last executing test programs:

39.112087607s ago: executing program 4 (id=699):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r1 = socket$rds(0x15, 0x5, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x44, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd37}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40405}, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000481000/0x1000)=nil)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="1606010800000000fe8000000000000000000000000000aafc010000000000000000000000000000fe8000000015000000000000000000aa"], 0x38)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000faeba77740f3ff2700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000540)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="6006000040000900fffffffffddbdf250100000099001f00460601"], 0x660}, 0x1, 0x0, 0x0, 0x8000}, 0x40010)
r10 = memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
execveat(r10, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r11 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r11, &(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e)

37.892711895s ago: executing program 2 (id=701):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYRESOCT=r1, @ANYRES16], &(0x7f0000000040)='syzkaller\x00', 0x480, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000140)=0x6a06, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x2)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
read$nci(r4, &(0x7f0000000a80)=""/218, 0xda)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x20000012)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0)
quotactl_fd$Q_GETQUOTA(r5, 0xffffffff80000700, 0x0, 0x0)

37.155227119s ago: executing program 2 (id=703):
r0 = fanotify_init(0xf00, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
fanotify_mark(r0, 0x105, 0x4800003a, r1, 0x0)
read$FUSE(r0, 0x0, 0x0)
r2 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRES8=r0, @ANYRES8=r0, @ANYRESHEX=r1, @ANYBLOB="df048b79c6b0a516707d43313dfe88aa3cf7f9648905e07fdf499a9e891c050fd987331b0ffc1d5810994633bf0cb16f11eef163f047cc430c7d7f4dea94f6c712447324a352f8e07bb3c26bb0b3c5242c6f2c5e340fc72a3299427c1c0cd050ce256eb4474d398489c5bd4709d64d2cfcae37401db2ac57c4f91bbda74e9fce3435a0a5e2834002d8c521c6e61f58a4b0a5af0400ed09a465fa754575a3a696bf5f36127f10b670d0b7f78c497d8bc231042ea11248d29be81352d0af82c570daf87e763791a8125b5309444a4e6d3bdb533ef8a12fc107a3d5109af34d63f053e0", @ANYRES8=r0, @ANYRESDEC=r0, @ANYBLOB="94c4aacb53fdb3f5b215260bd37cce19bd2d77d01b239d02d8bf04f171dfeabad79c9871b1f663e9d61b081dabfe62949b5c7d999bf8f3364ee7f3199e549789199b9813aaecfa21a869016d96b84ac58cd755ccf4996c261a8e2ded27791d815d5b6fb3c93cd323068b762b1817664422c7d173cdc38c910cc0874b5e7d5cdd238cd666efcc419078c5ad6a89899401fcf4aebc2ec7cbf552056a0c94c7c0026ec00630bc5dbe", @ANYRESDEC=r1], 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x1ae7, 0x9001, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xd, 0xb0, 0x30, [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x3, 0x1, 0x3, 0x6, {0x9, 0x21, 0x1, 0x4, 0x1, {0x22, 0x8bc}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x8, 0x9, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @loopback}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x85, &(0x7f00000004c0)={r5, @in={{0x2, 0xfffe, @empty}}, 0x0, 0x8000}, 0x90)
syz_usb_control_io(r2, 0x0, 0x0)
capset(&(0x7f0000000880)={0x20080522}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x7, 0x7})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket$inet6(0xa, 0x3, 0x9)
connect$inet6(r6, &(0x7f0000000300)={0xa, 0x4e20, 0x10, @local, 0x101}, 0x18)

34.212248546s ago: executing program 4 (id=708):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000dc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x4c, &(0x7f0000000300), 0xd)
write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[], 0x78)
socket$inet_dccp(0x2, 0x6, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/8, 0xc}}], 0x4b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

33.336132283s ago: executing program 2 (id=710):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtaction={0x44, 0x32, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}, 0x1, 0x500}, 0x0) (fail_nth: 6)

31.641921194s ago: executing program 2 (id=711):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9a, 0x71, 0xfa, 0x10, 0x930, 0x227, 0x345e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xb6, 0x0, 0x0, 0x17, 0xc1, 0x87}}]}}]}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x2, {0x1}}, 0x18)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000600)="ec0811d2dc7b4b6e", 0x8}], 0x1}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r1)
socket(0x200000000000011, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x428000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@getchain={0x5c, 0x66, 0x800, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0x7, 0x2}, {0x5, 0x9}}, [{0x8, 0xb, 0x5}, {0x8}, {0x8, 0xb, 0x20007998}, {0x8, 0xb, 0x8000}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x3c}, {0x8, 0xb, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2000c001}, 0x24008085)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x8)
socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)

31.34333775s ago: executing program 4 (id=713):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYRESOCT=r0, @ANYRES16], &(0x7f0000000040)='syzkaller\x00', 0x480, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000140)=0x6a06, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x2)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
read$nci(r3, &(0x7f0000000a80)=""/218, 0xda)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x20000012)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0)
quotactl_fd$Q_GETQUOTA(r4, 0xffffffff80000700, 0x0, 0x0)

29.085774656s ago: executing program 4 (id=717):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x101002) (async)
prlimit64(0x0, 0x7, &(0x7f0000000000)={0x7, 0x6}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) (async)
sched_setaffinity(0x0, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getpgid(0xffffffffffffffff) (async)
mkdirat(0xffffffffffffff9c, 0x0, 0x0) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000), 0x0)
unshare(0x44040000)
r2 = fcntl$dupfd(r0, 0x0, r0) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x9) (async, rerun: 64)
r4 = syz_io_uring_setup(0x16c2, &(0x7f0000000480)={0x0, 0xbd12, 0x10100, 0x1, 0x327}, &(0x7f0000000300)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0) (async, rerun: 64)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3}) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) (async)
io_uring_enter(r4, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (async)
write$sndseq(r2, &(0x7f0000000180)=[{0x6, 0x6, 0x1, 0x2, @time={0x8, 0x4}, {0x9, 0x1}, {0x7c, 0xff}, @quote={{0x1, 0x2}, 0x4}}, {0xb, 0x2, 0xde, 0xb, @tick=0x2, {0x38, 0xe7}, {0x7, 0x1}, @result={0x81, 0x10001}}], 0x38) (async, rerun: 64)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000100)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x2, 0x0, 0x0}, 0x0, 0x0, 0x600, 0x4, 0x0, 0x0}) (rerun: 64)

28.079745708s ago: executing program 2 (id=719):
r0 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @private0={0xfc, 0x0, '\x00', 0x3}, 0x2}, 0x1c) (async)
setsockopt$sock_int(r1, 0x1, 0xf, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(0x0, 0x5, &(0x7f0000000200)=0x3) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x8a, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) (async)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) (async)
socket$nl_crypto(0x10, 0x3, 0x15) (async)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1a, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) (async)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) (async)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000240)={'filter\x00', 0x0, [0x1003, 0x8, 0x1, 0x0, 0x80000000]}, &(0x7f0000000300)=0x54) (async)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c6673634c6368656d617073002c005f007a2fc7515d0a8862bcb34476dffb799fcb86811048350d35d4a128032e7e02502adcdaa16ffd57d7bb6a6c101e21ebf64841d4a7d30324860d72b7546bbff5b076ec57afe252ae6158d862a573e56b0f245d590ff3c13b1114cb84101992813ab84f07ba916c6ff10ba0987bd54e5e4ebc8b8fb8e7a5f2cfa8b113acc0784a7c6e4fd8c264eaf2d057ad4aa30c23b4670cdeb03fac02285c67b478f64cd7602463f074c7d3e282a28705da699c990e9b030341439fa2000000"]) (async)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f00000000c0)=0x77, 0x4) (async)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r5, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f00000026c0)={0x20, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0x20}}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
syz_open_dev$loop(&(0x7f0000001040), 0x80000001, 0x141082)

26.156052508s ago: executing program 1 (id=725):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x6, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000100007b8af8ff000000174d9db234c5277504c5275132b500bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000085000000a000000095006a59bafd132977a12524000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="2fc18a18c7c1eea22b1ff0e0d4f181a4eb697025036c4fb5bed85838f43e46fc57a5e1c8834530060d2a89e65415830086501fb38fe7d0eab8fb3bd410101f6c487b709fb241745f1fb7c93c5e8559abfbab", @ANYRES32=0x0, @ANYBLOB="ff6a08629c70ade809f794e06cf625d78a95dc457705b73fecfcb201484745f75a62bca5f6652a3213fedc6376c486efe832b5ae07bb056b4405c0dea77cff26ff09006ea9", @ANYRESHEX=r1, @ANYRESHEX=r1], 0x50)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0xe5, 0x4)
listen(r3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000840)={r2, &(0x7f0000000080), &(0x7f0000000800)=@tcp=r3}, 0x20)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, 0x0, 0x0)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0x40000000169e81, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, 0x0)
shutdown(r4, 0x2)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r10 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r11 = add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b041bfc026dc41fb9b9761a1b44dac894f365ae68edf335abf35ebc3d67518d34fec500", 0x3a, r10)
keyctl$revoke(0x3, r11)
keyctl$search(0xa, r10, &(0x7f0000000400)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1, 0x2e}, 0xffffffffffffffff)
sendmsg$rds(r9, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000016c0)=[@rdma_dest={0x18, 0x114, 0x2, {0x275, 0x5}}, @rdma_args={0x48, 0x114, 0x1, {{0x6, 0x4}, {0x0}, 0x0, 0x0, 0x1, 0x10000}}], 0x60, 0x8004}, 0x0)

23.990870716s ago: executing program 0 (id=727):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a060000009cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bd", 0x120}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x11, 0x29, 0x2}}, @ip_tos_u8={{0x11}}], 0x48}, 0x0)

23.799997638s ago: executing program 1 (id=728):
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x400454a4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x6)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000001540)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000000)=0x60, 0x4)
r7 = dup(r6)
read$FUSE(r7, &(0x7f0000001640)={0x2020}, 0x5d8)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r8 = openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
mount$fuseblk(&(0x7f0000000080), &(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x46, &(0x7f0000000400)={{'fd', 0x3d, r9}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r10}})
getsockopt$TIPC_NODE_RECVQ_DEPTH(r8, 0x10f, 0x83, &(0x7f0000000280), &(0x7f0000000300)=0x4)

23.759421644s ago: executing program 0 (id=729):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000400)={'filter\x00', 0x7, 0x4, 0x3f8, 0x200, 0x200, 0xf0, 0x310, 0x310, 0x310, 0x4, &(0x7f0000000000), {[{{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfffffffc, 0x6, 0x6}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="f47ad38fb787", @mac, @loopback, @broadcast, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x448)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtaction={0x68, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}, @TCA_IFE_TYPE={0x6, 0x5, 0x40}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x500}, 0x0)

21.999952727s ago: executing program 1 (id=731):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000007c0)={{0x12, 0x1, 0x0, 0xc4, 0xb2, 0x7, 0x10, 0xe20, 0x101, 0x7a5a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x2e, 0x6d, 0xa, 0x0, [], [{{0x9, 0x5, 0x7}}]}}]}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r4, &(0x7f0000000100)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
stat(&(0x7f0000001280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
rt_sigtimedwait(&(0x7f0000000680), 0x0, 0xffffffffffffffff, 0x8)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, &(0x7f0000000000)={0x40, 0x21, 0x83, {0x83, 0x0, "0d0179f4c67a5f521b1e1d474af5fcef8a8168c090a1ec2e50e972ce5a3cbf2988976a379581fa6d143a50604322fc3d4f328ca796e6d30be2af76caf3d3bebbde611c569288b60e3ab28feab891529bf3c0ad15a6469c59ab8ffa38a61323ea2c66b126de01cb66c1e0649c265bad80d7b685a91e7ad213ee933fd1df6607fb17"}}, &(0x7f00000000c0)={0x0, 0x3, 0x83, @string={0x83, 0x3, "87110efc9f817ac01bc79b74ddbb26d2e01f9dcd6ac5ab337fd29e4f3810fcc73bd658587a38b93f0e685fb68ffab868544ba8cde5fce6a0329df23d6111ed48fd77c1566f4a52a0f8d47d10117732803ca8e10f0438dfc5e363096612841f304f8ccfaa1cc6cd3c8b1ffc2e30353c08ea95afb6a337680e050eef212281dd371d"}}, &(0x7f0000000180)={0x0, 0xf, 0x4d, {0x5, 0xf, 0x4d, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0xb9, 0x0, 0x62d9}, @ssp_cap={0x20, 0x10, 0xa, 0x0, 0x5, 0xc, 0xf0f, 0x8, [0x0, 0xff3fcf, 0xc000, 0xcf, 0x3f00]}, @ext_cap={0x7, 0x10, 0x2, 0x1e, 0x8, 0x0, 0x7}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x7, 0x7, 0x6}, @ssp_cap={0x10, 0x10, 0xa, 0x1, 0x1, 0x4, 0xf, 0x80, [0xc0]}]}}, &(0x7f0000000200)={0x20, 0x29, 0xf, {0xf, 0x29, 0x56, 0x8, 0x9, 0x49, "bad939e7", "51d15ba1"}}, &(0x7f0000000240)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x0, 0x6, 0x2, 0x6, 0x7, 0xffff}}}, &(0x7f00000006c0)={0x84, &(0x7f00000002c0)={0x20, 0x17, 0x21, "ea107ab376fd221822585bb3d03a00f1b6d5c12d4c2b860b6834adce3d2367a9f5"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x34}, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000380)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f00000003c0)={0x20, 0x0, 0x4, {0x0, 0x20}}, &(0x7f0000000400)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000440)={0x40, 0x9, 0x1, 0x85}, &(0x7f0000000480)={0x40, 0xb, 0x2, "50f3"}, &(0x7f00000004c0)={0x40, 0xf, 0x2}, &(0x7f0000000500)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f0000000540)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000000580)={0x40, 0x19, 0x2, "9fea"}, &(0x7f00000005c0)={0x40, 0x1a, 0x2, 0x5}, &(0x7f0000000600)={0x40, 0x1c, 0x1, 0x7f}, &(0x7f0000000640)={0x40, 0x1e, 0x1, 0x8d}, &(0x7f0000000680)={0x40, 0x21, 0x1, 0x10}})

21.999648362s ago: executing program 0 (id=732):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtaction={0x44, 0x32, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}, 0x1, 0x500}, 0x0) (fail_nth: 8)

21.61381405s ago: executing program 2 (id=733):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, &(0x7f0000000680)={0x2, @sliced={0x5, [0x7, 0x809e, 0x2, 0xfff8, 0x6, 0x200, 0x5, 0xd, 0x7ff, 0x6, 0x2, 0x9, 0x5, 0xd, 0x6, 0xb, 0x6, 0x9, 0x0, 0x0, 0x8000, 0x757, 0x1, 0x6, 0x800, 0x6400, 0xc, 0x2, 0x9, 0x2c7e, 0x38, 0xb3e6, 0x1ff, 0x3, 0x76fd, 0x0, 0xb830, 0x9, 0x714, 0x3, 0xfdbc, 0x4, 0x9, 0x101, 0x6, 0x1, 0xfeff, 0x80], 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f0000002540)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
fgetxattr(0xffffffffffffffff, &(0x7f0000000040)=@known='security.selinux\x00', 0x0, 0x0)
shmat(r6, &(0x7f0000ff9000/0x1000)=nil, 0x7000)
shmdt(0x0)
write$RDMA_USER_CM_CMD_REJECT(0xffffffffffffffff, &(0x7f0000000480)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x0, "72eeff", "129b1a32465f5daf7b77a1e055dd0d7bc184a65733a730d7c4655959b63929d0e95401d7c475bca09a6917672d5e9d4373615569f16fd5b58156836ea3acb5fda7aa0c4e9d4b2aa08fcd8f16e20fa7f58fb9a73c136591545474559bbbd979d8764e33c36a155a8494838195f2f45570d32211aed355c87b8e084928aabd4b47599431a58a68f88c2bdb8cbce8f875ad2edf3309d3d37c5bab659b044b2ff54e7d12412e6769b5589a38652cf6ffcdc81b91f6147c6839490607b7f02a385b3ca5ff8321725537af28056182589d7a27e0b172c2169beaa8e678e8e8310c3c350b3ee448e3dab69e6ac964d65a2ce5dcad096933ffac61ffff4e1a8bdf55962a"}}, 0x110)
r7 = socket(0x10, 0x80002, 0x0)
sendmmsg(r7, 0x0, 0x0, 0x4000001)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00'}, 0x2c)
write(r1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000e00)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x268, 0x311, 0x0, 0x268, 0x3f0, 0x460, 0x460, 0x3f0, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x288, 0x2b0, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x7f800000000000, 0x0, 0x0, 0x80, 0x5, 0x9}}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @private2, @remote, [], [], [], 0x0, 0x7863}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xd8, 0x140, 0xe4030000, {}, [@common=@unspec=@realm={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)

21.310442751s ago: executing program 32 (id=733):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, &(0x7f0000000680)={0x2, @sliced={0x5, [0x7, 0x809e, 0x2, 0xfff8, 0x6, 0x200, 0x5, 0xd, 0x7ff, 0x6, 0x2, 0x9, 0x5, 0xd, 0x6, 0xb, 0x6, 0x9, 0x0, 0x0, 0x8000, 0x757, 0x1, 0x6, 0x800, 0x6400, 0xc, 0x2, 0x9, 0x2c7e, 0x38, 0xb3e6, 0x1ff, 0x3, 0x76fd, 0x0, 0xb830, 0x9, 0x714, 0x3, 0xfdbc, 0x4, 0x9, 0x101, 0x6, 0x1, 0xfeff, 0x80], 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f0000002540)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
fgetxattr(0xffffffffffffffff, &(0x7f0000000040)=@known='security.selinux\x00', 0x0, 0x0)
shmat(r6, &(0x7f0000ff9000/0x1000)=nil, 0x7000)
shmdt(0x0)
write$RDMA_USER_CM_CMD_REJECT(0xffffffffffffffff, &(0x7f0000000480)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x0, "72eeff", "129b1a32465f5daf7b77a1e055dd0d7bc184a65733a730d7c4655959b63929d0e95401d7c475bca09a6917672d5e9d4373615569f16fd5b58156836ea3acb5fda7aa0c4e9d4b2aa08fcd8f16e20fa7f58fb9a73c136591545474559bbbd979d8764e33c36a155a8494838195f2f45570d32211aed355c87b8e084928aabd4b47599431a58a68f88c2bdb8cbce8f875ad2edf3309d3d37c5bab659b044b2ff54e7d12412e6769b5589a38652cf6ffcdc81b91f6147c6839490607b7f02a385b3ca5ff8321725537af28056182589d7a27e0b172c2169beaa8e678e8e8310c3c350b3ee448e3dab69e6ac964d65a2ce5dcad096933ffac61ffff4e1a8bdf55962a"}}, 0x110)
r7 = socket(0x10, 0x80002, 0x0)
sendmmsg(r7, 0x0, 0x0, 0x4000001)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00'}, 0x2c)
write(r1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000e00)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x268, 0x311, 0x0, 0x268, 0x3f0, 0x460, 0x460, 0x3f0, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x288, 0x2b0, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x7f800000000000, 0x0, 0x0, 0x80, 0x5, 0x9}}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @private2, @remote, [], [], [], 0x0, 0x7863}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xd8, 0x140, 0xe4030000, {}, [@common=@unspec=@realm={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)

21.220210757s ago: executing program 0 (id=736):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000dc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x4c, &(0x7f0000000300), 0xd)
write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[], 0x78)
socket$inet_dccp(0x2, 0x6, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/8, 0xc}}], 0x4b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

19.542732478s ago: executing program 0 (id=737):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x1d, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r6 = syz_clone(0x8000, &(0x7f0000000240)="4e0d0d5ad58a3810d6d31fb09d780dfabdeebb8d30b905ba8c9cf1868ec33721700914", 0x23, &(0x7f0000000280), &(0x7f0000000340), &(0x7f00000003c0)="dbbb821f47fa1d9a258fa978c09fe6824303327d194464d587454c162fb5cfed0aff031a7865550a0d6beac3a021a6f1b57bfea8a962b0cab6e85928e641c2b7d052e06ac1ef78aebbd8428554c0914fca6f4c57adf384d7becc268e615ce913caa70abb52706dc2a8149931f1c6c1e7cb393398b1f59e1551")
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000013c0)=@newlink={0x1b8, 0x10, 0x200, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_BROADCAST={0xa, 0x2, @multicast}, @IFLA_MASTER={0x8, 0xa, r5}, @IFLA_GROUP={0x8, 0x1b, 0xa}, @IFLA_PORT_SELF={0x38, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "0e5e43c5c48856464e8261fdd78eef4d"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x2}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x23}, @IFLA_PORT_PROFILE={0x5, 0x2, '\x00'}, @IFLA_PORT_VF={0x8, 0x1, 0x81}]}, @IFLA_WEIGHT={0x8, 0xf, 0x8001}, @IFLA_NET_NS_PID={0x8, 0x13, r6}, @IFLA_PROP_LIST={0x90, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bridge_slave_1\x00'}, {0x14, 0x35, 'veth1_vlan\x00'}, {0x14, 0x35, 'veth0_vlan\x00'}, {0x14, 0x35, 'wg2\x00'}, {0x14, 0x35, 'ip6tnl0\x00'}, {0x14, 0x35, 'veth0_virt_wifi\x00'}, {0x14, 0x35, 'veth0_vlan\x00'}]}, @IFLA_MTU={0x8, 0x4, 0x3976}, @IFLA_PORT_SELF={0x74, 0x19, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x9}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x9}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x7b}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "34951855b94be3bfab0a0f1c1f799e34"}, @IFLA_PORT_VF={0x8, 0x1, 0x2}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_1\x00'}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_1\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5d57832e0f1c032aeaed4b3bd36ea7b1"}]}, @IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'rose0\x00'}]}, @IFLA_OPERSTATE={0x5, 0x10, 0x1}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0xfffffffa}]}, 0x1b8}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'veth0_virt_wifi\x00'})
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r9, 0x0, 0xffffffffffffffff}, 0x18)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x84}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r11 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r11, 0xc0106401, &(0x7f0000000140)={0x0, 0xffffffffffffffff})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0xffffff1f, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4a119}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @rand_addr=0x64010100}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x40810}, 0x0)

18.376150443s ago: executing program 1 (id=739):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58)
socket$unix(0x1, 0x2, 0x0)
accept$alg(r0, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
socket$igmp(0x2, 0x3, 0x2)
accept4(r1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r3 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161)
sendmsg$inet(r3, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28f0700, 0x8, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@ra={0x94, 0x4}, @timestamp={0x44, 0x10, 0x88, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}, @ip_tos_u8={{0x11, 0x3000000}}], 0x98}, 0xe000)

18.181652533s ago: executing program 4 (id=740):
pipe2(&(0x7f0000000040), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sync()
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/tty/drivers\x00', 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100)=0x3)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000240)=@attr_pmu_init)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
clock_gettime(0x3, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r4 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/smackfs/access\x00', 0x2, 0x0)
write$smackfs_access(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="00432c257d275d6752f4a0272e7b405e3a262077786c00"], 0x17)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0)
getxattr(0x0, 0x0, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2040, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85513, &(0x7f0000000b00)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x400000, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8838, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x3, 0x800000000000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]})
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000004c0), &(0x7f0000000380)=0xc)

18.123375511s ago: executing program 3 (id=741):
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x400454a4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x6)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000001540)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000000)=0x60, 0x4)
r7 = dup(r6)
read$FUSE(r7, &(0x7f0000001640)={0x2020}, 0xb90)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r8 = openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
mount$fuseblk(&(0x7f0000000080), &(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x46, &(0x7f0000000400)={{'fd', 0x3d, r9}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r10}})
getsockopt$TIPC_NODE_RECVQ_DEPTH(r8, 0x10f, 0x83, &(0x7f0000000280), &(0x7f0000000300)=0x4)

17.884094249s ago: executing program 1 (id=742):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x1, 0xd}}, './file0\x00'})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000180)=0x4) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r3, 0x0, 0x0}, 0x10) (async)
write$eventfd(r3, &(0x7f0000000140)=0x76, 0x8) (async)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000040)=ANY=[@ANYBLOB="05000000000000000000000000000000000000000000000000000000cf00000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000001000000fbffffff0000000009000000010000000100008008000000000000000000000000000000000000c0040000000100000005000000030000007f0000000400000000000026f7c7131300000000"])

16.906134015s ago: executing program 3 (id=743):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x6c}, {0x6, 0x0, 0x2, 0x7ffffdbd}]})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
fsetxattr$smack_xattr_label(r0, &(0x7f0000000380)='security.SMACK64IPIN\x00', &(0x7f0000000280)={'[&/(+&'}, 0x7, 0x0)
r1 = gettid()
process_vm_readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/179, 0xb3}, {&(0x7f0000000180)=""/101, 0x65}], 0x2, &(0x7f00000003c0)=[{&(0x7f0000000200)=""/65, 0x41}, {&(0x7f0000000280)=""/202, 0xca}, {&(0x7f0000000380)=""/59, 0x3b}], 0x3, 0x0)

16.477466379s ago: executing program 3 (id=744):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$ptp(r0, &(0x7f0000000140)=""/205, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
r5 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r5, 0x541b, 0x0)
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1008000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r2, 0x4373f835243b3666, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x74}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x810)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r6}, 0x38)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

15.812255865s ago: executing program 1 (id=745):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtaction={0x44, 0x32, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}, 0x1, 0x500}, 0x0) (fail_nth: 9)

15.647559043s ago: executing program 0 (id=746):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0xfffffffffffffca3, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000200)=@mmap={0x7, 0x3, 0x4, 0x0, 0x3fffc, {0x77359400}, {0x5, 0x0, 0x81, 0x9, 0x7f, 0x8, "14f31d90"}, 0x101, 0x1, {}, 0x6f})
ioprio_set$pid(0x0, 0x0, 0x2007)
mount$afs(&(0x7f0000000040)=ANY=[@ANYBLOB='#/yz1:'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[])
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x33, 0x5, 0x20000a2e, 0x0, 0x0, 0x3, 0x2000000, 0x0, 0x3000000}})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000140)={0x3, 0x8000000, 0x3})
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='0.0:\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000001000000000000000000000071120d000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

15.566759462s ago: executing program 3 (id=747):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1b, 0x35, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x4}}, @tail_call, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x215}}, @tail_call, @alu={0x7, 0x1, 0xd, 0x4, 0xa, 0xfffffffffffffff0, 0x10}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @map_val={0x18, 0x6, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='syzkaller\x00', 0x9, 0x16, &(0x7f0000000080)=""/22, 0x1f00, 0x35, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100)={0x5, 0x10, 0xf6, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000140)=[{0x2, 0x1, 0x3, 0x1}, {0x1, 0x3, 0x1}], 0x10, 0x6, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000003000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61141800000000001d430000000000007a0a00fe00581c1f6114300000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c00000000b479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed69458f1fece5ef27fd5909c29801a049c13a11654d8fbff0d0f0cd208239cda84b054623f947157911eeea336fbf28adb88e986e23f4f5ea98f25d3b8fdcbb330419c97e25aaa87067eb9d1d4a39c839543970ca627cd24b62cc45d98a03681f750d01c12e94"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8, 0x10, &(0x7f00000000c0), 0x10, 0xffffffffffffffff, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

15.012215924s ago: executing program 3 (id=748):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006620000000000000180000000000ffd000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xe, &(0x7f0000000340)=""/222, 0x0, 0x1e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

14.532946033s ago: executing program 3 (id=749):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x401, 0x0, 0x25dfdbfb}, 0x20}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="11000000040000000400000005"], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f0000000540), &(0x7f0000000000)=""/7, 0x2}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r2}, 0x57)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x0, 0x9, 0x1, 0x7c, 0xffffffffffffffff}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, r4, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040)
r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000004880), 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000040), 0x6, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_io_uring_setup(0x110, &(0x7f00000000c0), &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
io_uring_register$IORING_REGISTER_FILES(r8, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)=[0xffffffffffffffff], 0x1})
io_uring_enter(r8, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r11, 0x4008ae9c, &(0x7f0000000000)={0x13, 0x4})
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009202"])
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x80489439, &(0x7f00000048c0))

14.206499289s ago: executing program 4 (id=750):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0)={0x0, r0}, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffa3, 0x21, 0x0, 0x0, 0x19a64624e5241132, 0x0, 0x4}, 0xb)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r5, &(0x7f00000001c0)={0x2c, 0x20}, 0x2a)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000040)=0x100, 0x4)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = dup3(r6, r7, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000080)={&(0x7f0000000180), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x9, 0x2, {0x8000}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYRES64=r2, @ANYRESOCT=r10, @ANYRES64=r8, @ANYRES32=r9], 0x30}, 0x1, 0x0, 0x0, 0x45}, 0x4000811)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000400000000000000000085000000610000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r11, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r13, &(0x7f0000000040)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r13, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r12, 0x6, 0x1f, &(0x7f0000000240), 0x4)
setsockopt$inet6_tcp_int(r12, 0x6, 0x1b, &(0x7f0000000180)=0x9, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x3}, 0x20004004)
ioctl$KVM_SET_NR_MMU_PAGES(0xffffffffffffffff, 0xae44, 0x3)

0s ago: executing program 33 (id=746):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0xfffffffffffffca3, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000200)=@mmap={0x7, 0x3, 0x4, 0x0, 0x3fffc, {0x77359400}, {0x5, 0x0, 0x81, 0x9, 0x7f, 0x8, "14f31d90"}, 0x101, 0x1, {}, 0x6f})
ioprio_set$pid(0x0, 0x0, 0x2007)
mount$afs(&(0x7f0000000040)=ANY=[@ANYBLOB='#/yz1:'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[])
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x33, 0x5, 0x20000a2e, 0x0, 0x0, 0x3, 0x2000000, 0x0, 0x3000000}})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000140)={0x3, 0x8000000, 0x3})
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='0.0:\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000001000000000000000000000071120d000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

110][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.397655][   T48] usb 2-1: Product: syz
[  158.514208][   T48] usb 2-1: Manufacturer: syz
[  158.552416][    T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  158.645739][   T48] usb 2-1: SerialNumber: syz
[  158.731911][    T8] usb 4-1: Using ep0 maxpacket: 32
[  158.792720][    T8] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  158.879565][ T5910] usb 3-1: USB disconnect, device number 4
[  159.116744][   T48] r8152-cfgselector 2-1: Unknown version 0x0000
[  159.151043][   T48] r8152-cfgselector 2-1: config 0 descriptor??
[  159.194870][   T48] r8152-cfgselector 2-1: can't set config #0, error -71
[  159.271599][   T48] r8152-cfgselector 2-1: USB disconnect, device number 10
[  159.548891][    T8] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  159.682426][    T8] usb 4-1: string descriptor 0 read error: -71
[  159.688738][    T8] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  159.748789][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.752706][    T8] usb 4-1: can't set config #1, error -71
[  159.753937][    T8] usb 4-1: USB disconnect, device number 6
[  159.873534][ T6690] lo: entered allmulticast mode
[  161.477335][ T6680] lo: left allmulticast mode
[  161.593007][    T9] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  162.169359][    T9] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  162.200978][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.209065][    T9] usb 4-1: Product: syz
[  163.218728][    T9] usb 4-1: Manufacturer: syz
[  163.229311][    T9] usb 4-1: SerialNumber: syz
[  163.239785][    T9] usb 4-1: config 0 descriptor??
[  164.460801][    T9] usb 4-1: can't set config #0, error -71
[  164.491936][    T9] usb 4-1: USB disconnect, device number 7
[  164.920785][   T29] audit: type=1326 audit(1738578545.359:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.267919][   T29] audit: type=1326 audit(1738578545.359:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.377660][ T6741] IPVS: Error connecting to the multicast addr
[  165.396620][   T29] audit: type=1326 audit(1738578545.369:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.447228][   T29] audit: type=1326 audit(1738578545.409:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.522583][   T29] audit: type=1326 audit(1738578545.409:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.645115][   T29] audit: type=1326 audit(1738578545.419:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.708265][   T29] audit: type=1326 audit(1738578545.419:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  165.733249][   T29] audit: type=1326 audit(1738578545.429:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  166.745221][   T29] audit: type=1326 audit(1738578545.429:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2faf78b710 code=0x7ffc0000
[  166.767590][   T29] audit: type=1326 audit(1738578545.439:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6725 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2faf78b710 code=0x7ffc0000
[  166.930973][ T6753] overlay: Unknown parameter 'subj_role'
[  167.871646][ T6761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.212'.
[  167.897894][ T6761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.212'.
[  168.204647][ T6765] netlink: 16 bytes leftover after parsing attributes in process `syz.3.215'.
[  169.915084][    T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  170.596668][    T9] usb 2-1: Using ep0 maxpacket: 16
[  170.620246][    T9] usb 2-1: config 0 has an invalid interface number: 182 but max is 0
[  170.651056][    T9] usb 2-1: config 0 has no interface number 0
[  170.662370][    T9] usb 2-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  170.687196][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.705927][    T9] usb 2-1: Product: syz
[  170.710656][    T9] usb 2-1: Manufacturer: syz
[  170.720004][    T9] usb 2-1: SerialNumber: syz
[  170.949404][    T9] usb 2-1: config 0 descriptor??
[  171.003161][    T9] usb 2-1: can't set config #0, error -71
[  171.054398][    T9] usb 2-1: USB disconnect, device number 11
[  171.128401][ T6793] netlink: 20 bytes leftover after parsing attributes in process `syz.1.224'.
[  177.660713][ T6851] netlink: 12 bytes leftover after parsing attributes in process `syz.1.230'.
[  181.454201][  T975] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  181.626991][ T6884] process 'syz.1.247' launched './file2' with NULL argv: empty string added
[  181.701196][  T975] usb 3-1: Using ep0 maxpacket: 16
[  181.722129][  T975] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  181.759739][  T975] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  181.781534][  T975] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  181.871096][  T975] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  181.901008][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.909360][  T975] usb 3-1: Product: syz
[  182.008341][  T975] usb 3-1: Manufacturer: syz
[  182.052200][  T975] usb 3-1: SerialNumber: syz
[  182.428134][  T975] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  182.674928][  T975] usb 3-1: USB disconnect, device number 5
[  183.432768][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  184.285542][  T975] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  184.989440][  T975] usb 5-1: config 0 has an invalid interface number: 156 but max is 1
[  185.040703][  T975] usb 5-1: config 0 has no interface number 1
[  185.051738][  T975] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  185.086293][  T975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.107166][ T6929] warning: `syz.2.260' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  185.132336][  T975] usb 5-1: config 0 descriptor??
[  185.154445][  T975] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  185.174773][  T975] usb 5-1: MIDIStreaming interface descriptor not found
[  185.274948][  T975] gspca_main: spca561-2.14.0 probing abcd:cdee
[  185.398682][  T975] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  185.471320][ T5881] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  185.621871][  T975] usb 5-1: USB disconnect, device number 3
[  185.743723][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  185.812536][ T5881] usb 3-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  185.920823][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.053085][ T5881] usb 3-1: config 0 descriptor??
[  186.232424][ T6044] udevd[6044]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  186.359539][ T6946] ip6gretap1: entered promiscuous mode
[  186.394554][ T6929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.397594][ T6946] ip6gretap1: entered allmulticast mode
[  186.427845][ T6929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.493066][ T6957] delete_channel: no stack
[  186.506194][ T6948] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input10
[  186.682621][ T5881] usb 3-1: USB disconnect, device number 6
[  186.946992][ T6969] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-tlb(5)
[  188.897174][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  188.897196][   T29] audit: type=1326 audit(1738578569.449:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6973 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  189.020664][   T29] audit: type=1326 audit(1738578569.499:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6973 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  189.071110][   T29] audit: type=1326 audit(1738578569.499:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6973 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  190.182893][ T6947] syz.4.265 (6947) used greatest stack depth: 17584 bytes left
[  190.386751][ T5881] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  190.531178][ T6989] netlink: 44 bytes leftover after parsing attributes in process `syz.4.277'.
[  190.604820][    T8] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  190.691053][ T5881] usb 2-1: Using ep0 maxpacket: 16
[  190.806277][ T5881] usb 2-1: config 0 has no interfaces?
[  190.862172][ T5881] usb 2-1: New USB device found, idVendor=05ac, idProduct=1226, bcdDevice=b2.89
[  190.914250][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.925784][ T5881] usb 2-1: Product: syz
[  190.930023][ T5881] usb 2-1: Manufacturer: syz
[  190.943665][ T5881] usb 2-1: SerialNumber: syz
[  190.982359][    T8] usb 4-1: Using ep0 maxpacket: 32
[  191.095803][ T5881] apple-mfi-fastcharge 2-1: config 0 descriptor??
[  191.105870][    T8] usb 4-1: config 0 has an invalid interface number: 61 but max is 0
[  191.119524][    T8] usb 4-1: config 0 has no interface number 0
[  191.195146][    T8] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  191.214680][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.236224][    T8] usb 4-1: Product: syz
[  191.240468][    T8] usb 4-1: Manufacturer: syz
[  191.287711][    T8] usb 4-1: SerialNumber: syz
[  191.311541][    T8] usb 4-1: config 0 descriptor??
[  191.472766][    T8] viperboard 4-1:0.61: version 0.00 found at bus 004 address 008
[  192.255034][ T5910] apple-mfi-fastcharge 2-1: USB disconnect, device number 12
[  192.343163][    T8] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  192.352555][    T8] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  192.627744][ T5910] usb 4-1: USB disconnect, device number 8
[  193.220092][ T7014] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-tlb(5)
[  193.621708][   T29] audit: type=1326 audit(1738578574.169:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  193.685177][   T29] audit: type=1326 audit(1738578574.169:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  193.719468][   T29] audit: type=1326 audit(1738578574.169:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  193.851989][   T29] audit: type=1326 audit(1738578574.179:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  193.910120][   T29] audit: type=1326 audit(1738578574.179:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  193.939336][   T29] audit: type=1326 audit(1738578574.299:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  194.206416][   T29] audit: type=1326 audit(1738578574.299:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7020 comm="syz.3.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  194.228625][   T29] audit: type=1326 audit(1738578574.299:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7022 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  194.330019][ T7031] capability: warning: `syz.1.287' uses 32-bit capabilities (legacy support in use)
[  195.038907][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  195.053930][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  195.223497][   T29] audit: type=1326 audit(1738578574.299:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7022 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  195.245693][   T29] audit: type=1326 audit(1738578574.299:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7022 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  196.023042][   T29] audit: type=1326 audit(1738578574.299:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7022 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  196.301065][ T5927] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  196.309077][ T5881] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  196.514546][ T5927] usb 5-1: Using ep0 maxpacket: 16
[  196.519874][ T5881] usb 4-1: Using ep0 maxpacket: 32
[  196.562667][ T5927] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  196.600895][ T5881] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  196.639756][ T5927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  196.680726][ T5881] usb 4-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00
[  196.700785][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.713137][ T5927] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  196.731740][ T5881] usb 4-1: config 0 descriptor??
[  196.736966][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.769246][ T5927] usb 5-1: Product: syz
[  196.787359][ T5927] usb 5-1: Manufacturer: syz
[  196.797834][ T5927] usb 5-1: SerialNumber: syz
[  196.819386][ T5927] usb 5-1: config 0 descriptor??
[  196.878288][ T5927] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  196.922752][ T5927] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  198.045836][ T5927] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  198.054845][ T5881] holtek_mouse 0003:04D9:A072.0003: global environment stack underflow
[  198.063485][ T5881] holtek_mouse 0003:04D9:A072.0003: item 0 1 1 11 parsing failed
[  198.072124][ T5881] holtek_mouse 0003:04D9:A072.0003: hid parse failed: -22
[  198.080359][ T5881] holtek_mouse 0003:04D9:A072.0003: probe with driver holtek_mouse failed with error -22
[  198.096769][ T5881] usb 4-1: USB disconnect, device number 9
[  198.203404][ T5927] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  198.240762][ T5927] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  198.247800][ T5927] em28xx 5-1:0.0: No AC97 audio processor
[  198.497864][ T5927] usb 5-1: USB disconnect, device number 4
[  198.522595][ T5927] em28xx 5-1:0.0: Disconnecting em28xx
[  198.535394][ T5927] em28xx 5-1:0.0: Freeing device
[  198.663287][ T7062] netlink: 28 bytes leftover after parsing attributes in process `syz.4.296'.
[  198.870799][ T5881] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  199.130825][ T5881] usb 4-1: Using ep0 maxpacket: 32
[  199.150794][ T5881] usb 4-1: config 0 has an invalid interface number: 61 but max is 0
[  199.312486][ T5881] usb 4-1: config 0 has no interface number 0
[  199.406912][ T5881] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  199.454859][ T5881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.465643][   T29] audit: type=1326 audit(1738578579.999:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7064 comm="syz.2.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ced8cda9 code=0x7ffc0000
[  199.544002][ T5881] usb 4-1: Product: syz
[  199.548266][ T5881] usb 4-1: Manufacturer: syz
[  200.530882][ T5881] usb 4-1: SerialNumber: syz
[  200.540647][   T29] audit: type=1326 audit(1738578580.019:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7064 comm="syz.2.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f78ced8cda9 code=0x7ffc0000
[  201.522936][ T5881] usb 4-1: config 0 descriptor??
[  201.529886][ T5881] usb 4-1: can't set config #0, error -71
[  201.540965][ T5881] usb 4-1: USB disconnect, device number 10
[  201.618130][   T29] audit: type=1326 audit(1738578580.019:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7064 comm="syz.2.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ced8cda9 code=0x7ffc0000
[  201.642884][ T7080] loop9: detected capacity change from 0 to 7
[  201.654284][ T7080] buffer_io_error: 2 callbacks suppressed
[  201.654306][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.669371][   T29] audit: type=1326 audit(1738578580.019:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7064 comm="syz.2.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ced8cda9 code=0x7ffc0000
[  201.714788][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.745554][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.784687][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.871599][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  202.791226][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  203.180836][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  203.806647][ T7080] ldm_validate_partition_table(): Disk read failed.
[  204.270894][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  204.279013][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  204.677611][ T7080] Buffer I/O error on dev loop9, logical block 0, async page read
[  204.831604][ T7080] Dev loop9: unable to read RDB block 0
[  204.879142][ T7080]  loop9: unable to read partition table
[  204.900748][ T7080] loop9: partition table beyond EOD, truncated
[  204.907025][ T7080] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  205.083363][ T7100] can0: slcan on ttyS3.
[  205.190703][ T7106] netlink: 20 bytes leftover after parsing attributes in process `syz.2.308'.
[  205.623886][   T29] audit: type=1326 audit(1738578586.179:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7118 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8798cda9 code=0x7ffc0000
[  205.670479][ T7126] bridge2: the hash_elasticity option has been deprecated and is always 16
[  205.725238][   T29] audit: type=1326 audit(1738578586.179:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7118 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8798cda9 code=0x7ffc0000
[  205.790749][   T29] audit: type=1326 audit(1738578586.179:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7118 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f8f8798cda9 code=0x7ffc0000
[  205.910973][   T29] audit: type=1326 audit(1738578586.179:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7118 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8798cda9 code=0x7ffc0000
[  206.227691][   T29] audit: type=1326 audit(1738578586.179:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7118 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8798cda9 code=0x7ffc0000
[  207.208034][ T5839] Bluetooth: hci0: command 0x0406 tx timeout
[  207.216012][ T5839] Bluetooth: hci3: command 0x0406 tx timeout
[  207.227903][ T5839] Bluetooth: hci2: command 0x0406 tx timeout
[  207.237236][ T5839] Bluetooth: hci1: command 0x0406 tx timeout
[  208.911024][  T975] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  208.999561][    T8] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[  209.216547][ T5881] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  209.460967][  T975] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  209.496879][  T975] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.604007][ T7153] afs: Bad value for 'source'
[  209.611711][ T5881] usb 5-1: Using ep0 maxpacket: 32
[  209.612531][  T975] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  209.621951][ T7153] netdevsim netdevsim2: Direct firmware load for .
[  209.621951][ T7153]  failed with error -2
[  209.638722][ T7153] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  209.638722][ T7153] 
[  209.672421][  T975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.675321][ T5881] usb 5-1: config 0 has an invalid interface number: 61 but max is 0
[  209.680933][  T975] usb 1-1: Product: syz
[  209.698905][  T975] usb 1-1: Manufacturer: syz
[  209.703659][  T975] usb 1-1: SerialNumber: syz
[  210.367481][ T5881] usb 5-1: config 0 has no interface number 0
[  210.390108][ T5881] usb 5-1: string descriptor 0 read error: -71
[  210.401099][ T7156] netlink: 20 bytes leftover after parsing attributes in process `syz.3.318'.
[  210.600695][ T5881] usb 5-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  210.652080][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.699818][ T5881] usb 5-1: config 0 descriptor??
[  210.734724][ T5881] usb 5-1: can't set config #0, error -71
[  210.750095][  T975] cdc_mbim 1-1:1.0: bind() failure
[  210.801093][ T5881] usb 5-1: USB disconnect, device number 5
[  210.824295][  T975] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  210.872283][ T7162] loop9: detected capacity change from 0 to 7
[  210.911893][ T7162] buffer_io_error: 4 callbacks suppressed
[  210.911914][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  210.960117][  T975] cdc_ncm 1-1:1.1: bind() failure
[  211.026245][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.061164][  T975] usb 1-1: USB disconnect, device number 7
[  211.116511][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.150462][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.164654][   T29] audit: type=1326 audit(1738578591.709:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7172 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  211.175493][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.256719][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.265471][   T29] audit: type=1326 audit(1738578591.749:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7172 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  211.308086][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.384340][   T29] audit: type=1326 audit(1738578591.749:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7172 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7ffc0000
[  211.387236][ T7162] ldm_validate_partition_table(): Disk read failed.
[  211.477726][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.614262][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.715026][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  211.770963][ T5832] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  211.801091][ T7162] Dev loop9: unable to read RDB block 0
[  211.807644][ T7162]  loop9: unable to read partition table
[  211.930902][ T5832] usb 4-1: Using ep0 maxpacket: 16
[  211.972937][ T5832] usb 4-1: config 0 has an invalid interface number: 182 but max is 0
[  211.975093][ T7162] loop9: partition table beyond EOD, truncated
[  212.067003][ T7162] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  212.290666][ T5832] usb 4-1: config 0 has no interface number 0
[  212.312273][ T5832] usb 4-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  212.325707][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.393579][ T5832] usb 4-1: Product: syz
[  212.423823][ T5832] usb 4-1: Manufacturer: syz
[  212.585400][ T5832] usb 4-1: SerialNumber: syz
[  212.788351][ T5832] usb 4-1: config 0 descriptor??
[  213.412703][ T5832] usb 4-1: USB disconnect, device number 12
[  213.738488][   T29] audit: type=1326 audit(1738578594.289:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7220 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  213.802433][ T7224] afs: Bad value for 'source'
[  213.866037][ T7224] netdevsim netdevsim2: Direct firmware load for .
[  213.866037][ T7224]  failed with error -2
[  213.877425][ T7224] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  213.877425][ T7224] 
[  214.290932][   T29] audit: type=1326 audit(1738578594.289:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7220 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  214.362895][ T7226] netlink: 12 bytes leftover after parsing attributes in process `syz.1.335'.
[  214.467819][   T29] audit: type=1326 audit(1738578594.289:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7220 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  214.477075][ T7226] 8021q: adding VLAN 0 to HW filter on device bond1
[  214.569725][ T7232] loop9: detected capacity change from 0 to 7
[  214.626266][ T7232] Dev loop9: unable to read RDB block 7
[  214.640772][   T29] audit: type=1326 audit(1738578594.339:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7220 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  214.665593][ T7232]  loop9: unable to read partition table
[  214.683782][ T7232] loop9: partition table beyond EOD, truncated
[  214.700833][ T7232] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  214.973178][ T7241] 8021q: adding VLAN 0 to HW filter on device bond1
[  214.980638][ T7241] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[  214.992179][ T7241] bond1: (slave ipip0): Error -95 calling set_mac_address
[  215.001766][ T5832] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  215.271300][ T5832] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  215.614895][ T5832] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  215.783914][ T5832] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  215.848084][ T5832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  215.935331][ T5832] usb 5-1: SerialNumber: syz
[  215.994635][ T5832] usb 5-1: 0:2 : does not exist
[  216.383024][   T29] audit: type=1326 audit(1738578596.899:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7248 comm="syz.2.342" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f78ced8cda9 code=0x7fbf0000
[  216.619563][   T25] usb 5-1: USB disconnect, device number 6
[  216.831829][ T7255] netlink: 216 bytes leftover after parsing attributes in process `syz.0.345'.
[  217.142208][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  217.433828][ T7273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.347'.
[  217.443407][ T7273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.347'.
[  218.127594][   T29] audit: type=1326 audit(1738578598.669:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7272 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  218.149109][    C1] vkms_vblank_simulate: vblank timer overrun
[  218.196584][   T29] audit: type=1326 audit(1738578598.669:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7272 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  218.251988][   T29] audit: type=1326 audit(1738578598.669:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7272 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  218.340602][   T29] audit: type=1326 audit(1738578598.669:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7272 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  218.362590][   T48] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  218.441138][   T29] audit: type=1326 audit(1738578598.669:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7272 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d80b8cda9 code=0x7ffc0000
[  218.540677][   T48] usb 5-1: Using ep0 maxpacket: 16
[  218.572323][   T48] usb 5-1: config 0 has an invalid interface number: 182 but max is 0
[  218.740041][   T48] usb 5-1: config 0 has no interface number 0
[  218.767437][   T48] usb 5-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  218.797382][   T48] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.128139][   T48] usb 5-1: Product: syz
[  219.658645][   T48] usb 5-1: Manufacturer: syz
[  219.694821][   T48] usb 5-1: SerialNumber: syz
[  219.740992][ T7302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.354'.
[  219.780684][ T7302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.354'.
[  219.790395][ T7302] netlink: 60 bytes leftover after parsing attributes in process `syz.3.354'.
[  219.809795][   T48] usb 5-1: config 0 descriptor??
[  219.853602][ T7303] netlink: 104 bytes leftover after parsing attributes in process `syz.3.354'.
[  219.870110][ T7301] loop9: detected capacity change from 0 to 7
[  219.908991][ T7306] netlink: 104 bytes leftover after parsing attributes in process `syz.3.354'.
[  219.957012][ T7301] buffer_io_error: 4 callbacks suppressed
[  219.957032][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  219.974601][ T7303] netlink: 28 bytes leftover after parsing attributes in process `syz.3.354'.
[  219.991605][ T7303] netlink: 28 bytes leftover after parsing attributes in process `syz.3.354'.
[  220.054949][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.111987][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.180163][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.205955][   T48] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  220.260266][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.320938][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.386492][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  220.439129][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.449205][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.470742][   T48] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  220.492371][   T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.518693][ T7301] ldm_validate_partition_table(): Disk read failed.
[  220.592944][   T48] usb 1-1: config 0 descriptor??
[  220.648151][   T48] hub 1-1:0.0: USB hub found
[  220.661002][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.703605][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.790762][ T7301] Buffer I/O error on dev loop9, logical block 0, async page read
[  220.857437][ T7301] Dev loop9: unable to read RDB block 0
[  220.906753][   T48] hub 1-1:0.0: 1 port detected
[  220.919813][ T7301]  loop9: unable to read partition table
[  221.019311][ T7301] loop9: partition table beyond EOD, truncated
[  221.134079][ T7301] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  221.163204][  T975] usb 5-1: USB disconnect, device number 7
[  221.350745][ T5832] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  221.406123][   T48] usb 1-1: USB disconnect, device number 8
[  221.526104][ T5832] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  221.564570][ T5832] usb 3-1: config 0 has no interface number 0
[  221.593323][ T5832] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0043, bcdDevice=6a.c7
[  221.612995][ T5832] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.630571][ T5832] usb 3-1: Product: syz
[  221.641017][ T5832] usb 3-1: Manufacturer: syz
[  221.651433][ T5832] usb 3-1: SerialNumber: syz
[  221.677501][ T5832] usb 3-1: config 0 descriptor??
[  221.694274][ T5832] em28xx 3-1:0.251: audio device (0ccd:0043): interface 251, class 1
[  221.907397][   T48] usb 3-1: USB disconnect, device number 7
[  221.924491][ T7353] dccp_invalid_packet: P.Data Offset(100) too large
[  221.969831][ T7349] xt_CT: No such helper "snmp"
[  224.815960][ T7393] netlink: 'syz.1.371': attribute type 10 has an invalid length.
[  224.826716][ T7393] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.836092][ T7393] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.855379][ T7394] Cannot find add_set index 0 as target
[  224.868017][ T7393] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.875424][ T7393] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.884416][ T7393] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.891736][ T7393] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.916718][ T7393] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  225.023960][    T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  225.629492][    T8] usb 5-1: Using ep0 maxpacket: 16
[  225.670797][    T8] usb 5-1: config 0 has an invalid interface number: 182 but max is 0
[  225.679069][    T8] usb 5-1: config 0 has no interface number 0
[  225.703328][    T8] usb 5-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  225.713615][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.743159][    T8] usb 5-1: Product: syz
[  225.749194][    T8] usb 5-1: Manufacturer: syz
[  225.764257][    T8] usb 5-1: SerialNumber: syz
[  225.781673][    T8] usb 5-1: config 0 descriptor??
[  226.617251][ T7408] sctp: [Deprecated]: syz.0.378 (pid 7408) Use of int in max_burst socket option.
[  226.617251][ T7408] Use struct sctp_assoc_value instead
[  226.928199][ T7412] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  227.037674][ T5927] usb 5-1: USB disconnect, device number 8
[  227.590304][ T7423] __nla_validate_parse: 2 callbacks suppressed
[  227.590347][ T7423] netlink: 830 bytes leftover after parsing attributes in process `syz.1.383'.
[  228.199144][ T7432] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  228.304331][ T7434] netlink: 52 bytes leftover after parsing attributes in process `syz.4.385'.
[  228.722951][ T7438] netlink: 20 bytes leftover after parsing attributes in process `syz.3.387'.
[  228.983194][ T5881] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  229.332966][   T29] audit: type=1326 audit(1738578609.879:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7431 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f8798cda9 code=0x7fc00000
[  229.650899][ T5881] usb 1-1: Using ep0 maxpacket: 32
[  229.659892][ T5881] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  229.680806][ T5881] usb 1-1: config 0 has no interface number 0
[  229.689554][ T5881] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  229.699395][ T5881] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.775137][ T5881] usb 1-1: Product: syz
[  229.801922][ T5881] usb 1-1: Manufacturer: syz
[  229.820929][ T5881] usb 1-1: SerialNumber: syz
[  229.854636][ T5881] usb 1-1: config 0 descriptor??
[  229.925720][ T5881] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  230.124426][ T5881] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  230.192257][ T5881] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  230.216548][ T5835] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  230.447614][ T5835] usb 4-1: Using ep0 maxpacket: 16
[  230.501520][ T5835] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  230.550310][ T5835] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  230.572718][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[  230.592120][ T5881] usb 1-1: USB disconnect, device number 9
[  230.603390][ T5835] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  230.631608][ T5881] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  230.647269][ T5835] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  230.673761][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.691773][  T975] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  230.695587][ T5881] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  230.715512][ T5835] usb 4-1: Product: syz
[  230.729222][ T5835] usb 4-1: Manufacturer: syz
[  230.745037][ T5835] usb 4-1: SerialNumber: syz
[  230.756572][ T5881] quatech2 1-1:0.51: device disconnected
[  230.850823][  T975] usb 5-1: device descriptor read/64, error -71
[  231.045478][ T5927] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  231.139841][  T975] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  231.240132][ T7459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.249369][ T5927] usb 2-1: Using ep0 maxpacket: 16
[  231.282876][ T7459] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.308195][ T5927] usb 2-1: config 0 has an invalid interface number: 182 but max is 0
[  231.361265][ T5927] usb 2-1: config 0 has no interface number 0
[  231.371006][  T975] usb 5-1: device descriptor read/64, error -71
[  231.430449][ T5927] usb 2-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  231.541252][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.542229][  T975] usb usb5-port1: attempt power cycle
[  231.559452][ T5927] usb 2-1: Product: syz
[  231.572362][ T5927] usb 2-1: Manufacturer: syz
[  231.585500][ T5927] usb 2-1: SerialNumber: syz
[  231.603753][ T5835] usb 4-1: 0:2 : does not exist
[  231.615662][ T5835] usb 4-1: 1:0: cannot get min/max values for control 4 (id 1)
[  231.634198][ T5927] usb 2-1: config 0 descriptor??
[  231.643094][ T5835] usb 4-1: USB disconnect, device number 13
[  232.165158][ T7494] input: syz0 as /devices/virtual/input/input11
[  232.995629][  T975] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  233.042355][  T975] usb 5-1: device descriptor read/8, error -71
[  234.100413][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  234.779125][   T48] usb 2-1: USB disconnect, device number 13
[  234.836623][ T7498] Bluetooth: MGMT ver 1.23
[  234.850745][  T975] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  234.892133][  T975] usb 5-1: device descriptor read/8, error -71
[  234.951302][ T7503] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  235.011436][  T975] usb usb5-port1: unable to enumerate USB device
[  235.274134][ T7519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.409'.
[  235.529083][ T7519] 8021q: adding VLAN 0 to HW filter on device bond2
[  235.598895][ T7529] mmap: syz.0.408 (7529) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  236.348309][ T7533] 8021q: adding VLAN 0 to HW filter on device bond2
[  236.356918][ T7533] bond2: (slave ipip0): The slave device specified does not support setting the MAC address
[  236.372493][ T7533] bond2: (slave ipip0): Error -95 calling set_mac_address
[  236.747553][ T5832] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  236.965186][ T5832] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.996850][ T5832] usb 4-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00
[  237.040707][ T5832] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.063275][ T5832] usb 4-1: config 0 descriptor??
[  237.511141][ T5832] lenovo 0003:17EF:60A3.0004: hidraw0: USB HID v0.00 Device [HID 17ef:60a3] on usb-dummy_hcd.3-1/input0
[  237.611037][   T48] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  237.820770][   T48] usb 2-1: Using ep0 maxpacket: 16
[  237.986507][   T48] usb 2-1: config 0 has an invalid interface number: 182 but max is 0
[  238.016235][   T48] usb 2-1: config 0 has no interface number 0
[  238.098706][   T48] usb 2-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  238.123363][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.171913][   T48] usb 2-1: Product: syz
[  238.182186][   T48] usb 2-1: Manufacturer: syz
[  238.200948][   T48] usb 2-1: SerialNumber: syz
[  238.203799][    T8] usb 4-1: USB disconnect, device number 14
[  238.280735][   T48] usb 2-1: config 0 descriptor??
[  239.777283][    T8] usb 2-1: USB disconnect, device number 14
[  240.320930][ T5832] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  241.010646][ T5832] usb 4-1: Using ep0 maxpacket: 16
[  241.032168][ T5832] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  241.048036][ T5832] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  241.060769][ T5832] usb 4-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  241.071866][ T5832] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  241.089766][ T5832] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  241.100848][ T5832] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  241.109025][ T5832] usb 4-1: Manufacturer: syz
[  241.132224][ T5832] usb 4-1: config 0 descriptor??
[  242.116839][ T7581] tmpfs: Unknown parameter 'defcontext'
[  242.460763][ T5832] usb 4-1: USB disconnect, device number 15
[  243.194025][ T5832] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  243.419810][ T5835] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  243.510732][ T5832] usb 4-1: Using ep0 maxpacket: 32
[  243.561782][ T5832] usb 4-1: unable to read config index 0 descriptor/start: -61
[  244.390765][ T5832] usb 4-1: can't read configurations, error -61
[  244.487582][ T5835] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  244.533036][ T5835] usb 3-1: New USB device found, idVendor=3344, idProduct=22f0, bcdDevice=ef.4d
[  244.548522][ T5835] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.561225][ T5835] usb 3-1: Product: syz
[  244.565859][ T5835] usb 3-1: Manufacturer: syz
[  244.580841][ T5835] usb 3-1: SerialNumber: syz
[  244.660715][ T5832] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  244.816154][ T5835] usb 3-1: selecting invalid altsetting 1
[  244.840810][ T5832] usb 4-1: Using ep0 maxpacket: 32
[  244.848866][ T5832] usb 4-1: unable to read config index 0 descriptor/start: -61
[  244.867053][ T5832] usb 4-1: can't read configurations, error -61
[  244.889129][ T5832] usb usb4-port1: attempt power cycle
[  244.920649][  T975] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  245.048592][ T5835] LME2510(C): Firmware Status: 00 00 00 00 00 00
[  245.049182][ T5835] dvb_usb_lmedm04 3-1:2.0: probe with driver dvb_usb_lmedm04 failed with error -22
[  245.830993][ T5832] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  245.911162][ T5832] usb 4-1: device descriptor read/8, error -71
[  245.941290][  T975] usb 1-1: Using ep0 maxpacket: 16
[  245.972300][ T7621] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  245.992315][  T975] usb 1-1: config 0 has an invalid interface number: 182 but max is 0
[  246.038306][  T975] usb 1-1: config 0 has no interface number 0
[  246.113637][  T975] usb 1-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  246.522710][  T975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.533034][  T975] usb 1-1: Product: syz
[  246.539333][  T975] usb 1-1: Manufacturer: syz
[  246.545354][  T975] usb 1-1: SerialNumber: syz
[  246.560818][    T8] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  246.612309][  T975] usb 1-1: config 0 descriptor??
[  246.821561][    T8] usb 2-1: device descriptor read/64, error -71
[  246.855037][ T5927] usb 3-1: USB disconnect, device number 8
[  247.700689][    T8] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  247.854995][  T975] usb 1-1: USB disconnect, device number 10
[  247.931731][ T7633] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  247.979936][ T7633] team0: Device macvtap1 failed to register rx_handler
[  248.014816][ T7633] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  248.664441][    T8] usb 2-1: device descriptor read/64, error -71
[  248.728681][ T7647] netlink: 'syz.2.438': attribute type 1 has an invalid length.
[  248.829642][    T8] usb usb2-port1: attempt power cycle
[  248.893705][ T7640] can0 (unregistered): slcan off ttyS3.
[  249.002185][ T7651] loop9: detected capacity change from 0 to 7
[  249.138012][ T7651] Dev loop9: unable to read RDB block 7
[  249.164998][ T7647] 8021q: adding VLAN 0 to HW filter on device bond2
[  249.174882][ T7651]  loop9: unable to read partition table
[  249.193626][ T7651] loop9: partition table beyond EOD, truncated
[  249.200719][    T8] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  249.209055][ T7651] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  249.233187][ T7648] 8021q: adding VLAN 0 to HW filter on device batadv1
[  249.234937][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.271116][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.282050][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  249.297993][ T7648] bond2: (slave batadv1): making interface the new active one
[  249.312950][ T7648] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  249.322340][    T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  249.340098][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.403997][    T8] usb 2-1: config 0 descriptor??
[  249.419842][ T7648] 8021q: adding VLAN 0 to HW filter on device batadv2
[  249.503323][ T7648] bond2: (slave batadv2): Enslaving as an active interface with an up link
[  251.211559][    T8] plantronics 0003:047F:FFFF.0005: ignoring exceeding usage max
[  252.377808][    T8] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  254.489229][    T8] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  254.887703][    T8] usb 2-1: USB disconnect, device number 17
[  255.197805][ T7676] cgroup: Invalid name
[  255.418908][ T7690] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  255.455510][ T7690] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  255.841364][    T8] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  256.046585][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.080912][ T5832] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  256.241751][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  256.248572][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  256.283626][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.322854][    T8] usb 1-1: New USB device found, idVendor=0463, idProduct=c537, bcdDevice=34.39
[  256.348345][    T8] usb 1-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  256.364179][    T8] usb 1-1: Manufacturer: syz
[  256.544048][ T5832] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  256.633048][    T8] usb 1-1: config 0 descriptor??
[  256.667888][ T5832] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  256.684593][ T5832] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  256.700680][ T5832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  256.719628][ T5832] usb 5-1: SerialNumber: syz
[  256.976882][ T7704] netlink: 1256 bytes leftover after parsing attributes in process `syz.4.453'.
[  256.999085][ T7704] openvswitch: netlink: Unknown key attributes 20
[  257.064041][ T5832] usb 5-1: 0:2 : does not exist
[  257.084888][    T8] hid-generic 0003:0463:C537.0006: unknown main item tag 0x0
[  257.099635][ T7725] usb usb8: usbfs: process 7725 (syz.3.455) did not claim interface 0 before use
[  257.113106][    T8] hid-generic 0003:0463:C537.0006: unknown main item tag 0x0
[  257.131047][    T8] hid-generic 0003:0463:C537.0006: unknown main item tag 0x0
[  257.140356][    T8] hid-generic 0003:0463:C537.0006: unknown main item tag 0x0
[  257.194352][    T8] hid-generic 0003:0463:C537.0006: unknown main item tag 0x0
[  257.200940][ T5832] usb 5-1: USB disconnect, device number 13
[  257.261982][    T8] hid-generic 0003:0463:C537.0006: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  257.277912][ T7699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  257.352211][ T7699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.496755][ T6011] udevd[6011]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  257.636271][ T7738] netlink: 12 bytes leftover after parsing attributes in process `syz.3.458'.
[  257.661074][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  257.688378][ T7739] netlink: 12 bytes leftover after parsing attributes in process `syz.3.458'.
[  257.696165][ T7734] loop9: detected capacity change from 0 to 8
[  257.832065][    T8] usb 3-1: Using ep0 maxpacket: 32
[  257.852934][ T7740] netlink: 332 bytes leftover after parsing attributes in process `syz.1.457'.
[  257.876126][    T8] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  257.908185][    T8] usb 3-1: config 0 has no interface number 0
[  257.952500][    T8] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  258.024266][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.063792][ T7749] xt_hashlimit: size too large, truncated to 1048576
[  258.266514][    T8] usb 3-1: Product: syz
[  258.279507][    T8] usb 3-1: Manufacturer: syz
[  258.291096][    T8] usb 3-1: SerialNumber: syz
[  258.321454][    T8] usb 3-1: config 0 descriptor??
[  258.395250][    T8] radio-si470x 3-1:0.35: could not find interrupt in endpoint
[  258.473144][    T8] radio-si470x 3-1:0.35: probe with driver radio-si470x failed with error -5
[  258.537554][ T5832] usb 1-1: USB disconnect, device number 11
[  258.541508][ T7757] capability: warning: `syz.4.461' uses deprecated v2 capabilities in a way that may be insecure
[  258.660625][    T8] radio-raremono 3-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  258.961125][    T8] radio-raremono 3-1:0.35: raremono_cmd_main failed (-71)
[  259.061428][    T8] radio-raremono 3-1:0.35: V4L2 device registered as radio48
[  259.122007][    T8] usb 3-1: USB disconnect, device number 9
[  259.145895][    T8] radio-raremono 3-1:0.35: Thanko's Raremono disconnected
[  260.054694][ T5832] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  260.380919][ T5832] usb 5-1: device descriptor read/64, error -71
[  260.651077][ T7792] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  260.910682][ T5832] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  261.050615][ T5832] usb 5-1: device descriptor read/64, error -71
[  261.163411][ T5832] usb usb5-port1: attempt power cycle
[  261.177906][ T7807] loop9: detected capacity change from 0 to 7
[  261.185278][ T7807] buffer_io_error: 4 callbacks suppressed
[  261.185297][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.203091][   T29] audit: type=1326 audit(1738578641.749:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7801 comm="syz.0.470" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feed078cda9 code=0x0
[  261.241473][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.275200][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.317623][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.346292][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.374479][ T7815] openvswitch: netlink: Tunnel attr 47 out of range max 16
[  261.400975][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.409809][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.424460][ T7815] wg1 speed is unknown, defaulting to 1000
[  261.442130][ T7807] ldm_validate_partition_table(): Disk read failed.
[  261.460353][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.479354][ T7817] jfs: Bad value for 'gid'
[  261.484362][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.504610][ T7817] jfs: Bad value for 'gid'
[  261.515349][ T7807] Buffer I/O error on dev loop9, logical block 0, async page read
[  261.523825][ T5832] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  261.547816][ T7807] Dev loop9: unable to read RDB block 0
[  261.567846][ T7807]  loop9: unable to read partition table
[  261.578048][ T5832] usb 5-1: device descriptor read/8, error -71
[  261.614475][ T7807] loop9: partition table beyond EOD, truncated
[  261.622396][ T7807] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  261.880615][ T5832] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  261.957797][ T5832] usb 5-1: device descriptor read/8, error -71
[  262.203191][ T5832] usb usb5-port1: unable to enumerate USB device
[  263.398974][ T7852] siw: device registration error -23
[  264.000817][   T29] audit: type=1326 audit(1738578644.539:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7843 comm="syz.3.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  264.052142][   T29] audit: type=1326 audit(1738578644.539:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7843 comm="syz.3.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  264.080677][   T29] audit: type=1326 audit(1738578644.609:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7843 comm="syz.3.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  264.682105][ T7866] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  266.180042][ T7900] netlink: 60 bytes leftover after parsing attributes in process `syz.0.487'.
[  266.228640][ T7900] xt_TCPMSS: Only works on TCP SYN packets
[  266.621208][   T29] audit: type=1326 audit(1738578646.759:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  266.728081][   T29] audit: type=1326 audit(1738578646.759:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  266.830673][   T29] audit: type=1326 audit(1738578646.769:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  266.930675][ T5832] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  266.991755][   T29] audit: type=1326 audit(1738578646.769:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  267.437047][   T29] audit: type=1326 audit(1738578646.769:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  267.491284][ T5832] usb 5-1: config 0 has an invalid interface number: 69 but max is 0
[  267.499464][ T5832] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  267.514286][   T29] audit: type=1326 audit(1738578646.769:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  267.520219][ T5832] usb 5-1: config 0 has no interface number 0
[  267.618429][ T7920] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  267.811999][ T5832] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  267.839745][ T5832] usb 5-1: config 0 interface 69 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  267.940615][   T29] audit: type=1326 audit(1738578646.779:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  268.065392][ T5832] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  268.099624][   T29] audit: type=1326 audit(1738578646.779:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  268.106816][ T5832] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.200083][ T5832] usb 5-1: Product: syz
[  268.209129][ T5832] usb 5-1: Manufacturer: syz
[  268.217018][ T5832] usb 5-1: SerialNumber: syz
[  268.228488][ T5832] usb 5-1: config 0 descriptor??
[  268.231433][ T5832] cyberjack 5-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  268.232243][ T5832] cyberjack ttyUSB0: usb_submit_urb(read int) failed
[  268.239926][ T5832] usb 5-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  268.245776][   T29] audit: type=1326 audit(1738578646.779:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  268.245865][   T29] audit: type=1326 audit(1738578646.779:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7888 comm="syz.0.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7ffc0000
[  268.321341][ T5835] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  268.500632][ T5835] usb 4-1: Using ep0 maxpacket: 16
[  268.510256][ T5835] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  268.558158][ T5835] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  268.621784][ T5835] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  268.691673][ T5835] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  268.721866][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.753598][ T5835] usb 4-1: Product: syz
[  268.777465][ T5835] usb 4-1: Manufacturer: syz
[  268.804311][ T5835] usb 4-1: SerialNumber: syz
[  268.851342][ T5881] usb 5-1: USB disconnect, device number 18
[  268.882441][ T5881] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  268.961805][ T5881] cyberjack 5-1:0.69: device disconnected
[  269.463595][ T5835] hub 4-1:1.2: bad descriptor, ignoring hub
[  269.469599][ T5835] hub 4-1:1.2: probe with driver hub failed with error -5
[  269.767341][ T5835] usb 4-1: USB disconnect, device number 21
[  270.210126][ T7948] netlink: 40 bytes leftover after parsing attributes in process `syz.1.494'.
[  270.826789][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  270.979774][ T7954] fuse: Unknown parameter '0x0000000000000003'
[  271.377102][ T7975] netlink: 12 bytes leftover after parsing attributes in process `syz.1.501'.
[  275.011410][ T5881] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  275.171540][ T5881] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  275.210642][ T5881] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  275.250986][ T5881] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  275.301356][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.331198][ T5881] usb 5-1: Product: syz
[  275.335449][ T5881] usb 5-1: Manufacturer: syz
[  275.340097][ T5881] usb 5-1: SerialNumber: syz
[  275.381020][ T5881] usb 5-1: config 0 descriptor??
[  275.401338][ T8007] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  275.438365][ T8007] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  275.536290][   T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  275.700628][   T25] usb 1-1: Using ep0 maxpacket: 16
[  275.711581][ T8007] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  275.743660][   T25] usb 1-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  275.753281][ T8007] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  275.766064][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.790821][   T25] usb 1-1: Product: syz
[  275.795072][   T25] usb 1-1: Manufacturer: syz
[  275.833647][   T25] usb 1-1: SerialNumber: syz
[  275.853052][   T25] usb 1-1: config 0 descriptor??
[  275.899401][   T25] as10x_usb: device has been detected
[  275.931405][   T25] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  276.475545][   T25] usb 1-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  276.491142][ T8026] random: crng reseeded on system resumption
[  276.652712][   T25] as10x_usb: error during firmware upload part1
[  276.719593][   T25] Registered device Sky IT Digital Key (green led)
[  276.743645][ T5881] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  276.879524][ T8070] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  277.169479][ T5881] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  277.186825][   T25] usb 1-1: USB disconnect, device number 12
[  277.203516][ T5881] usb 5-1: USB disconnect, device number 19
[  277.238728][   T25] Unregistered device Sky IT Digital Key (green led)
[  277.263786][   T25] as10x_usb: device has been disconnected
[  277.380841][    T8] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  277.554042][    T8] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  277.581611][    T8] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  277.610763][    T8] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  277.639292][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  277.661789][    T8] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  277.680780][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.699392][    T8] usb 4-1: Product: syz
[  277.720559][    T8] usb 4-1: Manufacturer: syz
[  277.766144][    T8] usb 4-1: SerialNumber: syz
[  278.404429][    T8] usb 4-1: 0:2 : does not exist
[  278.475913][    T8] usb 4-1: USB disconnect, device number 22
[  278.642370][ T8101] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  278.665549][ T8101] netlink: 40 bytes leftover after parsing attributes in process `syz.4.525'.
[  278.723015][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  278.762100][ T5835] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  278.801563][   T25] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  278.942495][ T5835] usb 1-1: Using ep0 maxpacket: 16
[  278.957932][ T5835] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  278.974384][   T25] usb 2-1: Using ep0 maxpacket: 8
[  279.000881][ T5835] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 96
[  279.024934][   T25] usb 2-1: config index 0 descriptor too short (expected 6427, got 27)
[  279.033504][   T25] usb 2-1: config 0 has an invalid interface number: 3 but max is 0
[  279.041847][ T5835] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 51720, setting to 1024
[  279.070593][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.090611][ T5835] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[  279.111008][   T25] usb 2-1: config 0 has no interface number 0
[  279.130698][ T5835] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  279.175825][   T25] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  279.196879][ T5835] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  279.210613][   T25] usb 2-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  279.239439][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  279.254825][   T25] usb 2-1: Product: syz
[  279.272153][   T25] usb 2-1: Manufacturer: syz
[  279.295635][ T5835] usb 1-1: SerialNumber: syz
[  279.321313][   T25] usb 2-1: config 0 descriptor??
[  279.333916][ T8099] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  279.380630][ T8099] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  279.409635][ T8119] overlayfs: failed to resolve './file0': -2
[  279.523582][ T8120] lo speed is unknown, defaulting to 1000
[  279.549371][ T8120] lo speed is unknown, defaulting to 1000
[  279.561443][ T8120] lo speed is unknown, defaulting to 1000
[  280.143920][ T8120] infiniband s
z1: set active
[  280.148907][ T8120] infiniband s
z1: added lo
[  280.155145][ T8120] s
z1: rxe_create_cq: returned err = -12
[  280.161516][ T8120] infiniband s
z1: Couldn't create ib_mad CQ
[  280.167829][ T8120] infiniband s
z1: Couldn't open port 1
[  280.171383][ T5835] hub 1-1:1.0: bad descriptor, ignoring hub
[  280.179897][   T25] usb 2-1: USB disconnect, device number 18
[  280.181441][ T5881] lo speed is unknown, defaulting to 1000
[  280.207793][ T8120] RDS/IB: s
z1: added
[  280.212816][ T8120] smc: adding ib device s
z1 with port count 1
[  280.219332][ T8120] smc:    ib device s
z1 port 1 has pnetid 
[  280.229385][ T8120] lo speed is unknown, defaulting to 1000
[  280.230089][ T5835] hub 1-1:1.0: probe with driver hub failed with error -5
[  280.320205][ T8099] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  280.351433][ T8120] lo speed is unknown, defaulting to 1000
[  280.379392][ T8099] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  280.465968][ T8120] lo speed is unknown, defaulting to 1000
[  280.604594][ T8120] lo speed is unknown, defaulting to 1000
[  280.749498][ T8120] lo speed is unknown, defaulting to 1000
[  281.101335][ T5881] lo speed is unknown, defaulting to 1000
[  281.795444][ T5835] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42
[  283.701614][   T48] usb 1-1: USB disconnect, device number 13
[  283.709173][   T48] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device
[  285.710690][ T8179] netlink: 32 bytes leftover after parsing attributes in process `syz.0.542'.
[  286.621823][   T48] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  286.840639][   T48] usb 5-1: Using ep0 maxpacket: 16
[  286.919857][   T48] usb 5-1: config 0 has an invalid interface number: 182 but max is 0
[  286.948359][   T48] usb 5-1: config 0 has no interface number 0
[  286.992528][   T48] usb 5-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  287.020693][   T48] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.079346][   T48] usb 5-1: Product: syz
[  287.119755][   T48] usb 5-1: Manufacturer: syz
[  287.171607][   T48] usb 5-1: SerialNumber: syz
[  287.269332][   T48] usb 5-1: config 0 descriptor??
[  289.592701][ T5832] usb 5-1: USB disconnect, device number 20
[  289.687273][ T8211] 9pnet_fd: Insufficient options for proto=fd
[  289.725763][ T8211] netlink: 'syz.3.550': attribute type 10 has an invalid length.
[  290.928654][ T8223] geneve2: entered promiscuous mode
[  290.934154][ T8223] geneve2: entered allmulticast mode
[  292.130420][ T8225] wg1 speed is unknown, defaulting to 1000
[  292.275035][ T8233] netlink: 32 bytes leftover after parsing attributes in process `syz.2.555'.
[  293.111592][ T8225] lo speed is unknown, defaulting to 1000
[  293.734693][ T8240] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  293.982972][ T5881] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  294.232091][ T5881] usb 3-1: config 0 has an invalid interface number: 156 but max is 1
[  294.268825][ T5881] usb 3-1: config 0 has no interface number 1
[  294.321019][ T5881] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  294.425950][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.903954][ T5881] usb 3-1: config 0 descriptor??
[  294.940092][ T5881] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  294.953690][ T5881] usb 3-1: MIDIStreaming interface descriptor not found
[  295.088520][ T5881] gspca_main: spca561-2.14.0 probing abcd:cdee
[  295.125708][ T5881] spca561 3-1:0.0: probe with driver spca561 failed with error -22
[  295.173138][ T5881] usb 3-1: USB disconnect, device number 10
[  295.220707][   T25] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  295.452730][   T25] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  295.478631][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.483068][ T6048] udevd[6048]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  295.487801][   T25] usb 1-1: Product: syz
[  295.507909][   T25] usb 1-1: Manufacturer: syz
[  295.513346][   T25] usb 1-1: SerialNumber: syz
[  295.556291][   T25] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  295.617677][ T5832] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  296.075674][ T8256] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  296.381979][ T5881] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  296.544961][    T8] usb 1-1: USB disconnect, device number 14
[  296.591784][ T5881] usb 3-1: Using ep0 maxpacket: 16
[  296.614653][ T5881] usb 3-1: config 0 has an invalid interface number: 182 but max is 0
[  296.634965][ T5881] usb 3-1: config 0 has no interface number 0
[  296.670024][ T5881] usb 3-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  296.684416][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.712893][ T5881] usb 3-1: Product: syz
[  296.717234][ T5881] usb 3-1: Manufacturer: syz
[  296.722814][ T5881] usb 3-1: SerialNumber: syz
[  296.738709][ T5881] usb 3-1: config 0 descriptor??
[  296.830610][ T5832] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  298.182742][ T5832] ath9k_htc: Failed to initialize the device
[  298.326453][    T8] usb 1-1: ath9k_htc: USB layer deinitialized
[  298.908774][ T8271] netlink: 208 bytes leftover after parsing attributes in process `syz.1.564'.
[  301.042148][ T5927] usb 3-1: USB disconnect, device number 11
[  301.241869][ T8286] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  301.390700][ T5881] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  301.491948][ T5835] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  301.511485][ T5927] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  301.607688][ T5881] usb 2-1: config 0 has an invalid interface number: 189 but max is 0
[  301.647322][ T5881] usb 2-1: config 0 has no interface number 0
[  301.676125][ T5881] usb 2-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  301.707080][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.736983][ T5927] usb 3-1: config 0 has an invalid interface number: 156 but max is 1
[  301.756228][ T5881] usb 2-1: Product: syz
[  301.764823][ T5927] usb 3-1: config 0 has no interface number 1
[  301.780660][ T5881] usb 2-1: Manufacturer: syz
[  301.782842][ T5835] usb 4-1: Using ep0 maxpacket: 8
[  301.791077][ T5927] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  301.810694][ T5881] usb 2-1: SerialNumber: syz
[  301.811750][ T5835] usb 4-1: config 162 has an invalid interface number: 197 but max is 1
[  301.849394][ T5881] usb 2-1: config 0 descriptor??
[  301.860695][ T5927] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.876896][ T5835] usb 4-1: config 162 has an invalid interface number: 143 but max is 1
[  301.877143][ T5835] usb 4-1: config 162 has no interface number 0
[  301.914451][ T5881] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  301.954758][ T5881] dvb-usb: bulk message failed: -22 (3/0)
[  301.973150][ T5927] usb 3-1: config 0 descriptor??
[  301.993747][ T5927] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  302.030760][ T5927] usb 3-1: MIDIStreaming interface descriptor not found
[  302.049822][ T5881] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  302.092029][ T5881] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  302.109525][ T5835] usb 4-1: config 162 has no interface number 1
[  302.123876][ T5835] usb 4-1: config 162 interface 197 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  302.137823][ T5835] usb 4-1: config 162 interface 143 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  302.149209][ T5835] usb 4-1: config 162 interface 143 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  302.163383][ T5835] usb 4-1: config 162 interface 143 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  302.175639][ T5927] gspca_main: spca561-2.14.0 probing abcd:cdee
[  302.221722][ T5835] usb 4-1: config 162 interface 143 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  302.675132][ T5927] spca561 3-1:0.0: probe with driver spca561 failed with error -22
[  302.684737][ T5835] usb 4-1: config 162 interface 143 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  302.698511][ T5881] usb 2-1: media controller created
[  302.742148][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  302.744734][ T5835] usb 4-1: config 162 interface 197 has no altsetting 0
[  302.755832][ T5927] usb 3-1: USB disconnect, device number 12
[  302.852120][ T5835] usb 4-1: config 162 interface 143 has no altsetting 0
[  302.867585][ T5881] dvb-usb: bulk message failed: -22 (6/0)
[  302.937749][ T5881] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  303.012761][ T5835] usb 4-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=95.a7
[  303.051130][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.116535][ T5835] usb 4-1: Product: syz
[  303.146536][ T5835] usb 4-1: Manufacturer: syz
[  303.198918][ T5835] usb 4-1: SerialNumber: syz
[  303.964432][ T6044] udevd[6044]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  304.047974][ T5832] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  304.299667][ T5881] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input19
[  304.339662][ T5881] dvb-usb: schedule remote query interval to 150 msecs.
[  304.350383][ T8285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.394112][ T5881] dvb-usb: bulk message failed: -22 (3/0)
[  304.422741][ T5881] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  304.439520][ T8285] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.522344][ T5832] usb 1-1: Using ep0 maxpacket: 16
[  304.553890][ T5832] usb 1-1: config 0 has an invalid interface number: 182 but max is 0
[  304.561507][ T5881] dvb-usb: bulk message failed: -22 (1/0)
[  304.568642][ T5881] dvb-usb: error while querying for an remote control event.
[  304.579256][ T5832] usb 1-1: config 0 has no interface number 0
[  304.600048][ T5832] usb 1-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  304.644833][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.673542][ T8313] netlink: 36 bytes leftover after parsing attributes in process `syz.2.575'.
[  304.786007][ T5881] dvb-usb: bulk message failed: -22 (1/0)
[  304.796255][ T5881] dvb-usb: error while querying for an remote control event.
[  304.818512][ T5883] usb 2-1: USB disconnect, device number 19
[  304.892220][ T5835] usb 4-1: USB disconnect, device number 23
[  304.892564][   T55] Bluetooth: hci5: HCI Read Local Supported Commands not supported
[  304.900550][ T5832] usb 1-1: Product: syz
[  304.921679][ T5838] Bluetooth: hci5: sending frame failed (-19)
[  304.929491][   T55] Bluetooth: hci5: Opcode 0x0c03 failed: -19
[  304.961971][ T5832] usb 1-1: Manufacturer: syz
[  304.966764][ T5832] usb 1-1: SerialNumber: syz
[  304.998182][ T8319] netlink: 32 bytes leftover after parsing attributes in process `syz.4.567'.
[  305.230653][ T5832] usb 1-1: config 0 descriptor??
[  305.588684][ T8316] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  306.434794][ T5883] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  307.244295][ T5927] usb 1-1: USB disconnect, device number 15
[  307.331089][ T5835] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  307.470722][ T5835] usb 5-1: device descriptor read/64, error -71
[  307.571025][ T5883] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  307.720888][ T5835] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  307.741022][ T5883] usb 4-1: Using ep0 maxpacket: 16
[  307.812338][ T5883] usb 4-1: config 0 has an invalid interface number: 182 but max is 0
[  307.827181][ T5883] usb 4-1: config 0 has no interface number 0
[  307.857168][ T5883] usb 4-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  307.870768][ T5835] usb 5-1: device descriptor read/64, error -71
[  307.895186][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.950351][ T5883] usb 4-1: Product: syz
[  307.970252][ T5883] usb 4-1: Manufacturer: syz
[  307.991640][ T5883] usb 4-1: SerialNumber: syz
[  308.001588][ T5835] usb usb5-port1: attempt power cycle
[  308.024353][ T5883] usb 4-1: config 0 descriptor??
[  308.637210][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  308.637231][   T29] audit: type=1326 audit(1738578689.189:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8345 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  308.770865][   T29] audit: type=1326 audit(1738578689.189:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8345 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  308.888162][   T29] audit: type=1326 audit(1738578689.189:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8345 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  308.937955][   T29] audit: type=1326 audit(1738578689.189:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8345 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  308.964449][ T5835] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  309.019258][ T5835] usb 5-1: device descriptor read/8, error -71
[  309.028301][   T29] audit: type=1326 audit(1738578689.189:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8345 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  309.120080][ T8362] netlink: 44 bytes leftover after parsing attributes in process `syz.0.584'.
[  309.124838][   T29] audit: type=1326 audit(1738578689.189:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8345 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  309.555414][ T5927] usb 4-1: USB disconnect, device number 24
[  309.640008][ T8364] kAFS: unable to lookup cell '/yz1'
[  309.701843][ T8364] netdevsim netdevsim2: Direct firmware load for .
[  309.701843][ T8364]  failed with error -2
[  309.712786][ T8364] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  309.712786][ T8364] 
[  309.874172][ T8365] libceph: resolve '0.0' (ret=-3): failed
[  310.454984][ T8378] netlink: 'syz.0.587': attribute type 1 has an invalid length.
[  310.608838][ T8378] bond1: entered promiscuous mode
[  310.655238][ T8378] bond1: entered allmulticast mode
[  311.644216][ T8385] batadv1: entered allmulticast mode
[  311.773824][ T8385] 8021q: adding VLAN 0 to HW filter on device batadv1
[  311.892724][ T8385] bond1: (slave batadv1): making interface the new active one
[  311.926391][ T8385] batadv1: entered promiscuous mode
[  311.948985][ T8385] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  311.973038][ T8393] netlink: 32 bytes leftover after parsing attributes in process `syz.4.588'.
[  312.011041][ T8378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.587'.
[  312.019985][ T8378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.587'.
[  312.132124][ T8390] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-tlb(5)
[  312.498561][ T8417] siw: device registration error -23
[  313.006293][ T8415] Bluetooth: MGMT ver 1.23
[  313.371083][ T8423] afs: Bad value for 'source'
[  313.382200][   T29] audit: type=1326 audit(1738578693.899:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  313.416626][ T8423] libceph: resolve '0.0' (ret=-3): failed
[  313.652389][   T29] audit: type=1326 audit(1738578693.899:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  313.757093][   T29] audit: type=1326 audit(1738578693.899:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  313.794887][ T8434] netlink: 44 bytes leftover after parsing attributes in process `syz.2.597'.
[  313.888977][   T29] audit: type=1326 audit(1738578693.899:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  314.259959][   T29] audit: type=1326 audit(1738578693.899:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  314.561711][   T55] Bluetooth: hci4: command 0x0406 tx timeout
[  314.634581][   T29] audit: type=1326 audit(1738578693.899:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  314.656768][   T29] audit: type=1326 audit(1738578693.899:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  314.688475][   T29] audit: type=1326 audit(1738578693.899:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  314.845549][   T29] audit: type=1326 audit(1738578693.899:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  315.206448][   T29] audit: type=1326 audit(1738578693.899:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  315.365333][   T29] audit: type=1326 audit(1738578693.899:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8411 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2faf78cda9 code=0x7fc00000
[  316.254596][ T8463] FAULT_INJECTION: forcing a failure.
[  316.254596][ T8463] name failslab, interval 1, probability 0, space 0, times 0
[  316.267605][ T8463] CPU: 0 UID: 0 PID: 8463 Comm: syz.2.602 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  316.267634][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  316.267664][ T8463] Call Trace:
[  316.267673][ T8463]  <TASK>
[  316.267682][ T8463]  dump_stack_lvl+0x241/0x360
[  316.267728][ T8463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.267763][ T8463]  ? __pfx__printk+0x10/0x10
[  316.267806][ T8463]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  316.267837][ T8463]  ? __pfx___might_resched+0x10/0x10
[  316.267866][ T8463]  should_fail_ex+0x40a/0x550
[  316.267895][ T8463]  should_failslab+0xac/0x100
[  316.267924][ T8463]  __kmalloc_node_noprof+0xe1/0x4d0
[  316.267971][ T8463]  ? __kvmalloc_node_noprof+0x72/0x190
[  316.268010][ T8463]  __kvmalloc_node_noprof+0x72/0x190
[  316.268043][ T8463]  xt_alloc_table_info+0x3d/0xa0
[  316.268078][ T8463]  do_ip6t_set_ctl+0xba0/0x1270
[  316.268107][ T8463]  ? nf_setsockopt+0x240/0x2c0
[  316.268139][ T8463]  ? kstrtouint_from_user+0x128/0x190
[  316.268166][ T8463]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  316.268189][ T8463]  ? rcu_is_watching+0x15/0xb0
[  316.268222][ T8463]  ? trace_contention_end+0x3c/0x120
[  316.268265][ T8463]  ? __mutex_unlock_slowpath+0x227/0x800
[  316.268304][ T8463]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  316.268350][ T8463]  nf_setsockopt+0x295/0x2c0
[  316.268389][ T8463]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  316.268417][ T8463]  do_sock_setsockopt+0x3af/0x720
[  316.268455][ T8463]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  316.268493][ T8463]  ? __fget_files+0x395/0x410
[  316.268519][ T8463]  ? __fget_files+0x2a/0x410
[  316.268556][ T8463]  __x64_sys_setsockopt+0x1ee/0x280
[  316.268596][ T8463]  do_syscall_64+0xf3/0x230
[  316.268624][ T8463]  ? clear_bhb_loop+0x35/0x90
[  316.268658][ T8463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.268688][ T8463] RIP: 0033:0x7f78ced8cda9
[  316.268708][ T8463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.268726][ T8463] RSP: 002b:00007f78cfb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  316.268749][ T8463] RAX: ffffffffffffffda RBX: 00007f78cefa6160 RCX: 00007f78ced8cda9
[  316.268765][ T8463] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  316.268778][ T8463] RBP: 00007f78cfb87090 R08: 0000000000000448 R09: 0000000000000000
[  316.268798][ T8463] R10: 0000000020000840 R11: 0000000000000246 R12: 0000000000000001
[  316.268811][ T8463] R13: 0000000000000000 R14: 00007f78cefa6160 R15: 00007ffd765be9d8
[  316.268842][ T8463]  </TASK>
[  316.687705][ T8469] netlink: 32 bytes leftover after parsing attributes in process `syz.4.603'.
[  317.090412][ T8471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.605'.
[  317.099800][ T8471] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.107805][ T8471] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.296332][ T8471] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.364959][ T8471] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.459028][ T5881] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  317.573267][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  317.582826][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  317.634742][ T5881] usb 1-1: Using ep0 maxpacket: 8
[  317.655728][ T5881] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  317.658188][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.607'.
[  317.666257][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.702543][ T5881] usb 1-1: config 0 descriptor??
[  317.734684][ T5832] kernel write not supported for file /uinput (pid: 5832 comm: kworker/1:3)
[  317.926888][ T5881] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  318.152358][ T8482] siw: device registration error -23
[  318.573368][ T5881] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  318.604055][ T5881] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  318.626441][ T5881] asix 1-1:0.0: probe with driver asix failed with error -71
[  318.643100][ T5881] usb 1-1: USB disconnect, device number 16
[  319.029215][ T8489] netlink: 44 bytes leftover after parsing attributes in process `syz.1.612'.
[  319.123734][ T8487] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  319.455881][ T5835] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  319.666870][ T5835] usb 5-1: config 0 has an invalid interface number: 156 but max is 1
[  319.698196][ T5835] usb 5-1: config 0 has no interface number 1
[  319.739560][ T5835] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  319.802127][ T8496] kAFS: unable to lookup cell '/yz1'
[  319.860562][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.864428][ T8496] netdevsim netdevsim0: Direct firmware load for .
[  319.864428][ T8496]  failed with error -2
[  319.881591][ T8496] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  319.881591][ T8496] 
[  319.929036][ T8497] libceph: resolve '0.0' (ret=-3): failed
[  320.030733][ T5835] usb 5-1: config 0 descriptor??
[  320.106373][ T5835] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  320.121150][ T5835] usb 5-1: MIDIStreaming interface descriptor not found
[  321.264515][ T5835] gspca_main: spca561-2.14.0 probing abcd:cdee
[  321.355258][ T5835] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  322.343837][ T5835] usb 5-1: USB disconnect, device number 25
[  323.156128][ T6048] udevd[6048]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  324.288682][ T8517] netlink: 56 bytes leftover after parsing attributes in process `syz.3.621'.
[  324.670575][    T9] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  325.602215][    T9] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  325.637798][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.651177][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  325.651199][   T29] audit: type=1326 audit(1738578706.209:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  325.711330][    T9] usb 4-1: config 0 descriptor??
[  325.776194][   T29] audit: type=1326 audit(1738578706.209:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  325.819340][   T29] audit: type=1326 audit(1738578706.209:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  325.891017][   T29] audit: type=1326 audit(1738578706.209:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  325.951152][ T8517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.959962][ T8517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  326.010737][   T29] audit: type=1326 audit(1738578706.209:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  326.084399][   T29] audit: type=1326 audit(1738578706.209:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  326.130696][   T25] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  326.140915][   T29] audit: type=1326 audit(1738578706.209:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  326.173830][   T29] audit: type=1326 audit(1738578706.209:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  326.196527][    T9] [drm:udl_init] *ERROR* Selecting channel failed
[  326.234616][    T9] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  326.241500][    T9] [drm] Initialized udl on minor 2
[  326.250160][    T9] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  326.270634][   T29] audit: type=1326 audit(1738578706.209:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  326.307524][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  326.329442][    T9] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  326.337825][   T29] audit: type=1326 audit(1738578706.209:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8519 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed078cda9 code=0x7fc00000
[  326.360045][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  326.367022][ T5881] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  326.393153][    T9] usb 4-1: USB disconnect, device number 25
[  326.394468][   T25] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  326.409386][ T5881] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  326.440885][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.462268][   T25] usb 3-1: config 0 descriptor??
[  326.506428][ T8549] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  326.768264][ T5835] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  327.244606][ T5835] usb 1-1: config 0 has an invalid interface number: 156 but max is 1
[  327.280993][   T25] apple 0003:05AC:0247.0007: hidraw0: USB HID v0.01 Device [HID 05ac:0247] on usb-dummy_hcd.2-1/input0
[  327.307060][ T5835] usb 1-1: config 0 has no interface number 1
[  327.321456][ T5835] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  327.341211][   T25] usb 3-1: USB disconnect, device number 13
[  327.351285][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.384485][ T5835] usb 1-1: config 0 descriptor??
[  327.424448][ T5835] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  327.456729][ T5835] usb 1-1: MIDIStreaming interface descriptor not found
[  327.535676][ T5835] gspca_main: spca561-2.14.0 probing abcd:cdee
[  327.598937][ T5835] spca561 1-1:0.0: probe with driver spca561 failed with error -22
[  327.639644][ T5835] usb 1-1: USB disconnect, device number 17
[  327.938320][ T6048] udevd[6048]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  328.751218][ T8558] netlink: 12 bytes leftover after parsing attributes in process `syz.3.632'.
[  329.165862][ T8571] trusted_key: encrypted_key: insufficient parameters specified
[  329.340958][ T5881] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  329.523661][ T5881] usb 5-1: device descriptor read/64, error -71
[  329.780701][ T5881] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  330.000723][ T8597] bond0: (slave netdevsim0): Error: Device can not be enslaved while up
[  330.198676][ T8597] bond0: (slave netdevsim0): Error: Device can not be enslaved while up
[  330.210649][ T5881] usb 5-1: device descriptor read/64, error -71
[  330.348897][ T5881] usb usb5-port1: attempt power cycle
[  330.945179][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.646'.
[  330.991061][ T5881] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  331.031709][ T5881] usb 5-1: device descriptor read/8, error -71
[  331.074460][ T8612] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  331.320607][  T975] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  331.450874][ T5881] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  331.471430][ T5881] usb 5-1: device descriptor read/8, error -71
[  331.512529][  T975] usb 1-1: config 0 has an invalid interface number: 156 but max is 1
[  331.524603][  T975] usb 1-1: config 0 has no interface number 1
[  331.537004][  T975] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  331.557468][  T975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.612247][ T8626] overlayfs: failed to resolve './file0': -2
[  331.712787][ T8627] rdma_rxe: rxe_newlink: failed to add lo
[  332.335946][ T5881] usb usb5-port1: unable to enumerate USB device
[  332.403470][  T975] usb 1-1: config 0 descriptor??
[  332.416595][  T975] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  332.433755][  T975] usb 1-1: MIDIStreaming interface descriptor not found
[  332.463854][  T975] gspca_main: spca561-2.14.0 probing abcd:cdee
[  332.626871][  T975] spca561 1-1:0.0: probe with driver spca561 failed with error -22
[  332.693209][  T975] usb 1-1: USB disconnect, device number 18
[  334.737354][ T8641] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  334.743955][ T8641] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  334.846121][ T8641] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  334.852897][ T8641] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  334.853009][ T5845] udevd[5845]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  334.969743][ T8641] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  334.977102][ T8641] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  335.038585][ T8641] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  335.044965][ T8641] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  335.152440][ T8641] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  335.158651][ T8641] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  335.531010][  T975] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  335.607375][ T8666] loop9: detected capacity change from 0 to 7
[  335.651163][ T8666] buffer_io_error: 4 callbacks suppressed
[  335.651186][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.690839][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.705990][ T8668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.659'.
[  335.716732][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.740267][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.741526][  T975] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  335.766723][ T8668] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3)
[  335.789149][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.797219][  T975] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  335.818039][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.828061][  T975] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  335.837096][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.865811][ T8666] ldm_validate_partition_table(): Disk read failed.
[  335.870593][  T975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.886494][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  335.920591][  T975] usb 5-1: config 0 descriptor??
[  335.979291][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  336.015955][ T8666] Buffer I/O error on dev loop9, logical block 0, async page read
[  336.047223][ T8666] Dev loop9: unable to read RDB block 0
[  336.075491][ T8666]  loop9: unable to read partition table
[  336.098047][ T8666] loop9: partition table beyond EOD, truncated
[  336.147414][ T8666] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  336.245416][ T8680] sctp: [Deprecated]: syz.1.662 (pid 8680) Use of struct sctp_assoc_value in delayed_ack socket option.
[  336.245416][ T8680] Use struct sctp_sack_info instead
[  336.456036][ T8684] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  336.571760][    T9] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  336.770657][ T5838] Bluetooth: hci0: command 0x0406 tx timeout
[  336.788995][  T975] usbhid 5-1:0.0: can't add hid device: -71
[  336.791356][  T975] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  336.801413][  T975] usb 5-1: USB disconnect, device number 30
[  336.934109][ T5838] Bluetooth: hci1: command 0x0406 tx timeout
[  336.970718][    T9] usb 2-1: Using ep0 maxpacket: 8
[  337.020974][ T5838] Bluetooth: hci3: command 0x0406 tx timeout
[  337.087466][ T5832] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  337.090655][ T5838] Bluetooth: hci2: command 0x0406 tx timeout
[  337.170729][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  337.200649][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  337.219394][    T9] usb 2-1: unable to read config index 0 descriptor/start: -71
[  337.229808][    T9] usb 2-1: can't read configurations, error -71
[  337.402572][ T5832] usb 4-1: config 0 has an invalid interface number: 156 but max is 1
[  337.415398][ T5832] usb 4-1: config 0 has no interface number 1
[  337.450982][ T5832] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  337.481015][ T5832] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.511211][ T5832] usb 4-1: config 0 descriptor??
[  337.525193][ T5832] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  337.556234][ T5832] usb 4-1: MIDIStreaming interface descriptor not found
[  337.556536][ T5881] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  337.625636][ T5832] gspca_main: spca561-2.14.0 probing abcd:cdee
[  338.188142][ T5832] spca561 4-1:0.0: probe with driver spca561 failed with error -22
[  338.237398][ T5832] usb 4-1: USB disconnect, device number 26
[  338.248763][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  338.290679][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  338.349099][ T5881] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  338.413011][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.447733][ T5881] usb 3-1: config 0 descriptor??
[  338.581646][ T6048] udevd[6048]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  338.850571][ T5838] Bluetooth: hci0: command 0x0406 tx timeout
[  339.218134][ T8701] gre1: entered promiscuous mode
[  339.223285][ T8701] gre1: entered allmulticast mode
[  339.279999][   T55] Bluetooth: hci3: command 0x0406 tx timeout
[  339.286818][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  339.296134][ T5838] Bluetooth: hci1: command 0x0406 tx timeout
[  339.302769][   T55] Bluetooth: hci4: command 0x0406 tx timeout
[  340.195936][ T5881] usbhid 3-1:0.0: can't add hid device: -71
[  340.313164][ T5881] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  340.372617][ T5881] usb 3-1: USB disconnect, device number 14
[  341.731264][   T29] kauditd_printk_skb: 54 callbacks suppressed
[  341.731287][   T29] audit: type=1800 audit(1738578722.279:237): pid=8714 uid=0 auid=4294967295 ses=4294967295 subj=_ op=set_data cause=unavailable-hash-algorithm comm="syz.3.672" name="/" dev="sockfs" ino=18649 res=0 errno=0
[  341.744789][ T8724] netlink: 'syz.1.673': attribute type 4 has an invalid length.
[  341.813712][ T5836] Bluetooth: hci2: command 0x0406 tx timeout
[  342.410899][ T5881] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  343.590568][ T5881] usb 1-1: Using ep0 maxpacket: 16
[  343.599061][ T5881] usb 1-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  343.609527][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  343.621689][ T5881] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  343.632746][ T5881] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  343.821166][ T8746] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  344.139753][ T5835] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  344.413596][ T5881] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  344.424213][ T5881] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  344.456369][ T5881] usb 1-1: Manufacturer: syz
[  344.489527][ T5881] usb 1-1: config 0 descriptor??
[  344.556303][ T5835] usb 4-1: config 0 has an invalid interface number: 156 but max is 1
[  344.592855][ T5835] usb 4-1: config 0 has no interface number 1
[  344.613557][ T5835] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  344.634974][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.664537][ T5835] usb 4-1: config 0 descriptor??
[  344.698808][ T5835] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  344.707496][ T5835] usb 4-1: MIDIStreaming interface descriptor not found
[  344.781271][ T5835] gspca_main: spca561-2.14.0 probing abcd:cdee
[  344.819550][ T5832] usb 1-1: USB disconnect, device number 19
[  344.906710][ T5835] spca561 4-1:0.0: probe with driver spca561 failed with error -22
[  344.906816][ T5881] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  344.915024][  T975] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  344.958738][ T5835] usb 4-1: USB disconnect, device number 27
[  345.100069][ T5881] usb 5-1: Using ep0 maxpacket: 16
[  345.113959][  T975] usb 2-1: Using ep0 maxpacket: 16
[  345.122450][ T5881] usb 5-1: config 0 has an invalid interface number: 182 but max is 0
[  345.139725][ T5881] usb 5-1: config 0 has no interface number 0
[  345.149122][ T5881] usb 5-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  345.169099][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.174547][  T975] usb 2-1: config 0 has an invalid interface number: 182 but max is 0
[  345.189551][ T5881] usb 5-1: Product: syz
[  345.194314][ T5881] usb 5-1: Manufacturer: syz
[  345.198978][ T5881] usb 5-1: SerialNumber: syz
[  345.200088][  T975] usb 2-1: config 0 has no interface number 0
[  345.232203][ T5881] usb 5-1: config 0 descriptor??
[  345.246963][  T975] usb 2-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  345.267524][  T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.275682][  T975] usb 2-1: Product: syz
[  345.279907][  T975] usb 2-1: Manufacturer: syz
[  345.284676][  T975] usb 2-1: SerialNumber: syz
[  345.327817][  T975] usb 2-1: config 0 descriptor??
[  346.775018][ T5835] usb 5-1: USB disconnect, device number 31
[  346.799693][ T5883] usb 2-1: USB disconnect, device number 22
[  348.454261][ T8781] netlink: 32 bytes leftover after parsing attributes in process `syz.4.687'.
[  350.590608][ T5881] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  350.760649][ T5881] usb 5-1: device descriptor read/64, error -71
[  351.100651][ T5881] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  351.265599][ T5881] usb 5-1: device descriptor read/64, error -71
[  351.505253][ T5881] usb usb5-port1: attempt power cycle
[  351.810819][  T975] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  351.850595][ T5881] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  351.901267][ T5881] usb 5-1: device descriptor read/8, error -71
[  352.000674][  T975] usb 3-1: Using ep0 maxpacket: 16
[  352.020284][  T975] usb 3-1: config 0 has an invalid interface number: 182 but max is 0
[  352.036466][  T975] usb 3-1: config 0 has no interface number 0
[  352.048335][  T975] usb 3-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  352.069469][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.088847][  T975] usb 3-1: Product: syz
[  352.095703][  T975] usb 3-1: Manufacturer: syz
[  352.100545][  T975] usb 3-1: SerialNumber: syz
[  352.125752][  T975] usb 3-1: config 0 descriptor??
[  352.178050][ T5881] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  352.221371][ T5881] usb 5-1: device descriptor read/8, error -71
[  352.347439][ T5881] usb usb5-port1: unable to enumerate USB device
[  353.536868][ T5883] usb 3-1: USB disconnect, device number 15
[  356.073088][ T8830] netlink: 32 bytes leftover after parsing attributes in process `syz.1.702'.
[  356.370878][  T975] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  356.844682][ T8836] netlink: zone id is out of range
[  356.905893][ T8836] netlink: set zone limit has 8 unknown bytes
[  357.043183][  T975] usb 4-1: unable to get BOS descriptor or descriptor too short
[  357.060876][  T975] usb 4-1: unable to read config index 0 descriptor/start: -71
[  357.079077][  T975] usb 4-1: can't read configurations, error -71
[  358.237120][ T8846] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  358.637244][ T8850] overlayfs: failed to resolve './file0': -2
[  358.742496][ T8851] rdma_rxe: rxe_newlink: failed to add lo
[  359.515759][ T8857] FAULT_INJECTION: forcing a failure.
[  359.515759][ T8857] name failslab, interval 1, probability 0, space 0, times 0
[  359.528974][ T8857] CPU: 1 UID: 0 PID: 8857 Comm: syz.2.710 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  359.529002][ T8857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  359.529015][ T8857] Call Trace:
[  359.529023][ T8857]  <TASK>
[  359.529031][ T8857]  dump_stack_lvl+0x241/0x360
[  359.529073][ T8857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.529107][ T8857]  ? __pfx__printk+0x10/0x10
[  359.529152][ T8857]  should_fail_ex+0x40a/0x550
[  359.529180][ T8857]  should_failslab+0xac/0x100
[  359.529207][ T8857]  ? skb_clone+0x20c/0x390
[  359.529227][ T8857]  kmem_cache_alloc_noprof+0x70/0x380
[  359.529261][ T8857]  skb_clone+0x20c/0x390
[  359.529279][ T8857]  ? dev_queue_xmit_nit+0x3fe/0xca0
[  359.529312][ T8857]  dev_queue_xmit_nit+0x249/0xca0
[  359.529342][ T8857]  ? dev_queue_xmit_nit+0x2b/0xca0
[  359.529372][ T8857]  ? validate_xmit_skb+0x9b8/0xff0
[  359.529411][ T8857]  dev_hard_start_xmit+0x15f/0x7d0
[  359.529446][ T8857]  ? __pfx_validate_xmit_skb+0x10/0x10
[  359.529491][ T8857]  __dev_queue_xmit+0x1b73/0x3f50
[  359.529533][ T8857]  ? kasan_save_track+0x51/0x80
[  359.529560][ T8857]  ? ____sys_sendmsg+0x52a/0x7e0
[  359.529599][ T8857]  ? __dev_queue_xmit+0x2f4/0x3f50
[  359.529637][ T8857]  ? __pfx___dev_queue_xmit+0x10/0x10
[  359.529689][ T8857]  ? __copy_skb_header+0x437/0x5b0
[  359.529724][ T8857]  ? __asan_memcpy+0x40/0x70
[  359.529756][ T8857]  ? __copy_skb_header+0x437/0x5b0
[  359.529794][ T8857]  ? __skb_clone+0x454/0x6c0
[  359.529836][ T8857]  ? skb_clone+0x240/0x390
[  359.529859][ T8857]  __netlink_deliver_tap+0x56b/0x7f0
[  359.529905][ T8857]  ? netlink_deliver_tap+0x2e/0x1b0
[  359.529936][ T8857]  netlink_deliver_tap+0x19d/0x1b0
[  359.529970][ T8857]  netlink_unicast+0x7c4/0x990
[  359.530009][ T8857]  ? __pfx_netlink_unicast+0x10/0x10
[  359.530036][ T8857]  ? __virt_addr_valid+0x45f/0x530
[  359.530068][ T8857]  ? __phys_addr_symbol+0x2f/0x70
[  359.530097][ T8857]  ? __check_object_size+0x47a/0x730
[  359.530128][ T8857]  netlink_sendmsg+0x8e4/0xcb0
[  359.530176][ T8857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.530225][ T8857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.530255][ T8857]  __sock_sendmsg+0x221/0x270
[  359.530285][ T8857]  ____sys_sendmsg+0x52a/0x7e0
[  359.530327][ T8857]  ? __pfx_____sys_sendmsg+0x10/0x10
[  359.530358][ T8857]  ? __fget_files+0x2a/0x410
[  359.530389][ T8857]  ? __fget_files+0x2a/0x410
[  359.530427][ T8857]  __sys_sendmsg+0x269/0x350
[  359.530467][ T8857]  ? __pfx___sys_sendmsg+0x10/0x10
[  359.530512][ T8857]  ? do_sys_openat2+0x17a/0x1d0
[  359.530576][ T8857]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  359.530607][ T8857]  ? do_syscall_64+0x100/0x230
[  359.530638][ T8857]  ? do_syscall_64+0xb6/0x230
[  359.530668][ T8857]  do_syscall_64+0xf3/0x230
[  359.530696][ T8857]  ? clear_bhb_loop+0x35/0x90
[  359.530730][ T8857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.530759][ T8857] RIP: 0033:0x7f78ced8cda9
[  359.530779][ T8857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.530797][ T8857] RSP: 002b:00007f78cfbc9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  359.530819][ T8857] RAX: ffffffffffffffda RBX: 00007f78cefa5fa0 RCX: 00007f78ced8cda9
[  359.530835][ T8857] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  359.530848][ T8857] RBP: 00007f78cfbc9090 R08: 0000000000000000 R09: 0000000000000000
[  359.530862][ T8857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.530874][ T8857] R13: 0000000000000000 R14: 00007f78cefa5fa0 R15: 00007ffd765be9d8
[  359.530907][ T8857]  </TASK>
[  363.280894][  T975] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  363.490979][  T975] usb 3-1: Using ep0 maxpacket: 16
[  363.603139][  T975] usb 3-1: config 0 has an invalid interface number: 182 but max is 0
[  363.945066][  T975] usb 3-1: config 0 has no interface number 0
[  364.031820][  T975] usb 3-1: New USB device found, idVendor=0930, idProduct=0227, bcdDevice=34.5e
[  364.517827][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.532661][ T5835] kernel write not supported for file /474/net/sockstat (pid: 5835 comm: kworker/1:4)
[  364.601217][  T975] usb 3-1: Product: syz
[  364.605447][  T975] usb 3-1: Manufacturer: syz
[  364.652572][  T975] usb 3-1: SerialNumber: syz
[  364.678862][  T975] usb 3-1: config 0 descriptor??
[  364.696938][  T975] usb 3-1: can't set config #0, error -71
[  364.711833][  T975] usb 3-1: USB disconnect, device number 16
[  365.150567][ T8886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  366.467198][ T8896] xt_nfacct: accounting object `syz1' does not exists
[  367.085659][ T8905] overlayfs: failed to resolve './file0': -2
[  367.110553][ T8905] rdma_rxe: rxe_newlink: failed to add lo
[  368.129391][ T8903] wg1 speed is unknown, defaulting to 1000
[  368.159161][ T8903] lo speed is unknown, defaulting to 1000
[  369.160486][ T8916] x_tables: duplicate underflow at hook 1
[  370.876405][ T8927] FAULT_INJECTION: forcing a failure.
[  370.876405][ T8927] name failslab, interval 1, probability 0, space 0, times 0
[  370.931191][ T8927] CPU: 1 UID: 0 PID: 8927 Comm: syz.0.732 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  370.931229][ T8927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  370.931243][ T8927] Call Trace:
[  370.931250][ T8927]  <TASK>
[  370.931260][ T8927]  dump_stack_lvl+0x241/0x360
[  370.931303][ T8927]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.931336][ T8927]  ? __pfx__printk+0x10/0x10
[  370.931381][ T8927]  should_fail_ex+0x40a/0x550
[  370.931409][ T8927]  should_failslab+0xac/0x100
[  370.931436][ T8927]  ? skb_clone+0x20c/0x390
[  370.931455][ T8927]  kmem_cache_alloc_noprof+0x70/0x380
[  370.931489][ T8927]  skb_clone+0x20c/0x390
[  370.931513][ T8927]  __netlink_deliver_tap+0x3cc/0x7f0
[  370.931555][ T8927]  ? netlink_deliver_tap+0x2e/0x1b0
[  370.931585][ T8927]  netlink_deliver_tap+0x19d/0x1b0
[  370.931617][ T8927]  netlink_dump+0x8c6/0xe10
[  370.931660][ T8927]  ? __pfx_netlink_dump+0x10/0x10
[  370.931705][ T8927]  ? __pfx_lock_acquire+0x10/0x10
[  370.931744][ T8927]  __netlink_dump_start+0x5a2/0x790
[  370.931783][ T8927]  ? __pfx_tc_dump_action+0x10/0x10
[  370.931812][ T8927]  rtnetlink_rcv_msg+0xb3d/0xcf0
[  370.931844][ T8927]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  370.931866][ T8927]  ? __pfx_rtnl_dumpit+0x10/0x10
[  370.931887][ T8927]  ? __pfx_tc_dump_action+0x10/0x10
[  370.931919][ T8927]  ? ref_tracker_free+0x643/0x7e0
[  370.931958][ T8927]  netlink_rcv_skb+0x1e3/0x430
[  370.931991][ T8927]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  370.932016][ T8927]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  370.932073][ T8927]  ? netlink_deliver_tap+0x2e/0x1b0
[  370.932109][ T8927]  netlink_unicast+0x7f6/0x990
[  370.932147][ T8927]  ? __pfx_netlink_unicast+0x10/0x10
[  370.932174][ T8927]  ? __virt_addr_valid+0x45f/0x530
[  370.932206][ T8927]  ? __phys_addr_symbol+0x2f/0x70
[  370.932235][ T8927]  ? __check_object_size+0x47a/0x730
[  370.932267][ T8927]  netlink_sendmsg+0x8e4/0xcb0
[  370.932313][ T8927]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.932359][ T8927]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.932390][ T8927]  __sock_sendmsg+0x221/0x270
[  370.932420][ T8927]  ____sys_sendmsg+0x52a/0x7e0
[  370.932461][ T8927]  ? __pfx_____sys_sendmsg+0x10/0x10
[  370.932490][ T8927]  ? __fget_files+0x2a/0x410
[  370.932520][ T8927]  ? __fget_files+0x2a/0x410
[  370.932555][ T8927]  __sys_sendmsg+0x269/0x350
[  370.932589][ T8927]  ? __pfx___sys_sendmsg+0x10/0x10
[  370.932633][ T8927]  ? do_sys_openat2+0x17a/0x1d0
[  370.932684][ T8927]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  370.932712][ T8927]  ? do_syscall_64+0x100/0x230
[  370.932742][ T8927]  ? do_syscall_64+0xb6/0x230
[  370.932770][ T8927]  do_syscall_64+0xf3/0x230
[  370.932795][ T8927]  ? clear_bhb_loop+0x35/0x90
[  370.932828][ T8927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.932854][ T8927] RIP: 0033:0x7feed078cda9
[  370.932872][ T8927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.932889][ T8927] RSP: 002b:00007feed161e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  370.932911][ T8927] RAX: ffffffffffffffda RBX: 00007feed09a5fa0 RCX: 00007feed078cda9
[  370.932925][ T8927] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  370.932938][ T8927] RBP: 00007feed161e090 R08: 0000000000000000 R09: 0000000000000000
[  370.932949][ T8927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.932969][ T8927] R13: 0000000000000000 R14: 00007feed09a5fa0 R15: 00007ffe62f539f8
[  370.932998][ T8927]  </TASK>
[  371.283560][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  371.455866][    T9] usb 2-1: Using ep0 maxpacket: 16
[  371.471251][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  371.543806][    T9] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a
[  371.560848][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.584953][    T9] usb 2-1: Product: syz
[  371.589311][    T9] usb 2-1: Manufacturer: syz
[  371.589465][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.609259][    T9] usb 2-1: SerialNumber: syz
[  371.631454][    T9] usb 2-1: config 0 descriptor??
[  371.691098][    T9] pegasus_notetaker 2-1:0.0: probe with driver pegasus_notetaker failed with error -22
[  373.264329][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.849707][ T8942] netlink: 12 bytes leftover after parsing attributes in process `syz.0.737'.
[  373.956054][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.013558][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  374.024661][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  374.043207][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  374.072879][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  374.091421][   T55] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  374.101374][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  374.221731][ T8942] 8021q: adding VLAN 0 to HW filter on device bond2
[  374.315399][ T5832] usb 2-1: USB disconnect, device number 23
[  374.741983][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.805961][ T8955] 8021q: adding VLAN 0 to HW filter on device bond2
[  374.813380][ T8955] bond2: (slave ipip0): The slave device specified does not support setting the MAC address
[  374.825851][ T8955] bond2: (slave ipip0): Error -95 calling set_mac_address
[  375.076084][ T8946] wg1 speed is unknown, defaulting to 1000
[  375.852736][ T8946] lo speed is unknown, defaulting to 1000
[  376.190648][ T5836] Bluetooth: hci2: command tx timeout
[  376.353839][   T11] bridge_slave_1: left allmulticast mode
[  376.360129][   T11] bridge_slave_1: left promiscuous mode
[  376.832157][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.993816][   T11] bridge_slave_0: left allmulticast mode
[  377.028952][   T11] bridge_slave_0: left promiscuous mode
[  377.055592][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.563000][ T8994] kAFS: unable to lookup cell '/yz1'
[  378.210643][ T5836] Bluetooth: hci2: command tx timeout
[  379.015791][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  379.024151][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  380.294342][ T5836] Bluetooth: hci2: command tx timeout
[  382.372013][ T5836] Bluetooth: hci2: command tx timeout
[  394.237033][ T1294] ==================================================================
[  394.245265][ T1294] BUG: KASAN: slab-use-after-free in handle_tx+0x472/0x640
[  394.252508][ T1294] Read of size 1 at addr ffff888061ac7490 by task aoe_tx0/1294
[  394.260086][ T1294] 
[  394.262476][ T1294] CPU: 1 UID: 0 PID: 1294 Comm: aoe_tx0 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  394.262494][ T1294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  394.262504][ T1294] Call Trace:
[  394.262512][ T1294]  <TASK>
[  394.262519][ T1294]  dump_stack_lvl+0x241/0x360
[  394.262550][ T1294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  394.262574][ T1294]  ? __pfx__printk+0x10/0x10
[  394.262595][ T1294]  ? _printk+0xd5/0x120
[  394.262616][ T1294]  ? __virt_addr_valid+0x183/0x530
[  394.262639][ T1294]  ? __virt_addr_valid+0x183/0x530
[  394.262660][ T1294]  print_report+0x169/0x550
[  394.262678][ T1294]  ? __virt_addr_valid+0x183/0x530
[  394.262698][ T1294]  ? __virt_addr_valid+0x183/0x530
[  394.262717][ T1294]  ? __virt_addr_valid+0x45f/0x530
[  394.262737][ T1294]  ? __phys_addr+0xba/0x170
[  394.262757][ T1294]  ? handle_tx+0x472/0x640
[  394.262772][ T1294]  kasan_report+0x143/0x180
[  394.262790][ T1294]  ? handle_tx+0x472/0x640
[  394.262806][ T1294]  ? __pfx_uart_write+0x10/0x10
[  394.262823][ T1294]  handle_tx+0x472/0x640
[  394.262843][ T1294]  dev_hard_start_xmit+0x27a/0x7d0
[  394.262873][ T1294]  __dev_queue_xmit+0x1b73/0x3f50
[  394.262901][ T1294]  ? __dev_queue_xmit+0x2f4/0x3f50
[  394.262925][ T1294]  ? __pfx___dev_queue_xmit+0x10/0x10
[  394.262949][ T1294]  ? skb_dequeue+0x113/0x150
[  394.262966][ T1294]  ? do_raw_spin_lock+0x14f/0x370
[  394.262982][ T1294]  ? __pfx_lock_release+0x10/0x10
[  394.263009][ T1294]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  394.263031][ T1294]  ? _raw_spin_unlock_irq+0x23/0x50
[  394.263047][ T1294]  ? lockdep_hardirqs_on+0x99/0x150
[  394.263067][ T1294]  tx+0x6b/0x180
[  394.263084][ T1294]  ? __pfx_tx+0x10/0x10
[  394.263101][ T1294]  kthread+0x23a/0x450
[  394.263116][ T1294]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  394.263135][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263151][ T1294]  ? __pfx_default_wake_function+0x10/0x10
[  394.263175][ T1294]  ? __kthread_parkme+0x169/0x1d0
[  394.263194][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263209][ T1294]  kthread+0x7a9/0x920
[  394.263228][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263247][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263262][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263280][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263300][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263317][ T1294]  ? _raw_spin_unlock_irq+0x23/0x50
[  394.263332][ T1294]  ? lockdep_hardirqs_on+0x99/0x150
[  394.263349][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263368][ T1294]  ret_from_fork+0x4b/0x80
[  394.263386][ T1294]  ? __pfx_kthread+0x10/0x10
[  394.263404][ T1294]  ret_from_fork_asm+0x1a/0x30
[  394.263433][ T1294]  </TASK>
[  394.263439][ T1294] 
[  394.515921][ T1294] Allocated by task 6432:
[  394.520257][ T1294]  kasan_save_track+0x3f/0x80
[  394.524977][ T1294]  __kasan_kmalloc+0x98/0xb0
[  394.529663][ T1294]  __kmalloc_cache_noprof+0x243/0x390
[  394.535053][ T1294]  alloc_tty_struct+0xa9/0x7d0
[  394.539827][ T1294]  tty_init_dev+0x5b/0x4c0
[  394.544255][ T1294]  tty_open+0x9d9/0xde0
[  394.548427][ T1294]  chrdev_open+0x521/0x600
[  394.552861][ T1294]  do_dentry_open+0xdec/0x1960
[  394.557639][ T1294]  vfs_open+0x3b/0x370
[  394.561722][ T1294]  path_openat+0x2c81/0x3590
[  394.566332][ T1294]  do_filp_open+0x27f/0x4e0
[  394.570884][ T1294]  do_sys_openat2+0x13e/0x1d0
[  394.575597][ T1294]  __x64_sys_openat+0x247/0x2a0
[  394.580488][ T1294]  do_syscall_64+0xf3/0x230
[  394.585128][ T1294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.591131][ T1294] 
[  394.593466][ T1294] Freed by task 9:
[  394.597192][ T1294]  kasan_save_track+0x3f/0x80
[  394.601880][ T1294]  kasan_save_free_info+0x40/0x50
[  394.606921][ T1294]  __kasan_slab_free+0x59/0x70
[  394.611695][ T1294]  kfree+0x196/0x430
[  394.615606][ T1294]  process_scheduled_works+0xa66/0x1840
[  394.621160][ T1294]  worker_thread+0x870/0xd30
[  394.625762][ T1294]  kthread+0x7a9/0x920
[  394.629844][ T1294]  ret_from_fork+0x4b/0x80
[  394.634274][ T1294]  ret_from_fork_asm+0x1a/0x30
[  394.639048][ T1294] 
[  394.641377][ T1294] Last potentially related work creation:
[  394.647098][ T1294]  kasan_save_stack+0x3f/0x60
[  394.651783][ T1294]  kasan_record_aux_stack+0xaa/0xc0
[  394.657952][ T1294]  insert_work+0x3e/0x330
[  394.662292][ T1294]  __queue_work+0xc8b/0xf50
[  394.666812][ T1294]  queue_work_on+0x1c2/0x380
[  394.671413][ T1294]  tty_release_struct+0xbc/0xe0
[  394.676280][ T1294]  tty_release+0xd06/0x12c0
[  394.680804][ T1294]  __fput+0x3e9/0x9f0
[  394.684816][ T1294]  task_work_run+0x24f/0x310
[  394.689434][ T1294]  do_exit+0xa2a/0x28e0
[  394.693605][ T1294]  do_group_exit+0x207/0x2c0
[  394.698209][ T1294]  get_signal+0x16b2/0x1750
[  394.702731][ T1294]  arch_do_signal_or_restart+0x96/0x860
[  394.708312][ T1294]  syscall_exit_to_user_mode+0xce/0x340
[  394.713890][ T1294]  do_syscall_64+0x100/0x230
[  394.718491][ T1294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.724402][ T1294] 
[  394.726732][ T1294] The buggy address belongs to the object at ffff888061ac7000
[  394.726732][ T1294]  which belongs to the cache kmalloc-cg-2k of size 2048
[  394.741048][ T1294] The buggy address is located 1168 bytes inside of
[  394.741048][ T1294]  freed 2048-byte region [ffff888061ac7000, ffff888061ac7800)
[  394.755134][ T1294] 
[  394.757459][ T1294] The buggy address belongs to the physical page:
[  394.763887][ T1294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61ac0
[  394.772666][ T1294] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  394.781171][ T1294] memcg:ffff88802fd8d301
[  394.785450][ T1294] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  394.793526][ T1294] page_type: f5(slab)
[  394.797512][ T1294] raw: 00fff00000000040 ffff88801ac4f3c0 ffffea00017f3800 dead000000000002
[  394.806281][ T1294] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff88802fd8d301
[  394.814965][ T1294] head: 00fff00000000040 ffff88801ac4f3c0 ffffea00017f3800 dead000000000002
[  394.823640][ T1294] head: 0000000000000000 0000000000080008 00000000f5000000 ffff88802fd8d301
[  394.832320][ T1294] head: 00fff00000000003 ffffea000186b001 ffffffffffffffff 0000000000000000
[  394.840996][ T1294] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  394.849761][ T1294] page dumped because: kasan: bad access detected
[  394.856189][ T1294] page_owner tracks the page as allocated
[  394.861909][ T1294] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5829, tgid 5829 (syz-executor), ts 135458634338, free_ts 135452051778
[  394.883461][ T1294]  post_alloc_hook+0x1f4/0x240
[  394.888247][ T1294]  get_page_from_freelist+0x3651/0x37a0
[  394.893808][ T1294]  __alloc_frozen_pages_noprof+0x292/0x710
[  394.899626][ T1294]  alloc_pages_mpol+0x311/0x660
[  394.904580][ T1294]  allocate_slab+0x8f/0x3a0
[  394.909179][ T1294]  ___slab_alloc+0xc27/0x14a0
[  394.913964][ T1294]  __slab_alloc+0x58/0xa0
[  394.918489][ T1294]  __kmalloc_node_noprof+0x2ee/0x4d0
[  394.923803][ T1294]  __kvmalloc_node_noprof+0x72/0x190
[  394.929136][ T1294]  alloc_fdtable+0xdf/0x2a0
[  394.933651][ T1294]  dup_fd+0xa65/0xd40
[  394.937906][ T1294]  copy_files+0xc8/0x120
[  394.942159][ T1294]  copy_process+0x16e6/0x3d50
[  394.946854][ T1294]  kernel_clone+0x223/0x870
[  394.951367][ T1294]  __x64_sys_clone+0x258/0x2a0
[  394.956181][ T1294]  do_syscall_64+0xf3/0x230
[  394.960703][ T1294] page last free pid 5198 tgid 5198 stack trace:
[  394.967035][ T1294]  free_frozen_pages+0xe04/0x10e0
[  394.972102][ T1294]  __put_partials+0x160/0x1c0
[  394.976796][ T1294]  put_cpu_partial+0x17c/0x250
[  394.981568][ T1294]  __slab_free+0x290/0x380
[  394.985997][ T1294]  qlist_free_all+0x9a/0x140
[  394.990602][ T1294]  kasan_quarantine_reduce+0x14f/0x170
[  394.996080][ T1294]  __kasan_slab_alloc+0x23/0x80
[  395.000950][ T1294]  __kmalloc_noprof+0x236/0x4c0
[  395.005825][ T1294]  tomoyo_realpath_from_path+0xcf/0x5e0
[  395.011391][ T1294]  tomoyo_path_perm+0x2b7/0x740
[  395.016261][ T1294]  security_inode_getattr+0x130/0x330
[  395.021687][ T1294]  vfs_getattr+0x2a/0x3a0
[  395.026032][ T1294]  vfs_fstatat+0xa8/0x130
[  395.030379][ T1294]  __x64_sys_newfstatat+0x11d/0x1a0
[  395.035600][ T1294]  do_syscall_64+0xf3/0x230
[  395.040118][ T1294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.046029][ T1294] 
[  395.048357][ T1294] Memory state around the buggy address:
[  395.053989][ T1294]  ffff888061ac7380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.062064][ T1294]  ffff888061ac7400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.070159][ T1294] >ffff888061ac7480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.078235][ T1294]                          ^
[  395.082829][ T1294]  ffff888061ac7500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.090899][ T1294]  ffff888061ac7580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.098971][ T1294] ==================================================================
[  395.107202][ T1294] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  395.114519][ T1294] CPU: 1 UID: 0 PID: 1294 Comm: aoe_tx0 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  395.124645][ T1294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  395.134739][ T1294] Call Trace:
[  395.138049][ T1294]  <TASK>
[  395.141017][ T1294]  dump_stack_lvl+0x241/0x360
[  395.145770][ T1294]  ? mark_lock+0x9a/0x360
[  395.150146][ T1294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  395.155410][ T1294]  ? __pfx__printk+0x10/0x10
[  395.160043][ T1294]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.166053][ T1294]  ? vscnprintf+0x5d/0x90
[  395.170410][ T1294]  panic+0x349/0x880
[  395.174336][ T1294]  ? check_panic_on_warn+0x21/0xb0
[  395.179473][ T1294]  ? __pfx_panic+0x10/0x10
[  395.183963][ T1294]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  395.189872][ T1294]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  395.195782][ T1294]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  395.202128][ T1294]  check_panic_on_warn+0x86/0xb0
[  395.207084][ T1294]  ? handle_tx+0x472/0x640
[  395.211515][ T1294]  end_report+0x77/0x160
[  395.215772][ T1294]  kasan_report+0x154/0x180
[  395.220288][ T1294]  ? handle_tx+0x472/0x640
[  395.224722][ T1294]  ? __pfx_uart_write+0x10/0x10
[  395.229586][ T1294]  handle_tx+0x472/0x640
[  395.233849][ T1294]  dev_hard_start_xmit+0x27a/0x7d0
[  395.238987][ T1294]  __dev_queue_xmit+0x1b73/0x3f50
[  395.244041][ T1294]  ? __dev_queue_xmit+0x2f4/0x3f50
[  395.249186][ T1294]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.254583][ T1294]  ? skb_dequeue+0x113/0x150
[  395.259193][ T1294]  ? do_raw_spin_lock+0x14f/0x370
[  395.264263][ T1294]  ? __pfx_lock_release+0x10/0x10
[  395.269312][ T1294]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.275311][ T1294]  ? _raw_spin_unlock_irq+0x23/0x50
[  395.280523][ T1294]  ? lockdep_hardirqs_on+0x99/0x150
[  395.285739][ T1294]  tx+0x6b/0x180
[  395.289305][ T1294]  ? __pfx_tx+0x10/0x10
[  395.293500][ T1294]  kthread+0x23a/0x450
[  395.297602][ T1294]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  395.303522][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.308133][ T1294]  ? __pfx_default_wake_function+0x10/0x10
[  395.314091][ T1294]  ? __kthread_parkme+0x169/0x1d0
[  395.319230][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.323940][ T1294]  kthread+0x7a9/0x920
[  395.328023][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.332630][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.337236][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.341838][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.346441][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.351042][ T1294]  ? _raw_spin_unlock_irq+0x23/0x50
[  395.356249][ T1294]  ? lockdep_hardirqs_on+0x99/0x150
[  395.361473][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.366080][ T1294]  ret_from_fork+0x4b/0x80
[  395.370531][ T1294]  ? __pfx_kthread+0x10/0x10
[  395.375136][ T1294]  ret_from_fork_asm+0x1a/0x30
[  395.379935][ T1294]  </TASK>
[  395.383252][ T1294] Kernel Offset: disabled
[  395.387601][ T1294] Rebooting in 86400 seconds..