last executing test programs:

7m44.724104653s ago: executing program 0 (id=1296):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet(0x2, 0x3, 0x9)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r4, 0x0, 0x0)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

7m42.187864161s ago: executing program 0 (id=1316):
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x181100, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket(0x10, 0x2, 0x0)
fsopen(&(0x7f0000000200)='iso9660\x00', 0x0)

7m40.991760271s ago: executing program 0 (id=1320):
syz_open_dev$vcsa(&(0x7f0000000380), 0x7b95b611, 0x802)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000f000f00"}}}]}, 0x48}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000200)='net/ip_tables_targets\x00')
select(0x40, &(0x7f0000000580)={0xf, 0x6, 0x6, 0x8, 0x3ff, 0x1, 0xfff, 0xac}, 0x0, 0x0, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCFLSH(r3, 0x5608, 0x0)

7m33.845069265s ago: executing program 0 (id=1356):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x181041, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000fc0)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})

7m33.42132296s ago: executing program 0 (id=1358):
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\t\x00', 0x8, 0x3a, 0x1, @remote={0xfe, 0x7}, @mcast2, {[], @echo_request={0x80, 0x0, 0x0, 0x80, 0x2}}}}}}, 0x0)
timer_create(0x1, 0x0, &(0x7f0000000000))
inotify_init()
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xfffffffffffffffe)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x4c840)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=@newtfilter={0x74, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {0x0, 0xfff3}, {0xd, 0x4}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_EMATCHES={0x38, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x28, 0x1, 0x0, 0x0, {{0xfff9, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x1}, {0x0, 0xc0, 0x2}}}, @TCA_EM_META_LVALUE={0x5, 0x2, [@TCF_META_TYPE_VAR="e1"]}, @TCA_EM_META_RVALUE={0x5, 0x3, [@TCF_META_TYPE_VAR="cf"]}]}}]}]}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x24}}]}, 0x74}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r5, &(0x7f0000001b80)=[{&(0x7f0000000100)=""/27, 0x1b}], 0x1, 0x60, 0x2732bd8c)

7m30.665142152s ago: executing program 0 (id=1363):
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x2, 0xffffffffe5100f4e, 0xd, 0xe000, 0x10, 0x5, 0x0, 0x0, 0x1, 0x5}}, 0x84)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x1000000)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_emit_ethernet(0x46, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd67001b0100103afffc011000000000000000000000000000ff02000000000000000000000000000186009061ff02070001000000f6ffffff21670aeff41cebef89"], 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newlink={0x28, 0x10, 0x1, 0x70bd2b, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
getsockopt$IP_VS_SO_GET_DESTS(r4, 0x0, 0x484, &(0x7f0000000240)=""/137, &(0x7f0000000300)=0x89)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0xc1205531, &(0x7f0000002680)=""/4078)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000980)={0x1, 0x0, @ioapic={0xfee00, 0x296a, 0x4, 0x3, 0x0, [{0x98, 0x37, 0x81, '\x00', 0x7f}, {0x41, 0x8, 0x30, '\x00', 0xf5}, {0xe9, 0x1, 0x9, '\x00', 0x11}, {0x7, 0x9, 0x3, '\x00', 0x8f}, {0x3, 0x7f, 0x91, '\x00', 0xa}, {0xf, 0xe3, 0x8, '\x00', 0xaa}, {0x6, 0x8, 0x6, '\x00', 0x8}, {0x1, 0x3, 0x8, '\x00', 0x67}, {0x2, 0x7, 0xa, '\x00', 0x8}, {0x8, 0x2, 0x13, '\x00', 0x9f}, {0xf, 0x8, 0x6, '\x00', 0x3}, {0x2, 0x4c, 0x3, '\x00', 0xa}, {0x1e, 0x6, 0x3, '\x00', 0xa6}, {0x8, 0x0, 0x8, '\x00', 0x9}, {0x2, 0x4c, 0xa2, '\x00', 0x1}, {0x8, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0xa0, 0x47, '\x00', 0x4}, {0x7, 0x3, 0x2, '\x00', 0xa7}, {0x5, 0x0, 0xf, '\x00', 0x7}, {0x5e, 0xa, 0xa}, {0x7f, 0x6, 0x7, '\x00', 0x4}, {0x93, 0x44, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x20, '\x00', 0xfc}, {0x6, 0xc, 0xc6, '\x00', 0x8}]}})
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = dup(r5)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="d4", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4a1d, 0x7ffffffd, @local, 0x4}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000140)={0xd, 0xffff, 0x1, 0xaa5, 0x0, [0x4, 0x51, 0x3, 0x5]})
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet6_int(r9, 0x29, 0x38, 0x0, &(0x7f0000000100))
ioctl$USBDEVFS_SETINTERFACE(r8, 0x80085504, &(0x7f0000000000)={0x80000, 0x1})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f00000000c0)=0x7)

7m14.903019402s ago: executing program 32 (id=1363):
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x2, 0xffffffffe5100f4e, 0xd, 0xe000, 0x10, 0x5, 0x0, 0x0, 0x1, 0x5}}, 0x84)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x1000000)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_emit_ethernet(0x46, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd67001b0100103afffc011000000000000000000000000000ff02000000000000000000000000000186009061ff02070001000000f6ffffff21670aeff41cebef89"], 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newlink={0x28, 0x10, 0x1, 0x70bd2b, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
getsockopt$IP_VS_SO_GET_DESTS(r4, 0x0, 0x484, &(0x7f0000000240)=""/137, &(0x7f0000000300)=0x89)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0xc1205531, &(0x7f0000002680)=""/4078)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000980)={0x1, 0x0, @ioapic={0xfee00, 0x296a, 0x4, 0x3, 0x0, [{0x98, 0x37, 0x81, '\x00', 0x7f}, {0x41, 0x8, 0x30, '\x00', 0xf5}, {0xe9, 0x1, 0x9, '\x00', 0x11}, {0x7, 0x9, 0x3, '\x00', 0x8f}, {0x3, 0x7f, 0x91, '\x00', 0xa}, {0xf, 0xe3, 0x8, '\x00', 0xaa}, {0x6, 0x8, 0x6, '\x00', 0x8}, {0x1, 0x3, 0x8, '\x00', 0x67}, {0x2, 0x7, 0xa, '\x00', 0x8}, {0x8, 0x2, 0x13, '\x00', 0x9f}, {0xf, 0x8, 0x6, '\x00', 0x3}, {0x2, 0x4c, 0x3, '\x00', 0xa}, {0x1e, 0x6, 0x3, '\x00', 0xa6}, {0x8, 0x0, 0x8, '\x00', 0x9}, {0x2, 0x4c, 0xa2, '\x00', 0x1}, {0x8, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0xa0, 0x47, '\x00', 0x4}, {0x7, 0x3, 0x2, '\x00', 0xa7}, {0x5, 0x0, 0xf, '\x00', 0x7}, {0x5e, 0xa, 0xa}, {0x7f, 0x6, 0x7, '\x00', 0x4}, {0x93, 0x44, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x20, '\x00', 0xfc}, {0x6, 0xc, 0xc6, '\x00', 0x8}]}})
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = dup(r5)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="d4", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4a1d, 0x7ffffffd, @local, 0x4}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000140)={0xd, 0xffff, 0x1, 0xaa5, 0x0, [0x4, 0x51, 0x3, 0x5]})
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet6_int(r9, 0x29, 0x38, 0x0, &(0x7f0000000100))
ioctl$USBDEVFS_SETINTERFACE(r8, 0x80085504, &(0x7f0000000000)={0x80000, 0x1})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f00000000c0)=0x7)

20.316832051s ago: executing program 4 (id=2809):
syz_open_dev$video4linux(&(0x7f0000000000), 0xf, 0x101800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x34}}, 0x20002000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="667d0f38c573ababc76fb4360fc9bb25cc00007666f303c70fae6e2fc0c00f0f2367260f01ca660f38817700c4c2459d78ad", 0x32}], 0x1, 0x51, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x503, 0x70bd27, 0x20000, {0x0, 0x0, 0x0, 0x0, 0x1d961}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @private=0xa010100}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x7}]}, 0x40}}, 0x4080)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fdd000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
syz_usb_connect(0x3, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000000)={0x80000000})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0xb, 0x6, 0xff}, 0x3a, [0x8000, 0x80000000, 0xf, 0x8, 0x80, 0x2, 0x318, 0x10007f, 0x20000006, 0x4d, 0x6, 0x3, 0x9, 0x2, 0xffff2d34, 0xffffff01, 0x6, 0x3, 0xfffffffc, 0x5, 0x4, 0x2, 0x7, 0xbc5b, 0x80000001, 0x25, 0x11, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x2, 0x8, 0x0, 0x3, 0xe, 0x8, 0x8000806e, 0x7, 0x17, 0x1, 0x7, 0x200, 0x3e, 0x7fffffff, 0x6, 0x6, 0x2, 0x9, 0x4, 0x8, 0x400, 0x80, 0x1, 0x5, 0x6, 0x8, 0x6, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x9, 0x5, 0xfffffff7, 0x129432e6, 0xc8, 0xf9, 0xe, 0x7, 0x6c7, 0xfffff001, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x7, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x0, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8020, 0x1, 0x5, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x43, 0x103], [0x7, 0xa, 0x4, 0x5, 0xfffffffe, 0x100, 0xf94, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x6, 0x5, 0x0, 0x3, 0x5, 0x1, 0x486, 0x3, 0x303c, 0x3e7, 0x4, 0x5, 0x2002, 0x2, 0x3, 0x20000008, 0x2, 0x6d04, 0x6, 0x38, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xc2, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x1000000a, 0x9, 0x5, 0x1c, 0x120000, 0x3, 0x7f, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x69d9, 0xb, 0x5, 0x4, 0x6, 0x1000006, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x4, 0xb54, 0x101, 0x10000, 0x4, 0x7fff, 0x14000, 0x7f, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x96, 0xffffffff, 0x80000000, 0x0, 0x4, 0xc8, 0x1, 0xfffff000, 0x10080, 0x3, 0x7e, 0x100, 0x1000, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x7fffffff, 0x1, 0x98, 0xa1f, 0xf40, 0x2, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x7]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x800c42, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000002500010325bd7000fcffffff110000000800030047"], 0x1c}, 0x1, 0x0, 0x0, 0x2004c0d3}, 0x200040c4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)

19.853952937s ago: executing program 4 (id=2812):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x1, 0x7ffffffe, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000680)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1241, 0xf767, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0xa0, 0x5, "", [{{0x9, 0x4, 0x0, 0x80, 0x1, 0x3, 0x1, 0x1, 0x3, {0x9, 0x21, 0x4, 0x58, 0x1, {0x22, 0xdc8}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0x0, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7, 0x8, 0x2}}]}}}]}}]}}, &(0x7f0000000b40)={0xa, &(0x7f00000006c0)={0xa, 0x6, 0x110, 0x0, 0x7, 0x8, 0xff, 0x2}, 0x134, &(0x7f0000000700)={0x5, 0xf, 0x134, 0x5, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "995e1ebe8016cd7ed6e3224e0589876c"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x0, 0x3, 0x101}, @generic={0xf2, 0x10, 0xb, "5fb1a2affbe567f159475f6d8aa6250858002db133dccd6ec20b490b536a994496d44546bc2c8db273c1ed5a8dc6ed59b5f48505f53540fcb224222a715ba22f1c321d08567dd1c68426e4e8083b4838dfa23b69a62cb6cc8fdaf55735569dcea2e1aad47b281acc2633b65d357289f5ff80b55920f3f0e07e77b0d4ebdc44d329c7af1dfd3b801ca057750789f15b2f2c5c40837bf26e1de8b9e07f45256a8058c4bffedab16568d838cf857fb2fbfd4c02863cec6d978eec6c60fcc9fb33579c39424a1759235d6688ed1db62614ee5f74f61ca59e8f9bc82099dd12e59966813a18a5dadf9a8521e2c7e858d9dc"}, @ssp_cap={0x1c, 0x10, 0xa, 0xc, 0x4, 0xa0a7, 0xf00, 0x9, [0x0, 0x1fe3f00, 0x3f, 0x3f00]}]}, 0x6, [{0xca, &(0x7f0000000c00)=ANY=[@ANYBLOB="ca038d9bca7d0f231cd4d4b1f07576d17c0dd8734ef560a8bec875d4457aa1929af894c8f0bb9648653b0751dbca9a27eae6fac586f2930485e25cc7592a140d8a2b4d514167c3c0a15f092503ba9693e66488dd437172da985716bed7c3ee6c4fffe649037a273207e036f284ff3fdad6fddfc3c56d9a0b7df5ef29f343a6c5837343fd44339fbc8ef23d3652dbc6f7e7b806b30291de243dc3b5e331395e26b476d392528c96d854bc1158f1f7f60d7c8db02c5f2f0afaaf0c9fcf10d191365269efc19fb4eb083c2193996eeafc4580aa9efbd2ac2af562c86d289b79b8"]}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x458}}, {0x4, &(0x7f0000000980)=@lang_id={0x4}}, {0x21, &(0x7f0000000bc0)=ANY=[@ANYBLOB="21030a43bf9a2b3dff12cea5b3dec446313e7eb487bbdf230000000000006f5b377f3adb3fcacd9bdaef3f91f0aae098c0b9cd2c95bebe4526"]}, {0xdf, &(0x7f0000000a00)=@string={0xdf, 0x3, "9a990bd018601303292e7b31ff9a6c0b718075f399b29f47e46bb2c37c857660ec5addc3d65437e0d89c86b116c8a28679576e015c03ded34325308dfb104c9797f627da5da7e72013b9815e3bd7e1cc4e6055093c4f707bb3c366efbe91272d5a3867596b8b6dc64badba1278fa52287ef0a439dedadba038d1c400a9c1e0c7002859a6fd319520fbe024017d76b582143797a602eaf3d13010e38fb7b9ed5450164714880f7cba8c833a546920f666ac2bcd449c2fb41297b10158ac81d056cca85b7655c57fb1dfe206f7fc0f250cfd3f29c53fd650bd69b01e5fd8"}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x406}}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001"], 0x1f0}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr\x00')
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

19.614573432s ago: executing program 4 (id=2817):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioperm(0x0, 0x1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x2f08, 0xe, 0x0, &(0x7f0000000380)="a162cef0563a20f5177241ee8f52", 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7}, 0x50)

19.345749036s ago: executing program 4 (id=2818):
kexec_load(0x5, 0x5, &(0x7f00000005c0)=[{0x0, 0x0, 0x5, 0xff}, {&(0x7f0000000100), 0x0, 0x5, 0xffffffff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f6c59d998200794f89eea832f53f0f9aa4c91322544bc7f07e8cdf4598c9879e4af2de4daca6cf629d11f9c6ebdccfeca156899a89ed0e619add00"/125, 0x7d, 0x5, 0x4}, {0x0, 0x0, 0x7, 0x2}, {&(0x7f00000004c0)="fd7cd1d51fb9987e67d12dded82fd30b5e7675f10da30291367bede16a4fe296961baf3caee5bd5c0d76b25c3de77c56ddefc936fa712e", 0x37, 0x5, 0x6}], 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8", 0x9}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029e477f71c7707c0e59c992ef8bb099330a50fb6", 0x45}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f8", 0x81}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

19.074458783s ago: executing program 4 (id=2820):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x1, 0x7ffffffe, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001"], 0x1f0}}, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr\x00')
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)
getdents(r1, &(0x7f0000000080)=""/60, 0x3c)
getitimer(0x0, &(0x7f0000000180))
lseek(0xffffffffffffffff, 0x401, 0x0)
syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

18.681175743s ago: executing program 4 (id=2821):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x5f45, 0x800)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0))
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000000000000000000001701000002000000000000007005baa38d33e2e1650de8f13f421b2d4b60252e76171216e42961c3b08d4d3dacb0a7089ff7cbfd613d46fa95d6e2f6e76ac3266c9b1a531c4bcf0e7071f117cca4e883b4a6eb5dee7a9ab4d05d7ee311ab1c55b817285e0c3714ee6137e3b8553de667701a7c93437583b5f0b285a188098c1ac4ebac40b315ff8db6f736992497879a42b95248fed4d4888970573d0e88ceead26d97e172588a3ad30fbd01b7bbeeaa668e835f7ae3113fe2d949bb47bc0b2c62541714cc0538601ae4bab19d69a5addee134dd447034da6dd89704603d31a3d25b9d5f46cfd43d9e29aac7422920d98e1463256bd4cc929373ad9000000000faf6a95a04ad3b9db9b230f8224a3d6db187a94e5dadfe181d20d3a4bd08e8b0e6eeb79fdee230dd852a36dfc9046d03b8f316b2d460ca5d08c515d914db8ce430ea0237911c440ee750fe787aaffa83b809651c529e4cf68c8219a827ea003c59e3e51b00cd7f9464f37be2eb3e1475819ad37edcc238b85ab205a2b394916815d9cf7bf3f8e3d19a4697756299e21f2afd3ae31e0f09b8153965635216de47156f4e5fc97cb04f9c5e13256be1d9e0a94f9c6387940de1bcd7b532d16ebba216601cf23be6a7c259550bd059a5a7aee85eb558de8201c1d9c7b29e27313f61cf0b07dd790071bdbceabdd32ce2bcc279b1575a1431b03e5dc37307d15a2782175c87dad1a3aadf48b382bea4ae0b423edee0e12ada4c1dacc40bf387630792ab5c7ed6e2ef7e8a77268b0ff8978ccddfa8da4521d24b3fddc70d181c20caa9a584df9b2e"], 0x18}], 0x4924924924924fd, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x5000, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
socket$inet6(0xa, 0x1, 0x8010800000000084)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x5, &(0x7f00000000c0), 0x111, 0x3}}, 0x20)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r3, 0x4126}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x2, 0x1}}, 0x20)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

18.48692923s ago: executing program 1 (id=2823):
r0 = syz_open_dev$cec(&(0x7f0000000240), 0x0, 0x22581)
ioctl$CEC_RECEIVE(r0, 0xc0386106, &(0x7f0000000000)={0x0, 0xb, 0x80006, 0x200006, 0x8, 0x1, "260000000000000754439400", 0xa, 0x0, 0x5, 0x2, 0x1, 0xfd, 0x9d})
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)

17.123348605s ago: executing program 1 (id=2827):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x1, 0x7ffffffe, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000680)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1241, 0xf767, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0xa0, 0x5, "", [{{0x9, 0x4, 0x0, 0x80, 0x1, 0x3, 0x1, 0x1, 0x3, {0x9, 0x21, 0x4, 0x58, 0x1, {0x22, 0xdc8}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0x0, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7, 0x8, 0x2}}]}}}]}}]}}, &(0x7f0000000b40)={0xa, &(0x7f00000006c0)={0xa, 0x6, 0x110, 0x0, 0x7, 0x8, 0xff, 0x2}, 0x134, &(0x7f0000000700)={0x5, 0xf, 0x134, 0x5, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "995e1ebe8016cd7ed6e3224e0589876c"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x0, 0x3, 0x101}, @generic={0xf2, 0x10, 0xb, "5fb1a2affbe567f159475f6d8aa6250858002db133dccd6ec20b490b536a994496d44546bc2c8db273c1ed5a8dc6ed59b5f48505f53540fcb224222a715ba22f1c321d08567dd1c68426e4e8083b4838dfa23b69a62cb6cc8fdaf55735569dcea2e1aad47b281acc2633b65d357289f5ff80b55920f3f0e07e77b0d4ebdc44d329c7af1dfd3b801ca057750789f15b2f2c5c40837bf26e1de8b9e07f45256a8058c4bffedab16568d838cf857fb2fbfd4c02863cec6d978eec6c60fcc9fb33579c39424a1759235d6688ed1db62614ee5f74f61ca59e8f9bc82099dd12e59966813a18a5dadf9a8521e2c7e858d9dc"}, @ssp_cap={0x1c, 0x10, 0xa, 0xc, 0x4, 0xa0a7, 0xf00, 0x9, [0x0, 0x1fe3f00, 0xc000, 0x3f00]}]}, 0x6, [{0xca, &(0x7f0000000c00)=ANY=[@ANYBLOB="ca038d9bca7d0f231cd4d4b1f07576d17c0dd8734ef560a8bec875d4457aa1929af894c8f0bb9648653b0751dbca9a27eae6fac586f2930485e25cc7592a140d8a2b4d514167c3c0a15f092503ba9693e66488dd437172da985716bed7c3ee6c4fffe649037a273207e036f284ff3fdad6fddfc3c56d9a0b7df5ef29f343a6c5837343fd44339fbc8ef23d3652dbc6f7e7b806b30291de243dc3b5e331395e26b476d392528c96d854bc1158f1f7f60d7c8db02c5f2f0afaaf0c9fcf10d191365269efc19fb4eb083c2193996eeafc4580aa9efbd2ac2af562c86d289b79b8"]}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x458}}, {0x4, &(0x7f0000000980)=@lang_id={0x4}}, {0x21, &(0x7f0000000bc0)=ANY=[@ANYBLOB="21030a43bf9a2b3dff12cea5b3dec446313e7eb487bbdf230000000000006f5b377f3adb3fcacd9bdaef3f91f0aae098c0b9cd2c95bebe4526"]}, {0xdf, &(0x7f0000000a00)=@string={0xdf, 0x3, "9a990bd018601303292e7b31ff9a6c0b718075f399b29f47e46bb2c37c857660ec5addc3d65437e0d89c86b116c8a28679576e015c03ded34325308dfb104c9797f627da5da7e72013b9815e3bd7e1cc4e6055093c4f707bb3c366efbe91272d5a3867596b8b6dc64badba1278fa52287ef0a439dedadba038d1c400a9c1e0c7002859a6fd319520fbe024017d76b582143797a602eaf3d13010e38fb7b9ed5450164714880f7cba8c833a546920f666ac2bcd449c2fb41297b10158ac81d056cca85b7655c57fb1dfe206f7fc0f250cfd3f29c53fd650bd69b01e5fd8"}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x406}}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001"], 0x1f0}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr\x00')
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

15.434401034s ago: executing program 5 (id=2830):
kexec_load(0x5, 0x5, &(0x7f00000005c0)=[{0x0, 0x0, 0x5, 0xff}, {&(0x7f0000000100), 0x0, 0x5, 0xffffffff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f6c59d998200794f89eea832f53f0f9aa4c91322544bc7f07e8cdf4598c9879e4af2de4daca6cf629d11f9c6ebdccfeca156899a89ed0e619add00"/125, 0x7d, 0x5, 0x4}, {0x0, 0x0, 0x7, 0x2}, {&(0x7f00000004c0)="fd7cd1d51fb9987e67d12dded82fd30b5e7675f10da30291367bede16a4fe296961baf3caee5bd5c0d76b25c3de77c56ddefc936fa712e", 0x37, 0x5, 0x6}], 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8", 0x9}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029e477f71c7707c0e59c992ef8bb099330a50fb6", 0x45}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f8", 0x81}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13.825628455s ago: executing program 1 (id=2832):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000d40)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r2, {0x8, 0x7}, {}, {0xb, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x64, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x18, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xef}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x48, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x44, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0xfb}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x2}]}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

13.628166108s ago: executing program 3 (id=2834):
socket$packet(0x11, 0x3, 0x300)
r0 = io_uring_setup(0x667, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = fsopen(&(0x7f00000000c0)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
r2 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r2, &(0x7f0000000100)={&(0x7f00000004c0)={0x2, 0x4e24, @multicast1}, 0x10, 0x0}, 0x40800)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x7, 0x4, 0x34524742, 0x8, 0xc, [{0xfffffffe, 0xb}, {0x40, 0x7}, {0x800, 0x100}, {0x8, 0x1}, {0xfffffffb, 0x676e7560}, {0xc2f8, 0x5}, {0x3, 0x1}, {0x4, 0x165}], 0xe, 0x6, 0x7, 0x0, 0x3}})
syz_usb_control_io$sierra_net(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
socket$unix(0x1, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x500000b, 0x204031, 0xffffffffffffffff, 0x47aef000)

12.839032918s ago: executing program 1 (id=2836):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x86f42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x1, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f00000006c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000240))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r9=>0x0})
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80081270, &(0x7f0000000200))
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r9, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r8, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r9, 0x0, <r10=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000640)={0x48, 0x7, r10, 0x0, 0x10001, 0x0, 0x2, 0x1ba242, 0x3cbc2c})
close_range(r7, 0xffffffffffffffff, 0x0)

12.101098865s ago: executing program 3 (id=2838):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, 0x0)

11.842330366s ago: executing program 5 (id=2839):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, 0x0, 0x0)
ioperm(0x0, 0x1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x2f08, 0xe, 0x0, &(0x7f0000000380)="a162cef0563a20f5177241ee8f52", 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7}, 0x50)

11.752343401s ago: executing program 3 (id=2840):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x281c49f, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x2, 0xffffffffe5100f4e, 0xd, 0xe000, 0x10, 0x5, 0x0, 0x0, 0x1, 0x5}}, 0x84)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0xe8381, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x4}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x20004000)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mprotect(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x1000000)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x4048aec9, &(0x7f0000000980)={0x1, 0x0, @ioapic={0xfee00, 0x296a, 0x4, 0x3, 0x0, [{0x98, 0x37, 0x81, '\x00', 0x7f}, {0x41, 0x8, 0x30, '\x00', 0xf5}, {0xe9, 0x1, 0x9, '\x00', 0x11}, {0x7, 0x9, 0x3, '\x00', 0x8f}, {0x3, 0x7f, 0x91, '\x00', 0xa}, {0xf, 0xe3, 0x8, '\x00', 0xaa}, {0x6, 0x8, 0x6, '\x00', 0x8}, {0x1, 0x3, 0x8, '\x00', 0x67}, {0x2, 0x7, 0xa, '\x00', 0x8}, {0x8, 0x2, 0x13, '\x00', 0x9f}, {0xf, 0x8, 0x6, '\x00', 0x3}, {0x2, 0x4c, 0x3, '\x00', 0xa}, {0x1e, 0x6, 0x3, '\x00', 0xa6}, {0x8, 0x0, 0x8, '\x00', 0x9}, {0x2, 0x4c, 0xa2, '\x00', 0x1}, {0x8, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0xa0, 0x47, '\x00', 0x4}, {0x7, 0x3, 0x2, '\x00', 0xa7}, {0x5, 0x0, 0xf, '\x00', 0x7}, {0x5e, 0xa, 0xa}, {0x7f, 0x6, 0x7, '\x00', 0x4}, {0x93, 0x44, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x20, '\x00', 0xfc}, {0x6, 0xc, 0xc6, '\x00', 0x8}]}})
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
dup(r4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

10.350239522s ago: executing program 5 (id=2842):
ioctl$USBDEVFS_ALLOC_STREAMS(0xffffffffffffffff, 0x8008551c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd00000500050000000000"], 0x70}}, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$FBIOBLANK(r3, 0x4611, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff1801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0)
ioctl$CEC_TRANSMIT(r6, 0xc0386105, 0x0)
r7 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000040)=0xffffffffffffff40, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r5, 0x0, 0x4, 0xf, &(0x7f00000006c0)='\x00\x00\x00\x00', &(0x7f0000000780)=""/15, 0x60fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200003}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)

8.082565209s ago: executing program 5 (id=2843):
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000240)="d94292828e9a15d606eb3b5fcbfe5a1cc3077c5c0f3b3956d53d09ea8591192b6223b8f9a927092f73725a0dcc9083ad6c835e7b24aff66c2bff390c8fa241e2f301410f01738cc437d85b4b212b3839bcb359d0e1f5f39d", 0x58)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)}], 0x1)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc004058}, 0x48004)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.938724802s ago: executing program 5 (id=2844):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x86f42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x1, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f00000006c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000240))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r9=>0x0})
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80081270, &(0x7f0000000200))
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r9, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r8, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r9, 0x0, <r10=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000640)={0x48, 0x7, r10, 0x0, 0x10001, 0x0, 0x2, 0x1ba242, 0x3cbc2c})
close_range(r7, 0xffffffffffffffff, 0x0)

6.193254181s ago: executing program 2 (id=2845):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000d40)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r2, {0x8, 0x7}, {}, {0xb, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x64, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x18, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xef}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x48, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x44, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0xfb}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x2}]}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

6.038291282s ago: executing program 3 (id=2846):
syz_open_procfs(0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd69010000001406fffe800000000000000000000039fe8000000000000000000000000000aa4e224e24000000", @ANYRES32=0x41424344, @ANYBLOB="51c2"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x47, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x800)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

5.256493899s ago: executing program 3 (id=2847):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x1, 0x7ffffffe, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20004055)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000680)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1241, 0xf767, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0xa0, 0x5, "", [{{0x9, 0x4, 0x0, 0x80, 0x1, 0x3, 0x1, 0x1, 0x3, {0x9, 0x21, 0x4, 0x58, 0x1, {0x22, 0xdc8}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0x0, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7, 0x8, 0x2}}]}}}]}}]}}, &(0x7f0000000b40)={0xa, &(0x7f00000006c0)={0xa, 0x6, 0x110, 0x0, 0x7, 0x8, 0xff, 0x2}, 0x138, &(0x7f0000000700)={0x5, 0xf, 0x138, 0x5, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "995e1ebe8016cd7ed6e3224e0589876c"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x0, 0x3, 0x101}, @generic={0xf2, 0x10, 0xb, "5fb1a2affbe567f159475f6d8aa6250858002db133dccd6ec20b490b536a994496d44546bc2c8db273c1ed5a8dc6ed59b5f48505f53540fcb224222a715ba22f1c321d08567dd1c68426e4e8083b4838dfa23b69a62cb6cc8fdaf55735569dcea2e1aad47b281acc2633b65d357289f5ff80b55920f3f0e07e77b0d4ebdc44d329c7af1dfd3b801ca057750789f15b2f2c5c40837bf26e1de8b9e07f45256a8058c4bffedab16568d838cf857fb2fbfd4c02863cec6d978eec6c60fcc9fb33579c39424a1759235d6688ed1db62614ee5f74f61ca59e8f9bc82099dd12e59966813a18a5dadf9a8521e2c7e858d9dc"}, @ssp_cap={0x20, 0x10, 0xa, 0xc, 0x5, 0xa0a7, 0xf00, 0x9, [0x0, 0x1fe3f00, 0x3f, 0xc000, 0x3f00]}]}, 0x6, [{0xca, &(0x7f0000000c00)=ANY=[@ANYBLOB="ca038d9bca7d0f231cd4d4b1f07576d17c0dd8734ef560a8bec875d4457aa1929af894c8f0bb9648653b0751dbca9a27eae6fac586f2930485e25cc7592a140d8a2b4d514167c3c0a15f092503ba9693e66488dd437172da985716bed7c3ee6c4fffe649037a273207e036f284ff3fdad6fddfc3c56d9a0b7df5ef29f343a6c5837343fd44339fbc8ef23d3652dbc6f7e7b806b30291de243dc3b5e331395e26b476d392528c96d854bc1158f1f7f60d7c8db02c5f2f0afaaf0c9fcf10d191365269efc19fb4eb083c2193996eeafc4580aa9efbd2ac2af562c86d289b79b8"]}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x458}}, {0x4, &(0x7f0000000980)=@lang_id={0x4}}, {0x21, &(0x7f0000000bc0)=ANY=[@ANYBLOB="21030a43bf9a2b3dff12cea5b3dec446313e7eb487bbdf230000000000006f5b377f3adb3fcacd9bdaef3f91f0aae098c0b9cd2c95bebe4526"]}, {0xdf, &(0x7f0000000a00)=@string={0xdf, 0x3, "9a990bd018601303292e7b31ff9a6c0b718075f399b29f47e46bb2c37c857660ec5addc3d65437e0d89c86b116c8a28679576e015c03ded34325308dfb104c9797f627da5da7e72013b9815e3bd7e1cc4e6055093c4f707bb3c366efbe91272d5a3867596b8b6dc64badba1278fa52287ef0a439dedadba038d1c400a9c1e0c7002859a6fd319520fbe024017d76b582143797a602eaf3d13010e38fb7b9ed5450164714880f7cba8c833a546920f666ac2bcd449c2fb41297b10158ac81d056cca85b7655c57fb1dfe206f7fc0f250cfd3f29c53fd650bd69b01e5fd8"}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x406}}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001"], 0x1f0}}, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr\x00')
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)
getdents(r1, &(0x7f0000000080)=""/60, 0x3c)
getitimer(0x0, &(0x7f0000000180))
lseek(0xffffffffffffffff, 0x401, 0x0)
syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5.208304703s ago: executing program 2 (id=2848):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

5.207089614s ago: executing program 1 (id=2849):
kexec_load(0x5, 0x5, &(0x7f00000005c0)=[{0x0, 0x0, 0x5, 0xff}, {&(0x7f0000000100), 0x0, 0x5, 0xffffffff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f6c59d998200794f89eea832f53f0f9aa4c91322544bc7f07e8cdf4598c9879e4af2de4daca6cf629d11f9c6ebdccfeca156899a89ed0e619add00"/125, 0x7d, 0x5, 0x4}, {0x0, 0x0, 0x7, 0x2}, {&(0x7f00000004c0)="fd7cd1d51fb9987e67d12dded82fd30b5e7675f10da30291367bede16a4fe296961baf3caee5bd5c0d76b25c3de77c56ddefc936fa712e", 0x37, 0x5, 0x6}], 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8", 0x9}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029e477f71c7707c0e59c992ef8bb099330a50fb6", 0x45}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f8", 0x81}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.855808302s ago: executing program 2 (id=2850):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000800)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404", 0x297}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a610b3738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9d", 0x1cb}, {&(0x7f0000000140)="f610e61ac81cc3edc86f0500194d27a5a443f10dfd1ecda0fd0ed9a444b7fb76afe3a0002f0a5eafcd3555a6cad574af080de74a37f54ee5f10fe3f42b445293ca980200000000000000ecfd6cc1b3a9a9263506e88c5557069d0ca055991454ec1307b7411892a1beaef9ae54833107eb88b0411b1bc0ba9bc28d0eb6a73ad76be9facd1d9d82b6a3cc2040e84b398d279e50535b6557", 0x97}], 0x3, 0x0, 0x0, 0x900}}], 0x1, 0x0)
r0 = socket(0x10, 0x803, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)=""/215, 0xd7}], 0x1}, 0xffff}], 0x1, 0x0, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

4.299525417s ago: executing program 2 (id=2851):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, 0x0, 0x0)
ioperm(0x0, 0x1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x2f08, 0xe, 0x0, &(0x7f0000000380)="a162cef0563a20f5177241ee8f52", 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7}, 0x50)

2.718676886s ago: executing program 2 (id=2852):
socket$packet(0x11, 0x3, 0x300)
syz_usb_control_io$sierra_net(0xffffffffffffffff, 0x0, 0x0)
r0 = io_uring_setup(0x667, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = fsopen(&(0x7f00000000c0)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
r2 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r2, &(0x7f0000000100)={&(0x7f00000004c0)={0x2, 0x4e24, @multicast1}, 0x10, 0x0}, 0x40800)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x7, 0x4, 0x34524742, 0x8, 0xc, [{0xfffffffe, 0xb}, {0x40, 0x7}, {0x800, 0x100}, {0x8, 0x1}, {0xfffffffb, 0x676e7560}, {0xc2f8, 0x5}, {0x3, 0x1}, {0x4, 0x165}], 0xe, 0x6, 0x7, 0x0, 0x3}})
syz_usb_control_io$sierra_net(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
socket$unix(0x1, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x500000b, 0x204031, 0xffffffffffffffff, 0x47aef000)

1.849672998s ago: executing program 1 (id=2853):
socket$nl_netfilter(0x10, 0x3, 0xc)
setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0xfc9, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
ptrace(0x10, r1)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r1, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x2, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x52c)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x20000, &(0x7f0000000180)=@abs={0x0, 0x7, 0xd0000e0}, 0x6e)

1.838695805s ago: executing program 3 (id=2854):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x1, 0x7ffffffe, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000680)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1241, 0xf767, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0xa0, 0x5, "", [{{0x9, 0x4, 0x0, 0x80, 0x1, 0x3, 0x1, 0x1, 0x3, {0x9, 0x21, 0x4, 0x58, 0x1, {0x22, 0xdc8}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0x0, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7, 0x8, 0x2}}]}}}]}}]}}, &(0x7f0000000b40)={0xa, &(0x7f00000006c0)={0xa, 0x6, 0x110, 0x0, 0x7, 0x8, 0xff, 0x2}, 0x134, &(0x7f0000000700)={0x5, 0xf, 0x134, 0x5, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "995e1ebe8016cd7ed6e3224e0589876c"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x0, 0x3, 0x101}, @generic={0xf2, 0x10, 0xb, "5fb1a2affbe567f159475f6d8aa6250858002db133dccd6ec20b490b536a994496d44546bc2c8db273c1ed5a8dc6ed59b5f48505f53540fcb224222a715ba22f1c321d08567dd1c68426e4e8083b4838dfa23b69a62cb6cc8fdaf55735569dcea2e1aad47b281acc2633b65d357289f5ff80b55920f3f0e07e77b0d4ebdc44d329c7af1dfd3b801ca057750789f15b2f2c5c40837bf26e1de8b9e07f45256a8058c4bffedab16568d838cf857fb2fbfd4c02863cec6d978eec6c60fcc9fb33579c39424a1759235d6688ed1db62614ee5f74f61ca59e8f9bc82099dd12e59966813a18a5dadf9a8521e2c7e858d9dc"}, @ssp_cap={0x1c, 0x10, 0xa, 0xc, 0x4, 0xa0a7, 0xf00, 0x9, [0x0, 0x1fe3f00, 0xc000, 0x3f00]}]}, 0x6, [{0xca, &(0x7f0000000c00)=ANY=[@ANYBLOB="ca038d9bca7d0f231cd4d4b1f07576d17c0dd8734ef560a8bec875d4457aa1929af894c8f0bb9648653b0751dbca9a27eae6fac586f2930485e25cc7592a140d8a2b4d514167c3c0a15f092503ba9693e66488dd437172da985716bed7c3ee6c4fffe649037a273207e036f284ff3fdad6fddfc3c56d9a0b7df5ef29f343a6c5837343fd44339fbc8ef23d3652dbc6f7e7b806b30291de243dc3b5e331395e26b476d392528c96d854bc1158f1f7f60d7c8db02c5f2f0afaaf0c9fcf10d191365269efc19fb4eb083c2193996eeafc4580aa9efbd2ac2af562c86d289b79b8"]}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x458}}, {0x4, &(0x7f0000000980)=@lang_id={0x4}}, {0x21, &(0x7f0000000bc0)=ANY=[@ANYBLOB="21030a43bf9a2b3dff12cea5b3dec446313e7eb487bbdf230000000000006f5b377f3adb3fcacd9bdaef3f91f0aae098c0b9cd2c95bebe4526"]}, {0xdf, &(0x7f0000000a00)=@string={0xdf, 0x3, "9a990bd018601303292e7b31ff9a6c0b718075f399b29f47e46bb2c37c857660ec5addc3d65437e0d89c86b116c8a28679576e015c03ded34325308dfb104c9797f627da5da7e72013b9815e3bd7e1cc4e6055093c4f707bb3c366efbe91272d5a3867596b8b6dc64badba1278fa52287ef0a439dedadba038d1c400a9c1e0c7002859a6fd319520fbe024017d76b582143797a602eaf3d13010e38fb7b9ed5450164714880f7cba8c833a546920f666ac2bcd449c2fb41297b10158ac81d056cca85b7655c57fb1dfe206f7fc0f250cfd3f29c53fd650bd69b01e5fd8"}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x406}}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001"], 0x1f0}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr\x00')
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

676.179716ms ago: executing program 5 (id=2855):
socket$inet6(0xa, 0x80002, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x10, 0x3, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="120100005864e6082c105162687e0102030109021200671b2f01000000000904"], 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r0], 0x28}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
syz_open_dev$dvb_dvr(&(0x7f00000001c0), 0x8, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x44}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd1e, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x54, 0x2, [@TCA_FLOWER_ACT={0x50, 0x3, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0xffff7fff, 0xb, 0x7, 0x1, 0x10}}, @TCA_ACT_BPF_OPS_LEN={0x6}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x8848}, 0x4080)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000000203010100000000000000ffffff7f000800034000000000080004400000000008000540000000000900020000000000020000000800010001"], 0x40}}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848160000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x80054)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x20)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r7, 0x11, 0x64, &(0x7f0000000140)=0x4, 0x4)

0s ago: executing program 2 (id=2856):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x86f42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x1, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f00000006c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000240))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r9=>0x0})
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80081270, &(0x7f0000000200))
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r9, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r8, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r9, 0x0, <r10=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r10, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
close_range(r7, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 audit: type=1326 audit(1779918771.994:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6656 comm="syz.0.297" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c610ce59 code=0x7ffc0000
[  190.941814][   T36] audit: type=1326 audit(1779918771.994:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6656 comm="syz.0.297" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c610ce59 code=0x7ffc0000
[  190.942004][   T36] audit: type=1326 audit(1779918771.994:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6656 comm="syz.0.297" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f25c610ce59 code=0x7ffc0000
[  190.942280][   T36] audit: type=1326 audit(1779918771.994:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6656 comm="syz.0.297" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c610ce59 code=0x7ffc0000
[  194.863049][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  194.863110][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  199.005219][ T6713] netlink: 12 bytes leftover after parsing attributes in process `syz.0.314'.
[  199.415089][ T6713] bond1: entered promiscuous mode
[  199.415544][ T6713] 8021q: adding VLAN 0 to HW filter on device bond1
[  200.978067][ T6716] macvtap1: entered allmulticast mode
[  203.251481][   T36] kauditd_printk_skb: 12 callbacks suppressed
[  203.251610][   T36] audit: type=1326 audit(1779918784.304:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.251661][   T36] audit: type=1326 audit(1779918784.304:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.264808][   T36] audit: type=1326 audit(1779918784.314:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.266232][   T36] audit: type=1326 audit(1779918784.324:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.266282][   T36] audit: type=1326 audit(1779918784.324:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.273175][   T36] audit: type=1326 audit(1779918784.324:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.307172][   T36] audit: type=1326 audit(1779918784.334:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.307383][   T36] audit: type=1326 audit(1779918784.344:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  203.307678][   T36] audit: type=1326 audit(1779918784.344:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6742 comm="syz.4.325" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f261602ce59 code=0x7ffc0000
[  212.748114][ T6786] Bluetooth: hci1: command 0x0406 tx timeout
[  212.763776][ T5624] Bluetooth: hci4: command 0x0406 tx timeout
[  212.763809][ T5624] Bluetooth: hci0: command 0x0406 tx timeout
[  212.763830][ T5624] Bluetooth: hci3: command 0x0406 tx timeout
[  212.763852][ T5624] Bluetooth: hci2: command 0x0406 tx timeout
[  223.025562][ T4988] IPVS: starting estimator thread 0...
[  223.099433][ T6855] CUSE: unknown device info ""
[  223.099449][ T6855] CUSE: unknown device info "�"
[  223.099458][ T6855] CUSE: unknown device info ""
[  223.099466][ T6855] CUSE: unknown device info ""
[  223.099474][ T6855] CUSE: unknown device info ""
[  223.099482][ T6855] CUSE: unknown device info ""
[  223.099490][ T6855] CUSE: unknown device info "����"
[  223.099498][ T6855] CUSE: unknown device info ""
[  223.099506][ T6855] CUSE: unknown device info ""
[  223.099514][ T6855] CUSE: unknown device info ""
[  223.099522][ T6855] CUSE: unknown device info ""
[  223.099530][ T6855] CUSE: unknown device info "r"
[  223.099538][ T6855] CUSE: unknown device info "��������#�"
[  223.099547][ T6855] CUSE: unknown device info "����"
[  223.099555][ T6855] CUSE: unknown device info ""
[  223.099563][ T6855] CUSE: unknown device info "�"
[  223.099572][ T6855] CUSE: DEVNAME unspecified
[  223.140635][ T4988] IPVS: starting estimator thread 0...
[  223.181956][ T6864] Bluetooth: MGMT ver 1.23
[  223.189935][ T6859] IPVS: using max 8 ests per chain, 19200 per kthread
[  223.416650][ T6861] IPVS: set_ctl: invalid protocol: 1 224.0.0.2:0
[  223.425976][ T6863] IPVS: using max 8 ests per chain, 19200 per kthread
[  225.082430][ T6886] comedi comedi3: dt2801: I/O base address or length out of range
[  232.865970][ T6973] loop2: detected capacity change from 0 to 7
[  233.023481][ T6973] Dev loop2: unable to read RDB block 7
[  233.023537][ T6973]  loop2: unable to read partition table
[  233.023775][ T6973] loop2: partition table beyond EOD, truncated
[  233.023829][ T6973] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  236.966254][   T42] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  236.997065][ T7020] binder: 7019:7020 unknown command 0
[  236.997086][ T7020] binder: 7019:7020 ioctl c0306201 200000000040 returned -22
[  237.235601][ T7006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.403'.
[  237.287071][ T7025] netlink: 8 bytes leftover after parsing attributes in process `syz.0.403'.
[  237.789902][ T7006] macvtap2: entered promiscuous mode
[  237.789927][ T7006] bridge0: entered promiscuous mode
[  237.790316][ T7006] macvtap2: entered allmulticast mode
[  237.790331][ T7006] bridge0: entered allmulticast mode
[  238.194345][ T7025] bridge0: left allmulticast mode
[  238.403081][  T822] bridge0: left promiscuous mode
[  238.545020][   T42] usb 1-1: unable to get BOS descriptor or descriptor too short
[  238.887498][   T42] usb 1-1: unable to read config index 0 descriptor/start: -71
[  238.887533][   T42] usb 1-1: can't read configurations, error -71
[  239.049443][  T821] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  239.097789][ T7042] netlink: 44 bytes leftover after parsing attributes in process `syz.1.418'.
[  239.245891][  T821] usb 4-1: Using ep0 maxpacket: 32
[  239.264987][  T821] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  239.265016][  T821] usb 4-1: config 0 has no interface number 0
[  239.289378][  T821] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  239.289409][  T821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.289431][  T821] usb 4-1: Product: syz
[  239.289445][  T821] usb 4-1: Manufacturer: syz
[  239.289460][  T821] usb 4-1: SerialNumber: syz
[  239.572102][  T821] usb 4-1: config 0 descriptor??
[  240.024853][  T821] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  240.024883][  T821] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  241.982221][  T821] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  241.985340][  T821] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[  242.100635][  T821] usb 4-1: USB disconnect, device number 2
[  242.234991][ T7058] netlink: 24 bytes leftover after parsing attributes in process `syz.0.423'.
[  242.422320][ T7064] netlink: 68 bytes leftover after parsing attributes in process `syz.3.426'.
[  242.598502][ T7068] loop2: detected capacity change from 0 to 3
[  242.622113][ T7068] Dev loop2: unable to read RDB block 3
[  242.622157][ T7068]  loop2: unable to read partition table
[  242.622371][ T7068] loop2: partition table beyond EOD, truncated
[  242.622643][ T7068] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  242.942934][ T7074] netlink: 44 bytes leftover after parsing attributes in process `syz.0.430'.
[  243.564510][  T822] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  253.421568][ T7121] netlink: 44 bytes leftover after parsing attributes in process `syz.4.445'.
[  253.476053][ T7122] netlink: 24 bytes leftover after parsing attributes in process `syz.2.443'.
[  253.823912][ T5625] Bluetooth: hci4: unexpected event for opcode 0x080d
[  255.681352][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  255.681402][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  259.757087][ T7168] netlink: 12 bytes leftover after parsing attributes in process `syz.4.459'.
[  259.976818][ T5732] IPVS: starting estimator thread 0...
[  260.065914][ T7174] IPVS: using max 8 ests per chain, 19200 per kthread
[  260.157696][ T7177] syz.1.463 uses obsolete (PF_INET,SOCK_PACKET)
[  261.487252][ T4988] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  261.649150][ T4988] usb 4-1: config 0 has no interfaces?
[  261.650296][ T4988] usb 4-1: config 0 has no interfaces?
[  261.652070][ T4988] usb 4-1: config 0 has no interfaces?
[  261.652104][ T4988] usb 4-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  261.652129][ T4988] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.781133][ T4988] usb 4-1: config 0 descriptor??
[  262.157908][ T5732] usb 4-1: USB disconnect, device number 4
[  262.338546][   T36] audit: type=1326 audit(1779918843.384:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.338603][   T36] audit: type=1326 audit(1779918843.394:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.378624][   T36] audit: type=1326 audit(1779918843.394:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.386042][   T36] audit: type=1326 audit(1779918843.434:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.386192][   T36] audit: type=1326 audit(1779918843.434:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.393291][   T36] audit: type=1326 audit(1779918843.444:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.395865][   T36] audit: type=1326 audit(1779918843.444:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.417870][   T36] audit: type=1326 audit(1779918843.464:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.435301][   T36] audit: type=1326 audit(1779918843.484:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  262.437773][   T36] audit: type=1326 audit(1779918843.494:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7201 comm="syz.2.468" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3ea157ce59 code=0x7ffc0000
[  265.486032][ T7216] netlink: 12 bytes leftover after parsing attributes in process `syz.4.474'.
[  270.042081][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[  271.099283][ T7263] binder: 7262:7263 ioctl 4018620d 0 returned -22
[  271.461421][ T7270] netlink: 8 bytes leftover after parsing attributes in process `syz.1.490'.
[  281.300103][ T7309] binder: 7308:7309 ioctl 4018620d 0 returned -22
[  281.700831][ T7314] netlink: 8 bytes leftover after parsing attributes in process `syz.4.506'.
[  281.735897][ T5796] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  283.652523][ T5796] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  283.652553][ T5796] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.652572][ T5796] usb 1-1: Product: syz
[  283.652586][ T5796] usb 1-1: Manufacturer: syz
[  283.652599][ T5796] usb 1-1: SerialNumber: syz
[  285.056337][ T5796] usb 1-1: config 0 descriptor??
[  285.077891][ T5796] usb 1-1: can't set config #0, error -71
[  285.094409][ T5796] usb 1-1: USB disconnect, device number 4
[  292.940097][ T7361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'.
[  295.000662][ T7368] fuse: fd is not a fuse device
[  295.154636][ T7369] netlink: 28 bytes leftover after parsing attributes in process `syz.4.523'.
[  297.086343][ T7378] netlink: 'syz.0.525': attribute type 1 has an invalid length.
[  297.086360][ T7378] netlink: 2096 bytes leftover after parsing attributes in process `syz.0.525'.
[  303.337427][ T7417] netlink: 28 bytes leftover after parsing attributes in process `syz.1.537'.
[  308.068431][ T7460] lo speed is unknown, defaulting to 1000
[  308.069460][ T7460] lo speed is unknown, defaulting to 1000
[  308.080313][ T7460] lo speed is unknown, defaulting to 1000
[  308.084536][ T7460] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  308.084574][ T7460] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  308.085445][ T7460] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  308.101233][ T7460] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  308.658278][ T7460] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  308.854474][ T7460] lo speed is unknown, defaulting to 1000
[  308.861824][ T7460] lo speed is unknown, defaulting to 1000
[  308.863937][ T7460] lo speed is unknown, defaulting to 1000
[  308.870022][ T7460] lo speed is unknown, defaulting to 1000
[  308.888294][ T7460] lo speed is unknown, defaulting to 1000
[  310.441309][ T7474] binder: 7473:7474 ioctl 4018620d 0 returned -22
[  310.676051][ T5732] usb 1-1: new low-speed USB device number 5 using dummy_hcd
[  312.119170][ T5732] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 8
[  312.119207][ T5732] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  312.119230][ T5732] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  312.119263][ T5732] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B is Bulk; changing to Interrupt
[  312.119287][ T5732] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  312.119325][ T5732] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  312.119349][ T5732] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.200140][ T5732] usb 1-1: config 0 descriptor??
[  312.211602][ T7472] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  312.430719][ T5732] usb 1-1: string descriptor 0 read error: -71
[  312.470542][ T5732] usb 1-1: USB disconnect, device number 5
[  314.152672][ T7491] netlink: 'syz.3.565': attribute type 1 has an invalid length.
[  314.152695][ T7491] netlink: 2096 bytes leftover after parsing attributes in process `syz.3.565'.
[  316.714917][ T7512] siw: device registration error -23
[  317.081876][ T7516] binder: 7515:7516 ioctl 4018620d 0 returned -22
[  317.117958][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  317.118023][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  323.432706][ T7555] binder: 7553:7555 ioctl 4018620d 0 returned -22
[  333.677011][ T7589] syz.2.594 (7589) used greatest stack depth: 17504 bytes left
[  336.532263][ T7602] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  336.532277][ T7602] IPv6: NLM_F_CREATE should be set when creating new route
[  337.330372][ T7613] overlayfs: failed to clone upperpath
[  342.233416][ T7621] tmpfs: Bad value for 'mpol'
[  342.466919][ T7634] netlink: 'syz.0.604': attribute type 2 has an invalid length.
[  342.466941][ T7634] netlink: 'syz.0.604': attribute type 1 has an invalid length.
[  344.473104][ T7643] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  344.473118][ T7643] IPv6: NLM_F_CREATE should be set when creating new route
[  344.978722][ T7650] binder: 7649:7650 ioctl 4018620d 0 returned -22
[  350.460041][ T7681] tmpfs: Bad value for 'mpol'
[  351.440024][ T7691] binder: 7689:7691 ioctl 4018620d 0 returned -22
[  352.669898][ T7692] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  354.097823][ T7701] netlink: 28 bytes leftover after parsing attributes in process `syz.0.629'.
[  354.616043][ T7706] netlink: 20 bytes leftover after parsing attributes in process `syz.4.631'.
[  354.616069][ T7706] netlink: 24 bytes leftover after parsing attributes in process `syz.4.631'.
[  356.754722][ T7724] tmpfs: Bad value for 'mpol'
[  358.485439][ T7738] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  358.485453][ T7738] IPv6: NLM_F_CREATE should be set when creating new route
[  358.917687][ T7742] binder: 7741:7742 ioctl 4018620d 0 returned -22
[  364.348514][ T7775] netlink: 20 bytes leftover after parsing attributes in process `syz.2.647'.
[  364.348538][ T7775] netlink: 24 bytes leftover after parsing attributes in process `syz.2.647'.
[  364.984923][   T10] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  366.237480][   T10] usb 4-1: not running at top speed; connect to a high speed hub
[  366.239063][   T10] usb 4-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  366.239098][   T10] usb 4-1: config 1 interface 0 has no altsetting 0
[  366.245383][   T10] usb 4-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  366.245412][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.245434][   T10] usb 4-1: Manufacturer: ј
[  366.245449][   T10] usb 4-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  366.592298][ T7779] netlink: 260 bytes leftover after parsing attributes in process `syz.3.648'.
[  366.592446][ T7779] netlink: 104 bytes leftover after parsing attributes in process `syz.3.648'.
[  366.592464][ T7779] netlink: 8 bytes leftover after parsing attributes in process `syz.3.648'.
[  367.582021][   T10] usbhid 4-1:1.0: can't add hid device: -71
[  367.582137][   T10] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  367.593079][   T10] usb 4-1: USB disconnect, device number 5
[  371.415389][ T7791] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  371.415406][ T7791] IPv6: NLM_F_CREATE should be set when creating new route
[  373.413885][ T7815] fuse: fd is not a fuse device
[  374.374499][ T7820] netlink: 260 bytes leftover after parsing attributes in process `syz.4.662'.
[  374.374558][ T7820] netlink: 104 bytes leftover after parsing attributes in process `syz.4.662'.
[  374.374573][ T7820] netlink: 8 bytes leftover after parsing attributes in process `syz.4.662'.
[  375.735251][ T7837] Zero length message leads to an empty skb
[  376.783377][ T7846] netlink: 'syz.2.670': attribute type 2 has an invalid length.
[  376.783446][ T7846] netlink: 'syz.2.670': attribute type 1 has an invalid length.
[  377.802804][  T822] IPVS: starting estimator thread 0...
[  377.885922][ T7852] IPVS: using max 9 ests per chain, 21600 per kthread
[  378.980725][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  378.980799][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  384.799468][ T7903] netlink: 'syz.1.684': attribute type 2 has an invalid length.
[  384.799515][ T7903] netlink: 'syz.1.684': attribute type 1 has an invalid length.
[  386.021053][ T7907] netlink: 24 bytes leftover after parsing attributes in process `syz.0.686'.
[  391.434106][ T7939] netlink: 'syz.4.696': attribute type 2 has an invalid length.
[  391.434150][ T7939] netlink: 'syz.4.696': attribute type 1 has an invalid length.
[  393.410869][ T7946] netlink: 24 bytes leftover after parsing attributes in process `syz.0.699'.
[  399.732187][ T7988] netlink: 'syz.0.708': attribute type 2 has an invalid length.
[  399.732230][ T7988] netlink: 'syz.0.708': attribute type 1 has an invalid length.
[  402.175438][ T7997] netlink: 24 bytes leftover after parsing attributes in process `syz.2.712'.
[  407.110122][ T8026] netlink: 'syz.0.719': attribute type 2 has an invalid length.
[  407.110146][ T8026] netlink: 'syz.0.719': attribute type 1 has an invalid length.
[  407.974411][ T8038] netlink: 24 bytes leftover after parsing attributes in process `syz.0.723'.
[  412.506730][ T8065] fuse: Bad value for 'group_id'
[  412.506793][ T8065] fuse: Bad value for 'group_id'
[  414.713764][ T8087] netlink: 'syz.2.733': attribute type 2 has an invalid length.
[  414.713811][ T8087] netlink: 'syz.2.733': attribute type 1 has an invalid length.
[  421.863785][ T8116] overlayfs: missing 'lowerdir'
[  422.994165][ T8137] netlink: 'syz.4.749': attribute type 2 has an invalid length.
[  422.994211][ T8137] netlink: 'syz.4.749': attribute type 1 has an invalid length.
[  425.678253][ T8146] netlink: 28 bytes leftover after parsing attributes in process `syz.2.755'.
[  428.431528][ T5625] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  429.690939][ T8179] netlink: 'syz.1.763': attribute type 2 has an invalid length.
[  429.690988][ T8179] netlink: 'syz.1.763': attribute type 1 has an invalid length.
[  431.651083][ T8191] netlink: 28 bytes leftover after parsing attributes in process `syz.1.768'.
[  434.387960][ T8221] netlink: 'syz.1.778': attribute type 2 has an invalid length.
[  434.388008][ T8221] netlink: 'syz.1.778': attribute type 1 has an invalid length.
[  435.169228][ T8213] netlink: 28 bytes leftover after parsing attributes in process `syz.2.777'.
[  437.318710][ T5595] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  437.502833][ T5595] usb 4-1: not running at top speed; connect to a high speed hub
[  437.504226][ T5595] usb 4-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  437.504263][ T5595] usb 4-1: config 1 interface 0 has no altsetting 0
[  437.551795][ T5595] usb 4-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  437.551827][ T5595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.551849][ T5595] usb 4-1: Manufacturer: ј
[  437.551864][ T5595] usb 4-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  439.105158][ T8244] netlink: 28 bytes leftover after parsing attributes in process `syz.0.784'.
[  439.188847][ T5595] usb 4-1: can't set config #1, error -71
[  439.233518][ T5595] usb 4-1: USB disconnect, device number 6
[  440.232831][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  440.243085][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  441.850101][ T8262] netlink: 'syz.4.791': attribute type 2 has an invalid length.
[  441.850148][ T8262] netlink: 'syz.4.791': attribute type 1 has an invalid length.
[  443.508145][ T8266] netlink: 28 bytes leftover after parsing attributes in process `syz.3.793'.
[  445.988746][ T8296] tipc: Started in network mode
[  445.988782][ T8296] tipc: Node identity 62d11450518e, cluster identity 4711
[  445.989457][ T8296] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  445.992319][ T8296] syzkaller0: entered promiscuous mode
[  445.992342][ T8296] syzkaller0: entered allmulticast mode
[  446.064751][ T8296] tipc: Resetting bearer <eth:syzkaller0>
[  446.126095][ T8295] tipc: Resetting bearer <eth:syzkaller0>
[  446.828412][ T8295] tipc: Disabling bearer <eth:syzkaller0>
[  450.364856][ T8329] netlink: 'syz.3.804': attribute type 2 has an invalid length.
[  450.364878][ T8329] netlink: 'syz.3.804': attribute type 1 has an invalid length.
[  452.127625][ T8345] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  452.211061][ T8338] netlink: 28 bytes leftover after parsing attributes in process `syz.0.810'.
[  452.932121][ T8354] fuse: fd is not a fuse device
[  456.273080][ T8370] netlink: 260 bytes leftover after parsing attributes in process `syz.0.825'.
[  456.273135][ T8370] netlink: 104 bytes leftover after parsing attributes in process `syz.0.825'.
[  456.273150][ T8370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.825'.
[  458.818897][ T8398] fuse: Unknown parameter 'grou00000000000000000000'
[  465.642056][ T8434] misc userio: Invalid payload size
[  467.746635][ T8453] block device autoloading is deprecated and will be removed.
[  475.481586][ T8503] netlink: 28 bytes leftover after parsing attributes in process `syz.2.859'.
[  478.315644][ T8512] tmpfs: Bad value for 'mpol'
[  478.508001][ T5625] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  479.208130][ T8527] fuse: fd is not a fuse device
[  483.205191][ T8555] netlink: 16 bytes leftover after parsing attributes in process `syz.3.878'.
[  483.466002][ T5625] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  484.099637][ T8568] fuse: Unknown parameter 'group_i00000000000000000000'
[  488.899088][ T8591] tmpfs: Bad value for 'mpol'
[  490.726882][ T8602] netlink: 16 bytes leftover after parsing attributes in process `syz.2.889'.
[  490.922483][ T5625] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  491.307827][ T8608] tipc: Started in network mode
[  491.307860][ T8608] tipc: Node identity bafc55e2d5a4, cluster identity 4711
[  491.308034][ T8608] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  491.313673][ T8608] syzkaller0: entered promiscuous mode
[  491.313699][ T8608] syzkaller0: entered allmulticast mode
[  492.517540][ T8614] tipc: Resetting bearer <eth:syzkaller0>
[  492.537213][ T5739] tipc: Node number set to 1868060130
[  492.609178][ T8607] tipc: Resetting bearer <eth:syzkaller0>
[  493.597892][ T8607] tipc: Disabling bearer <eth:syzkaller0>
[  496.587840][ T8634] tmpfs: Bad value for 'mpol'
[  497.125213][ T8645] netlink: 16 bytes leftover after parsing attributes in process `syz.4.904'.
[  498.134102][ T8652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.906'.
[  500.755916][ T8245] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  500.944900][ T8665] netlink: 4 bytes leftover after parsing attributes in process `syz.3.910'.
[  501.082064][ T8245] usb 4-1: unable to get BOS descriptor or descriptor too short
[  501.098045][ T8245] usb 4-1: unable to read config index 0 descriptor/start: -71
[  501.098083][ T8245] usb 4-1: can't read configurations, error -71
[  501.438148][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  501.438221][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  501.752562][ T8688] tmpfs: Bad value for 'mpol'
[  502.282749][ T8691] netlink: 24 bytes leftover after parsing attributes in process `syz.3.917'.
[  507.618871][ T8724] netlink: 4 bytes leftover after parsing attributes in process `syz.4.927'.
[  507.656716][ T8724] syz_tun: entered promiscuous mode
[  507.701851][ T8724] macvtap1: entered promiscuous mode
[  507.702023][ T8724] macvtap1: entered allmulticast mode
[  507.702034][ T8724] syz_tun: entered allmulticast mode
[  507.797832][ T8726] netlink: 24 bytes leftover after parsing attributes in process `syz.2.929'.
[  513.468910][ T8770] tmpfs: Bad value for 'mpol'
[  513.474043][ T8784] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  517.171384][ T8830] netlink: 8 bytes leftover after parsing attributes in process `syz.0.959'.
[  522.483920][   T36] audit: type=1326 audit(1779919103.534:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8859 comm="syz.3.969" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc77b9ece59 code=0x0
[  524.593132][ T8883] lo speed is unknown, defaulting to 1000
[  529.870734][ T8911] netlink: 28 bytes leftover after parsing attributes in process `syz.2.984'.
[  530.712013][ T8924] netlink: 8 bytes leftover after parsing attributes in process `syz.4.988'.
[  531.267624][ T8943] netlink: 260 bytes leftover after parsing attributes in process `syz.4.997'.
[  531.267694][ T8943] netlink: 104 bytes leftover after parsing attributes in process `syz.4.997'.
[  531.267710][ T8943] netlink: 8 bytes leftover after parsing attributes in process `syz.4.997'.
[  535.805881][   T42] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  536.029845][ T8983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1011'.
[  536.052315][ T8983] bridge0: entered allmulticast mode
[  536.052370][ T8983] bridge0: entered promiscuous mode
[  536.266268][   T42] usb 1-1: unable to get BOS descriptor or descriptor too short
[  536.268344][   T42] usb 1-1: unable to read config index 0 descriptor/start: -71
[  536.268380][   T42] usb 1-1: can't read configurations, error -71
[  552.407557][ T5625] Bluetooth: hci0: command 0x0406 tx timeout
[  552.479480][ T9076] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  552.967439][ T9076] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  554.416156][ T9076] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  554.416495][ T9076] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  554.502205][ T9076] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  554.504998][ T9076] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  554.555806][ T5625] Bluetooth: hci0: command 0x0406 tx timeout
[  556.320931][ T9076] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  556.328131][ T9076] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  556.432929][ T9076] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  556.433281][ T9076] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  556.478815][ T5625] Bluetooth: hci1: command 0x0406 tx timeout
[  556.499709][ T9107] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1052'.
[  556.565770][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[  556.850437][ T9113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1055'.
[  558.587761][ T5625] Bluetooth: hci3: command 0x0406 tx timeout
[  558.587970][ T5625] Bluetooth: hci4: command 0x0406 tx timeout
[  558.588079][ T5625] Bluetooth: hci1: command 0x0406 tx timeout
[  558.735732][ T4921] Bluetooth: hci2: command 0x0406 tx timeout
[  560.705078][ T4921] Bluetooth: hci4: command 0x0406 tx timeout
[  560.705119][ T4921] Bluetooth: hci3: command 0x0406 tx timeout
[  561.550743][ T9157] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1065'.
[  562.348078][ T9167] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1069'.
[  563.655443][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  563.655765][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  566.539961][ T9192] fuse: Bad value for 'fd'
[  568.122776][ T9213] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1087'.
[  568.172877][ T9214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1086'.
[  568.400223][ T9225] fuse: Bad value for 'fd'
[  573.689687][ T9291] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1113'.
[  578.235007][ T9355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1131'.
[  578.301936][ T9354] binder_alloc: 9353: binder_alloc_buf, no vma
[  584.035246][ T9412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1149'.
[  591.882843][ T9446] kvm: emulating exchange as write
[  593.104332][ T9474] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  594.847012][  T821] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  596.887304][ T9497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1178'.
[  598.553359][  T821] usb 1-1: unable to get BOS descriptor or descriptor too short
[  598.569554][  T821] usb 1-1: unable to read config index 0 descriptor/start: -71
[  598.569594][  T821] usb 1-1: can't read configurations, error -71
[  604.615769][ T5616] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  604.766107][ T5616] usb 1-1: Using ep0 maxpacket: 32
[  604.771008][ T5616] usb 1-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  604.771064][ T5616] usb 1-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  604.771093][ T5616] usb 1-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  604.771122][ T5616] usb 1-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  604.843932][ T5616] usb 1-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  604.843963][ T5616] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.843983][ T5616] usb 1-1: Product: syz
[  604.843998][ T5616] usb 1-1: Manufacturer: syz
[  604.844013][ T5616] usb 1-1: SerialNumber: syz
[  604.994747][    C1] imon 1-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  605.171762][ T5616] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/input/input13
[  605.365795][ T5616] imon 1-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  605.365822][ T5616]  (id 0x00)
[  605.565933][ T5616] rc_core: IR keymap rc-imon-pad not found
[  605.565956][ T5616] Registered IR keymap rc-empty
[  605.571273][ T5616] imon 1-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  605.571297][ T5616] imon 1-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  605.754205][ T5616] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/rc/rc0
[  606.011086][ T5616] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/rc/rc0/input14
[  606.657893][ T5616] imon 1-1:155.0: iMON device (15c2:ffdc, intf0) on usb<1:10> initialized
[  607.950039][  T822] usb 1-1: USB disconnect, device number 10
[  615.150630][ T9671] tmpfs: Bad value for 'mpol'
[  624.319608][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  624.319679][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  630.709097][ T9830] fuse: fd is not a fuse device
[  631.730430][ T6237] bridge0: entered promiscuous mode
[  634.488404][ T9891] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1331'.
[  634.534213][ T9891] ip6gretap0: entered promiscuous mode
[  634.551145][ T9891] macvtap1: entered promiscuous mode
[  634.551797][ T9891] macvtap1: entered allmulticast mode
[  634.551814][ T9891] ip6gretap0: entered allmulticast mode
[  639.540910][ T9942] tmpfs: Bad value for 'mpol'
[  644.183887][ T9976] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.592260][ T9976] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.467807][ T9976] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  657.546472][ T9976] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  659.051709][ T4921] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  659.093392][ T4921] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  659.104963][ T4921] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  659.122758][ T4921] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  659.127601][ T4921] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  660.239720][ T9976] bond1: left promiscuous mode
[  660.241746][ T9976] macvtap1: left allmulticast mode
[  660.457342][ T9976] bridge0: left allmulticast mode
[  661.185829][ T9976] macvtap2: left promiscuous mode
[  661.185859][ T9976] macvtap2: left allmulticast mode
[  661.190392][  T803] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.191745][   T69] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.191790][   T69] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.191828][   T69] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.287336][ T5625] Bluetooth: hci5: command tx timeout
[  661.329513][T10016] lo speed is unknown, defaulting to 1000
[  661.863701][T10029] lo speed is unknown, defaulting to 1000
[  663.364187][T10029] bridge0: port 1(bridge_slave_0) entered blocking state
[  663.364424][T10029] bridge0: port 1(bridge_slave_0) entered disabled state
[  663.364971][T10029] bridge_slave_0: entered allmulticast mode
[  663.365778][ T5625] Bluetooth: hci5: command tx timeout
[  663.402355][T10029] bridge_slave_0: entered promiscuous mode
[  663.412834][T10029] bridge0: port 2(bridge_slave_1) entered blocking state
[  663.413054][T10029] bridge0: port 2(bridge_slave_1) entered disabled state
[  663.413312][T10029] bridge_slave_1: entered allmulticast mode
[  663.439698][T10029] bridge_slave_1: entered promiscuous mode
[  663.500752][T10029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  663.510278][T10029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  663.580836][T10029] team0: Port device team_slave_0 added
[  663.584748][T10029] team0: Port device team_slave_1 added
[  663.641043][T10029] batman_adv: batadv0: Adding interface: batadv_slave_0
[  663.641059][T10029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  663.641085][T10029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  663.643243][T10029] batman_adv: batadv0: Adding interface: batadv_slave_1
[  663.643256][T10029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  663.643282][T10029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  663.810764][T10029] hsr_slave_0: entered promiscuous mode
[  663.812166][T10029] hsr_slave_1: entered promiscuous mode
[  663.829570][T10029] debugfs: 'hsr0' already exists in 'hsr'
[  663.829597][T10029] Cannot create hsr debugfs directory
[  666.207316][ T5625] Bluetooth: hci5: command tx timeout
[  666.731597][T10029] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  666.917355][T10029] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  666.919719][T10029] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  667.612495][T10029] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  667.614652][T10029] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  667.813556][T10029] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  667.968323][T10029] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  668.008967][T10029] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  668.245825][ T5625] Bluetooth: hci5: command tx timeout
[  669.009929][T10029] 8021q: adding VLAN 0 to HW filter on device bond0
[  669.107128][T10029] 8021q: adding VLAN 0 to HW filter on device team0
[  669.125423][ T1176] bridge0: port 1(bridge_slave_0) entered blocking state
[  669.132818][ T1176] bridge0: port 1(bridge_slave_0) entered forwarding state
[  669.183162][ T1176] bridge0: port 2(bridge_slave_1) entered blocking state
[  669.183910][ T1176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  670.780090][   T12] bridge_slave_1: left allmulticast mode
[  670.780303][   T12] bridge_slave_1: left promiscuous mode
[  670.814685][T10161] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1428'.
[  670.814732][T10161] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1428'.
[  670.814747][T10161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1428'.
[  670.887527][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  672.142926][   T12] bridge_slave_0: left allmulticast mode
[  672.142961][   T12] bridge_slave_0: left promiscuous mode
[  672.143208][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.259215][T10203] netlink: 'syz.2.1436': attribute type 2 has an invalid length.
[  674.259279][T10203] netlink: 'syz.2.1436': attribute type 1 has an invalid length.
[  675.686698][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  675.787354][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  675.831704][   T12] bond0 (unregistering): Released all slaves
[  676.133708][   T12] bond1 (unregistering): Released all slaves
[  676.303100][ T5268] 8021q: adding VLAN 0 to HW filter on device eth1
[  677.423397][T10241] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1453'.
[  677.480148][T10213] bridge0: port 2(bridge_slave_1) entered disabled state
[  677.480404][T10213] bridge0: port 1(bridge_slave_0) entered disabled state
[  678.177716][T10213] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  678.183566][T10213] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  679.196359][T10213] ip6gretap0: left allmulticast mode
[  679.237116][T10213] macvtap1: left promiscuous mode
[  679.237145][T10213] macvtap1: left allmulticast mode
[  679.425254][ T1506] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  679.443590][ T1506] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  679.445376][ T1506] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  679.451257][ T1506] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  681.075683][T10029] 8021q: adding VLAN 0 to HW filter on device batadv0
[  681.684731][ T5268] 8021q: adding VLAN 0 to HW filter on device eth2
[  682.731670][T10029] veth0_vlan: entered promiscuous mode
[  682.910612][   T12] hsr_slave_0: left promiscuous mode
[  682.945677][   T12] hsr_slave_1: left promiscuous mode
[  682.946875][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  683.090949][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  686.070457][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  686.070522][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  686.646876][   T12] team0 (unregistering): Port device team_slave_1 removed
[  687.160488][   T12] team0 (unregistering): Port device team_slave_0 removed
[  687.475409][ T5268] 8021q: adding VLAN 0 to HW filter on device eth3
[  687.511325][T10029] veth1_vlan: entered promiscuous mode
[  687.603028][T10029] veth0_macvtap: entered promiscuous mode
[  687.661156][T10029] veth1_macvtap: entered promiscuous mode
[  687.822621][T10029] batman_adv: batadv0: Interface activated: batadv_slave_0
[  687.928613][T10029] batman_adv: batadv0: Interface activated: batadv_slave_1
[  687.991066][   T69] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  687.991719][   T69] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  688.006887][   T69] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  688.016156][   T69] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  688.670452][ T5739] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  688.907320][ T5739] usb 3-1: not running at top speed; connect to a high speed hub
[  688.975424][ T5739] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  688.975460][ T5739] usb 3-1: config 1 interface 0 has no altsetting 0
[  688.986178][ T5739] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  688.986206][ T5739] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.986225][ T5739] usb 3-1: Manufacturer: ј
[  688.986240][ T5739] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  689.240440][ T1506] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.240461][ T1506] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  689.339355][T10401] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1501'.
[  689.339417][T10401] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1501'.
[  689.339433][T10401] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1501'.
[  689.652916][T10413] warning: `syz.2.1501' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  689.973540][ T5268] 8021q: adding VLAN 0 to HW filter on device eth4
[  690.037543][ T1506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  690.037564][ T1506] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  692.319407][ T5739] usbhid 3-1:1.0: can't add hid device: -71
[  692.319537][ T5739] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  692.380834][ T5739] usb 3-1: USB disconnect, device number 2
[  692.492522][   T12] IPVS: stop unused estimator thread 0...
[  695.695310][T10483] smbdirect: ib_dev[syz2] renamed to [syz0]
[  709.922507][T10754] fuse: Unknown parameter 'group_i00000000000000000000'
[  710.652230][T10758] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1609'.
[  711.645736][ T5595] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  711.801931][T10772] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1615'.
[  711.957854][T10772] macvtap1: entered promiscuous mode
[  711.957881][T10772] bridge0: entered promiscuous mode
[  711.959507][T10772] macvtap1: entered allmulticast mode
[  711.959525][T10772] bridge0: entered allmulticast mode
[  712.573753][ T5595] usb 6-1: unable to get BOS descriptor or descriptor too short
[  712.594191][ T5595] usb 6-1: unable to read config index 0 descriptor/start: -71
[  712.594234][ T5595] usb 6-1: can't read configurations, error -71
[  720.178332][T10841] fuse: Unknown parameter 'group_id00000000000000000000'
[  720.758414][T10846] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1640'.
[  724.965964][ T6237] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  726.168608][ T6237] usb 3-1: not running at top speed; connect to a high speed hub
[  726.169866][ T6237] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  726.169902][ T6237] usb 3-1: config 1 interface 0 has no altsetting 0
[  726.173364][ T6237] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  726.173395][ T6237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  726.173417][ T6237] usb 3-1: Manufacturer: ј
[  726.173432][ T6237] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  726.461925][T10880] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1655'.
[  726.462005][T10880] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1655'.
[  726.462021][T10880] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1655'.
[  727.989220][ T6237] usbhid 3-1:1.0: can't add hid device: -71
[  727.989347][ T6237] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  728.012687][ T6237] usb 3-1: USB disconnect, device number 3
[  728.833716][T10931] fuse: Unknown parameter 'group_id00000000000000000000'
[  733.444998][ T5595] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  733.909623][ T5595] usb 3-1: not running at top speed; connect to a high speed hub
[  733.911821][ T5595] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  733.911854][ T5595] usb 3-1: config 1 interface 0 has no altsetting 0
[  733.949280][ T5595] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  733.949334][ T5595] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.949357][ T5595] usb 3-1: Manufacturer: ј
[  733.949373][ T5595] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  734.193856][T10967] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1685'.
[  734.214281][T10967] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1685'.
[  734.214307][T10967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1685'.
[  734.606704][T10989] fuse: fd is not a fuse device
[  734.619705][T10989] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1692'.
[  736.043083][ T5595] usbhid 3-1:1.0: can't add hid device: -71
[  736.043202][ T5595] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  736.070402][ T5595] usb 3-1: USB disconnect, device number 4
[  736.151105][T11000] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1697'.
[  738.068856][T11029] netlink: 'syz.4.1707': attribute type 1 has an invalid length.
[  739.314409][T11041] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1712'.
[  739.314471][T11041] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1712'.
[  739.314487][T11041] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1712'.
[  742.104664][T11071] fuse: Bad value for 'user_id'
[  742.104727][T11071] fuse: Bad value for 'user_id'
[  742.846168][T11076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1721'.
[  743.150025][T11082] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1724'.
[  743.174772][T11082] ip6gretap0: entered promiscuous mode
[  743.175052][T11082] macvtap2: entered promiscuous mode
[  743.175226][T11082] macvtap2: entered allmulticast mode
[  743.175240][T11082] ip6gretap0: entered allmulticast mode
[  745.202172][T11106] fuse: Bad value for 'user_id'
[  745.202192][T11106] fuse: Bad value for 'user_id'
[  747.334057][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  747.334121][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  753.059642][T11189] autofs: Unknown parameter 'fd0x0000000000000000'
[  753.136865][T11189] tmpfs: Bad value for 'mpol'
[  757.024636][T11232] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  760.034882][T11286] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  760.595077][T11305] fuse: Bad value for 'fd'
[  761.128718][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1807'.
[  767.129280][T11360] fuse: Invalid rootmode
[  767.912204][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1825'.
[  769.302059][ T5625] Bluetooth: hci5: ISO packet for unknown connection handle 0
[  772.006857][T11412] fuse: Invalid rootmode
[  772.528992][T11417] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1841'.
[  773.800598][T11429] faux_driver vgem: [drm] Unknown color mode 7; guessing buffer size.
[  774.029435][T11438] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1849'.
[  777.225453][ T5625] Bluetooth: hci5: ISO packet for unknown connection handle 0
[  780.483674][T11503] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1876'.
[  780.501449][T11503] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1876'.
[  781.264435][ T5625] Bluetooth: hci5: ISO packet for unknown connection handle 0
[  783.866579][T11538] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1890'.
[  783.867212][T11538] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1890'.
[  784.420709][T11540] bridge0: port 2(bridge_slave_1) entered disabled state
[  784.421243][T11540] bridge0: port 1(bridge_slave_0) entered disabled state
[  784.518157][ T4921] Bluetooth: hci4: ISO packet for unknown connection handle 0
[  785.515664][ T5625] Bluetooth: hci5: command 0x0406 tx timeout
[  785.788880][T11540] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  785.810165][T11540] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  787.168109][   T36] audit: type=1326 audit(1779919368.224:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11582 comm="syz.5.1907" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x0
[  788.046774][T11540] syz_tun: left allmulticast mode
[  788.085713][T11540] macvtap1: left promiscuous mode
[  788.085742][T11540] macvtap1: left allmulticast mode
[  788.136516][T11540] ip6gretap0: left allmulticast mode
[  788.176146][T11540] macvtap2: left promiscuous mode
[  788.176175][T11540] macvtap2: left allmulticast mode
[  788.219725][ T6237] lo speed is unknown, defaulting to 1000
[  788.219904][ T6237] syz0: Port: 1 Link DOWN
[  788.230362][ T1516] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  788.230575][ T1516] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  788.230618][ T1516] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  788.230658][ T1516] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  788.866447][ T8245] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  789.555683][ T8245] usb 6-1: Using ep0 maxpacket: 32
[  789.558467][ T8245] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  789.558530][ T8245] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  789.558559][ T8245] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  789.558589][ T8245] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  789.562239][ T8245] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  789.562268][ T8245] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.562290][ T8245] usb 6-1: Product: syz
[  789.562306][ T8245] usb 6-1: Manufacturer: syz
[  789.562322][ T8245] usb 6-1: SerialNumber: syz
[  789.696666][T11611] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1920'.
[  789.725947][    C0] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  789.756441][T11611] macvtap3: entered promiscuous mode
[  789.756685][T11611] macvtap3: entered allmulticast mode
[  789.756706][T11611] ip6gretap0: entered allmulticast mode
[  789.756928][ T8245] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/input/input17
[  789.935876][ T8245] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  789.935896][ T8245]  (id 0x00)
[  791.125631][ T8245] rc_core: IR keymap rc-imon-pad not found
[  791.125653][ T8245] Registered IR keymap rc-empty
[  791.125734][ T8245] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  791.125752][ T8245] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  791.200369][ T8245] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/rc/rc0
[  791.225138][ T8245] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/rc/rc0/input18
[  791.272902][ T8245] imon 6-1:155.0: iMON device (15c2:ffdc, intf0) on usb<6:4> initialized
[  791.948646][T11604] imon:send_packet: task interrupted
[  791.948754][T11604] imon:send_packet: packet tx failed (-512)
[  791.948874][T11604] imon:vfd_write: send packet #1 failed
[  791.951090][T11604] imon:send_packet: packet tx failed (-32)
[  791.966162][T11604] imon:vfd_write: send packet #0 failed
[  792.320341][T10806] usb 6-1: USB disconnect, device number 4
[  792.692914][T11638] ip6gretap0: left allmulticast mode
[  792.715798][T11638] macvtap3: left promiscuous mode
[  792.715827][T11638] macvtap3: left allmulticast mode
[  793.333956][ T5625] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  796.615194][T11695] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1951'.
[  796.615256][T11695] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1951'.
[  796.615272][T11695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1951'.
[  800.444735][T11739] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  801.833208][ T5625] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  803.450846][T11765] No control pipe specified
[  804.014167][T11768] tmpfs: Bad value for 'mpol'
[  804.703869][T11793] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1984'.
[  804.756729][   T36] audit: type=1326 audit(1779919385.814:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11795 comm="syz.4.1990" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f261602ce59 code=0x0
[  807.745746][T11825] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2001'.
[  809.514748][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  809.514818][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  810.258073][T11853] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2011'.
[  811.654653][T11873] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2019'.
[  819.461016][T11951] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2050'.
[  819.884492][T11958] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2054'.
[  824.853380][T12013] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2076'.
[  827.231281][T12046] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2091'.
[  830.091464][T12080] fuse: Bad value for 'fd'
[  834.893831][T12147] fuse: Unknown parameter 'grou00000000000000000000'
[  843.108877][T12248] fuse: fd is not a fuse device
[  843.133877][T12248] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2169'.
[  846.464112][T12268] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2176'.
[  846.464183][T12268] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2176'.
[  849.580327][T12304] fuse: fd is not a fuse device
[  850.073534][T12317] fuse: Bad value for 'fd'
[  850.774741][T12322] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2196'.
[  852.370177][ T4921] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  852.385243][ T4921] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  852.427833][ T4921] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  852.429613][ T4921] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  852.430467][ T4921] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  852.991175][T12348] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2203'.
[  852.991222][T12348] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2203'.
[  854.497803][ T4921] Bluetooth: hci3: command tx timeout
[  854.713428][T12350] bridge0: port 2(bridge_slave_1) entered disabled state
[  854.733787][T12350] bridge0: port 1(bridge_slave_0) entered disabled state
[  855.125913][T12350] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  855.131855][T12350] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  855.728589][T12350] bridge0: left allmulticast mode
[  855.745878][T12350] macvtap1: left promiscuous mode
[  855.745909][T12350] macvtap1: left allmulticast mode
[  855.780526][T12366] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  855.788931][ T1475] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  855.790510][ T1475] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  855.790558][ T1475] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  855.790598][ T1475] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  856.211083][   T43] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.528527][T12395] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2217'.
[  856.528713][T12395] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2217'.
[  856.570013][ T4921] Bluetooth: hci3: command tx timeout
[  857.547862][T12332] lo speed is unknown, defaulting to 1000
[  857.702758][T12402] fuse: fd is not a fuse device
[  858.994942][ T4921] Bluetooth: hci3: command tx timeout
[  859.090037][   T43] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.425267][T12415] fuse: Bad value for 'fd'
[  860.303232][T12419] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2224'.
[  861.021463][   T43] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.035654][ T4921] Bluetooth: hci3: command tx timeout
[  861.419738][   T43] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.833609][T12332] bridge0: port 1(bridge_slave_0) entered blocking state
[  862.833822][T12332] bridge0: port 1(bridge_slave_0) entered disabled state
[  862.834019][T12332] bridge_slave_0: entered allmulticast mode
[  862.846202][T12332] bridge_slave_0: entered promiscuous mode
[  862.854750][T12332] bridge0: port 2(bridge_slave_1) entered blocking state
[  862.855325][T12332] bridge0: port 2(bridge_slave_1) entered disabled state
[  862.859898][T12332] bridge_slave_1: entered allmulticast mode
[  862.862671][T12332] bridge_slave_1: entered promiscuous mode
[  862.926252][T12332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  862.931016][T12332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  862.977817][T12332] team0: Port device team_slave_0 added
[  862.982743][T12332] team0: Port device team_slave_1 added
[  863.163386][T12332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  863.163401][T12332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  863.163424][T12332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  863.218640][   T36] audit: type=1326 audit(1779919444.264:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.218697][   T36] audit: type=1326 audit(1779919444.264:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.218757][   T36] audit: type=1326 audit(1779919444.264:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.218800][   T36] audit: type=1326 audit(1779919444.264:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.218841][   T36] audit: type=1326 audit(1779919444.274:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.218911][   T36] audit: type=1326 audit(1779919444.274:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.218977][   T36] audit: type=1326 audit(1779919444.274:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.219023][   T36] audit: type=1326 audit(1779919444.274:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.219094][   T36] audit: type=1326 audit(1779919444.274:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12442 comm="syz.5.2230" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa3ab38ce59 code=0x7ffc0000
[  863.372261][T12332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  863.372306][T12332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  863.372388][T12332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  863.691654][T12447] fuse: Invalid rootmode
[  864.803835][T12332] hsr_slave_0: entered promiscuous mode
[  864.805209][T12332] hsr_slave_1: entered promiscuous mode
[  864.806248][T12332] debugfs: 'hsr0' already exists in 'hsr'
[  864.806274][T12332] Cannot create hsr debugfs directory
[  865.362180][T12469] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2237'.
[  865.437946][T12465] fuse: Unknown parameter '0x0000000000000006'
[  865.477962][T12465] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2238'.
[  868.455952][   T43] bridge_slave_1: left allmulticast mode
[  868.456006][   T43] bridge_slave_1: left promiscuous mode
[  868.456203][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  868.640434][   T43] bridge_slave_0: left allmulticast mode
[  868.640469][   T43] bridge_slave_0: left promiscuous mode
[  868.640719][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  870.126250][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  870.126322][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  870.612035][T12500] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2249'.
[  870.626558][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  870.720035][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  870.854588][   T43] bond0 (unregistering): Released all slaves
[  871.294913][T12500] macvtap4: entered promiscuous mode
[  871.295161][T12500] macvtap4: entered allmulticast mode
[  871.295181][T12500] ip6gretap0: entered allmulticast mode
[  871.861142][T12515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2252'.
[  875.032045][ T5268] 8021q: adding VLAN 0 to HW filter on device eth5
[  875.147570][ T8245] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  875.299349][ T8245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  875.299382][ T8245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 10
[  875.299440][ T8245] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  875.299464][ T8245] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  875.429136][ T8245] usb 3-1: config 0 descriptor??
[  877.838299][ T8245] ath6kl: Failed to submit usb control message: -71
[  877.838366][ T8245] ath6kl: unable to send the bmi data to the device: -71
[  877.838381][ T8245] ath6kl: Unable to send get target info: -71
[  877.841766][ T8245] ath6kl: Failed to init ath6kl core: -71
[  877.919255][ T8245] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[  877.995303][ T8245] usb 3-1: USB disconnect, device number 5
[  878.887537][ T6237] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  878.943824][   T43] hsr_slave_0: left promiscuous mode
[  878.968290][   T43] hsr_slave_1: left promiscuous mode
[  878.969244][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  879.011634][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[  879.065212][T12584] netlink: 260 bytes leftover after parsing attributes in process `syz.5.2268'.
[  879.065277][T12584] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2268'.
[  879.065295][T12584] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2268'.
[  879.186440][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  879.186469][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[  880.843828][   T43] veth1_macvtap: left promiscuous mode
[  880.844060][   T43] veth0_macvtap: left promiscuous mode
[  880.859187][   T43] veth1_vlan: left promiscuous mode
[  880.859716][   T43] veth0_vlan: left promiscuous mode
[  883.114227][ T6237] usb 6-1: unable to read config index 0 descriptor/start: -71
[  883.114256][ T6237] usb 6-1: can't read configurations, error -71
[  887.208251][   T43] team0 (unregistering): Port device team_slave_1 removed
[  887.267500][   T43] team0 (unregistering): Port device team_slave_0 removed
[  892.060451][ T5732] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  892.250622][T12678] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2298'.
[  892.250683][T12678] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2298'.
[  892.250778][T12678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2298'.
[  893.536697][T12332] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  893.899176][T12332] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  893.969323][T12332] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  894.007185][T12332] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  894.008925][T12332] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  894.109734][T12332] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  894.110280][T12705] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2302'.
[  894.142500][T12332] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  894.308904][ T5732] usb 3-1: unable to read config index 0 descriptor/start: -71
[  894.308946][ T5732] usb 3-1: can't read configurations, error -71
[  894.414833][T12332] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  895.320509][T12731] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2307'.
[  897.884321][T12332] 8021q: adding VLAN 0 to HW filter on device bond0
[  897.969147][T12332] 8021q: adding VLAN 0 to HW filter on device team0
[  898.015816][ T1475] bridge0: port 1(bridge_slave_0) entered blocking state
[  898.016047][ T1475] bridge0: port 1(bridge_slave_0) entered forwarding state
[  898.058914][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  898.059049][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  898.276133][T12750] ip6gretap0: left allmulticast mode
[  898.298840][T12750] macvtap4: left promiscuous mode
[  898.298868][T12750] macvtap4: left allmulticast mode
[  899.407880][T12780] netlink: 260 bytes leftover after parsing attributes in process `syz.4.2316'.
[  899.407942][T12780] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2316'.
[  899.407958][T12780] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2316'.
[  900.257678][T12332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  900.439087][T12332] veth0_vlan: entered promiscuous mode
[  900.499105][T12332] veth1_vlan: entered promiscuous mode
[  900.545342][T12332] veth0_macvtap: entered promiscuous mode
[  900.557510][T12332] veth1_macvtap: entered promiscuous mode
[  900.584331][T12332] batman_adv: batadv0: Interface activated: batadv_slave_0
[  900.606057][T12332] batman_adv: batadv0: Interface activated: batadv_slave_1
[  900.623550][ T1176] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  900.625018][ T1176] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  900.625065][ T1176] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  900.625106][ T1176] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  901.467147][ T1176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  901.467168][ T1176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  901.643533][ T1581] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  901.643549][ T1581] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  902.035601][T10806] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  902.208522][T10806] usb 6-1: Using ep0 maxpacket: 32
[  902.222242][T10806] usb 6-1: unable to get BOS descriptor or descriptor too short
[  902.223609][T10806] usb 6-1: config 8 has an invalid interface number: 201 but max is 0
[  902.223636][T10806] usb 6-1: config 8 has no interface number 0
[  902.223669][T10806] usb 6-1: config 8 interface 201 has no altsetting 0
[  902.258775][T10806] usb 6-1: New USB device found, idVendor=15f4, idProduct=0131, bcdDevice=46.ec
[  902.258808][T10806] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  902.258830][T10806] usb 6-1: Product: syz
[  902.258845][T10806] usb 6-1: Manufacturer: syz
[  902.258861][T10806] usb 6-1: SerialNumber: syz
[  902.298665][T12814] lo speed is unknown, defaulting to 1000
[  902.734507][T10806] usb 6-1: USB disconnect, device number 7
[  904.583685][T12842] fuse: Bad value for 'fd'
[  906.375618][   T10] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  906.539093][   T10] usb 3-1: not running at top speed; connect to a high speed hub
[  906.540520][   T10] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  906.540553][   T10] usb 3-1: config 1 interface 0 has no altsetting 0
[  906.543613][   T10] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  906.543634][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  906.543648][   T10] usb 3-1: Manufacturer: ј
[  906.543659][   T10] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  907.733462][T12857] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2344'.
[  907.733613][T12857] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2344'.
[  907.733630][T12857] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2344'.
[  907.875643][T12876] sch_tbf: peakrate 5120 is lower than or equals to rate 8685267992437059811 !
[  908.045059][T12876] lo speed is unknown, defaulting to 1000
[  908.602303][T12886] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2355'.
[  909.461323][   T10] usbhid 3-1:1.0: can't add hid device: -71
[  909.461440][   T10] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  909.547808][   T10] usb 3-1: USB disconnect, device number 8
[  909.604776][ T5608] udevd[5608]: setting owner of /dev/bus/usb/003/008 to uid=0, gid=0 failed: No such file or directory
[  910.216392][T12904] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2363'.
[  910.925305][T12897] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  910.932930][T12897] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  910.962730][T12897] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  910.963030][T12897] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  910.975695][T12897] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  911.125113][T12897] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  911.132801][T12897] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  911.279568][T12897] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  912.668716][ T4921] Bluetooth: hci1: command 0x0406 tx timeout
[  912.955718][ T4921] Bluetooth: hci2: command 0x0406 tx timeout
[  913.035679][ T4921] Bluetooth: hci5: command 0x0406 tx timeout
[  913.035687][ T5625] Bluetooth: hci4: command 0x0406 tx timeout
[  913.195654][ T4921] Bluetooth: hci3: command 0x0c1a tx timeout
[  914.573424][T12940] lo speed is unknown, defaulting to 1000
[  915.040851][ T5625] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  915.099335][ T5625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  915.102161][ T5625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  915.103556][ T5625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  915.106036][ T5625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  915.138760][ T5625] Bluetooth: hci5: command 0x0406 tx timeout
[  915.275569][ T5625] Bluetooth: hci3: command 0x0c1a tx timeout
[  917.217213][ T5625] Bluetooth: hci0: command tx timeout
[  917.355924][ T5625] Bluetooth: hci3: command 0x0c1a tx timeout
[  918.095606][T10806] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  918.245675][T10806] usb 6-1: Using ep0 maxpacket: 8
[  918.248095][T10806] usb 6-1: config 186 has an invalid interface number: 209 but max is 2
[  918.248122][T10806] usb 6-1: config 186 has an invalid interface number: 78 but max is 2
[  918.248143][T10806] usb 6-1: config 186 has an invalid interface number: 161 but max is 2
[  918.248163][T10806] usb 6-1: config 186 has no interface number 0
[  918.248179][T10806] usb 6-1: config 186 has no interface number 1
[  918.248197][T10806] usb 6-1: config 186 has no interface number 2
[  918.248362][T10806] usb 6-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[  918.248387][T10806] usb 6-1: config 186 interface 209 altsetting 132 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  918.248415][T10806] usb 6-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[  918.248437][T10806] usb 6-1: config 186 interface 209 altsetting 132 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  918.248464][T10806] usb 6-1: config 186 interface 209 altsetting 132 has an endpoint descriptor with address 0x91, changing to 0x81
[  918.248490][T10806] usb 6-1: config 186 interface 209 altsetting 132 endpoint 0x81 has invalid maxpacket 23158, setting to 64
[  918.248518][T10806] usb 6-1: config 186 interface 209 altsetting 132 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[  918.248558][T10806] usb 6-1: config 186 interface 78 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  918.248595][T10806] usb 6-1: config 186 interface 209 has no altsetting 0
[  918.248613][T10806] usb 6-1: config 186 interface 78 has no altsetting 0
[  918.248631][T10806] usb 6-1: config 186 interface 161 has no altsetting 0
[  918.251708][T10806] usb 6-1: New USB device found, idVendor=046d, idProduct=08d8, bcdDevice= 9.d0
[  918.251737][T10806] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  918.251757][T10806] usb 6-1: Product: syz
[  918.251772][T10806] usb 6-1: Manufacturer: 繊륶
[  918.251786][T10806] usb 6-1: SerialNumber: syz
[  918.553394][   T56] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  918.852742][T10806] rndis_host 6-1:186.161: skipping garbage
[  918.852758][T10806] rndis_host 6-1:186.161: skipping garbage
[  918.852772][T10806] rndis_host 6-1:186.161: rndis: master #0/0000000000000000 slave #1/0000000000000000
[  918.902389][T10806] usb 6-1: USB disconnect, device number 8
[  919.030831][   T56] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  919.112198][T12954] lo speed is unknown, defaulting to 1000
[  919.275540][ T5625] Bluetooth: hci0: command tx timeout
[  919.747257][   T36] audit: type=1326 audit(1779919500.804:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43610ece59 code=0x7ffc0000
[  919.748095][   T36] audit: type=1326 audit(1779919500.804:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43610ece59 code=0x7ffc0000
[  919.748146][   T36] audit: type=1326 audit(1779919500.804:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43610ece59 code=0x7ffc0000
[  919.748679][   T36] audit: type=1326 audit(1779919500.804:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43610ece59 code=0x7ffc0000
[  919.748743][   T36] audit: type=1326 audit(1779919500.804:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f43610ece59 code=0x7ffc0000
[  919.813726][   T36] audit: type=1326 audit(1779919500.854:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f43610ad68e code=0x7ffc0000
[  919.842889][   T36] audit: type=1326 audit(1779919500.884:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f43610ad68e code=0x7ffc0000
[  919.879402][   T36] audit: type=1326 audit(1779919500.924:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f43610ad68e code=0x7ffc0000
[  919.982798][   T36] audit: type=1326 audit(1779919500.934:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f43610ad68e code=0x7ffc0000
[  919.982855][   T36] audit: type=1326 audit(1779919501.034:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12995 comm="syz.1.2391" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f43610ad68e code=0x7ffc0000
[  920.045046][   T56] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  920.315568][T10806] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  920.735856][T10806] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  920.735891][T10806] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  920.735915][T10806] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  920.735960][T10806] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  920.735985][T10806] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.894737][T10806] usb 6-1: config 0 descriptor??
[  921.357555][ T5625] Bluetooth: hci0: command tx timeout
[  921.439546][   T56] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  923.435642][ T5625] Bluetooth: hci0: command tx timeout
[  923.762327][T13024] fuse: Bad value for 'fd'
[  923.952260][T10806] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  924.100822][T13030] binder: 13029:13030 ioctl c0306201 0 returned -14
[  924.185604][T12954] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.185784][T12954] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.186025][T12954] bridge_slave_0: entered allmulticast mode
[  924.189899][T12954] bridge_slave_0: entered promiscuous mode
[  924.231017][T12954] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.231292][T12954] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.231537][T12954] bridge_slave_1: entered allmulticast mode
[  924.234425][T12954] bridge_slave_1: entered promiscuous mode
[  924.383396][T10806] usb 6-1: USB disconnect, device number 9
[  924.711795][T12954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  924.748667][T12954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  925.293493][T13021] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  925.293753][T13021] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  925.293964][T13021] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  925.294138][T13021] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  925.294344][T13021] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  925.294423][T13021] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  925.380384][T12954] team0: Port device team_slave_0 added
[  925.404745][T12954] team0: Port device team_slave_1 added
[  925.429519][T13021] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  925.487576][T13036] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2399'.
[  925.715980][   T56] bridge_slave_1: left allmulticast mode
[  925.716020][   T56] bridge_slave_1: left promiscuous mode
[  925.716296][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  925.893309][   T56] bridge_slave_0: left allmulticast mode
[  925.893347][   T56] bridge_slave_0: left promiscuous mode
[  925.893618][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  925.995580][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[  927.397100][ T5625] Bluetooth: hci0: command 0x0c1a tx timeout
[  927.397401][ T5625] Bluetooth: hci3: command 0x0c1a tx timeout
[  927.397434][ T5625] Bluetooth: hci4: command 0x0406 tx timeout
[  927.755562][T10030] Bluetooth: hci5: command 0x0406 tx timeout
[  929.532830][T10030] Bluetooth: hci0: command 0x0c1a tx timeout
[  930.276840][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  930.357745][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  930.417914][   T56] bond0 (unregistering): Released all slaves
[  930.446679][   T56] bond1 (unregistering): Released all slaves
[  930.689003][T12954] batman_adv: batadv0: Adding interface: batadv_slave_0
[  930.689021][T12954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  930.689050][T12954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  930.692861][T12954] batman_adv: batadv0: Adding interface: batadv_slave_1
[  930.692877][T12954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  930.692907][T12954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  931.004521][   T56] tipc: Left network mode
[  931.055389][T12954] hsr_slave_0: entered promiscuous mode
[  931.059862][T12954] hsr_slave_1: entered promiscuous mode
[  931.154706][   T56] rxrpc: Call ffff8880362b2300 still in use (1,Complete,1409,0)!
[  931.519149][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  931.519220][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  931.585300][T13080] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2411'.
[  931.595552][T10030] Bluetooth: hci0: command 0x0c1a tx timeout
[  932.558138][ T5268] 8021q: adding VLAN 0 to HW filter on device eth5
[  936.473045][T13125] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2419'.
[  936.787563][T13128] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2420'.
[  937.765801][ T5739] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  937.918307][ T5739] usb 3-1: not running at top speed; connect to a high speed hub
[  937.939837][ T5739] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  937.939875][ T5739] usb 3-1: config 1 interface 0 has no altsetting 0
[  937.973118][ T5739] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[  937.973150][ T5739] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  937.973175][ T5739] usb 3-1: Manufacturer: ј
[  937.973192][ T5739] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[  938.321673][T13138] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2423'.
[  938.322226][T13138] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2423'.
[  938.322243][T13138] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2423'.
[  938.639372][T12954] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  938.721634][T12954] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  938.772914][T12954] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  939.063168][T12954] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  939.075004][T12954] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  939.277716][T12954] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  939.287135][T12954] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  939.371864][T12954] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  940.447374][T12954] 8021q: adding VLAN 0 to HW filter on device bond0
[  940.697358][ T5739] usbhid 3-1:1.0: can't add hid device: -71
[  940.697493][ T5739] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  940.745937][ T5739] usb 3-1: USB disconnect, device number 9
[  940.871223][T12954] 8021q: adding VLAN 0 to HW filter on device team0
[  940.911346][T13063] udevd[13063]: setting mode of /dev/bus/usb/003/009 to 020664 failed: No such file or directory
[  940.911528][T13063] udevd[13063]: setting owner of /dev/bus/usb/003/009 to uid=0, gid=0 failed: No such file or directory
[  941.112461][ T1581] bridge0: port 1(bridge_slave_0) entered blocking state
[  941.112726][ T1581] bridge0: port 1(bridge_slave_0) entered forwarding state
[  941.252844][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  941.253017][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  946.977832][T12954] 8021q: adding VLAN 0 to HW filter on device batadv0
[  947.239127][T12954] veth0_vlan: entered promiscuous mode
[  947.281907][T12954] veth1_vlan: entered promiscuous mode
[  947.521442][T12954] veth0_macvtap: entered promiscuous mode
[  947.570083][T12954] veth1_macvtap: entered promiscuous mode
[  947.721252][T12954] batman_adv: batadv0: Interface activated: batadv_slave_0
[  947.767530][T12954] batman_adv: batadv0: Interface activated: batadv_slave_1
[  947.814895][   T67] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  947.815196][   T67] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  947.815238][   T67] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  947.815278][   T67] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  948.503932][T13217] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  948.636528][T13217] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  948.661797][T13217] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  948.667428][T13217] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  948.667935][T13217] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  948.806722][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[  949.015259][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  949.015283][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  949.324362][ T1475] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  949.324386][ T1475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  950.728767][ T5625] Bluetooth: hci3: command 0x0c1a tx timeout
[  950.728842][ T5625] Bluetooth: hci5: command 0x0406 tx timeout
[  950.728871][ T5625] Bluetooth: hci4: command 0x0406 tx timeout
[  951.243815][ T5625] Bluetooth: hci0: command 0x0c1a tx timeout
[  953.197411][T13266] fuse: fd is not a fuse device
[  953.226883][T13266] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2443'.
[  953.646592][ T5595] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  953.965630][ T5595] usb 4-1: Using ep0 maxpacket: 8
[  953.968024][ T5595] usb 4-1: config 186 has an invalid interface number: 209 but max is 2
[  953.968054][ T5595] usb 4-1: config 186 has an invalid interface number: 78 but max is 2
[  953.968076][ T5595] usb 4-1: config 186 has an invalid interface number: 161 but max is 2
[  953.968098][ T5595] usb 4-1: config 186 has no interface number 0
[  953.968115][ T5595] usb 4-1: config 186 has no interface number 1
[  953.968137][ T5595] usb 4-1: config 186 has no interface number 2
[  953.968224][ T5595] usb 4-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[  953.968251][ T5595] usb 4-1: config 186 interface 209 altsetting 132 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  953.968282][ T5595] usb 4-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[  953.968306][ T5595] usb 4-1: config 186 interface 209 altsetting 132 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  953.968335][ T5595] usb 4-1: config 186 interface 209 altsetting 132 has an endpoint descriptor with address 0x91, changing to 0x81
[  953.968363][ T5595] usb 4-1: config 186 interface 209 altsetting 132 endpoint 0x81 has invalid maxpacket 23158, setting to 64
[  953.968392][ T5595] usb 4-1: config 186 interface 209 altsetting 132 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[  953.968435][ T5595] usb 4-1: config 186 interface 78 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  953.968474][ T5595] usb 4-1: config 186 interface 209 has no altsetting 0
[  953.968494][ T5595] usb 4-1: config 186 interface 78 has no altsetting 0
[  953.968513][ T5595] usb 4-1: config 186 interface 161 has no altsetting 0
[  953.971507][ T5595] usb 4-1: New USB device found, idVendor=046d, idProduct=08d8, bcdDevice= 9.d0
[  953.971537][ T5595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.971560][ T5595] usb 4-1: Product: syz
[  953.971577][ T5595] usb 4-1: Manufacturer: 繊륶
[  953.971592][ T5595] usb 4-1: SerialNumber: syz
[  954.716836][ T5595] rndis_host 4-1:186.161: skipping garbage
[  954.716860][ T5595] rndis_host 4-1:186.161: skipping garbage
[  954.716875][ T5595] rndis_host 4-1:186.161: rndis: master #0/0000000000000000 slave #1/0000000000000000
[  955.753856][ T5595] usb 4-1: USB disconnect, device number 9
[  959.832820][T13297] bridge0: port 2(bridge_slave_1) entered disabled state
[  959.834345][T13297] bridge0: port 1(bridge_slave_0) entered disabled state
[  960.242687][T13312] fuse: fd is not a fuse device
[  960.304951][T13312] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2456'.
[  961.343502][T13317] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2457'.
[  962.761239][T13297] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  962.829081][T13297] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  964.046594][   T12] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  964.145933][   T12] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  964.153113][   T12] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  964.153335][   T12] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  969.259428][T13372] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2473'.
[  970.965357][T13388] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2476'.
[  971.035122][T13389] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2477'.
[  971.035146][T13389] tipc: Started in network mode
[  971.035162][T13389] tipc: Node identity 9, cluster identity 4711
[  971.035174][T13389] tipc: Node number set to 9
[  972.448546][T13404] loop2: detected capacity change from 0 to 7
[  973.406581][T13404]  loop2: p1
[  973.406636][T13404] loop2: partition table partially beyond EOD, truncated
[  973.421540][T13404] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  976.598081][T13063] udevd[13063]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  976.731118][T13419] bridge0: port 2(bridge_slave_1) entered disabled state
[  976.732154][T13419] bridge0: port 1(bridge_slave_0) entered disabled state
[  977.404875][T13419] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  977.451126][T13419] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  978.902113][T13439] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2491'.
[  978.965294][   T69] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  979.106014][   T69] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  979.132118][   T69] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  979.132176][   T69] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  979.244760][T13424] lo speed is unknown, defaulting to 1000
[  981.865991][T13450] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  981.868928][T13450] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  981.869163][T13450] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  981.869353][T13450] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  981.869538][T13450] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  983.653561][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[  983.915556][T12958] Bluetooth: hci0: command 0x0c1a tx timeout
[  983.915599][T12958] Bluetooth: hci3: command 0x0c1a tx timeout
[  983.915628][T12958] Bluetooth: hci4: command 0x0406 tx timeout
[  983.915699][ T5625] Bluetooth: hci5: command 0x0406 tx timeout
[  984.060357][T13473] lo speed is unknown, defaulting to 1000
[  985.863825][T13492] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2505'.
[  986.095619][ T6237] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  987.324885][ T6237] usb 3-1: unable to get BOS descriptor or descriptor too short
[  987.326966][ T6237] usb 3-1: unable to read config index 0 descriptor/start: -71
[  987.327003][ T6237] usb 3-1: can't read configurations, error -71
[  987.522351][T13502] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2509'.
[  988.089642][T13513] netlink: 260 bytes leftover after parsing attributes in process `syz.4.2511'.
[  988.089881][T13513] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2511'.
[  988.089901][T13513] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2511'.
[  988.641894][T13521] fuse: Invalid rootmode
[  989.035555][ T5595] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  989.185636][ T5595] usb 6-1: Using ep0 maxpacket: 8
[  989.190602][ T5595] usb 6-1: config 186 has an invalid interface number: 209 but max is 2
[  989.190643][ T5595] usb 6-1: config 186 has an invalid interface number: 78 but max is 2
[  989.190666][ T5595] usb 6-1: config 186 has an invalid interface number: 161 but max is 2
[  989.190689][ T5595] usb 6-1: config 186 has no interface number 0
[  989.190706][ T5595] usb 6-1: config 186 has no interface number 1
[  989.190724][ T5595] usb 6-1: config 186 has no interface number 2
[  989.190793][ T5595] usb 6-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[  989.190819][ T5595] usb 6-1: config 186 interface 209 altsetting 132 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  989.190848][ T5595] usb 6-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[  989.190872][ T5595] usb 6-1: config 186 interface 209 altsetting 132 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  989.190902][ T5595] usb 6-1: config 186 interface 209 altsetting 132 has an endpoint descriptor with address 0x91, changing to 0x81
[  989.190930][ T5595] usb 6-1: config 186 interface 209 altsetting 132 endpoint 0x81 has invalid maxpacket 23158, setting to 64
[  989.190959][ T5595] usb 6-1: config 186 interface 209 altsetting 132 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[  989.192140][ T5595] usb 6-1: config 186 interface 78 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  989.192188][ T5595] usb 6-1: config 186 interface 209 has no altsetting 0
[  989.192210][ T5595] usb 6-1: config 186 interface 78 has no altsetting 0
[  989.192230][ T5595] usb 6-1: config 186 interface 161 has no altsetting 0
[  989.303381][ T5595] usb 6-1: New USB device found, idVendor=046d, idProduct=08d8, bcdDevice= 9.d0
[  989.303405][ T5595] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  989.303420][ T5595] usb 6-1: Product: syz
[  989.303431][ T5595] usb 6-1: Manufacturer: 繊륶
[  989.303442][ T5595] usb 6-1: SerialNumber: syz
[  989.804355][ T5595] rndis_host 6-1:186.161: skipping garbage
[  989.804843][ T5595] rndis_host 6-1:186.161: skipping garbage
[  989.804864][ T5595] rndis_host 6-1:186.161: rndis: master #0/0000000000000000 slave #1/0000000000000000
[  989.877687][ T5595] usb 6-1: USB disconnect, device number 10
[  990.602549][T13547] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2523'.
[  992.958960][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  992.959021][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  993.125722][T13573] lo speed is unknown, defaulting to 1000
[ 1000.092153][T13641] fuse: Bad value for 'fd'
[ 1000.485121][T13631] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1000.493446][T13631] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1000.495579][T13631] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1000.507877][T13631] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1000.508097][T13631] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1000.816034][ T5595] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[ 1001.072801][ T5595] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1001.094853][ T5595] usb 6-1: unable to read config index 0 descriptor/start: -71
[ 1001.094882][ T5595] usb 6-1: can't read configurations, error -71
[ 1002.729818][T10030] Bluetooth: hci5: command 0x0406 tx timeout
[ 1002.729863][T10030] Bluetooth: hci4: command 0x0406 tx timeout
[ 1002.729954][ T5625] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1002.731258][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[ 1002.731868][ T5625] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1007.325624][ T5595] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[ 1007.349416][T13690] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2575'.
[ 1007.490305][ T5595] usb 4-1: not running at top speed; connect to a high speed hub
[ 1007.494810][ T5595] usb 4-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1007.494849][ T5595] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1007.518436][ T5595] usb 4-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1007.518468][ T5595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1007.518490][ T5595] usb 4-1: Manufacturer: ј
[ 1007.518505][ T5595] usb 4-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1007.963518][T13682] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2572'.
[ 1007.963571][T13682] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2572'.
[ 1007.963585][T13682] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2572'.
[ 1009.020331][ T5595] usbhid 4-1:1.0: can't add hid device: -71
[ 1009.020418][ T5595] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[ 1009.085653][ T5595] usb 4-1: USB disconnect, device number 10
[ 1013.506061][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xc95a
[ 1013.510371][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1016
[ 1013.517822][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x10000c8ad
[ 1013.517911][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[ 1013.527309][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xe1c6
[ 1013.531704][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xaa74
[ 1013.531788][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[ 1013.534430][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x85b
[ 1013.534510][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[ 1013.626780][T13733] kvm_intel: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x3187
[ 1013.628590][T13733] kvm: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x3187
[ 1013.630873][T13733] kvm_intel: kvm [13732]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x5149
[ 1040.095569][ T5595] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1040.245572][ T5595] usb 3-1: Using ep0 maxpacket: 32
[ 1040.247764][ T5595] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1040.247782][ T5595] usb 3-1: config 0 has no interfaces?
[ 1040.254001][ T5595] usb 3-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[ 1040.254031][ T5595] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1040.254054][ T5595] usb 3-1: Product: syz
[ 1040.254069][ T5595] usb 3-1: Manufacturer: syz
[ 1040.254086][ T5595] usb 3-1: SerialNumber: syz
[ 1040.339025][ T5595] usb 3-1: config 0 descriptor??
[ 1043.417665][ T5616] usb 3-1: USB disconnect, device number 12
[ 1046.011474][T14072] input: syz0 as /devices/virtual/input/input20
[ 1050.088033][T14125] input: syz0 as /devices/virtual/input/input21
[ 1051.127731][ T4988] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1052.475537][ T4988] usb 3-1: Using ep0 maxpacket: 16
[ 1052.544810][ T4988] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1052.544848][ T4988] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1052.544873][ T4988] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1052.544923][ T4988] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1052.544949][ T4988] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.607200][ T4988] usb 3-1: config 0 descriptor??
[ 1052.965588][ T5595] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[ 1053.128601][ T4988] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0002/input/input22
[ 1053.134314][ T5595] usb 6-1: not running at top speed; connect to a high speed hub
[ 1053.137805][ T5595] usb 6-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1053.137838][ T5595] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1053.160467][ T5595] usb 6-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1053.160572][ T5595] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1053.160626][ T5595] usb 6-1: Manufacturer: ј
[ 1053.160666][ T5595] usb 6-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1053.279437][ T4988] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1053.576634][T14147] netlink: 260 bytes leftover after parsing attributes in process `syz.5.2734'.
[ 1053.576699][T14147] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2734'.
[ 1053.576717][T14147] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2734'.
[ 1053.913829][   T10] usb 3-1: USB disconnect, device number 13
[ 1054.407484][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.407543][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.052484][T14171] binder_alloc: 14170: pid 14170 spamming oneway? 1 buffers allocated for a total size of 4096
[ 1056.783570][ T5595] usbhid 6-1:1.0: can't add hid device: -71
[ 1056.783657][ T5595] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[ 1056.852124][ T5595] usb 6-1: USB disconnect, device number 13
[ 1057.255658][ T4988] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1057.425635][ T5595] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1057.575511][ T5595] usb 6-1: Using ep0 maxpacket: 16
[ 1057.578348][ T5595] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1057.578384][ T5595] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1057.578409][ T5595] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1057.578454][ T5595] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1057.578479][ T5595] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.599651][ T4988] usb 3-1: Using ep0 maxpacket: 16
[ 1057.602113][ T4988] usb 3-1: config index 0 descriptor too short (expected 65316, got 36)
[ 1057.602141][ T4988] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1057.602163][ T4988] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 3
[ 1057.602202][ T4988] usb 3-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00
[ 1057.602227][ T4988] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.607916][ T4988] usb 3-1: config 0 descriptor??
[ 1058.570627][ T5595] usb 6-1: config 0 descriptor??
[ 1058.811922][T14202] vivid-000: disconnect
[ 1058.920058][ T5739] usb 3-1: USB disconnect, device number 14
[ 1058.934412][T14190] vivid-000: reconnect
[ 1059.000087][ T5595] usbhid 6-1:0.0: can't add hid device: -71
[ 1059.000213][ T5595] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1059.043156][ T5595] usb 6-1: USB disconnect, device number 14
[ 1061.095764][ T6237] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[ 1061.467033][ T6237] usb 3-1: not running at top speed; connect to a high speed hub
[ 1061.606018][ T6237] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1061.606058][ T6237] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1062.063645][ T6237] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1062.063675][ T6237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1062.063693][ T6237] usb 3-1: Manufacturer: ј
[ 1062.063707][ T6237] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1062.354595][T14222] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2761'.
[ 1062.354685][T14222] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2761'.
[ 1062.354703][T14222] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2761'.
[ 1063.565614][ T5616] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1063.731559][ T5616] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1063.731653][ T5616] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1063.731673][ T5616] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1063.800770][ T5616] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 1063.800805][ T5616] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 1063.800890][ T5616] usb 4-1: Product: syz
[ 1063.800907][ T5616] usb 4-1: Manufacturer: syz
[ 1063.800923][ T5616] usb 4-1: SerialNumber: syz
[ 1064.094679][ T6237] usbhid 3-1:1.0: can't add hid device: -71
[ 1064.095107][ T6237] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[ 1064.164545][ T6237] usb 3-1: USB disconnect, device number 15
[ 1064.298065][ T5616] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1064.474708][ T5616] usb 4-1: USB disconnect, device number 11
[ 1064.596581][ T5616] usblp0: removed
[ 1064.682738][T14268] Illegal XDP return value 4294967274 on prog  (id 111) dev N/A, expect packet loss!
[ 1068.119278][T14298] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1068.705654][ T5616] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[ 1068.877848][ T5616] usb 3-1: not running at top speed; connect to a high speed hub
[ 1068.879241][ T5616] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1068.879285][ T5616] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1068.882135][ T5616] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1068.882168][ T5616] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.882190][ T5616] usb 3-1: Manufacturer: ј
[ 1068.882213][ T5616] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1069.165226][T14309] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2787'.
[ 1069.165796][T14309] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2787'.
[ 1069.165816][T14309] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2787'.
[ 1072.155627][ T5616] usbhid 3-1:1.0: can't add hid device: -71
[ 1072.155767][ T5616] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[ 1072.189167][ T5616] usb 3-1: USB disconnect, device number 16
[ 1074.291273][T14378] sit1: entered promiscuous mode
[ 1074.515591][ T5595] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1074.555945][ T5739] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1074.665554][ T5595] usb 3-1: Using ep0 maxpacket: 8
[ 1074.670505][ T5595] usb 3-1: config 186 has an invalid interface number: 209 but max is 2
[ 1074.670537][ T5595] usb 3-1: config 186 has an invalid interface number: 78 but max is 2
[ 1074.670565][ T5595] usb 3-1: config 186 has an invalid interface number: 161 but max is 2
[ 1074.670580][ T5595] usb 3-1: config 186 has no interface number 0
[ 1074.670598][ T5595] usb 3-1: config 186 has no interface number 1
[ 1074.670610][ T5595] usb 3-1: config 186 has no interface number 2
[ 1074.670657][ T5595] usb 3-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[ 1074.670675][ T5595] usb 3-1: config 186 interface 209 altsetting 132 endpoint 0xA has invalid maxpacket 1023, setting to 64
[ 1074.670695][ T5595] usb 3-1: config 186 interface 209 altsetting 132 has an invalid descriptor for endpoint zero, skipping
[ 1074.670711][ T5595] usb 3-1: config 186 interface 209 altsetting 132 endpoint 0xC has invalid maxpacket 1024, setting to 64
[ 1074.670732][ T5595] usb 3-1: config 186 interface 209 altsetting 132 has an endpoint descriptor with address 0x91, changing to 0x81
[ 1074.670751][ T5595] usb 3-1: config 186 interface 209 altsetting 132 endpoint 0x81 has invalid maxpacket 23158, setting to 64
[ 1074.670771][ T5595] usb 3-1: config 186 interface 209 altsetting 132 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[ 1074.670800][ T5595] usb 3-1: config 186 interface 78 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[ 1074.670826][ T5595] usb 3-1: config 186 interface 209 has no altsetting 0
[ 1074.670839][ T5595] usb 3-1: config 186 interface 78 has no altsetting 0
[ 1074.670853][ T5595] usb 3-1: config 186 interface 161 has no altsetting 0
[ 1074.673411][ T5595] usb 3-1: New USB device found, idVendor=046d, idProduct=08d8, bcdDevice= 9.d0
[ 1074.673440][ T5595] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1074.673467][ T5595] usb 3-1: Product: syz
[ 1074.673478][ T5595] usb 3-1: Manufacturer: 繊륶
[ 1074.673488][ T5595] usb 3-1: SerialNumber: syz
[ 1074.775483][ T5739] usb 4-1: Using ep0 maxpacket: 8
[ 1074.811175][ T5739] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1074.811205][ T5739] usb 4-1: config 0 has no interface number 0
[ 1074.811250][ T5739] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1074.811277][ T5739] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1074.811304][ T5739] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1074.811332][ T5739] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1074.811380][ T5739] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1074.811405][ T5739] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1074.986079][ T5739] usb 4-1: config 0 descriptor??
[ 1075.040913][ T5739] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1075.240594][ T5595] rndis_host 3-1:186.161: rndis: master #0/0000000000000000 slave #1/0000000000000000
[ 1075.279794][ T5595] usb 3-1: USB disconnect, device number 17
[ 1075.709551][ T5739] usb 4-1: USB disconnect, device number 12
[ 1075.909397][ T5739] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[ 1076.014765][T12958] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1076.072332][T12958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1076.074722][T12958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1076.100234][T12958] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1076.101346][T12958] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1076.344824][T14411] vivid-001: disconnect
[ 1076.496316][T14411] vivid-001: reconnect
[ 1076.705693][ T5739] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1078.160848][ T5739] usb 3-1: Using ep0 maxpacket: 8
[ 1078.175925][ T5739] usb 3-1: config 27 has too many interfaces: 103, using maximum allowed: 32
[ 1078.175956][ T5739] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1078.175976][ T5739] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 103
[ 1078.217856][ T5739] usb 3-1: New USB device found, idVendor=102c, idProduct=6251, bcdDevice=7e.68
[ 1078.217887][ T5739] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.217910][ T5739] usb 3-1: Product: syz
[ 1078.217926][ T5739] usb 3-1: Manufacturer: syz
[ 1078.217942][ T5739] usb 3-1: SerialNumber: syz
[ 1078.315574][ T5625] Bluetooth: hci1: command tx timeout
[ 1078.588560][T14410] netlink: 'syz.2.2825': attribute type 10 has an invalid length.
[ 1078.610272][T14410] team0: Port device veth0 added
[ 1078.641259][T14410] mmap: syz.2.2825 (14410) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1079.368255][ T5739] usb 3-1: USB disconnect, device number 18
[ 1079.691368][T14404] lo speed is unknown, defaulting to 1000
[ 1080.398232][ T5625] Bluetooth: hci1: command tx timeout
[ 1080.843110][T14404] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1080.843332][T14404] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1080.843474][T14404] bridge_slave_0: entered allmulticast mode
[ 1080.867246][T14404] bridge_slave_0: entered promiscuous mode
[ 1080.872933][T14404] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1080.873079][T14404] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1080.873225][T14404] bridge_slave_1: entered allmulticast mode
[ 1080.902400][T14404] bridge_slave_1: entered promiscuous mode
[ 1080.949052][T14404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1080.952854][T14404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1081.026276][T14404] team0: Port device team_slave_0 added
[ 1081.030192][T14404] team0: Port device team_slave_1 added
[ 1081.181797][T14404] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1081.181818][T14404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1081.181848][T14404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1081.189911][T14404] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1081.189963][T14404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1081.190034][T14404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1081.709168][T14404] hsr_slave_0: entered promiscuous mode
[ 1081.753015][T14404] hsr_slave_1: entered promiscuous mode
[ 1081.759721][T14404] debugfs: 'hsr0' already exists in 'hsr'
[ 1081.802647][T14404] Cannot create hsr debugfs directory
[ 1083.214532][ T5625] Bluetooth: hci1: command tx timeout
[ 1085.349613][ T5625] Bluetooth: hci1: command tx timeout
[ 1085.475739][ T5739] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[ 1085.634565][ T5739] usb 3-1: not running at top speed; connect to a high speed hub
[ 1085.650578][ T5739] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1085.650615][ T5739] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1085.663633][ T5739] usb 3-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1085.663662][ T5739] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1085.663718][ T5739] usb 3-1: Manufacturer: ј
[ 1085.663794][ T5739] usb 3-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1085.988004][T14475] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2841'.
[ 1085.988066][T14475] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2841'.
[ 1085.988078][T14475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2841'.
[ 1087.344584][ T5739] usbhid 3-1:1.0: can't add hid device: -71
[ 1087.344683][ T5739] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[ 1087.495063][ T5739] usb 3-1: USB disconnect, device number 19
[ 1088.018181][T14494] loop2: detected capacity change from 0 to 7
[ 1088.075013][T14494]  loop2: p1
[ 1088.075037][T14494] loop2: partition table partially beyond EOD, truncated
[ 1088.075224][T14494] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1088.825516][ T5595] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[ 1088.850540][T13090] udevd[13090]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1088.976847][ T5595] usb 4-1: not running at top speed; connect to a high speed hub
[ 1088.978122][ T5595] usb 4-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1088.978146][ T5595] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1088.980431][ T5595] usb 4-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1088.980464][ T5595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1088.980478][ T5595] usb 4-1: Manufacturer: ј
[ 1088.980489][ T5595] usb 4-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1089.222689][T14496] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2847'.
[ 1089.222734][T14496] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2847'.
[ 1089.222746][T14496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2847'.
[ 1091.807389][ T5595] usbhid 4-1:1.0: can't add hid device: -71
[ 1091.807514][ T5595] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[ 1091.827223][ T5595] usb 4-1: USB disconnect, device number 13
[ 1092.555993][ T5595] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[ 1092.707336][ T5595] usb 4-1: not running at top speed; connect to a high speed hub
[ 1092.710756][ T5595] usb 4-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1092.710794][ T5595] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1092.718948][ T5595] usb 4-1: New USB device found, idVendor=1241, idProduct=f767, bcdDevice= 0.40
[ 1092.719017][ T5595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1092.719071][ T5595] usb 4-1: Manufacturer: ј
[ 1092.719113][ T5595] usb 4-1: SerialNumber: 䌊骿㴫ዿꗎ䛄㸱둾뮇⏟
[ 1093.010986][T14522] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2854'.
[ 1093.011158][T14522] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2854'.
[ 1093.011177][T14522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2854'.
[ 1093.289359][T14404] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1093.342936][T14404] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1093.363667][T14404] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1093.483488][T14404] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1093.492806][ T5616] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1093.508723][T14404] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1093.642165][T14404] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1093.658409][T14404] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1093.685524][ T5616] usb 6-1: Using ep0 maxpacket: 8
[ 1093.692305][ T5616] usb 6-1: config 27 has too many interfaces: 103, using maximum allowed: 32
[ 1093.692413][ T5616] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1093.692437][ T5616] usb 6-1: config 27 has 0 interfaces, different from the descriptor's value: 103
[ 1093.734342][ T5616] usb 6-1: New USB device found, idVendor=102c, idProduct=6251, bcdDevice=7e.68
[ 1093.734375][ T5616] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1093.734397][ T5616] usb 6-1: Product: syz
[ 1093.734413][ T5616] usb 6-1: Manufacturer: syz
[ 1093.734428][ T5616] usb 6-1: SerialNumber: syz
[ 1093.961156][T14404] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1094.078290][   T37] INFO: task kworker/u8:3:56 blocked for more than 143 seconds.
[ 1094.078320][   T37]       Tainted: G             L      syzkaller #0
[ 1094.078334][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1094.078608][   T37] task:kworker/u8:3    state:D stack:22216 pid:56    tgid:56    ppid:2      task_flags:0x4208160 flags:0x00080000
[ 1094.078669][   T37] Workqueue: netns cleanup_net
[ 1094.078800][   T37] Call Trace:
[ 1094.078809][   T37]  <TASK>
[ 1094.078822][   T37]  __schedule+0x16ec/0x5620
[ 1094.078890][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1094.079025][   T37]  ? rt_spin_lock+0x1e0/0x400
[ 1094.079065][   T37]  ? __pfx___schedule+0x10/0x10
[ 1094.079171][   T37]  ? schedule+0x90/0x360
[ 1094.079204][   T37]  schedule+0x164/0x360
[ 1094.079267][   T37]  rxrpc_destroy_all_calls+0x44e/0x570
[ 1094.079763][   T37]  ? __pfx_rxrpc_destroy_all_calls+0x10/0x10
[ 1094.079807][   T37]  ? __pfx_var_wake_function+0x10/0x10
[ 1094.079840][   T37]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1094.079926][   T37]  ? __timer_delete_sync+0x53e/0x610
[ 1094.080161][   T37]  rxrpc_exit_net+0x6f/0xc0
[ 1094.080477][   T37]  ops_undo_list+0x49f/0x940
[ 1094.080523][   T37]  ? __pfx_ops_undo_list+0x10/0x10
[ 1094.081225][   T37]  ? idr_destroy+0x22a/0x2a0
[ 1094.081266][   T37]  cleanup_net+0x56e/0x800
[ 1094.082215][   T37]  ? __pfx_cleanup_net+0x10/0x10
[ 1094.083063][   T37]  ? process_scheduled_works+0xa70/0x1860
[ 1094.083093][   T37]  ? process_scheduled_works+0xa70/0x1860
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1094.083120][   T37]  process_scheduled_works+0xb5d/0x1860
[ 1094.083606][   T37]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1094.083638][   T37]  ? assign_work+0x3d5/0x5e0
[ 1094.094190][   T37]  worker_thread+0xa53/0xfc0
[ 1094.094434][   T37]  kthread+0x388/0x470
[ 1094.094601][   T37]  ? __pfx_worker_thread+0x10/0x10
[ 1094.094628][   T37]  ? __pfx_kthread+0x10/0x10
[ 1094.094801][   T37]  ret_from_fork+0x514/0xb70
[ 1094.094850][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 1094.095051][   T37]  ? __switch_to+0xc79/0x1410
[ 1094.095236][   T37]  ? __pfx_kthread+0x10/0x10
[ 1094.095853][   T37]  ret_from_fork_asm+0x1a/0x30
[ 1094.096032][   T37]  </TASK>
[ 1094.221987][   T37] 
[ 1094.221987][   T37] Showing all locks held in the system:
[ 1094.222035][   T37] 4 locks held by pr/legacy/17:
[ 1094.222559][   T37] 1 lock held by khungtaskd/37:
[ 1094.222586][   T37]  #0: ffffffff8ddc80c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1094.222925][   T37] 3 locks held by kworker/u8:3/56:
[ 1094.222938][   T37]  #0: ffff88801aad0938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[ 1094.223119][   T37]  #1: ffffc9000122fc40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[ 1094.230747][   T37]  #2: ffffffff8f140620 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[ 1094.236214][   T37] 12 locks held by kworker/u8:5/69:
[ 1094.236269][   T37] 2 locks held by kworker/u8:7/803:
[ 1094.238129][   T37] 8 locks held by kworker/u8:13/1475:
[ 1094.238181][   T37] 7 locks held by kworker/u8:15/1506:
[ 1094.239008][   T37] 1 lock held by udevd/4972:
[ 1094.239032][   T37] 2 locks held by getty/5360:
[ 1094.240270][   T37]  #0: ffff888028fe40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1094.284227][   T37]  #1: ffffc90003cbe2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0
[ 1094.284448][   T37] 4 locks held by syz-executor/5593:
[ 1094.284545][   T37] 4 locks held by kworker/0:3/5595:
[ 1094.284566][   T37]  #0: ffff888021aa7138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[ 1094.439027][   T37]  #1: ffffc900042c7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[ 1094.442670][   T37]  #2: ffff88802a198210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60
[ 1094.442750][   T37]  #3: ffff88806404a210 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[ 1094.452003][   T37] 9 locks held by syz-executor/5611:
[ 1094.455988][   T37] 4 locks held by kworker/1:4/5616:
[ 1094.456015][   T37]  #0: ffff888021aa7138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[ 1094.462324][   T37]  #1: ffffc900047c7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[ 1094.469595][   T37]  #2: ffff888023fd4210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60
[ 1094.499524][   T37]  #3: ffff888037d1a210 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[ 1094.499728][   T37] 6 locks held by kworker/0:5/5739:
[ 1094.499770][   T37] 4 locks held by udevd/13063:
[ 1094.499783][   T37]  #0: ffff88805a67d950 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb8/0xe20
[ 1094.500106][   T37]  #1: ffff888034859478 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
[ 1094.500304][   T37]  #2: ffff888077d8d5a8 (kn->active#23){.+.+}-{0:0}, at: kernfs_seq_start+0xb2/0x420
[ 1094.500536][   T37]  #3: ffff88806404a210 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[ 1094.500951][   T37] 4 locks held by udevd/13090:
[ 1094.500965][   T37]  #0: ffff88805906e3d8 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb8/0xe20
[ 1094.504908][   T37]  #1: ffff88803b049478 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
[ 1094.513896][   T37]  #2: ffff88805c387878 (kn->active#23){.+.+}-{0:0}, at: kernfs_seq_start+0xb2/0x420
[ 1094.536664][   T37]  #3: ffff888037d1a210 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[ 1094.537069][   T37] 3 locks held by syz-executor/14404:
[ 1094.537111][   T37]  #0: ffffffff8f1bf420 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1094.537483][   T37]  #1: ffffffff8f1bf238 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10b/0x7a0
[ 1094.537825][   T37]  #2: ffffffff8f14f378 (rtnl_mutex){+.+.}-{4:4}, at: wg_set_device_doit+0x170/0x2070
[ 1094.538093][   T37] 9 locks held by syz.1.2853/14520:
[ 1094.538200][   T37] 1 lock held by syz.5.2855/14529:
[ 1094.538214][   T37]  #0: ffffffff8f14f378 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x3bf/0x1e10
[ 1094.538478][   T37] 
[ 1094.538484][   T37] =============================================
[ 1094.538484][   T37] 
[ 1094.538510][   T37] NMI backtrace for cpu 0
[ 1094.538561][   T37] CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1094.538640][   T37] Tainted: [L]=SOFTLOCKUP
[ 1094.538648][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1094.538661][   T37] Call Trace:
[ 1094.538670][   T37]  <TASK>
[ 1094.538679][   T37]  dump_stack_lvl+0xe8/0x150
[ 1094.538744][   T37]  nmi_cpu_backtrace+0x274/0x2d0
[ 1094.538819][   T37]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1094.538848][   T37]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1094.538896][   T37]  sys_info+0x135/0x170
[ 1094.538950][   T37]  watchdog+0xfd3/0x1030
[ 1094.539006][   T37]  ? watchdog+0x1c9/0x1030
[ 1094.539045][   T37]  kthread+0x388/0x470
[ 1094.539131][   T37]  ? __pfx_watchdog+0x10/0x10
[ 1094.539155][   T37]  ? __pfx_kthread+0x10/0x10
[ 1094.539187][   T37]  ret_from_fork+0x514/0xb70
[ 1094.539235][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 1094.539301][   T37]  ? __switch_to+0xc79/0x1410
[ 1094.539339][   T37]  ? __pfx_kthread+0x10/0x10
[ 1094.539391][   T37]  ret_from_fork_asm+0x1a/0x30
[ 1094.539483][   T37]  </TASK>
[ 1094.539512][   T37] Sending NMI from CPU 0 to CPUs 1:
[ 1094.539557][    C1] NMI backtrace for cpu 1
[ 1094.539575][    C1] CPU: 1 UID: 0 PID: 17 Comm: pr/legacy Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1094.539600][    C1] Tainted: [L]=SOFTLOCKUP
[ 1094.539607][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1094.539628][    C1] RIP: 0010:io_serial_out+0x7c/0xc0
[ 1094.539654][    C1] Code: 2c 90 fc 44 89 f9 d3 e5 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 cc 57 f7 fc 41 03 2e 89 d8 89 ea ee <5b> 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc 44 89 f9 80 e1 07 38 c1
[ 1094.539670][    C1] RSP: 0000:ffffc90000167a30 EFLAGS: 00000202
[ 1094.539686][    C1] RAX: 0000000000000078 RBX: 0000000000000078 RCX: 0000000000000000
[ 1094.539698][    C1] RDX: 00000000000003f8 RSI: 0000000000000000 RDI: 0000000000000000
[ 1094.539710][    C1] RBP: 00000000000003f8 R08: 0000000000000000 R09: 0000000000000000
[ 1094.539721][    C1] R10: dffffc0000000000 R11: ffffffff85343ff0 R12: dffffc0000000000
[ 1094.539735][    C1] R13: 0000000000000001 R14: ffffffff99907920 R15: 0000000000000000
[ 1094.539748][    C1] FS:  0000000000000000(0000) GS:ffff888126486000(0000) knlGS:0000000000000000
[ 1094.539763][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1094.539776][    C1] CR2: 00007f3ea23256b8 CR3: 00000000590fe000 CR4: 00000000003526f0
[ 1094.539793][    C1] Call Trace:
[ 1094.539800][    C1]  <TASK>
[ 1094.539808][    C1]  serial8250_console_write+0x12e1/0x1b90
[ 1094.539841][    C1]  ? __pfx_serial8250_console_write+0x10/0x10
[ 1094.539863][    C1]  ? console_flush_one_record+0xfa/0xb90
[ 1094.539890][    C1]  ? console_flush_one_record+0x48f/0xb90
[ 1094.539916][    C1]  console_flush_one_record+0x68b/0xb90
[ 1094.539943][    C1]  ? console_flush_one_record+0xfa/0xb90
[ 1094.539969][    C1]  ? __pfx_console_flush_one_record+0x10/0x10
[ 1094.539994][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1094.540024][    C1]  legacy_kthread_func+0x1b6/0x250
[ 1094.540049][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1094.540072][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1094.540096][    C1]  ? __kthread_parkme+0x7a/0x1f0
[ 1094.540123][    C1]  kthread+0x388/0x470
[ 1094.540146][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1094.540168][    C1]  ? __pfx_kthread+0x10/0x10
[ 1094.540199][    C1]  ret_from_fork+0x514/0xb70
[ 1094.540221][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1094.540241][    C1]  ? __switch_to+0xc79/0x1410
[ 1094.540269][    C1]  ? __pfx_kthread+0x10/0x10
[ 1094.540294][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1094.540326][    C1]  </TASK>
[ 1094.593567][   T37] Kernel panic - not syncing: hung_task: blocked tasks
[ 1094.593593][   T37] CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1094.593660][   T37] Tainted: [L]=SOFTLOCKUP
[ 1094.593680][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1094.593717][   T37] Call Trace:
[ 1094.593726][   T37]  <TASK>
[ 1094.593746][   T37]  vpanic+0x56c/0xa60
[ 1094.593804][   T37]  ? __pfx_vpanic+0x10/0x10
[ 1094.593871][   T37]  ? irqentry_exit+0x218/0x8b0
[ 1094.593915][   T37]  panic+0xc5/0xd0
[ 1094.593946][   T37]  ? __pfx_panic+0x10/0x10
[ 1094.594034][   T37]  ? __pfx_panic+0x10/0x10
[ 1094.594067][   T37]  watchdog+0x102c/0x1030
[ 1094.594112][   T37]  ? watchdog+0x1c9/0x1030
[ 1094.594181][   T37]  kthread+0x388/0x470
[ 1094.594220][   T37]  ? __pfx_watchdog+0x10/0x10
[ 1094.594241][   T37]  ? __pfx_kthread+0x10/0x10
[ 1094.594300][   T37]  ret_from_fork+0x514/0xb70
[ 1094.594351][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 1094.594374][   T37]  ? __switch_to+0xc79/0x1410
[ 1094.594408][   T37]  ? __pfx_kthread+0x10/0x10
[ 1094.594436][   T37]  ret_from_fork_asm+0x1a/0x30
[ 1094.594477][   T37]  </TASK>
[ 1094.595136][   T37] Kernel Offset: disabled