last executing test programs:

2m14.281499436s ago: executing program 0 (id=3926):
io_uring_setup(0x7d9e, &(0x7f00000003c0)={0x0, 0xfdcf, 0x800, 0x1, 0x24})
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000280)=0x20, 0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
write$input_event(0xffffffffffffffff, &(0x7f0000000140)={{}, 0x1, 0x37, 0x6}, 0x18)
mkdirat(0xffffffffffffffff, 0x0, 0x82)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = fsopen(&(0x7f00000003c0)='nfsd\x00', 0x1)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x6, 0x0, 0x0, 0x0)
getpid()
bind$qrtr(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNDEL(r4, 0x400442c9, &(0x7f0000000040)={0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}})
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0)
write$FUSE_BMAP(r1, 0x0, 0x0)

2m13.195342877s ago: executing program 0 (id=3927):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1fd}, 0xe)
writev(r0, &(0x7f0000000240)=[{&(0x7f0000002740)="1e", 0xfdef}], 0x33) (fail_nth: 3)

2m12.392405521s ago: executing program 0 (id=3929):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0xdf70b616f6f0de00, 0xa9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
syz_open_procfs(r5, &(0x7f0000000880)='net/snmp6\x00')
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r4, 0x731, 0x0, 0x0, {0x38}}, 0x14}, 0x1, 0x2}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x34, 0x2, 0x3, 0x200, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x15}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2c}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x3}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x40400d5}, 0x80)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r7, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r7, 0x0, 0x2, 0x0, &(0x7f0000000000)={{0x6, @rose}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)={0x1dc, r4, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x1dc}}, 0x1000)
r8 = openat(r1, &(0x7f0000000080)='./file0\x00', 0x40000, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000380)=ANY=[@ANYBLOB="bf1037ab4bd0aaaaaaaaaa3d86dd6006100000481100fe8000000000000000004000000000bbfe8000000000000000000000000000aa4e200e220048907803000003ff0b51108101000200000023926e0bf267636d01dbe5712c1c941e1cdafbbb43f09c70e13808ca72380641e5fff9620995b6f78670dfaf9a2038083179cf6b7931c9b41a9d64e785107fbd38619ae84884bb09260364a976d69b15fd143c39a977fc737a3f8f070ff5af96fab699b53078af0bab55a2d2a11b40be488c99743c15d6dc3546d5ac5cbafa35888fd6f07fa96f090b1be951831669abfcf53e3619c285dfafaad2f994a74a27dd5bd9252358433a7a0553a65dc716599d15e004f09cfceb1fecf2990cb2145d902e041674d365782138b27f48b8ce1fc53a94512bbbe78c3208fb2deef746036385fa4e4d453c4de00b25defa2a909ebdb12a3b1b9dbadbda17dfe307af359d44e019f7250b852e28eec2f688e08e07212d0fbcc061d2a0dd2a7bec30d77e923b541df14913cde4fdb697c7bcc49087fdc30f53c33e01aaec7da3cbc77b61dcf912a389fa59adb2bdd9535d305e9ac29979437279bd713451"], 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, 0x0, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(r11, 0x89a2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@remote, @random="00006a9ce7f3", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0x14, 0x6, 0x0, @private0={0xfc, 0x0, '\x00', 0x3}, @local, {[], {{0x4e20, 0x4e21, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0x9, 0x0, 0x5}}}}}}}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r10}, 0xc)
ioctl$PTP_PIN_SETFUNC(r8, 0x40603d07, &(0x7f00000000c0)={'\x00', 0xfffffffb, 0x3, 0x3})

2m11.903731368s ago: executing program 0 (id=3932):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockname(r0, 0x0, &(0x7f0000000600))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000002300)='./file0\x00')
stat(&(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaabbaaaaaab0c9420343758864450d00140064000040629078ac1e0001ac1e014a8cae2a9f00627d5eec33ea72dabd313c00f19de0306770a8d755a41b00522f652d98d2908d3c5d85d4bf99fbf1cc9e71eb63978735fdff5b31cb71a95133f8827b6abe0081971f04ae7082f768459f8f5d21f0c168315a2e911e21cf880d206b4598bff476f1999fe69e23b414ed615621b7302fefb72ff12c34f12a69c52383c10f5ddafc8da7f4af99f1f6374ad28a9e51fb34051872e00da2b3d5e2c22006f120f5df88173d3ce2b3030000000000000000"], 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
open(0x0, 0x145142, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000000240)='./file0\x00', 0xb)
ioctl$AUTOFS_IOC_CATATONIC(r4, 0x80049370, 0x1000000000000)
io_uring_setup(0x2d58, &(0x7f0000000380)={0x0, 0x62cc, 0x400, 0x8000002, 0xc8})

2m10.142290789s ago: executing program 0 (id=3934):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
fanotify_init(0x18, 0x1000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/address_bits', 0x0, 0x0)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r3, &(0x7f0000000040)="e5", 0xffffffe4, 0xa000a00, 0x0, 0x0)

2m8.199112205s ago: executing program 4 (id=3938):
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000180))
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000001380))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
io_uring_setup(0x4779, 0x0)
socket(0x10, 0x803, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_create_resource$binfmt(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc9, &(0x7f0000000740)=""/201, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffff0000, @void, @value}, 0x94)
close(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="120000020000000000000000001fd4bf6766bd0ef5177f72cb72ba4db3c37ec24250792db061ac06515a10fa3a747ee184d1080ce496ec8ee144d7a52beab356c9347e5a7a6b3be57861bcf15cfb98d256e3f2e6f946a5ff1e9161671a2443b146289f4a2616045fd9d7ab995d8ada47f12d1615a6e8e99262b16bd93e79c6bc116fd0fa18d14b7c754e32f173e3664df0b7a4899fd9923f061672a0d6f47d1296c276cf3cd8c4db0131e451e587627439b6cb56f4b803a1f9d65a78261784e6ff5fa45700000000000000007dae5a75ad5212e9143903c22fd7a7c54cd26445eabf4b69fe26f0f9a7cd9f7ce9419de8dc5a44544dc93e0cfb05a3008c57ab7639160012b6d4637b5ca0a1"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r4, 0x0, 0x0, 0x1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$HIDIOCGFIELDINFO(r2, 0xc038480a, &(0x7f00000003c0)={0x2, 0xffffffff, 0x4, 0x3, 0x8, 0x40, 0x10001, 0x9, 0x2658, 0xd, 0x1, 0x5, 0x100, 0x3})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, &(0x7f0000000100), &(0x7f00000001c0)=r2}, 0x20)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)

2m7.375526521s ago: executing program 0 (id=3942):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, 0x0, 0x0)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
r5 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000001540)={0x0, 0xfffffff9}, 0x8)

2m6.615173789s ago: executing program 32 (id=3942):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, 0x0, 0x0)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
r5 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000001540)={0x0, 0xfffffff9}, 0x8)

2m6.610866458s ago: executing program 4 (id=3945):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000500)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x854}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
landlock_create_ruleset(0x0, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
sendfile(r5, r5, 0x0, 0x40008)
r6 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000001540)={0x0, 0xfffffff9}, 0x8)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000000003dc771370100008096925ea30000000000000000008500000093e3916d800000954f70dc14086b6154fd3fb5b7f9b5718bbf9ac60900e4762063b448615c779071291ffffc2f5ef9"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)

2m5.176495175s ago: executing program 4 (id=3948):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x24b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x6c}}, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc2c45512, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc)
socket$unix(0x1, 0x5, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x11, 0x0, 0x0, @u64=0x8000000000000000}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

2m1.443050603s ago: executing program 4 (id=3956):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockname(r0, 0x0, &(0x7f0000000600))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000002300)='./file0\x00')
stat(&(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaabbaaaaaab0c9420343758864450d00140064000040629078ac1e0001ac1e014a8cae2a9f00627d5eec33ea72dabd313c00f19de0306770a8d755a41b00522f652d98d2908d3c5d85d4bf99fbf1cc9e71eb63978735fdff5b31cb71a95133f8827b6abe0081971f04ae7082f768459f8f5d21f0c168315a2e911e21cf880d206b4598bff476f1999fe69e23b414ed615621b7302fefb72ff12c34f12a69c52383c10f5ddafc8da7f4af99f1f6374ad28a9e51fb34051872e00da2b3d5e2c22006f120f5df88173d3ce2b3030000000000000000"], 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
open(0x0, 0x145142, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
umount2(&(0x7f0000000240)='./file0\x00', 0xb)
sched_setaffinity(0x0, 0x0, 0x0)
io_uring_setup(0x2d58, &(0x7f0000000380)={0x0, 0x62cc, 0x400, 0x8000002, 0xc8})

1m59.784674015s ago: executing program 4 (id=3960):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000140)=0x7fffffff, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
connect$inet6(r0, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

1m56.98014878s ago: executing program 4 (id=3962):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x2, 0xfffff010}, {0x20, 0x9, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r1, &(0x7f0000000180), 0x4000190, 0x0)
shutdown(0xffffffffffffffff, 0x1)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000003c0)="1891a586afe0e94f03fa2a22dc94d7adc8", 0x5)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="00c491c918000000e4ff0000004e00000000000000691954000000"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x98, &(0x7f00000000c0)=""/152, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)

1m56.483821534s ago: executing program 33 (id=3962):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x2, 0xfffff010}, {0x20, 0x9, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r1, &(0x7f0000000180), 0x4000190, 0x0)
shutdown(0xffffffffffffffff, 0x1)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000003c0)="1891a586afe0e94f03fa2a22dc94d7adc8", 0x5)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="00c491c918000000e4ff0000004e00000000000000691954000000"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x98, &(0x7f00000000c0)=""/152, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)

11.157824772s ago: executing program 2 (id=4238):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='svcrdma_page_overrun_err\x00'}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r4, 0x40000000af01, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
dup(r5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x20000094}, 0x4044040)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000400))
setsockopt$rose(r0, 0x104, 0x5, 0x0, 0x0)

11.105055497s ago: executing program 1 (id=4239):
r0 = socket(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e1f}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0x3, 0x4)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, 0x0)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280), 0x28)

9.759240629s ago: executing program 1 (id=4242):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r1}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000017c0)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x20000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x80003}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xffffffff}], [{}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_syncookies\x00', 0x1, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, r3, 0x1, 0x70bd2b, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x4e, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)
futex(&(0x7f0000000000)=0x1, 0x8, 0x82, 0x0, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0xeef, 0x72c4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x90, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f00000000c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x222, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xdc, 0x10, 0x7, [{{0x9, 0x4, 0x0, 0xf9, 0x2, 0x3, 0x1, 0x2, 0x2, {0x9, 0x21, 0x4f57, 0xcb, 0x1, {0x22, 0x871}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x8e, 0x3, 0x15}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x2, 0x1, 0xe}}]}}}]}}]}}, &(0x7f00000003c0)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x300, 0x3, 0x2, 0x9, 0x20, 0x8}, 0xf5, &(0x7f0000000240)={0x5, 0xf, 0xf5, 0x4, [@wireless={0xb, 0x10, 0x1, 0x4, 0x50, 0x2, 0xc, 0x1, 0x1}, @ss_container_id={0x14, 0x10, 0x4, 0x94, "2df8ad8be0b2c6fdfd68e87c779b2ac5"}, @generic={0xbd, 0x10, 0x3, "3afd3af501997c0de5aa0a0eaeceda73e44d9588ee09891cda8500e2e2e76cf422988b9268a05499def4a154d972571dc91f35908371741e28b816ae9c96cc62d2df20dd1667049523498887c666ef96bd33391613de2ecfe3e4eb48d8d7699bb63247cffd5f0eaab1cdcba7b5eff4d32447a5cf12f6529d157b885f140188469c6b93f7f36b452acf116e5848c7a5997a55db1828d66af2c4965278fc54b473f208a715ef188d362dec3d399ae973cba54975b86dc686c9a988"}, @ss_container_id={0x14, 0x10, 0x4, 0x2, "00ff9d21b9565f70e57ac2320c290f19"}]}, 0x2, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x440a}}, {0xb, &(0x7f0000000380)=@string={0xb, 0x3, "1af6c0c40e85531312"}}]})
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f0000000000)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0003050000001408b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
getpgid(r4)

9.577606658s ago: executing program 2 (id=4243):
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000f5ffffff0000000000060000001820702500000000f42020207b1af8ff00000000bfa100000000000007010000f8ffff"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000003c0), 0x3)
getsockopt$bt_hci(r1, 0x11a, 0x1, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
write$binfmt_aout(r3, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x0, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2000481a}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r5, 0x10f, 0x88)
r6 = syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x18d1, 0x5022, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x4d43be892c9f0b79, 0xe0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc, 0x0, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io(r6, &(0x7f00000004c0)={0x2c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="000fc1000000050fc10001bc1001012c3c534fc6af3b18add74d6aa0842e474e45bab2fcc50f59a14105130b18acacfb1dead34988f4975b782f716e20d3220f6b0b3c8f8e93c9b56addad2d74a5c805000000567961b949b534a54b5e6e4ac0e656873e6e5417236754bc33d664e419e4653771ebc1b3bcbaaa7832d06ad0971c25593cf1118dde4a6dbd1447fb26ba213cf26d4d2e5fbe3403163ab267ee6a5e5e4c35d860a129b5f5d126d2a0796f153a64"], 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

8.636697751s ago: executing program 6 (id=4245):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x40000000, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x2d, &(0x7f0000000000)=0x92d2, 0x4)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000080)={0x10001, 0x9})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_i'])
read$FUSE(0xffffffffffffffff, &(0x7f0000006840)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x2b, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
write$FUSE_NOTIFY_POLL(r6, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r7, r8, 0x6, 0x0, @val=@iter={0x0}}, 0x20)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)

8.268579699s ago: executing program 2 (id=4247):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x20, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x4000014)
read$msr(r0, &(0x7f000001b000)=""/102400, 0x19000)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xd}, @hci_ev_le_ltk_req={{}, {0xc8, 0x7fffffffffffffff, 0xf3}}}}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)

7.54793173s ago: executing program 5 (id=4248):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
syz_emit_ethernet(0x6c, &(0x7f0000000240)={@link_local, @broadcast, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x1, [0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x800, [0x80, 0x40f]}, {}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x3600}}}}}}}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x1ff)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='..0:\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VIDIOC_STREAMOFF(r3, 0xc0405627, &(0x7f0000000300)=0x2)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000003000/0x3000)=nil, 0x3000, &(0x7f0000000000)='pids.current\x00')

7.232867462s ago: executing program 2 (id=4250):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
getpriority(0x2, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r1, 0x0)
getsockopt$inet_mptcp_buf(r1, 0x11c, 0x4, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
sigaltstack(&(0x7f0000001280)={&(0x7f0000000280)=""/4088, 0x80000000, 0xffffffffffffff14}, 0x0)
sigaltstack(&(0x7f00000014c0)={0x0, 0x80000002}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r3 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
preadv(r3, 0x0, 0x0, 0x6, 0x0)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0x8, 0xaac3, 0x1, 0x2, 0x0, 0x4, 0x9, 0xa, 0x2, 0x7, 0x8, 0x200, 0x10000, 0x1400, 0x10, 0x3d, {0x4, 0x5}, 0xff, 0x2d}})
getsockopt$inet_buf(0xffffffffffffffff, 0x6, 0x29, 0x0, 0x0)

6.243895774s ago: executing program 5 (id=4251):
ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000100)={{}, "176914d2ab253215d746e4694d57dfa31a0abb28f4f3e94f8e778117e2fbd456d41e3fdc5404e9413897c73a82945c61fb5c26be446ae725b697cb11162ccd7876ba4fde227f063e7c01a59aba6ce813aaf5611c68381b0ccd406757d7b435d80bdafc62b3d81be88cdcb107313cc5d2803e9811c0f447804f3db53281770b2d3cd4f87acb36e69cb0a6abd417acd41cafb5f10c738e09cc2608fb257cde7c8230d6a930ecb83fed0ae2f646d89bc47f962c1960bde5daa84722bcf066ed893a3ab7d398b4958f07d97ce8b93b8ee0920276215a55298f70556e73e75d60851e23fd4ad54fa5b07b7bfa0669a41c9ae2cd6fedc2e8c60af48b087a1faf74e16a9f815879fe5830c960e6e5da21cb01060d775336a81a8465c3c0c46ddd37848aaf77d7b11d6939dd2c59914b04b99138da4ed3b31f064044422e65f2860be605f0782c2ad6597d1a8d8cd71d5f90e4a17296b832ffa4334616f359d54248a9544cac61019a31f9115fdd0717819edf241a9372ead1ad3370a9da7072a1df64bc772b007f77b078a4b2ea29906288c99b1d53beabd765bb9a09cf9d2156d37b9dda0b4dfb40d31cdc56dcd097b6e7634bfbaa3d7b50056d3b7f3b8d2bfd488e6c9fe599b201964b69fb12aa6815f8018b45839cd006ebe00d5e5a1cd6eaa4dc51c1ed104ccd9160e135250f4a1f12580eeaa47ccf375cda55a5f202759e1cd556281e5bc0ce2ecd31d74674ffe2e7acee85f8f58512eef0ad11bfa91e466361e62b1c8766021966834a2d211ce88f42e8f6fa2d1f375fb49d3e12a25bb76b7696e5b822a3286cbfa5e669b751220b223274bda0776463c5eb0605d7ef3beb22fb0b8768645831b90a8dfb5ca62d22ebc45e08d455f484818789e0f4e91355f4b4425a70c6eebbef6c087014f306fd415f199dea44ea5fd52e3c7efb40bd2f0040566c31e12bdea4389baf6a588d3ee726933b27b6335bdfe91cbd34a84cebc06f25f80df1546ceefa173143be67c21b0eaa37f759a648169aa7b0452be021263e5f3dfd6706ed8890b4092e3482bfc08b07b3fa83dad65d86e9314a8c299b9488e493d469887649e4389b38db10629c6c83427f19a5a9d714549336daed6c22e6a65891aa1ba2f6ca29f978e5ac26f6645d4d77dd90928abbf1be157e7d6eae65e640cf7dc5e7da2f97447c4677514e4406d27a0b6933604bae608867c50376c2b3cc379fcf942c25d2ebe0f8bb3df130735ebe117edc977dcb51683addb2ac9a3c36b9f2be2d62aee01a2cf8a3a58ecf02150e8fcd2e00319b6d639bfeed0331d846c7c09e677963bb149b5ad0a1d173d60e9f31865f25ba2bf485ada0379334d3f53dc2e82c6d3fc623d5b5462b10db0298e2df9f87dc98d488a3e49ecb7e923aaab66f091eedc985d141a7b3aabc43911ee9d5cdc1889160522a8507fe5c9a9654af3b57f7b2b462b9c901738de69033220e256ef5b1c920c6c635249fce3b521cf481b0f113d227fefc4cd3eff7676a42289895fcb0542445cf63898878b8516d99446ef073c0e100093491d67c9809621006d9a03d80229ab91a634da87763619349393764379123606b4e72f2fbbaa9524a8dbf413de47b09265b1d231d4dfac5c12be460e1aaec6e50ca1f9aa3956955f15173cba0c08376e4641a3b738725b936fc8cd4e69a53bf86a6212077ef78bd2b2363537f699204d746f39ddcfb3e73f763406ab2b6889bb2cf8cfbf23ca84b314669b4f61fbb0de90a3be05335735ed19b8ef4e408e87baae2df2b972f24efa1cedf4d2a478111fed7b4ea12b0c30015b472fa2340cbaab8c3ef25f0d6be0be29736e0cf72976115ed33fc0c88411363915cefc9fa63852ef83fae797349759bcac68cba836d2adc6dfa2d57a467aa2f851d8c645e537a52224a137f6c4cf1741bcc765cf22c8d32d0255f602bdecb987d2384761b5a75ca7cffba2cb9e37b38f3104cb8cbc8fe4ed7705998544b536dec838a6a365d61b64d5281816ac4d85653b5a051a0c06becbe788581e464e71ad92ca362e43ccaee36b35f4146023023695cd7834723ba858a1de4d34426188cc05088256b498abf143723103bb950f2d4fabd35041ec278647b263728f69a0a5fa81795114cb4b18e990ae26943032c009bc08f526c837a97e61103def6e48e084743083fe3dbe2a0a927c0214ff58774d92d2518c6784bef5623f8e51380f30f0476a7f3484ca841fe0efea46b20b2eb6ef5c4529e4823fa77d1e8242ab87fb9b88f118bc415de872a3ebf768d3d77f10eafedb689d881517fe4aad41b87496bce80d915bb2d00bfb6b693833a033a8d2feda53ce290996a4b3b0c48ad642b2a06e374b7c714d13dcfd7c3db7de3e86a9dd8afb006c0eb3ec50ad3ef04084746c6758152aaf4fcc23a108fe4f46bc1bb17acc5fc9e562d3bdf2bc2a2d94c6a5acd9469a6a88f08f77c199e7c9671a54c028e6da0756fe6dc3854700b017a7bd734dc6822736f8c98ff1ebba17de7ec7d2a49d818873119cbc90d9208227affb9d5825be311f22a9bb85d017c9b2208f15bc7ac9a43ba22d53d8622ff954659c7de8ce3adb37847d7eb495fa13045c75dc4fa9562013157e321514472033dbb41df53feaccd482b03260f000d13cb875f07e2d7929cc3ed92713cee8277a3f1eaeb31efb860419c70766fbb68dffd1e804c9df37077d11b34bbc23ed4969d95977df8e708c11188d818c4ae56be482ef1b6c166e1e1a482cc6a277c2b85ad6906f60136032a58e3355245761fe1782414bd2267addfddc522219b3c6eb08ce8e43f8dc81f7169d32cf50be4a51e123f7ba7865f31a5f6677851156dead0045d29d66cc5ca022bbd385eb9bf35e357cd3178867d288d5f2d041e8002208998c118208d2d15e27567cc2a0b53953945e35c9158ca7e9d967c487f8ba2279427e2597a8132f52502ce5af94ec2dc4f871b5384139101702cddc3fd2271553b3aa57074590be216b2c0f1ee04ba88752f3d57016fa56a3047e0111529edf7f2a1d4cea21022ba6e7f6496b9315e3d78fe17ca17104ab630ac30f3946f54cfe9d20d23f6f3913bbd1f131943ba66aaf54988048c414a8651e50bffaa01e9d80f3e02e681c84c2bf7bf2bac0a299e0969fd9e77b5e3b7bfdbaca9621afc1991a72ae4f295973823dbe09d7bd8b41e7771ea1a17d1e5caabb00bd31f670254920a493c465e1b3d27467633365015f0ebceb96efa01861dcc8aed6a834232a9c33e2b9e94a6fad9271d89216815ad65f78c4a53d8c5e689cc6b10b147f7edae2de1a3a0b1f1faff720ea68ef9611e0838993a73e5e8e722a8650bdf07ae6a59c356cb5f4f30ed360470fcc5dde1b9c4ee3d27b7d0b94d7293132f7e8afe800cdc0275e813d95c52b75c5be3986f16a68819fb9330954eaa65749055a21cdc31f384d1c5f557fabefe2e77831b3cf3108415b12fd11d8c56926c1503346a882d6ae7b18a68578aee18cf7ce9310eab0ffda4969d0ac9585ae9efe4519de8f8ac15ad5ae789a9a59c1800781d20d1d565f88fc6aa30908808aff4f615593e1789b51407829710b9ee8cbc38e4ece4165813db383af307c5fd1ecbc8439d5ecc41769837bf64fc378947246e23bcc8b9528a3c623f5cb70da8b904e2ab4304521b1583742f93668d06fb353f3ca752dc93cc3f211e4738512ca469751fdf0ecf09d83cf6634a51adb224d323433ec06e9f3d1b24fcd8d6ad16c3649e01e35de4da4d87fe40d85ee76255087bfca99551154522e6d27a6ba4dbf04dd9a36324113e3aaffc540db1c844cf6843ea4ef0deb8817b9f244a09e8fc2e2a0c3b813ead494cbfbb21a42a296e6d442d06f1392410a39924088cd7fdf51f60b08dfe5bfca2019f7865401aeb13c969537b0bce47352413c425ff9af35bccc4316bb18f25a54fcb9de9a02421c3c5cf070f5813a5c17efe9d0b0ed95b3f3f71c8388eeecdef6751de1fbcbb54f1f5def7744dc7fcd6aa7437af7548b4f764f4ced03db9e14bf9b52055d4f3ef318499a15e84f823c98dff9e8c00783038b607095ea4a9a76f9d157c677d637578721b9cac6ff5ffbbd791aaf164d06f793c123da686706a32de69bab8a3d2afd5334c85071791c2db6698dbd705bfe8b3ce65bac2f496437ef7e9c298c3746b16e996dcd205822d49d77523e13cf5d370aadb474a99b94aa20f4cdbef553740ed6d2bf0e91c3a039c8674778cdaf29dbd829dc2b70471460113198237e2e92ab4517a4448fd140184bcfc32a8fb8ec550885abef597e7003abaf5d9ba7dfa59f28a44474da7a49faabb00fb6e062c7ab430dad23c7ae1410fa82f89056299c7740ebb5bfa4739fdca93feeee9e915163ee0d92f945d45731283055bc0591ae5ccf7dd11eea2131fdadabf5f51e65cfc9f257aaffa9d9b81d8dd9582359dba66bcf4eeecf642bb02ba4ad5506f6f436194443a5e3a0a3b3675530f510fee9c59b79eab35fa6e40c2f56e41a81670b17b69d916f8c90b69acd85fdbc76e3d93c5e3e90ea26115d0290fbe18080ad114a0107f5fb6bbe0d48b0686ced86e33eaa7f744cd1e850b075988be3349b3c6024d03510b2dd3470115512485b44feac154f2c6fd996b4c56878b24faebfca386c51b012b1ea86d0e523c34b9514059c3d395b8cb450de676a081b6591a23c465f6871d967fc98b55eeec697622a099309be7f85de0c3759ef1e4a9cd3715dd5f8ee7d4be49595543dcfe690b632e03d428e0a734543b63a47b9726472a5b5b4d75b1912948c27ec7b86fa578a800750720c16e2d8a070e435cffd77ba0910ff9faa62ebd267ae410aa6a0b29f50c2bc43456733cafac010711e0e98abec657a293beab6d7b72b34f8bbbaa8f967d0a5fe2ff027b757cc12f323ad7fd67c8e76ecb7bebf36c470bbc40c6253a80856e478d132c1c0b25b1df90629830bf3d3fa364e40a8173a5f5763a37f178ecec8576d78150d71344640add7be9ff5dba0ed275235880c08e0290d57f75e793af700f9daeb2ddfd242a9b582ab1589a8e362c347d700016dec63118afce91496f5b045363b30d7f9c048ff17460e002fd9237ed1d85bb14e535bba005fd2b051aff0814e0611907466e57c898fb9cb45ebdc825b13a662aec2364df358dff02a755b43f00f6d976f0671e727370a1e6af2df0bc509c416905e85052052f6081032ad66d096289b76eb4e2da3e68fa12de224202152fa3d00cf2741995e6454b17e13d6e8b9cbc5b1d85d229667b0ae07cd906ff0779b2761217430710cf593305834e2ac069d7e9af020d768b9c75aaf0c9cfdcd14e8b561561e755e372e93faeda995a038f3f7ce1e5b86ba8789a8f5c9d01dfb19848a01fad11e23c57b16e9a4dd3b65f31fae1d55f2ba093987df164c311201d0e6899def8b6a1def88ac7ce79dd24784a8e8621e61fbad6e218440f71a907a46fe0e0c69e19e015fa1430ecbfe729b31b1e27613bbd47c400e927a8a1c423150b80c17555c193fc514cdc0d22915dde7c7f731062c3e6958fa722c60d4b3c5c9676a20245550adcea924180e0c8d8b4ad7d04dfa4da34fcd267765e63b9bd42c8abe20cb191e04449cb2916b34b22aa4984de34b16d0c3fdd10a1a66457ef00b4e47fdae53e42cfde240a5684fac86e3404b985557443de8b70eb42fe7df5597d9052cdc0ad7781b49282d5b4fe254f0dfd37581c73c83f6e30b097506d5805700bb12f31707315370f179abc7f00e12d0dc5624ee04cba3abe795509184fa1"})
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={'veth1_to_team\x00', {0x2, 0x4e24, @loopback=0x7f000000}})
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x8)
write(r2, &(0x7f0000001100)="0ad4da6d0cad8c6114bd2d7044a01882bf5735cc8d083927673566743db1ac7b0b5bdad078698984fe02ad86d7df30aa42b5dbc52ab82cc33c39f843ee05a7e6d5c6d21c1b95f921dc2dbde8d284fe2c9370360b6cb0b441d30b86fe1c70658cd5750d76403bdace9cb91fceebc9349d386280c7b8d1de88bbd459ef2114134b287082f70969b94566320751dd376ce3c2eb9af723e317512946dfe9cdfa47a1c5c6ac83744f4b5082e70425346c74af8c214140fe369badd45c55490cfc4281e92e67ddcfc64c13176ad1afd7941a4fe0c113ae8692048c4e8c8bb60ec4d1c1cac8b6", 0xe3)
r3 = fsopen(&(0x7f0000000100)='ecryptfs\x00', 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
mount(&(0x7f0000000100)=@md0, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='virtiofs\x00', 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x80)

5.813461939s ago: executing program 6 (id=4253):
syz_clone3(&(0x7f0000000400)={0x800, 0x0, 0x0, &(0x7f0000000140), {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r0, &(0x7f00000002c0), 0x220, 0x100, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r1, 0x40384708, &(0x7f0000000040)={0x5, 0x1, 0x7, 0x3f, 0xa1, "3eccd25569e20900"})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000005880)=@newtfilter={0x24, 0x28, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xb}, {0x7, 0xffff}}}, 0x24}}, 0x40)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}}, 0x0)
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000400), 0x2000011a)
syz_usb_connect$cdc_ecm(0x5, 0x56, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000102505a1a44000000001010902"], 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r3)
sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000280)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e23, 0xfffffff8, @local, 0x9}, 0x1c, &(0x7f0000000100)=[{&(0x7f0000000200)="d81655262c2b7d088cfe72618f7305f4ffadaa459ea4190445db064dd7d7e96c2ad6747fa001f278efdd413809d0eab4a85e8b56ed6d83e174c8d83e843743bc28a05f50adb13d2be29ac40472c2e90020b0dad33eaa5a96c52107", 0x5b}, {&(0x7f0000000080)="64a837e3226a744d66b2a5ae4fc53bdbb8129aeb741ed6c7bb0f20ddf1c93212d3fb460637c85a4d7b24ecc5a29ec7", 0x2f}], 0x2, &(0x7f0000000f40)=[@pktinfo={{0x24, 0x29, 0x32, {@remote}}}, @dstopts={{0x1040, 0x29, 0x37, {0x0, 0x204, '\x00', [@ra={0x5, 0x2, 0x1}, @generic={0x6, 0x1000, "524c82481c97e433dc5deb01706aa8f57676d612c9b7145165841e09648e2eace9ca6ad5ae9cc9c2ab12a10f68207f99f5e8f4b3094fd23cedfbcf6a02967f0f470369df7a49b299366e06871c8fd68cf36519b0146d87a3e361c6156d8fb198c8f5d91174df3032f7c02ad0dc1367173ad845f5df5ba0da7f949228501701ea1153649869e5dd4504251345001c37755f38c419b15d9e82736eb7e563b4cbea4044aa389ffbb14a914e16372bfab3a00690c53f62211035b5d82e55377733fb2e92bb934d482d96aff940fe0b99a18c7df640e07ff84febb29fc70cfe045869fac4f963bec3950c67465038a1e7e4a2dc03cdf23449296aa25f98a12799f5050a31db97e826caab08c815ba9eb22acc9dc311c7ad137aa9385e098a6502b2f50640008f7f4ae7bf77a9e5c5f770efd07eef5733fb94dd12f77f0ae23b2fb82e3ee29cf7b9f577d69d92dd78f5761881408ec076fbdd95f4e7f30e8f23837f30519034540f4c6346541cbc5daa7c81ad1e05c99c190246c29f2a611dfb460367e3fcf3e9e1a88f347817a215fb44eadbb3c7d10566ea923bbcfaefd23d263d8fc49d722d6d0fef712b6327cf8255442146185aff5ecb262f531d4d8899ba6eb994053d708501c52939fbb434a30f4f1c6759682f12ee491f0f9ed78136146a8c412654cc366d66d2cd2667a04b833b9c26236459b36b74d33849e1153c13a9cda2fdb4a8c672f483006781a022a4c859ae4114fd025c74305eae76647fda8de3df37ae85e684da35b8583cfa54971485f04c463857da9762e4646e8764be9ce7843327db9a6149db88937139431eec9cefc4c23fd7f8241c4e483eb8c8924b6acdc3d6dc0ee0107152d3f57ffacb79f5a728a2fe0b249dc9cb722520ebd9286a7888da7738e2c4f1d44139ca3d7bdff950d7affd39b4e47c2f4781a4ab7b5432df1da64c4f1884c9a9c3820b6213b231f5de4d869af4b2d2d3f178945e34ee0c161f29cfdf8efe1def7eed299b01d1a992dafa1ccb26db44bdcc24044ca5f9606fccf1d115ef334d4522e4d79d6e8ac9c50540062ad5efda41840bca55166e7be0d05b045464b606224e810c10f0b3af5d683d16c9d6a8aa5c2fbcb91755a0f7eb69d4624530f3232a9eac81fd21670bd920182d7e35708cd480653afeac010f4aeaaf04fbede7fea9359c0f6e486079ea51265c25c3cceb3a213499d33823f6cecb5caa66a2a32de46403dd6bf35fe92dde8a84ef888949d05b5d5a81acc07f36a8b72249f2e41573b0381d91daaaa659d0bcd50c15f4bc71de2375faf6a91edbeccf68f2b08a820e0dc0771ac4fd94c09f94a229e40d6cbcb852a58ee14404c129325cd2fe3b07ef904e2311dfe20d12dfbc42d125509e48519ce8709e69b5a585c3dcc45b5a545c5fe11f493680ad2841d158bca72af04835f521fddafe4f663732ad1519461a3d68538e209937b4933bd0b9d07b930a236fd61ac77ea948b49bd9c2188f00e2a6106360c8667208515499e6508f5003c2011fe39667ada8312eec4f9ae5083db33b21b0bd3a492732af4463706fc01f488a4bd923171503769efaedce1a47cd52bcc1573d9b92d137e2c85f07dbd202db5bc882b7f8d63f20dc647008cabd42a10c55b1f19632b1cb7de00ffde155c879e2389cdc2ec22eda80ac563755f17c4fe3186793e79399e39e2ca76017ccd8cb4dc6890a662ecb57977ca2833a555f3fb1374d7007d7eb2c64283d8170c8067a14b13afd3a495a96ed57f425961725df811cd9635097b98d5483fc91a9d78a9cdd048d9b9d695fcbce8d20714070d4b3cb405735b00cf32db4becca2c8ec1a0cb5fdb2c20ea64ed4bd0aaf48cf9983881199711c98283c23afb7a4e9f3d4beaeca14af05c1c7e2d44226aed683dd9525a7d9bd51213173ad713417248abf4ac1bf0676c62bb52af88eb398c82675e26dca975bc9d7c7726cb4b5c3c477c5a3fc0f75d9adde937e3b0c440e8ffbfefda187ddc6a41f03b05f390ae3a6785792c30646545ef2a57c9b7b82dbfce4e0fefe15f1a7e43da7ac8001dcd11a04412b9d837ceba0b6de6165404993490444b13dce2a317c694f5caae21b6b2b0c8326ba9c0bb9f930870e94e487713065853cb6b2324215a7e1a32a52c3640a1952880403f716d00d6f73a55cbd76ad1b2be6985c541e5198312afe5f71b6057ead2c8c0670cf3979b5cd1d5f1191cbddcfdbaa5bd90e91a41bb92e9000dcd5996de1d424f90910854dcdc1e68c7cff4448301d90e95ee6866fef23a69ae255017326ca1bc9d7984f7198abdf1f49306aa5fdb3154d2610fee04965c84783145c30995243e55eda73207b0d4577cd53c4596bb35f6f3d401fe6e4d2d4f2959edffec1fec16a742e52c735de4c88a5c9afb50acee4b7048ea71ad82be0dff24bbd03288949ef15bffa411d4b7aeeabec61d193e85fdbba87328816442e9f516e1b07200c0551e22a53a970380f522436e84f2533104efd4f2ce1538b74f38452862efe1eef4f0e70d7d6bc24d6a8fabafb95a16b1c6a8afd63a75212d2031e8d7af4f6335fe65f85806489c17a02f4f15addecdec453e0d71164e131459d920194e349f05c96d649dbffb1a686842573ecbe4d63f1fe5d5aa83eda2245e31d26d7cee40e221d85fb4fe53abeb1c70b23c6d527f10b72fe87a4439e4c69acc1121c85b1b2b0c71034b74cb40770779052ade0b9aaecb501f702af432bc5ea60c127820835c80f75ff0801bb27f882c9187b752468d87ebc955fc574a61263ac2f88f976c9d45b7d3044d11266df78a718c1a070f221a4b8ed866dadd1003eb223b105cda35d3988981bb1c322893c2f4c6d18a8a7eaccf5012e0309a942f3f99c8d7b132c7a64acf0f5a87dcf0d4fef6832852c141096344b188457bd01a8c3fefb273325e7070b41dbc40c935b654c23d22b31c45e9163c9d4dc0e6bdde62d0074819789e97e4d115e1ff8c6b8b6cef886d09afc229fab7d2a7f290369ea8f3ec574c2505a07ce6bc91ce437dfbb903951bd674063406f1e2d79e4992f68cc89d0f2622d61daac773c7160fe5dfa789fe1f82f0d8cbf58b44f707a44074c4c29c08fb5dda4f6c68645cf712ab842eaa40958a0981f27f5fb6ef82561c2dbd8ca8ca1403f32af170b07f87054c65c9417d485ad8c17fb6c7b108d37dbae638d04495af2b4d77f7f2c0d017bf348ce92777c1cb92d129b7aa87eff8397151eda0e4b2e1769125efa48c964e15531e7bca8529749f7e37ef3540aced45dae009bad6b5a0f750325552e8c35d0d2acad9425d08f0f9300a18f3dc9f1083a33add4682af338371540bbb67244151ebe021d165099b4a7d7e7ce79f2b1aa6db93c08542685ee8a4c30108354e6a300ac63a48ad467e0dfbbe50531131c2eb63afe490b2d48f1c627c2c5ef82b73b5f9b23592666bdd0278141b1bddc1ea3a69bf0fc0c832be88ba3620834b3011600c92dc039e80df3a6dc02506ec51ff2b60dd568c173ee67c2b6a42245e1a9b6d628cdff9e9fb3924bb23037bb4fa544da01876eb19c85385d53273023c8c494a7523eb53be40205df6ad97782db512d40dda990baf98552823c889a83aa39277c1ade3756847097f0e8cef4590e3e0bf3b9dd1644a2c9611e5361ae37261d34b4d656195c4ddc4d301abc12db9c3a07d1105ed0462a9e326ccd8839aaee8d13917762fa4181d39b22030b42eab97bed5811b89eaa9163c52e0c84d7c4227080b8bda9a53ad9539afe20817c2808aba3a5a96f62a0b2088cc7e7c626e0f61faf8a1c87211c365e0d4f578a8b9acc91231946c924cda8fe46baa5ce5210dcd4e45c5c6ae882dd1e280b2b4fe033b3dd047fea586b85adab5e4dadaa6e198baa57d1729e0eba7fda2fca0325c250bfc543e63ef457d09002e1f3265fa7742dafa3a2d4792750a9cb93c41dabdc7f9342089cf49f6876ca99e0a9d5305fbc524d7be583c74d9a12991d71a93284097bcf9be957f2a8c3f7c4b0c99fffdafb527e92d14f4df4ebca4f557819bfddbfc55df8e317645a62b6409125b099e920dd172d509fa2d54d63e3cb45074831b8aa722529b052714570993cad80fd530c4e9bd11f40cd61f142db5ba9adffd8e292f7ce2eb958561095e8c89d2475b0095dd87d4f523e943330c19c8d697604f0d2ff5ae237f0f04c0f6f9623901340fddee2afe21b63df75675da51ea1734845c187429e9965be0f08cba8743c3bd3341957deb1e38fe340ec8e8a1933b2dc8135ba6191d0bba93c0270a1568cc8154507fb25df0a981bbe8d61296235d71c8393d1563f92d086aa7b9257372726e09081aa43d1c9b4d85183bd3fbcac259f25dc440489bbeb89c088795bd415cc7865b232a6c3b756904877890f62f9d7ba29a097599359beff917102ada8a049e3a5835a054b22cd9f3f65bc1ffbfe271cc5710b570af9305ccfd2b56608cea2cbdbf2d1ee3f07e7a8f5b50789257c7557614a598e8bfd571104baa3f9af0a5c36feffc7aba585d2b4a4ede319e35a37514c4365a98eae2384bfd1622e6916a320f37de691d24431327220aa92992ed3fefa79cc3ac09aba0d70d82d8bb1a279376ab64140ff473ea09862a2cac8f5b963dbdfbdfc872046309549795672e05993d3a1e4447d19f2d7e09a0fc0f9e01863e2d72a156ba82e65c3bcd41cce3188e7f958772db3a97b5363c8a39e82860759936e86292e2a353a86fce10bed671a3f2acf33167628c9a5089bb7445efad81c372af518e5b70e26214b597d36c1a14be8d944392d0d800ea85d04c7cb547cc976e78cf6faeb8a436ad84665f52b5ee36e12edf0dad246ca6f68f0260f3a52ab46aa8dbb4631b0aaa0ba65d129245670a9e0dd2bded8f242dc540f1c136ee71bfc5cf8aac209df356be47e08c97d43572f6370b549308470e7a39da836b1475ccb65a20f4125b677a20b5c58139782df4d954bec7b8dfbab504b33d639b17b5bca628470f9579e4f36802b40ef3ea5c2c1b35d0d4fc5b5796057e506bfe8e54a65d2fcc77c6e093ee6503032500c211642c4860c30ce87a3cd2062f2be4279cea9819a16c718688b5b2f7118dabe5a3c73eb4c370dbd0e76271587fb3e9f449b74e430c5e631d105a8783d0ed127101e233350d4227dd3cdb48374bcb30dde25deb92f84ccfe932a8a3bb43ceff2340d4b212b5ec0aec4dcc6281802121acb83bfb21676abc65b0753e9c4c43cdbb3b75e785151729dc2f9222ac9c8cb00df7f11403a70849dd883b3df02b8bc5d528d9f566244cc90a91f9b27047907f09908c93aba7bae798d53429d09a576d87c224e9c54e21728ceab2daa9582d488eee429a623d6e9d29f0066f345e2e195e87a5a910d29f5cc0b423c19990f9a2690f105265cebbc7249744bc3854f1d6309d8c74b64ce0caea07b5f91e2ca61230b1b900fff47a7ebdcf77cfaac1494377ae484ebc1995d05b900edfefa390e9321351c31e7d35854eea3bfa06bf9db9832183d5929added809b2a0b73936eee98bf2f54e48bb7d51e3968a88a043ed3cf5d77d56e7e22e4752f6f32ed937c2f64bc87bd14a5988f5e94bd9a834056a2c59f552f3c98d9f756b63a30b2d23be15f8ebe25391370881c4e4447ba7008a6c4cc758557a687e04ab81e0b8a6cd0c3927c8752b4c5c2f57d313f7e18df9a565d4081bb62a954df544fdbc32c419e0c884c3cddc589a13c7d36e65937bbfa62af898c506d202afdc147b5476105851c9b1e4d6533cd032d5027727bb22638cde7ebf5576dca5"}, @jumbo={0xc2, 0x4, 0xc}, @jumbo={0xc2, 0x4, 0x5}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x21}}]}}}], 0x1068}}], 0x2, 0x4000010)

5.261593917s ago: executing program 5 (id=4255):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x100, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, &(0x7f00000002c0)={0x4000}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0x10000, 0x6, 0x2, 0x0, 0x8, 0xb, 0x651, 0xfffffffffffffffc, 0x9657, 0xfffffffffffffffe, 0x7fffffff, 0x0, 0xf9, 0xb, 0x80000000000000, 0x4, 0x1, 0x1, 0x80000001, 0x0, 0x0, 0x809, 0x800000, 0xfffffffffffffffa, 0x3, 0x2000000000004})
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_xen(0x0, 0x0, &(0x7f0000000180), 0x244404, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000140)={0xfa, 0x101, 0x1004, 0x4, 0xf, "24669c7029b3856e66e74b1117149e7a265ae1"})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
mknod(0x0, 0x0, 0x8000)
mount(&(0x7f0000000140)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./file0\x00', &(0x7f0000000580)='gfs2\x00', 0x3010003, &(0x7f0000000080)='norecovery')
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x8010, 0xffffffffffffffff, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0)

3.452522274s ago: executing program 2 (id=4256):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000280)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x1e, 0x4, 0x2101}]}}}}}}}}, 0x0)

3.430396588s ago: executing program 1 (id=4257):
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000887000/0x4000)=nil, 0x4000, 0x800001, 0x11, r0, 0xcc36f000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mremap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$sysctl(r5, &(0x7f0000000000)='1\x00', 0x2)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x98}}, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x5453, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.285782565s ago: executing program 2 (id=4258):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000500)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x854}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
landlock_create_ruleset(0x0, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
sendfile(r5, r5, 0x0, 0x40008)
r6 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000001540)={0x0, 0xfffffff9}, 0x8)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000000003dc771370100008096925ea30000000000000000008500000093e3916d800000954f70dc14086b6154fd3fb5b7f9b5718bbf9ac60900e4762063b448615c779071291ffffc2f5ef9"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)

3.284472452s ago: executing program 3 (id=4259):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001040)=@newqdisc={0x94, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0xc, 0x0, 0x1, [{0x4}]}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6]}}]}}]}, 0x94}}, 0x0) (fail_nth: 4)

3.277936768s ago: executing program 5 (id=4260):
io_uring_setup(0x7d9e, &(0x7f00000003c0)={0x0, 0xfdcf, 0x800, 0x1, 0x24})
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000280)=0x20, 0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f00000000c0)=0x10001, 0x12)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
write$input_event(0xffffffffffffffff, &(0x7f0000000140)={{}, 0x1, 0x37, 0x6}, 0x18)
mkdirat(0xffffffffffffffff, 0x0, 0x82)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = fsopen(&(0x7f00000003c0)='nfsd\x00', 0x1)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x6, 0x0, 0x0, 0x0)
getpid()
bind$qrtr(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNDEL(r4, 0x400442c9, &(0x7f0000000040)={0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}})
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0)
write$FUSE_BMAP(r1, 0x0, 0x0)

2.737363838s ago: executing program 3 (id=4261):
unshare(0x40020000)
mmap(&(0x7f0000087000/0x2000)=nil, 0x2000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000080)={'filter\x00', 0x4}, 0x68)

2.499601784s ago: executing program 1 (id=4262):
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000340))
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
gettid()
r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x10001, 0x2, 0x2})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000002c0)={0x2, @pix={0x4, 0xfffffffd, 0x32525942, 0x4, 0xfffffffb, 0x4, 0x6, 0x4, 0x0, 0x4, 0x1, 0x7}})
r1 = creat(&(0x7f00000006c0)='./file0\x00', 0x22)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x6a, 0x0, &(0x7f00000002c0)="000000e12779484bc1d0857cdb858adf0bdf08c1de93c61df7ab5baa85e91cf719402bbdef32a1bae860bee8357ba1e56379436a6f84d74e83df30197cc8e1d6238fb014a4b6f1dc270391ee80c6c0c83f90100497263bffa4ce75b23dc63b83bd360cb070e73ef78ddf", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40}, 0x4c)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[], 0x69)
close(r1)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="79610400000000000010"], 0x14}}, 0x0)

2.461703422s ago: executing program 6 (id=4263):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x20, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x4000014)
read$msr(r0, &(0x7f000001b000)=""/102400, 0x19000)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080))
r5 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r4)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xd}, @hci_ev_le_ltk_req={{}, {0xc8, 0x7fffffffffffffff, 0xf3}}}}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)

2.359732781s ago: executing program 6 (id=4264):
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000180))
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000001380)={<r1=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x3)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
io_uring_setup(0x4779, 0x0)
socket(0x10, 0x803, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_create_resource$binfmt(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc9, &(0x7f0000000740)=""/201, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffff0000, @void, @value}, 0x94)
close(r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="120000020000000000000000001fd4bf6766bd0ef5177f72cb72ba4db3c37ec24250792db061ac06515a10fa3a747ee184d1080ce496ec8ee144d7a52beab356c9347e5a7a6b3be57861bcf15cfb98d256e3f2e6f946a5ff1e9161671a2443b146289f4a2616045fd9d7ab995d8ada47f12d1615a6e8e99262b16bd93e79c6bc116fd0fa18d14b7c754e32f173e3664df0b7a4899fd9923f061672a0d6f47d1296c276cf3cd8c4db0131e451e587627439b6cb56f4b803a1f9d65a78261784e6ff5fa45700000000000000007dae5a75ad5212e9143903c22fd7a7c54cd26445eabf4b69fe26f0f9a7cd9f7ce9419de8dc5a44544dc93e0cfb05a3008c57ab7639160012b6d4637b5ca0a1"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r5, 0x0, 0x0, 0x1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$HIDIOCGFIELDINFO(r3, 0xc038480a, &(0x7f00000003c0)={0x2, 0xffffffff, 0x4, 0x3, 0x8, 0x40, 0x10001, 0x9, 0x2658, 0xd, 0x1, 0x5, 0x100, 0x3})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000100), &(0x7f00000001c0)=r3}, 0x20)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000840)="1f", 0x1}], 0x1}}], 0x3, 0x48800)
syz_usb_disconnect(0xffffffffffffffff)
shutdown(r6, 0x2)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r1)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000280)={{}, 0x4, 0x6, 0x8000000000000000})

2.280034758s ago: executing program 3 (id=4265):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x21, &(0x7f0000000600)={&(0x7f0000000000)={0x4c, r1, 0x1, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x25, 0x33, @action={{{}, {0x10}, @broadcast, @device_b, @initial, {0x0, 0x400}}, @addba_resp={0x3, 0x1, {0x3, 0x4, {0x1, 0x0, 0x2, 0x3f7}}}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x8, 0xcd, [0x4, 0x0]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xd0}, 0x0)

1.352056706s ago: executing program 1 (id=4266):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
getpriority(0x2, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r1, 0x0)
getsockopt$inet_mptcp_buf(r1, 0x11c, 0x4, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
sigaltstack(&(0x7f0000001280)={&(0x7f0000000280)=""/4088, 0x80000000, 0xffffffffffffff14}, 0x0)
sigaltstack(&(0x7f00000014c0)={0x0, 0x80000002}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r3 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
preadv(r3, 0x0, 0x0, 0x6, 0x0)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0x8, 0xaac3, 0x1, 0x2, 0x0, 0x4, 0x9, 0xa, 0x2, 0x7, 0x8, 0x200, 0x10000, 0x1400, 0x10, 0x3d, {0x4, 0x5}, 0xff, 0x2d}})
getsockopt$inet_buf(0xffffffffffffffff, 0x6, 0x29, 0x0, 0x0)

1.323977531s ago: executing program 3 (id=4267):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000013c0)={r0, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x7fffffff}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/icmp\x00')
read$rfkill(r1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00'})
r2 = io_uring_setup(0x2471, &(0x7f0000000280)={0x0, 0x4170, 0x1000, 0x0, 0x2e6})
io_uring_setup(0x5d8f, &(0x7f0000000400)={0x0, 0x3e64, 0x10, 0x2, 0x12d, 0x0, r2})
io_uring_setup(0x2a5a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$vim2m(0x0, 0x1000001, 0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000240)=0x5)
ioctl$TIOCMBIS(r4, 0x5416, &(0x7f0000000200)=0xffffffff)

455.630459ms ago: executing program 3 (id=4268):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000003c0)=@nat={'nat\x00', 0x670, 0x5, 0x3b0, 0x108, 0x1a0, 0xffffffff, 0x108, 0x108, 0x318, 0x318, 0xffffffff, 0x318, 0x108, 0x5, 0x0, {[{{@uncond, 0x0, 0xc0, 0x108, 0x0, {}, [@common=@inet=@ecn={{0x28}}, @common=@ttl={{0x28}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4=@dev}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x318}}, {{@uncond, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x4800}}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1c2, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x410)
bind$bt_rfcomm(r0, &(0x7f0000000080)={0x1f, @none, 0xff}, 0xa)
connect$bt_rfcomm(r0, &(0x7f00000000c0)={0x1f, @none, 0x6}, 0xa)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400)
socket$inet6_sctp(0xa, 0x801, 0x84)
unshare(0x20000600)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x3}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101701)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000000071102200000000009c000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x6, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x1}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x4004551e, &(0x7f0000000140)={0x9fc, 0x0, "5a77bd038786aeb879ca62cdab2a03fa560186d85b25a5665a3247e5000f7a9b905da88235f8a5447dd2a2fd6e910c2b21a100efb76cba37e33111d6847e0c7f719e169a596e5fc008dae0b74873b3210f472b1eaa007969d208ba7d34171113dc06726615380fe65a6a794220aa2b60bd6276fd8bb6363d10f70da60fd500b9fcbbd821b3000e4a62fb73c33424b437bb190300000000000000a60000f8ffffff0a82727ef14eee686be00b580984f93a13e4e8bbf599394baea3a9ca1864f0a25d6cc38fca32ad6b394de70400d2001457df7be7e1aefe3635b2eedbc1ddb94239b85a905ca147df97da00"})
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f00000000c0)=@usbdevfs_disconnect={0x3})

316.467682ms ago: executing program 6 (id=4269):
fsopen(&(0x7f0000000240)='xfs\x00', 0x40000)

141.578115ms ago: executing program 6 (id=4270):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
r0 = io_uring_setup(0x4aec, &(0x7f0000000140)={0x0, 0xea5e, 0x2, 0x3, 0x29a})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r0, 0x19, &(0x7f0000000040)={0x8, 0x9, 0x100000001}, 0x0)

140.306654ms ago: executing program 3 (id=4271):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000708000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
lsetxattr$system_posix_acl(0x0, &(0x7f0000000440)='system.posix_acl_access\x00', 0x0, 0x9, 0x1)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x0, &(0x7f00000003c0))
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, {&(0x7f0000000480)=""/4096, 0x1000, &(0x7f00000001c0)=""/217, 0x2, 0x2}}, 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001517ee690000007a00f6010203010902120001000000000904000000ff054900"], 0x0)
syz_usb_control_io$printer(r7, 0x0, &(0x7f0000000540)={0x34, &(0x7f0000000240)={0x20, 0x14, 0x11, "023b48312025c04b028dcb170b2f0547cd"}, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000004700)={'team0\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r8, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r9}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff01, 0x0, 0x0, 0x0, 0x90}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r9, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
ptrace$cont(0x9, r3, 0x10000, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="d5aaaaaaaa9b4a6d"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

119.969752ms ago: executing program 1 (id=4272):
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
socket$kcm(0x10, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4a2000, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0)
ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e20, @rand_addr=0x64010100}, {0x2, 0x4e21, @local}, {0x2, 0x4e23, @broadcast}, 0x200, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x9, 0xff9e})
landlock_create_ruleset(&(0x7f0000000300)={0x2114, 0x2, 0x3}, 0xfffffffffffffff3, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mlock2(&(0x7f0000909000/0x2000)=nil, 0x2000, 0x1)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42561, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0xd5)
r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x100010, r5, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r6)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f00000000c0)={'wg1\x00'})

119.439777ms ago: executing program 5 (id=4273):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}]}], {0x14}}, 0x58}, 0x1, 0x0, 0x0, 0x850}, 0x4004004)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="000a000000000fd60730000000000a0000000000000000000000000000000000000000000000000000000d00000000000000000000ef60fc4bd8ecc4e3200000000006004dee00000000000032acaace3269d47147"], 0xd0060) (fail_nth: 4)

0s ago: executing program 5 (id=4274):
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/73, 0x49, 0x400000000000000)
sched_setscheduler(0x0, 0x6, &(0x7f0000000180)=0x10)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x4e20, 0x3, 'rr\x00', 0x16, 0x2, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
r7 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r9 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)=<r10=>0x0)
timer_settime(r10, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$ax25_int(r7, 0x101, 0xc, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r8, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
pread64(r8, 0x0, 0x0, 0xce2)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
fsopen(&(0x7f0000000080)='autofs\x00', 0x0)

kernel console output (not intermixed with test programs):

syz.1.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1875d8e969 code=0x7ffc0000
[ 1558.804125][   T30] audit: type=1326 audit(1748668697.882:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2162 comm="syz.1.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f1875d8e969 code=0x7ffc0000
[ 1558.819908][T26603] hid-generic 0000:0000:0004.002D: unknown main item tag 0x0
[ 1558.864703][   T30] audit: type=1326 audit(1748668697.882:4893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2162 comm="syz.1.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1875d8e969 code=0x7ffc0000
[ 1558.891842][   T30] audit: type=1326 audit(1748668697.882:4894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2162 comm="syz.1.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1875d8e969 code=0x7ffc0000
[ 1558.891878][T26603] hid-generic 0000:0000:0004.002D: unknown main item tag 0x0
[ 1558.963054][T11896] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1559.022452][T11896] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1559.089658][   T30] audit: type=1326 audit(1748668697.882:4895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2162 comm="syz.1.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1875d8d2d0 code=0x7ffc0000
[ 1559.113174][T26603] hid-generic 0000:0000:0004.002D: collection stack underflow
[ 1559.113198][T26603] hid-generic 0000:0000:0004.002D: item 0 0 0 12 parsing failed
[ 1559.180936][T11896] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1559.185844][T26603] hid-generic 0000:0000:0004.002D: probe with driver hid-generic failed with error -22
[ 1559.303988][T11896] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1559.325542][T11896] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1559.334315][T11896] usb 2-1: Product: syz
[ 1559.338602][T11896] usb 2-1: Manufacturer: syz
[ 1559.366159][T11896] usb 2-1: SerialNumber: syz
[ 1559.412724][   T30] audit: type=1326 audit(1748668697.882:4896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2162 comm="syz.1.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1875d8e56b code=0x7ffc0000
[ 1559.892007][ T2218] syz.4.3880: attempt to access beyond end of device
[ 1559.892007][ T2218] loop4: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1559.908081][ T2218] gfs2: error -5 reading superblock
[ 1560.217220][T11896] usb 2-1: 0:2 : does not exist
[ 1560.441149][T26603] usb 2-1: USB disconnect, device number 80
[ 1561.296041][ T2250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1561.305528][ T2250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1562.276410][ T2258] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1562.629416][ T2260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3885'.
[ 1563.971048][ T2281] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1565.776983][ T5822] Bluetooth: hci0: command 0x0405 tx timeout
[ 1566.256680][ T2310] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3896'.
[ 1566.268879][   T30] kauditd_printk_skb: 90 callbacks suppressed
[ 1566.268895][   T30] audit: type=1400 audit(1748668706.082:4987): avc:  denied  { accept } for  pid=2309 comm="syz.3.3896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1567.558449][   T30] audit: type=1400 audit(1748668707.372:4988): avc:  denied  { create } for  pid=2330 comm="syz.3.3902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1567.559791][ T2331] [U] ³•¯1WT`8ºÁÍÇÚH$Ô0©·ÑÃÝ9\
[ 1567.607557][ T2331] [U] ;2}U‚˜GVÏÄ¥ËÚ#ÈO9ÏÔÕ¥>-ƒÊß´ÜS…Ý¢šÕP
[ 1567.623222][ T2331] [U] 4°×XZ^Yˆ±„™)�ÛÀ´´ÈMÕC°¼.ŒOÅÈžÛPšO¼­W
[ 1567.629761][ T2331] [U] ‚ä%�Z
[ 1567.633483][ T2331] [U] ¾8`Ñ}—[TÃÚJ#ZÏ~»Ž3µݥI~ÇD‚%8@7J÷ÝÍ|{9Dœ¤C¤ÏÜE+ÇOÆK?%§6
[ 1567.721309][ T2333] netlink: 'syz.4.3901': attribute type 39 has an invalid length.
[ 1567.922206][ T2324] overlayfs: failed to resolve './file0': -2
[ 1568.091147][ T2330] [U] ®ÛP>BÐ�Ì–ÖZ%
[ 1568.417844][ T5822] Bluetooth: hci2: command 0x0405 tx timeout
[ 1569.137069][ T2356] FAULT_INJECTION: forcing a failure.
[ 1569.137069][ T2356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1569.150248][ T2356] CPU: 1 UID: 0 PID: 2356 Comm: syz.1.3905 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1569.150280][ T2356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1569.150291][ T2356] Call Trace:
[ 1569.150298][ T2356]  <TASK>
[ 1569.150305][ T2356]  dump_stack_lvl+0x16c/0x1f0
[ 1569.150331][ T2356]  should_fail_ex+0x512/0x640
[ 1569.150358][ T2356]  _copy_from_user+0x2e/0xd0
[ 1569.150384][ T2356]  drm_ioctl+0x4fb/0xc30
[ 1569.150413][ T2356]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 1569.150436][ T2356]  ? __pfx_drm_ioctl+0x10/0x10
[ 1569.150469][ T2356]  ? selinux_file_ioctl+0x180/0x270
[ 1569.150491][ T2356]  ? selinux_file_ioctl+0xb4/0x270
[ 1569.150514][ T2356]  ? __pfx_drm_ioctl+0x10/0x10
[ 1569.150539][ T2356]  __x64_sys_ioctl+0x18e/0x210
[ 1569.150567][ T2356]  do_syscall_64+0xcd/0x4c0
[ 1569.150589][ T2356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1569.150607][ T2356] RIP: 0033:0x7f1875d8e969
[ 1569.150622][ T2356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1569.150638][ T2356] RSP: 002b:00007f1876b33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1569.150655][ T2356] RAX: ffffffffffffffda RBX: 00007f1875fb6160 RCX: 00007f1875d8e969
[ 1569.150666][ T2356] RDX: 0000200000000540 RSI: 00000000c05064a7 RDI: 0000000000000006
[ 1569.150677][ T2356] RBP: 00007f1876b33090 R08: 0000000000000000 R09: 0000000000000000
[ 1569.150687][ T2356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1569.150698][ T2356] R13: 0000000000000000 R14: 00007f1875fb6160 R15: 00007ffeeb7c86f8
[ 1569.150721][ T2356]  </TASK>
[ 1569.312613][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1569.357065][ T2360] FAULT_INJECTION: forcing a failure.
[ 1569.357065][ T2360] name failslab, interval 1, probability 0, space 0, times 0
[ 1569.369823][ T2360] CPU: 0 UID: 0 PID: 2360 Comm: syz.0.3906 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1569.369838][ T2360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1569.369845][ T2360] Call Trace:
[ 1569.369850][ T2360]  <TASK>
[ 1569.369856][ T2360]  dump_stack_lvl+0x16c/0x1f0
[ 1569.369871][ T2360]  should_fail_ex+0x512/0x640
[ 1569.369888][ T2360]  should_failslab+0xc2/0x120
[ 1569.369901][ T2360]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1569.369914][ T2360]  ? __inet_hash_connect+0x7cb/0x1e30
[ 1569.369930][ T2360]  __inet_hash_connect+0x7cb/0x1e30
[ 1569.369946][ T2360]  ? __pfx___inet6_check_established+0x10/0x10
[ 1569.369963][ T2360]  ? __pfx___inet_hash_connect+0x10/0x10
[ 1569.369978][ T2360]  ? inet6_hash_connect+0xe2/0x180
[ 1569.369993][ T2360]  tcp_v6_connect+0x1301/0x2170
[ 1569.370007][ T2360]  ? stack_trace_save+0x8e/0xc0
[ 1569.370021][ T2360]  ? __pfx_tcp_v6_connect+0x10/0x10
[ 1569.370035][ T2360]  ? kasan_save_stack+0x33/0x60
[ 1569.370046][ T2360]  ? tcp_sendmsg_fastopen+0x24d/0x750
[ 1569.370056][ T2360]  ? tcp_sendmsg_locked+0x190d/0x4300
[ 1569.370064][ T2360]  ? tcp_sendmsg+0x2e/0x50
[ 1569.370073][ T2360]  ? inet6_sendmsg+0xb9/0x140
[ 1569.370085][ T2360]  ? __sys_sendto+0x376/0x520
[ 1569.370095][ T2360]  ? __x64_sys_sendto+0xe0/0x1c0
[ 1569.370112][ T2360]  ? __inet_stream_connect+0x3c8/0x1020
[ 1569.370126][ T2360]  __inet_stream_connect+0x3c8/0x1020
[ 1569.370139][ T2360]  ? __pfx___inet_stream_connect+0x10/0x10
[ 1569.370156][ T2360]  tcp_sendmsg_fastopen+0x3ed/0x750
[ 1569.370169][ T2360]  tcp_sendmsg_locked+0x190d/0x4300
[ 1569.370181][ T2360]  ? avc_has_perm+0x11a/0x1c0
[ 1569.370200][ T2360]  ? __lock_acquire+0xb8a/0x1c90
[ 1569.370217][ T2360]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1569.370228][ T2360]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1569.370244][ T2360]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1569.370264][ T2360]  ? __local_bh_enable_ip+0xa4/0x120
[ 1569.370276][ T2360]  tcp_sendmsg+0x2e/0x50
[ 1569.370285][ T2360]  ? __pfx_tcp_sendmsg+0x10/0x10
[ 1569.370295][ T2360]  inet6_sendmsg+0xb9/0x140
[ 1569.370307][ T2360]  __sys_sendto+0x376/0x520
[ 1569.370318][ T2360]  ? __pfx___sys_sendto+0x10/0x10
[ 1569.370338][ T2360]  ? ksys_write+0x1ac/0x250
[ 1569.370349][ T2360]  ? __pfx_ksys_write+0x10/0x10
[ 1569.370360][ T2360]  __x64_sys_sendto+0xe0/0x1c0
[ 1569.370369][ T2360]  ? do_syscall_64+0x91/0x4c0
[ 1569.370382][ T2360]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1569.370394][ T2360]  do_syscall_64+0xcd/0x4c0
[ 1569.370406][ T2360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1569.370417][ T2360] RIP: 0033:0x7fb65998e969
[ 1569.370427][ T2360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1569.370439][ T2360] RSP: 002b:00007fb65a74f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1569.370449][ T2360] RAX: ffffffffffffffda RBX: 00007fb659bb5fa0 RCX: 00007fb65998e969
[ 1569.370456][ T2360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1569.370463][ T2360] RBP: 00007fb65a74f090 R08: 0000200000000340 R09: 000000000000001c
[ 1569.370469][ T2360] R10: 00000000200000c5 R11: 0000000000000246 R12: 0000000000000001
[ 1569.370476][ T2360] R13: 0000000000000000 R14: 00007fb659bb5fa0 R15: 00007ffd97ae1a28
[ 1569.370489][ T2360]  </TASK>
[ 1571.424790][ T2378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3908'.
[ 1571.850674][   T24] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1572.621301][   T24] usb 3-1: Using ep0 maxpacket: 8
[ 1572.643251][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1572.668050][   T24] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1572.697621][   T24] usb 3-1: config 1 has no interface number 1
[ 1572.799103][   T24] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1572.815926][   T24] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1572.828323][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1572.836645][   T24] usb 3-1: Product: syz
[ 1572.869984][   T24] usb 3-1: Manufacturer: syz
[ 1572.880127][   T24] usb 3-1: SerialNumber: syz
[ 1572.886668][ T2410] kAFS: No cell specified
[ 1572.961234][   T30] audit: type=1400 audit(1748668712.782:4989): avc:  denied  { read } for  pid=2407 comm="syz.0.3916" path="socket:[86763]" dev="sockfs" ino=86763 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1572.984602][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1573.239297][ T2409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1573.250117][ T2409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1574.242967][   T30] audit: type=1400 audit(1748668714.042:4990): avc:  denied  { bind } for  pid=2431 comm="syz.3.3919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1574.539831][ T2441] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3920'.
[ 1575.265847][   T24] usb 3-1: found format II with max.bitrate = 9, frame size=65528
[ 1575.298133][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1575.410488][   T24] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1575.434081][   T24] usb 3-1: USB disconnect, device number 80
[ 1575.450175][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.132511][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.140029][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.147604][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.156413][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.163938][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.190603][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.389202][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.419636][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.458348][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.485669][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1576.560655][   T30] audit: type=1400 audit(1748668716.372:4991): avc:  denied  { setopt } for  pid=2483 comm="syz.2.3924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1576.566994][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.421254][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.428759][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.453240][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.497511][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.509196][ T2433] syz.3.3919: vmalloc error: size 566231040, failed to allocated page array size 1105920, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1577.531250][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.538681][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.548229][ T2433] CPU: 0 UID: 0 PID: 2433 Comm: syz.3.3919 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1577.548253][ T2433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1577.548261][ T2433] Call Trace:
[ 1577.548265][ T2433]  <TASK>
[ 1577.548269][ T2433]  dump_stack_lvl+0x16c/0x1f0
[ 1577.548288][ T2433]  warn_alloc+0x248/0x3a0
[ 1577.548300][ T2433]  ? __pfx_warn_alloc+0x10/0x10
[ 1577.548319][ T2433]  ? vb2_vmalloc_alloc+0x135/0x3f0
[ 1577.548335][ T2433]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1577.548353][ T2433]  __vmalloc_node_range_noprof+0x10f4/0x1520
[ 1577.548373][ T2433]  ? vb2_vmalloc_alloc+0x135/0x3f0
[ 1577.548391][ T2433]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1577.548411][ T2433]  ? vb2_vmalloc_alloc+0x135/0x3f0
[ 1577.548426][ T2433]  vmalloc_user_noprof+0x9e/0xe0
[ 1577.548445][ T2433]  ? vb2_vmalloc_alloc+0x135/0x3f0
[ 1577.548460][ T2433]  vb2_vmalloc_alloc+0x135/0x3f0
[ 1577.548476][ T2433]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[ 1577.548490][ T2433]  __vb2_queue_alloc+0x8c6/0x1280
[ 1577.548511][ T2433]  vb2_core_reqbufs+0xa90/0xfe0
[ 1577.548529][ T2433]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1577.548551][ T2433]  __vb2_init_fileio+0x3f1/0x1100
[ 1577.548565][ T2433]  ? __mutex_lock+0x1ca/0xb90
[ 1577.548578][ T2433]  ? vb2_fop_read+0xe6/0x3e0
[ 1577.548592][ T2433]  __vb2_perform_fileio+0x9c2/0x1660
[ 1577.548610][ T2433]  ? __pfx___vb2_perform_fileio+0x10/0x10
[ 1577.548629][ T2433]  vb2_fop_read+0x215/0x3e0
[ 1577.548645][ T2433]  v4l2_read+0x226/0x360
[ 1577.548655][ T2433]  ? __pfx_v4l2_read+0x10/0x10
[ 1577.548666][ T2433]  vfs_read+0x1e4/0xc60
[ 1577.548685][ T2433]  ? __pfx_vfs_read+0x10/0x10
[ 1577.548700][ T2433]  ? find_held_lock+0x2b/0x80
[ 1577.548718][ T2433]  ? __fget_files+0x204/0x3c0
[ 1577.548731][ T2433]  ? __fget_files+0x20e/0x3c0
[ 1577.548745][ T2433]  __x64_sys_pread64+0x1eb/0x250
[ 1577.548756][ T2433]  ? __pfx___x64_sys_pread64+0x10/0x10
[ 1577.548770][ T2433]  do_syscall_64+0xcd/0x4c0
[ 1577.548783][ T2433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1577.548794][ T2433] RIP: 0033:0x7eff3658e969
[ 1577.548804][ T2433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1577.548814][ T2433] RSP: 002b:00007eff37315038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[ 1577.548825][ T2433] RAX: ffffffffffffffda RBX: 00007eff367b6080 RCX: 00007eff3658e969
[ 1577.548832][ T2433] RDX: 00000000fffffe69 RSI: 0000200000000180 RDI: 0000000000000008
[ 1577.548838][ T2433] RBP: 00007eff36610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1577.548845][ T2433] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1577.548851][ T2433] R13: 0000000000000000 R14: 00007eff367b6080 R15: 00007fff40b9e4f8
[ 1577.548864][ T2433]  </TASK>
[ 1577.548916][ T2433] Mem-Info:
[ 1577.829288][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.836908][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.844522][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.852063][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.898153][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1577.928205][ T2433] active_anon:5447 inactive_anon:0 isolated_anon:0
[ 1577.928205][ T2433]  active_file:24089 inactive_file:41162 isolated_file:0
[ 1577.928205][ T2433]  unevictable:768 dirty:544 writeback:0
[ 1577.928205][ T2433]  slab_reclaimable:13255 slab_unreclaimable:108272
[ 1577.928205][ T2433]  mapped:33469 shmem:2964 pagetables:732
[ 1577.928205][ T2433]  sec_pagetables:0 bounce:0
[ 1577.928205][ T2433]  kernel_misc_reclaimable:0
[ 1577.928205][ T2433]  free:1277729 free_pcp:6457 free_cma:0
[ 1578.067072][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.257861][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.277408][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.285696][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.295556][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.304015][ T2433] Node 0 active_anon:25964kB inactive_anon:0kB active_file:96260kB inactive_file:164452kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137716kB dirty:2300kB writeback:0kB shmem:14236kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11184kB pagetables:2956kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1578.338600][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.357996][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.365840][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.373755][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.390717][ T2433] Node 1 active_anon:0kB inactive_anon:0kB active_file:96kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:84kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1578.430796][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.454381][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.462332][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.470466][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.484417][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.491828][ T2433] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1578.491907][ T2433] lowmem_reserve[]: 0 2481 2482 2482 2482
[ 1578.491939][ T2433] Node 0 DMA32 free:1165988kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB active_anon:27136kB inactive_anon:0kB active_file:96260kB inactive_file:163128kB unevictable:1536kB writepending:2300kB present:3129332kB managed:2540884kB mlocked:0kB bounce:0kB free_pcp:26264kB local_pcp:2496kB free_cma:0kB
[ 1578.491985][ T2433] lowmem_reserve[]: 0 0 1 1 1
[ 1578.492020][ T2433] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:28kB free_cma:0kB
[ 1578.492063][ T2433] lowmem_reserve[]: 0 0 0 0 0
[ 1578.492097][ T2433] Node 1 Normal free:3923488kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:96kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1578.492144][ T2433] lowmem_reserve[]: 0 0 0 0 0
[ 1578.492178][ T2433] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1578.492320][ T2433] Node 0 DMA32: 1*4kB (U) 2*8kB (ME) 757*16kB (ME) 657*32kB (UME) 252*64kB (ME) 66*128kB (UME) 37*256kB (M) 26*512kB (ME) 8*1024kB (M) 4*2048kB (ME) 261*4096kB (UM) = 1165956kB
[ 1578.492473][ T2433] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1578.492577][ T2433] Node 1 Normal: 196*4kB (UME) 42*8kB (UME) 42*16kB 
[ 1578.530104][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.775301][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.785433][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.795213][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.813419][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.821431][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.829363][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1578.838352][ T2433] (UME) 221*32kB (UE) 94*64kB (UME) 30*128kB (UME) 15*256kB (UME) 9*512kB (UME) 3*1024kB (UME) 3*2048kB (UE) 949*4096kB (M) = 3923488kB
[ 1578.854328][ T2509] FAULT_INJECTION: forcing a failure.
[ 1578.854328][ T2509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1578.878062][ T2509] CPU: 0 UID: 0 PID: 2509 Comm: syz.0.3927 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1578.878089][ T2509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1578.878100][ T2509] Call Trace:
[ 1578.878106][ T2509]  <TASK>
[ 1578.878117][ T2509]  dump_stack_lvl+0x16c/0x1f0
[ 1578.878144][ T2509]  should_fail_ex+0x512/0x640
[ 1578.878172][ T2509]  _copy_from_user+0x2e/0xd0
[ 1578.878198][ T2509]  kstrtouint_from_user+0xd6/0x1d0
[ 1578.878218][ T2509]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1578.878242][ T2509]  ? __lock_acquire+0xb8a/0x1c90
[ 1578.878276][ T2509]  proc_fail_nth_write+0x83/0x250
[ 1578.878295][ T2509]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1578.878320][ T2509]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1578.878337][ T2509]  vfs_write+0x29d/0x1150
[ 1578.878359][ T2509]  ? __pfx___mutex_lock+0x10/0x10
[ 1578.878380][ T2509]  ? __pfx_vfs_write+0x10/0x10
[ 1578.878404][ T2509]  ? __fget_files+0x20e/0x3c0
[ 1578.878431][ T2509]  ksys_write+0x12a/0x250
[ 1578.878447][ T2509]  ? __pfx_ksys_write+0x10/0x10
[ 1578.878470][ T2509]  do_syscall_64+0xcd/0x4c0
[ 1578.878491][ T2509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1578.878509][ T2509] RIP: 0033:0x7fb65998d41f
[ 1578.878525][ T2509] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1578.878542][ T2509] RSP: 002b:00007fb65a72e030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1578.878560][ T2509] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb65998d41f
[ 1578.878571][ T2509] RDX: 0000000000000001 RSI: 00007fb65a72e0a0 RDI: 0000000000000003
[ 1578.878582][ T2509] RBP: 00007fb65a72e090 R08: 0000000000000000 R09: 0000000000000000
[ 1578.878593][ T2509] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1578.878604][ T2509] R13: 0000000000000001 R14: 00007fb659bb6080 R15: 00007ffd97ae1a28
[ 1578.878629][ T2509]  </TASK>
[ 1579.201293][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.218258][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.232207][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.240587][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.250570][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.265406][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.278052][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.290830][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.299289][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.307286][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.317795][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.325781][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.333686][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.336722][ T2433] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1579.360950][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.484929][ T2433] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1579.505145][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.520728][ T2433] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1579.538302][ T2433] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1579.556830][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.561824][ T2433] 69001 total pagecache pages
[ 1579.580621][ T2433] 0 pages in swap cache
[ 1579.588097][ T2433] Free swap  = 124996kB
[ 1579.594360][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.596705][   T30] audit: type=1400 audit(1748668719.412:4992): avc:  denied  { write } for  pid=2512 comm="syz.0.3929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1579.624515][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.632245][ T2433] Total swap = 124996kB
[ 1579.636449][ T2433] 2097051 pages RAM
[ 1579.640279][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.650478][ T2433] 0 pages HighMem/MovableOnly
[ 1579.660148][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.663980][ T2433] 429852 pages reserved
[ 1579.776486][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.780571][ T2433] 0 pages cma reserved
[ 1579.784057][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.798795][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.806392][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.820594][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.842174][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1579.849794][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.302944][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.674984][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.779598][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.787601][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.796328][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.804244][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.811845][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.819383][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.827131][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1580.847300][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1581.390059][T26603] hid-generic 0000:0000:0004.002E: unknown main item tag 0x0
[ 1581.521439][T26603] hid-generic 0000:0000:0004.002E: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[ 1583.669392][   T30] audit: type=1400 audit(1748668723.482:4993): avc:  denied  { ioctl } for  pid=2570 comm="syz.4.3938" path="socket:[87589]" dev="sockfs" ino=87589 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1584.385978][ T1095] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1584.620898][ T5863] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1584.662551][ T2595] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3941'.
[ 1585.144505][ T1095] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1585.158925][ T5863] usb 4-1: config 1 has an invalid descriptor of length 38, skipping remainder of the config
[ 1585.191359][ T5863] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1585.233138][ T5863] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1585.813353][ T1095] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1585.820566][ T5863] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1585.841140][ T5863] usb 4-1: Product: syz
[ 1585.845387][ T5863] usb 4-1: Manufacturer: syz
[ 1585.850021][ T5863] usb 4-1: SerialNumber: syz
[ 1585.890019][ T2579] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1586.441536][T26538] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1586.461118][T26538] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1586.470973][T26538] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1586.482697][T26538] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1586.491978][T26538] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1586.798705][ T2579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1586.807326][ T2579] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1586.823098][ T5863] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[ 1586.851972][ T1095] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1586.853219][ T5863] usb 4-1: USB disconnect, device number 83
[ 1586.957985][ T2636] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1586.974041][ T2636] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1587.260051][ T1095] bridge_slave_1: left allmulticast mode
[ 1587.281346][ T1095] bridge_slave_1: left promiscuous mode
[ 1587.288305][ T1095] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1587.339565][ T2704] netlink: 'syz.4.3948': attribute type 11 has an invalid length.
[ 1587.348151][ T2704] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3948'.
[ 1587.765824][ T1095] bridge_slave_0: left allmulticast mode
[ 1587.780695][ T5863] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1587.789204][ T1095] bridge_slave_0: left promiscuous mode
[ 1587.799927][ T1095] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1588.005975][ T5863] usb 4-1: Using ep0 maxpacket: 8
[ 1588.018913][ T5863] usb 4-1: config index 0 descriptor too short (expected 301, got 72)
[ 1588.031349][ T5863] usb 4-1: config 16 has an invalid descriptor of length 38, skipping remainder of the config
[ 1588.043561][ T5863] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1588.073265][ T5863] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1588.116199][ T5863] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1588.137242][ T5863] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1588.157047][ T5863] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9232, setting to 1024
[ 1588.168868][ T5863] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1588.186279][ T5863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1588.230351][ T5863] usb 4-1: can't set config #16, error -71
[ 1588.246938][ T5863] usb 4-1: USB disconnect, device number 84
[ 1588.600692][T26538] Bluetooth: hci0: command tx timeout
[ 1588.767950][ T2734] netlink: 'syz.3.3954': attribute type 4 has an invalid length.
[ 1589.011939][ T1095] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1589.067529][ T1095] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1589.096427][ T1095] bond0 (unregistering): Released all slaves
[ 1589.603606][ T2612] chnl_net:caif_netlink_parms(): no params data found
[ 1590.682388][T26538] Bluetooth: hci0: command tx timeout
[ 1590.725203][ T1095] hsr_slave_0: left promiscuous mode
[ 1591.737763][ T1095] hsr_slave_1: left promiscuous mode
[ 1591.820731][ T5863] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1592.013202][ T5863] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1592.025787][ T5863] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1592.480754][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1592.482087][ T5863] usb 2-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 1592.497511][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1592.669009][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1592.674355][ T5863] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1592.686970][ T5863] usb 2-1: config 0 descriptor??
[ 1592.692718][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1592.736184][ T1095] veth1_macvtap: left promiscuous mode
[ 1592.741917][ T1095] veth0_macvtap: left promiscuous mode
[ 1592.747528][ T1095] veth1_vlan: left promiscuous mode
[ 1592.754705][ T1095] veth0_vlan: left promiscuous mode
[ 1592.773265][T26538] Bluetooth: hci0: command tx timeout
[ 1593.258345][ T1095] team0 (unregistering): Port device team_slave_1 removed
[ 1593.311866][ T1095] team0 (unregistering): Port device team_slave_0 removed
[ 1593.405630][ T2927] netlink: 'syz.1.3959': attribute type 11 has an invalid length.
[ 1593.437900][ T2927] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3959'.
[ 1594.117851][ T2612] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1594.128244][ T2612] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1594.139930][ T2612] bridge_slave_0: entered allmulticast mode
[ 1594.148054][ T2612] bridge_slave_0: entered promiscuous mode
[ 1594.632883][ T5913] usb 5-1: USB disconnect, device number 51
[ 1594.653914][ T2612] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1594.676012][ T2612] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1594.703766][ T2612] bridge_slave_1: entered allmulticast mode
[ 1594.736715][ T2612] bridge_slave_1: entered promiscuous mode
[ 1594.843329][T26538] Bluetooth: hci0: command tx timeout
[ 1594.892397][ T2612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1594.963622][ T2612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1595.069986][ T2612] team0: Port device team_slave_0 added
[ 1595.096508][ T2612] team0: Port device team_slave_1 added
[ 1595.478140][ T5863] usbhid 2-1:0.0: can't add hid device: -71
[ 1595.486515][ T5863] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1595.506913][ T5863] usb 2-1: USB disconnect, device number 81
[ 1595.532540][   T30] audit: type=1400 audit(1748668735.332:4994): avc:  denied  { getopt } for  pid=3028 comm="syz.3.3965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1595.661998][ T2612] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1595.688041][ T2612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1595.809253][ T2612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1595.862203][ T2612] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1595.889328][ T2612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1596.074324][ T2612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1596.417021][ T2612] hsr_slave_0: entered promiscuous mode
[ 1596.454842][ T2612] hsr_slave_1: entered promiscuous mode
[ 1596.455369][ T5822] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1596.479333][ T5822] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1596.489069][ T5822] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1596.500908][ T5822] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1596.511206][ T5822] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1596.606780][ T1095] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1596.636014][ T1095] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 39923 - 0
[ 1596.647943][ T1095] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 56322 - 0
[ 1596.944510][ T3110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3967'.
[ 1597.208040][ T1095] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1597.218611][ T1095] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 39923 - 0
[ 1597.230614][ T1095] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 56322 - 0
[ 1597.319898][ T1095] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1597.333707][ T1095] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 39923 - 0
[ 1597.344580][ T1095] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 56322 - 0
[ 1597.529780][ T1095] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1597.563286][ T1095] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 39923 - 0
[ 1597.599199][ T1095] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 56322 - 0
[ 1598.592720][ T2612] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1598.600711][T26538] Bluetooth: hci1: command tx timeout
[ 1598.602949][ T2612] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1598.617667][ T2612] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1598.635888][ T1095] bridge_slave_1: left allmulticast mode
[ 1598.642455][ T1095] bridge_slave_1: left promiscuous mode
[ 1598.648295][ T1095] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1598.658167][ T1095] bridge_slave_0: left allmulticast mode
[ 1598.667275][ T1095] bridge_slave_0: left promiscuous mode
[ 1598.678933][ T1095] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1598.880921][ T3293] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1600.329141][ T1095] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1600.460105][ T1095] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1600.582967][ T1095] bond0 (unregistering): Released all slaves
[ 1600.601180][ T2612] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1600.628722][ T3067] chnl_net:caif_netlink_parms(): no params data found
[ 1600.689416][T26538] Bluetooth: hci1: command tx timeout
[ 1602.039080][ T3067] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1602.142672][ T3067] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1602.153105][ T3067] bridge_slave_0: entered allmulticast mode
[ 1602.161423][ T3067] bridge_slave_0: entered promiscuous mode
[ 1602.181519][ T3067] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1602.188627][ T3067] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1602.206231][ T3067] bridge_slave_1: entered allmulticast mode
[ 1602.220709][ T3067] bridge_slave_1: entered promiscuous mode
[ 1602.580725][ T5913] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1602.852921][T26538] Bluetooth: hci1: command tx timeout
[ 1602.995059][ T3067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1603.044081][ T3067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1603.056641][ T1095] hsr_slave_0: left promiscuous mode
[ 1603.062901][ T1095] hsr_slave_1: left promiscuous mode
[ 1603.068868][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1603.077884][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1603.087065][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1603.095296][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1603.102837][ T5913] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1603.114569][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1603.194604][ T1095] veth1_macvtap: left promiscuous mode
[ 1603.208458][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1603.219331][ T5913] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1603.235436][ T5913] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1603.245266][ T5913] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1603.245318][ T1095] veth0_macvtap: left promiscuous mode
[ 1603.266503][ T5913] usb 3-1: config 0 descriptor??
[ 1603.587311][ T3447] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3982'.
[ 1604.273102][ T3444] syz.1.3983: attempt to access beyond end of device
[ 1604.273102][ T3444] loop1: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1604.286792][ T3444] gfs2: error -5 reading superblock
[ 1604.437498][ T5913] plantronics 0003:047F:FFFF.002F: unknown main item tag 0x0
[ 1604.451238][ T5913] plantronics 0003:047F:FFFF.002F: unknown main item tag 0x0
[ 1604.458711][ T5913] plantronics 0003:047F:FFFF.002F: unknown main item tag 0x0
[ 1604.467035][ T5913] plantronics 0003:047F:FFFF.002F: unknown main item tag 0x0
[ 1604.474760][ T5913] plantronics 0003:047F:FFFF.002F: unknown main item tag 0x0
[ 1604.482918][ T5913] plantronics 0003:047F:FFFF.002F: No inputs registered, leaving
[ 1604.497569][ T5913] plantronics 0003:047F:FFFF.002F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1604.593568][ T1095] team0 (unregistering): Port device team_slave_1 removed
[ 1604.630244][ T1095] team0 (unregistering): Port device team_slave_0 removed
[ 1604.650917][T26603] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1604.745403][ T5913] usb 3-1: USB disconnect, device number 81
[ 1604.827499][T26603] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1604.839476][T26603] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1604.851361][T26603] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1604.863252][T26603] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1604.876593][T26603] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1604.888892][T26603] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1604.899194][T26603] usb 2-1: config 0 descriptor??
[ 1604.935074][T26538] Bluetooth: hci1: command tx timeout
[ 1605.193400][ T2612] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1605.215089][ T2612] 8021q: adding VLAN 0 to HW filter on device team0
[ 1605.336335][T26603] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[ 1605.360164][T26603] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[ 1605.379516][T26603] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[ 1605.387659][T26603] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[ 1605.399547][T26603] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[ 1605.408931][T26603] plantronics 0003:047F:FFFF.0030: No inputs registered, leaving
[ 1605.416151][ T3067] team0: Port device team_slave_0 added
[ 1605.433453][ T3067] team0: Port device team_slave_1 added
[ 1605.433586][T26603] plantronics 0003:047F:FFFF.0030: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1605.453801][T25390] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1605.460998][T25390] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1605.469504][T25390] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1605.476653][T25390] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1606.024845][ T3513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3985'.
[ 1606.088392][ T3067] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1606.095515][ T3067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1606.122128][ T3067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1606.141244][ T5863] usb 2-1: USB disconnect, device number 82
[ 1606.164455][ T3067] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1606.178572][ T3067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1606.211345][ T3067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1606.704849][ T3067] hsr_slave_0: entered promiscuous mode
[ 1606.715148][ T3067] hsr_slave_1: entered promiscuous mode
[ 1606.721815][ T3564] syz.3.3987: attempt to access beyond end of device
[ 1606.721815][ T3564] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1606.735151][ T3564] gfs2: error -5 reading superblock
[ 1606.751309][ T3067] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1606.763378][ T3067] Cannot create hsr debugfs directory
[ 1606.776557][ T2612] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1606.807274][ T1095] IPVS: stop unused estimator thread 0...
[ 1607.662869][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.669286][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.448456][ T3681] syz.2.3992: attempt to access beyond end of device
[ 1608.448456][ T3681] loop2: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1608.547958][ T3681] gfs2: error -5 reading superblock
[ 1608.612951][ T2612] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1608.649994][ T3067] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1608.671352][ T5864] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1608.702133][ T3067] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1608.813017][ T3067] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1608.841616][ T3067] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1608.845381][ T5864] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1608.904799][ T5864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1608.938752][ T5864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1608.965058][ T5864] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1608.998797][ T5864] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1609.036000][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1609.074274][ T5864] usb 4-1: config 0 descriptor??
[ 1609.165273][ T3067] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1609.226604][ T3704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3994'.
[ 1609.679555][ T5864] plantronics 0003:047F:FFFF.0031: ignoring exceeding usage max
[ 1609.692154][ T5864] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[ 1609.701938][ T5864] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[ 1609.709415][ T5864] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[ 1609.717956][ T3067] 8021q: adding VLAN 0 to HW filter on device team0
[ 1609.727854][ T5864] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[ 1609.750566][ T5864] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[ 1609.758745][ T5864] plantronics 0003:047F:FFFF.0031: No inputs registered, leaving
[ 1609.797303][ T5864] plantronics 0003:047F:FFFF.0031: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1609.835043][T23146] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1609.842219][T23146] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1610.146301][ T2612] veth0_vlan: entered promiscuous mode
[ 1610.196626][T23147] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1610.203765][T23147] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1610.252601][ T5864] usb 4-1: USB disconnect, device number 85
[ 1610.279520][ T3067] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1610.294210][ T3067] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1610.319852][ T2612] veth1_vlan: entered promiscuous mode
[ 1610.392973][ T2612] veth0_macvtap: entered promiscuous mode
[ 1610.511859][ T2612] veth1_macvtap: entered promiscuous mode
[ 1610.529111][ T2612] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1610.545632][ T2612] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1610.562845][ T2612] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.582465][ T2612] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.592636][ T2612] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.603991][ T2612] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1611.131576][T28099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1611.144452][T28099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1611.159844][ T3067] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1611.190318][T28099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1611.202724][T28099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1614.070626][T26603] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1614.853834][T26603] usb 2-1: Using ep0 maxpacket: 8
[ 1614.875360][ T3067] veth0_vlan: entered promiscuous mode
[ 1614.906055][ T3067] veth1_vlan: entered promiscuous mode
[ 1615.072946][T26603] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1615.780131][ T3797] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4003'.
[ 1615.952821][ T3067] veth0_macvtap: entered promiscuous mode
[ 1615.965027][T26603] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1615.982687][T26603] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1615.992855][T26603] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1616.002968][T26603] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1616.016406][T26603] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1616.291912][T26603] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1616.321429][ T3067] veth1_macvtap: entered promiscuous mode
[ 1616.360010][ T3067] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1616.454661][ T3067] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1616.463526][T26603] usb 2-1: can't set config #16, error -71
[ 1616.473388][T26603] usb 2-1: USB disconnect, device number 83
[ 1617.391033][ T3067] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.399856][ T3067] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.411332][ T3067] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.420127][ T3067] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.449052][ T3818] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4008'.
[ 1617.609619][   T30] audit: type=1400 audit(1748668757.372:4995): avc:  denied  { setopt } for  pid=3806 comm="syz.2.4007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1617.682611][ T3806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1619.644890][T28098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.664231][T28098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.769376][T28098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.782232][T28098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.940864][T11489] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1620.198677][ T3872] veth0_to_team: entered promiscuous mode
[ 1620.414983][ T3872] veth0_to_team: entered allmulticast mode
[ 1620.964402][T11489] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1621.486017][T11489] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1621.496904][T11489] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1621.506298][T11489] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1621.517328][T11489] usb 6-1: config 0 descriptor??
[ 1621.808261][ T3889] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4016'.
[ 1623.495590][T11489] cp2112 0003:10C4:EA90.0032: unknown main item tag 0x0
[ 1623.505695][T11489] cp2112 0003:10C4:EA90.0032: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.5-1/input0
[ 1623.608283][T11489] cp2112 0003:10C4:EA90.0032: Part Number: 0x82 Device Version: 0xFE
[ 1623.899807][ T3911] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4019'.
[ 1625.233449][T11489] usb 6-1: reset high-speed USB device number 2 using dummy_hcd
[ 1626.903253][ T3958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4029'.
[ 1629.040601][T11489] usb 6-1: device descriptor read/64, error -71
[ 1629.321927][T11489] usb 6-1: reset high-speed USB device number 2 using dummy_hcd
[ 1630.359877][ T3992] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4035'.
[ 1630.381647][T11489] usb 6-1: device descriptor read/64, error -71
[ 1631.480598][ T5864] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1631.488947][T11489] usb 6-1: reset high-speed USB device number 2 using dummy_hcd
[ 1631.523485][T11489] usb 6-1: device descriptor read/8, error -71
[ 1631.750709][ T5864] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1631.975563][ T5864] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1632.011472][ T5864] usb 7-1: config 1 interface 0 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1632.045746][ T5864] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1632.342714][ T4015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4043'.
[ 1632.667456][ T5864] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1632.676827][ T5864] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1632.684952][ T5864] usb 7-1: Product: syz
[ 1632.689394][ T5864] usb 7-1: SerialNumber: syz
[ 1632.796966][   T30] audit: type=1400 audit(1748668772.612:4996): avc:  denied  { read } for  pid=4020 comm="syz.2.4045" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1632.831995][   T30] audit: type=1400 audit(1748668772.612:4997): avc:  denied  { open } for  pid=4020 comm="syz.2.4045" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1632.885343][ T5863] usb 6-1: USB disconnect, device number 2
[ 1632.900760][ T3992] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1633.097370][ T5864] usb 7-1: bad CDC descriptors
[ 1633.110313][ T5864] usb 7-1: USB disconnect, device number 2
[ 1633.140269][   T30] audit: type=1400 audit(1748668772.652:4998): avc:  denied  { ioctl } for  pid=4020 comm="syz.2.4045" path="/dev/nvram" dev="devtmpfs" ino=623 ioctlcmd=0x5442 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1633.658480][ T4021] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1633.667211][ T4021] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1634.956003][ T4021] bridge_slave_0: left allmulticast mode
[ 1635.099131][ T4021] bridge_slave_0: left promiscuous mode
[ 1635.120814][ T4021] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1635.273808][ T4021] bridge_slave_1: left allmulticast mode
[ 1635.295489][ T4021] bridge_slave_1: left promiscuous mode
[ 1635.313883][ T4021] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1635.363850][ T4021] bond0: (slave bond_slave_0): Releasing backup interface
[ 1635.674220][ T4021] bond0: (slave bond_slave_1): Releasing backup interface
[ 1635.687371][ T4021] veth0_to_team: left promiscuous mode
[ 1635.696250][ T4021] veth0_to_team: left allmulticast mode
[ 1635.736608][ T4021] team0: Port device team_slave_0 removed
[ 1635.773485][ T4021] team0: Port device team_slave_1 removed
[ 1635.802890][ T4021] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1635.819233][ T4021] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1635.848036][ T4021] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1635.872012][ T4021] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1636.129702][ T4078] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4050'.
[ 1637.555280][ T4021] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1637.564478][ T4021] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1637.573497][ T4021] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1637.582473][ T4021] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1638.512310][ T4101] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4056'.
[ 1640.057209][   T30] audit: type=1326 audit(1748668779.852:4999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.110715][   T30] audit: type=1326 audit(1748668779.892:5000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.179895][   T30] audit: type=1326 audit(1748668779.892:5001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.343007][ T4107] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4058'.
[ 1640.352693][T17465] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 1640.358028][   T30] audit: type=1326 audit(1748668779.892:5002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.415741][ T5863] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1640.544149][   T30] audit: type=1326 audit(1748668779.892:5003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.612166][T17465] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1640.625883][T17465] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1640.672250][   T30] audit: type=1326 audit(1748668779.892:5004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.696503][   T30] audit: type=1326 audit(1748668779.892:5005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff10b18e969 code=0x7ffc0000
[ 1640.705246][T17465] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1640.724988][   T30] audit: type=1326 audit(1748668779.892:5006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff10b18d2d0 code=0x7ffc0000
[ 1640.733641][ T5863] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1640.756023][   T43] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1640.756185][   T30] audit: type=1326 audit(1748668779.892:5007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff10b18e56b code=0x7ffc0000
[ 1640.756427][   T30] audit: type=1326 audit(1748668779.892:5008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff10b18e56b code=0x7ffc0000
[ 1641.227323][T17465] usb 2-1: config 0 descriptor??
[ 1641.232413][ T5863] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1641.242762][ T5863] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1641.247288][   T43] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1641.253709][T17465] pwc: Askey VC010 type 2 USB webcam detected.
[ 1641.271746][   T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1641.275512][ T5863] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1641.298522][   T43] usb 6-1: config 1 interface 0 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1641.320426][   T43] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1641.328514][ T4122] syz.6.4063: attempt to access beyond end of device
[ 1641.328514][ T4122] loop6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1641.342558][ T4122] gfs2: error -5 reading superblock
[ 1641.359985][ T5863] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.361880][   T43] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1641.368837][ T5863] usb 3-1: Product: syz
[ 1641.382841][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.391194][   T43] usb 6-1: Product: syz
[ 1641.395554][   T43] usb 6-1: SerialNumber: syz
[ 1641.445706][ T5863] usb 3-1: Manufacturer: syz
[ 1641.450841][ T5863] usb 3-1: SerialNumber: syz
[ 1641.710687][T17465] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1641.728009][ T4107] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1641.753122][T17465] pwc: recv_control_msg error -32 req 02 val 2700
[ 1641.762190][T17465] pwc: recv_control_msg error -71 req 02 val 2c00
[ 1641.770027][T17465] pwc: recv_control_msg error -71 req 04 val 1000
[ 1641.778053][T17465] pwc: recv_control_msg error -71 req 04 val 1300
[ 1641.792176][T17465] pwc: recv_control_msg error -71 req 04 val 1400
[ 1641.800305][T17465] pwc: recv_control_msg error -71 req 02 val 2000
[ 1642.450075][   T43] usb 6-1: bad CDC descriptors
[ 1642.644710][T17465] pwc: recv_control_msg error -71 req 02 val 2100
[ 1642.651749][T17465] pwc: recv_control_msg error -71 req 04 val 1500
[ 1642.658719][T17465] pwc: recv_control_msg error -71 req 02 val 2500
[ 1642.666375][T17465] pwc: recv_control_msg error -71 req 02 val 2400
[ 1642.678899][T17465] pwc: recv_control_msg error -71 req 02 val 2600
[ 1642.686079][   T43] usb 6-1: USB disconnect, device number 3
[ 1642.686344][T17465] pwc: recv_control_msg error -71 req 02 val 2900
[ 1642.737216][T17465] pwc: recv_control_msg error -71 req 02 val 2800
[ 1642.744188][T17465] pwc: recv_control_msg error -71 req 04 val 1100
[ 1642.761598][T17465] pwc: recv_control_msg error -71 req 04 val 1200
[ 1642.772794][T17465] pwc: Registered as video103.
[ 1642.779804][T17465] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input36
[ 1642.797296][T17465] usb 2-1: USB disconnect, device number 84
[ 1642.848524][ T5863] usb 3-1: 0:2 : does not exist
[ 1643.992489][ T5864] usb 3-1: USB disconnect, device number 82
[ 1645.184013][ T4215] FAULT_INJECTION: forcing a failure.
[ 1645.184013][ T4215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1645.220621][ T4215] CPU: 0 UID: 0 PID: 4215 Comm: syz.1.4072 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1645.220652][ T4215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1645.220669][ T4215] Call Trace:
[ 1645.220676][ T4215]  <TASK>
[ 1645.220683][ T4215]  dump_stack_lvl+0x16c/0x1f0
[ 1645.220709][ T4215]  should_fail_ex+0x512/0x640
[ 1645.220737][ T4215]  _copy_from_user+0x2e/0xd0
[ 1645.220765][ T4215]  bpf_test_init.isra.0+0xe2/0x140
[ 1645.220790][ T4215]  bpf_prog_test_run_skb+0x245/0x2280
[ 1645.220816][ T4215]  ? __fget_files+0x204/0x3c0
[ 1645.220839][ T4215]  ? __fget_files+0x20e/0x3c0
[ 1645.220857][ T4215]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1645.220884][ T4215]  ? fput+0x70/0xf0
[ 1645.220909][ T4215]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1645.220932][ T4215]  __sys_bpf+0x1485/0x4d80
[ 1645.220957][ T4215]  ? __pfx___sys_bpf+0x10/0x10
[ 1645.220978][ T4215]  ? ksys_write+0x190/0x250
[ 1645.221000][ T4215]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1645.221039][ T4215]  ? fput+0x70/0xf0
[ 1645.221060][ T4215]  ? ksys_write+0x1ac/0x250
[ 1645.221079][ T4215]  ? __pfx_ksys_write+0x10/0x10
[ 1645.221100][ T4215]  __x64_sys_bpf+0x78/0xc0
[ 1645.221121][ T4215]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1645.221140][ T4215]  do_syscall_64+0xcd/0x4c0
[ 1645.221162][ T4215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1645.221180][ T4215] RIP: 0033:0x7f1875d8e969
[ 1645.221197][ T4215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1645.221213][ T4215] RSP: 002b:00007f1876b75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1645.221232][ T4215] RAX: ffffffffffffffda RBX: 00007f1875fb5fa0 RCX: 00007f1875d8e969
[ 1645.221244][ T4215] RDX: 0000000000000050 RSI: 0000200000000380 RDI: 000000000000000a
[ 1645.221255][ T4215] RBP: 00007f1876b75090 R08: 0000000000000000 R09: 0000000000000000
[ 1645.221265][ T4215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1645.221275][ T4215] R13: 0000000000000000 R14: 00007f1875fb5fa0 R15: 00007ffeeb7c86f8
[ 1645.221300][ T4215]  </TASK>
[ 1645.222687][ T4214] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1645.360531][   T30] kauditd_printk_skb: 91 callbacks suppressed
[ 1645.360546][   T30] audit: type=1400 audit(1748668785.172:5100): avc:  denied  { connect } for  pid=4222 comm="syz.2.4075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1645.479321][ T4217] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1647.851282][ T4264] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.4084'.
[ 1648.746078][ T4270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4085'.
[ 1649.882241][ T4263] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4083'.
[ 1649.947206][ T4280] NILFS (nullb0): couldn't find nilfs on the device
[ 1650.310713][ T5864] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1650.506793][ T5864] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1650.519135][ T5864] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1650.549277][ T5864] usb 7-1: config 1 interface 0 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1650.679153][ T5864] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1650.720021][ T5864] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1650.731823][ T5864] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1650.764691][ T5864] usb 7-1: Product: syz
[ 1650.769232][ T5864] usb 7-1: SerialNumber: syz
[ 1650.798576][ T4286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4089'.
[ 1650.883101][ T4286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4089'.
[ 1650.928268][ T5864] usb 7-1: bad CDC descriptors
[ 1650.946742][ T5864] usb 7-1: USB disconnect, device number 3
[ 1650.966937][ T4291] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[ 1650.999614][ T4291] team0: Device ipvlan0 is already an upper device of the team interface
[ 1652.200788][T17465] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1652.310423][ T4327] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1652.321830][ T4327] team0: Device ipvlan2 is already an upper device of the team interface
[ 1652.851752][T17465] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1652.870864][T17465] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1652.882058][T17465] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1652.892888][T17465] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1652.908465][T17465] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1652.921600][ T4323] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4096'.
[ 1652.931612][ T4323] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4096'.
[ 1652.975906][T17465] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1652.987842][T17465] usb 6-1: config 0 descriptor??
[ 1653.402188][ T4355] mkiss: ax0: crc mode is auto.
[ 1653.552016][T17465] plantronics 0003:047F:FFFF.0033: ignoring exceeding usage max
[ 1653.623669][ T5864] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1653.716837][T17465] plantronics 0003:047F:FFFF.0033: No inputs registered, leaving
[ 1653.870556][T17465] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1653.995888][T17465] usb 6-1: USB disconnect, device number 4
[ 1654.001887][ T5864] usb 3-1: Using ep0 maxpacket: 16
[ 1654.008397][ T5864] usb 3-1: config 0 has an invalid interface number: 48 but max is 0
[ 1654.022254][ T5864] usb 3-1: config 0 has no interface number 0
[ 1654.039253][ T5864] usb 3-1: config 0 interface 48 has no altsetting 0
[ 1654.050262][ T5864] usb 3-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[ 1654.208522][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1654.217688][ T5864] usb 3-1: Product: syz
[ 1654.222190][ T5864] usb 3-1: Manufacturer: syz
[ 1654.226869][ T5864] usb 3-1: SerialNumber: syz
[ 1654.233512][ T5864] usb 3-1: config 0 descriptor??
[ 1654.318701][ T4394] netlink: 5280 bytes leftover after parsing attributes in process `syz.6.4104'.
[ 1655.211578][ T4151] usb 3-1: USB disconnect, device number 83
[ 1657.440272][ T4417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4107'.
[ 1657.654508][ T4432] FAULT_INJECTION: forcing a failure.
[ 1657.654508][ T4432] name failslab, interval 1, probability 0, space 0, times 0
[ 1657.667267][ T4432] CPU: 1 UID: 0 PID: 4432 Comm: syz.6.4112 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1657.667293][ T4432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1657.667305][ T4432] Call Trace:
[ 1657.667311][ T4432]  <TASK>
[ 1657.667318][ T4432]  dump_stack_lvl+0x16c/0x1f0
[ 1657.667346][ T4432]  should_fail_ex+0x512/0x640
[ 1657.667370][ T4432]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1657.667391][ T4432]  should_failslab+0xc2/0x120
[ 1657.667412][ T4432]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1657.667431][ T4432]  ? mm_alloc+0x1c/0xc0
[ 1657.667451][ T4432]  mm_alloc+0x1c/0xc0
[ 1657.667467][ T4432]  alloc_bprm+0x2ab/0xde0
[ 1657.667492][ T4432]  ? strncpy_from_user+0x203/0x2e0
[ 1657.667522][ T4432]  do_execveat_common.isra.0+0x1ce/0x610
[ 1657.667557][ T4432]  __x64_sys_execve+0x8e/0xb0
[ 1657.667576][ T4432]  do_syscall_64+0xcd/0x4c0
[ 1657.667599][ T4432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1657.667618][ T4432] RIP: 0033:0x7f436bf8e969
[ 1657.667633][ T4432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1657.667650][ T4432] RSP: 002b:00007f4369df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 1657.667668][ T4432] RAX: ffffffffffffffda RBX: 00007f436c1b5fa0 RCX: 00007f436bf8e969
[ 1657.667680][ T4432] RDX: 0000200000000180 RSI: 0000000000000000 RDI: 0000200000000000
[ 1657.667691][ T4432] RBP: 00007f4369df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1657.667701][ T4432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1657.667712][ T4432] R13: 0000000000000000 R14: 00007f436c1b5fa0 R15: 00007ffcf321fa88
[ 1657.667735][ T4432]  </TASK>
[ 1657.836338][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1657.910612][ T5913] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1658.064085][ T5913] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1658.075426][ T5913] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1658.087009][ T5913] usb 4-1: config 1 interface 0 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1658.102762][ T5913] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1658.114271][ T5913] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1658.130607][ T5864] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1658.131991][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1658.154656][ T5913] usb 4-1: Product: syz
[ 1658.164077][ T5913] usb 4-1: SerialNumber: syz
[ 1658.198581][ T4444] FAULT_INJECTION: forcing a failure.
[ 1658.198581][ T4444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1658.230601][ T4444] CPU: 1 UID: 0 PID: 4444 Comm: syz.2.4114 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1658.230628][ T4444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1658.230638][ T4444] Call Trace:
[ 1658.230644][ T4444]  <TASK>
[ 1658.230651][ T4444]  dump_stack_lvl+0x16c/0x1f0
[ 1658.230677][ T4444]  should_fail_ex+0x512/0x640
[ 1658.230707][ T4444]  _copy_to_user+0x32/0xd0
[ 1658.230736][ T4444]  simple_read_from_buffer+0xcb/0x170
[ 1658.230767][ T4444]  proc_fail_nth_read+0x197/0x270
[ 1658.230804][ T4444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1658.230834][ T4444]  ? rw_verify_area+0xcf/0x680
[ 1658.230857][ T4444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1658.230884][ T4444]  vfs_read+0x1e4/0xc60
[ 1658.230913][ T4444]  ? __pfx___mutex_lock+0x10/0x10
[ 1658.230933][ T4444]  ? __pfx_vfs_read+0x10/0x10
[ 1658.230966][ T4444]  ? __fget_files+0x20e/0x3c0
[ 1658.230991][ T4444]  ksys_read+0x12a/0x250
[ 1658.231006][ T4444]  ? __pfx_ksys_read+0x10/0x10
[ 1658.231029][ T4444]  do_syscall_64+0xcd/0x4c0
[ 1658.231051][ T4444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.231068][ T4444] RIP: 0033:0x7ff10b18d37c
[ 1658.231083][ T4444] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1658.231100][ T4444] RSP: 002b:00007ff10bfd0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1658.231118][ T4444] RAX: ffffffffffffffda RBX: 00007ff10b3b5fa0 RCX: 00007ff10b18d37c
[ 1658.231129][ T4444] RDX: 000000000000000f RSI: 00007ff10bfd00a0 RDI: 0000000000000004
[ 1658.231139][ T4444] RBP: 00007ff10bfd0090 R08: 0000000000000000 R09: 0000000000000000
[ 1658.231150][ T4444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1658.231160][ T4444] R13: 0000000000000000 R14: 00007ff10b3b5fa0 R15: 00007fffd0b0d1c8
[ 1658.231184][ T4444]  </TASK>
[ 1658.420922][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1658.519810][ T4417] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1658.556219][ T5913] usb 4-1: bad CDC descriptors
[ 1658.564639][ T5913] usb 4-1: USB disconnect, device number 86
[ 1658.570625][ T5864] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1658.570657][ T5864] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1658.570691][ T5864] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1658.570710][ T5864] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1658.762294][ T5864] usb 7-1: config 0 descriptor??
[ 1659.070558][ T5866] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1659.179996][ T5864] cp2112 0003:10C4:EA90.0034: unknown main item tag 0x0
[ 1659.189223][ T5864] cp2112 0003:10C4:EA90.0034: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.6-1/input0
[ 1659.222721][ T5866] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1659.238256][ T5866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1659.258065][ T5866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1659.268102][ T5866] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1659.284025][ T5866] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1659.293273][ T5866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1659.311712][ T5866] usb 6-1: config 0 descriptor??
[ 1659.377434][ T5864] cp2112 0003:10C4:EA90.0034: Part Number: 0x82 Device Version: 0xFE
[ 1660.151366][ T5866] plantronics 0003:047F:FFFF.0035: ignoring exceeding usage max
[ 1660.178635][ T5866] plantronics 0003:047F:FFFF.0035: No inputs registered, leaving
[ 1660.230318][ T5866] plantronics 0003:047F:FFFF.0035: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1660.560944][T28732] usb 7-1: reset high-speed USB device number 4 using dummy_hcd
[ 1661.920620][   T43] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1662.091425][   T43] usb 3-1: Using ep0 maxpacket: 32
[ 1662.207424][   T43] usb 3-1: config 1 has an invalid interface number: 137 but max is 0
[ 1662.223102][   T43] usb 3-1: config 1 has no interface number 0
[ 1662.233847][   T43] usb 3-1: config 1 interface 137 has no altsetting 0
[ 1662.256509][   T43] usb 3-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[ 1662.285050][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1662.294829][ T4524] FAULT_INJECTION: forcing a failure.
[ 1662.294829][ T4524] name failslab, interval 1, probability 0, space 0, times 0
[ 1662.307934][   T43] usb 3-1: Product: syz
[ 1662.313595][   T43] usb 3-1: Manufacturer: syz
[ 1662.318373][   T30] audit: type=1400 audit(1748668802.132:5101): avc:  denied  { ioctl } for  pid=4525 comm="syz.6.4127" path="/dev/ttyr0" dev="devtmpfs" ino=391 ioctlcmd=0x5439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1662.344108][ T4524] CPU: 1 UID: 0 PID: 4524 Comm: syz.5.4126 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1662.344135][ T4524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1662.344145][ T4524] Call Trace:
[ 1662.344151][ T4524]  <TASK>
[ 1662.344157][ T4524]  dump_stack_lvl+0x16c/0x1f0
[ 1662.344180][ T4524]  should_fail_ex+0x512/0x640
[ 1662.344202][ T4524]  ? __kmalloc_noprof+0xbf/0x510
[ 1662.344222][ T4524]  ? lsm_blob_alloc+0x68/0x90
[ 1662.344237][ T4524]  should_failslab+0xc2/0x120
[ 1662.344257][ T4524]  __kmalloc_noprof+0xd2/0x510
[ 1662.344273][ T4524]  ? key_set_index_key+0x30e/0x560
[ 1662.344308][ T4524]  lsm_blob_alloc+0x68/0x90
[ 1662.344323][ T4524]  security_key_alloc+0x37/0x2e0
[ 1662.344346][ T4524]  key_alloc+0x8e5/0x1390
[ 1662.344375][ T4524]  ? trace_kmalloc+0x2b/0xd0
[ 1662.344395][ T4524]  ? __kmalloc_noprof+0x242/0x510
[ 1662.344411][ T4524]  ? __pfx_key_alloc+0x10/0x10
[ 1662.344435][ T4524]  ? hook_cred_prepare+0x26b/0x320
[ 1662.344464][ T4524]  keyring_alloc+0x44/0xc0
[ 1662.344492][ T4524]  lookup_user_key+0xa3f/0x1300
[ 1662.344518][ T4524]  ? __pfx_lookup_user_key+0x10/0x10
[ 1662.344544][ T4524]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[ 1662.344571][ T4524]  ? strncpy_from_user+0x203/0x2e0
[ 1662.344595][ T4524]  __do_sys_add_key+0x256/0x470
[ 1662.344612][ T4524]  ? __pfx___do_sys_add_key+0x10/0x10
[ 1662.344627][ T4524]  ? ksys_write+0x1ac/0x250
[ 1662.344652][ T4524]  do_syscall_64+0xcd/0x4c0
[ 1662.344674][ T4524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1662.344692][ T4524] RIP: 0033:0x7f05de98e969
[ 1662.344706][ T4524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1662.344721][ T4524] RSP: 002b:00007f05df771038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[ 1662.344738][ T4524] RAX: ffffffffffffffda RBX: 00007f05debb5fa0 RCX: 00007f05de98e969
[ 1662.344749][ T4524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140
[ 1662.344759][ T4524] RBP: 00007f05df771090 R08: fffffffffffffffe R09: 0000000000000000
[ 1662.344769][ T4524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1662.344779][ T4524] R13: 0000000000000001 R14: 00007f05debb5fa0 R15: 00007ffdde7caf18
[ 1662.344810][ T4524]  </TASK>
[ 1662.579732][ T5864] usb 7-1: USB disconnect, device number 4
[ 1662.594363][   T43] usb 3-1: SerialNumber: syz
[ 1662.822794][ T5866] usb 6-1: USB disconnect, device number 5
[ 1662.839640][ T4532] mkiss: ax0: crc mode is auto.
[ 1663.114231][   T30] audit: type=1400 audit(1748668802.932:5102): avc:  denied  { getopt } for  pid=4515 comm="syz.2.4124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1663.119185][ T4559] affs: No valid root block on device nbd5
[ 1663.892838][   T43] pl2303 3-1:1.137: required interrupt-in endpoint missing
[ 1663.916071][   T43] usb 3-1: USB disconnect, device number 84
[ 1666.430813][T28732] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1666.674868][T28732] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1666.725099][T28732] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1666.737448][ T4608] FAULT_INJECTION: forcing a failure.
[ 1666.737448][ T4608] name failslab, interval 1, probability 0, space 0, times 0
[ 1666.836419][ T4608] CPU: 1 UID: 0 PID: 4608 Comm: syz.1.4139 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1666.836453][ T4608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1666.836464][ T4608] Call Trace:
[ 1666.836470][ T4608]  <TASK>
[ 1666.836477][ T4608]  dump_stack_lvl+0x16c/0x1f0
[ 1666.836504][ T4608]  should_fail_ex+0x512/0x640
[ 1666.836527][ T4608]  ? fs_reclaim_acquire+0xae/0x150
[ 1666.836554][ T4608]  ? tomoyo_encode2+0x100/0x3e0
[ 1666.836576][ T4608]  should_failslab+0xc2/0x120
[ 1666.836596][ T4608]  __kmalloc_noprof+0xd2/0x510
[ 1666.836614][ T4608]  ? d_absolute_path+0x136/0x1a0
[ 1666.836643][ T4608]  tomoyo_encode2+0x100/0x3e0
[ 1666.836671][ T4608]  tomoyo_encode+0x29/0x50
[ 1666.836693][ T4608]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1666.836730][ T4608]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1666.836753][ T4608]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1666.836800][ T4608]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1666.836833][ T4608]  tomoyo_file_open+0x6b/0x90
[ 1666.836861][ T4608]  security_file_open+0x84/0x1e0
[ 1666.836887][ T4608]  do_dentry_open+0x596/0x1c10
[ 1666.836912][ T4608]  vfs_open+0x82/0x3f0
[ 1666.836938][ T4608]  path_openat+0x1de4/0x2cb0
[ 1666.836965][ T4608]  ? __pfx_path_openat+0x10/0x10
[ 1666.836985][ T4608]  ? __lock_acquire+0xb8a/0x1c90
[ 1666.837009][ T4608]  do_filp_open+0x20b/0x470
[ 1666.837029][ T4608]  ? __pfx_do_filp_open+0x10/0x10
[ 1666.837064][ T4608]  ? alloc_fd+0x471/0x7d0
[ 1666.837089][ T4608]  do_sys_openat2+0x11b/0x1d0
[ 1666.837111][ T4608]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1666.837144][ T4608]  __x64_sys_openat+0x174/0x210
[ 1666.837167][ T4608]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1666.837193][ T4608]  ? do_user_addr_fault+0x843/0x1370
[ 1666.837222][ T4608]  do_syscall_64+0xcd/0x4c0
[ 1666.837245][ T4608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1666.837263][ T4608] RIP: 0033:0x7f1875d8d2d0
[ 1666.837279][ T4608] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1666.837298][ T4608] RSP: 002b:00007f1876b74b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1666.837316][ T4608] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1875d8d2d0
[ 1666.837328][ T4608] RDX: 0000000000000002 RSI: 00007f1876b74c10 RDI: 00000000ffffff9c
[ 1666.837339][ T4608] RBP: 00007f1876b74c10 R08: 0000000000000000 R09: 00236f656469762f
[ 1666.837350][ T4608] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1666.837360][ T4608] R13: 0000000000000001 R14: 00007f1875fb5fa0 R15: 00007ffeeb7c86f8
[ 1666.837385][ T4608]  </TASK>
[ 1666.837491][ T4608] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1666.897448][T28732] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1667.007014][ T4612] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[ 1667.011325][   T30] audit: type=1400 audit(1748668806.822:5103): avc:  denied  { setopt } for  pid=4605 comm="syz.2.4140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1667.017175][ T4612] audit: out of memory in audit_log_start
[ 1667.146983][T28732] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1667.233578][T28732] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1667.243410][T28732] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1667.255296][   T30] audit: type=1400 audit(1748668806.962:5104): avc:  denied  { ioctl } for  pid=4605 comm="syz.2.4140" path="socket:[92480]" dev="sockfs" ino=92480 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1667.284282][T28732] usb 7-1: config 0 descriptor??
[ 1668.461392][T28732] plantronics 0003:047F:FFFF.0036: ignoring exceeding usage max
[ 1668.488201][T28732] plantronics 0003:047F:FFFF.0036: No inputs registered, leaving
[ 1668.534966][T28732] plantronics 0003:047F:FFFF.0036: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[ 1668.710546][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.716940][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.617838][ T4643] netlink: 'syz.5.4145': attribute type 6 has an invalid length.
[ 1669.734189][ T4643] bridge1: entered promiscuous mode
[ 1669.750380][ T4643] bridge1: entered allmulticast mode
[ 1670.189798][ T4656] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[ 1670.204360][   T30] audit: type=1400 audit(1748668810.022:5105): avc:  denied  { relabelto } for  pid=4655 comm="syz.3.4149" name="cgroup.procs" dev="cgroup" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:net_conf_t:s0"
[ 1670.238869][ T4654] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4147'.
[ 1670.329639][   T30] audit: type=1400 audit(1748668810.052:5106): avc:  denied  { associate } for  pid=4655 comm="syz.3.4149" name="cgroup.procs" dev="cgroup" ino=236 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:net_conf_t:s0"
[ 1670.630542][   T24] usb 7-1: USB disconnect, device number 5
[ 1670.641489][T28732] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 1670.807679][T28732] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1670.860287][T28732] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1670.929018][T28732] usb 3-1: config 1 interface 0 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1671.165125][T28732] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1671.179266][T28732] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1671.453121][T28732] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1671.485185][T28732] usb 3-1: Product: syz
[ 1671.730616][T28732] usb 3-1: SerialNumber: syz
[ 1672.409182][ T4645] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1672.420186][   T30] audit: type=1400 audit(1748668812.232:5107): avc:  denied  { write } for  pid=4682 comm="syz.5.4153" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[ 1672.446148][T28732] usb 3-1: bad CDC descriptors
[ 1672.470238][T28732] usb 3-1: USB disconnect, device number 85
[ 1672.600745][   T30] audit: type=1400 audit(1748668812.232:5108): avc:  denied  { read } for  pid=4682 comm="syz.5.4153" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[ 1672.681944][ T4691] syz.6.4155: attempt to access beyond end of device
[ 1672.681944][ T4691] loop6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1672.695237][ T4691] gfs2: error -5 reading superblock
[ 1674.930627][ T4729] FAULT_INJECTION: forcing a failure.
[ 1674.930627][ T4729] name failslab, interval 1, probability 0, space 0, times 0
[ 1674.970964][ T4729] CPU: 0 UID: 0 PID: 4729 Comm: syz.3.4163 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1674.970992][ T4729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1674.971002][ T4729] Call Trace:
[ 1674.971008][ T4729]  <TASK>
[ 1674.971015][ T4729]  dump_stack_lvl+0x16c/0x1f0
[ 1674.971041][ T4729]  should_fail_ex+0x512/0x640
[ 1674.971066][ T4729]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1674.971088][ T4729]  should_failslab+0xc2/0x120
[ 1674.971108][ T4729]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1674.971125][ T4729]  ? security_file_alloc+0x34/0x2b0
[ 1674.971154][ T4729]  security_file_alloc+0x34/0x2b0
[ 1674.971178][ T4729]  init_file+0x93/0x4c0
[ 1674.971199][ T4729]  alloc_empty_file+0x73/0x1e0
[ 1674.971222][ T4729]  path_openat+0xda/0x2cb0
[ 1674.971240][ T4729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1674.971267][ T4729]  ? __pfx_path_openat+0x10/0x10
[ 1674.971287][ T4729]  ? __lock_acquire+0xb8a/0x1c90
[ 1674.971313][ T4729]  do_filp_open+0x20b/0x470
[ 1674.971332][ T4729]  ? __pfx_do_filp_open+0x10/0x10
[ 1674.971371][ T4729]  ? alloc_fd+0x471/0x7d0
[ 1674.971397][ T4729]  do_sys_openat2+0x11b/0x1d0
[ 1674.971419][ T4729]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1674.971452][ T4729]  __x64_sys_openat+0x174/0x210
[ 1674.971475][ T4729]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1674.971499][ T4729]  ? do_user_addr_fault+0x843/0x1370
[ 1674.971529][ T4729]  do_syscall_64+0xcd/0x4c0
[ 1674.971551][ T4729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1674.971567][ T4729] RIP: 0033:0x7eff3658d2d0
[ 1674.971581][ T4729] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1674.971598][ T4729] RSP: 002b:00007eff37333ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1674.971616][ T4729] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007eff3658d2d0
[ 1674.971627][ T4729] RDX: 0000000000000002 RSI: 00007eff3661078c RDI: 00000000ffffff9c
[ 1674.971637][ T4729] RBP: 00007eff3661078c R08: 0000000000000000 R09: 0000000000000000
[ 1674.971653][ T4729] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1674.971663][ T4729] R13: 000000000000002d R14: 0000200000000080 R15: 00007fff40b9e4f8
[ 1674.971687][ T4729]  </TASK>
[ 1675.280539][   T43] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1675.443048][   T43] usb 7-1: Using ep0 maxpacket: 32
[ 1675.462834][   T43] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1675.633758][ T4744] Unknown options in mask 5
[ 1675.654963][   T30] audit: type=1400 audit(1748668815.452:5109): avc:  denied  { write } for  pid=4733 comm="syz.5.4164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1675.658361][   T43] usb 7-1: config 0 has no interface number 0
[ 1675.706122][   T43] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1675.716929][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1675.797126][   T43] usb 7-1: Product: syz
[ 1675.864087][   T43] usb 7-1: Manufacturer: syz
[ 1675.874142][   T43] usb 7-1: SerialNumber: syz
[ 1675.889357][   T43] usb 7-1: config 0 descriptor??
[ 1675.910960][   T43] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1675.919867][   T43] usb 7-1: selecting invalid altsetting 1
[ 1675.926791][   T43] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1675.935991][   T43] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1675.954314][   T43] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1675.963098][   T43] usb 7-1: media controller created
[ 1676.094099][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1677.353014][   T43] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 1677.368878][   T43] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 1677.379333][   T43] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1677.420320][   T43] usb 7-1: USB disconnect, device number 6
[ 1677.757166][ T4779] syz.1.4169: attempt to access beyond end of device
[ 1677.757166][ T4779] loop1: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1677.802642][ T4779] gfs2: error -5 reading superblock
[ 1678.892910][ T4790] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4172'.
[ 1679.410583][T28732] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1680.588509][   T30] audit: type=1400 audit(1748668820.352:5110): avc:  denied  { setcurrent } for  pid=4818 comm="syz.2.4180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1680.608061][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1680.641822][T28732] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1681.025852][   T30] audit: type=1326 audit(1748668820.842:5111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.142238][   T30] audit: type=1326 audit(1748668820.882:5112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.166664][T28732] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1681.177345][T28732] usb 4-1: config 1 interface 0 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1681.191881][   T30] audit: type=1326 audit(1748668820.902:5113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.301603][T28732] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1681.309423][   T30] audit: type=1326 audit(1748668820.912:5114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.382849][T28732] usb 4-1: string descriptor 0 read error: -71
[ 1681.390176][T28732] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1681.399815][   T30] audit: type=1326 audit(1748668820.922:5115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.429809][T28732] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1681.441082][   T43] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1681.458774][T28732] usb 4-1: can't set config #1, error -71
[ 1681.476222][T28732] usb 4-1: USB disconnect, device number 87
[ 1681.556602][   T30] audit: type=1326 audit(1748668820.922:5116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.579955][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1681.589408][   T30] audit: type=1326 audit(1748668820.922:5117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.612833][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1681.622661][   T30] audit: type=1326 audit(1748668820.922:5118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1681.646753][   T30] audit: type=1326 audit(1748668820.922:5119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f05de98d2d0 code=0x7ffc0000
[ 1681.858348][ T4852] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4184'.
[ 1682.192692][ T5913] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1682.193374][   T30] audit: type=1326 audit(1748668820.932:5120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.5.4181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f05de98e56b code=0x7ffc0000
[ 1682.224165][   T24] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1682.268476][   T43] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1682.326219][   T43] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1682.337783][   T43] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1682.393218][ T4854] syz.3.4185: attempt to access beyond end of device
[ 1682.393218][ T4854] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1682.406833][ T4854] gfs2: error -5 reading superblock
[ 1682.441262][   T24] usb 2-1: Using ep0 maxpacket: 16
[ 1682.616994][   T24] usb 2-1: config index 0 descriptor too short (expected 8192, got 68)
[ 1682.626976][ T5913] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1682.644379][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1682.656447][   T43] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1682.665704][ T5913] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1682.691403][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1682.707261][   T24] usb 2-1: config 0 has no interfaces?
[ 1682.713816][ T5913] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1682.722956][   T43] usb 6-1: Product: syz
[ 1682.727789][   T43] usb 6-1: Manufacturer: syz
[ 1682.732729][   T24] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1682.909888][ T4859] syz.6.4186: attempt to access beyond end of device
[ 1682.909888][ T4859] loop6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1682.923546][ T4859] gfs2: error -5 reading superblock
[ 1683.003444][   T43] usb 6-1: SerialNumber: syz
[ 1683.016574][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1683.063177][   T24] usb 2-1: SerialNumber: syz
[ 1683.063340][ T5913] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1683.110227][   T24] usb 2-1: config 0 descriptor??
[ 1683.120577][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1683.130704][ T5913] usb 3-1: Product: syz
[ 1683.134926][ T5913] usb 3-1: Manufacturer: syz
[ 1683.147135][ T5913] usb 3-1: SerialNumber: syz
[ 1684.118546][   T24] usb 2-1: USB disconnect, device number 85
[ 1684.159097][   T43] usb 6-1: 0:2 : does not exist
[ 1684.538153][ T5913] usb 3-1: 0:2 : does not exist
[ 1684.550645][   T24] usb 6-1: USB disconnect, device number 6
[ 1684.840506][T28732] usb 3-1: USB disconnect, device number 86
[ 1685.506832][ T4917] syz.1.4190: attempt to access beyond end of device
[ 1685.506832][ T4917] loop1: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1685.520156][ T4917] gfs2: error -5 reading superblock
[ 1685.680717][ T5864] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1686.191231][ T5864] usb 6-1: Using ep0 maxpacket: 32
[ 1686.211133][ T5864] usb 6-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1686.219885][ T5864] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1686.840514][ T5864] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1686.858619][ T5864] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1686.884560][ T5864] usb 6-1: config 1 has no interface number 0
[ 1686.903300][ T5864] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1686.908532][ T4945] netlink: 'syz.1.4195': attribute type 4 has an invalid length.
[ 1686.922227][ T5864] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1686.993026][ T5864] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found
[ 1687.214656][ T5864] snd_usb_pod 6-1:1.1: set_interface failed
[ 1687.280574][ T4951] syz.6.4197: attempt to access beyond end of device
[ 1687.280574][ T4951] loop6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1687.296041][ T4951] gfs2: error -5 reading superblock
[ 1687.378628][ T5864] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected
[ 1687.401891][ T5864] snd_usb_pod 6-1:1.1: probe with driver snd_usb_pod failed with error -71
[ 1687.421540][ T5864] usb 6-1: USB disconnect, device number 7
[ 1688.615113][ T4978] netlink: 248 bytes leftover after parsing attributes in process `syz.1.4199'.
[ 1688.669108][ T4977] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1688.939857][ T4989] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[ 1688.972215][ T4989] overlayfs: workdir and upperdir must be separate subtrees
[ 1690.093227][ T5822] Bluetooth: hci1: command 0x0405 tx timeout
[ 1691.350292][ T5019] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4208'.
[ 1691.880707][ T5913] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 1692.506023][ T5913] usb 3-1: Using ep0 maxpacket: 16
[ 1692.516937][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1692.535925][ T5033] syz.6.4211: attempt to access beyond end of device
[ 1692.535925][ T5033] loop6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1692.537877][   T30] kauditd_printk_skb: 122 callbacks suppressed
[ 1692.537892][   T30] audit: type=1400 audit(1748668832.352:5243): avc:  denied  { bind } for  pid=5031 comm="syz.1.4213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1692.571337][ T5033] gfs2: error -5 reading superblock
[ 1692.587210][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1692.592908][ T5035] FAULT_INJECTION: forcing a failure.
[ 1692.592908][ T5035] name failslab, interval 1, probability 0, space 0, times 0
[ 1692.675113][ T5913] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1692.689600][ T5913] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1692.701969][   T30] audit: type=1400 audit(1748668832.402:5244): avc:  denied  { node_bind } for  pid=5031 comm="syz.1.4213" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 1692.724348][ T5913] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1692.726636][ T5035] CPU: 0 UID: 0 PID: 5035 Comm: syz.5.4214 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1692.726658][ T5035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1692.726668][ T5035] Call Trace:
[ 1692.726673][ T5035]  <TASK>
[ 1692.726680][ T5035]  dump_stack_lvl+0x16c/0x1f0
[ 1692.726703][ T5035]  should_fail_ex+0x512/0x640
[ 1692.726726][ T5035]  should_failslab+0xc2/0x120
[ 1692.726744][ T5035]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1692.726763][ T5035]  ? sidtab_sid2str_get+0x17a/0x680
[ 1692.726787][ T5035]  kmemdup_noprof+0x29/0x60
[ 1692.726804][ T5035]  sidtab_sid2str_get+0x17a/0x680
[ 1692.726827][ T5035]  sidtab_entry_to_string+0x33/0x110
[ 1692.726849][ T5035]  security_sid_to_context_core+0x35c/0x640
[ 1692.726871][ T5035]  selinux_lsmprop_to_secctx+0xe4/0x1b0
[ 1692.726892][ T5035]  ? __pfx_selinux_lsmprop_to_secctx+0x10/0x10
[ 1692.726912][ T5035]  ? map_id_range_up+0x2ce/0x3b0
[ 1692.726939][ T5035]  security_lsmprop_to_secctx+0x94/0x260
[ 1692.726962][ T5035]  audit_log_task_context+0x122/0x190
[ 1692.726981][ T5035]  ? __pfx_audit_log_task_context+0x10/0x10
[ 1692.727001][ T5035]  ? from_kuid+0x8d/0xd0
[ 1692.727021][ T5035]  ? __pfx_from_kuid+0x10/0x10
[ 1692.727046][ T5035]  ? __pfx_audit_log_start+0x10/0x10
[ 1692.727068][ T5035]  audit_log_task+0x1c2/0x3f0
[ 1692.727090][ T5035]  ? __pfx_audit_log_task+0x10/0x10
[ 1692.727114][ T5035]  ? __pfx_migrate_enable+0x10/0x10
[ 1692.727141][ T5035]  audit_seccomp+0x79/0x290
[ 1692.727160][ T5035]  __seccomp_filter+0x7b6/0xea0
[ 1692.727181][ T5035]  ? __pfx___seccomp_filter+0x10/0x10
[ 1692.727202][ T5035]  ? fput+0x70/0xf0
[ 1692.727220][ T5035]  ? ksys_write+0x1ac/0x250
[ 1692.727237][ T5035]  __secure_computing+0x287/0x3b0
[ 1692.727261][ T5035]  syscall_trace_enter+0x89/0x260
[ 1692.727283][ T5035]  do_syscall_64+0x347/0x4c0
[ 1692.727302][ T5035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1692.727317][ T5035] RIP: 0033:0x7f05de98e969
[ 1692.727330][ T5035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1692.727345][ T5035] RSP: 002b:00007f05df771038 EFLAGS: 00000246 ORIG_RAX: 0000000000000062
[ 1692.727361][ T5035] RAX: ffffffffffffffda RBX: 00007f05debb5fa0 RCX: 00007f05de98e969
[ 1692.727371][ T5035] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000000
[ 1692.727381][ T5035] RBP: 00007f05df771090 R08: 0000000000000000 R09: 0000000000000000
[ 1692.727390][ T5035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1692.727400][ T5035] R13: 0000000000000000 R14: 00007f05debb5fa0 R15: 00007ffdde7caf18
[ 1692.727421][ T5035]  </TASK>
[ 1692.727445][ T5035] audit: error in audit_log_task_context
[ 1692.733469][   T30] audit: type=1326 audit(1748668832.412:5245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5034 comm="syz.5.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1693.020521][ T5913] usb 3-1: config 0 descriptor??
[ 1693.361564][   T30] audit: type=1326 audit(1748668832.412:5246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5034 comm="syz.5.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1693.385076][   T30] audit: type=1326 audit(1748668832.412:5247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5034 comm="syz.5.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f05de98d2d0 code=0x7ffc0000
[ 1693.413182][   T30] audit: type=1326 audit(1748668832.412:5248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5034 comm="syz.5.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f05de98d41f code=0x7ffc0000
[ 1693.436765][   T30] audit: type=1400 audit(1748668832.472:5250): avc:  denied  { map } for  pid=5031 comm="syz.1.4213" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1693.461222][   T30] audit: type=1400 audit(1748668832.472:5251): avc:  denied  { execute } for  pid=5031 comm="syz.1.4213" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1693.485253][T26538] Bluetooth: hci0: command tx timeout
[ 1693.490742][   T30] audit: type=1326 audit(1748668832.412:5249): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=5034 comm="syz.5.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f05de98e969 code=0x7ffc0000
[ 1693.511588][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1693.521806][ T5913] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0
[ 1693.529049][ T5913] microsoft 0003:045E:07DA.0037: ignoring exceeding usage max
[ 1693.541593][ T5913] microsoft 0003:045E:07DA.0037: unsupported Resolution Multiplier unit exponent -51162375
[ 1693.551689][ T5913] microsoft 0003:045E:07DA.0037: unsupported Resolution Multiplier 0
[ 1693.562480][ T5913] microsoft 0003:045E:07DA.0037: unsupported Resolution Multiplier unit exponent -51162375
[ 1693.573604][ T5913] microsoft 0003:045E:07DA.0037: unsupported Resolution Multiplier 0
[ 1693.582038][ T5913] microsoft 0003:045E:07DA.0037: No inputs registered, leaving
[ 1693.591259][ T5913] microsoft 0003:045E:07DA.0037: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1693.602879][ T5913] microsoft 0003:045E:07DA.0037: no inputs found
[ 1693.609223][ T5913] microsoft 0003:045E:07DA.0037: could not initialize ff, continuing anyway
[ 1693.722344][ T5864] usb 3-1: USB disconnect, device number 87
[ 1694.259282][ T5069] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5069 comm=syz.1.4218
[ 1694.277711][ T5069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4218'.
[ 1695.298315][ T5084] netlink: 'syz.5.4221': attribute type 4 has an invalid length.
[ 1696.015358][ T5118] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=232 sclass=netlink_route_socket pid=5118 comm=syz.5.4224
[ 1696.075000][ T5118] netlink: 'syz.5.4224': attribute type 5 has an invalid length.
[ 1697.164229][ T5146] Cannot find add_set index 1 as target
[ 1697.276296][T11489] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1697.490186][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.499328][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.508407][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.517450][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.526540][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.535753][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.544961][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.554591][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1697.586565][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4230'.
[ 1698.508461][ T5156] syz.1.4230 (5156): drop_caches: 2
[ 1698.660734][T11489] usb 7-1: Using ep0 maxpacket: 32
[ 1698.686310][T11489] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1698.694870][T11489] usb 7-1: config 0 has no interface number 0
[ 1698.709778][T11489] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1699.140245][T11489] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1699.157622][T11489] usb 7-1: Product: syz
[ 1699.163462][T11489] usb 7-1: Manufacturer: syz
[ 1699.168676][T11489] usb 7-1: SerialNumber: syz
[ 1699.184490][ T5163] macvlan2: entered allmulticast mode
[ 1699.306051][T11489] usb 7-1: config 0 descriptor??
[ 1699.319992][T11489] usb 7-1: can't set config #0, error -71
[ 1699.338114][ T5183] FAULT_INJECTION: forcing a failure.
[ 1699.338114][ T5183] name failslab, interval 1, probability 0, space 0, times 0
[ 1699.344307][T11489] usb 7-1: USB disconnect, device number 7
[ 1699.354019][ T5183] CPU: 1 UID: 0 PID: 5183 Comm: syz.1.4233 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1699.354045][ T5183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1699.354055][ T5183] Call Trace:
[ 1699.354061][ T5183]  <TASK>
[ 1699.354067][ T5183]  dump_stack_lvl+0x16c/0x1f0
[ 1699.354091][ T5183]  should_fail_ex+0x512/0x640
[ 1699.354111][ T5183]  ? __kvmalloc_node_noprof+0x122/0x620
[ 1699.354138][ T5183]  should_failslab+0xc2/0x120
[ 1699.354156][ T5183]  __kvmalloc_node_noprof+0x135/0x620
[ 1699.354180][ T5183]  ? xt_alloc_entry_offsets+0x3a/0x60
[ 1699.354209][ T5183]  ? xt_alloc_entry_offsets+0x3a/0x60
[ 1699.354229][ T5183]  xt_alloc_entry_offsets+0x3a/0x60
[ 1699.354250][ T5183]  translate_table+0x2b8/0x1c10
[ 1699.354272][ T5183]  ? find_held_lock+0x2b/0x80
[ 1699.354295][ T5183]  ? __might_fault+0xe3/0x190
[ 1699.354310][ T5183]  ? __might_fault+0x13b/0x190
[ 1699.354330][ T5183]  ? __pfx_translate_table+0x10/0x10
[ 1699.354348][ T5183]  ? _copy_from_user+0x59/0xd0
[ 1699.354370][ T5183]  ? copy_from_sockptr_offset+0xed/0x1b0
[ 1699.354389][ T5183]  ? __pfx_copy_from_sockptr_offset+0x10/0x10
[ 1699.354407][ T5183]  ? xt_alloc_table_info+0x3e/0xa0
[ 1699.354440][ T5183]  do_arpt_set_ctl+0x5a5/0xe30
[ 1699.354460][ T5183]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1699.354481][ T5183]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[ 1699.354498][ T5183]  ? rcu_is_watching+0x12/0xc0
[ 1699.354513][ T5183]  ? find_held_lock+0x2b/0x80
[ 1699.354535][ T5183]  ? nf_sockopt_find.constprop.0+0x222/0x290
[ 1699.354560][ T5183]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1699.354578][ T5183]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1699.354592][ T5183]  ? sockopt_release_sock+0x52/0x60
[ 1699.354609][ T5183]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1699.354625][ T5183]  ? sockopt_release_sock+0x52/0x60
[ 1699.354651][ T5183]  ? nf_sockopt_find.constprop.0+0x222/0x290
[ 1699.354674][ T5183]  nf_setsockopt+0x8d/0xf0
[ 1699.354695][ T5183]  ip_setsockopt+0xcb/0xf0
[ 1699.354712][ T5183]  raw_setsockopt+0xb7/0x2a0
[ 1699.354729][ T5183]  ? __pfx_raw_setsockopt+0x10/0x10
[ 1699.354746][ T5183]  ? selinux_socket_setsockopt+0x6a/0x80
[ 1699.354763][ T5183]  ? sock_common_setsockopt+0x2e/0xf0
[ 1699.354783][ T5183]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1699.354802][ T5183]  do_sock_setsockopt+0x224/0x470
[ 1699.354821][ T5183]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1699.354853][ T5183]  __sys_setsockopt+0x1a0/0x230
[ 1699.354872][ T5183]  __x64_sys_setsockopt+0xbd/0x160
[ 1699.354886][ T5183]  ? do_syscall_64+0x91/0x4c0
[ 1699.354902][ T5183]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1699.354917][ T5183]  do_syscall_64+0xcd/0x4c0
[ 1699.354935][ T5183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1699.354950][ T5183] RIP: 0033:0x7f1875d8e969
[ 1699.354962][ T5183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1699.354977][ T5183] RSP: 002b:00007f1876b75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1699.354992][ T5183] RAX: ffffffffffffffda RBX: 00007f1875fb5fa0 RCX: 00007f1875d8e969
[ 1699.355002][ T5183] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
[ 1699.355011][ T5183] RBP: 00007f1876b75090 R08: 0000000000000420 R09: 0000000000000000
[ 1699.355021][ T5183] R10: 0000200000001480 R11: 0000000000000246 R12: 0000000000000001
[ 1699.355030][ T5183] R13: 0000000000000000 R14: 00007f1875fb5fa0 R15: 00007ffeeb7c86f8
[ 1699.355050][ T5183]  </TASK>
[ 1700.675080][ T5203] tmpfs: Bad value for 'mpol'
[ 1701.785772][ T5205] syz.5.4237 (5205): drop_caches: 2
[ 1702.174754][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1702.174766][   T30] audit: type=1400 audit(1748668841.992:5262): avc:  denied  { bind } for  pid=5221 comm="syz.2.4243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1702.689272][ T5219] __nla_validate_parse: 45 callbacks suppressed
[ 1702.689285][ T5219] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4242'.
[ 1702.896989][ T5232] FAULT_INJECTION: forcing a failure.
[ 1702.896989][ T5232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1702.912194][ T5232] CPU: 0 UID: 0 PID: 5232 Comm: syz.5.4244 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1702.912218][ T5232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1702.912228][ T5232] Call Trace:
[ 1702.912233][ T5232]  <TASK>
[ 1702.912237][ T5232]  dump_stack_lvl+0x16c/0x1f0
[ 1702.912255][ T5232]  should_fail_ex+0x512/0x640
[ 1702.912271][ T5232]  _copy_from_user+0x2e/0xd0
[ 1702.912287][ T5232]  __sys_bpf+0x21d/0x4d80
[ 1702.912302][ T5232]  ? __pfx___sys_bpf+0x10/0x10
[ 1702.912314][ T5232]  ? trace_sched_exit_tp+0xde/0x130
[ 1702.912326][ T5232]  ? __schedule+0x1181/0x5de0
[ 1702.912353][ T5232]  __x64_sys_bpf+0x78/0xc0
[ 1702.912365][ T5232]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1702.912376][ T5232]  do_syscall_64+0xcd/0x4c0
[ 1702.912389][ T5232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.912401][ T5232] RIP: 0033:0x7f05de98e969
[ 1702.912411][ T5232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1702.912421][ T5232] RSP: 002b:00007f05df750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1702.912438][ T5232] RAX: ffffffffffffffda RBX: 00007f05debb6080 RCX: 00007f05de98e969
[ 1702.912445][ T5232] RDX: 0000000000000020 RSI: 00002000000001c0 RDI: 000000000000001c
[ 1702.912451][ T5232] RBP: 00007f05df750090 R08: 0000000000000000 R09: 0000000000000000
[ 1702.912457][ T5232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1702.912463][ T5232] R13: 0000000000000000 R14: 00007f05debb6080 R15: 00007ffdde7caf18
[ 1702.912477][ T5232]  </TASK>
[ 1703.287078][T26603] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 1703.440600][T26603] usb 2-1: Using ep0 maxpacket: 8
[ 1703.550333][ T5242] xt_hashlimit: max too large, truncated to 1048576
[ 1703.561431][ T5242] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1704.072211][T26603] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1704.107201][T26603] usb 2-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[ 1704.119491][T26603] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1704.164023][T26603] usb 2-1: config 0 descriptor??
[ 1705.552969][T26603] hid-multitouch 0003:0EEF:72C4.0038: unknown main item tag 0x0
[ 1705.562416][T26603] hid-multitouch 0003:0EEF:72C4.0038: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.1-1/input0
[ 1705.904116][ T5266] FAULT_INJECTION: forcing a failure.
[ 1705.904116][ T5266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1705.920260][T26603] usb 2-1: USB disconnect, device number 86
[ 1705.937601][ T5266] CPU: 0 UID: 0 PID: 5266 Comm: syz.3.4252 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1705.937626][ T5266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1705.937637][ T5266] Call Trace:
[ 1705.937643][ T5266]  <TASK>
[ 1705.937651][ T5266]  dump_stack_lvl+0x16c/0x1f0
[ 1705.937675][ T5266]  should_fail_ex+0x512/0x640
[ 1705.937702][ T5266]  _copy_from_user+0x2e/0xd0
[ 1705.937726][ T5266]  copy_msghdr_from_user+0x98/0x160
[ 1705.937745][ T5266]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1705.937774][ T5266]  ___sys_sendmsg+0xfe/0x1d0
[ 1705.937793][ T5266]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1705.937808][ T5266]  ? __lock_acquire+0x622/0x1c90
[ 1705.937861][ T5266]  __sys_sendmsg+0x16d/0x220
[ 1705.937880][ T5266]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1705.937918][ T5266]  do_syscall_64+0xcd/0x4c0
[ 1705.937940][ T5266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1705.937959][ T5266] RIP: 0033:0x7eff3658e969
[ 1705.937974][ T5266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1705.937991][ T5266] RSP: 002b:00007eff37336038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1705.938007][ T5266] RAX: ffffffffffffffda RBX: 00007eff367b5fa0 RCX: 00007eff3658e969
[ 1705.938019][ T5266] RDX: 000000000000c810 RSI: 0000200000000140 RDI: 0000000000000004
[ 1705.938033][ T5266] RBP: 00007eff37336090 R08: 0000000000000000 R09: 0000000000000000
[ 1705.938044][ T5266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1705.938054][ T5266] R13: 0000000000000000 R14: 00007eff367b5fa0 R15: 00007fff40b9e4f8
[ 1705.938079][ T5266]  </TASK>
[ 1706.221841][ T5281] virtio-fs: tag </dev/md0> not found
[ 1706.520589][T26538] Bluetooth: hci4: command 0x0406 tx timeout
[ 1706.816316][ T5288] fuse: Bad value for 'fd'
[ 1708.227872][ T5283] syz.5.4255: attempt to access beyond end of device
[ 1708.227872][ T5283] loop5: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1708.241224][ T5283] gfs2: error -5 reading superblock
[ 1708.461539][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1708.547080][ T5302] Bluetooth: MGMT ver 1.23
[ 1708.770623][   T24] usb 7-1: Using ep0 maxpacket: 16
[ 1708.781789][   T24] usb 7-1: config index 0 descriptor too short (expected 8192, got 68)
[ 1708.835038][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1708.860395][ T5306] FAULT_INJECTION: forcing a failure.
[ 1708.860395][ T5306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1708.873666][ T5306] CPU: 0 UID: 0 PID: 5306 Comm: syz.3.4259 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1708.873693][ T5306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1708.873705][ T5306] Call Trace:
[ 1708.873712][ T5306]  <TASK>
[ 1708.873720][ T5306]  dump_stack_lvl+0x16c/0x1f0
[ 1708.873746][ T5306]  should_fail_ex+0x512/0x640
[ 1708.873775][ T5306]  _copy_from_iter+0x29f/0x16f0
[ 1708.873803][ T5306]  ? __alloc_skb+0x200/0x380
[ 1708.873823][ T5306]  ? __pfx__copy_from_iter+0x10/0x10
[ 1708.873851][ T5306]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1708.873886][ T5306]  netlink_sendmsg+0x829/0xdd0
[ 1708.873915][ T5306]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1708.873951][ T5306]  ____sys_sendmsg+0xa98/0xc70
[ 1708.873976][ T5306]  ? copy_msghdr_from_user+0x10a/0x160
[ 1708.873996][ T5306]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1708.874039][ T5306]  ___sys_sendmsg+0x134/0x1d0
[ 1708.874060][ T5306]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1708.874078][ T5306]  ? __lock_acquire+0x622/0x1c90
[ 1708.874137][ T5306]  __sys_sendmsg+0x16d/0x220
[ 1708.874157][ T5306]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1708.874193][ T5306]  do_syscall_64+0xcd/0x4c0
[ 1708.874218][ T5306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1708.874236][ T5306] RIP: 0033:0x7eff3658e969
[ 1708.874252][ T5306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1708.874269][ T5306] RSP: 002b:00007eff37336038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1708.874287][ T5306] RAX: ffffffffffffffda RBX: 00007eff367b5fa0 RCX: 00007eff3658e969
[ 1708.874299][ T5306] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[ 1708.874310][ T5306] RBP: 00007eff37336090 R08: 0000000000000000 R09: 0000000000000000
[ 1708.874321][ T5306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1708.874331][ T5306] R13: 0000000000000000 R14: 00007eff367b5fa0 R15: 00007fff40b9e4f8
[ 1708.874355][ T5306]  </TASK>
[ 1708.881755][   T24] usb 7-1: config 0 has no interfaces?
[ 1710.451398][   T24] usb 7-1: string descriptor 0 read error: -71
[ 1710.764527][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1711.054992][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1711.103628][ T5357] mkiss: ax0: crc mode is auto.
[ 1711.119674][   T24] usb 7-1: config 0 descriptor??
[ 1711.129619][   T24] usb 7-1: can't set config #0, error -71
[ 1711.169332][   T24] usb 7-1: USB disconnect, device number 8
[ 1711.401429][ T5822] Bluetooth: hci1: command 0x0405 tx timeout
[ 1711.755978][ T5383] 
[ 1711.758860][ T5383] =============================
[ 1711.763844][ T5383] WARNING: suspicious RCU usage
[ 1711.768736][ T5383] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[ 1711.775607][ T5383] -----------------------------
[ 1711.780526][ T5383] net/ipv6/ip6_fib.c:1393 suspicious rcu_dereference_protected() usage!
[ 1711.788939][ T5383] 
[ 1711.788939][ T5383] other info that might help us debug this:
[ 1711.788939][ T5383] 
[ 1711.799321][ T5383] 
[ 1711.799321][ T5383] rcu_scheduler_active = 2, debug_locks = 1
[ 1711.807499][ T5383] 3 locks held by syz.3.4271/5383:
[ 1711.812692][ T5383]  #0: ffffffff90344628 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[ 1711.821886][ T5383]  #1: ffffffff8e5c4780 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[ 1711.831548][ T5383]  #2: ffff88806745d430 (&tb->tb6_lock){+...}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[ 1711.841225][ T5383] 
[ 1711.841225][ T5383] stack backtrace:
[ 1711.847196][ T5383] CPU: 0 UID: 0 PID: 5383 Comm: syz.3.4271 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1711.847230][ T5383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1711.847243][ T5383] Call Trace:
[ 1711.847251][ T5383]  <TASK>
[ 1711.847260][ T5383]  dump_stack_lvl+0x16c/0x1f0
[ 1711.847293][ T5383]  lockdep_rcu_suspicious+0x166/0x260
[ 1711.847323][ T5383]  __fib6_update_sernum_upto_root+0x221/0x270
[ 1711.847355][ T5383]  fib6_ifup+0x19b/0x2a0
[ 1711.847380][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1711.847408][ T5383]  fib6_clean_node+0x2a4/0x5b0
[ 1711.847438][ T5383]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1711.847476][ T5383]  fib6_walk_continue+0x44f/0x8d0
[ 1711.847504][ T5383]  fib6_walk+0x182/0x370
[ 1711.847528][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1711.847551][ T5383]  fib6_clean_tree+0xd4/0x110
[ 1711.847574][ T5383]  ? __pfx_fib6_clean_tree+0x10/0x10
[ 1711.847602][ T5383]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1711.847627][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1711.847660][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1711.847684][ T5383]  __fib6_clean_all+0x107/0x2d0
[ 1711.847715][ T5383]  rt6_sync_up+0xc9/0x170
[ 1711.847735][ T5383]  ? __pfx_rt6_sync_up+0x10/0x10
[ 1711.847763][ T5383]  addrconf_notify+0x1709/0x19e0
[ 1711.847795][ T5383]  ? ip6mr_device_event+0x1bc/0x230
[ 1711.847833][ T5383]  notifier_call_chain+0xb9/0x410
[ 1711.847856][ T5383]  ? __pfx_addrconf_notify+0x10/0x10
[ 1711.847894][ T5383]  call_netdevice_notifiers_info+0xbe/0x140
[ 1711.847927][ T5383]  netif_state_change+0x165/0x3b0
[ 1711.847954][ T5383]  ? __pfx_netif_state_change+0x10/0x10
[ 1711.847984][ T5383]  ? netdev_master_upper_dev_get+0xd6/0x150
[ 1711.848009][ T5383]  ? do_set_master+0x1fa/0x730
[ 1711.848035][ T5383]  ? is_bpf_text_address+0x94/0x1a0
[ 1711.848059][ T5383]  do_setlink.constprop.0+0x3570/0x4380
[ 1711.848093][ T5383]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[ 1711.848128][ T5383]  ? stack_trace_save+0x8e/0xc0
[ 1711.848152][ T5383]  ? __pfx_stack_trace_save+0x10/0x10
[ 1711.848181][ T5383]  ? __lock_acquire+0xb8a/0x1c90
[ 1711.848204][ T5383]  ? find_held_lock+0x2b/0x80
[ 1711.848240][ T5383]  ? __mutex_trylock_common+0xe9/0x250
[ 1711.848267][ T5383]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1711.848294][ T5383]  ? __pfx___might_resched+0x10/0x10
[ 1711.848316][ T5383]  ? rcu_is_watching+0x12/0xc0
[ 1711.848335][ T5383]  ? trace_contention_end+0xdd/0x130
[ 1711.848360][ T5383]  ? __mutex_lock+0x1ca/0xb90
[ 1711.848384][ T5383]  ? rtnl_newlink+0x600/0x2000
[ 1711.848410][ T5383]  ? __pfx___mutex_lock+0x10/0x10
[ 1711.848431][ T5383]  ? cap_capable+0xb3/0x250
[ 1711.848463][ T5383]  ? netlink_ns_capable+0xfa/0x130
[ 1711.848493][ T5383]  rtnl_newlink+0x18e0/0x2000
[ 1711.848527][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1711.848549][ T5383]  ? find_held_lock+0x2b/0x80
[ 1711.848581][ T5383]  ? avc_has_perm_noaudit+0x117/0x3b0
[ 1711.848619][ T5383]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1711.848655][ T5383]  ? cred_has_capability.isra.0+0x193/0x2f0
[ 1711.848684][ T5383]  ? __lock_acquire+0x622/0x1c90
[ 1711.848724][ T5383]  ? find_held_lock+0x2b/0x80
[ 1711.848753][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1711.848776][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1711.848797][ T5383]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1711.848822][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1711.848847][ T5383]  rtnetlink_rcv_msg+0x95b/0xe90
[ 1711.848873][ T5383]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1711.848905][ T5383]  ? ref_tracker_free+0x37c/0x830
[ 1711.848938][ T5383]  netlink_rcv_skb+0x155/0x420
[ 1711.848966][ T5383]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1711.848992][ T5383]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1711.849031][ T5383]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1711.849064][ T5383]  netlink_unicast+0x53d/0x7f0
[ 1711.849096][ T5383]  ? __pfx_netlink_unicast+0x10/0x10
[ 1711.849148][ T5383]  netlink_sendmsg+0x8d1/0xdd0
[ 1711.849184][ T5383]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1711.849227][ T5383]  ____sys_sendmsg+0xa98/0xc70
[ 1711.849260][ T5383]  ? copy_msghdr_from_user+0x10a/0x160
[ 1711.849287][ T5383]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1711.849315][ T5383]  ? preempt_schedule_thunk+0x16/0x30
[ 1711.849349][ T5383]  ? try_to_wake_up+0xa2f/0x1680
[ 1711.849386][ T5383]  ___sys_sendmsg+0x134/0x1d0
[ 1711.849411][ T5383]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1711.849431][ T5383]  ? __lock_acquire+0x622/0x1c90
[ 1711.849490][ T5383]  __sys_sendmsg+0x16d/0x220
[ 1711.849514][ T5383]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1711.849536][ T5383]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1711.849578][ T5383]  do_syscall_64+0xcd/0x4c0
[ 1711.849605][ T5383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1711.849624][ T5383] RIP: 0033:0x7eff3658e969
[ 1711.849643][ T5383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1711.849660][ T5383] RSP: 002b:00007eff37336038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1711.849679][ T5383] RAX: ffffffffffffffda RBX: 00007eff367b5fa0 RCX: 00007eff3658e969
[ 1711.849690][ T5383] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[ 1711.849701][ T5383] RBP: 00007eff36610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1711.849713][ T5383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1711.849724][ T5383] R13: 0000000000000000 R14: 00007eff367b5fa0 R15: 00007fff40b9e4f8
[ 1711.849751][ T5383]  </TASK>
[ 1711.849799][ T5383] 
[ 1712.365482][ T5383] =============================
[ 1712.370374][ T5383] WARNING: suspicious RCU usage
[ 1712.375347][ T5383] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[ 1712.382238][ T5383] -----------------------------
[ 1712.387154][ T5383] net/ipv6/ip6_fib.c:1400 suspicious rcu_dereference_protected() usage!
[ 1712.395617][ T5383] 
[ 1712.395617][ T5383] other info that might help us debug this:
[ 1712.395617][ T5383] 
[ 1712.405949][ T5383] 
[ 1712.405949][ T5383] rcu_scheduler_active = 2, debug_locks = 1
[ 1712.414048][ T5383] 3 locks held by syz.3.4271/5383:
[ 1712.419158][ T5383]  #0: ffffffff90344628 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[ 1712.428235][ T5383]  #1: ffffffff8e5c4780 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[ 1712.437742][ T5383]  #2: ffff88806745d430 (&tb->tb6_lock){+...}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[ 1712.447242][ T5383] 
[ 1712.447242][ T5383] stack backtrace:
[ 1712.453141][ T5383] CPU: 0 UID: 0 PID: 5383 Comm: syz.3.4271 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1712.453156][ T5383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1712.453162][ T5383] Call Trace:
[ 1712.453166][ T5383]  <TASK>
[ 1712.453172][ T5383]  dump_stack_lvl+0x16c/0x1f0
[ 1712.453188][ T5383]  lockdep_rcu_suspicious+0x166/0x260
[ 1712.453204][ T5383]  __fib6_update_sernum_upto_root+0x16b/0x270
[ 1712.453220][ T5383]  fib6_ifup+0x19b/0x2a0
[ 1712.453234][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1712.453247][ T5383]  fib6_clean_node+0x2a4/0x5b0
[ 1712.453263][ T5383]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1712.453282][ T5383]  fib6_walk_continue+0x44f/0x8d0
[ 1712.453296][ T5383]  fib6_walk+0x182/0x370
[ 1712.453309][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1712.453321][ T5383]  fib6_clean_tree+0xd4/0x110
[ 1712.453333][ T5383]  ? __pfx_fib6_clean_tree+0x10/0x10
[ 1712.453347][ T5383]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1712.453361][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1712.453377][ T5383]  ? __pfx_fib6_ifup+0x10/0x10
[ 1712.453390][ T5383]  __fib6_clean_all+0x107/0x2d0
[ 1712.453405][ T5383]  rt6_sync_up+0xc9/0x170
[ 1712.453415][ T5383]  ? __pfx_rt6_sync_up+0x10/0x10
[ 1712.453429][ T5383]  addrconf_notify+0x1709/0x19e0
[ 1712.453445][ T5383]  ? ip6mr_device_event+0x1bc/0x230
[ 1712.453465][ T5383]  notifier_call_chain+0xb9/0x410
[ 1712.453477][ T5383]  ? __pfx_addrconf_notify+0x10/0x10
[ 1712.453495][ T5383]  call_netdevice_notifiers_info+0xbe/0x140
[ 1712.453513][ T5383]  netif_state_change+0x165/0x3b0
[ 1712.453528][ T5383]  ? __pfx_netif_state_change+0x10/0x10
[ 1712.453542][ T5383]  ? netdev_master_upper_dev_get+0xd6/0x150
[ 1712.453555][ T5383]  ? do_set_master+0x1fa/0x730
[ 1712.453566][ T5383]  ? is_bpf_text_address+0x94/0x1a0
[ 1712.453579][ T5383]  do_setlink.constprop.0+0x3570/0x4380
[ 1712.453596][ T5383]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[ 1712.453609][ T5383]  ? stack_trace_save+0x8e/0xc0
[ 1712.453621][ T5383]  ? __pfx_stack_trace_save+0x10/0x10
[ 1712.453632][ T5383]  ? __lock_acquire+0xb8a/0x1c90
[ 1712.453646][ T5383]  ? find_held_lock+0x2b/0x80
[ 1712.453665][ T5383]  ? __mutex_trylock_common+0xe9/0x250
[ 1712.453679][ T5383]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1712.453693][ T5383]  ? __pfx___might_resched+0x10/0x10
[ 1712.453705][ T5383]  ? rcu_is_watching+0x12/0xc0
[ 1712.453715][ T5383]  ? trace_contention_end+0xdd/0x130
[ 1712.453728][ T5383]  ? __mutex_lock+0x1ca/0xb90
[ 1712.453742][ T5383]  ? rtnl_newlink+0x600/0x2000
[ 1712.453754][ T5383]  ? __pfx___mutex_lock+0x10/0x10
[ 1712.453766][ T5383]  ? cap_capable+0xb3/0x250
[ 1712.453783][ T5383]  ? netlink_ns_capable+0xfa/0x130
[ 1712.453798][ T5383]  rtnl_newlink+0x18e0/0x2000
[ 1712.453815][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1712.453826][ T5383]  ? find_held_lock+0x2b/0x80
[ 1712.453842][ T5383]  ? avc_has_perm_noaudit+0x117/0x3b0
[ 1712.453862][ T5383]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1712.453880][ T5383]  ? cred_has_capability.isra.0+0x193/0x2f0
[ 1712.453896][ T5383]  ? __lock_acquire+0x622/0x1c90
[ 1712.453915][ T5383]  ? find_held_lock+0x2b/0x80
[ 1712.453930][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1712.453942][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1712.453953][ T5383]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1712.453965][ T5383]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1712.453978][ T5383]  rtnetlink_rcv_msg+0x95b/0xe90
[ 1712.453992][ T5383]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1712.454008][ T5383]  ? ref_tracker_free+0x37c/0x830
[ 1712.454030][ T5383]  netlink_rcv_skb+0x155/0x420
[ 1712.454044][ T5383]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1712.454061][ T5383]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1712.454080][ T5383]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1712.454096][ T5383]  netlink_unicast+0x53d/0x7f0
[ 1712.454112][ T5383]  ? __pfx_netlink_unicast+0x10/0x10
[ 1712.454130][ T5383]  netlink_sendmsg+0x8d1/0xdd0
[ 1712.454147][ T5383]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1712.454166][ T5383]  ____sys_sendmsg+0xa98/0xc70
[ 1712.454183][ T5383]  ? copy_msghdr_from_user+0x10a/0x160
[ 1712.454194][ T5383]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1712.454207][ T5383]  ? preempt_schedule_thunk+0x16/0x30
[ 1712.454223][ T5383]  ? try_to_wake_up+0xa2f/0x1680
[ 1712.454243][ T5383]  ___sys_sendmsg+0x134/0x1d0
[ 1712.454256][ T5383]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1712.454266][ T5383]  ? __lock_acquire+0x622/0x1c90
[ 1712.454295][ T5383]  __sys_sendmsg+0x16d/0x220
[ 1712.454307][ T5383]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1712.454318][ T5383]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1712.454339][ T5383]  do_syscall_64+0xcd/0x4c0
[ 1712.454353][ T5383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1712.454364][ T5383] RIP: 0033:0x7eff3658e969
[ 1712.454375][ T5383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1712.454385][ T5383] RSP: 002b:00007eff37336038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1712.454396][ T5383] RAX: ffffffffffffffda RBX: 00007eff367b5fa0 RCX: 00007eff3658e969
[ 1712.454403][ T5383] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[ 1712.454409][ T5383] RBP: 00007eff36610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1712.454415][ T5383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1712.454421][ T5383] R13: 0000000000000000 R14: 00007eff367b5fa0 R15: 00007fff40b9e4f8
[ 1712.454435][ T5383]  </TASK>
[ 1713.072061][ T5822] Bluetooth: hci0: command 0x0406 tx timeout
[ 1713.083018][ T5383] bridge_slave_0: left allmulticast mode
[ 1713.372254][ T5383] bridge_slave_0: left promiscuous mode
[ 1713.379160][ T5864] IPVS: starting estimator thread 0...
[ 1713.586888][   T24] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[ 1713.589338][ T5383] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1713.738576][ T5410] syz.6.4275: attempt to access beyond end of device
[ 1713.738576][ T5410] loop6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1713.752454][ T5410] gfs2: error -5 reading superblock
[ 1713.930630][ T5408] IPVS: using max 39 ests per chain, 93600 per kthread
[ 1713.968798][ T5383] bridge_slave_1: left allmulticast mode
[ 1714.115663][ T5383] bridge_slave_1: left promiscuous mode
[ 1714.190924][   T24] usb 4-1: device descriptor read/64, error -71
[ 1714.359077][ T5383] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1714.490934][ T5383] bond0: (slave bond_slave_0): Releasing backup interface
[ 1714.503203][ T5383] bond0: (slave bond_slave_1): Releasing backup interface
[ 1714.510644][   T24] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 1714.550376][ T5383] team0: Port device team_slave_0 removed
[ 1714.565824][ T5383] team0: Port device team_slave_1 removed
[ 1714.574163][ T5383] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1714.583104][ T5383] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1714.594476][ T5383] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1714.602138][ T5383] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1714.640555][   T24] usb 4-1: device descriptor read/64, error -71
[ 1714.753899][   T24] usb usb4-port1: attempt power cycle