 2
[  383.991694][   T30] audit: type=1326 audit(1749003766.319:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  384.013541][    C0] vkms_vblank_simulate: vblank timer overrun
[  384.031159][   T30] audit: type=1326 audit(1749003766.319:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  384.054253][   T30] audit: type=1326 audit(1749003766.319:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  384.076037][   T30] audit: type=1326 audit(1749003766.319:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  384.129236][   T30] audit: type=1326 audit(1749003766.319:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  384.150672][    C0] vkms_vblank_simulate: vblank timer overrun
[  384.164309][   T30] audit: type=1326 audit(1749003766.319:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.4.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  385.213976][ T9041] netlink: 8 bytes leftover after parsing attributes in process `syz.1.928'.
[  385.642230][ T9053] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (18446744073709551615)
[  385.713590][ T9053] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  385.756204][ T9055] trusted_key: encrypted_key: insufficient parameters specified
[  385.927160][ T9059] trusted_key: encrypted_key: insufficient parameters specified
[  387.203196][ T5921] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  387.987742][ T5921] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  388.076183][ T9072] netlink: 92 bytes leftover after parsing attributes in process `syz.5.920'.
[  388.109011][ T5921] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  388.141159][ T5921] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  388.182208][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.217572][ T5921] usb 3-1: config 0 descriptor??
[  389.269938][ T9090] netlink: 8 bytes leftover after parsing attributes in process `syz.1.942'.
[  389.437496][ T5921] usbhid 3-1:0.0: can't add hid device: -71
[  389.443614][ T5921] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  389.474903][ T5921] usb 3-1: USB disconnect, device number 35
[  389.831017][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  389.831035][   T30] audit: type=1400 audit(1749003773.179:273): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=9093 comm="syz.4.944" daddr=fe80::bb dest=20002
[  389.917278][ T9095] xt_SECMARK: invalid mode: 2
[  389.969314][ T9103] netlink: 28 bytes leftover after parsing attributes in process `syz.1.946'.
[  390.001891][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.1.946'.
[  392.280603][ T9119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.164766][ T9140] netlink: 8 bytes leftover after parsing attributes in process `syz.1.957'.
[  395.705711][ T9154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.962'.
[  395.885349][ T9154] netlink: 24 bytes leftover after parsing attributes in process `syz.1.962'.
[  396.760367][ T9158] netlink: 8 bytes leftover after parsing attributes in process `syz.4.965'.
[  397.253151][ T9168] fuse: Bad value for 'group_id'
[  397.269114][ T9168] fuse: Bad value for 'group_id'
[  397.767682][ T9170] overlayfs: failed to clone upperpath
[  397.799433][   T30] audit: type=1400 audit(1749003781.079:274): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=9165 comm="syz.5.953" daddr=fc00:: dest=20002
[  398.282602][ T9180] netlink: 8 bytes leftover after parsing attributes in process `syz.4.970'.
[  398.701647][   T30] audit: type=1800 audit(1749003782.049:275): pid=9187 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.968" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  398.797488][ T5932] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  398.966472][ T5932] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  398.987768][ T5932] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  399.021332][ T5932] usb 5-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00
[  399.054535][ T5932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.085485][ T5932] usb 5-1: config 0 descriptor??
[  399.930950][ T9206] =======================================================
[  399.930950][ T9206] WARNING: The mand mount option has been deprecated and
[  399.930950][ T9206]          and is ignored by this kernel. Remove the mand
[  399.930950][ T9206]          option from the mount to silence this warning.
[  399.930950][ T9206] =======================================================
[  400.113949][ T9212] netlink: 'syz.1.980': attribute type 4 has an invalid length.
[  400.123602][ T9212] netlink: 12 bytes leftover after parsing attributes in process `syz.1.980'.
[  400.134443][ T5932] usbhid 5-1:0.0: can't add hid device: -71
[  400.141618][ T5932] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  400.163996][ T5932] usb 5-1: USB disconnect, device number 32
[  400.173183][ T9215] fuse: Bad value for 'group_id'
[  400.183579][ T9215] fuse: Bad value for 'group_id'
[  402.056740][ T5843] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  402.440418][ T5843] usb 5-1: Using ep0 maxpacket: 16
[  402.448413][ T5843] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  402.461582][ T5843] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  402.470755][ T5843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.493494][ T5843] usb 5-1: config 0 descriptor??
[  403.420046][ T9244] overlayfs: failed to clone upperpath
[  403.806685][ T5843] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input14
[  403.918640][ T5843] bcm5974 5-1:0.0: could not read from device
[  403.994654][ T5843] input: failed to attach handler mousedev to device input14, error: -5
[  404.034073][ T5843] usb 5-1: USB disconnect, device number 33
[  404.374843][ T9263] netlink: 28 bytes leftover after parsing attributes in process `syz.5.999'.
[  406.228201][ T5843] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[  406.370017][   T30] audit: type=1400 audit(1749003789.709:276): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=9279 comm="syz.5.1004" dest=2
[  406.975961][ T5843] usb 5-1: descriptor type invalid, skip
[  406.983809][ T5843] usb 5-1: descriptor type invalid, skip
[  407.005491][ T5843] usb 5-1: descriptor type invalid, skip
[  407.026797][ T5843] usb 5-1: not running at top speed; connect to a high speed hub
[  407.059649][   T30] audit: type=1326 audit(1749003790.409:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.110784][ T5843] usb 5-1: too many endpoints for config 1 interface 0 altsetting 48: 255, using maximum allowed: 30
[  407.120643][   T30] audit: type=1326 audit(1749003790.409:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.132547][ T5843] usb 5-1: config 1 interface 0 altsetting 48 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[  407.191467][ T5843] usb 5-1: config 1 interface 0 has no altsetting 0
[  407.212200][ T5843] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  407.221821][ T5843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.242300][ T5843] usb 5-1: Product: syz
[  407.244451][   T30] audit: type=1326 audit(1749003790.409:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.246608][ T5843] usb 5-1: Manufacturer: syz
[  407.316375][ T5843] usb 5-1: SerialNumber: syz
[  407.358546][   T30] audit: type=1326 audit(1749003790.409:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.414644][   T30] audit: type=1326 audit(1749003790.409:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.518728][   T30] audit: type=1326 audit(1749003790.409:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.543940][ T9302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.553225][ T9302] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.591057][ T5843] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 34 if 0 alt 48 proto 3 vid 0x0525 pid 0xA4A8
[  407.607896][   T30] audit: type=1326 audit(1749003790.409:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.630128][   T30] audit: type=1326 audit(1749003790.409:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.652794][   T30] audit: type=1326 audit(1749003790.409:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9287 comm="syz.5.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  407.684899][ T5843] usb 5-1: USB disconnect, device number 34
[  407.728008][ T5843] usblp0: removed
[  408.056811][ T9308] dummy0: entered promiscuous mode
[  408.062530][ T9308] macsec1: entered allmulticast mode
[  408.068341][ T9308] dummy0: entered allmulticast mode
[  408.069720][ T9310] fuse: Bad value for 'fd'
[  408.079557][ T9308] dummy0: left allmulticast mode
[  408.084771][ T9308] dummy0: left promiscuous mode
[  410.780827][ T9343] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1025'.
[  410.816979][ T9343] trusted_key: encrypted_key: insufficient parameters specified
[  410.949745][ T9350] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1028'.
[  411.046226][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1029'.
[  411.064537][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1029'.
[  411.239543][ T9361] 9pnet_fd: Insufficient options for proto=fd
[  411.284614][ T5921] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  411.487318][ T9370] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1035'.
[  411.650282][ T5921] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  411.718583][ T5921] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  412.427643][ T5921] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  412.444389][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.456957][ T9354] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  412.509615][ T9375] overlayfs: missing 'lowerdir'
[  412.601945][ T9375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1037'.
[  412.711820][ T5921] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  412.794314][ T5932] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  412.854671][ T5921] usb 2-1: USB disconnect, device number 18
[  412.976759][ T5932] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.020706][ T5932] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  413.052872][ T5932] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  413.145297][ T5932] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  413.160898][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.674287][ T5932] usb 3-1: Product: syz
[  413.678550][ T5932] usb 3-1: Manufacturer: syz
[  413.683186][ T5932] usb 3-1: SerialNumber: syz
[  413.703912][ T5932] usb 3-1: config 0 descriptor??
[  413.736077][ T5932] usb 3-1: Found UVC 34.00 device syz (8086:0b5b)
[  413.753751][ T5932] usb 3-1: No valid video chain found.
[  414.110291][ T9392] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1041'.
[  414.226928][ T9394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  415.022068][ T5921] usb 3-1: USB disconnect, device number 36
[  415.146715][ T9403] fuse: Bad value for 'group_id'
[  415.151838][ T9403] fuse: Bad value for 'group_id'
[  415.622204][ T9412] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1047'.
[  416.878916][ T9421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1052'.
[  417.794341][  T978] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  418.045353][  T978] usb 2-1: Using ep0 maxpacket: 16
[  418.091925][  T978] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  418.157487][  T978] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  418.192112][  T978] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=0
[  418.218247][  T978] usb 2-1: Product: syz
[  418.256448][  T978] usb 2-1: config 0 descriptor??
[  418.872471][ T9447] fuse: Bad value for 'group_id'
[  418.911458][ T9447] fuse: Bad value for 'group_id'
[  419.330698][ T9452] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  421.914517][ T5921] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  422.087968][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  422.117466][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  422.145240][  T978] usbhid 2-1:0.0: can't add hid device: -71
[  422.149057][ T5921] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  422.151294][  T978] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  422.177792][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.201091][ T5921] usb 5-1: config 0 descriptor??
[  422.215259][  T978] usb 2-1: USB disconnect, device number 19
[  422.226478][ T9464] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  422.461821][ T9464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  422.470944][ T9464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  422.673271][ T9471] overlay: Unknown parameter 'euid'
[  422.775916][ T5921] usbhid 5-1:0.0: can't add hid device: -71
[  422.782085][ T5921] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  422.834682][ T5921] usb 5-1: USB disconnect, device number 35
[  423.101656][ T9482] fuse: Bad value for 'group_id'
[  423.111547][ T9482] fuse: Bad value for 'group_id'
[  423.276224][ T5921] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  423.445399][ T5921] usb 2-1: Using ep0 maxpacket: 32
[  423.478754][ T5921] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  423.517708][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.571359][ T5921] usb 2-1: config 0 descriptor??
[  423.675412][ T9492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  424.187024][ T5921] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  424.222312][ T5921] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  424.245714][ T5921] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  424.253331][ T5921] usb 2-1: media controller created
[  424.302285][ T5921] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  424.414419][ T5921] az6027: usb out operation failed. (-71)
[  424.453013][ T5921] az6027: usb out operation failed. (-71)
[  424.459935][ T5921] stb0899_attach: Driver disabled by Kconfig
[  424.500956][ T5921] az6027: no front-end attached
[  424.500956][ T5921] 
[  424.521887][ T5921] az6027: usb out operation failed. (-71)
[  424.551445][ T5921] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  424.576741][ T5921] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input15
[  425.135003][ T5921] dvb-usb: schedule remote query interval to 400 msecs.
[  425.183926][ T5921] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  425.265758][ T5921] usb 2-1: USB disconnect, device number 20
[  425.772213][ T5921] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  427.245536][ T9542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  427.639062][ T9546] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1092'.
[  427.923460][ T9551] fuse: Bad value for 'group_id'
[  427.929667][ T9551] fuse: Bad value for 'group_id'
[  428.184962][ T9554] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1094'.
[  429.116441][ T5838] Bluetooth: hci1: unexpected event for opcode 0x1004
[  431.581841][ T9554] team0 (unregistering): Port device team_slave_0 removed
[  431.607464][ T9554] team0 (unregistering): Port device team_slave_1 removed
[  431.846612][ T9587] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1103'.
[  432.255722][ T9595] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  433.265681][ T5838] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  433.275839][ T5838] Bluetooth: hci1: Injecting HCI hardware error event
[  433.292818][ T5838] Bluetooth: hci1: hardware error 0x00
[  433.886672][   T30] kauditd_printk_skb: 119 callbacks suppressed
[  433.886694][   T30] audit: type=1400 audit(1749003817.239:405): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=9606 comm="syz.2.1110" daddr=::ffff:127.0.0.1
[  434.390424][ T9618] netlink: 296 bytes leftover after parsing attributes in process `syz.2.1114'.
[  434.419624][ T9620] fuse: Bad value for 'group_id'
[  434.426087][ T9620] fuse: Bad value for 'group_id'
[  435.344450][ T5838] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  437.253006][ T9646] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  437.363457][ T9649] SET target dimension over the limit!
[  438.464321][ T5946] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  438.624412][ T5946] usb 3-1: Using ep0 maxpacket: 16
[  438.636994][ T5946] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.654682][ T5946] usb 3-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  438.671884][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.717076][ T5946] usb 3-1: config 0 descriptor??
[  438.836011][ T9661] fuse: Bad value for 'group_id'
[  438.844417][ T9661] fuse: Bad value for 'group_id'
[  438.939207][ T9655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.957646][ T9655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.175790][ T5946] elo 0003:04E7:0030.0007: unknown main item tag 0x0
[  439.182579][ T5946] elo 0003:04E7:0030.0007: unknown main item tag 0x0
[  439.189507][ T5946] elo 0003:04E7:0030.0007: unknown main item tag 0x0
[  439.196706][ T5946] elo 0003:04E7:0030.0007: unknown main item tag 0x0
[  439.203436][ T5946] elo 0003:04E7:0030.0007: unknown main item tag 0x0
[  439.204445][ T5921] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  439.218829][ T5946] elo 0003:04E7:0030.0007: hidraw0: USB HID v0.05 Device [HID 04e7:0030] on usb-dummy_hcd.2-1/input0
[  439.364432][ T5921] usb 2-1: device descriptor read/64, error -71
[  439.394838][ T5946] usb 3-1: USB disconnect, device number 37
[  439.603306][ T9675] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1130'.
[  439.614365][ T5921] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  439.826812][ T5921] usb 2-1: device descriptor read/64, error -71
[  439.944019][ T9677] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  440.076657][ T5921] usb usb2-port1: attempt power cycle
[  440.304928][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  440.407080][ T9682] kAFS: unable to lookup cell 'sy[N6/r�>��mN��b�z1'
[  440.437973][ T9682] bpq0: entered allmulticast mode
[  441.252367][ T5921] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  441.294434][ T5921] usb 2-1: device descriptor read/8, error -71
[  442.621339][ T5894] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  442.692509][ T9695] input: syz0 as /devices/virtual/input/input16
[  442.777130][ T9697] fuse: Bad value for 'group_id'
[  442.782153][ T9697] fuse: Bad value for 'group_id'
[  442.825872][ T5894] usb 3-1: Using ep0 maxpacket: 16
[  442.838492][ T5894] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  442.866539][ T5894] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  442.876143][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.896803][ T5894] usb 3-1: config 0 descriptor??
[  442.927968][ T5894] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input17
[  443.054094][   T24] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  443.243721][ T5894] bcm5974 3-1:0.0: could not read from device
[  443.969129][ T5894] input: failed to attach handler mousedev to device input17, error: -5
[  443.992649][   T24] usb 5-1: Using ep0 maxpacket: 8
[  444.036279][   T24] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  444.048166][ T5894] usb 3-1: USB disconnect, device number 38
[  444.055110][   T24] usb 5-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  444.072606][   T24] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 97, changing to 7
[  444.345074][   T24] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24929, setting to 1024
[  444.427154][   T24] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  444.446472][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.493688][   T24] usb 5-1: Product: syz
[  444.504526][   T24] usb 5-1: Manufacturer: syz
[  444.510388][   T24] usb 5-1: SerialNumber: syz
[  444.536022][   T24] hso 5-1:6.0: Can't find BULK IN endpoint
[  444.746825][ T9699] netlink: 'syz.4.1138': attribute type 21 has an invalid length.
[  445.758483][ T9699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1138'.
[  445.767674][ T9699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1138'.
[  445.774659][ T5946] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  446.054392][ T5946] usb 2-1: Using ep0 maxpacket: 32
[  446.066088][ T5946] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  446.075019][ T5946] usb 2-1: config 0 has no interface number 0
[  446.081196][ T5946] usb 2-1: config 0 interface 12 has no altsetting 0
[  446.097503][ T5946] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  446.101791][   T24] usb 5-1: USB disconnect, device number 36
[  446.109662][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.120843][ T5946] usb 2-1: Product: syz
[  446.125202][ T5946] usb 2-1: Manufacturer: syz
[  446.129845][ T5946] usb 2-1: SerialNumber: syz
[  446.136339][   T30] audit: type=1400 audit(1749003829.489:406): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=9733 comm="syz.2.1149"
[  446.157476][ T5946] usb 2-1: config 0 descriptor??
[  446.318413][ T9740] fuse: Bad value for 'group_id'
[  446.323471][ T9740] fuse: Bad value for 'group_id'
[  448.807527][ T5946] f81534 2-1:0.12: f81534_set_register: reg: 1003 data: e0 failed: -32
[  448.816834][ T5946] f81534 2-1:0.12: f81534_find_config_idx: read failed: -32
[  448.824247][ T5946] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -32
[  448.832102][ T5946] f81534 2-1:0.12: probe with driver f81534 failed with error -32
[  448.845382][ T5946] usb 2-1: USB disconnect, device number 25
[  449.548151][ T9776] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1160'.
[  449.893438][ T9783] fuse: Bad value for 'group_id'
[  449.916060][ T9783] fuse: Bad value for 'group_id'
[  452.455115][   T24] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  452.624647][   T24] usb 2-1: Using ep0 maxpacket: 16
[  452.633185][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  452.664494][   T24] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  452.673599][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.715948][   T24] usb 2-1: config 0 descriptor??
[  452.739976][   T24] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input18
[  452.750233][ T9830] tipc: Started in network mode
[  452.780237][ T9830] tipc: Node identity e0000001, cluster identity 4711
[  452.799331][ T9830] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  452.803739][ T9832] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1178'.
[  452.836617][ T5894] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  452.927964][   T24] bcm5974 2-1:0.0: could not read from device
[  452.956666][   T30] audit: type=1326 audit(1749003836.279:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  453.006084][   T24] input: failed to attach handler mousedev to device input18, error: -5
[  453.008542][   T30] audit: type=1326 audit(1749003836.279:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  453.017635][ T5894] usb 3-1: Using ep0 maxpacket: 16
[  453.049027][   T30] audit: type=1326 audit(1749003836.289:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f858b790887 code=0x7ffc0000
[  453.080362][   T24] usb 2-1: USB disconnect, device number 26
[  453.085841][   T30] audit: type=1326 audit(1749003836.299:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f858b7907fc code=0x7ffc0000
[  453.130532][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.153903][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.165644][ T5894] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  453.180490][   T30] audit: type=1326 audit(1749003836.299:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f858b790734 code=0x7ffc0000
[  453.194295][ T5894] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  453.214308][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.227212][   T30] audit: type=1326 audit(1749003836.299:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f858b790734 code=0x7ffc0000
[  453.236953][ T5894] usb 3-1: config 0 descriptor??
[  453.290229][   T30] audit: type=1326 audit(1749003836.299:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f858b78d5ca code=0x7ffc0000
[  453.315488][   T30] audit: type=1326 audit(1749003836.299:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  453.347818][   T30] audit: type=1326 audit(1749003836.299:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858b78e969 code=0x7ffc0000
[  453.374222][   T30] audit: type=1326 audit(1749003836.299:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9834 comm="syz.5.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f858b790887 code=0x7ffc0000
[  453.711390][ T9842] xt_hashlimit: max too large, truncated to 1048576
[  455.048139][ T5894] microsoft 0003:045E:07DA.0008: No inputs registered, leaving
[  455.080617][ T5894] microsoft 0003:045E:07DA.0008: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  455.092312][ T5894] microsoft 0003:045E:07DA.0008: no inputs found
[  455.098938][ T5894] microsoft 0003:045E:07DA.0008: could not initialize ff, continuing anyway
[  455.273070][ T9856] usb usb8: usbfs: process 9856 (syz.4.1181) did not claim interface 0 before use
[  455.884340][ T5894] usb 3-1: USB disconnect, device number 39
[  463.719510][ T9919] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  465.718226][ T9939] kAFS: unable to lookup cell 'sy@0'
[  471.635436][  T978] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  471.804901][  T978] usb 3-1: Using ep0 maxpacket: 32
[  471.820357][  T978] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  471.832893][  T978] usb 3-1: config 0 has no interface number 0
[  471.837362][ T5894] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  471.849519][  T978] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  471.881995][  T978] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.890677][  T978] usb 3-1: Product: syz
[  471.898718][  T978] usb 3-1: Manufacturer: syz
[  471.908090][  T978] usb 3-1: SerialNumber: syz
[  471.917979][  T978] usb 3-1: config 0 descriptor??
[  471.938203][  T978] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  472.143606][  T978] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  472.554482][ T5894] usb 2-1: Using ep0 maxpacket: 16
[  472.568924][  T978] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  472.577624][ T5894] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  472.607557][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  472.611648][ T5894] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  472.625120][  T978] usb 3-1: USB disconnect, device number 40
[  472.636052][ T5894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.637198][  T978] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  472.651583][ T5894] usb 2-1: config 0 descriptor??
[  472.695763][  T978] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  472.715762][  T978] quatech2 3-1:0.51: device disconnected
[  473.005378][ T5894] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input21
[  473.280449][ T5894] usb 2-1: USB disconnect, device number 27
[  474.447987][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  474.448031][   T30] audit: type=1400 audit(1749003857.799:430): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=10040 comm="syz.3.1242" daddr=::1c9a:e7ff:fe9a:6f34
[  475.066678][T10054] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1243'.
[  479.157544][T10095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1256'.
[  481.954389][ T9711] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  481.984277][T10140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1270'.
[  482.991417][ T5894] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  483.016316][ T9711] usb 2-1: Using ep0 maxpacket: 16
[  483.023849][ T9711] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  483.037026][ T9711] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  483.046100][ T9711] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.261405][ T9711] usb 2-1: config 0 descriptor??
[  483.273917][ T9711] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input22
[  483.334376][ T5894] usb 5-1: Using ep0 maxpacket: 8
[  483.341956][ T5894] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  483.350449][ T5894] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  483.360332][ T5894] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  483.371544][ T5894] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  483.381599][ T5894] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  483.394814][ T5894] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  483.403957][ T5894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.477925][ T9711] bcm5974 2-1:0.0: could not read from device
[  483.494708][ T9711] input: failed to attach handler mousedev to device input22, error: -5
[  483.522659][ T9711] usb 2-1: USB disconnect, device number 28
[  483.629567][T10139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.638671][T10139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  483.649620][T10139] netlink: 'syz.4.1272': attribute type 11 has an invalid length.
[  483.657623][T10139] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1272'.
[  483.680653][ T5894] usb 5-1: usb_control_msg returned -71
[  483.686674][ T5894] usbtmc 5-1:16.0: can't read capabilities
[  483.774630][ T5894] usb 5-1: USB disconnect, device number 37
[  484.975545][ T5932] usb 3-1: new full-speed USB device number 41 using dummy_hcd
[  485.289939][ T5932] usb 3-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  485.299497][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  485.308119][ T5932] usb 3-1: Product: syz
[  485.312534][ T5932] usb 3-1: Manufacturer: syz
[  485.317632][ T5932] usb 3-1: SerialNumber: syz
[  485.344083][ T5932] usb 3-1: config 0 descriptor??
[  485.358845][ T5932] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  485.362440][T10174] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1285'.
[  485.373367][ T5932] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  485.402699][T10174] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1285'.
[  485.403960][ T5932] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19)
[  485.570105][ T5932] usb 3-1: USB disconnect, device number 41
[  486.742451][T10190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1290'.
[  486.753072][T10190] openvswitch: netlink: nsh attribute has 13 unknown bytes.
[  486.761687][T10190] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  488.031042][ T5894] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  488.194590][ T5894] usb 5-1: Using ep0 maxpacket: 16
[  488.216002][ T5894] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=29.00
[  488.228156][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.239250][ T5894] usb 5-1: Product: syz
[  488.337716][ T5894] usb 5-1: Manufacturer: syz
[  488.342920][ T5894] usb 5-1: SerialNumber: syz
[  488.357921][ T5894] usb 5-1: config 0 descriptor??
[  488.557367][ T5894] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  488.568582][ T5894] usb 5-1: Detected FT4233HP
[  488.640670][T10192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.853131][T10192] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.640072][ T5894] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  489.648637][ T5894] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  489.670936][ T5894] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  489.715311][ T5894] usb 5-1: USB disconnect, device number 38
[  489.747567][ T5894] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  489.865835][ T5894] ftdi_sio 5-1:0.0: device disconnected
[  491.755232][T10237] evm: overlay not supported
[  491.897256][T10231] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1303'.
[  492.004808][   T24] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  492.028362][T10231] TCP: out of memory -- consider tuning tcp_mem
[  492.057248][T10241] IPVS: set_ctl: invalid protocol: 2 224.0.0.2:24100
[  492.157968][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  492.169413][ T5894] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  492.179577][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  492.192273][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  492.202383][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.226460][   T24] usb 3-1: config 0 descriptor??
[  492.464609][ T5894] usb 5-1: Using ep0 maxpacket: 32
[  492.472348][ T5894] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219
[  492.487258][ T5894] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  492.496923][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.505053][ T5894] usb 5-1: Product: syz
[  492.509495][ T5894] usb 5-1: Manufacturer: syz
[  492.514585][ T5894] usb 5-1: SerialNumber: syz
[  492.527504][ T5894] usb 5-1: config 0 descriptor??
[  492.533755][T10239] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  492.548211][ T5894] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  492.641489][T10237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  492.663701][T10237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.731568][T10258] overlayfs: missing 'lowerdir'
[  492.778161][   T24] sony 0003:054C:024B.0009: unexpected long global item
[  492.788377][   T24] sony 0003:054C:024B.0009: parse failed
[  492.796704][   T24] sony 0003:054C:024B.0009: probe with driver sony failed with error -22
[  492.933811][   T24] usb 3-1: USB disconnect, device number 42
[  493.539439][   T24] usb 5-1: USB disconnect, device number 39
[  493.805672][   T30] audit: type=1400 audit(1749003877.149:431): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=10271 comm="syz.1.1318" daddr=fe80::
[  494.038472][T10273] netlink: 14212 bytes leftover after parsing attributes in process `syz.4.1317'.
[  494.438086][T10274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1318'.
[  499.204352][ T9711] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  499.375125][ T9711] usb 5-1: Using ep0 maxpacket: 16
[  499.397601][ T9711] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  499.448885][ T9711] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  499.494662][ T9711] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.564449][ T9711] usb 5-1: config 0 descriptor??
[  499.621063][ T9711] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input23
[  499.865318][ T9711] bcm5974 5-1:0.0: could not read from device
[  499.951778][ T9711] input: failed to attach handler mousedev to device input23, error: -5
[  500.021450][ T9711] usb 5-1: USB disconnect, device number 40
[  500.137437][T10362] netlink: 'syz.2.1348': attribute type 1 has an invalid length.
[  500.258739][T10366] bond2: (slave ip6tnl2): The slave device specified does not support setting the MAC address
[  500.331434][T10366] bond2: (slave ip6tnl2): Setting fail_over_mac to active for active-backup mode
[  500.372182][T10371] x_tables: duplicate underflow at hook 2
[  500.378877][T10366] bond2: (slave ip6tnl2): making interface the new active one
[  500.403903][T10366] bond2: (slave ip6tnl2): Enslaving as an active interface with an up link
[  500.631826][T10379] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1353'.
[  501.701950][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  502.131205][T10401] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1362'.
[  502.376591][T10413] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.1363'.
[  502.401523][T10413] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1363'.
[  502.811194][   T30] audit: type=1804 audit(1749003886.149:432): pid=10417 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.1367" name="/" dev="pidfs" ino=10417 res=1 errno=0
[  503.304384][ T9711] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  503.367358][T10430] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1371'.
[  503.799551][ T9711] usb 3-1: config 0 has an invalid interface number: 65 but max is 0
[  503.808434][ T9711] usb 3-1: config 0 has an invalid descriptor of length 124, skipping remainder of the config
[  503.819105][ T9711] usb 3-1: config 0 has no interface number 0
[  503.825968][ T9711] usb 3-1: New USB device found, idVendor=0403, idProduct=f9d2, bcdDevice= d.0f
[  503.835256][ T9711] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.877875][ T9711] usb 3-1: config 0 descriptor??
[  503.887261][ T9711] ftdi_sio 3-1:0.65: FTDI USB Serial Device converter detected
[  503.908775][ T9711] ftdi_sio ttyUSB0: unknown device type: 0xd0f
[  504.426041][T10446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1377'.
[  505.330489][ T5932] usb 3-1: USB disconnect, device number 43
[  505.344652][ T5932] ftdi_sio 3-1:0.65: device disconnected
[  505.478330][T10471] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  506.050521][T10479] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1389'.
[  506.065575][ T5932] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  506.234359][ T5932] usb 3-1: Using ep0 maxpacket: 8
[  506.260873][ T5932] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  506.582817][ T5932] usb 3-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=db.d0
[  506.594512][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.607680][ T5932] usb 3-1: config 0 descriptor??
[  506.726617][ T5932] rtsx_usb 3-1:0.0: probe with driver rtsx_usb failed with error -8
[  506.827371][ T5932] usb 3-1: USB disconnect, device number 44
[  508.390643][T10532] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.1404'.
[  508.432234][T10532] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  508.487471][T10534] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  508.509579][T10534] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  508.845892][T10543] SET target dimension over the limit!
[  510.368470][T10566] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1416'.
[  511.975658][ T9711] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  512.149544][ T9711] usb 2-1: no configurations
[  512.161851][ T9711] usb 2-1: can't read configurations, error -22
[  512.314676][ T9711] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  512.485265][ T9711] usb 2-1: no configurations
[  512.490215][ T9711] usb 2-1: can't read configurations, error -22
[  512.629035][ T9711] usb usb2-port1: attempt power cycle
[  512.685370][  T978] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  513.704399][  T978] usb 3-1: Using ep0 maxpacket: 32
[  513.713624][  T978] usb 3-1: no configurations
[  513.724596][  T978] usb 3-1: can't read configurations, error -22
[  513.849618][T10627] xt_hashlimit: max too large, truncated to 1048576
[  513.874381][  T978] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  513.877284][ T9711] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  513.905687][ T9711] usb 2-1: no configurations
[  513.917398][ T9711] usb 2-1: can't read configurations, error -22
[  513.988634][T10629] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1440'.
[  514.001404][T10629] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  514.034293][  T978] usb 3-1: Using ep0 maxpacket: 32
[  514.051397][  T978] usb 3-1: no configurations
[  514.054443][ T9711] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  514.060021][  T978] usb 3-1: can't read configurations, error -22
[  514.079141][  T978] usb usb3-port1: attempt power cycle
[  514.105976][ T9711] usb 2-1: no configurations
[  514.111599][ T9711] usb 2-1: can't read configurations, error -22
[  514.121399][ T9711] usb usb2-port1: unable to enumerate USB device
[  515.328148][  T978] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  515.374706][  T978] usb 3-1: device descriptor read/8, error -71
[  515.925300][T10665] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1452'.
[  516.365778][T10674] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0003 with DS=0x7
[  516.402702][T10676] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1458'.
[  517.722571][   T30] audit: type=1326 audit(1749003901.069:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10695 comm="syz.3.1467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7fc00000
[  517.905448][T10709] FAULT_INJECTION: forcing a failure.
[  517.905448][T10709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.935318][T10709] CPU: 0 UID: 0 PID: 10709 Comm: syz.4.1472 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  517.935351][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  517.935363][T10709] Call Trace:
[  517.935371][T10709]  <TASK>
[  517.935380][T10709]  dump_stack_lvl+0x189/0x250
[  517.935420][T10709]  ? __pfx____ratelimit+0x10/0x10
[  517.935451][T10709]  ? __pfx_dump_stack_lvl+0x10/0x10
[  517.935481][T10709]  ? __pfx__printk+0x10/0x10
[  517.935503][T10709]  ? __might_fault+0xb0/0x130
[  517.935544][T10709]  should_fail_ex+0x414/0x560
[  517.935582][T10709]  _copy_from_user+0x2d/0xb0
[  517.935610][T10709]  sk_setsockopt+0x276/0x2d30
[  517.935642][T10709]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  517.935676][T10709]  ? __pfx_sk_setsockopt+0x10/0x10
[  517.935698][T10709]  ? vfs_write+0x8d8/0xa90
[  517.935727][T10709]  ? sb_end_write+0xe9/0x1c0
[  517.935758][T10709]  ? vfs_write+0x8d8/0xa90
[  517.935793][T10709]  ? __pfx_vfs_write+0x10/0x10
[  517.935824][T10709]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  517.935854][T10709]  do_sock_setsockopt+0x201/0x3e0
[  517.935882][T10709]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  517.935910][T10709]  ? ksys_write+0x1e1/0x250
[  517.935945][T10709]  __x64_sys_setsockopt+0x18b/0x220
[  517.935977][T10709]  do_syscall_64+0xfa/0x3b0
[  517.936006][T10709]  ? lockdep_hardirqs_on+0x9c/0x150
[  517.936035][T10709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.936055][T10709]  ? clear_bhb_loop+0x60/0xb0
[  517.936080][T10709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.936099][T10709] RIP: 0033:0x7f036cd8e969
[  517.936117][T10709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.936144][T10709] RSP: 002b:00007f036dca7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  517.936166][T10709] RAX: ffffffffffffffda RBX: 00007f036cfb5fa0 RCX: 00007f036cd8e969
[  517.936181][T10709] RDX: 000000000000004a RSI: 0000000000000001 RDI: 0000000000000003
[  517.936193][T10709] RBP: 00007f036dca7090 R08: 0000000000000004 R09: 0000000000000000
[  517.936207][T10709] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  517.936219][T10709] R13: 0000000000000000 R14: 00007f036cfb5fa0 R15: 00007ffe65612c18
[  517.936253][T10709]  </TASK>
[  518.434633][   T30] audit: type=1326 audit(1749003901.759:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10695 comm="syz.3.1467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f957f78e969 code=0x7fc00000
[  518.814914][T10726] netlink: 'syz.2.1479': attribute type 10 has an invalid length.
[  518.851967][T10726] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1479'.
[  519.026755][   T30] audit: type=1400 audit(1749003902.379:435): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=10716 comm="syz.5.1475" daddr=::ffff:172.20.20.0
[  519.045559][   T30] audit: type=1107 audit(1749003902.379:436): pid=10716 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	���%λ'
[  519.434317][ T5894] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  519.608439][ T5894] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  519.634741][ T5894] usb 3-1: config 0 has an invalid interface number: 128 but max is 0
[  519.655188][ T5894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.660052][T10746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1486'.
[  519.688528][ T5894] usb 3-1: config 0 has no interface number 0
[  519.704406][ T5894] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  519.714012][ T5894] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  519.746955][ T5894] usb 3-1: Manufacturer: syz
[  519.776876][ T5894] usb 3-1: config 0 descriptor??
[  519.785482][ T5894] igorplugusb 3-1:0.128: incorrect number of endpoints
[  519.927019][T10751] netlink: 'syz.1.1488': attribute type 5 has an invalid length.
[  519.941900][T10751] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1488'.
[  520.104978][  T978] usb 3-1: USB disconnect, device number 49
[  521.612419][T10770] syz_tun: entered allmulticast mode
[  521.629684][T10769] syz_tun: left allmulticast mode
[  521.676776][   T30] audit: type=1400 audit(1749003905.029:437): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=10773 comm="syz.4.1496" daddr=fe80:: dest=20003
[  523.299723][   T30] audit: type=1326 audit(1749003906.649:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f036cd85927 code=0x7ffc0000
[  523.326749][T10791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1501'.
[  523.344841][   T30] audit: type=1326 audit(1749003906.649:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f036cd2ab39 code=0x7ffc0000
[  523.371964][T10785] syz_tun: entered allmulticast mode
[  523.377566][   T30] audit: type=1326 audit(1749003906.649:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f036cd85927 code=0x7ffc0000
[  523.403406][   T30] audit: type=1326 audit(1749003906.649:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f036cd2ab39 code=0x7ffc0000
[  523.420454][T10783] syz_tun: left allmulticast mode
[  523.476980][   T30] audit: type=1326 audit(1749003906.649:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f036cd85927 code=0x7ffc0000
[  523.540855][   T30] audit: type=1326 audit(1749003906.649:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f036cd2ab39 code=0x7ffc0000
[  523.567285][   T30] audit: type=1326 audit(1749003906.649:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  523.594045][   T30] audit: type=1326 audit(1749003906.649:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f036cd85927 code=0x7ffc0000
[  523.622989][   T30] audit: type=1326 audit(1749003906.649:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f036cd2ab39 code=0x7ffc0000
[  523.709503][T10797] fuse: Unknown parameter '0x0000000000000011'
[  524.400194][   T30] audit: type=1326 audit(1749003906.649:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10782 comm="syz.4.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f036cd8e969 code=0x7ffc0000
[  525.894288][ T5932] usb 5-1: new full-speed USB device number 41 using dummy_hcd
[  525.957271][T10840] GUP no longer grows the stack in syz.1.1517 (10840): 200000006000-20000000a000 (200000005000)
[  525.979830][T10840] CPU: 1 UID: 0 PID: 10840 Comm: syz.1.1517 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  525.979866][T10840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  525.979879][T10840] Call Trace:
[  525.979888][T10840]  <TASK>
[  525.979899][T10840]  dump_stack_lvl+0x189/0x250
[  525.979942][T10840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  525.979975][T10840]  ? __pfx__printk+0x10/0x10
[  525.979993][T10840]  ? find_vma+0xe7/0x160
[  525.980039][T10840]  __get_user_pages+0x2a60/0x30b0
[  525.980111][T10840]  ? __pfx___get_user_pages+0x10/0x10
[  525.980142][T10840]  ? __gup_longterm_locked+0xbf7/0x15b0
[  525.980168][T10840]  ? down_read_killable+0x1d1/0x350
[  525.980189][T10840]  ? try_get_folio+0x633/0x660
[  525.980220][T10840]  __gup_longterm_locked+0xd66/0x15b0
[  525.980252][T10840]  ? try_grab_folio_fast+0x1be/0x4f0
[  525.980293][T10840]  ? gup_fast_fallback+0x1afc/0x2260
[  525.980323][T10840]  gup_fast_fallback+0x1cd4/0x2260
[  525.980397][T10840]  ? __pfx_gup_fast_fallback+0x10/0x10
[  525.980419][T10840]  ? trace_contention_end+0x39/0x120
[  525.980442][T10840]  ? __mutex_lock+0x330/0xe80
[  525.980472][T10840]  ? update_curr_dl_se+0x107/0xa20
[  525.980506][T10840]  ? is_valid_gup_args+0x11f/0x200
[  525.980534][T10840]  ? get_user_pages_fast+0x4d/0xb0
[  525.980563][T10840]  __iov_iter_get_pages_alloc+0x39a/0xb40
[  525.980601][T10840]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  525.980629][T10840]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  525.980656][T10840]  ? wait_for_space+0x24d/0x2d0
[  525.980688][T10840]  iov_iter_get_pages2+0x5e/0xa0
[  525.980721][T10840]  __se_sys_vmsplice+0x548/0x10d0
[  525.980776][T10840]  ? __pfx___se_sys_vmsplice+0x10/0x10
[  525.980805][T10840]  ? __lock_acquire+0xab9/0xd20
[  525.980835][T10840]  ? __pfx_futex_wake+0x10/0x10
[  525.980893][T10840]  ? __lock_acquire+0xab9/0xd20
[  525.980978][T10840]  ? rcu_is_watching+0x15/0xb0
[  525.981017][T10840]  ? do_syscall_64+0xbe/0x3b0
[  525.981055][T10840]  do_syscall_64+0xfa/0x3b0
[  525.981088][T10840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.981108][T10840]  ? asm_sysvec_call_function_single+0x1a/0x20
[  525.981140][T10840]  ? clear_bhb_loop+0x60/0xb0
[  525.981167][T10840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.981187][T10840] RIP: 0033:0x7fb408d8e969
[  525.981206][T10840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  525.981225][T10840] RSP: 002b:00007fb409bab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  525.981248][T10840] RAX: ffffffffffffffda RBX: 00007fb408fb5fa0 RCX: 00007fb408d8e969
[  525.981264][T10840] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000009
[  525.981278][T10840] RBP: 00007fb408e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  525.981292][T10840] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  525.981304][T10840] R13: 0000000000000000 R14: 00007fb408fb5fa0 R15: 00007ffda705e698
[  525.981341][T10840]  </TASK>
[  526.289865][T10844] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1521'.
[  526.316364][ T5932] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  526.331592][ T5932] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  526.352223][ T5932] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  526.381973][ T5932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.418434][ T5932] usb 5-1: config 0 descriptor??
[  526.522322][T10854] netlink: 'syz.2.1525': attribute type 12 has an invalid length.
[  526.531220][T10854] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.1525'.
[  526.534367][ T5894] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  526.696675][ T5894] usb 2-1: config 0 has an invalid descriptor of length 167, skipping remainder of the config
[  526.707389][ T5894] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  526.719392][ T5894] usb 2-1: New USB device found, idVendor=0545, idProduct=800d, bcdDevice= 3.0a
[  526.728830][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  526.737012][ T5894] usb 2-1: Product: syz
[  526.744223][ T5894] usb 2-1: Manufacturer: syz
[  526.748873][ T5894] usb 2-1: SerialNumber: syz
[  526.767597][ T5894] usb 2-1: config 0 descriptor??
[  526.846050][ T5932] savu 0003:1E7D:2D5A.000A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  527.130863][ T5894] usb 5-1: USB disconnect, device number 41
[  527.500039][  T978] usb 2-1: USB disconnect, device number 33
[  527.551485][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88805720a000: rx timeout, send abort
[  527.560082][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff88805720a000: 0x1f002: (3) A timeout occurred and this is the connection abort to close the session.
[  527.610493][T10869] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  527.715201][ T5932] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[  527.797986][  T978] IPVS: starting estimator thread 0...
[  527.944351][T10873] IPVS: using max 32 ests per chain, 76800 per kthread
[  527.983254][ T5932] usb 3-1: config index 0 descriptor too short (expected 5668, got 36)
[  528.015897][ T5932] usb 3-1: config 3 has too many interfaces: 84, using maximum allowed: 32
[  528.033724][ T5932] usb 3-1: config 3 has 1 interface, different from the descriptor's value: 84
[  528.054290][ T5932] usb 3-1: config 3 has no interface number 0
[  528.066569][ T5932] usb 3-1: config 3 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  528.107760][ T5932] usb 3-1: config 3 interface 20 altsetting 0 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[  528.156236][ T5932] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  528.184579][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.208449][ T5932] usb 3-1: Product: syz
[  528.232739][ T5932] usb 3-1: Manufacturer: syz
[  528.247376][ T5932] usb 3-1: SerialNumber: syz
[  528.264393][  T978] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  528.279862][T10865] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  528.296434][T10865] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  528.434314][  T978] usb 5-1: Using ep0 maxpacket: 16
[  528.442663][  T978] usb 5-1: too many endpoints for config 0 interface 0 altsetting 229: 247, using maximum allowed: 30
[  528.474734][  T978] usb 5-1: config 0 interface 0 altsetting 229 has 0 endpoint descriptors, different from the interface descriptor's value: 247
[  528.495260][  T978] usb 5-1: config 0 interface 0 has no altsetting 0
[  528.515842][  T978] usb 5-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=59.31
[  528.528443][ T5932] usb-storage 3-1:3.20: USB Mass Storage device detected
[  528.536993][  T978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.552072][  T978] usb 5-1: Product: syz
[  528.558686][ T5932] usb-storage 3-1:3.20: Quirks match for vid 04e6 pid 000b: 4
[  528.570931][  T978] usb 5-1: Manufacturer: syz
[  528.600740][  T978] usb 5-1: SerialNumber: syz
[  528.632205][  T978] usb 5-1: config 0 descriptor??
[  528.732207][ T5932] scsi host1: usb-storage 3-1:3.20
[  528.868470][ T5932] usb 5-1: USB disconnect, device number 42
[  529.256879][T10897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1540'.
[  529.486844][  T978] usb 3-1: USB disconnect, device number 50
[  529.820110][T10916] netlink: 'syz.1.1547': attribute type 4 has an invalid length.
[  530.289308][T10941] bond0: entered promiscuous mode
[  530.294588][T10941] bond_slave_0: entered promiscuous mode
[  530.300515][T10941] bond_slave_1: entered promiscuous mode
[  530.308009][T10941] batadv0: entered promiscuous mode
[  530.315130][T10941] 8021q: adding VLAN 0 to HW filter on device hsr1
[  530.325688][T10941] bond0: left promiscuous mode
[  530.330582][T10941] bond_slave_0: left promiscuous mode
[  530.336470][T10941] bond_slave_1: left promiscuous mode
[  530.342955][T10941] batadv0: left promiscuous mode
[  530.454408][  T978] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  531.509399][  T978] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  531.536872][  T978] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.556833][  T978] usb 2-1: config 0 interface 0 has no altsetting 0
[  531.563844][  T978] usb 2-1: New USB device found, idVendor=0463, idProduct=1215, bcdDevice= 0.00
[  531.573489][  T978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.610093][  T978] usb 2-1: config 0 descriptor??
[  532.264473][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  532.264495][   T30] audit: type=1400 audit(1749003915.609:468): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=10967 comm="syz.3.1570" daddr=fe88::104
[  532.488714][T10974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  532.560998][T10974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.769350][  T978] hid-generic 0003:0463:1215.000B: hidraw0: USB HID v0.04 Device [HID 0463:1215] on usb-dummy_hcd.1-1/input0
[  532.964123][ T5894] usb 2-1: USB disconnect, device number 34
[  533.004422][ T9711] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  533.164305][ T9711] usb 5-1: Using ep0 maxpacket: 8
[  533.173915][ T9711] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  533.190271][ T9711] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  533.212972][ T9711] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  533.222562][ T9711] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.232446][ T9711] usb 5-1: Product: syz
[  533.240472][ T9711] usb 5-1: Manufacturer: syz
[  533.246188][ T9711] usb 5-1: SerialNumber: syz
[  533.257053][ T9711] usb 5-1: config 0 descriptor??
[  533.267260][ T9711] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  533.616556][ T9711] usb 5-1: USB disconnect, device number 43
[  534.634406][ T9711] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  534.796789][ T9711] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  534.816503][ T9711] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.848611][ T9711] usb 5-1: config 0 descriptor??
[  534.864929][ T9711] cp210x 5-1:0.0: cp210x converter detected
[  535.283185][T10987] sp0: Synchronizing with TNC
[  535.302001][ T9711] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -71
[  535.318020][ T9711] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  535.328093][ T9711] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  535.342669][ T9711] usb 5-1: cp210x converter now attached to ttyUSB0
[  535.352171][ T9711] usb 5-1: USB disconnect, device number 44
[  535.370816][ T9711] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  535.381380][ T9711] cp210x 5-1:0.0: device disconnected
[  536.361317][T10999] Invalid source name
[  537.174590][   T24] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  537.340515][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  537.369872][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  537.454650][   T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  537.501618][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.775972][   T24] usb 3-1: config 0 descriptor??
[  538.265016][   T24] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  538.286113][   T24] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  538.311848][   T24] plantronics 0003:047F:FFFF.000C: report_id 0 is invalid
[  538.332073][   T24] plantronics 0003:047F:FFFF.000C: item 0 1 1 8 parsing failed
[  538.356013][   T24] plantronics 0003:047F:FFFF.000C: parse failed
[  538.375872][   T24] plantronics 0003:047F:FFFF.000C: probe with driver plantronics failed with error -22
[  538.475234][ T5843] usb 3-1: USB disconnect, device number 51
[  539.369059][T11038] netlink: 'syz.2.1597': attribute type 8 has an invalid length.
[  540.005508][   T24] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  540.255635][   T24] usb 3-1: Using ep0 maxpacket: 8
[  540.272149][T11059] batadv_slave_1: entered promiscuous mode
[  540.278969][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[  540.293257][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  540.306024][T11059] batadv_slave_1: left promiscuous mode
[  540.311830][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  540.323505][   T24] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  540.351602][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.21
[  540.364399][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.380356][   T24] usb 3-1: Product: syz
[  540.411888][   T24] usb 3-1: Manufacturer: syz
[  540.421752][   T24] usb 3-1: SerialNumber: syz
[  540.435197][T11062] overlayfs: failed to clone lowerpath
[  540.683838][T11048] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  540.690440][T11048] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  540.721189][T11048] vhci_hcd vhci_hcd.0: Device attached
[  541.576772][T11067] vhci_hcd: connection closed
[  541.578278][   T36] vhci_hcd: stop threads
[  541.594582][   T36] vhci_hcd: release socket
[  541.600159][   T24] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  541.616619][   T24] cdc_ncm 3-1:1.0: bind() failure
[  541.621958][   T36] vhci_hcd: disconnect device
[  541.634826][ T5894] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  541.642867][   T24] usb 3-1: USB disconnect, device number 52
[  541.654349][ T5894] usb 37-1: enqueue for inactive port 0
[  541.925657][T11075] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1610'.
[  542.548698][ T5894] vhci_hcd: vhci_device speed not set
[  542.849339][T11085] input input25: cannot allocate more than FF_MAX_EFFECTS effects
[  547.188065][T11115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1621'.
[  547.199056][T11115] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1621'.
[  547.211046][T11115] netlink: 62967 bytes leftover after parsing attributes in process `syz.3.1621'.
[  548.180060][T11118] tmpfs: Bad value for 'mpol'
[  548.362342][   T30] audit: type=1400 audit(1749003931.709:469): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11128 comm="syz.5.1627" daddr=::ffff:172.20.20.0
[  550.974960][ T5932] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  551.174717][ T5932] usb 3-1: Using ep0 maxpacket: 16
[  551.216293][ T5932] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  551.276825][ T5932] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  551.296733][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.348628][ T5932] usb 3-1: config 0 descriptor??
[  551.392753][ T5932] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input26
[  551.594845][ T5932] bcm5974 3-1:0.0: could not read from device
[  552.262797][ T5932] input: failed to attach handler mousedev to device input26, error: -5
[  552.285906][ T5932] usb 3-1: USB disconnect, device number 53
[  559.166083][   T24] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  559.943683][   T24] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  559.976802][   T24] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  560.012345][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  560.033083][   T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  560.051800][   T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  560.097849][   T24] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  560.315461][   T24] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  560.323545][   T24] usb 3-1: Product: syz
[  560.327809][   T24] usb 3-1: Manufacturer: syz
[  560.396696][   T24] cdc_wdm 3-1:1.0: skipping garbage
[  560.402584][   T24] cdc_wdm 3-1:1.0: skipping garbage
[  560.428437][   T24] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  560.447549][   T24] cdc_wdm 3-1:1.0: Unknown control protocol
[  561.540380][T11258] IPVS: length: 137 != 8
[  563.111799][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  563.497432][   T24] usb 3-1: USB disconnect, device number 54
[  564.950010][T11297] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1675'.
[  565.276618][T11304] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1671'.
[  565.847466][T11297] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.958639][T11297] bridge_slave_1 (unregistering): left allmulticast mode
[  565.986048][T11297] bridge_slave_1 (unregistering): left promiscuous mode
[  566.003448][T11297] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.654348][  T978] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  566.665979][ T5946] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  567.714234][  T978] usb 2-1: Using ep0 maxpacket: 32
[  567.737471][  T978] usb 2-1: config 0 has no interfaces?
[  567.752012][  T978] usb 2-1: New USB device found, idVendor=2040, idProduct=7510, bcdDevice=63.c9
[  568.711443][  T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.721877][  T978] usb 2-1: Product: syz
[  568.726182][  T978] usb 2-1: Manufacturer: syz
[  568.730985][  T978] usb 2-1: SerialNumber: syz
[  568.737581][ T5946] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  568.750398][ T5946] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  568.760603][  T978] usb 2-1: config 0 descriptor??
[  568.875949][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.115143][   T30] audit: type=1400 audit(1749003952.459:470): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11311 comm="syz.1.1677" daddr=fe80::bb
[  569.329283][ T5946] usb 3-1: config 0 descriptor??
[  569.365894][  T978] usb 2-1: USB disconnect, device number 35
[  569.754964][ T5946] usb 3-1: can't set config #0, error -71
[  569.762601][ T5946] usb 3-1: USB disconnect, device number 55
[  570.517989][T11356] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  573.328625][   T30] audit: type=1400 audit(1749003956.619:471): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11370 comm="syz.4.1687" daddr=ff05::1
[  573.414508][   T30] audit: type=1107 audit(1749003956.759:472): pid=11374 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[  573.674745][ T5946] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  574.163439][ T5946] usb 3-1: device descriptor read/64, error -71
[  574.226819][T11389] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1700'.
[  574.884249][  T978] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  574.892414][ T5946] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  575.209233][ T5946] usb 3-1: device descriptor read/64, error -71
[  575.304711][  T978] usb 2-1: Using ep0 maxpacket: 16
[  575.324866][  T978] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.435253][  T978] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.448008][ T5946] usb usb3-port1: attempt power cycle
[  575.524361][  T978] usb 2-1: config 0 interface 0 has no altsetting 0
[  575.539919][  T978] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  575.560957][  T978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.620665][  T978] usb 2-1: config 0 descriptor??
[  575.671142][   T30] audit: type=1326 audit(1749003959.019:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  575.779445][   T30] audit: type=1326 audit(1749003959.019:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  575.818538][   T30] audit: type=1326 audit(1749003959.019:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  575.840146][    C0] vkms_vblank_simulate: vblank timer overrun
[  575.855317][   T30] audit: type=1326 audit(1749003959.019:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  575.877394][ T5946] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  575.886647][   T30] audit: type=1326 audit(1749003959.019:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  575.909003][   T30] audit: type=1326 audit(1749003959.019:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  575.941161][ T5946] usb 3-1: device descriptor read/8, error -71
[  575.974403][   T30] audit: type=1326 audit(1749003959.019:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  576.017006][   T30] audit: type=1326 audit(1749003959.019:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  576.038617][    C0] vkms_vblank_simulate: vblank timer overrun
[  576.045672][   T30] audit: type=1326 audit(1749003959.049:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  576.091146][   T30] audit: type=1326 audit(1749003959.049:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11399 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f957f78e969 code=0x7ffc0000
[  576.194409][ T5946] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  576.215151][ T5946] usb 3-1: device descriptor read/8, error -71
[  576.281244][   T24] usb 2-1: USB disconnect, device number 36
[  576.287346][ T5894] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  576.338720][ T5946] usb usb3-port1: unable to enumerate USB device
[  576.704272][ T5894] usb 5-1: Using ep0 maxpacket: 32
[  576.731572][ T5894] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.770328][ T5894] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.089762][ T5894] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  577.254539][ T5894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.571692][ T5894] usb 5-1: config 0 descriptor??
[  578.551308][ T5894] usbhid 5-1:0.0: can't add hid device: -71
[  578.557614][ T5894] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  578.572044][ T5894] usb 5-1: USB disconnect, device number 45
[  578.735166][T11436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1714'.
[  578.952272][T11447] xt_NFQUEUE: number of total queues is 0
[  580.291410][T11457] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  580.298374][T11457] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  580.542396][T11457] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  580.608322][T11457] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  581.324799][T11474] netlink: 'syz.4.1726': attribute type 2 has an invalid length.
[  581.332711][T11474] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1726'.
[  581.449763][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  581.449880][   T30] audit: type=1800 audit(1749003964.669:518): pid=11474 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1726" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=32992 res=0 errno=0
[  581.605140][T11475] fuse: Unknown parameter ''rou'
[  581.734016][T11477] netlink: 558 bytes leftover after parsing attributes in process `syz.5.1728'.
[  581.863227][T11477] 9pnet_fd: Insufficient options for proto=fd
[  581.971125][   T30] audit: type=1326 audit(1749003965.319:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  581.973142][T11483] syz.1.1732: attempt to access beyond end of device
[  581.973142][T11483] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0
[  582.020216][   T30] audit: type=1326 audit(1749003965.349:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.053937][T11489] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1734'.
[  582.064325][T11483] syz.1.1732: attempt to access beyond end of device
[  582.064325][T11483] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0
[  582.083510][   T30] audit: type=1326 audit(1749003965.349:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.120358][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  582.134443][   T30] audit: type=1326 audit(1749003965.349:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.164371][ T5894] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  582.176172][T11483] syz.1.1732: attempt to access beyond end of device
[  582.176172][T11483] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0
[  582.183428][   T30] audit: type=1326 audit(1749003965.349:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.252692][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  582.257794][   T30] audit: type=1326 audit(1749003965.349:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.293320][T11483] syz.1.1732: attempt to access beyond end of device
[  582.293320][T11483] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  582.296338][   T30] audit: type=1326 audit(1749003965.349:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.342167][   T30] audit: type=1326 audit(1749003965.349:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.368802][ T5894] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  582.372820][T11483] syz.1.1732: attempt to access beyond end of device
[  582.372820][T11483] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  582.378259][ T5894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.402363][   T30] audit: type=1326 audit(1749003965.349:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11486 comm="syz.2.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  582.428413][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  582.431889][ T5894] usb 5-1: config 0 descriptor??
[  582.453719][ T5894] cp210x 5-1:0.0: cp210x converter detected
[  582.461602][T11483] syz.1.1732: attempt to access beyond end of device
[  582.461602][T11483] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  582.493946][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  582.509495][T11483] syz.1.1732: attempt to access beyond end of device
[  582.509495][T11483] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[  582.529187][T11483] syz.1.1732: attempt to access beyond end of device
[  582.529187][T11483] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  582.593401][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  582.628135][T11483] syz.1.1732: attempt to access beyond end of device
[  582.628135][T11483] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  582.670623][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  582.681874][T11483] syz.1.1732: attempt to access beyond end of device
[  582.681874][T11483] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  582.696852][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  582.713804][T11483] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  582.727721][T11483] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  582.895083][T11481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.904719][T11481] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.932615][ T5838] Bluetooth: Frame is too long (len 18, expected len 4)
[  582.966092][T11481] block nbd4: shutting down sockets
[  584.475363][T11538] set match dimension is over the limit!
[  585.200532][T11540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  585.234709][T11540] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  585.541132][T11554] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1753'.
[  585.791116][T11558] FAULT_INJECTION: forcing a failure.
[  585.791116][T11558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  585.804426][T11558] CPU: 1 UID: 0 PID: 11558 Comm: syz.1.1751 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  585.804455][T11558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  585.804467][T11558] Call Trace:
[  585.804482][T11558]  <TASK>
[  585.804490][T11558]  dump_stack_lvl+0x189/0x250
[  585.804525][T11558]  ? __pfx____ratelimit+0x10/0x10
[  585.804555][T11558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  585.804584][T11558]  ? __pfx__printk+0x10/0x10
[  585.804606][T11558]  ? __might_fault+0xb0/0x130
[  585.804646][T11558]  should_fail_ex+0x414/0x560
[  585.804683][T11558]  _copy_from_user+0x2d/0xb0
[  585.804710][T11558]  ucma_write+0x158/0x2e0
[  585.804734][T11558]  ? __pfx_ucma_write+0x10/0x10
[  585.804754][T11558]  ? security_file_permission+0x75/0x290
[  585.804776][T11558]  ? rw_verify_area+0x258/0x650
[  585.804812][T11558]  vfs_writev+0x4b3/0x960
[  585.804840][T11558]  ? preempt_schedule_irq+0xb5/0x150
[  585.804870][T11558]  ? __pfx_ucma_write+0x10/0x10
[  585.804895][T11558]  ? __pfx_vfs_writev+0x10/0x10
[  585.804941][T11558]  ? __fget_files+0x2a/0x420
[  585.804975][T11558]  ? __fget_files+0x3a0/0x420
[  585.805001][T11558]  ? __fget_files+0x2a/0x420
[  585.805038][T11558]  do_writev+0x14d/0x2d0
[  585.805071][T11558]  ? __pfx_do_writev+0x10/0x10
[  585.805114][T11558]  do_syscall_64+0xfa/0x3b0
[  585.805144][T11558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.805171][T11558]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  585.805191][T11558]  ? clear_bhb_loop+0x60/0xb0
[  585.805215][T11558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.805235][T11558] RIP: 0033:0x7fb408d8e969
[  585.805253][T11558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.805270][T11558] RSP: 002b:00007fb409b69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  585.805292][T11558] RAX: ffffffffffffffda RBX: 00007fb408fb6160 RCX: 00007fb408d8e969
[  585.805307][T11558] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000a
[  585.805320][T11558] RBP: 00007fb409b69090 R08: 0000000000000000 R09: 0000000000000000
[  585.805332][T11558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  585.805344][T11558] R13: 0000000000000000 R14: 00007fb408fb6160 R15: 00007ffda705e698
[  585.805379][T11558]  </TASK>
[  587.241258][T11564] No control pipe specified
[  587.745241][ T5894] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -110
[  587.889585][ T5894] cp210x 5-1:0.0: failed to get vendor val 0x3711 size 2: -32
[  587.898035][ T5894] cp210x 5-1:0.0: GPIO initialisation failed: -32
[  587.908142][ T5894] usb 5-1: cp210x converter now attached to ttyUSB0
[  588.604741][  T978] usb 2-1: new full-speed USB device number 37 using dummy_hcd
[  589.977011][  T978] usb 2-1: config 5 has an invalid interface number: 123 but max is 0
[  589.994162][  T978] usb 2-1: config 5 has no interface number 0
[  590.000457][  T978] usb 2-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  590.045797][  T978] usb 2-1: config 5 interface 123 has no altsetting 0
[  590.079168][  T978] usb 2-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  590.107698][  T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.163431][  T978] usb 2-1: Product: syz
[  590.181549][  T978] usb 2-1: Manufacturer: syz
[  590.214441][  T978] usb 2-1: SerialNumber: syz
[  590.567572][  T978] ni6501 2-1:5.123: driver 'ni6501' failed to auto-configure device.
[  590.607381][  T978] usb 2-1: USB disconnect, device number 37
[  592.470610][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1776'.
[  592.819809][T11634] bond0: (slave bond_slave_1): Releasing backup interface
[  592.957444][T11637] netlink: 'syz.1.1778': attribute type 8 has an invalid length.
[  593.374061][T11648] binder: 11647:11648 ioctl 4018620d 0 returned -22
[  595.459830][T11655] block nbd1: server does not support multiple connections per device.
[  595.499890][T11655] block nbd1: shutting down sockets
[  595.554969][T11665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  595.574753][T11665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  595.718342][T11666] smc: net device macvtap0 applied user defined pnetid SYZ2
[  596.276096][T11676] 9pnet_fd: Insufficient options for proto=fd
[  596.529088][T11681] /dev/nullb0: Can't lookup blockdev
[  596.538925][T11680] /dev/nullb0: Can't lookup blockdev
[  596.574626][ T5921] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  596.653103][T11684] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1796'.
[  596.724450][ T5921] usb 3-1: Using ep0 maxpacket: 32
[  596.736717][T11687] netlink: 1092 bytes leftover after parsing attributes in process `syz.1.1795'.
[  596.753174][ T5921] usb 3-1: config 0 has no interfaces?
[  596.778127][ T5921] usb 3-1: New USB device found, idVendor=0a88, idProduct=c301, bcdDevice=82.d5
[  596.851457][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.866036][ T5921] usb 3-1: Product: syz
[  596.870783][ T5921] usb 3-1: Manufacturer: syz
[  596.910059][ T5921] usb 3-1: SerialNumber: syz
[  597.077024][ T5921] usb 3-1: config 0 descriptor??
[  598.031187][ T5921] usb 3-1: USB disconnect, device number 60
[  600.061978][T11721] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1806'.
[  600.806781][T11737] overlayfs: missing 'lowerdir'
[  601.595025][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  601.595044][   T30] audit: type=1400 audit(1749003984.729:576): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11743 comm="syz.2.1813" daddr=fe80::2a dest=20003
[  601.624345][   T30] audit: type=1326 audit(1749003984.729:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.654254][   T30] audit: type=1326 audit(1749003984.729:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681113][   T30] audit: type=1326 audit(1749003984.729:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681174][   T30] audit: type=1326 audit(1749003984.729:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681219][   T30] audit: type=1326 audit(1749003984.729:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681264][   T30] audit: type=1326 audit(1749003984.729:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681307][   T30] audit: type=1326 audit(1749003984.729:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681352][   T30] audit: type=1326 audit(1749003984.739:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  601.681398][   T30] audit: type=1326 audit(1749003984.739:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11743 comm="syz.2.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fc58e969 code=0x7ffc0000
[  603.371275][T11769] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  604.319851][T11774] 9pnet_fd: Insufficient options for proto=fd
[  605.514526][ T9711] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  605.694071][ T9711] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  605.767030][ T9711] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  606.312640][ T9711] usb 2-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  606.321882][ T9711] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.336133][ T9711] usb 2-1: config 0 descriptor??
[  606.414610][T11814] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.1834'.
[  606.434413][T11814] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1834'.
[  606.548006][T11818] FAULT_INJECTION: forcing a failure.
[  606.548006][T11818] name failslab, interval 1, probability 0, space 0, times 0
[  606.553239][ T9711] usb 2-1: USB disconnect, device number 38
[  606.570967][T11818] CPU: 0 UID: 0 PID: 11818 Comm: syz.4.1836 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  606.571001][T11818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  606.571014][T11818] Call Trace:
[  606.571022][T11818]  <TASK>
[  606.571031][T11818]  dump_stack_lvl+0x189/0x250
[  606.571074][T11818]  ? __pfx____ratelimit+0x10/0x10
[  606.571105][T11818]  ? __pfx_dump_stack_lvl+0x10/0x10
[  606.571134][T11818]  ? __pfx__printk+0x10/0x10
[  606.571158][T11818]  ? __pfx___might_resched+0x10/0x10
[  606.571187][T11818]  ? fs_reclaim_acquire+0x7d/0x100
[  606.571229][T11818]  should_fail_ex+0x414/0x560
[  606.571266][T11818]  should_failslab+0xa8/0x100
[  606.571295][T11818]  __kmalloc_noprof+0xcb/0x4f0
[  606.571320][T11818]  ? iovec_from_user+0x87/0x250
[  606.571351][T11818]  iovec_from_user+0x87/0x250
[  606.571382][T11818]  __import_iovec+0x163/0x7f0
[  606.571421][T11818]  import_iovec+0x74/0xa0
[  606.571451][T11818]  ___sys_recvmsg+0x43a/0x510
[  606.571486][T11818]  ? __pfx____sys_recvmsg+0x10/0x10
[  606.571542][T11818]  ? __fget_files+0x3a0/0x420
[  606.571584][T11818]  do_recvmmsg+0x307/0x770
[  606.571621][T11818]  ? __pfx_do_recvmmsg+0x10/0x10
[  606.571662][T11818]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  606.571715][T11818]  __x64_sys_recvmmsg+0x190/0x240
[  606.571745][T11818]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  606.571769][T11818]  ? rcu_is_watching+0x15/0xb0
[  606.571803][T11818]  ? do_syscall_64+0xbe/0x3b0
[  606.571837][T11818]  do_syscall_64+0xfa/0x3b0
[  606.571865][T11818]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.571892][T11818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.571912][T11818]  ? clear_bhb_loop+0x60/0xb0
[  606.571937][T11818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.571956][T11818] RIP: 0033:0x7f036cd8e969
[  606.571975][T11818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.571992][T11818] RSP: 002b:00007f036dca7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  606.572014][T11818] RAX: ffffffffffffffda RBX: 00007f036cfb5fa0 RCX: 00007f036cd8e969
[  606.572028][T11818] RDX: 0000000000000001 RSI: 00002000000037c0 RDI: 0000000000000003
[  606.572049][T11818] RBP: 00007f036dca7090 R08: 0000000000000000 R09: 0000000000000000
[  606.572061][T11818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  606.572073][T11818] R13: 0000000000000000 R14: 00007f036cfb5fa0 R15: 00007ffe65612c18
[  606.572107][T11818]  </TASK>
[  607.963878][T11828] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1839'.
[  608.074868][T11828] netlink: 'syz.4.1839': attribute type 26 has an invalid length.
[  608.317698][T11830] gtp0: entered promiscuous mode
[  609.435659][T11849] fuse: Bad value for 'fd'
[  609.592125][T11848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  613.530661][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  613.530681][   T30] audit: type=1400 audit(1749003996.879:604): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11882 comm="syz.3.1857" daddr=::ffff:172.20.20.187
[  613.826357][T11866] syz.1.1850 (11866) used greatest stack depth: 18520 bytes left
[  614.410741][T11899] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1862'.
[  614.441414][T11899] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  614.792091][T11907] netdevsim netdevsim2: Direct firmware load for /
[  614.792091][T11907]  failed with error -2
[  614.821729][T11909] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1865'.
[  614.826790][T11907] netdevsim netdevsim2: Falling back to sysfs fallback for: /
[  614.826790][T11907] 
[  614.880084][T11909] virt_wifi0 speed is unknown, defaulting to 1000
[  614.891687][T11909] lo speed is unknown, defaulting to 1000
[  614.989991][T11912] fuse: Unknown parameter '6Җ�c	L�����Nd�u�[���Q���������3��Ӳ*WEJ̻�^fR�N�:gj�Ԫ8cB����ɘAk����.�	��1�*��1���z~��v<[s|����D�0hH��������f$/��S:�߄���'
[  615.374927][ T5932] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  615.522766][  T978] libceph: connect (1)[c::]:6789 error -101
[  615.538457][  T978] libceph: mon0 (1)[c::]:6789 connect error
[  615.560659][T11929] ceph: No mds server is up or the cluster is laggy
[  615.568285][ T5932] usb 2-1: Using ep0 maxpacket: 16
[  615.585916][ T5932] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  615.613407][ T5932] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  615.645193][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.673257][T11934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  615.683248][ T5932] usb 2-1: config 0 descriptor??
[  615.701803][ T5932] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input27
[  615.712508][T11934] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  615.741530][T11934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  615.783649][T11934] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  615.901765][ T5932] bcm5974 2-1:0.0: could not read from device
[  615.916796][ T5932] input: failed to attach handler mousedev to device input27, error: -5
[  615.931286][ T5932] usb 2-1: USB disconnect, device number 39
[  617.229955][T11960] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  617.304249][  T978] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  617.330955][   T30] audit: type=1400 audit(1749004000.679:605): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11951 comm="syz.3.1881" daddr=fe80::aa dest=20003
[  617.454464][  T978] usb 2-1: device descriptor read/64, error -71
[  618.258708][    C0] vcan0: j1939_tp_rxtimer: 0xffff888076b5c000: rx timeout, send abort
[  618.274215][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888076b5c000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  618.474261][  T978] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  618.621866][  T978] usb 2-1: device descriptor read/64, error -71
[  618.630667][T11972] netlink: 'syz.5.1883': attribute type 3 has an invalid length.
[  618.657417][T11972] netlink: 666 bytes leftover after parsing attributes in process `syz.5.1883'.
[  618.681426][T11975] sit0: entered promiscuous mode
[  618.701069][T11975] netlink: 'syz.5.1883': attribute type 1 has an invalid length.
[  618.711922][T11975] netlink: 1 bytes leftover after parsing attributes in process `syz.5.1883'.
[  618.775162][  T978] usb usb2-port1: attempt power cycle
[  618.889191][T11984] overlay: ./file1 is not a directory
[  619.079199][   T30] audit: type=1400 audit(1749004002.429:606): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=11973 comm="syz.3.1886" daddr=fe80::aa dest=20004
[  619.134626][  T978] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  619.171411][  T978] usb 2-1: device descriptor read/8, error -71
[  619.436651][  T978] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  619.887229][T11994] fuse: Unknown parameter '��'
[  620.276646][  T978] usb 2-1: device descriptor read/8, error -71
[  620.404491][  T978] usb usb2-port1: unable to enumerate USB device
[  622.265959][ T5894] IPVS: starting estimator thread 0...
[  622.390765][ T5894] IPVS: starting estimator thread 0...
[  622.691810][T12047] IPVS: using max 47 ests per chain, 112800 per kthread
[  622.814877][T12048] IPVS: using max 23 ests per chain, 55200 per kthread
[  624.553462][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  624.796261][   T30] audit: type=1400 audit(1749004008.139:607): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="?000000000033" requested=w pid=12062 comm="syz.3.1905" daddr=fe80::2a dest=20003
[  624.956925][T12095] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1915'.
[  625.250939][T12101] netlink: 372 bytes leftover after parsing attributes in process `syz.1.1917'.
[  627.937921][T12133] overlay: ./file0 is not a directory
[  627.995814][T12123] can: request_module (can-proto-5) failed.
[  628.588371][T12144] SET target dimension over the limit!
[  630.070749][T12154] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1934'.
[  630.360893][T12161] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1936'.
[  630.519685][ T5946] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  630.674328][ T5946] usb 3-1: device descriptor read/64, error -71
[  631.804279][ T5946] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  631.954389][ T5946] usb 3-1: device descriptor read/64, error -71
[  631.958365][   T24] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[  632.124442][ T5946] usb usb3-port1: attempt power cycle
[  632.560856][T12184] netlink: 136 bytes leftover after parsing attributes in process `syz.5.1944'.
[  632.829916][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  632.861110][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  632.884300][ T5946] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  632.885905][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  632.945866][   T24] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  632.964490][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  632.965082][ T5946] usb 3-1: device descriptor read/8, error -71
[  632.993302][   T24] usb 2-1: Product: syz
[  633.000576][   T24] usb 2-1: Manufacturer: syz
[  633.010681][   T24] usb 2-1: SerialNumber: syz
[  633.027607][   T24] usb 2-1: config 0 descriptor??
[  633.775077][   T24] radio-si470x 2-1:0.0: could not find interrupt in endpoint
[  633.782817][   T24] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -5
[  633.955906][   T24] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  638.507658][ T9711] usb 2-1: USB disconnect, device number 44
[  638.519495][T12207] 9pnet_fd: Insufficient options for proto=fd
[  638.983309][T12218] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[  700.743441][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  737.949412][   T30] audit: type=1326 audit(1749004085.249:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12208 comm="syz.1.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  742.727764][   T30] audit: type=1326 audit(1749004085.249:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12208 comm="syz.1.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb408d8e969 code=0x7ffc0000
[  743.854058][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  743.861054][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P12212/1:b..l
[  743.869620][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=50073, q=367 ncpus=2)
[  743.877351][    C1] task:modprobe        state:R  running task     stack:23688 pid:12212 tgid:12212 ppid:12     task_flags:0x400000 flags:0x00004002
[  743.891762][    C1] Call Trace:
[  743.895207][    C1]  <TASK>
[  743.898140][    C1]  __schedule+0x16a2/0x4cb0
[  743.902675][    C1]  ? preempt_schedule_irq+0xb5/0x150
[  743.907971][    C1]  ? __lock_acquire+0xab9/0xd20
[  743.912822][    C1]  ? __pfx___schedule+0x10/0x10
[  743.917679][    C1]  ? preempt_schedule_irq+0xaa/0x150
[  743.922969][    C1]  preempt_schedule_irq+0xb5/0x150
[  743.928087][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  743.933808][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  743.939612][    C1]  irqentry_exit+0x6f/0x90
[  743.944028][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  743.950031][    C1] RIP: 0010:lock_release+0x2b5/0x3e0
[  743.955317][    C1] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 9b 98 fa 10 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
[  743.974923][    C1] RSP: 0018:ffffc9000ea072b0 EFLAGS: 00000206
[  743.981011][    C1] RAX: 11a091caad299c00 RBX: 0000000000000202 RCX: 11a091caad299c00
[  743.989007][    C1] RDX: 0000000000000001 RSI: ffffffff8db48dd1 RDI: ffffffff8be1a180
[  743.996983][    C1] RBP: ffff88802a3f0b18 R08: 0000000000000022 R09: ffffffff81728e15
[  744.004966][    C1] R10: ffffc9000ea07438 R11: ffffffff81ace730 R12: 0000000000000001
[  744.013021][    C1] R13: 0000000000000001 R14: ffffffff8e13f140 R15: ffff88802a3f0000
[  744.021025][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  744.027210][    C1]  ? unwind_next_frame+0xa5/0x2390
[  744.032328][    C1]  ? unwind_next_frame+0xa5/0x2390
[  744.037459][    C1]  ? unwind_next_frame+0xa5/0x2390
[  744.042638][    C1]  unwind_next_frame+0x19a9/0x2390
[  744.047796][    C1]  ? unwind_next_frame+0xa5/0x2390
[  744.052931][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.059008][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  744.065171][    C1]  arch_stack_walk+0x11c/0x150
[  744.069964][    C1]  stack_trace_save+0x9c/0xe0
[  744.074636][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  744.080014][    C1]  kasan_save_track+0x3e/0x80
[  744.084690][    C1]  ? kasan_save_track+0x3e/0x80
[  744.089552][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  744.094571][    C1]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  744.100200][    C1]  ? anon_vma_clone+0xb8/0x4f0
[  744.104971][    C1]  ? __split_vma+0x371/0x9b0
[  744.109556][    C1]  ? vma_modify+0x9db/0x1970
[  744.114226][    C1]  ? vma_modify_flags+0x1e8/0x230
[  744.119245][    C1]  ? mprotect_fixup+0x400/0x9b0
[  744.124094][    C1]  ? do_mprotect_pkey+0x8cd/0xce0
[  744.129111][    C1]  ? __x64_sys_mprotect+0x80/0x90
[  744.134129][    C1]  ? do_syscall_64+0xfa/0x3b0
[  744.138812][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.144908][    C1]  __kasan_slab_alloc+0x6c/0x80
[  744.150277][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  744.155855][    C1]  ? anon_vma_clone+0xb8/0x4f0
[  744.160625][    C1]  anon_vma_clone+0xb8/0x4f0
[  744.165251][    C1]  __split_vma+0x371/0x9b0
[  744.169725][    C1]  ? __lruvec_stat_mod_folio+0x79/0x2f0
[  744.175281][    C1]  ? __pfx___split_vma+0x10/0x10
[  744.180218][    C1]  ? can_vma_merge_left+0x195/0x6b0
[  744.185416][    C1]  vma_modify+0x9db/0x1970
[  744.189837][    C1]  vma_modify_flags+0x1e8/0x230
[  744.194752][    C1]  ? __pfx_vma_modify_flags+0x10/0x10
[  744.200127][    C1]  ? mas_next_slot+0xc20/0xcf0
[  744.204893][    C1]  mprotect_fixup+0x400/0x9b0
[  744.209566][    C1]  ? __pfx_mprotect_fixup+0x10/0x10
[  744.214858][    C1]  do_mprotect_pkey+0x8cd/0xce0
[  744.219720][    C1]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  744.225112][    C1]  __x64_sys_mprotect+0x80/0x90
[  744.229968][    C1]  do_syscall_64+0xfa/0x3b0
[  744.234491][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  744.239736][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.245866][    C1]  ? clear_bhb_loop+0x60/0xb0
[  744.250594][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.256769][    C1] RIP: 0033:0x7fde542582c7
[  744.261214][    C1] RSP: 002b:00007ffc5ebe70e8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  744.269818][    C1] RAX: ffffffffffffffda RBX: 00007fde5422c0c0 RCX: 00007fde542582c7
[  744.277791][    C1] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 00007fde54228000
[  744.285765][    C1] RBP: 00007ffc5ebe73b0 R08: 0000000000000000 R09: 00007fde541a9bf7
[  744.293742][    C1] R10: 00007fde5422c0c0 R11: 0000000000000206 R12: 0000000000000008
[  744.301802][    C1] R13: 00000149dfc14de4 R14: 0000000000000000 R15: 00007fde5426c310
[  744.309802][    C1]  </TASK>
[  744.312825][    C1] rcu: rcu_preempt kthread starved for 2308 jiffies! g50073 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  744.323924][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  744.333908][    C1] rcu: RCU grace-period kthread stack dump:
[  744.340061][    C1] task:rcu_preempt     state:R  running task     stack:27320 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  744.353546][    C1] Call Trace:
[  744.356833][    C1]  <TASK>
[  744.359770][    C1]  __schedule+0x16a2/0x4cb0
[  744.364732][    C1]  ? schedule+0x165/0x360
[  744.369070][    C1]  ? __pfx___schedule+0x10/0x10
[  744.373922][    C1]  ? schedule+0x91/0x360
[  744.378162][    C1]  schedule+0x165/0x360
[  744.382314][    C1]  schedule_timeout+0x12b/0x270
[  744.387162][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  744.392528][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  744.398507][    C1]  ? __pfx_process_timeout+0x10/0x10
[  744.403889][    C1]  ? prepare_to_swait_event+0x341/0x380
[  744.409461][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[  744.414339][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  744.419546][    C1]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  744.425706][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  744.430994][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  744.436214][    C1]  rcu_gp_kthread+0x99/0x390
[  744.440859][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  744.446070][    C1]  ? __kthread_parkme+0x7b/0x200
[  744.451013][    C1]  ? __kthread_parkme+0x1a1/0x200
[  744.456132][    C1]  kthread+0x711/0x8a0
[  744.460307][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  744.465766][    C1]  ? __pfx_kthread+0x10/0x10
[  744.470401][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  744.475620][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  744.480976][    C1]  ? __pfx_kthread+0x10/0x10
[  744.485677][    C1]  ret_from_fork+0x3f9/0x770
[  744.490280][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  744.495478][    C1]  ? __switch_to_asm+0x39/0x70
[  744.500250][    C1]  ? __switch_to_asm+0x33/0x70
[  744.505024][    C1]  ? __pfx_kthread+0x10/0x10
[  744.509627][    C1]  ret_from_fork_asm+0x1a/0x30
[  744.514442][    C1]  </TASK>
[  744.517459][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  744.523853][    C1] CPU: 1 UID: 0 PID: 12209 Comm: syz.1.1949 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  744.535584][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  744.545735][    C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50
[  744.551541][    C1] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 fa 47 3e f6 48 89 df e8 52 df 3e f6 e8 bd eb 67 f6 fb bf 01 00 00 00 <e8> 62 d9 30 f6 65 8b 05 3b e3 38 07 85 c0 74 07 5b c3 cc cc cc cc
[  744.571925][    C1] RSP: 0018:ffffc9000e967c78 EFLAGS: 00000286
[  744.577988][    C1] RAX: 3d671b7a6c0c7c00 RBX: ffff8880351b65c0 RCX: 3d671b7a6c0c7c00
[  744.585954][    C1] RDX: 0000000000000000 RSI: ffffffff8d95cd79 RDI: 0000000000000001
[  744.593920][    C1] RBP: ffff8880351b6858 R08: ffffffff8f9fb8f7 R09: 1ffffffff1f3f71e
[  744.601887][    C1] R10: dffffc0000000000 R11: fffffbfff1f3f71f R12: 1ffff11006a36d0b
[  744.609849][    C1] R13: 0000000000000000 R14: 0000000004000000 R15: 0000000000000011
[  744.617815][    C1] FS:  00007fb409bab6c0(0000) GS:ffff888125d93000(0000) knlGS:0000000000000000
[  744.626741][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  744.633342][    C1] CR2: 00007f957f97d2d8 CR3: 00000000610be000 CR4: 00000000003526f0
[  744.641323][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  744.649309][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  744.657306][    C1] Call Trace:
[  744.660610][    C1]  <TASK>
[  744.663551][    C1]  get_signal+0x117b/0x1310
[  744.668090][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  744.673673][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  744.679865][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[  744.685347][    C1]  exit_to_user_mode_loop+0x75/0x110
[  744.690631][    C1]  do_syscall_64+0x2bd/0x3b0
[  744.695223][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.701309][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  744.707475][    C1]  ? clear_bhb_loop+0x60/0xb0
[  744.712155][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.718049][    C1] RIP: 0033:0x7fb408d8e969
[  744.722461][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.742474][    C1] RSP: 002b:00007fb409bab038 EFLAGS: 00000246
[  744.748567][    C1] RAX: 000000000000000b RBX: 00007fb408fb5fa0 RCX: 00007fb408d8e969
[  744.756712][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000005
[  744.764872][    C1] RBP: 00007fb408e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  744.772860][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  744.781022][    C1] R13: 0000000000000000 R14: 00007fb408fb5fa0 R15: 00007ffda705e698
[  744.789024][    C1]  </TASK>
[  751.658994][ T1303] ieee802154 phy0 wpan0: encryption failed: -22