last executing test programs:

11m41.939658014s ago: executing program 0 (id=490):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r0, 0x0, 0x1}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r2, 0x0, 0x1}, 0x18)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400048c0}, 0x0)

11m39.587827163s ago: executing program 0 (id=506):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000440)={'dvmrp1\x00', {0x2, 0x0, @multicast1}})

11m38.295334593s ago: executing program 0 (id=508):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0xe0b85334efa1736d}, @NFTA_BYTEORDER_DREG={0x8}, @NFTA_BYTEORDER_LEN={0x8, 0x4, 0x1, 0x0, 0x5}, @NFTA_BYTEORDER_OP={0x8}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}}, 0x0)

11m38.045964364s ago: executing program 0 (id=512):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xfffffffffffffe8a, 0x2, [@enum={0x9, 0x0, 0x0, 0x13}]}, {0x0, [0x61, 0x0]}}, 0x0, 0x26}, 0x28)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000440)=0x10141d1, 0x4)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000feffffff00000000000004008500000036000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001040"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r6, 0x0, 0xe, 0x0, &(0x7f0000000200)="ff7f0e3f2617d1f439b5a1db8511", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x6}, 0x50)
splice(r1, &(0x7f0000000300)=0x3, 0xffffffffffffffff, 0x0, 0x7, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c00000002ccbd4c1a51573fe6160605000000000000000000070000001400078008000840000000980800064000010006000000050005000200000005000400000000000900020073797a3100000000100003006c61"], 0x5c}}, 0x20000000)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0xfffffffc, '\x00', 0x0, r0, 0x1, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYRES64, @ANYRES16=r4, @ANYBLOB="000000a79b2a5e00200000000000000000000000000000000004ea92064e217509c49176b6cda1f8791f1b60d1f23ea077ca81919dbf3a17d601e0eb8b7e8ca3e571398722e0fa63bc6f9cd9f86ae01379e0d25dbeff7ae4453dc4bbdcfb1a63960281f1fdbeb89cdfebac7eeab2364ec8c3aa7e039a8dfa3f8b65eebdbb0f00000064aa903f066bac091c0713711e8c0f8c99629adf5b79", @ANYRESHEX=r7, @ANYRES32=r0, @ANYBLOB="7e4a75ca212e6877f90958", @ANYRES64=r7, @ANYRESHEX, @ANYRESOCT], 0x48)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x2)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000040)=0x33)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00'})
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x2c, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503}}, 0x2c}, 0x1, 0x0, 0x0, 0x2404d808}, 0x0)

11m37.561589766s ago: executing program 0 (id=515):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9", 0xe, 0x3000000, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe7a9002cdf0b00aa}}, 0x14)

11m36.615435368s ago: executing program 0 (id=518):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r2, 0x107, 0x9, 0x0, &(0x7f0000000640)=0xffffffffffffff48)

11m21.315228378s ago: executing program 32 (id=518):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r2, 0x107, 0x9, 0x0, &(0x7f0000000640)=0xffffffffffffff48)

7m41.493260727s ago: executing program 4 (id=1315):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x4e24, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
sendto$inet(r0, &(0x7f0000000280)="97d937bcfd66a4ef9af12601488eec0027763a528f66c27c25b91dc9d7fc46bfd5b58df5d8fe55f218528ca42fe730f40425", 0x32, 0x810, &(0x7f00000001c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffefff)
socket$nl_generic(0x10, 0x3, 0x10)

7m39.364046267s ago: executing program 4 (id=1320):
socket(0x10, 0x80002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffb}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x800000004, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0xb, @loopback, 0x23}, {0xa, 0x4e24, 0xce, @dev={0xfe, 0x80, '\x00', 0x39}, 0x4}, r4, 0x7ffffff7}}, 0x48)

7m38.065089133s ago: executing program 4 (id=1324):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x4e24, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
sendto$inet(r0, &(0x7f0000000280)="97d937bcfd66a4ef9af12601488eec0027763a528f66c27c25b91dc9d7fc46bfd5b58df5d8fe55f218528ca42fe730f40425", 0x32, 0x810, &(0x7f00000001c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffefff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, 0x0, 0x0)

7m34.977094529s ago: executing program 4 (id=1330):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

7m21.599738354s ago: executing program 4 (id=1342):
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x58, 0x58, 0x4, [@int={0x6, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x28, 0x2}, @struct={0x10, 0x3, 0x0, 0x4, 0x0, 0xfffffffa, [{0x3, 0x1, 0x8001}, {0x6, 0x3, 0x7}, {0xb, 0x3, 0x72f0}]}, @func_proto, @restrict={0xa, 0x0, 0x0, 0xb, 0x4}]}, {0x0, [0x0, 0x0]}}, &(0x7f0000000000)=""/42, 0x74, 0x2a, 0x1, 0x6}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map, r4, 0x7}, 0x10)
socketpair(0x18, 0xa, 0x2, &(0x7f00000003c0))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

7m19.05369841s ago: executing program 4 (id=1346):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0)

7m3.315479111s ago: executing program 33 (id=1346):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0)

4m31.523996647s ago: executing program 6 (id=1638):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x802, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000003880)="f9292cd1d11865c51c5447b349fe89be02e268e8d2e0f66515e514820024a3561e1ed6f2082b9f73eeeb113674f44f5c388ca9853619ebecd21f9b712a14e24054cfb9b5362493ce63a4dd2ef12bf5c67567927fb4e3e7a188b22384e8f1317f72c717a3e893800c1f1774eb42de222824e12ff880cd974848f9468cd8d632e2e95a13f5022a5b9c66d741d4b1777460a8b6e9c360813ee83f35159e8dea7ef03359d7185d560b0ae10b109a8d3fd3be6ed5cadd69e5e32e3c1f94427ba74d7baa41c3f50a7163947f366c12db05ae969ab2a821c0d1032b5dd63f43f8055201a7f4b948f48133cbf5f6c6a913bd1bc0f2cce4516e400204a25b7a750af979c0fd8fe7ee8976833c50b859681ba6fa70241ce4523e4465b60ad9219d566e31d37c6d625450600c627833750e2da54dc25d5f6e91e6a3480a01d6d056497829c4203f0c46e9e2f042576221b0e370697585c09526b0bfca89a8f12d13adb4452f5bd8e40de944e1f13b558c73a93c43c53d2844ae7fac848b8bb21cf2a5693d373a9e2127138c36358a3f9a887ff2742a3d362cbd4892844372284841f0cc08b4efd2d4053b58cd5a198a483db1148311c4b9dd265b1636ba84678d3de2b5fcd0d9c15bbc1a8dacdef6baebde85760ead205c48e1cdaf1cd32755526c96c4763547e9432c90f1a0edef156714533133a58a36fb086837415db5afaff265ee857f01d9bf57aa7a68dca561573076475803c5143cce335bd36164107e62de9184d13e3143dbc979c05365b4bac6d6a2535d79d2cd32a3bf3ee8a3fe24e5b26eaadf2460ebad780ed6116fcccb127ae741bcd2038dda3e8f2a539e40290c9f7114639fb292673e1585e6deefa5761236734811c4c0b7ede0a9f7d650d88c984d9362e4131b4cda1f2073769ce991e6f4c675c4e3235741fe78095425b0c49d6233c8f9f7ec62e2dc60e7e85056396de5927d1c825288e922f9550d3c0f302fe294f6d8dc5cc6b9db2255d1f952cf1b04de21b109badb89b1d6f5d83d46c4b5b759f80833524a0c294b83ab682903e30a241fec30aca3adcedae02305b4f5fed22167ff614e585e73422369c54a3d3239acf454ccb7293d8ea8a4fc3aa4d2d7c3c203448809474096ef5297d1225a678c271f84e65303adcda51d29a5f8b3cb28a4fb52321bc2b3d78a33de69a837a2cd2f9dab09b259ed7b12796cea41d60bf3a83e4cb9f11751c1cb7b0cf8a845b29ae2397f8305d0aba4cc8fbfff8cfbe4430af0b673191117fa42212a4b5e0632e510f1c153a402f02329214947f232090fb8e6b5d02a0d393241cf6b76d6943506d7b9898f1d9c22ac6508d9156304eeb315ee56008f3bcccb1435ab99b0b96d73a8d11f1c8bdc733e66ad08eeebf739583c19bfd331cd68c0e7613573c5c5b729e1962e35f09adc906dbeabf3aa1ad0ecbf13f2c036e7fc7a29f36b6b43650a82e3e620dc87a96f942dc68af6032cf32e0986b6b088d2b6e96c9f5fe8192949e571e2608c6ad7f65c6a17a8ea3eb81edec26f08c712e3f54eba943290b94be5ffcd2e314d3a83f9f53440e38e5c0d26284c30766b615cd45558b8dac41ab81d64f76e528988247224222f8b8a5b87d6376b216bc35fce496cf732447ac5639d38a183c283a6bdd155e2e5204e301175ddc53452ac001c11c63599ed155a6d1a4acc8be942aa689c6485e00f958376064a69766b1bf75cb2a79343f87e8c753b61fb26b217b77c1b76c3eb858326480601d58ce43b6966fb93b2dd4af17fd1ebffce00fde22a72cbe0c93c86e6376228eaf2db8d1b97d3763d78550e022d1800626adb954449200af5d036307a9c72489e78bbc27da3418591eaffbfdcc61e31d24fba8f708c12848ddf45dca5accee1a2dd7915b2d7770141df1580d1ee21c342fdae9fb46bc0b1cf2edd9ae686b81d0767cc9080a598f63b189e052dcb8e46d21ca1fc2e949eea7cfa54f27f96f27cdf673bf75cd0c8bb6277ba01ade5c313fe57ef08bec60c9bef8920d73c2e918b4234f3b5dd4559945b89c14ec986d3dea47a703d0406ee972340a1832feb6561c3891945db59fc2967e091d8b8da3610e883e9fa71eca2017e375343857971b94551b19acb28cf765e98ed37e38a582e16f297df883d598a24b5fc253c2489e1a4e683d027f064a40db035b25d7a6d69ffa37b6babb7ba80dc45516b72061ccb1550c0dc258016ec1e2a7bcfe1330ae6f07098d84e5a1680eb3ff2eeaad300776deb0e8dc03df4d26bee14b8a26b63f8c3390cae064db3086eff8b092becbe0e8256ef6fd69c673bdbc39949dd4c903a01ed88a91829142d2402a294095abfbd5058d25185004b87571c593c0ca9e0d7edc2c7c76134c62426791fa43f6604a1d66d60b71aa1bb5b5684bcb19088139159716641f0613f4fc99b6c4fabd7acfb2bd5f0db9e61da44efdc1a669ee809c95831dca2ce00cc204b976b1c333fb16d7b0aeeac5a3f360ff8b07bcd08e817aa5ac914344088f9245943b93c67f4ff35f34b4443e0a54e20bfbea3127faa3fd4ae30d0c57b8f8cc92aedbfcb36d380b7d3760f9762086a6113203dd0f7e8417ec63c03d793a19c8daf0ab0fff629390bbc7c54d342b456aa32c989e46d7cbfff456ee8f1b83309d49ca875faf005934eea9ec72746dac4f080c40e8d3743ed21785eec34b9f7a65c0b11f414e550942fb3bdb0064c59aea61824c27e5b288c910c0ae843dd9784d8679df8ffe9da8a82b567d77a9ed93608043cf9f1926129479f850d1522db538b89341ea33749a61bf82601e6e788577b6767a19a1b3a1e7f18cdd21f703c4c573e44cf9afd9064e8319328397296bc2f9806981902f653b0c56b12ac7367db25981988b8fc9a735ade4e7ff27a9a1d55ae1a9282c33bd3a4af6488494ace3d72606141d2fee50b025dc775ab1f77b9f4a9bcc678a66ce3693abc7080840509e8996663c24968a187cf77d7cf006318fa269d4194894e5850fe535cdd109b3e7b5f2fefc609f75e64e6c83f10e11dd71784d15bd2745d6e93f1660973df015aa036d22f8094530e0272393a11b5cfe4c58786e1d547f036849f4b95fe6063da9ae60a126d525b9ff97c1b98a881d16af0c77c559b6a4dd24dbcc216dec852e1a5088f4624de506fac9d8ff5e4b18a162e4f237dfcefc883a70880cf190ffbb67c7d09fcabf5daf76ed7eb1f581fbbc4a4749881db43dd6852aaf95b8a6d38bbe2a9b7aad87f0698291d25232d4d2ec232a954ca1840102bcdcb458f6f53b9e9e6f11a6a3d596f37ff7aa04027ab24132d4e7bc7e0bb07af6433396943acec98048b15d8f9b757da5f732969cac0ba14029914346cab6112fc50e4ac1858f988723edfd9a98888844c9b43973c835fbcfd3903416f7048cc0d94b68ebba06ee70105449d91a6f514420901fd6c7b4a626dc174a22769d5d1d53f7510ceb3525d94cf3885d7ff81fbf200f41ed7b3b60e0d646fef80ea125be568650c51db8aa606993c7646a0fe9bbdec83ea5db88c436269161c7d68cb71e80a8ac4aedc57e721404337634c83f73664b9861c73bea2cea0408857d3816b0378bf2efcefa4942c416c976bb6ce601eba8274fa63a440bf1fa2a83d39a94d37af2b3a4608a1ba4c66c7f70261e62b24f3cc2b76f8ab34514e93b5857877ee4fcd4cbfb164f87c52721e16c4701ff0e0f85c72dbda681b300b242edbef0a089fcb85d6dc319bdfac1b21cc30061ebbf14bd0d626b3754e368dd0629ce45c2d34b1248de10bc0d11d5f7ad63f547c4b29d40962ae33596290bdcbbc43fd8a5e4ffe798282718533fbd42437ec900a5da14d17451131cc4d833110cc0f2657d1fa465dd22f73f1326e3c5336f978497641aea775ee6fb3a22bd8f40feba40f918d23f6f6ca5e132d7a359997b1d176cde421459b797ec01c6ea821197f5383089681fab7e7804d5988d9b3aedbb3727ae81f1168afce59955ca8970802b8891b1ce0d0613c4c4549494f65c7868ea955ebc6a410ebd01ecf096fe4c3e7cae58e34a5c3e53b72ae27b25a4a3eaa5f6fe6c63beca4df6c299cf0eaf3f959a1d9729bda53e6e014964bc5e8b5fcaee1883426c4eeb2240af3ce8801e63a0d4132eb8636db3f29e09d5c4051f70ebc0c1b5ca7d4f14b38061eee2099265b914604e17f633e4d0e9bcb5eeea696c4749bd7e9d2796744423c8587cc100990e24da307ad85f92f9d0ab93e8b630bb95597aba46c3ddd99558e2fef6b717dc3a74244560af73d62155d56b4a76f7585b5e1b9519a8f21627214c181efeed8c00087a34c0d5932144fcbdb54eca72ef918004f76098aa0d16a9e8f5abdf8c83498ed0e58e34e2c63433a75602e981fdda800544608a0ca2e1ac990a8b25f6ce32f5100915f758a52ec43b7400f4da748106bc21bf2ed2bdf58fa157cc8f3e3a2112bcb735e866ae994840155dd5d825eb02702f72c1e4e4e498455556b6791f235572fbfe351ff34bbc5c53f3450f9e99cf36c56de52625237d415eeaad3067c8734fb6b29f394a2b0308271603eafeaccb137e4d9dbd61a2877b7fc6912d571b47ea376b5574f4375de1b32a2eedd3a97000994527e5c20e21359f0cb5cc6a89eb2c5df5590cabea416604d4ee647bd18238d6e2b1459eb966fbfe672722bb983403f08501411a3d4f747bd551325c4510be44499249e44461b185e86fc733d2070d149bc665dcf455cd0fd97112ec2ace16350068ac31ad2f6dca03823a80b81b792e26afe96958c2df70ade4cf71db4a61fe4b3a51104d1ad6026e93166269c9473589deca41360a6539d567ca1be5684a6b49270ee19b8ee1a5dfe7465841739431ed8fd7f8a9b8fce9ea5d02f1780dfac1a868861eb05da94cfaf1914e0b48181a0fba1389dc4e6fcc849f511b0dcf61ac2a71598740fd9cc735b5438098ca523d2bf2dc1b72ebec37ce41e0e83533cb3c93ba40a744e69aca4348928ea7bc9ec8fcb2dbd85017f6f9941c36b82b5ba0e6cb347dc03c4c30480e67541d9041c050cd16962688761cdad8d08369f545b2a1182b75853df597e14ce5fa30812f41292ca93533c4e005aa4c192b6c8d5cb143d879affb25e754c3b6f15d4d604f0376d4743edd97828ab830faea95eec3a092d728c6109a94eaee6f9b60df7a457f32d3de6b960d0ac024ccd172a7e26eb0a7de33dbe0fb1ef0110961fb039ac65dc8902bfd332542d4e49f61d520d856c804bbea32b9a542b3781fe11b35f6980710c8f11da4e2ebc1ba31c5661244c769d748d27819197da63c4bb2c9822dca86a794811fe2df8112eaad0deb2e8318e9d4ff00d7b0b3c83142ee4761144db82fc971b3ad9c63914a9e1f52d72c5dee81fcbe22d7ff55a166e1a6c473ff2b7b026376048ea8c34463465bf955f0d8a3b00dee8a8838ae03e5e36c0627aeb1ef8d2df69d2fbce32fb8c2102ab993a091b88651027b33650a7f02600873a557a9aaa6ace5258a4c9bfc29b21b6d2ecfa915e6282a12f8348370f1ef63b672d9e2b435941832f3500f10b04f91f7b5e03889c8c51dc2aff7ce80a884940544aeff735c7e3400d036c82ec9822c5e15d1b0fb5e214c6daa62930cd866c9e28d4c5184eeb4a5538b8c74b3615cdf52f6806896424b1a115abfb8fe204d4827dfdb8c0cf3a61323ae237eb78b9405cebeea6825cfcea372bb61b136e2d1f3563ca2274ad764d6f98169a0a22b9ff138d9224889c821f7d26dea0cde358fa090e274660881b6d1aca44dc56deb7107ef81ce9d272cd4df9bcfa", 0x1000}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140fce45c077ab5ee206763130ccdaedd3bff9b7a20b6b02e558fddbaf1bff01a4e9c33db278", 0xba}, {&(0x7f0000000a40)}], 0x3}}, {{0x0, 0x0, &(0x7f0000000e40)}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4m29.495759546s ago: executing program 6 (id=1642):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_DELRULE={0x2c, 0x6, 0xa, 0xe01, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x54}, 0x1, 0x0, 0x0, 0x20040804}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x19, 0xa, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x8004)

4m28.176911275s ago: executing program 6 (id=1644):
socket$inet(0xa, 0x801, 0x84)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'tunl0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
close(0x3)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
write(0xffffffffffffffff, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

4m26.463704848s ago: executing program 6 (id=1646):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtaction={0x1b4, 0x30, 0xffff, 0x0, 0x0, {}, [{0x1a0, 0x1, [@m_ife={0x19c, 0x1, 0x0, 0x0, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x24, 0x6, [@IFE_META_SKBMARK={0x8, 0x1, @val=0x1}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x7fff}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x9}, @IFE_META_PRIO={0x4, 0x3, @void}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xa, 0x80, 0x3, 0x0, 0x10}, 0x1}}, @TCA_IFE_METALST={0x1c, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x9}, @IFE_META_SKBMARK={0x4, 0x1, @void}]}, @TCA_IFE_METALST={0x4}, @TCA_IFE_METALST={0x20, 0x6, [@IFE_META_SKBMARK={0x8, 0x1, @val=0x80000000}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x5}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}]}, @TCA_IFE_SMAC={0xa, 0x4, @multicast}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0xff, 0x2000000e, 0x8, 0x2}, 0x3}}]}, {0xc4, 0x6, "914230b4523e2fd94388ec79b44a5fad79b7ff9db7e1884f88162429348b83b050f1f9a9dd55c59fc4ba7ef45bb5eaa392ed4e2f5a6707d4800f8666522af930f7e2b3ddf4910b32dbcf20a837f51c9ca0d18cfde91ce50db5e39da0207baead3a2218d96a38acf4212c6a36321a04bd1b08e4e998cfd8fc0977780be341d1cbe831f720cd533dcc13adef0ad981529a75cf2417ffefad344b180198094db3cdb2f239a615b0f47804d177b3cbd8860891d0f81d333a0711e2d09bfdfa706a5e"}, {0xc}, {0xc}}}]}]}, 0x1b4}}, 0x0)

4m26.279254067s ago: executing program 6 (id=1647):
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, 0x0, 0x40)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb", 0x57}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="140004006e696376663000000000000000000000080005000a0000"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x2400c890)

4m25.78673086s ago: executing program 6 (id=1650):
unshare(0x40020000)

4m9.035523348s ago: executing program 34 (id=1650):
unshare(0x40020000)

3m28.059942047s ago: executing program 3 (id=1731):
syz_open_dev$video4linux(0x0, 0x80000004, 0x800)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_procfs(0x0, 0x0)
move_mount(r0, 0x0, 0xffffffffffffffff, &(0x7f0000000300)='./mnt\x00', 0x214)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x80383, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x2, 0x0)
r3 = creat(&(0x7f00000001c0)='./file0\x00', 0x1a2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000004c0)={'\x00', 0x7e, 0x1000, 0x5c8, 0xa, 0x6})
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1, {<r5=>0xffffffffffffffff}}, './mnt\x00'})
ioctl$SIOCAX25GETUID(r0, 0x89e0, &(0x7f0000000340)={0x3, @bcast, r5})
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r6, &(0x7f00000000c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast]}, 0x40)
connect$rose(r6, &(0x7f00000001c0)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, @bcast}, 0x1c)
sendto$rose(r6, 0x0, 0x0, 0xc0, &(0x7f0000000280)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x0, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000540))
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000003c0)=@multiplanar_fd={0x10000, 0x3, 0x4, 0x4000, 0x6, {0x77359400}, {0x2, 0x0, 0x0, 0x5e, 0x4, 0x7, "c2609f2b"}, 0xac6e, 0x4, {&(0x7f0000000700)=[{0x1, 0xc, {}, 0x1}, {0x0, 0x8, {r0}, 0xf63}]}, 0x10010})

3m25.344092058s ago: executing program 3 (id=1734):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x98f1, 0x20, 0x0, 0x0)
r0 = getpid()
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@updsa={0xf0, 0x1a, 0x301, 0x70bd2d, 0x25dfdbff, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4e20, 0x0, 0x4e24, 0x1, 0x2, 0x20, 0x80, 0x62}, {@in=@loopback, 0x4d6, 0x32}, @in6=@private1, {0x1, 0x7fff, 0x757, 0x0, 0xfffffffffffffffd, 0x42ee5167, 0xfffffffffffffff8, 0x5}, {0x5, 0x7, 0x5, 0xffffffffffffffff}, {0xfffffc00, 0x5, 0x2}, 0x70bd2c, 0x3501, 0xa, 0x2, 0x3, 0x2}}, 0xf0}}, 0x4048890)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
sendto$inet6(r4, &(0x7f0000000040)='H', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)

3m22.665944135s ago: executing program 3 (id=1736):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0)
sendmmsg$inet(r3, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
shmat(r5, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f0000000040)=ANY=[])
ioctl$TCSETS(0xffffffffffffffff, 0x404c4701, 0x0)

3m20.086128213s ago: executing program 3 (id=1739):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x41aba000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

3m18.669760552s ago: executing program 3 (id=1742):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xfffffffffffffe8a, 0x2, [@enum={0x9, 0x0, 0x0, 0x13}]}, {0x0, [0x61, 0x0]}}, 0x0, 0x26}, 0x28)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000440)=0x10141d1, 0x4)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000feffffff00000000000004008500000036000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010400000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
splice(r1, &(0x7f0000000300)=0x3, 0xffffffffffffffff, 0x0, 0x7, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c00000002ccbd4c1a51573fe6160605000000000000000000070000001400078008000840000000980800064000010006000000050005000200000005000400000000000900020073797a3100000000100003006c61"], 0x5c}}, 0x20000000)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0xfffffffc, '\x00', 0x0, r0, 0x1, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYRES64, @ANYRES16=r4, @ANYBLOB="000000a79b2a5e00200000000000000000000000000000000004ea92064e217509c49176b6cda1f8791f1b60d1f23ea077ca81919dbf3a17d601e0eb8b7e8ca3e571398722e0fa63bc6f9cd9f86ae01379e0d25dbeff7ae4453dc4bbdcfb1a63960281f1fdbeb89cdfebac7eeab2364ec8c3aa7e039a8dfa3f8b65eebdbb0f00000064aa903f066bac091c0713711e8c0f8c99629adf5b79", @ANYRESHEX=r6, @ANYRES32=r0, @ANYBLOB="7e4a75ca212e6877f909", @ANYRES64=r6, @ANYRESHEX, @ANYRESOCT], 0x48)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x2)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000040)=0x33)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00'})
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x2c, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503}}, 0x2c}, 0x1, 0x0, 0x0, 0x2404d808}, 0x0)

3m5.873462886s ago: executing program 3 (id=1755):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x4, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
r1 = socket(0x18, 0x2, 0x3b)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0xa, &(0x7f0000000180), 0x4)
recvmsg$unix(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x3)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf9, 0x15, 0x1d, 0x8, 0xb48, 0x1009, 0x87f7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x32, 0x0, 0x0, 0x25, 0x3, 0xaa}}]}}]}}, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, 0x0, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = socket$l2tp(0x2, 0x2, 0x73)
connect$qrtr(r6, &(0x7f0000004d80)={0x2a, 0xffffffffffffffff, 0x3ffe}, 0xc)
setsockopt$inet_int(r5, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
r8 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r8, 0x80dc5521, &(0x7f00000001c0)=""/4096)

2m50.072603998s ago: executing program 35 (id=1755):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x4, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
r1 = socket(0x18, 0x2, 0x3b)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0xa, &(0x7f0000000180), 0x4)
recvmsg$unix(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x3)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf9, 0x15, 0x1d, 0x8, 0xb48, 0x1009, 0x87f7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x32, 0x0, 0x0, 0x25, 0x3, 0xaa}}]}}]}}, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, 0x0, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = socket$l2tp(0x2, 0x2, 0x73)
connect$qrtr(r6, &(0x7f0000004d80)={0x2a, 0xffffffffffffffff, 0x3ffe}, 0xc)
setsockopt$inet_int(r5, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
r8 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r8, 0x80dc5521, &(0x7f00000001c0)=""/4096)

17.260176737s ago: executing program 1 (id=1987):
r0 = socket$inet(0x2, 0x3, 0x9)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x8, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

16.708452836s ago: executing program 1 (id=1989):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0xa, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x1000)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet(r4, &(0x7f0000005700)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000001500)={0x2, 0x4e24, @broadcast}, 0x10, 0x0}}], 0x2, 0x200448c0)
chown(&(0x7f00000003c0)='./file0\x00', r3, 0xee01)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="020000000100000400000000000000100002e756dccd8407964f404a9ecbff"], 0x24, 0x0)
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000389000/0x4000)=nil)
syz_open_dev$video4linux(0x0, 0x7, 0xc82)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x10}, 'port0\x00', 0xfb, 0x1b140e, 0x0, 0x0, 0x10, 0x0, 0x2000, 0x0, 0x2, 0x5})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f00000001c0)=@in6={0x2, 0x15, 0xe0000004, @mcast1}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

14.365250784s ago: executing program 1 (id=1990):
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0x3)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
inotify_init1(0x0)
r2 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r2, 0x0)
ioctl$SG_GET_VERSION_NUM(r2, 0x2282, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12011900000000406a056300000000000001090224000100000000090400000103000000092100"], 0x0)
write$sysctl(r3, &(0x7f00000000c0)='2\x00', 0x2)

11.474399652s ago: executing program 2 (id=1994):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x802, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000003880)="f9292cd1d11865c51c5447b349fe89be02e268e8d2e0f66515e514820024a3561e1ed6f2082b9f73eeeb113674f44f5c388ca9853619ebecd21f9b712a14e24054cfb9b5362493ce63a4dd2ef12bf5c67567927fb4e3e7a188b22384e8f1317f72c717a3e893800c1f1774eb42de222824e12ff880cd974848f9468cd8d632e2e95a13f5022a5b9c66d741d4b1777460a8b6e9c360813ee83f35159e8dea7ef03359d7185d560b0ae10b109a8d3fd3be6ed5cadd69e5e32e3c1f94427ba74d7baa41c3f50a7163947f366c12db05ae969ab2a821c0d1032b5dd63f43f8055201a7f4b948f48133cbf5f6c6a913bd1bc0f2cce4516e400204a25b7a750af979c0fd8fe7ee8976833c50b859681ba6fa70241ce4523e4465b60ad9219d566e31d37c6d625450600c627833750e2da54dc25d5f6e91e6a3480a01d6d056497829c4203f0c46e9e2f042576221b0e370697585c09526b0bfca89a8f12d13adb4452f5bd8e40de944e1f13b558c73a93c43c53d2844ae7fac848b8bb21cf2a5693d373a9e2127138c36358a3f9a887ff2742a3d362cbd4892844372284841f0cc08b4efd2d4053b58cd5a198a483db1148311c4b9dd265b1636ba84678d3de2b5fcd0d9c15bbc1a8dacdef6baebde85760ead205c48e1cdaf1cd32755526c96c4763547e9432c90f1a0edef156714533133a58a36fb086837415db5afaff265ee857f01d9bf57aa7a68dca561573076475803c5143cce335bd36164107e62de9184d13e3143dbc979c05365b4bac6d6a2535d79d2cd32a3bf3ee8a3fe24e5b26eaadf2460ebad780ed6116fcccb127ae741bcd2038dda3e8f2a539e40290c9f7114639fb292673e1585e6deefa5761236734811c4c0b7ede0a9f7d650d88c984d9362e4131b4cda1f2073769ce991e6f4c675c4e3235741fe78095425b0c49d6233c8f9f7ec62e2dc60e7e85056396de5927d1c825288e922f9550d3c0f302fe294f6d8dc5cc6b9db2255d1f952cf1b04de21b109badb89b1d6f5d83d46c4b5b759f80833524a0c294b83ab682903e30a241fec30aca3adcedae02305b4f5fed22167ff614e585e73422369c54a3d3239acf454ccb7293d8ea8a4fc3aa4d2d7c3c203448809474096ef5297d1225a678c271f84e65303adcda51d29a5f8b3cb28a4fb52321bc2b3d78a33de69a837a2cd2f9dab09b259ed7b12796cea41d60bf3a83e4cb9f11751c1cb7b0cf8a845b29ae2397f8305d0aba4cc8fbfff8cfbe4430af0b673191117fa42212a4b5e0632e510f1c153a402f02329214947f232090fb8e6b5d02a0d393241cf6b76d6943506d7b9898f1d9c22ac6508d9156304eeb315ee56008f3bcccb1435ab99b0b96d73a8d11f1c8bdc733e66ad08eeebf739583c19bfd331cd68c0e7613573c5c5b729e1962e35f09adc906dbeabf3aa1ad0ecbf13f2c036e7fc7a29f36b6b43650a82e3e620dc87a96f942dc68af6032cf32e0986b6b088d2b6e96c9f5fe8192949e571e2608c6ad7f65c6a17a8ea3eb81edec26f08c712e3f54eba943290b94be5ffcd2e314d3a83f9f53440e38e5c0d26284c30766b615cd45558b8dac41ab81d64f76e528988247224222f8b8a5b87d6376b216bc35fce496cf732447ac5639d38a183c283a6bdd155e2e5204e301175ddc53452ac001c11c63599ed155a6d1a4acc8be942aa689c6485e00f958376064a69766b1bf75cb2a79343f87e8c753b61fb26b217b77c1b76c3eb858326480601d58ce43b6966fb93b2dd4af17fd1ebffce00fde22a72cbe0c93c86e6376228eaf2db8d1b97d3763d78550e022d1800626adb954449200af5d036307a9c72489e78bbc27da3418591eaffbfdcc61e31d24fba8f708c12848ddf45dca5accee1a2dd7915b2d7770141df1580d1ee21c342fdae9fb46bc0b1cf2edd9ae686b81d0767cc9080a598f63b189e052dcb8e46d21ca1fc2e949eea7cfa54f27f96f27cdf673bf75cd0c8bb6277ba01ade5c313fe57ef08bec60c9bef8920d73c2e918b4234f3b5dd4559945b89c14ec986d3dea47a703d0406ee972340a1832feb6561c3891945db59fc2967e091d8b8da3610e883e9fa71eca2017e375343857971b94551b19acb28cf765e98ed37e38a582e16f297df883d598a24b5fc253c2489e1a4e683d027f064a40db035b25d7a6d69ffa37b6babb7ba80dc45516b72061ccb1550c0dc258016ec1e2a7bcfe1330ae6f07098d84e5a1680eb3ff2eeaad300776deb0e8dc03df4d26bee14b8a26b63f8c3390cae064db3086eff8b092becbe0e8256ef6fd69c673bdbc39949dd4c903a01ed88a91829142d2402a294095abfbd5058d25185004b87571c593c0ca9e0d7edc2c7c76134c62426791fa43f6604a1d66d60b71aa1bb5b5684bcb19088139159716641f0613f4fc99b6c4fabd7acfb2bd5f0db9e61da44efdc1a669ee809c95831dca2ce00cc204b976b1c333fb16d7b0aeeac5a3f360ff8b07bcd08e817aa5ac914344088f9245943b93c67f4ff35f34b4443e0a54e20bfbea3127faa3fd4ae30d0c57b8f8cc92aedbfcb36d380b7d3760f9762086a6113203dd0f7e8417ec63c03d793a19c8daf0ab0fff629390bbc7c54d342b456aa32c989e46d7cbfff456ee8f1b83309d49ca875faf005934eea9ec72746dac4f080c40e8d3743ed21785eec34b9f7a65c0b11f414e550942fb3bdb0064c59aea61824c27e5b288c910c0ae843dd9784d8679df8ffe9da8a82b567d77a9ed93608043cf9f1926129479f850d1522db538b89341ea33749a61bf82601e6e788577b6767a19a1b3a1e7f18cdd21f703c4c573e44cf9afd9064e8319328397296bc2f9806981902f653b0c56b12ac7367db25981988b8fc9a735ade4e7ff27a9a1d55ae1a9282c33bd3a4af6488494ace3d72606141d2fee50b025dc775ab1f77b9f4a9bcc678a66ce3693abc7080840509e8996663c24968a187cf77d7cf006318fa269d4194894e5850fe535cdd109b3e7b5f2fefc609f75e64e6c83f10e11dd71784d15bd2745d6e93f1660973df015aa036d22f8094530e0272393a11b5cfe4c58786e1d547f036849f4b95fe6063da9ae60a126d525b9ff97c1b98a881d16af0c77c559b6a4dd24dbcc216dec852e1a5088f4624de506fac9d8ff5e4b18a162e4f237dfcefc883a70880cf190ffbb67c7d09fcabf5daf76ed7eb1f581fbbc4a4749881db43dd6852aaf95b8a6d38bbe2a9b7aad87f0698291d25232d4d2ec232a954ca1840102bcdcb458f6f53b9e9e6f11a6a3d596f37ff7aa04027ab24132d4e7bc7e0bb07af6433396943acec98048b15d8f9b757da5f732969cac0ba14029914346cab6112fc50e4ac1858f988723edfd9a98888844c9b43973c835fbcfd3903416f7048cc0d94b68ebba06ee70105449d91a6f514420901fd6c7b4a626dc174a22769d5d1d53f7510ceb3525d94cf3885d7ff81fbf200f41ed7b3b60e0d646fef80ea125be568650c51db8aa606993c7646a0fe9bbdec83ea5db88c436269161c7d68cb71e80a8ac4aedc57e721404337634c83f73664b9861c73bea2cea0408857d3816b0378bf2efcefa4942c416c976bb6ce601eba8274fa63a440bf1fa2a83d39a94d37af2b3a4608a1ba4c66c7f70261e62b24f3cc2b76f8ab34514e93b5857877ee4fcd4cbfb164f87c52721e16c4701ff0e0f85c72dbda681b300b242edbef0a089fcb85d6dc319bdfac1b21cc30061ebbf14bd0d626b3754e368dd0629ce45c2d34b1248de10bc0d11d5f7ad63f547c4b29d40962ae33596290bdcbbc43fd8a5e4ffe798282718533fbd42437ec900a5da14d17451131cc4d833110cc0f2657d1fa465dd22f73f1326e3c5336f978497641aea775ee6fb3a22bd8f40feba40f918d23f6f6ca5e132d7a359997b1d176cde421459b797ec01c6ea821197f5383089681fab7e7804d5988d9b3aedbb3727ae81f1168afce59955ca8970802b8891b1ce0d0613c4c4549494f65c7868ea955ebc6a410ebd01ecf096fe4c3e7cae58e34a5c3e53b72ae27b25a4a3eaa5f6fe6c63beca4df6c299cf0eaf3f959a1d9729bda53e6e014964bc5e8b5fcaee1883426c4eeb2240af3ce8801e63a0d4132eb8636db3f29e09d5c4051f70ebc0c1b5ca7d4f14b38061eee2099265b914604e17f633e4d0e9bcb5eeea696c4749bd7e9d2796744423c8587cc100990e24da307ad85f92f9d0ab93e8b630bb95597aba46c3ddd99558e2fef6b717dc3a74244560af73d62155d56b4a76f7585b5e1b9519a8f21627214c181efeed8c00087a34c0d5932144fcbdb54eca72ef918004f76098aa0d16a9e8f5abdf8c83498ed0e58e34e2c63433a75602e981fdda800544608a0ca2e1ac990a8b25f6ce32f5100915f758a52ec43b7400f4da748106bc21bf2ed2bdf58fa157cc8f3e3a2112bcb735e866ae994840155dd5d825eb02702f72c1e4e4e498455556b6791f235572fbfe351ff34bbc5c53f3450f9e99cf36c56de52625237d415eeaad3067c8734fb6b29f394a2b0308271603eafeaccb137e4d9dbd61a2877b7fc6912d571b47ea376b5574f4375de1b32a2eedd3a97000994527e5c20e21359f0cb5cc6a89eb2c5df5590cabea416604d4ee647bd18238d6e2b1459eb966fbfe672722bb983403f08501411a3d4f747bd551325c4510be44499249e44461b185e86fc733d2070d149bc665dcf455cd0fd97112ec2ace16350068ac31ad2f6dca03823a80b81b792e26afe96958c2df70ade4cf71db4a61fe4b3a51104d1ad6026e93166269c9473589deca41360a6539d567ca1be5684a6b49270ee19b8ee1a5dfe7465841739431ed8fd7f8a9b8fce9ea5d02f1780dfac1a868861eb05da94cfaf1914e0b48181a0fba1389dc4e6fcc849f511b0dcf61ac2a71598740fd9cc735b5438098ca523d2bf2dc1b72ebec37ce41e0e83533cb3c93ba40a744e69aca4348928ea7bc9ec8fcb2dbd85017f6f9941c36b82b5ba0e6cb347dc03c4c30480e67541d9041c050cd16962688761cdad8d08369f545b2a1182b75853df597e14ce5fa30812f41292ca93533c4e005aa4c192b6c8d5cb143d879affb25e754c3b6f15d4d604f0376d4743edd97828ab830faea95eec3a092d728c6109a94eaee6f9b60df7a457f32d3de6b960d0ac024ccd172a7e26eb0a7de33dbe0fb1ef0110961fb039ac65dc8902bfd332542d4e49f61d520d856c804bbea32b9a542b3781fe11b35f6980710c8f11da4e2ebc1ba31c5661244c769d748d27819197da63c4bb2c9822dca86a794811fe2df8112eaad0deb2e8318e9d4ff00d7b0b3c83142ee4761144db82fc971b3ad9c63914a9e1f52d72c5dee81fcbe22d7ff55a166e1a6c473ff2b7b026376048ea8c34463465bf955f0d8a3b00dee8a8838ae03e5e36c0627aeb1ef8d2df69d2fbce32fb8c2102ab993a091b88651027b33650a7f02600873a557a9aaa6ace5258a4c9bfc29b21b6d2ecfa915e6282a12f8348370f1ef63b672d9e2b435941832f3500f10b04f91f7b5e03889c8c51dc2aff7ce80a884940544aeff735c7e3400d036c82ec9822c5e15d1b0fb5e214c6daa62930cd866c9e28d4c5184eeb4a5538b8c74b3615cdf52f6806896424b1a115abfb8fe204d4827dfdb8c0cf3a61323ae237eb78b9405cebeea6825cfcea372bb61b136e2d1f3563ca2274ad764d6f98169a0a22b9ff138d9224889c821f7d26dea0cde358fa090e274660881b6d1aca44dc56deb7107ef81ce9d272cd4df9bcfa", 0x1000}, {&(0x7f0000000a40)}], 0x2}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000640)="5506b690b4", 0x5}], 0x1}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

9.899780934s ago: executing program 5 (id=1996):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(0x3)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f00000001c0)={0x11, 0x0, r3, 0x1, 0x2, 0x6, @broadcast}, 0x14)
sendmmsg(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000940)=[{0x90, 0x115, 0x7f, "f005bb9137d0b22b103325532ff00c2e4378dd325c463673986d061104ba0364abad24a9e09eea07768356c40f1e5a58fbb7a9958ae75cff52342f541c6fee160bde940fbc03b6d6c34a93c505b88d95085ca0c0775a5b468ed985258412cf691881cf9cfdab856d9617d38298822b961f9796e92325e545f009399b14"}, {0xa0, 0x10f, 0x4, "946e5945305c29a2791772c736893faf97a156bb5c83ca1b4833d3b0279fa375f0a6b255e5cf9bf272878e3e49cc172ebc4492a784747af893ddbbc64c54077544e47b16b1e655ca208ed2fca0748449bc8a6d23320fd3677445f0d165eee6d19796327f160dc4db22b83ef0f09e9422af4285969dfb5f7e7b3859e159bb5585534c4863a182f8d003ee33"}, {0x40, 0x6, 0x7, "be9ffa59ecd07257af46d2aea5c165fb52822e4af4ee5928565c7596147f48a561bf25b76771d266a6eafcc243"}, {0xf8, 0x113, 0x5, "7b2d35d8885140f85e1bf1f611b7bb16983cdb64046c2a6bb34567eb34a3fb7661dae4928842fa02fd4fbce07d12e4c87ca88d2435252025486510665a63857f72043eaed83ae6bac22a8554b2e10703b13c287105b213aab98b92a289af443429ab43183ebe1cb65c865313e97774eadecccaa9d41a6a6a7611cda3bb28ca235fe1518a8123bffcf40b068833cb8c518246c779ca8a5dc466dad3b4f7ac1b8f0d07e3707b4c373af4c0762cb2e914ae89d0d3a9bff27f73bc67182b6dd32ae365a06c96eef5a8ee17314696e08a6d05c8405b48075ed2769bad23c80459f5ddbcf91a9e1d"}], 0x268}}], 0x1, 0xf000000)

9.778860286s ago: executing program 2 (id=1997):
openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_ethernet(0x56, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x1, &(0x7f0000000180)=0xfff)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

9.76500014s ago: executing program 5 (id=1998):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
gettid()
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x10000000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_mreqn(r3, 0x0, 0x20, 0x0, 0x300)
r4 = socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000a40), 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
syz_emit_ethernet(0x104, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c20000000000000000000800450000f60000000000739078ac141440ac1414aa0000000000e2907841a53bc57d107c6ff061f03cf6bb904c7821d56fdf1a82582813d34772ce2518f6e064561bc8e7c4c3b88889ba6f28ff51a97040c621fa1ab002461bb46e93ffff664d16a8691bdff00d19f7d7fa1a06180e28c9c4ba89da8d2b37f8b0922eaf0298e2395e4b02c08e80b8dfbdfaf63d3c0cd02bc258452710b9ef5347ac7329042cbf02c5878b573d4abaeb9da781b320fd79d482302a8a531644f0d27c0bef42ed5444393fcb1886713b667dc79bd243ea971d9779b208dea2b767d07df0f49a807f9e23d1a80000000000"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0}, 0x94)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
recvmsg(r4, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x40002103)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000040)={0xffffffffffffffff, 0x5, 0x8, "f25ba2565db12ebcfe919549186f491d733a310b0cae90e135ffda779df1e767b7b3f51bc3c432e76fef33db05a209eff14154a83aaed99eaad8"})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670800000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861220799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000000d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00'}, 0x48)

8.231834687s ago: executing program 2 (id=1999):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000a00)={'wlan0\x00', <r5=>0x0})
sendto$packet(r3, &(0x7f0000000180)="02030c65420002000000ab5d71acedd7c9560385dcb1080084d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0xf0}}, 0x80)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x800)

5.722240826s ago: executing program 5 (id=2000):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x4e24, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
sendto$inet(r0, &(0x7f0000000280)="97d937bcfd66a4ef9af12601488eec0027763a528f66c27c25b91dc9d7fc46bfd5b58df5d8fe55f218528ca42fe730f40425", 0x32, 0x810, &(0x7f00000001c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r7, 0x0, 0x7fffefff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, 0x0, 0x0)

5.721153781s ago: executing program 2 (id=2001):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
sendto$inet(r0, &(0x7f0000000280)="97d937bcfd66a4ef9af12601488eec0027763a528f66c27c25b91dc9d7fc46bfd5b58df5d8fe55f218528ca42fe730f40425", 0x32, 0x810, &(0x7f00000001c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r7, 0x0, 0x7fffefff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, 0x0, 0x0)

4.485606795s ago: executing program 5 (id=2002):
fsopen(&(0x7f00000001c0)='ceph\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000)
syz_open_dev$MSR(&(0x7f0000000080), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00'})
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, &(0x7f0000000100))
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000000000085000000c0000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000018c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000001900)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7019fddbdf2501000000000000000000000000000007e2"], 0x34}, 0x1, 0x0, 0x0, 0x4004}, 0x80)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='reno', 0x4)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

4.484874749s ago: executing program 2 (id=2003):
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, 0x0, 0x40)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x2400c890)

4.212683982s ago: executing program 1 (id=2004):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
gettid()
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x10000000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_mreqn(r3, 0x0, 0x20, 0x0, 0x300)
r4 = socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000a40), 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
syz_emit_ethernet(0x104, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c20000000000000000000800450000f60000000000739078ac141440ac1414aa0000000000e2907841a53bc57d107c6ff061f03cf6bb904c7821d56fdf1a82582813d34772ce2518f6e064561bc8e7c4c3b88889ba6f28ff51a97040c621fa1ab002461bb46e93ffff664d16a8691bdff00d19f7d7fa1a06180e28c9c4ba89da8d2b37f8b0922eaf0298e2395e4b02c08e80b8dfbdfaf63d3c0cd02bc258452710b9ef5347ac7329042cbf02c5878b573d4abaeb9da781b320fd79d482302a8a531644f0d27c0bef42ed5444393fcb1886713b667dc79bd243ea971d9779b208dea2b767d07df0f49a807f9e23d1a80000000000"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0}, 0x94)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
recvmsg(r4, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x40002103)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000040)={0xffffffffffffffff, 0x5, 0x8, "f25ba2565db12ebcfe919549186f491d733a310b0cae90e135ffda779df1e767b7b3f51bc3c432e76fef33db05a209eff14154a83aaed99eaad8"})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670800000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861220799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000000d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00'}, 0x48)

2.882296474s ago: executing program 5 (id=2005):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x1c)

1.629190002s ago: executing program 1 (id=2006):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(0x3)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f00000001c0)={0x11, 0x0, r3, 0x1, 0x2, 0x6, @broadcast}, 0x14)
sendmmsg(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000940)=[{0xa0, 0x10f, 0x4, "946e5945305c29a2791772c736893faf97a156bb5c83ca1b4833d3b0279fa375f0a6b255e5cf9bf272878e3e49cc172ebc4492a784747af893ddbbc64c54077544e47b16b1e655ca208ed2fca0748449bc8a6d23320fd3677445f0d165eee6d19796327f160dc4db22b83ef0f09e9422af4285969dfb5f7e7b3859e159bb5585534c4863a182f8d003ee3306"}, {0x40, 0x6, 0x7, "be9ffa59ecd07257af46d2aea5c165fb52822e4af4ee5928565c7596147f48a561bf25b76771d266a6eafcc243"}, {0xf8, 0x113, 0x5, "7b2d35d8885140f85e1bf1f611b7bb16983cdb64046c2a6bb34567eb34a3fb7661dae4928842fa02fd4fbce07d12e4c87ca88d2435252025486510665a63857f72043eaed83ae6bac22a8554b2e10703b13c287105b213aab98b92a289af443429ab43183ebe1cb65c865313e97774eadecccaa9d41a6a6a7611cda3bb28ca235fe1518a8123bffcf40b068833cb8c518246c779ca8a5dc466dad3b4f7ac1b8f0d07e3707b4c373af4c0762cb2e914ae89d0d3a9bff27f73bc67182b6dd32ae365a06c96eef5a8ee17314696e08a6d05c8405b48075ed2769bad23c80459f5ddbcf91a9e1d"}], 0x1d8}}], 0x1, 0xf000000)

1.232652244s ago: executing program 5 (id=2007):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00'})
r1 = syz_usb_connect(0x1, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x800000000000)
syz_usb_disconnect(r1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x1}, 0x1c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0xdddd1000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000100)={0x5, 0x1, 0x5000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
listen(r2, 0x50)
r3 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e64, 0x100, @empty}, 0x1c)
listen(r3, 0x50)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0)
close_range(0xffffffffffffffff, r4, 0x0)

1.049116852s ago: executing program 1 (id=2008):
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
gettid()
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x10000000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_mreqn(r2, 0x0, 0x20, 0x0, 0x300)
r3 = socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000a40), 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
syz_emit_ethernet(0x104, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c20000000000000000000800450000f60000000000739078ac141440ac1414aa0000000000e2907841a53bc57d107c6ff061f03cf6bb904c7821d56fdf1a82582813d34772ce2518f6e064561bc8e7c4c3b88889ba6f28ff51a97040c621fa1ab002461bb46e93ffff664d16a8691bdff00d19f7d7fa1a06180e28c9c4ba89da8d2b37f8b0922eaf0298e2395e4b02c08e80b8dfbdfaf63d3c0cd02bc258452710b9ef5347ac7329042cbf02c5878b573d4abaeb9da781b320fd79d482302a8a531644f0d27c0bef42ed5444393fcb1886713b667dc79bd243ea971d9779b208dea2b767d07df0f49a807f9e23d1a80000000000"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0}, 0x94)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xd, 0x0, 0xffffffffffffffff, 0x1f5e0305, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)

0s ago: executing program 2 (id=2009):
openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_ethernet(0x56, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x1, &(0x7f0000000180)=0xfff)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)

kernel console output (not intermixed with test programs):

90] bridge_slave_0: entered promiscuous mode
[  282.308741][ T7790] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.312937][ T7790] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.313190][ T7790] bridge_slave_1: entered allmulticast mode
[  282.323823][ T7790] bridge_slave_1: entered promiscuous mode
[  282.357323][   T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  282.504993][   T10] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  282.505049][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  282.505072][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  282.505094][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  282.505117][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  282.505156][   T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  282.505177][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.592086][   T10] usb 3-1: config 0 descriptor??
[  282.594437][ T7830] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  282.675667][ T7790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.697425][ T7790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.031509][   T10] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  283.031549][   T10] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x4
[  283.031576][   T10] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  283.031602][   T10] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  283.031628][   T10] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  283.080235][ T7790] team0: Port device team_slave_0 added
[  283.101843][   T10] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  283.289802][ T7852] netlink: 28 bytes leftover after parsing attributes in process `syz.1.592'.
[  283.308332][ T7790] team0: Port device team_slave_1 added
[  283.335995][ T7852] netlink: 36 bytes leftover after parsing attributes in process `syz.1.592'.
[  283.621555][ T7480] usb 3-1: USB disconnect, device number 11
[  283.825801][ T7790] batman_adv: batadv0: Adding interface: batadv_slave_0
[  283.825817][ T7790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.825841][ T7790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.838473][ T7790] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.838488][ T7790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.838511][ T7790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.972735][ T7864] netlink: 104 bytes leftover after parsing attributes in process `syz.1.595'.
[  284.306865][ T7790] hsr_slave_0: entered promiscuous mode
[  284.308133][ T7790] hsr_slave_1: entered promiscuous mode
[  284.309067][ T7790] debugfs: 'hsr0' already exists in 'hsr'
[  284.309091][ T7790] Cannot create hsr debugfs directory
[  284.354598][ T5820] Bluetooth: hci5: command tx timeout
[  284.490368][ T7874] netlink: 'syz.3.599': attribute type 12 has an invalid length.
[  284.490390][ T7874] netlink: 9472 bytes leftover after parsing attributes in process `syz.3.599'.
[  284.868543][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.598'.
[  285.055638][   T43] Bluetooth: (null): Invalid header checksum
[  285.126571][   T43] Bluetooth: (null): Invalid header checksum
[  285.291077][   T43] Bluetooth: (null): Invalid header checksum
[  285.946868][ T7882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.602'.
[  285.946894][ T7882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.602'.
[  285.946918][ T7882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.602'.
[  286.434600][ T5820] Bluetooth: hci5: command tx timeout
[  287.205154][ T7915] __nla_validate_parse: 1 callbacks suppressed
[  287.205193][ T7915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.611'.
[  288.035825][ T7790] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  288.229452][ T7790] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  288.347436][ T7790] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  288.512635][ T5820] Bluetooth: hci5: command tx timeout
[  288.645411][ T7790] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  289.298684][ T7790] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.497634][ T7790] 8021q: adding VLAN 0 to HW filter on device team0
[  289.536395][ T1179] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.536484][ T1179] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.680031][ T1179] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.680177][ T1179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.694813][ T7962] netlink: 4 bytes leftover after parsing attributes in process `syz.2.626'.
[  292.631341][ T7790] 8021q: adding VLAN 0 to HW filter on device batadv0
[  293.780864][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.4.637'.
[  294.383508][   T59] Bluetooth: hci4: command 0x0406 tx timeout
[  294.389818][ T8003] netlink: 28 bytes leftover after parsing attributes in process `syz.3.639'.
[  294.490693][ T8003] netlink: 36 bytes leftover after parsing attributes in process `syz.3.639'.
[  295.135894][ T8023] netlink: 'syz.3.645': attribute type 3 has an invalid length.
[  295.135915][ T8023] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.645'.
[  295.521996][ T7790] veth0_vlan: entered promiscuous mode
[  295.612209][ T7790] veth1_vlan: entered promiscuous mode
[  295.850277][ T7790] veth0_macvtap: entered promiscuous mode
[  295.880879][ T7790] veth1_macvtap: entered promiscuous mode
[  296.054948][ T7790] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.089445][ T7790] batman_adv: batadv0: Interface activated: batadv_slave_1
[  296.131831][ T1379] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.132079][ T1379] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.132807][ T1379] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.135700][ T1379] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.909903][ T1179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.909924][ T1179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.289651][ T1360] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.289672][ T1360] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.473631][ T8049] netlink: 'syz.4.656': attribute type 3 has an invalid length.
[  297.475489][ T8049] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.656'.
[  297.945619][ T8058] siw: device registration error -23
[  298.758020][ T8067] netlink: 48 bytes leftover after parsing attributes in process `syz.4.663'.
[  298.760153][ T8067] netlink: 48 bytes leftover after parsing attributes in process `syz.4.663'.
[  299.101621][ T8082] netlink: 'syz.5.668': attribute type 2 has an invalid length.
[  299.135648][ T8075] lo speed is unknown, defaulting to 1000
[  299.151193][ T8075] lo speed is unknown, defaulting to 1000
[  299.222867][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz.4.666'.
[  299.222889][ T8084] netlink: 12 bytes leftover after parsing attributes in process `syz.4.666'.
[  299.286751][ T8087] netlink: 60 bytes leftover after parsing attributes in process `syz.3.669'.
[  299.360267][ T8082] : entered promiscuous mode
[  300.254720][ T8091] siw: device registration error -23
[  300.847396][ T8098] netlink: 'syz.2.672': attribute type 3 has an invalid length.
[  300.847416][ T8098] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.672'.
[  301.174838][ T8109] netlink: 28 bytes leftover after parsing attributes in process `syz.2.674'.
[  301.176727][ T8107] netlink: 48 bytes leftover after parsing attributes in process `syz.3.675'.
[  302.139087][    C1] vkms_vblank_simulate: vblank timer overrun
[  302.350700][ T8135] netlink: 4 bytes leftover after parsing attributes in process `syz.5.681'.
[  302.354081][    C1] vkms_vblank_simulate: vblank timer overrun
[  302.392602][    C1] vkms_vblank_simulate: vblank timer overrun
[  302.672041][ T1360] Bluetooth: (null): Invalid header checksum
[  302.697959][    C1] vkms_vblank_simulate: vblank timer overrun
[  302.826760][ T1360] Bluetooth: (null): Invalid header checksum
[  302.828319][ T1360] Bluetooth: (null): Invalid header checksum
[  302.835192][    C1] vkms_vblank_simulate: vblank timer overrun
[  303.052590][ T5801] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  303.205039][ T5801] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  303.205098][ T5801] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  303.205118][ T5801] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  303.205159][ T5801] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  303.205180][ T5801] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.221257][ T5801] usb 3-1: config 0 descriptor??
[  303.227355][ T5801] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  303.314091][    C1] vkms_vblank_simulate: vblank timer overrun
[  303.411525][    C1] vkms_vblank_simulate: vblank timer overrun
[  303.471570][    C1] vkms_vblank_simulate: vblank timer overrun
[  303.511941][    C1] vkms_vblank_simulate: vblank timer overrun
[  303.725742][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.683'.
[  303.729309][    C1] vkms_vblank_simulate: vblank timer overrun
[  303.998701][    C1] vkms_vblank_simulate: vblank timer overrun
[  304.132759][    C1] vkms_vblank_simulate: vblank timer overrun
[  304.161877][  T150] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.424105][    C1] vkms_vblank_simulate: vblank timer overrun
[  304.590971][    C1] vkms_vblank_simulate: vblank timer overrun
[  304.664499][ T8148] netlink: 60 bytes leftover after parsing attributes in process `syz.3.685'.
[  304.664806][ T8149] netlink: 'syz.5.684': attribute type 3 has an invalid length.
[  304.664816][ T8149] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.684'.
[  305.198067][  T150] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.489667][ T8163] netlink: 48 bytes leftover after parsing attributes in process `syz.1.689'.
[  305.559564][ T8166] netlink: 48 bytes leftover after parsing attributes in process `syz.1.689'.
[  305.641856][  T150] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.106037][  T150] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.523499][ T8179] netlink: 4 bytes leftover after parsing attributes in process `syz.1.694'.
[  307.358902][ T5900] usb 3-1: USB disconnect, device number 12
[  308.412832][ T8185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.695'.
[  308.933774][ T8187] netlink: 'syz.5.696': attribute type 3 has an invalid length.
[  308.933799][ T8187] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.696'.
[  309.079310][ T8189] netlink: 60 bytes leftover after parsing attributes in process `syz.3.697'.
[  309.582884][ T8199] netlink: 48 bytes leftover after parsing attributes in process `syz.1.702'.
[  309.686208][ T8200] netlink: 48 bytes leftover after parsing attributes in process `syz.1.702'.
[  310.662664][ T5801] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  310.827327][ T5801] usb 3-1: Using ep0 maxpacket: 16
[  310.829674][ T5801] usb 3-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  310.829699][ T5801] usb 3-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  310.829722][ T5801] usb 3-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  310.829746][ T5801] usb 3-1: config 1 interface 0 has no altsetting 0
[  310.833036][ T5801] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  310.833060][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.833077][ T5801] usb 3-1: Product: syz
[  310.833090][ T5801] usb 3-1: Manufacturer: syz
[  310.833102][ T5801] usb 3-1: SerialNumber: syz
[  310.844929][  T150] bridge_slave_1: left allmulticast mode
[  310.845127][  T150] bridge_slave_1: left promiscuous mode
[  310.848995][  T150] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.205493][  T150] bridge_slave_0: left allmulticast mode
[  311.205522][  T150] bridge_slave_0: left promiscuous mode
[  311.209056][  T150] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.262692][ T1228] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  311.417652][ T1228] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  311.417698][ T1228] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  311.417708][ T1228] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  311.417734][ T1228] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  311.417759][ T1228] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.441921][ T1228] usb 5-1: config 0 descriptor??
[  311.448231][ T1228] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  311.637118][ T5801] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  311.944536][ T8212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.947543][ T8212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.499040][ T8226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.709'.
[  314.510698][ T8239] netlink: 4 bytes leftover after parsing attributes in process `syz.5.710'.
[  314.756909][   T12] Bluetooth: (null): Invalid header checksum
[  314.756995][   T12] Bluetooth: (null): Invalid header checksum
[  314.757106][   T12] Bluetooth: (null): Invalid header checksum
[  314.842548][ T5922] usb 5-1: USB disconnect, device number 9
[  314.900268][ T5900] usb 3-1: USB disconnect, device number 13
[  315.036082][ T5900] usblp0: removed
[  315.797105][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.714'.
[  316.833286][  T150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.893320][  T150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.973468][  T150] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  316.998986][  T150] bond0 (unregistering): Released all slaves
[  318.329987][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  318.330056][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  319.142901][ T5801] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  319.272638][ T5801] usb 4-1: device descriptor read/64, error -71
[  319.535888][ T5801] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  319.999734][ T8294] netlink: 4 bytes leftover after parsing attributes in process `syz.5.727'.
[  320.462681][ T5801] usb 4-1: device descriptor read/64, error -71
[  320.573239][ T5801] usb usb4-port1: attempt power cycle
[  320.982629][ T5801] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  321.009764][ T5801] usb 4-1: device descriptor read/8, error -71
[  321.242641][ T5801] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  321.263483][ T5801] usb 4-1: device descriptor read/8, error -71
[  321.376616][ T5801] usb usb4-port1: unable to enumerate USB device
[  322.882822][  T150] hsr_slave_0: left promiscuous mode
[  322.932696][  T150] hsr_slave_1: left promiscuous mode
[  322.933757][  T150] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.933895][  T150] batman_adv: batadv0: Removing interface: batadv_slave_0
[  323.038784][  T150] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  323.038823][  T150] batman_adv: batadv0: Removing interface: batadv_slave_1
[  323.200848][  T150] veth1_macvtap: left promiscuous mode
[  323.201136][  T150] veth0_macvtap: left promiscuous mode
[  323.201441][  T150] veth1_vlan: left promiscuous mode
[  323.201781][  T150] veth0_vlan: left promiscuous mode
[  324.130715][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.740'.
[  328.025904][ T8378] netlink: 16 bytes leftover after parsing attributes in process `syz.4.753'.
[  328.217490][  T150] team0 (unregistering): Port device team_slave_1 removed
[  328.453063][  T150] team0 (unregistering): Port device team_slave_0 removed
[  328.471301][    C0] vkms_vblank_simulate: vblank timer overrun
[  328.555984][    C0] vkms_vblank_simulate: vblank timer overrun
[  329.272593][    C0] vkms_vblank_simulate: vblank timer overrun
[  329.305712][    C0] vkms_vblank_simulate: vblank timer overrun
[  329.756381][  T150] team0 (unregistering): Port device dummy0 removed
[  330.358329][    C0] vkms_vblank_simulate: vblank timer overrun
[  330.579399][ T5879] lo speed is unknown, defaulting to 1000
[  330.579427][ T5879] infiniband syz2: ib_query_port failed (-19)
[  330.717997][    T9] IPVS: starting estimator thread 0...
[  330.812660][ T8394] IPVS: using max 10 ests per chain, 24000 per kthread
[  330.922655][ T8390] lo speed is unknown, defaulting to 1000
[  331.680614][ T8401] lo speed is unknown, defaulting to 1000
[  331.693826][ T8401] lo speed is unknown, defaulting to 1000
[  331.696806][ T8401] lo speed is unknown, defaulting to 1000
[  331.905952][ T8401] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  332.048219][ T8401] lo speed is unknown, defaulting to 1000
[  332.071113][ T8401] lo speed is unknown, defaulting to 1000
[  332.115575][ T8401] lo speed is unknown, defaulting to 1000
[  332.117249][ T8401] lo speed is unknown, defaulting to 1000
[  332.534994][ T8433] netlink: 'syz.2.768': attribute type 10 has an invalid length.
[  332.535015][ T8433] netlink: 40 bytes leftover after parsing attributes in process `syz.2.768'.
[  332.562258][ T8401] lo speed is unknown, defaulting to 1000
[  332.815078][ T8433] team0: Port device geneve0 added
[  332.844067][ T8401] lo speed is unknown, defaulting to 1000
[  332.886753][ T8434] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.887145][ T8434] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.887233][ T8434] bridge0: port 2(bridge_slave_1) entered forwarding state
[  332.887638][ T8434] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  333.865308][ T8466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.778'.
[  337.159488][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'.
[  340.308026][ T8602] netlink: 4 bytes leftover after parsing attributes in process `syz.4.818'.
[  341.083650][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.822'.
[  341.103092][ T8607] netlink: 24 bytes leftover after parsing attributes in process `syz.3.822'.
[  342.509177][ T8646] netlink: 48 bytes leftover after parsing attributes in process `syz.2.829'.
[  342.535613][ T8646] netlink: 48 bytes leftover after parsing attributes in process `syz.2.829'.
[  344.054129][ T8675] netlink: 16 bytes leftover after parsing attributes in process `syz.5.839'.
[  344.219932][ T8684] lo speed is unknown, defaulting to 1000
[  344.236590][ T8684] lo speed is unknown, defaulting to 1000
[  345.074007][ T8704] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.074837][ T8704] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.868605][ T8735] lo speed is unknown, defaulting to 1000
[  346.870283][ T8735] lo speed is unknown, defaulting to 1000
[  347.335760][ T8746] netlink: 8 bytes leftover after parsing attributes in process `syz.5.867'.
[  347.945897][ T8757] vxcan1: entered allmulticast mode
[  347.958138][   T10] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  348.131659][   T10] usb 4-1: config index 0 descriptor too short (expected 45, got 36)
[  348.131687][   T10] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  348.131705][   T10] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  348.131740][   T10] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  348.131761][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.189802][   T10] usb 4-1: rejected 1 configuration due to insufficient available bus power
[  348.189825][   T10] usb 4-1: no configuration chosen from 1 choice
[  348.534811][ T8779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.881'.
[  348.592816][   T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  348.683435][ T8784] netlink: 'syz.4.883': attribute type 10 has an invalid length.
[  348.683455][ T8784] netlink: 40 bytes leftover after parsing attributes in process `syz.4.883'.
[  348.742733][   T10] usb 2-1: Using ep0 maxpacket: 8
[  348.746203][   T10] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  348.746230][   T10] usb 2-1: config 0 has no interface number 0
[  348.746260][   T10] usb 2-1: config 0 interface 200 has no altsetting 0
[  348.750192][   T10] usb 2-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  348.750217][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.750235][   T10] usb 2-1: Product: syz
[  348.750247][   T10] usb 2-1: Manufacturer: syz
[  348.750260][   T10] usb 2-1: SerialNumber: syz
[  348.821635][   T10] usb 2-1: config 0 descriptor??
[  348.878484][ T8784] team0: Port device geneve0 added
[  349.032753][ T5879] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  350.142597][ T5879] usb 6-1: Using ep0 maxpacket: 16
[  350.173551][ T5879] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  350.173579][ T5879] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  350.173597][ T5879] usb 6-1: Product: syz
[  350.173610][ T5879] usb 6-1: Manufacturer: syz
[  350.173622][ T5879] usb 6-1: SerialNumber: syz
[  350.240767][ T5879] usb 6-1: config 0 descriptor??
[  351.127495][ T5800] usb 4-1: USB disconnect, device number 14
[  351.709229][   T10] usbhid 2-1:0.200: couldn't find an input interrupt endpoint
[  351.795620][   T10] usb 2-1: USB disconnect, device number 8
[  355.342572][ T5801] usb 6-1: USB disconnect, device number 2
[  361.902205][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.2.933'.
[  361.911913][ T8938] netlink: 24 bytes leftover after parsing attributes in process `syz.2.933'.
[  370.942672][ T1228] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  371.103943][ T1228] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  371.103970][ T1228] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  371.104018][ T1228] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  371.104062][ T1228] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  371.104083][ T1228] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.171591][ T1228] usb 3-1: config 0 descriptor??
[  371.208965][ T1228] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  372.083846][ T9024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.958'.
[  374.496885][ T5879] usb 3-1: USB disconnect, device number 14
[  379.346945][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  379.347019][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  380.365287][   T37] kauditd_printk_skb: 200 callbacks suppressed
[  380.365307][   T37] audit: type=1800 audit(1759461729.912:212): pid=9214 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.1013" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  384.312652][ T5879] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  384.542646][ T5879] usb 5-1: Using ep0 maxpacket: 8
[  384.552380][ T5879] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  384.552410][ T5879] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.552428][ T5879] usb 5-1: Product: syz
[  384.581531][ T5879] usb 5-1: Manufacturer: syz
[  384.581550][ T5879] usb 5-1: SerialNumber: syz
[  384.623600][ T5879] usb 5-1: config 0 descriptor??
[  385.083620][ T5879] dvb_usb_rtl28xxu 5-1:0.0: chip type detection failed -71
[  385.083716][ T5879] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  385.122862][ T5879] usb 5-1: USB disconnect, device number 10
[  389.063929][ T9321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1052'.
[  390.263119][ T5800] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  391.061480][ T5800] usb 5-1: Using ep0 maxpacket: 8
[  391.082409][ T5800] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  391.082478][ T5800] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.082498][ T5800] usb 5-1: Product: syz
[  391.082512][ T5800] usb 5-1: Manufacturer: syz
[  391.082525][ T5800] usb 5-1: SerialNumber: syz
[  392.208220][ T5800] usb 5-1: config 0 descriptor??
[  392.494963][ T5800] dvb_usb_rtl28xxu 5-1:0.0: chip type detection failed -71
[  392.495025][ T5800] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  392.522850][ T5800] usb 5-1: USB disconnect, device number 11
[  392.814666][ T9363] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1066'.
[  393.391745][ T9368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1067'.
[  394.096836][ T9376] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1068'.
[  394.367654][ T9376] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1068'.
[  397.469142][ T9410] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.928477][   T49] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  398.602604][   T49] usb 4-1: Using ep0 maxpacket: 8
[  398.608066][   T49] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  398.608091][   T49] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.608109][   T49] usb 4-1: Product: syz
[  398.608120][   T49] usb 4-1: Manufacturer: syz
[  398.608134][   T49] usb 4-1: SerialNumber: syz
[  398.658689][   T49] usb 4-1: config 0 descriptor??
[  398.964092][   T49] dvb_usb_rtl28xxu 4-1:0.0: chip type detection failed -71
[  398.964187][   T49] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  398.972919][ T9424] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1082'.
[  399.024013][   T49] usb 4-1: USB disconnect, device number 15
[  399.191945][ T9410] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.297382][ T9432] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1084'.
[  399.412079][ T9436] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1087'.
[  399.425182][ T9436] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1087'.
[  400.616361][ T9410] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.956908][ T9410] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.988597][   T37] audit: type=1800 audit(1759461751.212:213): pid=9460 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1095" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  402.529059][   T67] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  402.571535][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  402.668421][   T67] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  402.788284][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  402.922944][ T9474] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1101'.
[  402.926786][ T9474] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1101'.
[  402.972798][    T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  403.122736][    T9] usb 4-1: Using ep0 maxpacket: 8
[  403.133969][    T9] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  403.133996][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.134014][    T9] usb 4-1: Product: syz
[  403.134027][    T9] usb 4-1: Manufacturer: syz
[  403.134039][    T9] usb 4-1: SerialNumber: syz
[  403.203381][    T9] usb 4-1: config 0 descriptor??
[  403.495729][    T9] dvb_usb_rtl28xxu 4-1:0.0: chip type detection failed -71
[  403.495834][    T9] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  403.512111][    T9] usb 4-1: USB disconnect, device number 16
[  403.732103][ T9486] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1105'.
[  403.742077][ T9486] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1105'.
[  403.791330][ T9490] netlink: 'syz.4.1107': attribute type 10 has an invalid length.
[  403.791355][ T9490] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1107'.
[  405.458126][ T9513] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1116'.
[  405.629940][ T9515] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1118'.
[  405.691108][ T9518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1115'.
[  405.691487][ T9518] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1115'.
[  405.813822][ T9515] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1118'.
[  407.222617][   T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  407.387439][   T10] usb 4-1: Using ep0 maxpacket: 8
[  407.399639][   T10] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  407.399669][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.399687][   T10] usb 4-1: Product: syz
[  407.399699][   T10] usb 4-1: Manufacturer: syz
[  407.399706][   T10] usb 4-1: SerialNumber: syz
[  407.581751][   T10] usb 4-1: config 0 descriptor??
[  408.357209][   T10] dvb_usb_rtl28xxu 4-1:0.0: chip type detection failed -71
[  408.357311][   T10] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  408.386133][   T10] usb 4-1: USB disconnect, device number 17
[  408.519565][ T9552] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1130'.
[  408.680322][ T9556] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1131'.
[  408.750132][ T9557] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1131'.
[  409.645979][ T9566] siw: device registration error -23
[  410.492253][ T9585] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1141'.
[  411.022722][ T5999] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  411.172699][ T5999] usb 4-1: Using ep0 maxpacket: 8
[  411.181302][ T5999] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  411.181329][ T5999] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.181347][ T5999] usb 4-1: Product: syz
[  411.181361][ T5999] usb 4-1: Manufacturer: syz
[  411.181370][ T5999] usb 4-1: SerialNumber: syz
[  411.187654][ T5999] usb 4-1: config 0 descriptor??
[  411.454221][ T5999] dvb_usb_rtl28xxu 4-1:0.0: chip type detection failed -71
[  411.454329][ T5999] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  411.492379][ T5999] usb 4-1: USB disconnect, device number 18
[  418.838329][ T9609] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1152'.
[  420.318799][ T9627] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1156'.
[  420.327609][ T9627] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1156'.
[  420.482908][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  420.652598][    T9] usb 4-1: Using ep0 maxpacket: 8
[  420.683243][    T9] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  420.683273][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.683292][    T9] usb 4-1: Product: syz
[  420.683305][    T9] usb 4-1: Manufacturer: syz
[  420.683318][    T9] usb 4-1: SerialNumber: syz
[  420.689525][    T9] usb 4-1: config 0 descriptor??
[  420.776729][ T9602] udevd[9602]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  421.213406][    T9] dvb_usb_rtl28xxu 4-1:0.0: chip type detection failed -71
[  421.213507][    T9] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  421.249568][    T9] usb 4-1: USB disconnect, device number 19
[  422.333484][   T37] audit: type=1800 audit(1759461771.922:214): pid=9656 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1164" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  422.566845][ T9660] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1168'.
[  422.584480][ T9660] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1168'.
[  424.701484][ T9698] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1183'.
[  424.718910][ T9698] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1183'.
[  425.272440][ T9707] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1185'.
[  425.754920][    C0] vkms_vblank_simulate: vblank timer overrun
[  426.617420][    C0] vkms_vblank_simulate: vblank timer overrun
[  426.693086][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  426.867775][    T9] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  426.867803][    T9] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  426.867851][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  426.867891][    T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  426.867912][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.037776][ T5820] Bluetooth: hci5: command 0x0406 tx timeout
[  427.611000][    C0] vkms_vblank_simulate: vblank timer overrun
[  427.771844][    T9] usb 5-1: config 0 descriptor??
[  427.795858][    T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  428.023426][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.216372][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.361500][ T9732] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1192'.
[  428.427489][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.754453][    C0] vkms_vblank_simulate: vblank timer overrun
[  429.171655][ T9744] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1194'.
[  429.171759][ T9744] nbd: device at index 64 is going down
[  429.275913][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.185930][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.887498][    C0] vkms_vblank_simulate: vblank timer overrun
[  431.015309][    C0] vkms_vblank_simulate: vblank timer overrun
[  431.650434][    C0] vkms_vblank_simulate: vblank timer overrun
[  431.836058][ T9629] udevd[9629]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  431.858804][   T49] usb 5-1: USB disconnect, device number 12
[  431.869137][ T9602] udevd[9602]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  431.880158][ T9755] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.894760][ T9755] pimreg0: renamed from bridge_slave_1 (while UP)
[  432.101142][ T9755] bridge0: port 2(pimreg0) entered disabled state
[  432.815959][ T9783] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1201'.
[  440.119434][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  440.119501][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  446.633139][ T9800] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1206'.
[  447.209119][ T9804] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1210'.
[  447.209150][ T9804] nbd: device at index 64 is going down
[  447.617676][ T9821] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1212'.
[  447.655668][ T9820] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1213'.
[  447.686966][ T9823] trusted_key: syz.2.1215 sent an empty control message without MSG_MORE.
[  448.563558][ T9832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1216'.
[  449.281678][ T9815] udevd[9815]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  449.308526][ T9815] udevd[9815]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  452.398421][ T9868] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1224'.
[  453.012655][ T5900] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  453.086149][ T9815] udevd[9815]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  453.172821][ T5900] usb 5-1: Using ep0 maxpacket: 8
[  453.176520][ T5900] usb 5-1: config 0 has an invalid interface number: 200 but max is 0
[  453.176547][ T5900] usb 5-1: config 0 has no interface number 0
[  453.176578][ T5900] usb 5-1: config 0 interface 200 has no altsetting 0
[  453.179607][ T5900] usb 5-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  453.179633][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.179653][ T5900] usb 5-1: Product: syz
[  453.179667][ T5900] usb 5-1: Manufacturer: syz
[  453.179681][ T5900] usb 5-1: SerialNumber: syz
[  453.340972][ T5900] usb 5-1: config 0 descriptor??
[  453.468551][ T9889] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1234'.
[  453.796092][ T9896] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1235'.
[  455.259840][ T9815] udevd[9815]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  456.346909][ T5900] usbhid 5-1:0.200: couldn't find an input interrupt endpoint
[  456.412889][ T5900] usb 5-1: USB disconnect, device number 13
[  458.480749][ T9936] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1246'.
[  459.823269][ T9944] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1248'.
[  461.435963][ T9876] udevd[9876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  463.705834][ T9981] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1258'.
[  468.778735][T10039] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1264'.
[  469.973462][T10056] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1268'.
[  470.236482][T10061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1270'.
[  470.236509][T10061] nbd: must specify at least one socket
[  470.401937][T10063] netlink: 'syz.3.1269': attribute type 10 has an invalid length.
[  470.401959][T10063] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1269'.
[  471.269212][T10063] team0: Port device geneve0 added
[  471.713232][T10077] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1272'.
[  473.923934][T10046] udevd[10046]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  474.393392][T10042] udevd[10042]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  475.368594][T10042] udevd[10042]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  475.396739][T10042] udevd[10042]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  480.533515][T10093] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1277'.
[  481.262242][T10100] udevd[10100]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  481.307070][T10098] udevd[10098]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  481.372356][T10109] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1282'.
[  481.372381][T10109] nbd: must specify at least one socket
[  481.591946][T10111] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1284'.
[  481.713553][T10114] netlink: 'syz.1.1285': attribute type 10 has an invalid length.
[  481.713574][T10114] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1285'.
[  481.879508][T10114] team0: Port device geneve0 added
[  487.117676][T10161] netlink: 'syz.2.1300': attribute type 10 has an invalid length.
[  487.117698][T10161] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1300'.
[  487.493722][T10165] debugfs: 'netdev:nicvf0' already exists in 'phy3'
[  487.584119][    C0] vkms_vblank_simulate: vblank timer overrun
[  488.032917][    T9] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  488.231809][    C0] vkms_vblank_simulate: vblank timer overrun
[  489.779052][    C0] vkms_vblank_simulate: vblank timer overrun
[  489.824082][    T9] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[  489.824100][    T9] usb 4-1: config 0 has no interface number 0
[  489.829622][    T9] usb 4-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  489.829650][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.829667][    T9] usb 4-1: Product: syz
[  489.829680][    T9] usb 4-1: Manufacturer: syz
[  489.829693][    T9] usb 4-1: SerialNumber: syz
[  489.921524][    T9] usb 4-1: config 0 descriptor??
[  490.073903][    C0] vkms_vblank_simulate: vblank timer overrun
[  490.099608][    T9] ttusb_dec_send_command: command bulk message failed: error -22
[  490.099862][    T9] ttusb-dec 4-1:0.50: probe with driver ttusb-dec failed with error -22
[  490.507368][    C0] vkms_vblank_simulate: vblank timer overrun
[  491.463733][T10193] mmap: syz.2.1303 (10193) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  495.980983][T10217] evm: overlay not supported
[  497.514020][ T5922] usb 4-1: USB disconnect, device number 20
[  498.300671][T10241] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1317'.
[  498.606988][T10245] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1315'.
[  501.595619][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  501.595697][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  501.970660][T10271] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1324'.
[  502.474244][T10271] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[  502.474879][T10271] block (null): Could not allocate knbd recv work queue.
[  502.476041][T10271] nbd: failed to add new device
[  502.752283][T10211] udevd[10211]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  504.162667][ T5922] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  504.267645][    C0] vkms_vblank_simulate: vblank timer overrun
[  504.286600][T10289] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1329'.
[  504.413107][T10293] netlink: 'syz.2.1328': attribute type 3 has an invalid length.
[  504.413128][T10293] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1328'.
[  504.422681][ T5922] usb 2-1: Using ep0 maxpacket: 8
[  504.424773][ T5922] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  504.424799][ T5922] usb 2-1: config 0 has no interface number 0
[  504.424830][ T5922] usb 2-1: config 0 interface 200 has no altsetting 0
[  504.465166][ T5922] usb 2-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  504.465195][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.465214][ T5922] usb 2-1: Product: syz
[  504.465227][ T5922] usb 2-1: Manufacturer: syz
[  504.465243][ T5922] usb 2-1: SerialNumber: syz
[  504.474561][ T5922] usb 2-1: config 0 descriptor??
[  505.268745][    C0] vkms_vblank_simulate: vblank timer overrun
[  505.891454][    C0] vkms_vblank_simulate: vblank timer overrun
[  507.036048][    C0] vkms_vblank_simulate: vblank timer overrun
[  507.277166][    C0] vkms_vblank_simulate: vblank timer overrun
[  507.370971][    C0] vkms_vblank_simulate: vblank timer overrun
[  508.210242][    C0] vkms_vblank_simulate: vblank timer overrun
[  508.466151][ T5922] usbhid 2-1:0.200: couldn't find an input interrupt endpoint
[  508.491242][ T5922] usb 2-1: USB disconnect, device number 9
[  509.354646][ T8311] Bluetooth: (null): Invalid header checksum
[  509.817520][ T8311] Bluetooth: (null): Invalid header checksum
[  517.966612][T10346] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1340'.
[  518.361057][    C0] vkms_vblank_simulate: vblank timer overrun
[  519.775685][    C0] vkms_vblank_simulate: vblank timer overrun
[  520.071076][    C0] vkms_vblank_simulate: vblank timer overrun
[  520.154787][T10360] netlink: 'syz.3.1344': attribute type 3 has an invalid length.
[  520.154809][T10360] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1344'.
[  520.425047][ T5801] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  520.428614][T10353] udevd[10353]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  520.629045][    C0] vkms_vblank_simulate: vblank timer overrun
[  520.632821][ T5801] usb 3-1: Using ep0 maxpacket: 8
[  520.635301][ T5801] usb 3-1: config 0 has an invalid interface number: 200 but max is 0
[  520.635327][ T5801] usb 3-1: config 0 has no interface number 0
[  520.635358][ T5801] usb 3-1: config 0 interface 200 has no altsetting 0
[  520.638799][ T5801] usb 3-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  520.638827][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.638846][ T5801] usb 3-1: Product: syz
[  520.638861][ T5801] usb 3-1: Manufacturer: syz
[  520.638874][ T5801] usb 3-1: SerialNumber: syz
[  520.740385][ T5801] usb 3-1: config 0 descriptor??
[  520.946068][    C0] vkms_vblank_simulate: vblank timer overrun
[  521.694455][    C0] vkms_vblank_simulate: vblank timer overrun
[  523.298714][    C1] vkms_vblank_simulate: vblank timer overrun
[  523.819647][    C1] vkms_vblank_simulate: vblank timer overrun
[  524.213442][ T5801] usbhid 3-1:0.200: couldn't find an input interrupt endpoint
[  524.234817][ T5801] usb 3-1: USB disconnect, device number 15
[  524.273151][    C1] vkms_vblank_simulate: vblank timer overrun
[  524.586707][    C1] vkms_vblank_simulate: vblank timer overrun
[  524.923867][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.191628][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.599694][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.896720][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.346478][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.780845][   T37] audit: type=1800 audit(1759461876.363:215): pid=10415 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1353" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  527.207054][    C1] vkms_vblank_simulate: vblank timer overrun
[  527.214909][T10417] netlink: 'syz.5.1358': attribute type 3 has an invalid length.
[  527.214931][T10417] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.1358'.
[  527.972891][    C1] vkms_vblank_simulate: vblank timer overrun
[  528.808897][    C1] vkms_vblank_simulate: vblank timer overrun
[  532.311788][T10454] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1367'.
[  532.593820][T10454] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[  532.596897][T10454] block (null): Could not allocate knbd recv work queue.
[  532.597615][T10454] nbd: failed to add new device
[  536.124566][T10465] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  536.137360][T10465] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  536.138697][T10465] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  536.139895][T10465] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  536.140707][T10465] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  538.192672][T10465] Bluetooth: hci4: command tx timeout
[  541.134739][T10464] lo speed is unknown, defaulting to 1000
[  541.137369][T10464] lo speed is unknown, defaulting to 1000
[  541.214997][T10465] Bluetooth: hci4: command tx timeout
[  543.804494][T10465] Bluetooth: hci4: command tx timeout
[  545.337805][T10503] siw: device registration error -23
[  545.616277][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.875689][   T59] Bluetooth: hci4: command tx timeout
[  547.376505][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.683184][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.735777][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.769371][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.482061][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.738683][    C1] vkms_vblank_simulate: vblank timer overrun
[  549.616618][    C1] vkms_vblank_simulate: vblank timer overrun
[  549.975617][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.624410][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.903184][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.116307][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.143543][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.429213][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.564275][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.059910][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.762790][    C1] vkms_vblank_simulate: vblank timer overrun
[  554.231357][    C1] vkms_vblank_simulate: vblank timer overrun
[  554.534167][    C1] vkms_vblank_simulate: vblank timer overrun
[  554.569516][ T1527] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.264318][ T1527] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.540664][T10464] chnl_net:caif_netlink_parms(): no params data found
[  561.305998][ T1527] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.909780][ T1527] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.229014][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  563.230557][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  564.011869][T10464] bridge0: port 1(bridge_slave_0) entered blocking state
[  564.012006][T10464] bridge0: port 1(bridge_slave_0) entered disabled state
[  564.012240][T10464] bridge_slave_0: entered allmulticast mode
[  564.015986][T10464] bridge_slave_0: entered promiscuous mode
[  564.800535][T10464] bridge0: port 2(bridge_slave_1) entered blocking state
[  564.815879][T10464] bridge0: port 2(bridge_slave_1) entered disabled state
[  564.816072][T10464] bridge_slave_1: entered allmulticast mode
[  564.832397][T10464] bridge_slave_1: entered promiscuous mode
[  565.727722][T10672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1425'.
[  566.511759][T10464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  566.594390][T10464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  567.281445][T10464] team0: Port device team_slave_0 added
[  567.346399][T10464] team0: Port device team_slave_1 added
[  569.183156][ T1527] bridge_slave_1: left promiscuous mode
[  569.183417][ T1527] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.541024][ T1527] bridge_slave_0: left allmulticast mode
[  569.541054][ T1527] bridge_slave_0: left promiscuous mode
[  569.541308][ T1527] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.844607][ T1527] team0: Port device geneve0 removed
[  576.593439][ T1527] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  576.653526][ T1527] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  576.679265][ T1527] bond0 (unregistering): Released all slaves
[  576.833889][T10464] batman_adv: batadv0: Adding interface: batadv_slave_0
[  576.833906][T10464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  576.833932][T10464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  576.836346][T10464] batman_adv: batadv0: Adding interface: batadv_slave_1
[  576.836361][T10464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  576.836387][T10464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  580.587696][    C0] vkms_vblank_simulate: vblank timer overrun
[  580.717809][    C0] vkms_vblank_simulate: vblank timer overrun
[  581.181979][    C0] vkms_vblank_simulate: vblank timer overrun
[  581.625351][T10464] hsr_slave_0: entered promiscuous mode
[  581.637366][    C0] vkms_vblank_simulate: vblank timer overrun
[  581.693931][T10464] hsr_slave_1: entered promiscuous mode
[  581.745308][T10464] debugfs: 'hsr0' already exists in 'hsr'
[  581.748862][T10464] Cannot create hsr debugfs directory
[  581.809685][T10817] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1450'.
[  581.853390][    C0] vkms_vblank_simulate: vblank timer overrun
[  582.213057][T10817] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[  582.213168][T10817] block (null): Could not allocate knbd recv work queue.
[  582.213861][T10817] nbd: failed to add new device
[  582.215140][    C0] vkms_vblank_simulate: vblank timer overrun
[  589.082074][T10836] bridge0: port 2(bridge_slave_1) entered disabled state
[  589.082163][T10836] pimreg0: renamed from bridge_slave_1 (while UP)
[  589.157551][T10836] bridge0: port 2(pimreg0) entered disabled state
[  589.392692][T10864] debugfs: 'netdev:nicvf0' already exists in 'phy7'
[  596.261663][ T1527] hsr_slave_0: left promiscuous mode
[  596.304413][ T1527] hsr_slave_1: left promiscuous mode
[  596.305588][ T1527] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  596.305756][ T1527] batman_adv: batadv0: Removing interface: batadv_slave_0
[  596.363788][ T1527] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  596.363817][ T1527] batman_adv: batadv0: Removing interface: batadv_slave_1
[  596.576415][ T1527] veth1_macvtap: left promiscuous mode
[  596.576523][ T1527] veth0_macvtap: left promiscuous mode
[  596.579922][ T1527] veth1_vlan: left promiscuous mode
[  596.581229][ T1527] veth0_vlan: left promiscuous mode
[  596.920459][T10465] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  596.935893][T10465] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  596.953878][T10465] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  597.029162][T10958] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1475'.
[  597.134007][T10465] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  597.134855][T10465] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  597.522068][T10781] udevd[10781]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  599.232560][   T59] Bluetooth: hci0: command tx timeout
[  600.697585][ T1527] team0 (unregistering): Port device team_slave_1 removed
[  600.903393][ T1527] team0 (unregistering): Port device team_slave_0 removed
[  601.312598][   T59] Bluetooth: hci0: command tx timeout
[  602.293141][ T1527] team0 (unregistering): Port device dummy0 removed
[  603.161687][T10941] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.161728][T10941] pimreg0: renamed from bridge_slave_1 (while UP)
[  603.392729][   T59] Bluetooth: hci0: command tx timeout
[  604.319296][T10952] lo speed is unknown, defaulting to 1000
[  604.328608][T10952] lo speed is unknown, defaulting to 1000
[  605.797630][   T59] Bluetooth: hci0: command tx timeout
[  606.326796][T10952] chnl_net:caif_netlink_parms(): no params data found
[  607.337053][T11001] debugfs: 'netdev:nicvf0' already exists in 'phy9'
[  608.744219][T11025] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.744305][T11025] pimreg0: renamed from bridge_slave_1 (while UP)
[  608.868755][T11041] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1491'.
[  608.989642][T11025] bridge0: port 2(pimreg0) entered disabled state
[  609.231507][T10952] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.231665][T10952] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.231864][T10952] bridge_slave_0: entered allmulticast mode
[  614.329712][T10952] bridge_slave_0: entered promiscuous mode
[  614.404035][T10952] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.404185][T10952] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.404414][T10952] bridge_slave_1: entered allmulticast mode
[  614.407069][T10952] bridge_slave_1: entered promiscuous mode
[  614.486632][T11020] udevd[11020]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  617.656565][T10952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  617.701881][T10952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  619.316646][T10952] team0: Port device team_slave_0 added
[  619.323224][T10952] team0: Port device team_slave_1 added
[  620.492139][T11111] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1501'.
[  622.274919][T10952] batman_adv: batadv0: Adding interface: batadv_slave_0
[  622.274936][T10952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  622.274962][T10952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  622.288666][T10952] batman_adv: batadv0: Adding interface: batadv_slave_1
[  622.288683][T10952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  622.288709][T10952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  623.846798][ T1360] bridge_slave_1: left allmulticast mode
[  623.846832][ T1360] bridge_slave_1: left promiscuous mode
[  623.847087][ T1360] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.946336][ T1360] bridge_slave_0: left allmulticast mode
[  623.946366][ T1360] bridge_slave_0: left promiscuous mode
[  623.946663][ T1360] bridge0: port 1(bridge_slave_0) entered disabled state
[  624.439838][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  624.439884][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  624.933121][ T1360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  626.370110][ T1360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  626.470220][ T1360] bond0 (unregistering): Released all slaves
[  627.872085][T10952] hsr_slave_0: entered promiscuous mode
[  627.979742][T10952] hsr_slave_1: entered promiscuous mode
[  628.024648][T10952] debugfs: 'hsr0' already exists in 'hsr'
[  628.025724][T10952] Cannot create hsr debugfs directory
[  628.892010][T11172] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1523'.
[  629.168345][ T1360] hsr_slave_0: left promiscuous mode
[  629.370884][ T1360] hsr_slave_1: left promiscuous mode
[  629.371874][ T1360] batman_adv: batadv0: Removing interface: batadv_slave_0
[  629.443495][ T1360] batman_adv: batadv0: Removing interface: batadv_slave_1
[  633.990760][ T1360] team0 (unregistering): Port device team_slave_1 removed
[  635.023583][ T1360] team0 (unregistering): Port device team_slave_0 removed
[  638.941242][T11238] debugfs: 'netdev:nicvf0' already exists in 'phy9'
[  640.734335][T10952] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  640.872091][T10952] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  641.804586][    C0] vkms_vblank_simulate: vblank timer overrun
[  641.842626][T10952] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  641.996733][T10952] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  642.766100][    C0] vkms_vblank_simulate: vblank timer overrun
[  643.133827][    C0] vkms_vblank_simulate: vblank timer overrun
[  643.956563][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.170326][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.409595][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.445601][T10952] 8021q: adding VLAN 0 to HW filter on device bond0
[  644.480811][T10952] 8021q: adding VLAN 0 to HW filter on device team0
[  644.497097][ T1308] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.497301][ T1308] bridge0: port 1(bridge_slave_0) entered forwarding state
[  644.531986][ T1308] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.532131][ T1308] bridge0: port 2(bridge_slave_1) entered forwarding state
[  644.598001][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.949136][    C0] vkms_vblank_simulate: vblank timer overrun
[  645.299690][    C0] vkms_vblank_simulate: vblank timer overrun
[  645.884231][    C0] vkms_vblank_simulate: vblank timer overrun
[  645.911350][    C0] vkms_vblank_simulate: vblank timer overrun
[  645.968591][    C0] vkms_vblank_simulate: vblank timer overrun
[  646.411646][    C0] vkms_vblank_simulate: vblank timer overrun
[  646.762064][T11323] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1552'.
[  647.141681][T11323] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[  647.147975][T11323] block (null): Could not allocate knbd recv work queue.
[  647.195558][T11323] nbd: failed to add new device
[  647.692021][    C1] vkms_vblank_simulate: vblank timer overrun
[  647.721790][T10952] 8021q: adding VLAN 0 to HW filter on device batadv0
[  647.826734][    C1] vkms_vblank_simulate: vblank timer overrun
[  647.995733][    C1] vkms_vblank_simulate: vblank timer overrun
[  648.775385][T10952] veth0_vlan: entered promiscuous mode
[  648.824498][T10952] veth1_vlan: entered promiscuous mode
[  649.359310][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.600803][T10952] veth0_macvtap: entered promiscuous mode
[  649.666890][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.827009][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.844871][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.061951][T11351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1558'.
[  650.074087][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.096092][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.283443][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.574681][T10952] veth1_macvtap: entered promiscuous mode
[  650.657660][T10952] batman_adv: batadv0: Interface activated: batadv_slave_0
[  650.674293][T10952] batman_adv: batadv0: Interface activated: batadv_slave_1
[  650.714530][T10036] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  650.818375][ T7409] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  650.965111][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.993386][ T7409] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  651.000829][ T7409] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  651.100645][    C1] vkms_vblank_simulate: vblank timer overrun
[  651.266533][    C1] vkms_vblank_simulate: vblank timer overrun
[  651.702639][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.192485][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.804066][T11375] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1563'.
[  653.045989][T10035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  653.046021][T10035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  653.537387][ T1308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  653.537407][ T1308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  653.593323][T11237] udevd[11237]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  653.672321][T11237] udevd[11237]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  654.095347][   T37] audit: type=1800 audit(1759462003.673:216): pid=11393 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.1566" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  655.352616][ T7480] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  655.771081][ T7480] usb 6-1: Using ep0 maxpacket: 8
[  655.799636][ T7480] usb 6-1: config 0 has an invalid interface number: 200 but max is 0
[  655.799663][ T7480] usb 6-1: config 0 has no interface number 0
[  655.799696][ T7480] usb 6-1: config 0 interface 200 has no altsetting 0
[  656.161818][T11414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1571'.
[  656.696869][ T7480] usb 6-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  656.696888][ T7480] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.696898][ T7480] usb 6-1: Product: syz
[  656.696905][ T7480] usb 6-1: Manufacturer: syz
[  656.696912][ T7480] usb 6-1: SerialNumber: syz
[  656.700416][ T7480] usb 6-1: config 0 descriptor??
[  656.802647][ T1228] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  659.839075][ T7480] usbhid 6-1:0.200: couldn't find an input interrupt endpoint
[  659.865765][ T7480] usb 6-1: USB disconnect, device number 3
[  660.594053][   T37] audit: type=1800 audit(1759462010.173:217): pid=11443 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.1578" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  662.034951][ T1228] usb 3-1: device descriptor read/all, error -110
[  662.168334][ T1228] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  662.420561][ T1228] usb 3-1: device descriptor read/64, error -32
[  662.533384][ T1228] usb usb3-port1: attempt power cycle
[  663.755853][ T1228] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  663.779275][ T1228] usb 3-1: device descriptor read/8, error -32
[  664.056079][T11474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1583'.
[  664.721982][ T1228] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  664.744324][ T1228] usb 3-1: device descriptor read/8, error -32
[  664.832656][ T7480] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  664.854302][ T1228] usb usb3-port1: unable to enumerate USB device
[  665.142576][ T7480] usb 2-1: Using ep0 maxpacket: 8
[  665.163477][ T7480] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  665.163504][ T7480] usb 2-1: config 0 has no interface number 0
[  665.163535][ T7480] usb 2-1: config 0 interface 200 has no altsetting 0
[  665.169820][ T7480] usb 2-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  665.169851][ T7480] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  665.169874][ T7480] usb 2-1: Product: syz
[  665.169887][ T7480] usb 2-1: Manufacturer: syz
[  665.169901][ T7480] usb 2-1: SerialNumber: syz
[  665.232844][ T7480] usb 2-1: config 0 descriptor??
[  667.498025][T11504] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1590'.
[  667.632235][ T7480] usbhid 2-1:0.200: couldn't find an input interrupt endpoint
[  667.735616][ T7480] usb 2-1: USB disconnect, device number 10
[  668.365043][T11316] udevd[11316]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  668.420461][T11430] udevd[11430]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  670.224888][T11562] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1597'.
[  673.445976][T11582] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1604'.
[  675.442947][    C1] vkms_vblank_simulate: vblank timer overrun
[  675.539151][    C1] vkms_vblank_simulate: vblank timer overrun
[  675.574827][    C1] vkms_vblank_simulate: vblank timer overrun
[  675.745378][    C1] vkms_vblank_simulate: vblank timer overrun
[  676.298905][    C1] vkms_vblank_simulate: vblank timer overrun
[  676.873253][    C1] vkms_vblank_simulate: vblank timer overrun
[  677.358015][    C1] vkms_vblank_simulate: vblank timer overrun
[  677.918599][T11429] udevd[11429]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  678.001137][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1613'.
[  678.328182][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.418528][ T5879] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  678.957762][    C1] vkms_vblank_simulate: vblank timer overrun
[  679.172577][ T5879] usb 3-1: Using ep0 maxpacket: 8
[  679.331976][    C1] vkms_vblank_simulate: vblank timer overrun
[  679.334233][ T5879] usb 3-1: config 0 has an invalid interface number: 200 but max is 0
[  679.334258][ T5879] usb 3-1: config 0 has no interface number 0
[  679.334289][ T5879] usb 3-1: config 0 interface 200 has no altsetting 0
[  679.342589][ T5879] usb 3-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  679.342616][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  679.342635][ T5879] usb 3-1: Product: syz
[  679.342648][ T5879] usb 3-1: Manufacturer: syz
[  679.342659][ T5879] usb 3-1: SerialNumber: syz
[  679.401689][ T5879] usb 3-1: config 0 descriptor??
[  679.543387][    C1] vkms_vblank_simulate: vblank timer overrun
[  679.680760][ T5879] usbhid 3-1:0.200: couldn't find an input interrupt endpoint
[  680.234613][ T5879] usb 3-1: USB disconnect, device number 20
[  681.458238][    C1] vkms_vblank_simulate: vblank timer overrun
[  681.652132][    C1] vkms_vblank_simulate: vblank timer overrun
[  681.923946][    C1] vkms_vblank_simulate: vblank timer overrun
[  682.296381][    C1] vkms_vblank_simulate: vblank timer overrun
[  682.328308][    C1] vkms_vblank_simulate: vblank timer overrun
[  682.400123][    C1] vkms_vblank_simulate: vblank timer overrun
[  682.592053][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.020302][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.253861][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.538080][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.730581][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.976405][T11689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1628'.
[  683.990541][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.073179][ T1285] Bluetooth: (null): Invalid header checksum
[  684.073266][ T1285] Bluetooth: (null): Invalid header checksum
[  684.202850][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.847793][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.187428][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.247472][T11709] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1634'.
[  685.342624][T10391] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  685.589645][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.657690][T11714] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1633'.
[  685.657800][T11714] nbd: nbd64 already in use
[  685.804206][T10391] usb 2-1: config 0 has an invalid interface number: 50 but max is 0
[  685.804234][T10391] usb 2-1: config 0 has no interface number 0
[  685.884316][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  685.884398][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  686.014423][T10391] usb 2-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  686.014453][T10391] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  686.014472][T10391] usb 2-1: Product: syz
[  686.014485][T10391] usb 2-1: Manufacturer: syz
[  686.014498][T10391] usb 2-1: SerialNumber: syz
[  686.025316][T10391] usb 2-1: config 0 descriptor??
[  686.037719][T10391] ttusb_dec_send_command: command bulk message failed: error -22
[  686.037941][T10391] ttusb-dec 2-1:0.50: probe with driver ttusb-dec failed with error -22
[  686.354605][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.428223][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.504689][    C1] vkms_vblank_simulate: vblank timer overrun
[  688.850885][    C1] vkms_vblank_simulate: vblank timer overrun
[  689.015191][T11733] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1637'.
[  689.107367][    C1] vkms_vblank_simulate: vblank timer overrun
[  689.329206][    C1] vkms_vblank_simulate: vblank timer overrun
[  689.757035][    C1] vkms_vblank_simulate: vblank timer overrun
[  690.263859][    C1] vkms_vblank_simulate: vblank timer overrun
[  690.983124][    C1] vkms_vblank_simulate: vblank timer overrun
[  691.772255][T11653] udevd[11653]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  693.112785][ T1228] usb 2-1: USB disconnect, device number 11
[  694.403863][    C1] vkms_vblank_simulate: vblank timer overrun
[  695.059118][T11797] lo speed is unknown, defaulting to 1000
[  695.061815][T11797] lo speed is unknown, defaulting to 1000
[  695.317121][    C1] vkms_vblank_simulate: vblank timer overrun
[  695.477010][    C1] vkms_vblank_simulate: vblank timer overrun
[  696.415803][    C1] vkms_vblank_simulate: vblank timer overrun
[  696.451287][    C1] vkms_vblank_simulate: vblank timer overrun
[  696.692619][T10391] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  696.842981][T10391] usb 2-1: Using ep0 maxpacket: 8
[  696.845823][T10391] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  696.845848][T10391] usb 2-1: config 0 has no interface number 0
[  696.845880][T10391] usb 2-1: config 0 interface 200 has no altsetting 0
[  696.851885][T10391] usb 2-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  696.851914][T10391] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  696.851931][T10391] usb 2-1: Product: syz
[  696.851943][T10391] usb 2-1: Manufacturer: syz
[  696.851957][T10391] usb 2-1: SerialNumber: syz
[  696.875762][T10391] usb 2-1: config 0 descriptor??
[  697.399282][    C1] vkms_vblank_simulate: vblank timer overrun
[  697.969812][    C1] vkms_vblank_simulate: vblank timer overrun
[  698.101288][    C1] vkms_vblank_simulate: vblank timer overrun
[  698.237383][    C1] vkms_vblank_simulate: vblank timer overrun
[  698.698658][    C1] vkms_vblank_simulate: vblank timer overrun
[  698.999148][    C1] vkms_vblank_simulate: vblank timer overrun
[  699.025816][    C1] vkms_vblank_simulate: vblank timer overrun
[  699.042174][   T37] audit: type=1800 audit(1759462048.493:218): pid=11828 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.1657" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  699.087386][    C1] vkms_vblank_simulate: vblank timer overrun
[  699.660086][T10391] usbhid 2-1:0.200: couldn't find an input interrupt endpoint
[  699.703887][T10391] usb 2-1: USB disconnect, device number 12
[  701.176740][T11839] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  712.234862][   T37] audit: type=1800 audit(1759462060.373:219): pid=11874 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1669" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  713.259009][T10465] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  713.271296][T10465] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  713.273019][T10465] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  713.289458][T10465] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  714.007253][T10465] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  714.532600][ T5879] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  714.757238][T11900] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1676'.
[  714.929119][T11882] lo speed is unknown, defaulting to 1000
[  714.953801][ T5879] usb 3-1: config 0 has an invalid interface number: 50 but max is 0
[  714.953828][ T5879] usb 3-1: config 0 has no interface number 0
[  714.983531][ T5879] usb 3-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  714.983549][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.983559][ T5879] usb 3-1: Product: syz
[  714.983566][ T5879] usb 3-1: Manufacturer: syz
[  714.983573][ T5879] usb 3-1: SerialNumber: syz
[  715.010927][T11882] lo speed is unknown, defaulting to 1000
[  715.106241][ T5879] usb 3-1: config 0 descriptor??
[  715.343503][ T5879] ttusb_dec_send_command: command bulk message failed: error -22
[  715.343733][ T5879] ttusb-dec 3-1:0.50: probe with driver ttusb-dec failed with error -22
[  715.951199][T11911] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1677'.
[  716.438409][   T59] Bluetooth: hci4: command tx timeout
[  716.656943][T11904] udevd[11904]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  718.577738][    C0] vkms_vblank_simulate: vblank timer overrun
[  718.579224][T11891] Bluetooth: hci4: command tx timeout
[  718.777662][    C0] vkms_vblank_simulate: vblank timer overrun
[  719.102325][    C0] vkms_vblank_simulate: vblank timer overrun
[  719.401171][    C0] vkms_vblank_simulate: vblank timer overrun
[  720.231784][    C0] vkms_vblank_simulate: vblank timer overrun
[  720.282613][    C0] vkms_vblank_simulate: vblank timer overrun
[  720.657336][    C0] vkms_vblank_simulate: vblank timer overrun
[  720.658229][   T59] Bluetooth: hci4: command tx timeout
[  721.674208][    C0] vkms_vblank_simulate: vblank timer overrun
[  721.856518][T10391] usb 3-1: USB disconnect, device number 21
[  722.214698][ T1308] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.690545][   T59] Bluetooth: hci4: command tx timeout
[  723.142895][ T1308] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.760661][ T1308] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  724.662830][T11972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1689'.
[  725.307450][ T1308] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.712126][T11974] debugfs: 'netdev:nicvf0' already exists in 'phy7'
[  726.243787][T11882] chnl_net:caif_netlink_parms(): no params data found
[  730.132623][    T9] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  730.528971][    T9] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[  730.528998][    T9] usb 4-1: config 0 has no interface number 0
[  730.536821][    T9] usb 4-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  730.536851][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  730.536871][    T9] usb 4-1: Product: syz
[  730.536883][    T9] usb 4-1: Manufacturer: syz
[  730.536895][    T9] usb 4-1: SerialNumber: syz
[  730.628244][    T9] usb 4-1: config 0 descriptor??
[  730.635436][    T9] ttusb_dec_send_command: command bulk message failed: error -22
[  730.635651][    T9] ttusb-dec 4-1:0.50: probe with driver ttusb-dec failed with error -22
[  731.226514][T12021] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1700'.
[  731.820439][T12022] netlink: 'syz.2.1701': attribute type 10 has an invalid length.
[  731.820460][T12022] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1701'.
[  732.081940][T12022] debugfs: 'netdev:nicvf0' already exists in 'phy3'
[  732.098766][T11882] bridge0: port 1(bridge_slave_0) entered blocking state
[  732.099040][T11882] bridge0: port 1(bridge_slave_0) entered disabled state
[  732.099284][T11882] bridge_slave_0: entered allmulticast mode
[  732.125667][T11882] bridge_slave_0: entered promiscuous mode
[  732.130674][T11882] bridge0: port 2(bridge_slave_1) entered blocking state
[  732.130930][T11882] bridge0: port 2(bridge_slave_1) entered disabled state
[  732.131136][T11882] bridge_slave_1: entered allmulticast mode
[  732.163445][T11882] bridge_slave_1: entered promiscuous mode
[  732.816253][ T1308] bridge_slave_1: left allmulticast mode
[  732.816280][ T1308] bridge_slave_1: left promiscuous mode
[  732.816534][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[  732.976666][ T5879] usb 4-1: USB disconnect, device number 21
[  733.102831][ T7480] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  733.136094][ T1308] bridge_slave_0: left allmulticast mode
[  733.136122][ T1308] bridge_slave_0: left promiscuous mode
[  733.162055][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  737.737243][T12058] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1708'.
[  739.169888][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  739.220925][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  739.235471][ T1308] bond0 (unregistering): Released all slaves
[  740.587099][T12077] netlink: 'syz.1.1714': attribute type 10 has an invalid length.
[  740.587122][T12077] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1714'.
[  741.157083][T12086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1713'.
[  742.180303][T11882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  746.264975][T12082] debugfs: 'netdev:nicvf0' already exists in 'phy7'
[  746.287395][T11882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  747.595428][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  747.595501][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  753.374648][T12153] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1728'.
[  753.540227][T11882] team0: Port device team_slave_0 added
[  753.580605][T11882] team0: Port device team_slave_1 added
[  758.471655][T12182] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1738'.
[  759.167929][T11882] batman_adv: batadv0: Adding interface: batadv_slave_0
[  759.167947][T11882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  759.167974][T11882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  761.163646][T12207] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1742'.
[  762.502997][ T1308] hsr_slave_0: left promiscuous mode
[  762.585783][ T1308] hsr_slave_1: left promiscuous mode
[  762.586718][ T1308] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  762.586742][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  762.761376][ T1308] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  762.761404][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  762.998827][ T1308] veth1_macvtap: left promiscuous mode
[  763.000876][ T1308] veth0_macvtap: left promiscuous mode
[  763.001141][ T1308] veth1_vlan: left promiscuous mode
[  763.001328][ T1308] veth0_vlan: left promiscuous mode
[  763.868693][T12198] udevd[12198]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  764.588279][T12235] siw: device registration error -23
[  764.719798][    C1] vkms_vblank_simulate: vblank timer overrun
[  764.915514][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.034709][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.081807][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.198483][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.585298][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.798457][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.836329][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.862806][ T5801] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  765.886976][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.954524][    C1] vkms_vblank_simulate: vblank timer overrun
[  766.341601][    C1] vkms_vblank_simulate: vblank timer overrun
[  766.376298][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.238891][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.408484][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.742859][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.074895][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.421960][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.849719][    C1] vkms_vblank_simulate: vblank timer overrun
[  769.041217][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.050368][T12266] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1752'.
[  770.114051][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  770.616629][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  771.028336][T11891] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  771.062901][T11891] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  771.066313][T11891] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  771.068012][T11891] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  771.068754][T11891] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  773.253825][   T59] Bluetooth: hci0: command tx timeout
[  773.254134][T11882] batman_adv: batadv0: Adding interface: batadv_slave_1
[  773.254145][T11882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  773.254170][T11882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  774.458884][T12278] lo speed is unknown, defaulting to 1000
[  774.461620][T12278] lo speed is unknown, defaulting to 1000
[  775.241024][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1758'.
[  775.348511][   T59] Bluetooth: hci0: command tx timeout
[  776.362732][ T5801] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  777.472898][T10391] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  777.692278][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.697567][   T59] Bluetooth: hci0: command tx timeout
[  777.744710][T12273] udevd[12273]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  777.846840][T12255] udevd[12255]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  778.092461][    C0] vkms_vblank_simulate: vblank timer overrun
[  778.370792][    C0] vkms_vblank_simulate: vblank timer overrun
[  778.882603][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.012995][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.415833][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.728342][   T59] Bluetooth: hci0: command tx timeout
[  779.917025][T12349] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1764'.
[  780.583043][    C0] vkms_vblank_simulate: vblank timer overrun
[  781.165230][T12278] chnl_net:caif_netlink_parms(): no params data found
[  782.112901][    C0] vkms_vblank_simulate: vblank timer overrun
[  782.770302][ T5801] usb 4-1: device descriptor read/all, error -110
[  782.972506][ T5801] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  783.212423][ T5801] usb 4-1: device descriptor read/64, error -32
[  783.332494][ T5801] usb usb4-port1: attempt power cycle
[  784.663036][ T5801] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  784.688529][ T5801] usb 4-1: device descriptor read/8, error -32
[  784.693037][T12375] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1768'.
[  785.062453][ T5801] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  785.082819][ T5801] usb 4-1: device descriptor read/8, error -32
[  785.923068][ T5801] raw-gadget.0 gadget.3: failed to queue suspend event
[  785.923347][ T5801] usb usb4-port1: unable to enumerate USB device
[  787.413019][ T7480] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  787.430963][T12278] bridge0: port 1(bridge_slave_0) entered blocking state
[  787.431084][T12278] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.431298][T12278] bridge_slave_0: entered allmulticast mode
[  787.663922][T12278] bridge_slave_0: entered promiscuous mode
[  787.698995][T12383] udevd[12383]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  787.715485][T12278] bridge0: port 2(bridge_slave_1) entered blocking state
[  787.715793][T12278] bridge0: port 2(bridge_slave_1) entered disabled state
[  787.716147][T12278] bridge_slave_1: entered allmulticast mode
[  787.747501][T12278] bridge_slave_1: entered promiscuous mode
[  787.817711][T12394] udevd[12394]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  788.246291][T12402] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1775'.
[  788.353057][T12406] Bluetooth: MGMT ver 1.23
[  788.354499][T12406] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1775'.
[  789.019416][T12297] raw-gadget.0 gadget.3: failed to queue disconnect event
[  789.249104][ T1308] bridge_slave_1: left allmulticast mode
[  789.249124][ T1308] bridge_slave_1: left promiscuous mode
[  789.249276][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[  789.680928][ T1308] bridge_slave_0: left allmulticast mode
[  789.680957][ T1308] bridge_slave_0: left promiscuous mode
[  789.681264][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  789.973116][T11891] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  789.978399][T11891] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  789.979743][T11891] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  789.981263][T11891] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  789.986879][T11891] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  791.525240][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  792.043530][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  792.902274][   T59] Bluetooth: hci4: command tx timeout
[  792.916928][ T1308] bond0 (unregistering): Released all slaves
[  792.949916][T12278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  794.368918][T12441] overlayfs: failed to resolve './file1': -2
[  794.505744][T12278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  794.532033][T12447] ALSA: mixer_oss: invalid OSS volume 'u'
[  794.913671][   T59] Bluetooth: hci4: command tx timeout
[  795.272314][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  795.342259][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  795.422645][ T5901] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  795.569503][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1788'.
[  795.686598][   T13] Bluetooth: (null): Invalid header checksum
[  795.686681][   T13] Bluetooth: (null): Invalid header checksum
[  796.683013][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  796.867626][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  796.992520][   T59] Bluetooth: hci4: command tx timeout
[  797.452600][T12278] team0: Port device team_slave_0 added
[  797.548593][T12278] team0: Port device team_slave_1 added
[  798.125959][T12421] lo speed is unknown, defaulting to 1000
[  798.153248][T12421] lo speed is unknown, defaulting to 1000
[  798.158436][T12278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  798.158451][T12278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  798.158485][T12278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  798.280316][T12278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  798.280333][T12278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  798.280360][T12278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  799.072792][   T59] Bluetooth: hci4: command tx timeout
[  799.778997][T12501] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1792'.
[  799.839524][T12278] hsr_slave_0: entered promiscuous mode
[  799.866269][T12502] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1792'.
[  799.877521][T12278] hsr_slave_1: entered promiscuous mode
[  799.889521][T12278] debugfs: 'hsr0' already exists in 'hsr'
[  799.895574][T12278] Cannot create hsr debugfs directory
[  800.977847][ T5901] usb 6-1: device descriptor read/all, error -110
[  801.331911][ T5901] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  802.794157][ T5879] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  803.089107][ T5879] usb 2-1: config 0 has an invalid interface number: 50 but max is 0
[  803.089135][ T5879] usb 2-1: config 0 has no interface number 0
[  803.104990][ T5879] usb 2-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  803.105018][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  803.105036][ T5879] usb 2-1: Product: syz
[  803.105049][ T5879] usb 2-1: Manufacturer: syz
[  803.105070][ T5879] usb 2-1: SerialNumber: syz
[  803.124476][ T5879] usb 2-1: config 0 descriptor??
[  803.160830][ T5879] ttusb_dec_send_command: command bulk message failed: error -22
[  803.161064][ T5879] ttusb-dec 2-1:0.50: probe with driver ttusb-dec failed with error -22
[  804.540280][ T1308] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.444987][T12553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1801'.
[  806.142071][T12554] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1802'.
[  806.562758][T12555] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1802'.
[  806.746842][ T5879] usb 2-1: USB disconnect, device number 15
[  808.856829][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  808.856898][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  810.329344][ T1308] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  811.417514][T12571] lo speed is unknown, defaulting to 1000
[  811.418940][T12571] lo speed is unknown, defaulting to 1000
[  811.463573][ T5801] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  811.520167][T12570] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  812.686184][ T1308] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.005768][ T1308] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.077372][T12421] chnl_net:caif_netlink_parms(): no params data found
[  814.654400][    C0] vkms_vblank_simulate: vblank timer overrun
[  814.692129][    C0] vkms_vblank_simulate: vblank timer overrun
[  816.152445][T12612] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1812'.
[  817.488563][    C0] vkms_vblank_simulate: vblank timer overrun
[  817.660798][    C0] vkms_vblank_simulate: vblank timer overrun
[  817.719747][T12615] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1813'.
[  817.777176][T12616] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1813'.
[  818.203233][    C0] vkms_vblank_simulate: vblank timer overrun
[  818.915173][    C0] vkms_vblank_simulate: vblank timer overrun
[  819.092741][T12421] bridge0: port 1(bridge_slave_0) entered blocking state
[  819.092886][T12421] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.093114][T12421] bridge_slave_0: entered allmulticast mode
[  819.095866][T12421] bridge_slave_0: entered promiscuous mode
[  819.162863][T12421] bridge0: port 2(bridge_slave_1) entered blocking state
[  819.162989][T12421] bridge0: port 2(bridge_slave_1) entered disabled state
[  819.163223][T12421] bridge_slave_1: entered allmulticast mode
[  819.175803][T12421] bridge_slave_1: entered promiscuous mode
[  821.505485][    C0] vkms_vblank_simulate: vblank timer overrun
[  821.539612][    C0] vkms_vblank_simulate: vblank timer overrun
[  821.702108][T12646] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1821'.
[  821.804989][    C0] vkms_vblank_simulate: vblank timer overrun
[  821.805488][   T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  822.006464][    C0] vkms_vblank_simulate: vblank timer overrun
[  822.083650][T12278] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  822.150212][    C0] vkms_vblank_simulate: vblank timer overrun
[  823.348145][    C0] vkms_vblank_simulate: vblank timer overrun
[  823.377597][    C0] vkms_vblank_simulate: vblank timer overrun
[  823.743655][T12421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  823.748744][T12278] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  823.914126][    C0] vkms_vblank_simulate: vblank timer overrun
[  824.170415][    C0] vkms_vblank_simulate: vblank timer overrun
[  824.540844][    C0] vkms_vblank_simulate: vblank timer overrun
[  824.559609][T12421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  824.590798][ T1308] pimreg0: left promiscuous mode
[  824.591223][ T1308] bridge0: port 2(pimreg0) entered disabled state
[  824.626132][T12562] udevd[12562]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  824.646828][T12662] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1824'.
[  824.675564][T12561] udevd[12561]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  824.704125][T12664] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1824'.
[  824.723795][ T1308] bridge_slave_0: left allmulticast mode
[  824.723824][ T1308] bridge_slave_0: left promiscuous mode
[  824.724054][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  825.192924][    C0] vkms_vblank_simulate: vblank timer overrun
[  829.925262][ T1308] dvmrp1 (unregistering): left allmulticast mode
[  830.694249][ T1308] team0: Port device geneve0 removed
[  831.118170][T11891] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  831.130678][T11891] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  831.136351][T11891] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  831.143714][T11891] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  831.145097][T11891] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  831.523085][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  831.587440][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  831.604587][ T1308] bond0 (unregistering): Released all slaves
[  831.643950][T12278] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  832.615139][T12421] team0: Port device team_slave_0 added
[  833.483435][   T59] Bluetooth: hci2: command tx timeout
[  833.631768][T12421] team0: Port device team_slave_1 added
[  835.761330][T12713] siw: device registration error -23
[  835.931455][   T59] Bluetooth: hci2: command tx timeout
[  836.565257][    C0] vkms_vblank_simulate: vblank timer overrun
[  837.647867][    C0] vkms_vblank_simulate: vblank timer overrun
[  837.698529][    C0] vkms_vblank_simulate: vblank timer overrun
[  837.890883][T12736] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1840'.
[  837.958126][   T59] Bluetooth: hci2: command tx timeout
[  838.000028][T12737] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1840'.
[  838.004922][    C0] vkms_vblank_simulate: vblank timer overrun
[  838.256500][T12421] batman_adv: batadv0: Adding interface: batadv_slave_0
[  838.256513][T12421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.256527][T12421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  838.263133][T12688] lo speed is unknown, defaulting to 1000
[  838.266695][T12421] batman_adv: batadv0: Adding interface: batadv_slave_1
[  838.266709][T12421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.266734][T12421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  838.280290][T12688] lo speed is unknown, defaulting to 1000
[  838.522741][    C0] vkms_vblank_simulate: vblank timer overrun
[  838.908546][    C0] vkms_vblank_simulate: vblank timer overrun
[  839.063270][    C0] vkms_vblank_simulate: vblank timer overrun
[  839.541871][    C0] vkms_vblank_simulate: vblank timer overrun
[  840.032940][   T59] Bluetooth: hci2: command tx timeout
[  840.170071][T12421] hsr_slave_0: entered promiscuous mode
[  840.202927][T12421] hsr_slave_1: entered promiscuous mode
[  840.203922][T12421] debugfs: 'hsr0' already exists in 'hsr'
[  840.203946][T12421] Cannot create hsr debugfs directory
[  840.413820][    C0] vkms_vblank_simulate: vblank timer overrun
[  843.885776][T12774] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1849'.
[  843.978404][T12775] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1849'.
[  844.673141][    C0] vkms_vblank_simulate: vblank timer overrun
[  844.948644][    C0] vkms_vblank_simulate: vblank timer overrun
[  845.391583][    C0] vkms_vblank_simulate: vblank timer overrun
[  845.767571][    C0] vkms_vblank_simulate: vblank timer overrun
[  845.975649][    C0] vkms_vblank_simulate: vblank timer overrun
[  846.235489][T12802] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1853'.
[  846.541106][    C0] vkms_vblank_simulate: vblank timer overrun
[  850.070621][T12817] overlayfs: failed to resolve './file0': -2
[  850.624883][T12837] siw: device registration error -23
[  851.431163][ T1308] hsr_slave_0: left promiscuous mode
[  851.494456][ T1308] hsr_slave_1: left promiscuous mode
[  851.495323][ T1308] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  851.495346][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  852.568420][ T1308] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  852.568449][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  852.694811][    C1] vkms_vblank_simulate: vblank timer overrun
[  852.798605][T11891] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  852.815400][T11891] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  852.822192][T11891] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  852.831012][T11891] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  852.832012][T11891] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  852.895629][    C1] vkms_vblank_simulate: vblank timer overrun
[  852.951724][ T1308] veth1_macvtap: left promiscuous mode
[  852.951851][ T1308] veth0_macvtap: left promiscuous mode
[  852.952117][ T1308] veth1_vlan: left promiscuous mode
[  852.952298][ T1308] veth0_vlan: left promiscuous mode
[  853.385268][    C1] vkms_vblank_simulate: vblank timer overrun
[  855.617493][T11891] Bluetooth: hci0: command tx timeout
[  856.312650][T12873] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1866'.
[  857.635786][T11891] Bluetooth: hci0: command tx timeout
[  858.373040][T12879] netlink: 'syz.2.1868': attribute type 10 has an invalid length.
[  858.373064][T12879] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1868'.
[  859.513391][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  859.712653][T11891] Bluetooth: hci0: command tx timeout
[  859.734694][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  861.792541][T11891] Bluetooth: hci0: command tx timeout
[  862.477446][T12688] chnl_net:caif_netlink_parms(): no params data found
[  862.497790][ T5978] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  862.672511][ T5978] usb 2-1: Using ep0 maxpacket: 8
[  862.677201][ T5978] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  862.677227][ T5978] usb 2-1: config 0 has no interface number 0
[  862.677285][ T5978] usb 2-1: config 0 interface 200 has no altsetting 0
[  862.720206][ T5978] usb 2-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  862.720236][ T5978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  862.720255][ T5978] usb 2-1: Product: syz
[  862.720268][ T5978] usb 2-1: Manufacturer: syz
[  862.720282][ T5978] usb 2-1: SerialNumber: syz
[  862.766352][ T5978] usb 2-1: config 0 descriptor??
[  862.843815][T12850] lo speed is unknown, defaulting to 1000
[  862.860261][T12850] lo speed is unknown, defaulting to 1000
[  864.479586][T12688] bridge0: port 1(bridge_slave_0) entered blocking state
[  864.479867][T12688] bridge0: port 1(bridge_slave_0) entered disabled state
[  864.480195][T12688] bridge_slave_0: entered allmulticast mode
[  864.515125][T12688] bridge_slave_0: entered promiscuous mode
[  864.549123][T12688] bridge0: port 2(bridge_slave_1) entered blocking state
[  864.549285][T12688] bridge0: port 2(bridge_slave_1) entered disabled state
[  864.549485][T12688] bridge_slave_1: entered allmulticast mode
[  864.553792][T12688] bridge_slave_1: entered promiscuous mode
[  865.051361][T12688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  865.170633][T12688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  865.368220][ T5978] usbhid 2-1:0.200: couldn't find an input interrupt endpoint
[  865.413649][ T5978] usb 2-1: USB disconnect, device number 16
[  866.507561][T12688] team0: Port device team_slave_0 added
[  866.530632][T12688] team0: Port device team_slave_1 added
[  868.150053][T12938] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1875'.
[  868.382619][T12688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  868.382637][T12688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  868.382664][T12688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  868.437232][T12688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  868.437249][T12688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  868.437275][T12688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  868.593961][T12945] netlink: 'syz.2.1879': attribute type 10 has an invalid length.
[  868.593982][T12945] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1879'.
[  870.131119][T12956] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1880'.
[  870.199740][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  870.199812][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  870.257228][T12962] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1883'.
[  870.320311][T12963] Bluetooth: MGMT ver 1.23
[  870.708974][T12688] hsr_slave_0: entered promiscuous mode
[  870.717557][T12688] hsr_slave_1: entered promiscuous mode
[  870.718454][T12688] debugfs: 'hsr0' already exists in 'hsr'
[  870.718478][T12688] Cannot create hsr debugfs directory
[  871.117360][T12884] udevd[12884]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  871.334096][T12850] chnl_net:caif_netlink_parms(): no params data found
[  875.243562][T13020] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1890'.
[  877.902557][T13032] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1894'.
[  878.151409][T12850] bridge0: port 1(bridge_slave_0) entered blocking state
[  878.151560][T12850] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.151840][T12850] bridge_slave_0: entered allmulticast mode
[  878.176818][T12850] bridge_slave_0: entered promiscuous mode
[  878.449121][T12850] bridge0: port 2(bridge_slave_1) entered blocking state
[  878.449258][T12850] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.449459][T12850] bridge_slave_1: entered allmulticast mode
[  878.478685][T12850] bridge_slave_1: entered promiscuous mode
[  879.536149][T13057] siw: device registration error -23
[  880.451520][T13029] udevd[13029]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  880.539020][    C0] vkms_vblank_simulate: vblank timer overrun
[  880.849059][    C0] vkms_vblank_simulate: vblank timer overrun
[  881.318479][    C0] vkms_vblank_simulate: vblank timer overrun
[  881.484929][    C0] vkms_vblank_simulate: vblank timer overrun
[  881.785736][    C0] vkms_vblank_simulate: vblank timer overrun
[  881.886390][T12850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  881.954876][T12850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  882.181190][    C0] vkms_vblank_simulate: vblank timer overrun
[  882.333872][    C0] vkms_vblank_simulate: vblank timer overrun
[  882.834421][    C0] vkms_vblank_simulate: vblank timer overrun
[  883.727360][T12850] team0: Port device team_slave_0 added
[  883.820222][T12850] team0: Port device team_slave_1 added
[  884.031509][ T1308] bridge_slave_1: left allmulticast mode
[  884.031541][ T1308] bridge_slave_1: left promiscuous mode
[  884.031806][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[  884.717522][ T1308] bridge_slave_0: left allmulticast mode
[  884.722497][ T1308] bridge_slave_0: left promiscuous mode
[  884.744382][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  885.039140][T13106] overlayfs: failed to resolve './file0': -2
[  885.046603][ T1308] bridge_slave_1: left allmulticast mode
[  885.046630][ T1308] bridge_slave_1: left promiscuous mode
[  885.046881][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[  885.739547][ T1308] bridge_slave_0: left allmulticast mode
[  885.751125][ T1308] bridge_slave_0: left promiscuous mode
[  885.757469][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  888.234789][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  888.333527][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  888.396493][ T1308] bond0 (unregistering): Released all slaves
[  888.915286][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  889.003491][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  889.084519][ T1308] bond0 (unregistering): Released all slaves
[  890.449195][T13142] overlayfs: failed to resolve './file1': -2
[  890.493298][T12850] batman_adv: batadv0: Adding interface: batadv_slave_0
[  890.493315][T12850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  890.493341][T12850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  890.559820][T12850] batman_adv: batadv0: Adding interface: batadv_slave_1
[  890.559836][T12850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  890.559862][T12850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  890.782574][ T1308] hsr_slave_0: left promiscuous mode
[  891.368892][ T1308] hsr_slave_1: left promiscuous mode
[  892.088995][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  893.017085][T13154] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1918'.
[  893.430775][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  893.758640][T13162] udevd[13162]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  893.819122][T13146] udevd[13146]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  893.863549][   T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  893.883622][   T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  893.885486][   T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  893.886797][   T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  893.887641][   T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  894.088105][ T1308] hsr_slave_0: left promiscuous mode
[  894.177966][ T1308] hsr_slave_1: left promiscuous mode
[  894.179836][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  894.213668][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  895.952847][   T59] Bluetooth: hci4: command tx timeout
[  896.121696][T13187] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1925'.
[  896.724087][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  896.905118][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  898.662369][   T59] Bluetooth: hci4: command tx timeout
[  899.055150][T13201] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1929'.
[  899.540260][T13205] udevd[13205]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  899.581541][T13204] udevd[13204]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  900.023288][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  900.678990][   T59] Bluetooth: hci4: command tx timeout
[  901.146333][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  902.967195][   T59] Bluetooth: hci4: command tx timeout
[  904.370040][T13234] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1935'.
[  907.308205][T12850] hsr_slave_0: entered promiscuous mode
[  907.309585][T12850] hsr_slave_1: entered promiscuous mode
[  907.322945][T12850] debugfs: 'hsr0' already exists in 'hsr'
[  907.322971][T12850] Cannot create hsr debugfs directory
[  907.611214][T13270] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1938'.
[  908.785850][T13278] udevd[13278]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  908.924105][T13278] udevd[13278]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  913.560651][T13323] netlink: 'syz.1.1944': attribute type 10 has an invalid length.
[  913.560674][T13323] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1944'.
[  913.637525][T13324] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1944'.
[  913.681050][T13171] lo speed is unknown, defaulting to 1000
[  913.721029][T13171] lo speed is unknown, defaulting to 1000
[  916.229713][T13349] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  917.044517][T11891] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  917.597853][T11891] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  917.611480][T11891] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  917.613540][T11891] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  917.614325][T11891] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  919.772833][T13171] chnl_net:caif_netlink_parms(): no params data found
[  919.801373][T11891] Bluetooth: hci6: command tx timeout
[  921.909052][T13384] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  921.992468][T11891] Bluetooth: hci6: command tx timeout
[  922.439261][T13356] lo speed is unknown, defaulting to 1000
[  922.982752][T13356] lo speed is unknown, defaulting to 1000
[  923.573862][T13406] siw: device registration error -23
[  924.032538][   T59] Bluetooth: hci6: command tx timeout
[  924.295775][    C0] vkms_vblank_simulate: vblank timer overrun
[  924.506709][    C0] vkms_vblank_simulate: vblank timer overrun
[  924.971279][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.301440][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.669889][    C0] vkms_vblank_simulate: vblank timer overrun
[  926.139942][    C0] vkms_vblank_simulate: vblank timer overrun
[  926.141280][   T59] Bluetooth: hci6: command tx timeout
[  926.358096][    C0] vkms_vblank_simulate: vblank timer overrun
[  926.448618][    C0] vkms_vblank_simulate: vblank timer overrun
[  926.849875][    C0] vkms_vblank_simulate: vblank timer overrun
[  927.247147][    C0] vkms_vblank_simulate: vblank timer overrun
[  927.504398][ T1308] bridge_slave_1: left allmulticast mode
[  927.504426][ T1308] bridge_slave_1: left promiscuous mode
[  927.504598][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[  927.773393][ T1308] bridge_slave_0: left allmulticast mode
[  927.773413][ T1308] bridge_slave_0: left promiscuous mode
[  927.773574][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  927.868810][ T1308] bridge_slave_1: left allmulticast mode
[  927.868830][ T1308] bridge_slave_1: left promiscuous mode
[  927.868985][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[  927.945436][ T1308] bridge_slave_0: left allmulticast mode
[  927.945466][ T1308] bridge_slave_0: left promiscuous mode
[  927.945730][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[  928.924097][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  930.118840][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  930.481510][    C1] vkms_vblank_simulate: vblank timer overrun
[  931.176410][    C1] vkms_vblank_simulate: vblank timer overrun
[  931.271054][ T1308] bond0 (unregistering): Released all slaves
[  931.652974][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  931.653619][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  932.333286][    C1] vkms_vblank_simulate: vblank timer overrun
[  933.423401][    C1] vkms_vblank_simulate: vblank timer overrun
[  933.890105][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  933.980475][T13475] overlayfs: failed to resolve './file0': -2
[  934.007804][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  935.193165][ T1308] bond0 (unregistering): Released all slaves
[  936.262967][T13171] bridge0: port 1(bridge_slave_0) entered blocking state
[  936.263069][T13171] bridge0: port 1(bridge_slave_0) entered disabled state
[  936.263241][T13171] bridge_slave_0: entered allmulticast mode
[  936.269044][T13171] bridge_slave_0: entered promiscuous mode
[  936.680106][T13171] bridge0: port 2(bridge_slave_1) entered blocking state
[  936.681789][T13171] bridge0: port 2(bridge_slave_1) entered disabled state
[  936.682012][T13171] bridge_slave_1: entered allmulticast mode
[  936.690128][T13171] bridge_slave_1: entered promiscuous mode
[  941.341248][T13171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  942.182470][ T1308] hsr_slave_0: left promiscuous mode
[  942.282453][ T1308] hsr_slave_1: left promiscuous mode
[  942.283329][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  942.330145][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  942.431800][ T1308] hsr_slave_0: left promiscuous mode
[  942.496238][ T1308] hsr_slave_1: left promiscuous mode
[  942.496932][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  942.549090][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  943.638363][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  943.763277][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  944.573966][ T1308] team0 (unregistering): Port device team_slave_1 removed
[  944.703334][ T1308] team0 (unregistering): Port device team_slave_0 removed
[  945.342889][T13570] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1991'.
[  945.568207][T13539] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1985'.
[  945.670382][T13171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  946.296224][T12694] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  946.679168][T12694] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  946.679226][T12694] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  946.679268][T12694] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  946.679291][T12694] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  947.574347][T12694] usb 2-1: config 0 descriptor??
[  947.596249][T12694] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  947.666058][T13577] udevd[13577]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  947.729918][T13574] udevd[13574]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  949.255066][T13171] team0: Port device team_slave_0 added
[  949.258205][T13171] team0: Port device team_slave_1 added
[  952.735717][T13606] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.1998'.
[  952.796779][T13171] batman_adv: batadv0: Adding interface: batadv_slave_0
[  952.796796][T13171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  952.796821][T13171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  952.852588][T13171] batman_adv: batadv0: Adding interface: batadv_slave_1
[  952.852606][T13171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  952.852633][T13171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  953.452037][T13356] chnl_net:caif_netlink_parms(): no params data found
[  953.810087][T13626] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2000'.
[  954.770436][T13582] usb 2-1: USB disconnect, device number 17
[  954.785190][T13642] netlink: 'syz.2.2003': attribute type 10 has an invalid length.
[  954.785212][T13642] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2003'.
[  956.030692][T13644] overlayfs: failed to resolve './file0': -2
[  956.119665][T11891] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  956.144450][T11891] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  956.190992][T11891] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  956.205286][T11891] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  956.206631][T11891] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  956.266787][T13638] udevd[13638]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  957.721286][T13356] bridge0: port 1(bridge_slave_0) entered blocking state
[  957.721419][T13356] bridge0: port 1(bridge_slave_0) entered disabled state
[  957.721984][T13356] bridge_slave_0: entered allmulticast mode
[  957.826333][T13356] bridge_slave_0: entered promiscuous mode
[  958.272540][   T59] Bluetooth: hci0: command tx timeout
[  958.373166][T13582] usb 6-1: new low-speed USB device number 8 using dummy_hcd
[  958.625579][T13582] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  958.628374][T13582] usb 6-1: config 0 has no interface number 0
[  958.890746][T13582] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  958.890781][T13582] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  958.890823][T13582] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  958.890844][T13582] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  958.947416][T13582] usb 6-1: config 0 descriptor??
[  958.963926][T13692] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  959.005084][T13356] bridge0: port 2(bridge_slave_1) entered blocking state
[  959.005212][T13356] bridge0: port 2(bridge_slave_1) entered disabled state
[  959.005568][T13356] bridge_slave_1: entered allmulticast mode
[  959.036880][T13356] bridge_slave_1: entered promiscuous mode
[  959.070510][T13696] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2008'.
[  959.119843][T13582] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  959.196180][    C0] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  959.196262][    T9] usb 6-1: USB disconnect, device number 8
[  959.432895][    T9] ==================================================================
[  959.432910][    T9] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130
[  959.433028][    T9] Read of size 8 at addr ffffc9000e58c008 by task kworker/0:0/9
[  959.433040][    T9] 
[  959.433056][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  959.433073][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  959.433088][    T9] Workqueue: usb_hub_wq hub_event
[  959.433193][    T9] Call Trace:
[  959.433203][    T9]  <TASK>
[  959.433211][    T9]  dump_stack_lvl+0x189/0x250
[  959.433250][    T9]  ? __pfx_dump_stack_lvl+0x10/0x10
[  959.433263][    T9]  ? __pfx__printk+0x10/0x10
[  959.433285][    T9]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  959.433380][    T9]  ? __virt_addr_valid+0xdc/0x5c0
[  959.433411][    T9]  ? __virt_addr_valid+0xdc/0x5c0
[  959.433427][    T9]  print_report+0xca/0x240
[  959.433447][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  959.433471][    T9]  kasan_report+0x118/0x150
[  959.433512][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  959.433534][    T9]  __list_add_valid_or_report+0x4e/0x130
[  959.433554][    T9]  kcov_remote_stop+0x52d/0x660
[  959.433589][    T9]  hub_event+0x45d2/0x4a20
[  959.433605][    T9]  ? cpuacct_charge+0x117/0x320
[  959.433639][    T9]  ? do_raw_spin_lock+0x121/0x290
[  959.433660][    T9]  ? register_lock_class+0x51/0x320
[  959.433687][    T9]  ? __pfx_hub_event+0x10/0x10
[  959.433704][    T9]  ? process_scheduled_works+0x9ef/0x17b0
[  959.433734][    T9]  ? _raw_spin_unlock_irq+0x23/0x50
[  959.433749][    T9]  ? process_scheduled_works+0x9ef/0x17b0
[  959.433768][    T9]  ? process_scheduled_works+0x9ef/0x17b0
[  959.433788][    T9]  process_scheduled_works+0xae1/0x17b0
[  959.433818][    T9]  ? __pfx_process_scheduled_works+0x10/0x10
[  959.433844][    T9]  worker_thread+0x8a0/0xda0
[  959.433874][    T9]  kthread+0x711/0x8a0
[  959.433890][    T9]  ? __pfx_worker_thread+0x10/0x10
[  959.433909][    T9]  ? __pfx_kthread+0x10/0x10
[  959.433923][    T9]  ? rt_spin_unlock+0x150/0x200
[  959.433944][    T9]  ? rt_spin_unlock+0x161/0x200
[  959.433963][    T9]  ? __pfx_kthread+0x10/0x10
[  959.433977][    T9]  ret_from_fork+0x439/0x7d0
[  959.434002][    T9]  ? __pfx_ret_from_fork+0x10/0x10
[  959.434024][    T9]  ? __switch_to_asm+0x39/0x70
[  959.434039][    T9]  ? __switch_to_asm+0x33/0x70
[  959.434054][    T9]  ? __pfx_kthread+0x10/0x10
[  959.434069][    T9]  ret_from_fork_asm+0x1a/0x30
[  959.434090][    T9]  </TASK>
[  959.434096][    T9] 
[  959.434099][    T9] The buggy address belongs to a vmalloc virtual mapping
[  959.434114][    T9] Memory state around the buggy address:
[  959.434122][    T9]  ffffc9000e58bf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  959.434132][    T9]  ffffc9000e58bf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  959.434142][    T9] >ffffc9000e58c000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  959.434150][    T9]                       ^
[  959.434158][    T9]  ffffc9000e58c080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  959.434167][    T9]  ffffc9000e58c100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  959.434175][    T9] ==================================================================
[  959.434192][    T9] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  959.434208][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  959.434229][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  959.434241][    T9] Workqueue: usb_hub_wq hub_event
[  959.434262][    T9] Call Trace:
[  959.434269][    T9]  <TASK>
[  959.434274][    T9]  dump_stack_lvl+0x99/0x250
[  959.434288][    T9]  ? __asan_memcpy+0x40/0x70
[  959.434303][    T9]  ? __pfx_dump_stack_lvl+0x10/0x10
[  959.434316][    T9]  ? __pfx__printk+0x10/0x10
[  959.434338][    T9]  vpanic+0x281/0x750
[  959.434352][    T9]  ? __pfx_print_hex_dump+0x10/0x10
[  959.434373][    T9]  ? __pfx_vpanic+0x10/0x10
[  959.434388][    T9]  ? irqentry_exit+0x74/0x90
[  959.434430][    T9]  ? lockdep_hardirqs_on+0x9c/0x150
[  959.434447][    T9]  panic+0xb9/0xc0
[  959.434466][    T9]  ? __pfx_panic+0x10/0x10
[  959.434481][    T9]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  959.434498][    T9]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  959.434516][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  959.434534][    T9]  check_panic_on_warn+0x89/0xb0
[  959.434551][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  959.434570][    T9]  end_report+0x78/0x160
[  959.434587][    T9]  kasan_report+0x129/0x150
[  959.434606][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  959.434628][    T9]  __list_add_valid_or_report+0x4e/0x130
[  959.434648][    T9]  kcov_remote_stop+0x52d/0x660
[  959.434670][    T9]  hub_event+0x45d2/0x4a20
[  959.434687][    T9]  ? cpuacct_charge+0x117/0x320
[  959.434712][    T9]  ? do_raw_spin_lock+0x121/0x290
[  959.434732][    T9]  ? register_lock_class+0x51/0x320
[  959.434758][    T9]  ? __pfx_hub_event+0x10/0x10
[  959.434776][    T9]  ? process_scheduled_works+0x9ef/0x17b0
[  959.434797][    T9]  ? _raw_spin_unlock_irq+0x23/0x50
[  959.434812][    T9]  ? process_scheduled_works+0x9ef/0x17b0
[  959.434831][    T9]  ? process_scheduled_works+0x9ef/0x17b0
[  959.434851][    T9]  process_scheduled_works+0xae1/0x17b0
[  959.434881][    T9]  ? __pfx_process_scheduled_works+0x10/0x10
[  959.434907][    T9]  worker_thread+0x8a0/0xda0
[  959.434936][    T9]  kthread+0x711/0x8a0
[  959.434951][    T9]  ? __pfx_worker_thread+0x10/0x10
[  959.434971][    T9]  ? __pfx_kthread+0x10/0x10
[  959.434984][    T9]  ? rt_spin_unlock+0x150/0x200
[  959.435005][    T9]  ? rt_spin_unlock+0x161/0x200
[  959.435023][    T9]  ? __pfx_kthread+0x10/0x10
[  959.435038][    T9]  ret_from_fork+0x439/0x7d0
[  959.435058][    T9]  ? __pfx_ret_from_fork+0x10/0x10
[  959.435080][    T9]  ? __switch_to_asm+0x39/0x70
[  959.435095][    T9]  ? __switch_to_asm+0x33/0x70
[  959.435110][    T9]  ? __pfx_kthread+0x10/0x10
[  959.435125][    T9]  ret_from_fork_asm+0x1a/0x30
[  959.435146][    T9]  </TASK>
[  959.435396][    T9] Kernel Offset: disabled