last executing test programs:

2m41.795578708s ago: executing program 3 (id=1019):
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000280)={0x9})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x0, 0x40, 0x200002000001, 0x0, 0x2004c8, 0x0, 0x0, 0x68ff, 0x5, 0x7fff, 0x3, 0x400000000], 0x80ad003})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f0000000100))
syz_open_procfs(0x0, 0x0)

2m37.855165396s ago: executing program 0 (id=1037):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
dup2(r0, r1)
close_range(r2, 0xffffffffffffffff, 0x0)

2m37.783951777s ago: executing program 4 (id=1038):
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0xfffffffffffffffc, 0x3, 0x8, 0x2, 0xc, 0xfffffffffffffffc, 0x3}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x4, 0x2, 0x466}, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2m37.75500708s ago: executing program 1 (id=1039):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000140)='4', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000001640)="6cd100338bef36fd9a090ad7daf0ae9207adcbfde0e73907e8400a176f61f4dfda153802c38f81ae7a48255251b39588c86c84e938df06239a6ec495939b9ceedcde7e4a2fb2c8d175895bde3579610c16b8e2a6966af5fe9961094bf0e33a9d4006a935e3afd1d9713ac617efd31f5b1f0090929881855b1740410fcfc024cceb587da38345d40b09ebb41067194579e9b97a057288c20b48e8b07dee98bf4e84ad3e5e03ffabd9c00da290e3dc55bc1d7dd6ce7a7c2dae6872c528f726bf7b0b009df5d92dd4d19614eee5de3c9e71e7058dedfcd0ce2a1b717cb93a297de9ff4251f53763c7f375612e6c5f2e73c2eab09da2af11a9afb2690e", 0xfb}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000940)="71059c3c06693e5d8652d40900c592ebf82c3219ea1470101339690ed99ae4cfbbbfc3092e412ffb6a9b70d1e0", 0x2d}], 0x1}}], 0x3, 0x10)
shutdown(r0, 0x2)

2m37.62576094s ago: executing program 2 (id=1040):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000019100)={&(0x7f0000000480)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40808)

2m37.508193545s ago: executing program 4 (id=1041):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)

2m37.410045178s ago: executing program 4 (id=1042):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x4, 0x3000000}]}}, 0xffffffffffffffff, 0x32, 0x0, 0x2}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r5, <r6=>0xffffffffffffffff}, 0x0, &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000440)={'batadv_slave_0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000001e00150d2cbd7000fddbdf2507000000", @ANYRES32=r9, @ANYBLOB="020000000000000008000a00", @ANYRES32=r8, @ANYBLOB="de6e87c62429cf3ae78a81"], 0x28}}, 0x48010)
poll(&(0x7f0000002a40), 0x0, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)

2m37.389020838s ago: executing program 0 (id=1043):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_clone(0x2824480, 0x0, 0x0, 0x0, 0x0, 0x0)

2m37.3253797s ago: executing program 2 (id=1044):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_AUTORATE={0x8, 0x9, 0xf8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2m37.324254043s ago: executing program 3 (id=1045):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
munmap(&(0x7f0000fe5000/0x1000)=nil, 0x1000)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)

2m37.287138591s ago: executing program 1 (id=1046):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
munmap(&(0x7f0000fe5000/0x1000)=nil, 0x1000)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'comedi_parport\x00', [0x4f27, 0x1f, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c95239c, 0x5, 0x3ff, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x395, 0x80000089, 0xfffffffe, 0xb, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffffa]})

2m36.060120992s ago: executing program 4 (id=1047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a500000023000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)

2m36.059639694s ago: executing program 3 (id=1048):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x14, 0x4, 0x8, 0xb}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x3e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x70)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2, 0x80802, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
pipe(0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xc00, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

2m36.009953242s ago: executing program 1 (id=1049):
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time\x00')
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x688200, 0x0)
fchdir(r0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/211, 0xd3)

2m35.991086653s ago: executing program 0 (id=1050):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xf, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1f003300d00000000802110000010802110000005050505050", @ANYRES8=r2], 0x3c}}, 0x10)

2m35.950242059s ago: executing program 2 (id=1051):
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0xfffffffffffffffc, 0x3, 0x8, 0x2, 0xc, 0xfffffffffffffffc, 0x3}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x4, 0x2, 0x466}, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2m35.820176924s ago: executing program 0 (id=1052):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)

2m35.819801355s ago: executing program 3 (id=1053):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
dup2(r0, r1)
close_range(r2, 0xffffffffffffffff, 0x0)

2m35.816472803s ago: executing program 4 (id=1054):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000019100)={&(0x7f0000000480)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40808)

2m35.78500087s ago: executing program 2 (id=1055):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000380)={0x3c, 0x0, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80c1}, 0x0)

2m35.758210305s ago: executing program 1 (id=1056):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000500)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x400, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @multicast2}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x2, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @multicast1}}}})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, &(0x7f0000000280)={@val, @void, @eth={@multicast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x1c, 0x65, 0x0, 0x1, 0x32, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @initdev={0xac, 0x1e, 0x0, 0x0}}, "bcad05faa84c4ef8"}}}}}, 0x2e)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r2)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000cc0)={0x1c, r3, 0x201, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81})
write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)

2m35.69867388s ago: executing program 0 (id=1057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x4, 0x3000000}]}}, 0xffffffffffffffff, 0x32, 0x0, 0x2}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r5, <r6=>0xffffffffffffffff}, 0x0, &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000440)={'batadv_slave_0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000001e00150d2cbd7000fddbdf2507000000", @ANYRES32=r9, @ANYBLOB="020000000000000008000a00", @ANYRES32=r8, @ANYBLOB="de6e87c62429cf3ae78a81"], 0x28}}, 0x48010)
poll(&(0x7f0000002a40), 0x0, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)

2m35.604850515s ago: executing program 2 (id=1058):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x538d, 0x0, &(0x7f0000000380), &(0x7f0000000340))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x20, r4, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)

2m34.527530171s ago: executing program 3 (id=1059):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
munmap(&(0x7f0000fe5000/0x1000)=nil, 0x1000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)

2m34.37306233s ago: executing program 0 (id=1060):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
munmap(&(0x7f0000fe5000/0x1000)=nil, 0x1000)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'comedi_parport\x00', [0x4f27, 0x1f, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c95239c, 0x5, 0x3ff, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x395, 0x80000089, 0xfffffffe, 0xb, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffffa]})

2m34.288055848s ago: executing program 1 (id=1061):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_AUTORATE={0x8, 0x9, 0xf8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2m34.287524601s ago: executing program 4 (id=1062):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xf, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1f003300d00000000802110000010802110000005050505050", @ANYRES8=r2], 0x3c}}, 0x10)

2m34.166796373s ago: executing program 2 (id=1063):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
syz_clone(0x2824480, 0x0, 0x0, 0x0, 0x0, 0x0)

2m32.984253788s ago: executing program 3 (id=1064):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)

2m32.712154357s ago: executing program 1 (id=1065):
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0xfffffffffffffffc, 0x3, 0x8, 0x2, 0xc, 0xfffffffffffffffc, 0x3}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x4, 0x2, 0x466}, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2m18.941664648s ago: executing program 32 (id=1060):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
munmap(&(0x7f0000fe5000/0x1000)=nil, 0x1000)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'comedi_parport\x00', [0x4f27, 0x1f, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c95239c, 0x5, 0x3ff, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x395, 0x80000089, 0xfffffffe, 0xb, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffffa]})

2m18.858219915s ago: executing program 33 (id=1063):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
syz_clone(0x2824480, 0x0, 0x0, 0x0, 0x0, 0x0)

2m18.798195134s ago: executing program 34 (id=1062):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xf, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1f003300d00000000802110000010802110000005050505050", @ANYRES8=r2], 0x3c}}, 0x10)

2m17.93350723s ago: executing program 35 (id=1064):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)

2m17.402807406s ago: executing program 36 (id=1065):
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0xfffffffffffffffc, 0x3, 0x8, 0x2, 0xc, 0xfffffffffffffffc, 0x3}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x4, 0x2, 0x466}, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

16.362755765s ago: executing program 7 (id=1547):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x2804c040}, 0x0)
recvmsg(r0, &(0x7f0000001040)={0x0, 0x0, 0x0}, 0x10002)

16.18376641s ago: executing program 7 (id=1550):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r2=>0x0})
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x4ee59ce4, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7", 0x12, 0x0, 0x0, 0x0)
bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r2, 0x0, {}, 0xfe}, 0x18)
sendmsg$can_j1939(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r2, 0x0, {}, 0x2}, 0x18, &(0x7f0000000180)={&(0x7f00000003c0)="08030005c7373d5b04", 0x9}}, 0xee)
close(r3)
mknod(0x0, 0x1ffa, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x111, 0x70bd27, 0x100000, {0x0, 0x0, 0x74, r2, {0x6, 0x8}, {0x5, 0xffff}, {0xfff1, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r6, 0x6)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r8 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r8, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452509005ad94a461cdbfee9bdb942352359a351d1ec0cffb4792cd8000080", 0x4c, 0x0, 0x0, 0x0)
r9 = getpid()
syz_open_procfs(r9, &(0x7f00000001c0)='net/fib_triestat\x00')

8.075839421s ago: executing program 5 (id=1580):
openat$yama_ptrace_scope(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000080)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000500)="14088eb406397b78089e5ad87f63f5c9241e6379219aa32fb19fbe2d4f0346a7a9c152b1222bff7e0b62c18a6e9ad18de4a35ac260e480b8f8a3209218f60722d85eba7392e5a43846", 0x49, 0xfffffffffffffffd)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)

7.672652837s ago: executing program 7 (id=1582):
socket(0x15, 0x5, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000700)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000140)={0x0, 0x6}, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0x3e57}, {0x6}]}, 0x10)
sendmmsg$inet(r2, &(0x7f0000002c40), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xa0}}, 0x0)
syz_usbip_server_init(0x4)
openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x22501, 0x0)

7.168788063s ago: executing program 8 (id=1584):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x2, 0x3, 0x6)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendto$inet(r3, 0x0, 0x5b, 0x0, &(0x7f0000000600)={0x2, 0x0, @remote}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
rmdir(0x0)
sendmsg$can_j1939(0xffffffffffffffff, 0x0, 0xee)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @u32=0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000804)
socket$can_raw(0x1d, 0x3, 0x1)

5.480607862s ago: executing program 9 (id=1585):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000001880)={0x53, 0xffffffffffffffff, 0x6, 0xf7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000300)="b945c52f244e", 0x0, 0xff, 0x10016, 0x3, 0x0})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r3, 0x0, 0xffffffdb)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x84, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x200)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f000010b940)={0x4, [], 0x5, "1cd06e77880b14"})
write$binfmt_aout(r1, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

5.480009944s ago: executing program 8 (id=1586):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000c00)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4, 0x0, 0x8}, 0xfffffffffffffe39)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
creat(0x0, 0x80166a87e08db6a7)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
pread64(r6, &(0x7f0000002300)=""/176, 0xb0, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

4.305768319s ago: executing program 8 (id=1588):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0), 0x0, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

4.048196602s ago: executing program 6 (id=1589):
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='jfs\x00', 0x1a0c000, 0x0)

3.97142924s ago: executing program 7 (id=1590):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000500)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x400, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @multicast2}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r1, &(0x7f0000000280)={@val, @void, @eth={@multicast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x18, 0x65, 0x0, 0x1, 0x32, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @initdev={0xac, 0x1e, 0x0, 0x0}}, "bcad05fa"}}}}}, 0x2a)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(0x0, r2)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000cc0)={0x1c, r3, 0x201, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81})
write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)

3.951673782s ago: executing program 8 (id=1591):
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

3.79433961s ago: executing program 6 (id=1592):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000000a0601020000000000000000000000000900020073797a31000000000500010007000000180007800c00018008000140fffffffe050003"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0xc4)

3.714826118s ago: executing program 5 (id=1593):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)={0x6c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_PROBE_RESP={0x6, 0x7f, [@supported_rates]}]]}, 0x6c}}, 0x0)

3.684086387s ago: executing program 7 (id=1594):
syz_open_dev$tty20(0xc, 0x4, 0x1)
sched_setaffinity(0x0, 0xfffffffffffffdb0, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0xe}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
syz_usbip_server_init(0x2)

3.564144066s ago: executing program 6 (id=1595):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
munmap(&(0x7f0000fe5000/0x1000)=nil, 0x1000)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)

3.46576186s ago: executing program 5 (id=1596):
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x4c, 0x0, 0x9, 0x5, 0x0, 0x0, {0x1}}, 0x4c}}, 0x800)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x14, 0x0, 0x0, 0x0, 0x25dfdbfe}, 0x14}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b000000000000", 0x10, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000400}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0xba01, 0x0, 0x6000000}, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x11}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.266092892s ago: executing program 5 (id=1597):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x4, 0x3000000}]}}, 0xffffffffffffffff, 0x32, 0x0, 0x2}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r5, <r6=>0xffffffffffffffff}, 0x0, &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000440)={'batadv_slave_0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000001e00150d2cbd7000fddbdf2507000000", @ANYRES32=r9, @ANYBLOB="020000000000000008000a00", @ANYRES32=r8, @ANYBLOB="de6e87c62429cf3ae78a81"], 0x28}}, 0x48010)
poll(&(0x7f0000002a40), 0x0, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)

3.03634142s ago: executing program 6 (id=1598):
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000340)={0x14, r5, 0x70d, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)

2.189315252s ago: executing program 5 (id=1599):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x380})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r1}, 0x18)
mount(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='ecryptfs\x00', 0x10005, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x7f)
read$dsp(r3, &(0x7f00000011c0)=""/4117, 0x200021d5)

2.089235046s ago: executing program 9 (id=1600):
syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, 0x0)

2.039656425s ago: executing program 8 (id=1601):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

1.891500559s ago: executing program 9 (id=1602):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)={0x14, r1, 0x301, 0x0, 0x0, {0x1c}}, 0x14}, 0x1, 0x0, 0x0, 0x20040005}, 0x40040)

1.781204674s ago: executing program 8 (id=1603):
openat$yama_ptrace_scope(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000080)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000500)="14088eb406397b78089e5ad87f63f5c9241e6379219aa32fb19fbe2d4f0346a7a9c152b1222bff7e0b62c18a6e9ad18de4a35ac260e480b8f8a3209218f60722d85eba7392e5a43846", 0x49, 0xfffffffffffffffd)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)

1.724802497s ago: executing program 9 (id=1604):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000500)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x400, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @multicast2}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r1, &(0x7f0000000280)={@val, @void, @eth={@multicast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x18, 0x65, 0x0, 0x1, 0x32, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @initdev={0xac, 0x1e, 0x0, 0x0}}, "bcad05fa"}}}}}, 0x2a)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(0x0, r2)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000cc0)={0x1c, r3, 0x201, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81})
write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)

241.403099ms ago: executing program 5 (id=1605):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r4, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB])
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r7 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
recvfrom(r6, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

240.869452ms ago: executing program 9 (id=1606):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)={0x6c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_PROBE_RESP={0x6, 0x7f, [@supported_rates]}]]}, 0x6c}}, 0x0)

240.200187ms ago: executing program 6 (id=1607):
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x4c, 0x0, 0x9, 0x5, 0x0, 0x0, {0x1}}, 0x4c}}, 0x800)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x14, 0x0, 0x0, 0x0, 0x25dfdbfe}, 0x14}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b000000000000", 0x10, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000400}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0xba01, 0x0, 0x6000000}, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x11}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

184.370785ms ago: executing program 7 (id=1608):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xff}, 0x2f)
r2 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000340)={'some', 0x20, 0x4, 0x20, 0xffffa}, 0x2f)
close(r1)
close(r2)

61.042218ms ago: executing program 9 (id=1609):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r4 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r4, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd37697ff28093c0e}, 0x0)
r5 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x1)
write$UHID_INPUT(r5, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

0s ago: executing program 6 (id=1610):
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(0xffffffffffffffff, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r2, &(0x7f0000000100)=[{&(0x7f0000001180)=""/4085, 0xff5}], 0x1)

kernel console output (not intermixed with test programs):

07152][ T7825] [U] 
[  245.709917][ T7825] [U] 
[  245.713515][ T7825] [U] 
[  245.716808][ T7825] [U] 
[  245.719567][ T7825] [U] 
[  245.722409][ T7825] [U] 
[  245.725989][ T7825] [U] 
[  245.728746][ T7825] [U] 
[  245.731487][ T7825] [U] 
[  245.734236][ T7825] [U] 
[  245.737543][ T7825] [U] 
[  245.740476][ T7825] [U] 
[  245.743217][ T7825] [U] 
[  245.745962][ T7825] [U] 
[  245.749425][ T7825] [U] 
[  245.752192][ T7825] [U] 
[  245.755014][ T7825] [U] 
[  245.757925][ T7825] [U] 
[  245.761349][ T7825] [U] 
[  245.764103][ T7825] [U] 
[  245.766849][ T7825] [U] 
[  245.769594][ T7825] [U] 
[  245.775164][ T7825] [U] 
[  245.777932][ T7825] [U] 
[  245.780681][ T7825] [U] 
[  245.783475][ T7825] [U] 
[  245.786854][ T7825] [U] 
[  245.789613][ T7825] [U] 
[  245.792452][ T7825] [U] 
[  245.795300][ T7825] [U] 
[  245.798733][ T7825] [U] 
[  245.801516][ T7825] [U] 
[  245.804449][ T7825] [U] 
[  245.807370][ T7825] [U] 
[  245.812758][ T7825] [U] 
[  245.815531][ T7825] [U] 
[  245.818274][ T7825] [U] 
[  245.821046][ T7825] [U] 
[  245.825086][ T7825] [U] 
[  245.827847][ T7825] [U] 
[  245.830591][ T7825] [U] 
[  245.833420][ T7825] [U] 
[  245.836657][ T7825] [U] 
[  245.839505][ T7825] [U] 
[  245.842267][ T7825] [U] 
[  245.845007][ T7825] [U] 
[  245.848410][ T7825] [U] 
[  245.851159][ T7825] [U] 
[  245.853949][ T7825] [U] 
[  245.856689][ T7825] [U] 
[  245.860222][ T7825] [U] 
[  245.863032][ T7825] [U] 
[  245.865848][ T7825] [U] 
[  245.868609][ T7825] [U] 
[  245.872967][ T7825] [U] 
[  245.875810][ T7825] [U] 
[  245.878769][ T7825] [U] 
[  245.881545][ T7825] [U] 
[  245.885971][ T7825] [U] 
[  245.888750][ T7825] [U] 
[  245.891840][ T7825] [U] 
[  245.894699][ T7825] [U] 
[  245.898375][ T7825] [U] 
[  245.901140][ T7825] [U] 
[  245.903901][ T7825] [U] 
[  245.906659][ T7825] [U] 
[  245.910094][ T7825] [U] 
[  245.912931][ T7825] [U] 
[  245.915670][ T7825] [U] 
[  245.918415][ T7825] [U] 
[  245.921724][ T7825] [U] 
[  245.924574][ T7825] [U] 
[  245.927416][ T7825] [U] 
[  245.930164][ T7825] [U] 
[  245.933832][ T7825] [U] 
[  245.936580][ T7825] [U] 
[  245.939338][ T7825] [U] 
[  245.942098][ T7825] [U] 
[  245.947260][ T7825] [U] 
[  245.950030][ T7825] [U] 
[  245.952782][ T7825] [U] 
[  245.955610][ T7825] [U] 
[  245.958894][ T7825] [U] 
[  245.961729][ T7825] [U] 
[  245.964470][ T7825] [U] 
[  245.967213][ T7825] [U] 
[  245.971082][ T7825] [U] 
[  245.973933][ T7825] [U] 
[  245.976678][ T7825] [U] 
[  245.979415][ T7825] [U] 
[  245.983547][ T7825] [U] 
[  245.986303][ T7825] [U] 
[  245.989043][ T7825] [U] 
[  246.452852][ T7822] [U] 
[  249.890517][ T7869] Cannot find del_set index 0 as target
[  250.467904][ T7872] netlink: 268 bytes leftover after parsing attributes in process `syz.1.633'.
[  254.670607][ T7922] netlink: 20 bytes leftover after parsing attributes in process `syz.4.653'.
[  254.707793][ T7922] x_tables: ip_tables: udp match: only valid for protocol 17
[  261.171483][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  261.171669][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  263.491782][ T7982] netlink: 'syz.2.671': attribute type 1 has an invalid length.
[  263.503188][ T5954] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  263.695183][ T7982] 8021q: adding VLAN 0 to HW filter on device bond1
[  263.814248][ T7984] bond1: (slave gretap1): making interface the new active one
[  263.824181][ T7984] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  264.863960][ T5954] usb 5-1: Using ep0 maxpacket: 16
[  264.885541][ T5954] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  264.907160][ T5954] usb 5-1: config 0 has no interface number 0
[  264.925080][ T5954] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  264.959434][ T5954] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  265.106723][ T5954] usb 5-1: config 0 interface 41 has no altsetting 0
[  265.110132][ T5954] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  265.110164][ T5954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.110184][ T5954] usb 5-1: Product: syz
[  265.110199][ T5954] usb 5-1: Manufacturer: syz
[  265.110214][ T5954] usb 5-1: SerialNumber: syz
[  265.129552][ T5954] usb 5-1: config 0 descriptor??
[  265.130339][ T7974] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  265.130449][ T7974] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  265.183110][    T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  265.341241][    T9] usb 2-1: Using ep0 maxpacket: 8
[  265.345083][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  265.345120][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.381622][    T9] pvrusb2: Hardware description: Terratec Grabster AV400
[  265.381661][    T9] pvrusb2: **********
[  265.381670][    T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  265.381686][    T9] pvrusb2: Important functionality might not be entirely working.
[  265.381697][    T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  265.381711][    T9] pvrusb2: **********
[  265.498842][ T5954] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -71
[  267.739041][ T2341] pvrusb2: Invalid write control endpoint
[  267.756056][ T5954] usb 5-1: USB disconnect, device number 6
[  267.909735][ T2341] pvrusb2: Invalid write control endpoint
[  267.916608][ T2341] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  267.927554][ T2341] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  267.952370][ T2341] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  268.004748][ T2341] pvrusb2: Device being rendered inoperable
[  268.024560][ T7986] pvrusb2: Killing an I2C read to 1 that has wlen too large (desired=61 limit=60)
[  268.077039][ T2341] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  268.087256][ T5954] usb 2-1: USB disconnect, device number 6
[  268.105034][ T2341] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  268.123751][ T2341] pvrusb2: Attached sub-driver cx25840
[  268.146429][ T2341] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  268.168217][ T2341] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  268.425040][ T7989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.021287][ T8005] block device autoloading is deprecated and will be removed.
[  269.190409][ T8015] netlink: 244 bytes leftover after parsing attributes in process `syz.1.679'.
[  269.217141][ T8015] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.226062][ T8015] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.221866][ T5911] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  271.420900][ T5911] usb 1-1: Using ep0 maxpacket: 16
[  272.482928][ T5911] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  272.512949][ T5911] usb 1-1: config 0 has no interface number 0
[  272.519162][ T5911] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  273.158132][ T5911] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  273.258490][ T5911] usb 1-1: config 0 interface 41 has no altsetting 0
[  273.319022][ T5911] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  273.383976][ T5911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.444602][ T5911] usb 1-1: Product: syz
[  273.449208][ T5911] usb 1-1: Manufacturer: syz
[  273.500895][ T5911] usb 1-1: SerialNumber: syz
[  273.557954][ T5911] usb 1-1: config 0 descriptor??
[  273.593890][ T8029] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  273.628538][ T8029] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  273.695790][ T8052] syzkaller1: entered promiscuous mode
[  273.725780][ T8052] syzkaller1: entered allmulticast mode
[  274.054985][ T8029] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  274.063070][ T8029] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  274.094324][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.3.694'.
[  276.168639][ T8065] 9pnet_fd: Insufficient options for proto=fd
[  276.388740][ T5911] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  276.508816][ T5911] usb 1-1: USB disconnect, device number 7
[  277.221041][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  277.221095][   T30] audit: type=1326 audit(1753985662.284:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  277.600213][ T8079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.699'.
[  277.678447][   T30] audit: type=1326 audit(1753985662.304:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  277.820251][   T30] audit: type=1326 audit(1753985662.304:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  277.979163][   T30] audit: type=1326 audit(1753985662.304:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  278.758267][ T8085] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  278.758267][ T8085]    program syz.1.701 not setting count and/or reply_len properly
[  278.798838][   T30] audit: type=1326 audit(1753985662.304:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  279.143031][   T30] audit: type=1326 audit(1753985662.314:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  279.463783][   T30] audit: type=1326 audit(1753985662.334:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  279.693710][ T8097] overlayfs: overlapping lowerdir path
[  280.269260][   T30] audit: type=1326 audit(1753985662.334:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  280.306993][   T30] audit: type=1326 audit(1753985662.334:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  280.334233][   T30] audit: type=1326 audit(1753985662.404:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8069 comm="syz.2.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032e58eb69 code=0x7ffc0000
[  281.096951][ T8109] syzkaller0: entered promiscuous mode
[  281.900943][ T8109] syzkaller0: entered allmulticast mode
[  282.322462][ T5890] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  282.480928][ T5890] usb 5-1: Using ep0 maxpacket: 16
[  282.559369][ T5890] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  282.581803][ T5890] usb 5-1: config 0 has no interface number 0
[  282.597893][ T5890] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  282.652069][ T5890] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  282.685530][ T5890] usb 5-1: config 0 interface 41 has no altsetting 0
[  282.743360][ T8121] netlink: 64 bytes leftover after parsing attributes in process `syz.0.712'.
[  282.753538][ T5890] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  282.774276][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.815038][ T5890] usb 5-1: Product: syz
[  282.835312][ T5890] usb 5-1: Manufacturer: syz
[  282.845363][ T5890] usb 5-1: SerialNumber: syz
[  282.863234][ T5890] usb 5-1: config 0 descriptor??
[  282.891566][ T8116] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  284.004023][ T8116] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  284.234985][ T8116] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  284.489452][ T8116] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  284.503673][ T8137] overlayfs: overlapping lowerdir path
[  285.621282][ T5890] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -32
[  286.892106][ T5953] usb 5-1: USB disconnect, device number 7
[  287.149789][ T8163] netlink: 64 bytes leftover after parsing attributes in process `syz.1.725'.
[  287.185084][ T8160] syzkaller0: entered promiscuous mode
[  287.221135][ T8160] syzkaller0: entered allmulticast mode
[  291.330926][ T5954] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  291.340987][ T5911] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  291.365686][ T5845] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  291.501740][ T5911] usb 3-1: Using ep0 maxpacket: 8
[  291.517598][ T5911] usb 3-1: config 0 has no interfaces?
[  291.527247][ T5911] usb 3-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  291.553721][ T5845] usb 5-1: New USB device found, idVendor=090a, idProduct=1200, bcdDevice=24.87
[  291.563726][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.572235][ T5845] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.583191][ T5911] usb 3-1: config 0 descriptor??
[  291.590583][ T5845] usb 5-1: config 0 descriptor??
[  291.631185][ T5954] usb 1-1: Using ep0 maxpacket: 16
[  291.786464][ T5954] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  291.899971][ T5954] usb 1-1: config 0 has no interface number 0
[  292.009961][ T5954] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  292.131586][ T8191] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  292.138447][ T8191] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  292.158288][ T5954] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  292.297011][ T5954] usb 1-1: config 0 interface 41 has no altsetting 0
[  292.310352][ T8191] vhci_hcd vhci_hcd.0: Device attached
[  292.322920][ T8203] vhci_hcd: connection closed
[  292.324845][ T5953] usb 3-1: USB disconnect, device number 5
[  292.340835][ T7375] vhci_hcd: stop threads
[  292.348600][ T5954] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  292.359879][ T7375] vhci_hcd: release socket
[  292.373985][ T7375] vhci_hcd: disconnect device
[  292.382129][ T5954] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.400319][ T5954] usb 1-1: Product: syz
[  292.406357][ T5954] usb 1-1: Manufacturer: syz
[  292.415535][ T5954] usb 1-1: SerialNumber: syz
[  292.423949][ T5954] usb 1-1: config 0 descriptor??
[  292.430142][ T8190] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  292.452187][ T8190] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  292.552656][ T5845] usb-storage 5-1:0.0: USB Mass Storage device detected
[  292.572861][ T5845] usb-storage 5-1:0.0: This device (090a,1200,2487 S 01 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 6.16.0-syzkaller)
[  292.572861][ T5845]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  293.467707][ T5845] usb 5-1: USB disconnect, device number 8
[  293.508738][ T8190] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  293.554997][ T8190] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  294.337374][ T8221] netlink: 8 bytes leftover after parsing attributes in process `syz.4.741'.
[  295.717083][ T8225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  296.611808][ T5954] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  296.670977][ T5954] usb 1-1: USB disconnect, device number 8
[  296.783643][ T8227] syzkaller0: entered promiscuous mode
[  296.789382][ T8227] syzkaller0: entered allmulticast mode
[  297.175432][ T8236] overlayfs: overlapping lowerdir path
[  297.197595][ T8237] [U] 
[  297.200495][ T8237] [U] 
[  297.203261][ T8237] [U] 
[  297.206114][ T8237] [U] 
[  297.209457][ T8237] [U] 
[  297.212266][ T8237] [U] 
[  297.215288][ T8237] [U] 
[  297.218197][ T8237] [U] 
[  297.221949][ T8237] [U] 
[  297.224811][ T8237] [U] 
[  297.227665][ T8237] [U] 
[  297.230455][ T8237] [U] 
[  297.233440][ T8237] [U] 
[  297.236218][ T8237] [U] 
[  297.238981][ T8237] [U] 
[  297.241846][ T8237] [U] 
[  297.245286][ T8237] [U] 
[  297.248216][ T8237] [U] 
[  297.251078][ T8237] [U] 
[  297.253935][ T8237] [U] 
[  297.257018][ T8237] [U] 
[  297.259926][ T8237] [U] 
[  297.262775][ T8237] [U] 
[  297.265629][ T8237] [U] 
[  297.268922][ T8237] [U] 
[  297.271684][ T8237] [U] 
[  297.274522][ T8237] [U] 
[  297.277357][ T8237] [U] 
[  297.284699][ T8237] [U] 
[  297.287754][ T8237] [U] 
[  297.290512][ T8237] [U] 
[  297.293354][ T8237] [U] 
[  297.296682][ T8237] [U] 
[  297.299462][ T8237] [U] 
[  297.302213][ T8237] [U] 
[  297.305071][ T8237] [U] 
[  297.308406][ T8237] [U] 
[  297.311391][ T8237] [U] 
[  297.314141][ T8237] [U] 
[  297.316891][ T8237] [U] 
[  297.320332][ T8237] [U] 
[  297.323115][ T8237] [U] 
[  297.325862][ T8237] [U] 
[  297.328695][ T8237] [U] 
[  297.331809][ T8237] [U] 
[  297.334571][ T8237] [U] 
[  297.337591][ T8237] [U] 
[  297.340426][ T8237] [U] 
[  297.343781][ T8237] [U] 
[  297.346602][ T8237] [U] 
[  297.349467][ T8237] [U] 
[  297.352224][ T8237] [U] 
[  297.355465][ T8237] [U] 
[  297.358217][ T8237] [U] 
[  297.360992][ T8237] [U] 
[  297.363749][ T8237] [U] 
[  297.366930][ T8237] [U] 
[  297.369753][ T8237] [U] 
[  297.372516][ T8237] [U] 
[  297.375262][ T8237] [U] 
[  297.382187][ T8237] [U] 
[  297.385026][ T8237] [U] 
[  297.387772][ T8237] [U] 
[  297.390540][ T8237] [U] 
[  297.393838][ T8237] [U] 
[  297.396721][ T8237] [U] 
[  297.399704][ T8237] [U] 
[  297.402465][ T8237] [U] 
[  297.405794][ T8237] [U] 
[  297.408576][ T8237] [U] 
[  297.411568][ T8237] [U] 
[  297.414359][ T8237] [U] 
[  297.417632][ T8237] [U] 
[  297.420403][ T8237] [U] 
[  297.423335][ T8237] [U] 
[  297.426147][ T8237] [U] 
[  297.429243][ T8237] [U] 
[  297.432009][ T8237] [U] 
[  297.434824][ T8237] [U] 
[  297.438156][ T8237] [U] 
[  297.441475][ T8237] [U] 
[  297.444357][ T8237] [U] 
[  297.447186][ T8237] [U] 
[  297.450039][ T8237] [U] 
[  297.453341][ T8237] [U] 
[  297.456112][ T8237] [U] 
[  297.458979][ T8237] [U] 
[  297.461775][ T8237] [U] 
[  297.465495][ T8237] [U] 
[  297.468384][ T8237] [U] 
[  297.471412][ T8237] [U] 
[  297.474710][ T8237] [U] 
[  297.480697][ T8237] [U] 
[  297.483495][ T8237] [U] 
[  297.486260][ T8237] [U] 
[  297.489018][ T8237] [U] 
[  297.493069][ T8237] [U] 
[  297.496291][ T8237] [U] 
[  297.499170][ T8237] [U] 
[  297.502022][ T8237] [U] 
[  297.505648][ T8237] [U] 
[  297.508521][ T8237] [U] 
[  297.511269][ T8237] [U] 
[  297.514011][ T8237] [U] 
[  297.517286][ T8237] [U] 
[  297.520298][ T8237] [U] 
[  297.523255][ T8237] [U] 
[  297.526200][ T8237] [U] 
[  297.529478][ T8237] [U] 
[  297.532278][ T8237] [U] 
[  297.535194][ T8237] [U] 
[  297.538044][ T8237] [U] 
[  297.541373][ T8237] [U] 
[  297.544315][ T8237] [U] 
[  297.547150][ T8237] [U] 
[  297.550067][ T8237] [U] 
[  297.553331][ T8237] [U] 
[  297.556521][ T8237] [U] 
[  297.559535][ T8237] [U] 
[  297.562302][ T8237] [U] 
[  297.565570][ T8237] [U] 
[  297.568595][ T8237] [U] 
[  297.571537][ T8237] [U] 
[  297.574587][ T8237] [U] 
[  297.578039][ T8237] [U] 
[  297.580896][ T8237] [U] 
[  297.583838][ T8237] [U] 
[  297.691524][ T8228] [U] 
[  299.277590][ T8250] Bluetooth: MGMT ver 1.23
[  300.606364][ T8265] netlink: 'syz.2.753': attribute type 10 has an invalid length.
[  300.614957][ T8265] ipvlan1: entered promiscuous mode
[  300.621648][ T8265] batman_adv: batadv0: Adding interface: ipvlan1
[  300.628230][ T8265] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.656485][ T8265] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active
[  300.843626][ T8267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  300.911087][ T5845] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  301.081105][ T5845] usb 4-1: Using ep0 maxpacket: 16
[  301.099548][ T5845] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  301.114602][ T5845] usb 4-1: config 0 has no interface number 0
[  301.149700][ T5845] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  301.189566][ T5845] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  301.203675][ T5845] usb 4-1: config 0 interface 41 has no altsetting 0
[  301.216472][ T5845] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  301.392409][ T5845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.438688][ T5845] usb 4-1: Product: syz
[  301.448237][ T5845] usb 4-1: Manufacturer: syz
[  301.454005][ T5845] usb 4-1: SerialNumber: syz
[  301.465808][ T5845] usb 4-1: config 0 descriptor??
[  302.283140][ T8264] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  302.300485][ T8264] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  302.535386][ T8276] [U] 
[  302.538296][ T8276] [U] 
[  302.541073][ T8276] [U] 
[  302.543849][ T8276] [U] 
[  302.546974][ T8276] [U] 
[  302.549745][ T8276] [U] 
[  302.552505][ T8276] [U] 
[  302.555276][ T8276] [U] 
[  302.558299][ T8276] [U] 
[  302.561052][ T8276] [U] 
[  302.563791][ T8276] [U] 
[  302.566530][ T8276] [U] 
[  302.569373][ T8276] [U] 
[  302.572144][ T8276] [U] 
[  302.574987][ T8276] [U] 
[  302.577832][ T8276] [U] 
[  302.581188][ T8276] [U] 
[  302.584032][ T8276] [U] 
[  302.586951][ T8276] [U] 
[  302.589784][ T8276] [U] 
[  302.592739][ T8276] [U] 
[  302.595592][ T8276] [U] 
[  302.598602][ T8276] [U] 
[  302.601342][ T8276] [U] 
[  302.605628][ T8276] [U] 
[  302.608493][ T8276] [U] 
[  302.611335][ T8276] [U] 
[  302.614251][ T8276] [U] 
[  302.618010][ T8276] [U] 
[  302.620805][ T8276] [U] 
[  302.623646][ T8276] [U] 
[  302.626482][ T8276] [U] 
[  302.629748][ T8276] [U] 
[  302.632507][ T8276] [U] 
[  302.635248][ T8276] [U] 
[  302.638166][ T8276] [U] 
[  302.641600][ T8276] [U] 
[  302.644492][ T8276] [U] 
[  302.647342][ T8276] [U] 
[  302.650105][ T8276] [U] 
[  302.653295][ T8276] [U] 
[  302.656158][ T8276] [U] 
[  302.658915][ T8276] [U] 
[  302.661698][ T8276] [U] 
[  302.664800][ T8276] [U] 
[  302.667603][ T8276] [U] 
[  302.670352][ T8276] [U] 
[  302.673219][ T8276] [U] 
[  302.676378][ T8276] [U] 
[  302.679649][ T8276] [U] 
[  302.682421][ T8276] [U] 
[  302.685428][ T8276] [U] 
[  302.689058][ T8276] [U] 
[  302.691923][ T8276] [U] 
[  302.694835][ T8276] [U] 
[  302.697610][ T8276] [U] 
[  302.702260][ T8276] [U] 
[  302.705146][ T8276] [U] 
[  302.708153][ T8276] [U] 
[  302.710924][ T8276] [U] 
[  302.714212][ T8276] [U] 
[  302.717144][ T8276] [U] 
[  302.719900][ T8276] [U] 
[  302.722694][ T8276] [U] 
[  302.726018][ T8276] [U] 
[  302.729042][ T8276] [U] 
[  302.731803][ T8276] [U] 
[  302.734551][ T8276] [U] 
[  302.737559][ T8276] [U] 
[  302.740537][ T8276] [U] 
[  302.743463][ T8276] [U] 
[  302.746564][ T8276] [U] 
[  302.750016][ T8276] [U] 
[  302.752874][ T8276] [U] 
[  302.755884][ T8276] [U] 
[  302.758720][ T8276] [U] 
[  302.761854][ T8276] [U] 
[  302.764713][ T8276] [U] 
[  302.767469][ T8276] [U] 
[  302.770295][ T8276] [U] 
[  302.773682][ T8276] [U] 
[  302.776616][ T8276] [U] 
[  302.779461][ T8276] [U] 
[  302.782209][ T8276] [U] 
[  302.785172][ T8276] [U] 
[  302.787922][ T8276] [U] 
[  302.790767][ T8276] [U] 
[  302.793607][ T8276] [U] 
[  302.796941][ T8276] [U] 
[  302.799712][ T8276] [U] 
[  302.802583][ T8276] [U] 
[  302.805426][ T8276] [U] 
[  302.809256][ T8276] [U] 
[  302.812013][ T8276] [U] 
[  302.814882][ T8276] [U] 
[  302.817718][ T8276] [U] 
[  302.821745][ T8276] [U] 
[  302.824525][ T8276] [U] 
[  302.827357][ T8276] [U] 
[  302.830107][ T8276] [U] 
[  302.833230][ T8276] [U] 
[  302.835992][ T8276] [U] 
[  302.838752][ T8276] [U] 
[  302.841598][ T8276] [U] 
[  302.844987][ T8276] [U] 
[  302.847890][ T8276] [U] 
[  302.850631][ T8276] [U] 
[  302.853380][ T8276] [U] 
[  302.856742][ T8276] [U] 
[  302.859502][ T8276] [U] 
[  302.862335][ T8276] [U] 
[  302.865083][ T8276] [U] 
[  302.868954][ T8276] [U] 
[  302.871791][ T8276] [U] 
[  302.874553][ T8276] [U] 
[  302.877400][ T8276] [U] 
[  302.880358][ T8276] [U] 
[  302.883233][ T8276] [U] 
[  302.886078][ T8276] [U] 
[  302.889010][ T8276] [U] 
[  302.892495][ T8276] [U] 
[  302.895264][ T8276] [U] 
[  302.898183][ T8276] [U] 
[  302.901061][ T8276] [U] 
[  302.905172][ T8276] [U] 
[  302.908032][ T8276] [U] 
[  302.910951][ T8276] [U] 
[  303.291187][ T8273] [U] 
[  303.517527][ T8264] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  303.634968][ T8264] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  304.065394][ T5845] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -32
[  304.278553][ T8288] Invalid ELF header magic: != ELF
[  305.531919][ T5953] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  305.742846][ T5953] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.842756][ T5953] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  305.950431][ T5953] usb 3-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  306.066622][ T5953] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.299128][ T5954] usb 4-1: USB disconnect, device number 11
[  306.348601][ T5953] usb 3-1: config 0 descriptor??
[  307.864866][ T5954] usb 3-1: USB disconnect, device number 6
[  310.400400][ T8322] tipc: Started in network mode
[  310.416351][ T8322] tipc: Node identity 2a58d0156a75, cluster identity 4711
[  310.434535][ T8322] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  310.496346][ T8322] tipc: Resetting bearer <eth:syzkaller0>
[  310.955159][ T8337] netlink: 36 bytes leftover after parsing attributes in process `syz.4.775'.
[  311.480951][ T5954] tipc: Node number set to 1076744213
[  318.364461][ T5845] IPVS: starting estimator thread 0...
[  318.601281][ T8431] IPVS: using max 27 ests per chain, 64800 per kthread
[  319.194092][ T8426] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  319.200501][ T8426] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  319.212644][ T8426] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  319.218729][ T8426] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  319.226105][ T8426] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  319.232176][ T8426] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  319.239075][ T8426] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  319.969517][ T8426] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  320.530923][ T8456] overlayfs: overlapping lowerdir path
[  320.762431][ T5838] Bluetooth: hci1: command 0x0406 tx timeout
[  321.578510][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  321.578526][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  321.578581][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  322.604911][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  322.611342][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  322.841631][ T5838] Bluetooth: hci1: command 0x0406 tx timeout
[  323.726869][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  323.733221][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  323.739695][ T5156] Bluetooth: hci3: command 0x0406 tx timeout
[  325.805946][ T8511] netlink: 'syz.1.830': attribute type 10 has an invalid length.
[  325.927169][ T8511] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  326.118003][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.148123][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.929088][ T8536] syzkaller0: entered promiscuous mode
[  327.935519][ T8536] syzkaller0: entered allmulticast mode
[  331.782334][ T5954] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  331.895029][ T8563] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio1-input.0)
[  331.996030][ T5954] usb 3-1: Using ep0 maxpacket: 8
[  332.149124][ T5954] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  332.314300][ T5954] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  332.464559][ T5954] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  332.820109][ T5954] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  332.951649][ T5954] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.085777][ T5954] usb 3-1: Product: syz
[  333.170633][ T5954] usb 3-1: Manufacturer: syz
[  333.255614][ T5954] usb 3-1: SerialNumber: syz
[  333.626006][ T5954] cdc_ncm 3-1:1.0: NCM or ECM functional descriptors missing
[  334.559164][ T5954] cdc_ncm 3-1:1.0: bind() failure
[  334.644159][ T5954] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  334.654927][ T5954] cdc_ncm 3-1:1.1: bind() failure
[  334.675960][ T8574] netlink: 36 bytes leftover after parsing attributes in process `syz.0.851'.
[  334.694646][ T8574] netlink: 16 bytes leftover after parsing attributes in process `syz.0.851'.
[  334.703790][ T8574] netlink: 36 bytes leftover after parsing attributes in process `syz.0.851'.
[  334.713941][ T8574] netlink: 36 bytes leftover after parsing attributes in process `syz.0.851'.
[  334.794199][ T8579] syzkaller0: entered promiscuous mode
[  334.800196][ T8579] syzkaller0: entered allmulticast mode
[  334.814447][ T8582] netlink: 20 bytes leftover after parsing attributes in process `syz.1.850'.
[  334.865045][ T8582] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  334.874342][ T8582] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  334.883943][ T8582] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  334.892958][ T8582] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  334.928820][    T9] usb 3-1: USB disconnect, device number 7
[  334.937104][ T8582] vxlan0: entered promiscuous mode
[  337.033773][ T8606] sctp: failed to load transform for md5: -4
[  338.800983][ T5845] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  338.828292][ T8637] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  338.841658][ T8637] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  338.855125][ T8637] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  338.973523][ T5845] usb 1-1: Using ep0 maxpacket: 8
[  339.022341][ T5845] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  339.060894][ T5845] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  339.092236][ T5845] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  339.169940][ T5845] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  339.186760][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.213376][ T5845] usb 1-1: Product: syz
[  339.221058][ T5845] usb 1-1: Manufacturer: syz
[  339.225910][ T5845] usb 1-1: SerialNumber: syz
[  340.132390][ T5845] cdc_ncm 1-1:1.0: NCM or ECM functional descriptors missing
[  340.140364][ T5845] cdc_ncm 1-1:1.0: bind() failure
[  340.164866][ T5845] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  340.180885][ T5845] cdc_ncm 1-1:1.1: bind() failure
[  342.111657][ T5927] usb 1-1: USB disconnect, device number 9
[  342.610884][ T5927] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  343.060907][ T5845] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  343.065820][ T5927] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  343.065910][ T5927] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  343.065958][ T5927] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  343.189851][ T5927] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  343.189887][ T5927] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.189910][ T5927] usb 1-1: Product: syz
[  343.189926][ T5927] usb 1-1: Manufacturer: syz
[  343.189944][ T5927] usb 1-1: SerialNumber: syz
[  343.198003][ T5927] cdc_mbim 1-1:1.0: skipping garbage
[  343.298252][ T8697] tty tty27: ldisc open failed (-12), clearing slot 26
[  343.364138][ T5845] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  343.380659][ T5845] usb 3-1: config 0 has no interface number 0
[  343.408292][ T5845] usb 3-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  343.484364][ T5845] usb 3-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 129
[  343.518159][ T5845] usb 3-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  343.548928][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.583309][ T5845] usb 3-1: config 0 descriptor??
[  343.592816][ T5927] cdc_mbim 1-1:1.0: bind() failure
[  343.610079][ T5845] usbhid 3-1:0.2: couldn't find an input interrupt endpoint
[  343.614861][ T5927] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  343.643700][ T5927] cdc_ncm 1-1:1.1: bind() failure
[  343.671008][ T5927] usb 1-1: USB disconnect, device number 10
[  343.864587][ T8723] [U] 
[  343.867395][ T8723] [U] 
[  343.870140][ T8723] [U] 
[  343.872889][ T8723] [U] 
[  343.876647][ T8723] [U] 
[  343.879593][ T8723] [U] 
[  343.882525][ T8723] [U] 
[  343.885421][ T8723] [U] 
[  343.889276][ T8723] [U] 
[  343.892061][ T8723] [U] 
[  343.894816][ T8723] [U] 
[  343.897572][ T8723] [U] 
[  343.901120][ T8723] [U] 
[  343.903874][ T8723] [U] 
[  343.906697][ T8723] [U] 
[  343.909441][ T8723] [U] 
[  343.920497][ T8723] [U] 
[  343.923282][ T8723] [U] 
[  343.926031][ T8723] [U] 
[  343.928783][ T8723] [U] 
[  343.932332][ T8723] [U] 
[  343.935090][ T8723] [U] 
[  343.937835][ T8723] [U] 
[  343.940569][ T8723] [U] 
[  343.944077][ T8723] [U] 
[  343.946840][ T8723] [U] 
[  343.949664][ T8723] [U] 
[  343.952406][ T8723] [U] 
[  343.955820][ T8723] [U] 
[  343.958573][ T8723] [U] 
[  343.961317][ T8723] [U] 
[  343.964066][ T8723] [U] 
[  343.968985][ T8723] [U] 
[  343.971765][ T8723] [U] 
[  343.974512][ T8723] [U] 
[  343.977253][ T8723] [U] 
[  343.981635][ T8723] [U] 
[  343.984403][ T8723] [U] 
[  343.987221][ T8723] [U] 
[  343.989972][ T8723] [U] 
[  343.993765][ T8723] [U] 
[  343.996526][ T8723] [U] 
[  343.999268][ T8723] [U] 
[  344.002031][ T8723] [U] 
[  344.005597][ T8723] [U] 
[  344.008348][ T8723] [U] 
[  344.011093][ T8723] [U] 
[  344.013836][ T8723] [U] 
[  344.018301][ T8723] [U] 
[  344.021088][ T8723] [U] 
[  344.023934][ T8723] [U] 
[  344.026688][ T8723] [U] 
[  344.030266][ T8723] [U] 
[  344.033032][ T8723] [U] 
[  344.035865][ T8723] [U] 
[  344.038608][ T8723] [U] 
[  344.042590][ T8723] [U] 
[  344.045505][ T8723] [U] 
[  344.048252][ T8723] [U] 
[  344.051127][ T8723] [U] 
[  344.087002][ T8723] [U] 
[  344.089804][ T8723] [U] 
[  344.092548][ T8723] [U] 
[  344.095499][ T8723] [U] 
[  344.099748][ T8723] [U] 
[  344.102529][ T8723] [U] 
[  344.105284][ T8723] [U] 
[  344.108034][ T8723] [U] 
[  344.111748][ T8723] [U] 
[  344.114519][ T8723] [U] 
[  344.117255][ T8723] [U] 
[  344.119993][ T8723] [U] 
[  344.123950][ T8723] [U] 
[  344.126802][ T8723] [U] 
[  344.129553][ T8723] [U] 
[  344.132292][ T8723] [U] 
[  344.135954][ T8723] [U] 
[  344.138717][ T8723] [U] 
[  344.141549][ T8723] [U] 
[  344.144288][ T8723] [U] 
[  344.147980][ T8723] [U] 
[  344.150755][ T8723] [U] 
[  344.153534][ T8723] [U] 
[  344.156362][ T8723] [U] 
[  344.159880][ T8723] [U] 
[  344.162638][ T8723] [U] 
[  344.165523][ T8723] [U] 
[  344.168262][ T8723] [U] 
[  344.174141][ T8723] [U] 
[  344.177053][ T8723] [U] 
[  344.179848][ T8723] [U] 
[  344.182613][ T8723] [U] 
[  344.186154][ T8723] [U] 
[  344.188932][ T8723] [U] 
[  344.191696][ T8723] [U] 
[  344.194455][ T8723] [U] 
[  344.198287][ T8723] [U] 
[  344.201073][ T8723] [U] 
[  344.203841][ T8723] [U] 
[  344.206591][ T8723] [U] 
[  344.210263][ T8723] [U] 
[  344.213051][ T8723] [U] 
[  344.215808][ T8723] [U] 
[  344.218563][ T8723] [U] 
[  344.222464][ T8723] [U] 
[  344.225239][ T8723] [U] 
[  344.228051][ T8723] [U] 
[  344.230796][ T8723] [U] 
[  344.234456][ T8723] [U] 
[  344.237229][ T8723] [U] 
[  344.239993][ T8723] [U] 
[  344.242934][ T8723] [U] 
[  344.246777][ T8723] [U] 
[  344.249554][ T8723] [U] 
[  344.252394][ T8723] [U] 
[  344.255155][ T8723] [U] 
[  344.258624][ T8723] [U] 
[  344.261562][ T8723] [U] 
[  344.264479][ T8723] [U] 
[  344.267310][ T8723] [U] 
[  344.270831][ T8723] [U] 
[  344.273703][ T8723] [U] 
[  344.276559][ T8723] [U] 
[  344.279509][ T8723] [U] 
[  344.284219][ T8723] [U] 
[  344.287223][ T8723] [U] 
[  344.289971][ T8723] [U] 
[  344.633711][ T8719] [U] 
[  345.932904][ T5170] usb 3-1: USB disconnect, device number 8
[  348.856502][ T8746] netlink: 'syz.1.909': attribute type 1 has an invalid length.
[  348.866277][ T8746] netlink: 56 bytes leftover after parsing attributes in process `syz.1.909'.
[  349.540858][ T5953] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  349.748134][ T5953] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  349.886287][ T5953] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  350.034191][ T5953] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  350.204487][ T5953] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.376391][ T8770] [U] 
[  350.379194][ T8770] [U] 
[  350.381937][ T8770] [U] 
[  350.384713][ T8770] [U] 
[  350.453118][ T8770] [U] 
[  350.455925][ T8770] [U] 
[  350.458948][ T8770] [U] 
[  350.461697][ T8770] [U] 
[  350.465341][ T8770] [U] 
[  350.468094][ T8770] [U] 
[  350.470941][ T8770] [U] 
[  350.473687][ T8770] [U] 
[  350.477303][ T8770] [U] 
[  350.480061][ T8770] [U] 
[  350.482894][ T8770] [U] 
[  350.485648][ T8770] [U] 
[  350.491705][ T8770] [U] 
[  350.494629][ T8770] [U] 
[  350.497385][ T8770] [U] 
[  350.500136][ T8770] [U] 
[  350.503914][ T8770] [U] 
[  350.506677][ T8770] [U] 
[  350.509416][ T8770] [U] 
[  350.512165][ T8770] [U] 
[  350.515812][ T8770] [U] 
[  350.518664][ T8770] [U] 
[  350.521409][ T8770] [U] 
[  350.524418][ T8770] [U] 
[  350.528659][ T8770] [U] 
[  350.531513][ T8770] [U] 
[  350.534345][ T8770] [U] 
[  350.537096][ T8770] [U] 
[  350.541600][ T8770] [U] 
[  350.544378][ T8770] [U] 
[  350.547376][ T8770] [U] 
[  350.550214][ T8770] [U] 
[  350.553980][ T8770] [U] 
[  350.556737][ T8770] [U] 
[  350.559478][ T8770] [U] 
[  350.562230][ T8770] [U] 
[  350.565767][ T8770] [U] 
[  350.568527][ T8770] [U] 
[  350.571272][ T8770] [U] 
[  350.574188][ T8770] [U] 
[  350.577714][ T8770] [U] 
[  350.580460][ T8770] [U] 
[  350.583218][ T8770] [U] 
[  350.585960][ T8770] [U] 
[  350.589687][ T8770] [U] 
[  350.592520][ T8770] [U] 
[  350.595259][ T8770] [U] 
[  350.598051][ T8770] [U] 
[  350.676702][ T8770] [U] 
[  350.679504][ T8770] [U] 
[  350.682258][ T8770] [U] 
[  350.685050][ T8770] [U] 
[  350.689340][ T8770] [U] 
[  350.692139][ T8770] [U] 
[  350.694889][ T8770] [U] 
[  350.697632][ T8770] [U] 
[  350.701609][ T8770] [U] 
[  350.704384][ T8770] [U] 
[  350.707146][ T8770] [U] 
[  350.709972][ T8770] [U] 
[  350.714261][ T8770] [U] 
[  350.717024][ T8770] [U] 
[  350.719766][ T8770] [U] 
[  350.722509][ T8770] [U] 
[  350.726875][ T8770] [U] 
[  350.729647][ T8770] [U] 
[  350.732438][ T8770] [U] 
[  350.735184][ T8770] [U] 
[  350.739380][ T8770] [U] 
[  350.742143][ T8770] [U] 
[  350.744885][ T8770] [U] 
[  350.747622][ T8770] [U] 
[  350.751246][ T8770] [U] 
[  350.754003][ T8770] [U] 
[  350.756745][ T8770] [U] 
[  350.759481][ T8770] [U] 
[  350.763088][ T8770] [U] 
[  350.765841][ T8770] [U] 
[  350.768592][ T8770] [U] 
[  350.771428][ T8770] [U] 
[  350.775014][ T8770] [U] 
[  350.777777][ T8770] [U] 
[  350.780617][ T8770] [U] 
[  350.783365][ T8770] [U] 
[  350.786891][ T8770] [U] 
[  350.789860][ T8770] [U] 
[  350.792650][ T8770] [U] 
[  350.795423][ T8770] [U] 
[  350.798748][ T8770] [U] 
[  350.801588][ T8770] [U] 
[  350.804714][ T8770] [U] 
[  350.807463][ T8770] [U] 
[  350.811063][ T8770] [U] 
[  350.813818][ T8770] [U] 
[  350.816740][ T8770] [U] 
[  350.819574][ T8770] [U] 
[  350.822866][ T8770] [U] 
[  350.825876][ T8770] [U] 
[  350.828643][ T8770] [U] 
[  350.831500][ T8770] [U] 
[  350.835747][ T8770] [U] 
[  350.838509][ T8770] [U] 
[  350.841358][ T8770] [U] 
[  350.844108][ T8770] [U] 
[  350.848288][ T8770] [U] 
[  350.851058][ T8770] [U] 
[  350.853915][ T8770] [U] 
[  350.856657][ T8770] [U] 
[  350.860257][ T8770] [U] 
[  350.863099][ T8770] [U] 
[  350.865857][ T8770] [U] 
[  350.868617][ T8770] [U] 
[  350.872299][ T8770] [U] 
[  350.875083][ T8770] [U] 
[  350.877841][ T8770] [U] 
[  350.880666][ T8770] [U] 
[  350.884234][ T8770] [U] 
[  350.886997][ T8770] [U] 
[  350.889758][ T8770] [U] 
[  350.892560][ T8770] [U] 
[  350.895950][ T8770] [U] 
[  350.898809][ T8770] [U] 
[  350.901649][ T8770] [U] 
[  350.904852][ T8770] [U] 
[  351.025523][ T8753] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  351.069510][ T5953] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  351.093969][ T8777] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  351.114868][ T8777] syzkaller0: entered promiscuous mode
[  351.120594][ T8777] syzkaller0: entered allmulticast mode
[  351.187295][ T8777] tipc: Resetting bearer <eth:syzkaller0>
[  351.203446][ T8776] tipc: Resetting bearer <eth:syzkaller0>
[  351.220636][ T8776] tipc: Disabling bearer <eth:syzkaller0>
[  351.311177][ T8753] netlink: 48 bytes leftover after parsing attributes in process `syz.2.912'.
[  351.379382][ T8784] netlink: 'syz.2.912': attribute type 2 has an invalid length.
[  351.422566][ T8784] netlink: 'syz.2.912': attribute type 1 has an invalid length.
[  352.482643][ T5927] usb 3-1: USB disconnect, device number 9
[  353.077987][ T5954] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  353.904275][ T8820] netlink: 36 bytes leftover after parsing attributes in process `syz.4.935'.
[  353.921421][ T8820] netlink: 16 bytes leftover after parsing attributes in process `syz.4.935'.
[  353.935987][ T5954] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  353.944933][ T8820] netlink: 36 bytes leftover after parsing attributes in process `syz.4.935'.
[  353.954561][ T5954] usb 2-1: config 0 has no interface number 0
[  353.964170][ T5954] usb 2-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  353.964217][ T5954] usb 2-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  353.964241][ T5954] usb 2-1: config 0 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  353.964288][ T5954] usb 2-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  353.964311][ T5954] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.965274][ T8820] netlink: 36 bytes leftover after parsing attributes in process `syz.4.935'.
[  353.970201][ T5954] usb 2-1: config 0 descriptor??
[  353.974472][ T5954] usbhid 2-1:0.2: couldn't find an input interrupt endpoint
[  356.283270][ T5845] usb 2-1: USB disconnect, device number 7
[  361.463105][ T5170] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  361.910879][ T5170] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  361.973723][ T5170] usb 4-1: config 0 has no interface number 0
[  361.990994][ T5170] usb 4-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  362.002310][ T5170] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.012506][ T5170] usb 4-1: config 0 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  362.040829][ T5170] usb 4-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  362.097964][ T5170] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.125098][ T5170] usb 4-1: config 0 descriptor??
[  362.146805][ T5170] usbhid 4-1:0.2: couldn't find an input interrupt endpoint
[  363.291976][ T8915] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  363.298612][ T8915] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  363.306762][ T8915] vhci_hcd vhci_hcd.0: Device attached
[  363.315516][ T8918] vhci_hcd: connection closed
[  363.365044][   T37] vhci_hcd: stop threads
[  363.520799][   T37] vhci_hcd: release socket
[  363.538604][   T37] vhci_hcd: disconnect device
[  365.271158][ T5954] usb 4-1: USB disconnect, device number 12
[  365.767798][ T8959] trusted_key: encrypted_key: key user:syz not found
[  368.603369][ T9001] trusted_key: encrypted_key: key user:syz not found
[  373.751168][ T9065] trusted_key: encrypted_key: key user:syz not found
[  378.333116][ T9138] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1042'.
[  378.935439][ T9138] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  378.945174][ T9138] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  378.955383][ T9138] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  380.538316][ T9166] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1057'.
[  382.405677][ T9178] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio1-input.0)
[  384.045815][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  384.052704][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  396.837550][ T5840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  396.847111][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  396.856379][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  396.865855][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  396.874307][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  396.900608][ T5838] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  396.920082][ T7580] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  396.920160][ T5838] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  396.941761][ T5838] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  396.950081][ T5838] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  396.961098][ T5838] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  396.970274][ T7580] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  396.978777][ T5838] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  396.982711][ T7580] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  397.000616][ T5838] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  397.579947][ T7580] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  397.598046][ T7580] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  397.613130][ T7580] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  397.633839][ T7580] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  397.642884][ T7580] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  397.643701][ T9198] chnl_net:caif_netlink_parms(): no params data found
[  397.740959][ T9201] chnl_net:caif_netlink_parms(): no params data found
[  397.865486][ T9200] chnl_net:caif_netlink_parms(): no params data found
[  398.046937][ T9198] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.059299][ T9198] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.069054][ T9198] bridge_slave_0: entered allmulticast mode
[  398.086710][ T9198] bridge_slave_0: entered promiscuous mode
[  398.106451][ T9198] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.116210][ T9198] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.129674][ T9198] bridge_slave_1: entered allmulticast mode
[  398.150034][ T9198] bridge_slave_1: entered promiscuous mode
[  398.231601][ T7580] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  398.245209][ T7580] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  398.255105][ T7580] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  398.264511][ T7580] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  398.272463][ T7580] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  398.335384][ T9198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  398.408921][ T9198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  398.512738][ T9201] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.520092][ T9201] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.528120][ T9201] bridge_slave_0: entered allmulticast mode
[  398.537024][ T9201] bridge_slave_0: entered promiscuous mode
[  398.549365][ T9201] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.557192][ T9201] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.564640][ T9201] bridge_slave_1: entered allmulticast mode
[  398.572757][ T9201] bridge_slave_1: entered promiscuous mode
[  398.579922][ T9200] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.587674][ T9200] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.595360][ T9200] bridge_slave_0: entered allmulticast mode
[  398.603424][ T9200] bridge_slave_0: entered promiscuous mode
[  398.616774][ T9200] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.624319][ T9200] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.632234][ T9200] bridge_slave_1: entered allmulticast mode
[  398.639592][ T9200] bridge_slave_1: entered promiscuous mode
[  398.662890][ T9198] team0: Port device team_slave_0 added
[  398.723203][ T9198] team0: Port device team_slave_1 added
[  398.823593][ T9201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  398.844002][ T9201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  398.861668][ T9200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  398.875006][ T9200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  398.920962][ T7580] Bluetooth: hci5: command tx timeout
[  398.991970][ T9198] batman_adv: batadv0: Adding interface: batadv_slave_0
[  398.998998][ T9198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.025348][ T7580] Bluetooth: hci6: command tx timeout
[  399.032185][ T9198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.045741][ T9198] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.052787][ T9198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.082090][ T7580] Bluetooth: hci7: command tx timeout
[  399.088602][ T9198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.127212][ T9200] team0: Port device team_slave_0 added
[  399.137919][ T9200] team0: Port device team_slave_1 added
[  399.169545][ T9201] team0: Port device team_slave_0 added
[  399.180313][ T9201] team0: Port device team_slave_1 added
[  399.221228][ T9212] chnl_net:caif_netlink_parms(): no params data found
[  399.238039][ T9200] batman_adv: batadv0: Adding interface: batadv_slave_0
[  399.247804][ T9200] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.281210][ T9200] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.352067][ T9200] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.359107][ T9200] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.387981][ T9200] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.399874][ T9201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  399.419299][ T9201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.458956][ T9201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.483046][ T9201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.490143][ T9201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.525349][ T9201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.720987][ T7580] Bluetooth: hci8: command tx timeout
[  399.810703][ T9198] hsr_slave_0: entered promiscuous mode
[  399.817742][ T9198] hsr_slave_1: entered promiscuous mode
[  399.824981][ T9198] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  399.833396][ T9198] Cannot create hsr debugfs directory
[  399.867622][ T9200] hsr_slave_0: entered promiscuous mode
[  399.874766][ T9200] hsr_slave_1: entered promiscuous mode
[  399.884239][ T9200] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  399.892541][ T9200] Cannot create hsr debugfs directory
[  400.055887][ T9201] hsr_slave_0: entered promiscuous mode
[  400.062986][ T9201] hsr_slave_1: entered promiscuous mode
[  400.069361][ T9201] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  400.078064][ T9201] Cannot create hsr debugfs directory
[  400.154834][ T9212] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.162198][ T9212] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.169641][ T9212] bridge_slave_0: entered allmulticast mode
[  400.179458][ T9212] bridge_slave_0: entered promiscuous mode
[  400.198108][ T9212] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.206170][ T9212] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.214252][ T9212] bridge_slave_1: entered allmulticast mode
[  400.222696][ T9212] bridge_slave_1: entered promiscuous mode
[  400.361025][ T7580] Bluetooth: hci9: command tx timeout
[  400.385057][ T9212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  400.413961][ T9221] chnl_net:caif_netlink_parms(): no params data found
[  400.438860][ T9212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  400.538197][ T9212] team0: Port device team_slave_0 added
[  400.613535][ T9212] team0: Port device team_slave_1 added
[  400.817473][ T9212] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.825618][ T9212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.852536][ T9212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.908718][ T9212] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.916454][ T9212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.943321][ T9212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.963171][ T9221] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.970699][ T9221] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.978162][ T9221] bridge_slave_0: entered allmulticast mode
[  400.986068][ T9221] bridge_slave_0: entered promiscuous mode
[  400.996012][ T9221] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.004636][ T7580] Bluetooth: hci5: command tx timeout
[  401.010382][ T9221] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.019231][ T9221] bridge_slave_1: entered allmulticast mode
[  401.028193][ T9221] bridge_slave_1: entered promiscuous mode
[  401.083312][ T7580] Bluetooth: hci6: command tx timeout
[  401.143319][ T9221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  401.157642][ T9221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  401.167675][ T7580] Bluetooth: hci7: command tx timeout
[  401.179683][ T9212] hsr_slave_0: entered promiscuous mode
[  401.196962][ T9212] hsr_slave_1: entered promiscuous mode
[  401.204310][ T9212] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  401.215452][ T9212] Cannot create hsr debugfs directory
[  401.238980][ T9198] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  401.296233][ T9221] team0: Port device team_slave_0 added
[  401.306708][ T9198] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  401.349539][ T9221] team0: Port device team_slave_1 added
[  401.369430][ T9198] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  401.383563][ T9198] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  401.473977][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_0
[  401.483657][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.510576][ T9221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  401.564735][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_1
[  401.572488][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.599512][ T9221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  401.673320][ T9201] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  401.736646][ T9221] hsr_slave_0: entered promiscuous mode
[  401.744686][ T9221] hsr_slave_1: entered promiscuous mode
[  401.751330][ T9221] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  401.759134][ T9221] Cannot create hsr debugfs directory
[  401.787533][ T9201] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  401.800251][ T9201] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  401.811339][ T7580] Bluetooth: hci8: command tx timeout
[  401.818399][ T9201] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  402.022778][ T9200] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  402.060308][ T9200] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  402.072732][ T9200] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  402.136757][ T9200] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  402.276994][ T9212] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  402.294563][ T9212] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  402.340440][ T9212] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  402.363690][ T9212] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  402.442027][ T7580] Bluetooth: hci9: command tx timeout
[  402.546484][ T9198] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.589008][ T9221] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  402.622678][ T9201] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.629880][ T9221] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  402.644960][ T9221] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  402.668100][ T9198] 8021q: adding VLAN 0 to HW filter on device team0
[  402.682931][ T9221] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  402.732697][ T7373] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.740056][ T7373] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.753489][ T7373] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.761243][ T7373] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.785856][ T9201] 8021q: adding VLAN 0 to HW filter on device team0
[  402.833766][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.841000][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.858826][ T9212] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.891571][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.898772][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.032894][ T9212] 8021q: adding VLAN 0 to HW filter on device team0
[  403.053086][ T9200] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.081209][ T7580] Bluetooth: hci5: command tx timeout
[  403.084011][ T7056] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.093891][ T7056] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.106721][ T7056] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.114230][ T7056] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.161444][ T7580] Bluetooth: hci6: command tx timeout
[  403.185838][ T9200] 8021q: adding VLAN 0 to HW filter on device team0
[  403.220383][ T9201] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  403.245638][ T7580] Bluetooth: hci7: command tx timeout
[  403.298164][ T4557] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.305700][ T4557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.356996][ T9221] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.387976][ T7375] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.395267][ T7375] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.464206][ T9221] 8021q: adding VLAN 0 to HW filter on device team0
[  403.515163][ T7371] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.522901][ T7371] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.579816][ T7371] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.587264][ T7371] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.758241][ T9198] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.882722][ T7580] Bluetooth: hci8: command tx timeout
[  403.956126][ T9201] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.196464][ T9212] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.522397][ T7580] Bluetooth: hci9: command tx timeout
[  404.629094][ T9221] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.670155][ T9200] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.954678][ T9198] veth0_vlan: entered promiscuous mode
[  405.010702][ T9198] veth1_vlan: entered promiscuous mode
[  405.164201][ T7580] Bluetooth: hci5: command tx timeout
[  405.216976][ T9198] veth0_macvtap: entered promiscuous mode
[  405.241224][ T7580] Bluetooth: hci6: command tx timeout
[  405.270072][ T9198] veth1_macvtap: entered promiscuous mode
[  405.321300][ T7580] Bluetooth: hci7: command tx timeout
[  405.415850][ T9212] veth0_vlan: entered promiscuous mode
[  405.458091][ T9198] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.490323][ T9201] veth0_vlan: entered promiscuous mode
[  405.513868][ T9212] veth1_vlan: entered promiscuous mode
[  405.540119][ T9198] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.586925][ T9198] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.596345][ T9198] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.613811][ T9198] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.624213][ T9198] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.637270][ T9201] veth1_vlan: entered promiscuous mode
[  405.707986][ T9212] veth0_macvtap: entered promiscuous mode
[  405.729185][ T9212] veth1_macvtap: entered promiscuous mode
[  405.821989][ T9221] veth0_vlan: entered promiscuous mode
[  405.865021][ T9212] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.896243][ T9212] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.928774][ T9200] veth0_vlan: entered promiscuous mode
[  405.938752][ T9212] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.952600][ T9212] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.961101][ T7580] Bluetooth: hci8: command tx timeout
[  405.963231][ T9212] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.980993][ T9212] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.997302][ T9201] veth0_macvtap: entered promiscuous mode
[  406.015829][ T9221] veth1_vlan: entered promiscuous mode
[  406.039386][ T9201] veth1_macvtap: entered promiscuous mode
[  406.068484][ T7371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.081077][ T7371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.103665][ T9200] veth1_vlan: entered promiscuous mode
[  406.148519][ T9201] batman_adv: batadv0: Interface activated: batadv_slave_0
[  406.212885][ T9201] batman_adv: batadv0: Interface activated: batadv_slave_1
[  406.228673][ T7371] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.238266][ T7371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.266300][ T9221] veth0_macvtap: entered promiscuous mode
[  406.286538][ T9201] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.296640][ T9201] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.306346][ T9201] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.315478][ T9201] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.393919][ T9221] veth1_macvtap: entered promiscuous mode
[  406.438202][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.466604][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.486434][ T9200] veth0_macvtap: entered promiscuous mode
[  406.526443][ T9221] batman_adv: batadv0: Interface activated: batadv_slave_0
[  406.556725][ T9200] veth1_macvtap: entered promiscuous mode
[  406.589386][ T9221] batman_adv: batadv0: Interface activated: batadv_slave_1
[  406.605314][ T7580] Bluetooth: hci9: command tx timeout
[  406.619747][ T7371] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.634027][ T7371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.681147][ T9221] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.690402][ T9221] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.699702][ T9221] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.708881][ T9221] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.723548][ T9200] batman_adv: batadv0: Interface activated: batadv_slave_0
[  406.760262][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.790014][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.807065][ T9200] batman_adv: batadv0: Interface activated: batadv_slave_1
[  406.884797][ T9200] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.895854][ T9200] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.905376][ T9200] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.914613][ T9200] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.977330][ T6128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.004523][ T6128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.153707][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.162680][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.277755][ T7054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.306460][ T7054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.472971][ T7373] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.501175][ T7373] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.755868][ T6128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.001210][ T6128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.845276][ T5170] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  409.256397][ T5170] usb 8-1: config 0 has an invalid interface number: 2 but max is 0
[  409.353962][ T5170] usb 8-1: config 0 has no interface number 0
[  409.360211][ T5170] usb 8-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  409.448515][ T5170] usb 8-1: config 0 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  409.509126][ T5170] usb 8-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.564770][ T5170] usb 8-1: config 0 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  409.600671][ T5170] usb 8-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  409.636966][ T5170] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.680062][ T5170] usb 8-1: config 0 descriptor??
[  410.227031][ T5170] usbhid 8-1:0.2: can't add hid device: -71
[  410.328021][ T5170] usbhid 8-1:0.2: probe with driver usbhid failed with error -71
[  410.422627][ T5170] usb 8-1: USB disconnect, device number 2
[  411.845297][ T9377] tipc: Started in network mode
[  411.868497][ T9377] tipc: Node identity ca98485384f4, cluster identity 4711
[  411.902913][ T9377] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  412.031320][ T9377] tipc: Resetting bearer <eth:syzkaller0>
[  412.107609][ T9370] tipc: Disabling bearer <eth:syzkaller0>
[  414.298486][ T9413] overlayfs: overlapping lowerdir path
[  414.547522][ T9418] netlink: 'syz.5.1096': attribute type 10 has an invalid length.
[  415.556764][ T9418] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  417.750527][ T9468] netlink: 'syz.9.1112': attribute type 10 has an invalid length.
[  418.168817][ T9468] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  418.464600][ T9492] tipc: Started in network mode
[  418.470272][ T9492] tipc: Node identity 0633047881d2, cluster identity 4711
[  418.478554][ T9492] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  418.486623][ T9492] syzkaller0: entered promiscuous mode
[  418.492893][ T9492] syzkaller0: entered allmulticast mode
[  418.519462][ T9492] tipc: Resetting bearer <eth:syzkaller0>
[  418.544620][ T9491] tipc: Resetting bearer <eth:syzkaller0>
[  418.658341][ T9491] tipc: Disabling bearer <eth:syzkaller0>
[  421.881302][ T5890] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  422.463411][ T5890] usb 7-1: New USB device found, idVendor=090a, idProduct=1200, bcdDevice=24.87
[  422.474569][ T5890] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.496501][ T5890] usb 7-1: config 0 descriptor??
[  422.505722][ T5890] usb-storage 7-1:0.0: USB Mass Storage device detected
[  422.740112][ T9268] usb 7-1: USB disconnect, device number 2
[  424.290697][ T9577] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1144'.
[  424.692444][ T9577] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  424.702044][ T9577] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  424.711762][ T9577] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  425.137773][ T7580] Bluetooth: hci9: hardware error 0x05
[  427.761341][ T9630] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1159'.
[  428.330829][ T7580] Bluetooth: hci9: Opcode 0x0c03 failed: -110
[  430.526258][ T5845] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  430.743577][ T5845] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  430.898957][ T5845] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  431.045290][ T5845] usb 10-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  431.275842][ T5845] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.381818][ T5845] usb 10-1: config 0 descriptor??
[  432.007175][ T9268] usb 10-1: USB disconnect, device number 2
[  433.108406][ T9694] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1186'.
[  433.338116][ T9698] tipc: Started in network mode
[  433.355946][ T9698] tipc: Node identity de37470945a, cluster identity 4711
[  433.386738][ T9698] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  433.412179][ T9701] syzkaller0: entered promiscuous mode
[  433.418005][ T9701] syzkaller0: entered allmulticast mode
[  433.501304][ T9698] tipc: Resetting bearer <eth:syzkaller0>
[  433.545229][ T9697] tipc: Resetting bearer <eth:syzkaller0>
[  433.608883][ T9697] tipc: Disabling bearer <eth:syzkaller0>
[  435.036467][ T9725] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1199'.
[  435.087016][ T9725] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1199'.
[  435.289357][ T9732] [U] 
[  435.292178][ T9732] [U] 
[  435.294956][ T9732] [U] 
[  435.297709][ T9732] [U] 
[  435.300673][ T9732] [U] 
[  435.303435][ T9732] [U] 
[  435.306187][ T9732] [U] 
[  435.308952][ T9732] [U] 
[  435.314157][ T9732] [U] 
[  435.316945][ T9732] [U] 
[  435.319702][ T9732] [U] 
[  435.322476][ T9732] [U] 
[  435.327627][ T9732] [U] 
[  435.330407][ T9732] [U] 
[  435.333160][ T9732] [U] 
[  435.335918][ T9732] [U] 
[  435.339339][ T9732] [U] 
[  435.342117][ T9732] [U] 
[  435.344865][ T9732] [U] 
[  435.347799][ T9732] [U] 
[  435.351137][ T9732] [U] 
[  435.353909][ T9732] [U] 
[  435.356663][ T9732] [U] 
[  435.359429][ T9732] [U] 
[  435.362849][ T9732] [U] 
[  435.365624][ T9732] [U] 
[  435.368382][ T9732] [U] 
[  435.371147][ T9732] [U] 
[  435.374274][ T9732] [U] 
[  435.377034][ T9732] [U] 
[  435.379884][ T9732] [U] 
[  435.382666][ T9732] [U] 
[  435.385834][ T9732] [U] 
[  435.388612][ T9732] [U] 
[  435.391369][ T9732] [U] 
[  435.394128][ T9732] [U] 
[  435.397333][ T9732] [U] 
[  435.400092][ T9732] [U] 
[  435.402942][ T9732] [U] 
[  435.405694][ T9732] [U] 
[  435.413149][ T9732] [U] 
[  435.415949][ T9732] [U] 
[  435.418711][ T9732] [U] 
[  435.421477][ T9732] [U] 
[  435.424776][ T9732] [U] 
[  435.427544][ T9732] [U] 
[  435.430303][ T9732] [U] 
[  435.433060][ T9732] [U] 
[  435.436496][ T9732] [U] 
[  435.439273][ T9732] [U] 
[  435.442157][ T9732] [U] 
[  435.444934][ T9732] [U] 
[  435.447958][ T9732] [U] 
[  435.450835][ T9732] [U] 
[  435.453596][ T9732] [U] 
[  435.456344][ T9732] [U] 
[  435.459458][ T9732] [U] 
[  435.462216][ T9732] [U] 
[  435.465066][ T9732] [U] 
[  435.467910][ T9732] [U] 
[  435.471003][ T9732] [U] 
[  435.473775][ T9732] [U] 
[  435.476527][ T9732] [U] 
[  435.479274][ T9732] [U] 
[  435.482665][ T9732] [U] 
[  435.485425][ T9732] [U] 
[  435.488179][ T9732] [U] 
[  435.491035][ T9732] [U] 
[  435.494148][ T9732] [U] 
[  435.496927][ T9732] [U] 
[  435.499691][ T9732] [U] 
[  435.502458][ T9732] [U] 
[  435.505637][ T9732] [U] 
[  435.508409][ T9732] [U] 
[  435.511162][ T9732] [U] 
[  435.513927][ T9732] [U] 
[  435.519113][ T9732] [U] 
[  435.521903][ T9732] [U] 
[  435.524661][ T9732] [U] 
[  435.527520][ T9732] [U] 
[  435.532637][ T9732] [U] 
[  435.535423][ T9732] [U] 
[  435.538178][ T9732] [U] 
[  435.540947][ T9732] [U] 
[  435.544093][ T9732] [U] 
[  435.546938][ T9732] [U] 
[  435.549688][ T9732] [U] 
[  435.552442][ T9732] [U] 
[  435.555625][ T9732] [U] 
[  435.558388][ T9732] [U] 
[  435.561137][ T9732] [U] 
[  435.563894][ T9732] [U] 
[  435.567124][ T9732] [U] 
[  435.569895][ T9732] [U] 
[  435.572652][ T9732] [U] 
[  435.575409][ T9732] [U] 
[  435.578506][ T9732] [U] 
[  435.581263][ T9732] [U] 
[  435.584012][ T9732] [U] 
[  435.586786][ T9732] [U] 
[  435.589934][ T9732] [U] 
[  435.592701][ T9732] [U] 
[  435.595457][ T9732] [U] 
[  435.598221][ T9732] [U] 
[  435.601496][ T9732] [U] 
[  435.604354][ T9732] [U] 
[  435.607107][ T9732] [U] 
[  435.609868][ T9732] [U] 
[  435.612815][ T9732] [U] 
[  435.615587][ T9732] [U] 
[  435.618341][ T9732] [U] 
[  435.621188][ T9732] [U] 
[  435.626590][ T9732] [U] 
[  435.629376][ T9732] [U] 
[  435.632127][ T9732] [U] 
[  435.634929][ T9732] [U] 
[  435.639292][ T9732] [U] 
[  435.642138][ T9732] [U] 
[  435.644949][ T9732] [U] 
[  435.647664][ T9732] [U] 
[  435.651763][ T9268] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  435.659778][ T9732] [U] 
[  435.662563][ T9732] [U] 
[  435.665340][ T9732] [U] 
[  435.668094][ T9732] [U] 
[  435.671385][ T9732] [U] 
[  435.674150][ T9732] [U] 
[  435.676893][ T9732] [U] 
[  435.958382][ T9727] [U] 
[  436.662989][ T9268] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  436.771478][ T9268] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  436.818353][ T9268] usb 8-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  436.869312][ T9268] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.898291][ T9268] usb 8-1: config 0 descriptor??
[  437.210920][ T9268] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  437.370817][ T9268] usb 7-1: Using ep0 maxpacket: 8
[  437.392826][ T9268] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  437.456786][ T9268] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  437.596649][ T9268] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  437.733918][ T9268] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  437.955413][ T9268] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  438.040958][ T9268] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  438.071065][ T9268] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.128643][ T5170] usb 8-1: USB disconnect, device number 3
[  438.371577][ T9268] usb 7-1: usb_control_msg returned -32
[  438.395654][ T9268] usbtmc 7-1:16.0: can't read capabilities
[  438.898921][ T9768] [U] 
[  438.901718][ T9768] [U] 
[  438.904462][ T9768] [U] 
[  438.907204][ T9768] [U] 
[  438.910165][ T9768] [U] 
[  438.912925][ T9768] [U] 
[  438.915668][ T9768] [U] 
[  438.918409][ T9768] [U] 
[  438.921848][ T9768] [U] 
[  438.924619][ T9768] [U] 
[  438.927361][ T9768] [U] 
[  438.930185][ T9768] [U] 
[  438.933033][ T9768] [U] 
[  438.935778][ T9768] [U] 
[  438.938526][ T9768] [U] 
[  438.941281][ T9768] [U] 
[  438.944321][ T9768] [U] 
[  438.947087][ T9768] [U] 
[  438.949836][ T9768] [U] 
[  438.952586][ T9768] [U] 
[  438.955662][ T9768] [U] 
[  438.958537][ T9768] [U] 
[  438.961418][ T9768] [U] 
[  438.964280][ T9768] [U] 
[  438.967565][ T9768] [U] 
[  438.970341][ T9768] [U] 
[  438.973371][ T9768] [U] 
[  438.976215][ T9768] [U] 
[  438.979238][ T9768] [U] 
[  438.982005][ T9768] [U] 
[  438.984774][ T9768] [U] 
[  438.987697][ T9768] [U] 
[  438.991031][ T9768] [U] 
[  438.993792][ T9768] [U] 
[  438.996540][ T9768] [U] 
[  438.999293][ T9768] [U] 
[  439.003602][ T9768] [U] 
[  439.006368][ T9768] [U] 
[  439.009247][ T9768] [U] 
[  439.011988][ T9768] [U] 
[  439.015907][ T9768] [U] 
[  439.019196][ T9768] [U] 
[  439.022024][ T9768] [U] 
[  439.024815][ T9768] [U] 
[  439.027859][ T9768] [U] 
[  439.030613][ T9768] [U] 
[  439.033397][ T9768] [U] 
[  439.036186][ T9768] [U] 
[  439.039338][ T9768] [U] 
[  439.042179][ T9768] [U] 
[  439.044918][ T9768] [U] 
[  439.047659][ T9768] [U] 
[  439.050712][ T9768] [U] 
[  439.053461][ T9768] [U] 
[  439.056220][ T9768] [U] 
[  439.058955][ T9768] [U] 
[  439.063775][ T9768] [U] 
[  439.066561][ T9768] [U] 
[  439.069482][ T9768] [U] 
[  439.072251][ T9768] [U] 
[  439.075241][ T9768] [U] 
[  439.077995][ T9768] [U] 
[  439.080734][ T9768] [U] 
[  439.083480][ T9768] [U] 
[  439.088077][ T9768] [U] 
[  439.090856][ T9768] [U] 
[  439.093618][ T9768] [U] 
[  439.096448][ T9768] [U] 
[  439.101141][ T9768] [U] 
[  439.103924][ T9768] [U] 
[  439.106763][ T9768] [U] 
[  439.109589][ T9768] [U] 
[  439.112914][ T9768] [U] 
[  439.115678][ T9768] [U] 
[  439.118423][ T9768] [U] 
[  439.121167][ T9768] [U] 
[  439.124150][ T9768] [U] 
[  439.127071][ T9768] [U] 
[  439.129808][ T9768] [U] 
[  439.132602][ T9768] [U] 
[  439.135745][ T9768] [U] 
[  439.138586][ T9768] [U] 
[  439.141331][ T9768] [U] 
[  439.144081][ T9768] [U] 
[  439.151043][ T9768] [U] 
[  439.153830][ T9768] [U] 
[  439.156677][ T9768] [U] 
[  439.159581][ T9768] [U] 
[  439.162878][ T9768] [U] 
[  439.165627][ T9768] [U] 
[  439.168458][ T9768] [U] 
[  439.171199][ T9768] [U] 
[  439.174209][ T9768] [U] 
[  439.176957][ T9768] [U] 
[  439.179696][ T9768] [U] 
[  439.182433][ T9768] [U] 
[  439.185489][ T9768] [U] 
[  439.188247][ T9768] [U] 
[  439.191066][ T9768] [U] 
[  439.193872][ T9768] [U] 
[  439.196983][ T9768] [U] 
[  439.199944][ T9768] [U] 
[  439.202697][ T9768] [U] 
[  439.205450][ T9768] [U] 
[  439.209671][ T9768] [U] 
[  439.212449][ T9768] [U] 
[  439.215194][ T9768] [U] 
[  439.217944][ T9768] [U] 
[  439.221751][ T9768] [U] 
[  439.224514][ T9768] [U] 
[  439.227276][ T9768] [U] 
[  439.230033][ T9768] [U] 
[  439.233630][ T9768] [U] 
[  439.236398][ T9768] [U] 
[  439.239145][ T9768] [U] 
[  439.241978][ T9768] [U] 
[  439.245212][ T9768] [U] 
[  439.247973][ T9768] [U] 
[  439.250720][ T9768] [U] 
[  439.253459][ T9768] [U] 
[  439.256716][ T9768] [U] 
[  439.259601][ T9768] [U] 
[  439.262443][ T9768] [U] 
[  439.265192][ T9768] [U] 
[  439.268230][ T9768] [U] 
[  439.271042][ T9768] [U] 
[  439.273790][ T9768] [U] 
[  439.675366][ T9765] [U] 
[  439.998767][ T9772] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1215'.
[  440.039810][ T9772] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1215'.
[  441.503840][ T9268] usb 7-1: USB disconnect, device number 3
[  441.620652][ T9798] overlayfs: overlapping lowerdir path
[  442.346976][ T9805] [U] 
[  442.349787][ T9805] [U] 
[  442.352531][ T9805] [U] 
[  442.355314][ T9805] [U] 
[  442.358265][ T9805] [U] 
[  442.361027][ T9805] [U] 
[  442.363767][ T9805] [U] 
[  442.366513][ T9805] [U] 
[  442.369667][ T9805] [U] 
[  442.372511][ T9805] [U] 
[  442.375288][ T9805] [U] 
[  442.378062][ T9805] [U] 
[  442.383101][ T9805] [U] 
[  442.385969][ T9805] [U] 
[  442.388719][ T9805] [U] 
[  442.391458][ T9805] [U] 
[  442.396229][ T9805] [U] 
[  442.398991][ T9805] [U] 
[  442.401913][ T9805] [U] 
[  442.404745][ T9805] [U] 
[  442.407921][ T9805] [U] 
[  442.410768][ T9805] [U] 
[  442.413591][ T9805] [U] 
[  442.416322][ T9805] [U] 
[  442.419539][ T9805] [U] 
[  442.422286][ T9805] [U] 
[  442.425027][ T9805] [U] 
[  442.427763][ T9805] [U] 
[  442.430822][ T9805] [U] 
[  442.433582][ T9805] [U] 
[  442.436347][ T9805] [U] 
[  442.439095][ T9805] [U] 
[  442.442797][ T9805] [U] 
[  442.445644][ T9805] [U] 
[  442.448383][ T9805] [U] 
[  442.451120][ T9805] [U] 
[  442.454167][ T9805] [U] 
[  442.457000][ T9805] [U] 
[  442.459744][ T9805] [U] 
[  442.462581][ T9805] [U] 
[  442.466984][ T9805] [U] 
[  442.469764][ T9805] [U] 
[  442.472588][ T9805] [U] 
[  442.475460][ T9805] [U] 
[  442.480404][ T9805] [U] 
[  442.483192][ T9805] [U] 
[  442.485950][ T9805] [U] 
[  442.488778][ T9805] [U] 
[  442.493644][ T9805] [U] 
[  442.496509][ T9805] [U] 
[  442.499249][ T9805] [U] 
[  442.502003][ T9805] [U] 
[  442.505007][ T9805] [U] 
[  442.507857][ T9805] [U] 
[  442.510603][ T9805] [U] 
[  442.513354][ T9805] [U] 
[  442.566915][ T9805] [U] 
[  442.569724][ T9805] [U] 
[  442.572467][ T9805] [U] 
[  442.575204][ T9805] [U] 
[  442.590214][ T9805] [U] 
[  442.593006][ T9805] [U] 
[  442.595748][ T9805] [U] 
[  442.598574][ T9805] [U] 
[  442.602003][ T9805] [U] 
[  442.604854][ T9805] [U] 
[  442.607680][ T9805] [U] 
[  442.610416][ T9805] [U] 
[  442.613534][ T9805] [U] 
[  442.616336][ T9805] [U] 
[  442.619091][ T9805] [U] 
[  442.621926][ T9805] [U] 
[  442.625284][ T9805] [U] 
[  442.628123][ T9805] [U] 
[  442.630873][ T9805] [U] 
[  442.633616][ T9805] [U] 
[  442.636626][ T9805] [U] 
[  442.639371][ T9805] [U] 
[  442.642113][ T9805] [U] 
[  442.644872][ T9805] [U] 
[  442.648242][ T9805] [U] 
[  442.651265][ T9805] [U] 
[  442.654104][ T9805] [U] 
[  442.656842][ T9805] [U] 
[  442.660062][ T9805] [U] 
[  442.663002][ T9805] [U] 
[  442.665848][ T9805] [U] 
[  442.668680][ T9805] [U] 
[  442.672148][ T9805] [U] 
[  442.674899][ T9805] [U] 
[  442.677639][ T9805] [U] 
[  442.680382][ T9805] [U] 
[  442.692527][ T9805] [U] 
[  442.695410][ T9805] [U] 
[  442.698187][ T9805] [U] 
[  442.700928][ T9805] [U] 
[  442.704486][ T9805] [U] 
[  442.707342][ T9805] [U] 
[  442.710135][ T9805] [U] 
[  442.713138][ T9805] [U] 
[  442.716371][ T9805] [U] 
[  442.719185][ T9805] [U] 
[  442.722042][ T9805] [U] 
[  442.724896][ T9805] [U] 
[  442.728033][ T9805] [U] 
[  442.730823][ T9805] [U] 
[  442.733573][ T9805] [U] 
[  442.736310][ T9805] [U] 
[  442.739477][ T9805] [U] 
[  442.742316][ T9805] [U] 
[  442.745057][ T9805] [U] 
[  442.747882][ T9805] [U] 
[  442.751023][ T9805] [U] 
[  442.753778][ T9805] [U] 
[  442.756518][ T9805] [U] 
[  442.759258][ T9805] [U] 
[  442.762593][ T9805] [U] 
[  442.765427][ T9805] [U] 
[  442.768254][ T9805] [U] 
[  442.771108][ T9805] [U] 
[  442.774862][ T9805] [U] 
[  442.777627][ T9805] [U] 
[  442.780363][ T9805] [U] 
[  442.783195][ T9805] [U] 
[  442.790829][ T9805] [U] 
[  442.793704][ T9805] [U] 
[  442.796714][ T9805] [U] 
[  442.806567][ T9805] [U] 
[  443.109806][ T9321] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  443.792499][ T9321] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  443.821461][ T9321] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  443.840807][ T9321] usb 9-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  443.850043][ T9321] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.896826][ T9321] usb 9-1: config 0 descriptor??
[  444.471047][ T5845] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  444.541484][ T5170] usb 9-1: USB disconnect, device number 2
[  444.641335][ T5845] usb 10-1: Using ep0 maxpacket: 16
[  444.649019][ T5845] usb 10-1: config 0 has an invalid interface number: 41 but max is 0
[  444.681126][ T5845] usb 10-1: config 0 has no interface number 0
[  444.687505][ T5845] usb 10-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  444.730904][ T5845] usb 10-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  444.771264][ T5845] usb 10-1: config 0 interface 41 has no altsetting 0
[  444.793385][ T5845] usb 10-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  444.807592][ T5845] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.841309][ T5845] usb 10-1: Product: syz
[  444.846205][ T5845] usb 10-1: Manufacturer: syz
[  444.867200][ T5845] usb 10-1: SerialNumber: syz
[  444.885547][ T5845] usb 10-1: config 0 descriptor??
[  444.901902][ T9823] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  444.909490][ T9823] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  445.136662][ T9823] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  445.162662][ T9823] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  445.405074][ T9845] [U] 
[  445.407876][ T9845] [U] 
[  445.410632][ T9845] [U] 
[  445.413474][ T9845] [U] 
[  445.416675][ T9845] [U] 
[  445.419515][ T9845] [U] 
[  445.422262][ T9845] [U] 
[  445.425023][ T9845] [U] 
[  445.427879][ T9845] [U] 
[  445.430623][ T9845] [U] 
[  445.433381][ T9845] [U] 
[  445.436122][ T9845] [U] 
[  445.439175][ T9845] [U] 
[  445.441939][ T9845] [U] 
[  445.444685][ T9845] [U] 
[  445.447428][ T9845] [U] 
[  445.452415][ T9845] [U] 
[  445.455190][ T9845] [U] 
[  445.458016][ T9845] [U] 
[  445.460883][ T9845] [U] 
[  445.466056][ T9845] [U] 
[  445.468918][ T9845] [U] 
[  445.471657][ T9845] [U] 
[  445.474406][ T9845] [U] 
[  445.477527][ T9845] [U] 
[  445.480559][ T9845] [U] 
[  445.483310][ T9845] [U] 
[  445.486143][ T9845] [U] 
[  445.489204][ T9845] [U] 
[  445.491971][ T9845] [U] 
[  445.495087][ T9845] [U] 
[  445.497846][ T9845] [U] 
[  445.501297][ T9845] [U] 
[  445.504064][ T9845] [U] 
[  445.506896][ T9845] [U] 
[  445.509725][ T9845] [U] 
[  445.512640][ T9845] [U] 
[  445.515390][ T9845] [U] 
[  445.518145][ T9845] [U] 
[  445.520885][ T9845] [U] 
[  445.524124][ T9845] [U] 
[  445.526883][ T9845] [U] 
[  445.529630][ T9845] [U] 
[  445.532456][ T9845] [U] 
[  445.535474][ T9845] [U] 
[  445.538234][ T9845] [U] 
[  445.540991][ T9845] [U] 
[  445.543835][ T9845] [U] 
[  445.550294][ T9845] [U] 
[  445.553077][ T9845] [U] 
[  445.555811][ T9845] [U] 
[  445.558613][ T9845] [U] 
[  445.562067][ T9845] [U] 
[  445.564829][ T9845] [U] 
[  445.567576][ T9845] [U] 
[  445.570359][ T9845] [U] 
[  445.573982][ T9845] [U] 
[  445.576828][ T9845] [U] 
[  445.579662][ T9845] [U] 
[  445.582415][ T9845] [U] 
[  445.585428][ T9845] [U] 
[  445.588272][ T9845] [U] 
[  445.591081][ T9845] [U] 
[  445.593835][ T9845] [U] 
[  445.596861][ T9845] [U] 
[  445.599841][ T9845] [U] 
[  445.602585][ T9845] [U] 
[  445.605324][ T9845] [U] 
[  445.608276][ T9845] [U] 
[  445.611027][ T9845] [U] 
[  445.613849][ T9845] [U] 
[  445.616608][ T9845] [U] 
[  445.619846][ T9845] [U] 
[  445.622710][ T9845] [U] 
[  445.625487][ T9845] [U] 
[  445.628400][ T9845] [U] 
[  445.631314][ T9845] [U] 
[  445.634072][ T9845] [U] 
[  445.636904][ T9845] [U] 
[  445.639641][ T9845] [U] 
[  445.642768][ T9845] [U] 
[  445.645527][ T9845] [U] 
[  445.648269][ T9845] [U] 
[  445.651135][ T9845] [U] 
[  445.656068][ T9845] [U] 
[  445.658837][ T9845] [U] 
[  445.661598][ T9845] [U] 
[  445.664340][ T9845] [U] 
[  445.668961][ T9845] [U] 
[  445.671811][ T9845] [U] 
[  445.674557][ T9845] [U] 
[  445.677311][ T9845] [U] 
[  445.680610][ T9845] [U] 
[  445.683361][ T9845] [U] 
[  445.686115][ T9845] [U] 
[  445.688871][ T9845] [U] 
[  445.692385][ T9845] [U] 
[  445.695140][ T9845] [U] 
[  445.697969][ T9845] [U] 
[  445.700710][ T9845] [U] 
[  445.703600][ T9845] [U] 
[  445.706343][ T9845] [U] 
[  445.709081][ T9845] [U] 
[  445.711857][ T9845] [U] 
[  445.715417][ T9845] [U] 
[  445.718334][ T9845] [U] 
[  445.721078][ T9845] [U] 
[  445.723915][ T9845] [U] 
[  445.727177][ T9845] [U] 
[  445.730017][ T9845] [U] 
[  445.732795][ T9845] [U] 
[  445.735559][ T9845] [U] 
[  445.739315][ T9845] [U] 
[  445.742064][ T9845] [U] 
[  445.744807][ T9845] [U] 
[  445.747555][ T9845] [U] 
[  445.750547][ T9845] [U] 
[  445.753296][ T9845] [U] 
[  445.756049][ T9845] [U] 
[  445.758799][ T9845] [U] 
[  445.763832][ T9845] [U] 
[  445.766679][ T9845] [U] 
[  445.769432][ T9845] [U] 
[  445.772220][ T9845] [U] 
[  445.776795][ T9845] [U] 
[  445.779695][ T9845] [U] 
[  445.782531][ T9845] [U] 
[  445.865209][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  445.876306][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  446.175438][ T9842] [U] 
[  446.607709][ T5845] CoreChips 10-1:0.41: probe with driver CoreChips failed with error -22
[  446.722495][ T5840] Bluetooth: hci6: hardware error 0x05
[  448.401479][    T9] usb 10-1: USB disconnect, device number 3
[  448.507062][ T9870] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1251'.
[  448.543532][ T9870] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1251'.
[  448.851222][ T5840] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  448.966162][ T9886] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1253'.
[  450.260833][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  450.541950][ T9908] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  450.621771][   T24] usb 6-1: config 0 has an invalid interface number: 2 but max is 0
[  450.645610][   T24] usb 6-1: config 0 has no interface number 0
[  450.655571][ T9913] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1266'.
[  450.690853][   T24] usb 6-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  450.695038][ T9913] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1266'.
[  450.720876][   T24] usb 6-1: config 0 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.753173][   T24] usb 6-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.776283][   T24] usb 6-1: config 0 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  450.799337][   T24] usb 6-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  450.809300][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.840825][   T24] usb 6-1: config 0 descriptor??
[  451.272126][   T24] hid (null): report_id 0 is invalid
[  451.305197][   T24] wacom 0003:056A:0084.0005: report_id 0 is invalid
[  451.340856][   T24] wacom 0003:056A:0084.0005: item 0 1 1 8 parsing failed
[  451.348734][   T24] wacom 0003:056A:0084.0005: parse failed
[  451.363302][   T24] wacom 0003:056A:0084.0005: probe with driver wacom failed with error -22
[  451.483354][   T24] usb 6-1: USB disconnect, device number 2
[  453.440973][ T9960] overlayfs: overlapping lowerdir path
[  455.315754][ T9947] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  455.363459][ T9948] tipc: Resetting bearer <eth:syzkaller0>
[  455.411912][ T9945] tipc: Disabling bearer <eth:syzkaller0>
[  455.860872][ T5845] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  456.007549][ T9981] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1290'.
[  456.783449][ T5845] usb 9-1: config 0 has an invalid interface number: 2 but max is 0
[  456.807903][ T5845] usb 9-1: config 0 has no interface number 0
[  456.818561][ T9986] vlan0: entered promiscuous mode
[  456.841251][ T5845] usb 9-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  456.877387][ T9984] [U] ^C
[  456.886560][ T5845] usb 9-1: config 0 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  456.931862][ T5845] usb 9-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  457.000230][ T5845] usb 9-1: config 0 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  457.050422][ T5845] usb 9-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  457.060235][ T5845] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.079274][ T5845] usb 9-1: config 0 descriptor??
[  457.505077][ T5845] hid (null): report_id 0 is invalid
[  457.545958][ T5845] wacom 0003:056A:0084.0006: report_id 0 is invalid
[  457.569922][ T5845] wacom 0003:056A:0084.0006: item 0 1 1 8 parsing failed
[  457.592935][ T5845] wacom 0003:056A:0084.0006: parse failed
[  457.599614][ T5845] wacom 0003:056A:0084.0006: probe with driver wacom failed with error -22
[  457.711593][ T5845] usb 9-1: USB disconnect, device number 3
[  458.540884][ T5845] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  458.729656][ T5845] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  458.750942][ T5845] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  458.781908][ T5845] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  458.795742][ T5845] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.864199][T10017] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  458.894249][ T5845] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  459.106503][T10017] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1304'.
[  459.122073][T10017] netlink: 'syz.7.1304': attribute type 2 has an invalid length.
[  459.131720][T10017] netlink: 'syz.7.1304': attribute type 1 has an invalid length.
[  461.061932][T10015] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  461.102108][ T5845] usb 8-1: USB disconnect, device number 4
[  462.772599][T10058] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1315'.
[  462.928537][T10070] comedi comedi0: Minor -2147450880 is invalid!
[  463.798698][T10074] tipc: Started in network mode
[  463.824909][T10074] tipc: Node identity 7eee41997f1, cluster identity 4711
[  463.857533][T10074] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  463.919997][T10074] tipc: Resetting bearer <eth:syzkaller0>
[  464.447019][T10073] tipc: Disabling bearer <eth:syzkaller0>
[  464.551590][T10088] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  465.519345][T10113] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  465.571397][T10112] syzkaller0: entered promiscuous mode
[  465.577246][T10112] syzkaller0: entered allmulticast mode
[  465.622291][   T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  465.629311][T10112] tipc: Resetting bearer <eth:syzkaller0>
[  465.647865][T10111] tipc: Resetting bearer <eth:syzkaller0>
[  465.666598][T10111] tipc: Disabling bearer <eth:syzkaller0>
[  465.872661][   T24] usb 7-1: config 0 has no interfaces?
[  465.980989][   T24] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  466.021387][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.091078][   T24] usb 7-1: Product: syz
[  466.095341][   T24] usb 7-1: Manufacturer: syz
[  466.115801][T10124] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  466.136024][T10124] syzkaller0: entered promiscuous mode
[  466.144707][T10124] syzkaller0: entered allmulticast mode
[  466.157919][   T24] usb 7-1: SerialNumber: syz
[  466.202043][T10123] tipc: Resetting bearer <eth:syzkaller0>
[  466.262557][T10123] tipc: Disabling bearer <eth:syzkaller0>
[  466.474462][T10132] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  466.496485][T10132] syzkaller0: entered promiscuous mode
[  466.514339][T10132] syzkaller0: entered allmulticast mode
[  466.581997][   T24] usb 7-1: config 0 descriptor??
[  466.807221][T10131] tipc: Resetting bearer <eth:syzkaller0>
[  467.041638][T10131] tipc: Disabling bearer <eth:syzkaller0>
[  468.390514][T10161] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1345'.
[  469.323933][T10175] tipc: Started in network mode
[  469.365629][T10175] tipc: Node identity d297ca4ee173, cluster identity 4711
[  469.394342][T10175] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  469.417863][T10178] syzkaller0: entered promiscuous mode
[  469.447314][T10178] syzkaller0: entered allmulticast mode
[  469.541189][T10167] tipc: Resetting bearer <eth:syzkaller0>
[  469.649483][T10167] tipc: Disabling bearer <eth:syzkaller0>
[  469.831184][T10186] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  469.870972][T10186] syzkaller0: entered promiscuous mode
[  469.876761][T10186] syzkaller0: entered allmulticast mode
[  470.074890][T10185] tipc: Resetting bearer <eth:syzkaller0>
[  470.132144][ T9321] usb 7-1: USB disconnect, device number 4
[  470.150769][T10195] netlink: 'syz.7.1354': attribute type 10 has an invalid length.
[  470.253873][T10185] tipc: Disabling bearer <eth:syzkaller0>
[  470.337090][T10195] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  470.391404][  T775] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.434198][  T775] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.559160][T10211] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1360'.
[  471.858842][T10226] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  471.874801][T10226] tipc: Resetting bearer <eth:syzkaller0>
[  471.940127][T10224] tipc: Disabling bearer <eth:syzkaller0>
[  472.875176][ T5954] tipc: Node number set to 33440153
[  473.695271][T10248] netlink: 'syz.6.1373': attribute type 10 has an invalid length.
[  473.860296][T10248] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  473.908511][ T7056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.935922][ T7056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.071676][ T5845] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  474.277485][ T5845] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  474.326220][ T5845] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  474.370579][ T5845] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  474.386064][ T5845] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.497345][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  474.497361][   T30] audit: type=1326 audit(1753985859.634:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10240 comm="syz.7.1370" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0668d8eb69 code=0x0
[  474.737272][ T5845] usb 9-1: usb_control_msg returned -32
[  474.746294][ T5845] usbtmc 9-1:16.0: can't read capabilities
[  474.844625][T10271] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  474.857244][T10271] syzkaller0: entered promiscuous mode
[  474.875709][T10271] syzkaller0: entered allmulticast mode
[  474.912366][T10271] tipc: Resetting bearer <eth:syzkaller0>
[  474.920420][T10269] tipc: Resetting bearer <eth:syzkaller0>
[  474.991436][T10269] tipc: Disabling bearer <eth:syzkaller0>
[  475.031082][ T5845] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  475.191228][ T5845] usb 10-1: Using ep0 maxpacket: 16
[  475.206396][ T5845] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  475.246357][ T5845] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  475.330215][ T5845] usb 10-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  475.383249][ T5845] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.438147][ T5845] usb 10-1: config 0 descriptor??
[  475.476697][ T5845] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[  475.704644][ T5845] usb 10-1: USB disconnect, device number 4
[  476.196552][T10292] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  476.216582][T10292] tipc: Resetting bearer <eth:syzkaller0>
[  476.247698][T10291] tipc: Disabling bearer <eth:syzkaller0>
[  476.957460][ T5954] usb 9-1: USB disconnect, device number 4
[  479.784661][T10345] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1399'.
[  479.838461][T10347] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1400'.
[  481.673115][T10362] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  481.673173][T10356] IPVS: stopping backup sync thread 10362 ...
[  482.291711][T10369] vivid-001: disconnect
[  482.463059][T10377] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1409'.
[  482.647838][T10384] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  483.578017][T10368] vivid-001: reconnect
[  484.433167][T10404] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1416'.
[  485.536325][T10427] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  485.565944][T10427] syzkaller0: entered promiscuous mode
[  485.578478][T10427] syzkaller0: entered allmulticast mode
[  485.659439][T10427] tipc: Resetting bearer <eth:syzkaller0>
[  485.713588][T10426] tipc: Resetting bearer <eth:syzkaller0>
[  485.759122][T10426] tipc: Disabling bearer <eth:syzkaller0>
[  486.335124][ T5845] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  486.521501][ T5845] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  486.556970][ T5845] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  486.585955][ T5845] usb 8-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  486.626192][ T5845] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.657485][ T5845] usb 8-1: config 0 descriptor??
[  487.120429][T10465] random: crng reseeded on system resumption
[  487.288286][ T5954] usb 8-1: USB disconnect, device number 5
[  487.723687][ T5845] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  488.223879][ T5845] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  488.338263][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1442'.
[  489.051409][ T5845] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  489.080933][ T5845] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  489.133349][ T5845] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  489.290841][ T5845] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  489.323227][ T5845] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.577273][ T5845] usb 6-1: config 0 descriptor??
[  489.648822][T10482] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  490.472567][ T5845] usbhid 6-1:0.0: can't add hid device: -71
[  490.510913][ T5845] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  490.608666][ T5845] usb 6-1: USB disconnect, device number 3
[  491.161954][ T5954] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  492.333575][ T5954] usb 8-1: config 0 has no interfaces?
[  492.362136][ T5954] usb 8-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  492.372125][ T5954] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.380350][ T5954] usb 8-1: Product: syz
[  492.445369][ T5954] usb 8-1: Manufacturer: syz
[  492.463682][ T5954] usb 8-1: SerialNumber: syz
[  492.478762][ T5954] usb 8-1: config 0 descriptor??
[  492.490284][T10511] netlink: 'syz.9.1453': attribute type 1 has an invalid length.
[  492.660990][ T5953] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  492.692775][T10516] bond1: (slave gretap1): making interface the new active one
[  492.750902][T10516] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  492.893180][ T5953] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.930784][ T5953] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  493.006610][ T5953] usb 7-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  493.049691][ T5953] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.086303][T10524] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1455'.
[  493.099113][ T5953] usb 7-1: config 0 descriptor??
[  493.654621][    T9] usb 7-1: USB disconnect, device number 5
[  495.585756][    T9] usb 8-1: USB disconnect, device number 6
[  495.592784][T10548] syzkaller0: entered promiscuous mode
[  495.615711][T10548] syzkaller0: entered allmulticast mode
[  498.158126][T10577] [U] 
[  498.160937][T10577] [U] 
[  498.164121][T10577] [U] 
[  498.166869][T10577] [U] 
[  498.169924][T10577] [U] 
[  498.172678][T10577] [U] 
[  498.175427][T10577] [U] 
[  498.178278][T10577] [U] 
[  498.183723][T10577] [U] 
[  498.186496][T10577] [U] 
[  498.189240][T10577] [U] 
[  498.191997][T10577] [U] 
[  498.195906][T10577] [U] 
[  498.198923][T10577] [U] 
[  498.201680][T10577] [U] 
[  498.204418][T10577] [U] 
[  498.207380][T10577] [U] 
[  498.210122][T10577] [U] 
[  498.212864][T10577] [U] 
[  498.215604][T10577] [U] 
[  498.218640][T10577] [U] 
[  498.221391][T10577] [U] 
[  498.224223][T10577] [U] 
[  498.226990][T10577] [U] 
[  498.231965][T10577] [U] 
[  498.234726][T10577] [U] 
[  498.237559][T10577] [U] 
[  498.240569][T10577] [U] 
[  498.243633][T10577] [U] 
[  498.246398][T10577] [U] 
[  498.249154][T10577] [U] 
[  498.252083][T10577] [U] 
[  498.255152][T10577] [U] 
[  498.257911][T10577] [U] 
[  498.260666][T10577] [U] 
[  498.263416][T10577] [U] 
[  498.266397][T10577] [U] 
[  498.269145][T10577] [U] 
[  498.271897][T10577] [U] 
[  498.274645][T10577] [U] 
[  498.281099][T10577] [U] 
[  498.283878][T10577] [U] 
[  498.286665][T10577] [U] 
[  498.289752][T10577] [U] 
[  498.293663][T10577] [U] 
[  498.296428][T10577] [U] 
[  498.299199][T10577] [U] 
[  498.301942][T10577] [U] 
[  498.305989][T10577] [U] 
[  498.308744][T10577] [U] 
[  498.311484][T10577] [U] 
[  498.314229][T10577] [U] 
[  498.317216][T10577] [U] 
[  498.319960][T10577] [U] 
[  498.322707][T10577] [U] 
[  498.325534][T10577] [U] 
[  498.328595][T10577] [U] 
[  498.331395][T10577] [U] 
[  498.334570][T10577] [U] 
[  498.337325][T10577] [U] 
[  498.340292][T10577] [U] 
[  498.343051][T10577] [U] 
[  498.345801][T10577] [U] 
[  498.348541][T10577] [U] 
[  498.351789][T10577] [U] 
[  498.354628][T10577] [U] 
[  498.357370][T10577] [U] 
[  498.360117][T10577] [U] 
[  498.363326][T10577] [U] 
[  498.366077][T10577] [U] 
[  498.368901][T10577] [U] 
[  498.371638][T10577] [U] 
[  498.374714][T10577] [U] 
[  498.377471][T10577] [U] 
[  498.380216][T10577] [U] 
[  498.382958][T10577] [U] 
[  498.386840][T10577] [U] 
[  498.389655][T10577] [U] 
[  498.392523][T10577] [U] 
[  498.395260][T10577] [U] 
[  498.399180][T10577] [U] 
[  498.401937][T10577] [U] 
[  498.404679][T10577] [U] 
[  498.407422][T10577] [U] 
[  498.410346][T10577] [U] 
[  498.413088][T10577] [U] 
[  498.415839][T10577] [U] 
[  498.418576][T10577] [U] 
[  498.421822][T10577] [U] 
[  498.424664][T10577] [U] 
[  498.427403][T10577] [U] 
[  498.430139][T10577] [U] 
[  498.433060][T10577] [U] 
[  498.435804][T10577] [U] 
[  498.438640][T10577] [U] 
[  498.441378][T10577] [U] 
[  498.444468][T10577] [U] 
[  498.447221][T10577] [U] 
[  498.449958][T10577] [U] 
[  498.452730][T10577] [U] 
[  498.455918][T10577] [U] 
[  498.458687][T10577] [U] 
[  498.461443][T10577] [U] 
[  498.464183][T10577] [U] 
[  498.467334][T10577] [U] 
[  498.470197][T10577] [U] 
[  498.473044][T10577] [U] 
[  498.475826][T10577] [U] 
[  498.478878][T10577] [U] 
[  498.481744][T10577] [U] 
[  498.484508][T10577] [U] 
[  498.487258][T10577] [U] 
[  498.492131][T10577] [U] 
[  498.494904][T10577] [U] 
[  498.497643][T10577] [U] 
[  498.500385][T10577] [U] 
[  498.503391][T10577] [U] 
[  498.506144][T10577] [U] 
[  498.508985][T10577] [U] 
[  498.511724][T10577] [U] 
[  498.515887][T10577] [U] 
[  498.518759][T10577] [U] 
[  498.521520][T10577] [U] 
[  498.524262][T10577] [U] 
[  498.527991][T10577] [U] 
[  498.530768][T10577] [U] 
[  498.533519][T10577] [U] 
[  498.942340][T10573] [U] 
[  502.630912][T10610] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  502.638632][T10610] IPv6: NLM_F_CREATE should be set when creating new route
[  502.695073][T10610] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  502.859598][T10616] [U] 
[  502.862393][T10616] [U] 
[  502.865240][T10616] [U] 
[  502.867995][T10616] [U] 
[  502.871339][T10616] [U] 
[  502.874215][T10616] [U] 
[  502.877046][T10616] [U] 
[  502.879773][T10616] [U] 
[  502.882767][T10616] [U] 
[  502.885525][T10616] [U] 
[  502.888268][T10616] [U] 
[  502.891094][T10616] [U] 
[  502.899485][T10616] [U] 
[  502.902277][T10616] [U] 
[  502.905022][T10616] [U] 
[  502.907910][T10616] [U] 
[  502.910997][T10616] [U] 
[  502.913767][T10616] [U] 
[  502.916587][T10616] [U] 
[  502.919347][T10616] [U] 
[  502.922748][T10616] [U] 
[  502.925589][T10616] [U] 
[  502.928306][T10616] [U] 
[  502.931034][T10616] [U] 
[  502.940878][T10616] [U] 
[  502.943721][T10616] [U] 
[  502.946473][T10616] [U] 
[  502.949307][T10616] [U] 
[  502.952358][T10616] [U] 
[  502.955123][T10616] [U] 
[  502.957911][T10616] [U] 
[  502.960671][T10616] [U] 
[  502.965621][T10616] [U] 
[  502.968397][T10616] [U] 
[  502.971199][T10616] [U] 
[  502.973998][T10616] [U] 
[  502.977180][T10616] [U] 
[  502.980133][T10616] [U] 
[  502.982922][T10616] [U] 
[  502.985653][T10616] [U] 
[  502.989540][T10616] [U] 
[  502.992339][T10616] [U] 
[  502.995152][T10616] [U] 
[  502.997909][T10616] [U] 
[  503.008916][T10616] [U] 
[  503.011730][T10616] [U] 
[  503.014499][T10616] [U] 
[  503.017272][T10616] [U] 
[  503.020429][T10616] [U] 
[  503.023207][T10616] [U] 
[  503.025990][T10616] [U] 
[  503.028739][T10616] [U] 
[  503.032389][T10616] [U] 
[  503.035173][T10616] [U] 
[  503.037961][T10616] [U] 
[  503.040724][T10616] [U] 
[  503.048815][T10616] [U] 
[  503.051632][T10616] [U] 
[  503.054359][T10616] [U] 
[  503.057101][T10616] [U] 
[  503.060249][T10616] [U] 
[  503.062994][T10616] [U] 
[  503.065726][T10616] [U] 
[  503.068453][T10616] [U] 
[  503.072131][T10616] [U] 
[  503.074895][T10616] [U] 
[  503.077790][T10616] [U] 
[  503.080591][T10616] [U] 
[  503.084722][T10616] [U] 
[  503.087592][T10616] [U] 
[  503.090399][T10616] [U] 
[  503.093135][T10616] [U] 
[  503.099043][T10616] [U] 
[  503.101821][T10616] [U] 
[  503.104547][T10616] [U] 
[  503.107433][T10616] [U] 
[  503.110848][T10616] [U] 
[  503.113698][T10616] [U] 
[  503.116504][T10616] [U] 
[  503.119314][T10616] [U] 
[  503.123448][T10616] [U] 
[  503.126241][T10616] [U] 
[  503.128977][T10616] [U] 
[  503.131781][T10616] [U] 
[  503.135089][T10616] [U] 
[  503.137832][T10616] [U] 
[  503.140552][T10616] [U] 
[  503.143279][T10616] [U] 
[  503.146476][T10616] [U] 
[  503.149244][T10616] [U] 
[  503.152134][T10616] [U] 
[  503.154906][T10616] [U] 
[  503.157894][T10616] [U] 
[  503.160816][T10616] [U] 
[  503.163634][T10616] [U] 
[  503.166437][T10616] [U] 
[  503.169518][T10616] [U] 
[  503.172285][T10616] [U] 
[  503.175048][T10616] [U] 
[  503.177815][T10616] [U] 
[  503.181096][T10616] [U] 
[  503.184016][T10616] [U] 
[  503.186740][T10616] [U] 
[  503.189542][T10616] [U] 
[  503.192874][T10616] [U] 
[  503.195650][T10616] [U] 
[  503.198399][T10616] [U] 
[  503.201143][T10616] [U] 
[  503.205184][T10616] [U] 
[  503.207963][T10616] [U] 
[  503.210706][T10616] [U] 
[  503.213451][T10616] [U] 
[  503.218031][T10616] [U] 
[  503.220902][T10616] [U] 
[  503.223660][T10616] [U] 
[  503.226404][T10616] [U] 
[  503.229757][T10616] [U] 
[  503.232533][T10616] [U] 
[  503.235367][T10616] [U] 
[  503.238103][T10616] [U] 
[  503.241831][T10616] [U] 
[  503.244581][T10616] [U] 
[  503.247469][T10616] [U] 
[  503.250212][T10616] [U] 
[  503.255696][T10616] [U] 
[  503.258625][T10616] [U] 
[  503.261342][T10616] [U] 
[  503.451516][T10613] [U] 
[  503.808018][T10628] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  503.922013][T10628] syzkaller0: entered promiscuous mode
[  503.948947][T10628] syzkaller0: entered allmulticast mode
[  503.985281][T10628] tipc: Resetting bearer <eth:syzkaller0>
[  504.043626][T10625] tipc: Resetting bearer <eth:syzkaller0>
[  504.370807][ T5953] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  504.559002][ T5953] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  504.572171][ T5953] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  504.583698][ T5953] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  504.594521][ T5953] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.670075][T10634] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  504.751599][ T5953] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  504.914541][ T5845] tipc: Node number set to 870632014
[  505.072930][T10634] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1494'.
[  505.095749][T10634] netlink: 'syz.5.1494': attribute type 2 has an invalid length.
[  505.113610][T10634] netlink: 'syz.5.1494': attribute type 1 has an invalid length.
[  505.380138][ T5953] usb 6-1: USB disconnect, device number 4
[  506.941520][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  506.947915][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  507.024925][T10660] [U] 
[  507.027684][T10660] [U] 
[  507.030417][T10660] [U] 
[  507.033172][T10660] [U] 
[  507.057099][T10660] [U] 
[  507.059892][T10660] [U] 
[  507.062644][T10660] [U] 
[  507.065516][T10660] [U] 
[  507.071945][T10660] [U] 
[  507.074712][T10660] [U] 
[  507.077466][T10660] [U] 
[  507.080235][T10660] [U] 
[  507.090943][T10660] [U] 
[  507.093720][T10660] [U] 
[  507.096429][T10660] [U] 
[  507.099136][T10660] [U] 
[  507.102126][T10660] [U] 
[  507.104965][T10660] [U] 
[  507.107705][T10660] [U] 
[  507.110453][T10660] [U] 
[  507.117185][T10660] [U] 
[  507.119989][T10660] [U] 
[  507.122730][T10660] [U] 
[  507.125466][T10660] [U] 
[  507.132036][T10660] [U] 
[  507.134832][T10660] [U] 
[  507.137656][T10660] [U] 
[  507.140391][T10660] [U] 
[  507.146103][T10660] [U] 
[  507.148882][T10660] [U] 
[  507.151617][T10660] [U] 
[  507.154372][T10660] [U] 
[  507.160103][T10660] [U] 
[  507.162876][T10660] [U] 
[  507.165614][T10660] [U] 
[  507.168384][T10660] [U] 
[  507.180991][T10660] [U] 
[  507.183883][T10660] [U] 
[  507.186636][T10660] [U] 
[  507.189391][T10660] [U] 
[  507.237789][T10660] [U] 
[  507.240575][T10660] [U] 
[  507.243295][T10660] [U] 
[  507.246022][T10660] [U] 
[  507.257630][T10660] [U] 
[  507.260416][T10660] [U] 
[  507.263180][T10660] [U] 
[  507.265941][T10660] [U] 
[  507.277434][T10660] [U] 
[  508.500460][T10673] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1506'.
[  510.835687][T10625] tipc: Disabling bearer <eth:syzkaller0>
[  511.246317][T10706] [U] 
[  511.249133][T10706] [U] 
[  511.251874][T10706] [U] 
[  511.254609][T10706] [U] 
[  511.261717][T10706] [U] 
[  511.264589][T10706] [U] 
[  511.267468][T10706] [U] 
[  511.270201][T10706] [U] 
[  511.273605][T10706] [U] 
[  511.276471][T10706] [U] 
[  511.279278][T10706] [U] 
[  511.282040][T10706] [U] 
[  511.286120][T10706] [U] 
[  511.288887][T10706] [U] 
[  511.291797][T10706] [U] 
[  511.294541][T10706] [U] 
[  511.311669][T10706] [U] 
[  511.314447][T10706] [U] 
[  511.317183][T10706] [U] 
[  511.319906][T10706] [U] 
[  511.323741][T10706] [U] 
[  511.326510][T10706] [U] 
[  511.329294][T10706] [U] 
[  511.332216][T10706] [U] 
[  511.341423][T10706] [U] 
[  511.344205][T10706] [U] 
[  511.346979][T10706] [U] 
[  511.350985][T10706] [U] 
[  511.351231][T10706] [U] 
[  511.351273][T10706] [U] 
[  511.351313][T10706] [U] 
[  511.351353][T10706] [U] 
[  511.353192][T10706] [U] 
[  511.353237][T10706] [U] 
[  511.353278][T10706] [U] 
[  511.353319][T10706] [U] 
[  511.353889][T10706] [U] 
[  511.353932][T10706] [U] 
[  511.353976][T10706] [U] 
[  511.354019][T10706] [U] 
[  511.354305][T10706] [U] 
[  511.354347][T10706] [U] 
[  511.354389][T10706] [U] 
[  511.354431][T10706] [U] 
[  511.354618][T10706] [U] 
[  511.354662][T10706] [U] 
[  511.354703][T10706] [U] 
[  511.354744][T10706] [U] 
[  511.354888][T10706] [U] 
[  511.354930][T10706] [U] 
[  511.354970][T10706] [U] 
[  511.355011][T10706] [U] 
[  511.355068][T10706] [U] 
[  511.355110][T10706] [U] 
[  511.355159][T10706] [U] 
[  511.355200][T10706] [U] 
[  511.355402][T10706] [U] 
[  511.355443][T10706] [U] 
[  511.355483][T10706] [U] 
[  511.355524][T10706] [U] 
[  511.355620][T10706] [U] 
[  511.355662][T10706] [U] 
[  511.355704][T10706] [U] 
[  511.355745][T10706] [U] 
[  511.355841][T10706] [U] 
[  511.355904][T10706] [U] 
[  511.355945][T10706] [U] 
[  511.355986][T10706] [U] 
[  511.356135][T10706] [U] 
[  511.356185][T10706] [U] 
[  511.356223][T10706] [U] 
[  511.356263][T10706] [U] 
[  511.357385][T10706] [U] 
[  511.357429][T10706] [U] 
[  511.357470][T10706] [U] 
[  511.357509][T10706] [U] 
[  511.362597][T10706] [U] 
[  511.362643][T10706] [U] 
[  511.362685][T10706] [U] 
[  511.362726][T10706] [U] 
[  511.363666][T10706] [U] 
[  511.363709][T10706] [U] 
[  511.363749][T10706] [U] 
[  511.363789][T10706] [U] 
[  511.363882][T10706] [U] 
[  511.363923][T10706] [U] 
[  511.363961][T10706] [U] 
[  511.364000][T10706] [U] 
[  511.364239][T10706] [U] 
[  511.364281][T10706] [U] 
[  511.364323][T10706] [U] 
[  511.364364][T10706] [U] 
[  511.364471][T10706] [U] 
[  511.364511][T10706] [U] 
[  511.545838][T10706] [U] 
[  511.548660][T10706] [U] 
[  511.569272][T10706] [U] 
[  511.572072][T10706] [U] 
[  511.574820][T10706] [U] 
[  511.577557][T10706] [U] 
[  511.580402][T10706] [U] 
[  511.583327][T10706] [U] 
[  511.586072][T10706] [U] 
[  511.588811][T10706] [U] 
[  511.592330][T10706] [U] 
[  511.595193][T10706] [U] 
[  511.598045][T10706] [U] 
[  511.600779][T10706] [U] 
[  511.725127][T10706] [U] 
[  511.727932][T10706] [U] 
[  511.730816][T10706] [U] 
[  511.733569][T10706] [U] 
[  511.740670][T10706] [U] 
[  511.743467][T10706] [U] 
[  511.746412][T10706] [U] 
[  511.749170][T10706] [U] 
[  511.754088][T10706] [U] 
[  511.756921][T10706] [U] 
[  511.759772][T10706] [U] 
[  511.762516][T10706] [U] 
[  511.773589][T10706] [U] 
[  511.776379][T10706] [U] 
[  511.779136][T10706] [U] 
[  511.781892][T10706] [U] 
[  511.785357][T10706] [U] 
[  511.788124][T10706] [U] 
[  511.791035][T10706] [U] 
[  511.802748][T10700] [U] 
[  514.170932][ T5845] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  514.411918][ T5845] usb 10-1: Using ep0 maxpacket: 8
[  514.475943][ T5845] usb 10-1: config index 0 descriptor too short (expected 30, got 18)
[  514.820381][ T5845] usb 10-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  514.858713][ T5845] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.886835][ T5845] usb 10-1: Product: syz
[  514.898351][ T5845] usb 10-1: Manufacturer: syz
[  514.919496][ T5845] usb 10-1: SerialNumber: syz
[  514.959334][ T5845] usb 10-1: config 0 descriptor??
[  514.992272][ T5845] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  515.000425][ T5845] usb 10-1: setting power ON
[  515.028510][ T5845] dvb-usb: bulk message failed: -22 (2/0)
[  515.050606][ T5845] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  515.088210][ T5845] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  515.200131][T10747] dvb-usb: bulk message failed: -22 (3/0)
[  515.293402][ T5845] usb 10-1: media controller created
[  515.321999][ T5845] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  516.460884][T10747] cxusb: i2c wr: len=79 is too big!
[  516.460884][T10747] 
[  516.473665][ T5845] usb 10-1: selecting invalid altsetting 6
[  516.479791][ T5845] usb 10-1: digital interface selection failed (-22)
[  516.538700][ T5845] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  516.577298][ T5845] usb 10-1: setting power OFF
[  516.601296][ T5845] dvb-usb: bulk message failed: -22 (2/0)
[  516.607388][ T5845] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  516.648868][ T5845] (NULL device *): no alternate interface
[  516.777637][ T5845] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  516.869005][ T5845] usb 10-1: USB disconnect, device number 5
[  516.895332][T10783] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  517.097132][T10783] tipc: Resetting bearer <eth:syzkaller0>
[  517.970865][ T5953] tipc: Node number set to 1315719251
[  518.009965][T10782] tipc: Disabling bearer <eth:syzkaller0>
[  518.185841][T10788] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  518.826727][T10801] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1545'.
[  518.983511][T10801] gre1: entered promiscuous mode
[  519.403093][ T5838] Bluetooth: hci7: command 0x0406 tx timeout
[  519.403534][ T5156] Bluetooth: hci5: command 0x0406 tx timeout
[  520.594266][T10831] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1550'.
[  521.149653][T10844] binder: BINDER_SET_CONTEXT_MGR already set
[  521.163922][T10844] binder: 10843:10844 ioctl 4018620d 200000000040 returned -16
[  524.364264][ T7580] Bluetooth: hci8: command 0x0406 tx timeout
[  524.644230][T10885] netlink: 76 bytes leftover after parsing attributes in process `syz.8.1571'.
[  525.920156][T10898] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1575'.
[  527.029214][T10902] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(7)
[  527.036005][T10902] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  527.116067][T10902] vhci_hcd vhci_hcd.0: Device attached
[  527.129723][T10914] vhci_hcd: connection closed
[  527.137715][ T3462] vhci_hcd: stop threads
[  527.185251][ T3462] vhci_hcd: release socket
[  527.195395][ T3462] vhci_hcd: disconnect device
[  528.904291][T10926] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9)
[  528.910889][T10926] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  529.680990][T10926] vhci_hcd vhci_hcd.0: Device attached
[  529.734039][T10935] vhci_hcd: connection closed
[  529.735261][   T12] vhci_hcd: stop threads
[  529.764347][   T12] vhci_hcd: release socket
[  529.780727][   T12] vhci_hcd: disconnect device
[  530.224075][T10945] hub 6-0:1.0: USB hub found
[  530.234159][T10945] hub 6-0:1.0: 1 port detected
[  531.174152][T10952] syz.6.1589: attempt to access beyond end of device
[  531.174152][T10952] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[  531.231030][T10952] syz.6.1589: attempt to access beyond end of device
[  531.231030][T10952] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[  531.276645][T10952] Mount JFS Failure: -5
[  531.799091][T10962] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7)
[  531.805865][T10962] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  531.854325][T10962] vhci_hcd vhci_hcd.0: Device attached
[  531.876686][T10972] vhci_hcd: connection closed
[  531.877063][   T12] vhci_hcd: stop threads
[  531.897500][   T12] vhci_hcd: release socket
[  531.911094][   T12] vhci_hcd: disconnect device
[  532.256950][T10978] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1597'.
[  533.116922][T10982] Device name cannot be null; rc = [-22]
[  536.030958][   T31] INFO: task syz.0.1060:9183 blocked for more than 143 seconds.
[  536.190872][   T31]       Not tainted 6.16.0-syzkaller #0
[  536.400779][   T31]       Blocked by coredump.
[  536.412257][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  536.428603][   T31] task:syz.0.1060      state:D stack:26856 pid:9183  tgid:9173  ppid:5835   task_flags:0x40044c flags:0x00004000
[  536.910823][   T31] Call Trace:
[  536.930816][   T31]  <TASK>
[  536.934978][   T31]  __schedule+0x16aa/0x4c90
[  536.939574][   T31]  ? schedule+0x165/0x360
[  536.946846][   T31]  ? __pfx___schedule+0x10/0x10
[  536.952700][   T31]  ? schedule+0x91/0x360
[  536.957185][   T31]  schedule+0x165/0x360
[  536.961699][   T31]  schedule_preempt_disabled+0x13/0x30
[  536.967505][   T31]  rwsem_down_write_slowpath+0xbec/0x1030
[  536.973493][   T31]  ? rwsem_down_write_slowpath+0x7ec/0x1030
[  536.979696][   T31]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  536.986034][   T31]  ? __lock_acquire+0xab9/0xd20
[  536.993569][   T31]  ? exit_mmap+0x28e/0xb50
[  536.998397][   T31]  down_write+0x1ab/0x1f0
[  537.003617][   T31]  ? __pfx_down_write+0x10/0x10
[  537.008646][   T31]  exit_mmap+0x28e/0xb50
[  537.018249][   T31]  ? uprobe_clear_state+0x20f/0x290
[  537.023983][   T31]  ? __pfx_exit_mmap+0x10/0x10
[  537.029080][   T31]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  537.035279][   T31]  ? __pfx_exit_aio+0x10/0x10
[  537.040416][   T31]  ? uprobe_clear_state+0x274/0x290
[  537.045867][   T31]  ? mm_update_next_owner+0xa7/0x870
[  537.051479][   T31]  __mmput+0x118/0x410
[  537.055770][   T31]  exit_mm+0x1da/0x2c0
[  537.060088][   T31]  ? __pfx_exit_mm+0x10/0x10
[  537.065177][   T31]  ? rcu_is_watching+0x15/0xb0
[  537.070098][   T31]  do_exit+0x648/0x22e0
[  537.074497][   T31]  ? do_raw_spin_lock+0x121/0x290
[  537.079754][   T31]  ? __pfx_do_exit+0x10/0x10
[  537.084794][   T31]  do_group_exit+0x21c/0x2d0
[  537.089620][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.098094][   T31]  get_signal+0x125e/0x1310
[  537.104605][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  537.110486][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  537.117360][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  537.127471][   T31]  exit_to_user_mode_loop+0x75/0x110
[  537.134926][   T31]  do_syscall_64+0x2bd/0x3b0
[  537.139678][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.146229][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.152774][   T31]  ? clear_bhb_loop+0x60/0xb0
[  537.157709][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.164188][   T31] RIP: 0033:0x7f49af78eb69
[  537.168872][   T31] RSP: 002b:00007f49b052d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  537.180275][   T31] RAX: fffffffffffffe00 RBX: 00007f49af9b6168 RCX: 00007f49af78eb69
[  537.193489][   T31] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f49af9b6168
[  537.210869][   T31] RBP: 00007f49af9b6160 R08: 0000000000000000 R09: 0000000000000000
[  537.219241][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f49af9b616c
[  537.252361][   T31] R13: 0000000000000000 R14: 00007fff843f06f0 R15: 00007fff843f07d8
[  537.271694][   T31]  </TASK>
[  537.277365][   T31] INFO: task syz.4.1062:9187 blocked for more than 144 seconds.
[  537.310752][   T31]       Not tainted 6.16.0-syzkaller #0
[  537.316389][   T31]       Blocked by coredump.
[  537.321206][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  537.329929][   T31] task:syz.4.1062      state:D stack:25352 pid:9187  tgid:9180  ppid:5846   task_flags:0x40054c flags:0x00004000
[  537.342299][   T31] Call Trace:
[  537.345664][   T31]  <TASK>
[  537.348652][   T31]  __schedule+0x16aa/0x4c90
[  537.367704][   T31]  ? __lock_acquire+0x9c0/0xd20
[  537.373534][   T31]  ? schedule+0x165/0x360
[  537.377974][   T31]  ? __pfx___schedule+0x10/0x10
[  537.390254][   T31]  ? schedule+0x91/0x360
[  537.395472][   T31]  schedule+0x165/0x360
[  537.415026][   T31]  schedule_preempt_disabled+0x13/0x30
[  537.426106][   T31]  rwsem_down_write_slowpath+0xbec/0x1030
[  537.434300][   T31]  ? rwsem_down_write_slowpath+0x7ec/0x1030
[  537.440301][   T31]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  537.450830][   T31]  ? __lock_acquire+0xab9/0xd20
[  537.455789][   T31]  ? exit_mmap+0x28e/0xb50
[  537.460276][   T31]  down_write+0x1ab/0x1f0
[  537.480150][   T31]  ? __pfx_down_write+0x10/0x10
[  537.486005][   T31]  exit_mmap+0x28e/0xb50
[  537.490421][   T31]  ? uprobe_clear_state+0x20f/0x290
[  537.512963][   T31]  ? __pfx_exit_mmap+0x10/0x10
[  537.518071][   T31]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  537.524165][   T31]  ? __pfx_exit_aio+0x10/0x10
[  537.529042][   T31]  ? uprobe_clear_state+0x274/0x290
[  537.534874][   T31]  ? mm_update_next_owner+0xa7/0x870
[  537.540256][   T31]  __mmput+0x118/0x410
[  537.544723][   T31]  exit_mm+0x1da/0x2c0
[  537.548861][   T31]  ? __pfx_exit_mm+0x10/0x10
[  537.553579][   T31]  ? rcu_is_watching+0x15/0xb0
[  537.558405][   T31]  do_exit+0x648/0x22e0
[  537.563345][   T31]  ? do_raw_spin_lock+0x121/0x290
[  537.568459][   T31]  ? __pfx_do_exit+0x10/0x10
[  537.575451][   T31]  do_group_exit+0x21c/0x2d0
[  537.580303][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.585748][   T31]  get_signal+0x125e/0x1310
[  537.590420][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  537.596146][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  537.602465][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  537.610902][   T31]  exit_to_user_mode_loop+0x75/0x110
[  537.616275][   T31]  do_syscall_64+0x2bd/0x3b0
[  537.621012][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.626346][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.632649][   T31]  ? clear_bhb_loop+0x60/0xb0
[  537.637580][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.653006][   T31] RIP: 0033:0x7efcef38eb69
[  537.657664][   T31] RSP: 002b:00007efcf01d70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  537.670097][   T31] RAX: fffffffffffffe00 RBX: 00007efcef5b5fa8 RCX: 00007efcef38eb69
[  537.678564][   T31] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efcef5b5fa8
[  537.687154][   T31] RBP: 00007efcef5b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  537.695464][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efcef5b5fac
[  537.704671][   T31] R13: 0000000000000000 R14: 00007ffdf989f600 R15: 00007ffdf989f6e8
[  537.715897][   T31]  </TASK>
[  537.719085][   T31] INFO: task syz.2.1063:9182 blocked for more than 145 seconds.
[  537.731806][   T31]       Not tainted 6.16.0-syzkaller #0
[  537.737515][   T31]       Blocked by coredump.
[  537.742412][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  537.751663][   T31] task:syz.2.1063      state:D stack:25352 pid:9182  tgid:9181  ppid:5843   task_flags:0x40054c flags:0x00004000
[  537.764476][   T31] Call Trace:
[  537.768006][   T31]  <TASK>
[  537.771395][   T31]  __schedule+0x16aa/0x4c90
[  537.776141][   T31]  ? __lock_acquire+0x9c0/0xd20
[  537.781491][   T31]  ? schedule+0x165/0x360
[  537.786133][   T31]  ? __pfx___schedule+0x10/0x10
[  537.791459][   T31]  ? schedule+0x91/0x360
[  537.796080][   T31]  schedule+0x165/0x360
[  537.800646][   T31]  schedule_preempt_disabled+0x13/0x30
[  537.806746][   T31]  rwsem_down_write_slowpath+0xbec/0x1030
[  537.815326][   T31]  ? rwsem_down_write_slowpath+0x7ec/0x1030
[  537.821850][   T31]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  537.828171][   T31]  ? __lock_acquire+0xab9/0xd20
[  537.833243][   T31]  ? exit_mmap+0x28e/0xb50
[  537.837727][   T31]  down_write+0x1ab/0x1f0
[  537.842189][   T31]  ? __pfx_down_write+0x10/0x10
[  537.847373][   T31]  exit_mmap+0x28e/0xb50
[  537.851730][   T31]  ? uprobe_clear_state+0x20f/0x290
[  537.857034][   T31]  ? __pfx_exit_mmap+0x10/0x10
[  537.861902][   T31]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  537.867613][   T31]  ? __pfx_exit_aio+0x10/0x10
[  537.872466][   T31]  ? uprobe_clear_state+0x274/0x290
[  537.877920][   T31]  ? mm_update_next_owner+0xa7/0x870
[  537.883461][   T31]  __mmput+0x118/0x410
[  537.887607][   T31]  exit_mm+0x1da/0x2c0
[  537.892189][   T31]  ? __pfx_exit_mm+0x10/0x10
[  537.896861][   T31]  ? rcu_is_watching+0x15/0xb0
[  537.905459][   T31]  do_exit+0x648/0x22e0
[  537.909753][   T31]  ? do_raw_spin_lock+0x121/0x290
[  537.918128][   T31]  ? __pfx_do_exit+0x10/0x10
[  537.923559][   T31]  do_group_exit+0x21c/0x2d0
[  537.928243][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.936282][   T31]  get_signal+0x125e/0x1310
[  537.941289][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  537.947192][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  537.953651][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  537.959237][   T31]  exit_to_user_mode_loop+0x75/0x110
[  537.964721][   T31]  do_syscall_64+0x2bd/0x3b0
[  537.969452][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.975673][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.981936][   T31]  ? clear_bhb_loop+0x60/0xb0
[  537.986970][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.992976][   T31] RIP: 0033:0x7f032e58eb69
[  537.997575][   T31] RSP: 002b:00007f032f36c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  538.006273][   T31] RAX: fffffffffffffe00 RBX: 00007f032e7b5fa8 RCX: 00007f032e58eb69
[  538.020601][   T31] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f032e7b5fa8
[  538.030113][   T31] RBP: 00007f032e7b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  538.039212][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f032e7b5fac
[  538.048691][   T31] R13: 0000000000000000 R14: 00007fff40c9b6b0 R15: 00007fff40c9b798
[  538.057963][   T31]  </TASK>
[  538.061624][   T31] INFO: task syz.3.1064:9186 blocked for more than 145 seconds.
[  538.069688][   T31]       Not tainted 6.16.0-syzkaller #0
[  538.075443][   T31]       Blocked by coredump.
[  538.080081][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  538.090206][   T31] task:syz.3.1064      state:D stack:25352 pid:9186  tgid:9185  ppid:5839   task_flags:0x40054c flags:0x00004000
[  538.102831][   T31] Call Trace:
[  538.106162][   T31]  <TASK>
[  538.109134][   T31]  __schedule+0x16aa/0x4c90
[  538.113948][   T31]  ? __lock_acquire+0x9c0/0xd20
[  538.120452][   T31]  ? schedule+0x165/0x360
[  538.125968][   T31]  ? __pfx___schedule+0x10/0x10
[  538.131563][   T31]  ? schedule+0x91/0x360
[  538.136208][   T31]  schedule+0x165/0x360
[  538.140632][   T31]  schedule_preempt_disabled+0x13/0x30
[  538.148139][   T31]  rwsem_down_write_slowpath+0xbec/0x1030
[  538.154389][   T31]  ? rwsem_down_write_slowpath+0x7ec/0x1030
[  538.160380][   T31]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  538.166757][   T31]  ? __lock_acquire+0xab9/0xd20
[  538.171953][   T31]  ? exit_mmap+0x28e/0xb50
[  538.176579][   T31]  down_write+0x1ab/0x1f0
[  538.181486][   T31]  ? __pfx_down_write+0x10/0x10
[  538.186780][   T31]  exit_mmap+0x28e/0xb50
[  538.191529][   T31]  ? uprobe_clear_state+0x20f/0x290
[  538.197055][   T31]  ? __pfx_exit_mmap+0x10/0x10
[  538.202371][   T31]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  538.208178][   T31]  ? __pfx_exit_aio+0x10/0x10
[  538.213041][   T31]  ? uprobe_clear_state+0x274/0x290
[  538.222104][   T31]  ? mm_update_next_owner+0xa7/0x870
[  538.227488][   T31]  __mmput+0x118/0x410
[  538.231743][   T31]  exit_mm+0x1da/0x2c0
[  538.235940][   T31]  ? __pfx_exit_mm+0x10/0x10
[  538.241489][   T31]  ? rcu_is_watching+0x15/0xb0
[  538.246498][   T31]  do_exit+0x648/0x22e0
[  538.250933][   T31]  ? do_raw_spin_lock+0x121/0x290
[  538.256225][   T31]  ? __pfx_do_exit+0x10/0x10
[  538.261372][   T31]  do_group_exit+0x21c/0x2d0
[  538.266166][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.271598][   T31]  get_signal+0x125e/0x1310
[  538.276288][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  538.283497][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  538.289855][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  538.295536][   T31]  exit_to_user_mode_loop+0x75/0x110
[  538.301170][   T31]  do_syscall_64+0x2bd/0x3b0
[  538.306828][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.312328][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.318541][   T31]  ? clear_bhb_loop+0x60/0xb0
[  538.327823][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.335087][   T31] RIP: 0033:0x7f806ad8eb69
[  538.339676][   T31] RSP: 002b:00007f806bb3b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  538.348774][   T31] RAX: fffffffffffffe00 RBX: 00007f806afb5fa8 RCX: 00007f806ad8eb69
[  538.356968][   T31] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f806afb5fa8
[  538.365334][   T31] RBP: 00007f806afb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  538.375667][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f806afb5fac
[  538.384073][   T31] R13: 0000000000000000 R14: 00007fff2782b810 R15: 00007fff2782b8f8
[  538.392285][   T31]  </TASK>
[  538.395437][   T31] INFO: task syz.1.1065:9189 blocked for more than 146 seconds.
[  538.403576][   T31]       Not tainted 6.16.0-syzkaller #0
[  538.409185][   T31]       Blocked by coredump.
[  538.415910][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  538.427062][   T31] task:syz.1.1065      state:D stack:25912 pid:9189  tgid:9189  ppid:5850   task_flags:0x40044c flags:0x00004004
[  538.439513][   T31] Call Trace:
[  538.443161][   T31]  <TASK>
[  538.446143][   T31]  __schedule+0x16aa/0x4c90
[  538.450750][   T31]  ? __lock_acquire+0x9c0/0xd20
[  538.455927][   T31]  ? schedule+0x165/0x360
[  538.460307][   T31]  ? __pfx___schedule+0x10/0x10
[  538.465532][   T31]  ? schedule+0x91/0x360
[  538.469837][   T31]  schedule+0x165/0x360
[  538.474688][   T31]  schedule_preempt_disabled+0x13/0x30
[  538.480303][   T31]  rwsem_down_write_slowpath+0xbec/0x1030
[  538.486562][   T31]  ? rwsem_down_write_slowpath+0x7ec/0x1030
[  538.492669][   T31]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  538.498891][   T31]  ? __lock_acquire+0xab9/0xd20
[  538.503980][   T31]  ? exit_mmap+0x28e/0xb50
[  538.508554][   T31]  down_write+0x1ab/0x1f0
[  538.513108][   T31]  ? __pfx_down_write+0x10/0x10
[  538.518057][   T31]  exit_mmap+0x28e/0xb50
[  538.522554][   T31]  ? uprobe_clear_state+0x20f/0x290
[  538.529730][   T31]  ? __pfx_exit_mmap+0x10/0x10
[  538.534713][   T31]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  538.540416][   T31]  ? __pfx_exit_aio+0x10/0x10
[  538.545429][   T31]  ? uprobe_clear_state+0x274/0x290
[  538.550820][   T31]  ? mm_update_next_owner+0xa7/0x870
[  538.556167][   T31]  __mmput+0x118/0x410
[  538.560266][   T31]  exit_mm+0x1da/0x2c0
[  538.564536][   T31]  ? __pfx_exit_mm+0x10/0x10
[  538.569190][   T31]  ? hrtimer_try_to_cancel+0x3d9/0x420
[  538.574878][   T31]  ? rcu_is_watching+0x15/0xb0
[  538.579692][   T31]  do_exit+0x648/0x22e0
[  538.584581][   T31]  ? do_raw_spin_lock+0x121/0x290
[  538.589749][   T31]  ? __pfx_do_exit+0x10/0x10
[  538.594589][   T31]  do_group_exit+0x21c/0x2d0
[  538.599413][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.604834][   T31]  get_signal+0x125e/0x1310
[  538.609513][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  538.615304][   T31]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  538.620500][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  538.626952][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  538.634426][   T31]  exit_to_user_mode_loop+0x75/0x110
[  538.639807][   T31]  do_syscall_64+0x2bd/0x3b0
[  538.644574][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.650011][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.656445][   T31]  ? clear_bhb_loop+0x60/0xb0
[  538.661437][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.667536][   T31] RIP: 0033:0x7ff638d8eba3
[  538.672238][   T31] RSP: 002b:00007ffd31eebba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  538.681004][   T31] RAX: fffffffffffffffc RBX: 0000000000400000 RCX: 00007ff638d8eba3
[  538.689135][   T31] RDX: 0000000000000003 RSI: 00000000003c0000 RDI: 0000001b30360000
[  538.697673][   T31] RBP: 0000001b30360000 R08: 0000000000000004 R09: 0000000000040000
[  538.705859][   T31] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000df
[  538.714256][   T31] R13: 00000000000927c0 R14: 000000000005d51f R15: 00007ffd31eebe90
[  538.722598][   T31]  </TASK>
[  538.725979][   T31] 
[  538.725979][   T31] Showing all locks held in the system:
[  538.736099][   T31] 3 locks held by kworker/u8:0/12:
[  538.741385][   T31] 1 lock held by khungtaskd/31:
[  538.748591][   T31]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  538.759167][   T31] 2 locks held by getty/5594:
[  538.764136][   T31]  #0: ffff88814dc880a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  538.774118][   T31]  #1: ffffc900036cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  538.784842][   T31] 1 lock held by syz-executor/5835:
[  538.790295][   T31]  #0: ffff888030ee33e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.799522][   T31] 1 lock held by syz-executor/5839:
[  538.805168][   T31]  #0: ffff888030ee51e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.816893][   T31] 1 lock held by syz-executor/5843:
[  538.822582][   T31]  #0: ffff8880318247e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.832190][   T31] 1 lock held by syz-executor/5846:
[  538.839846][   T31]  #0: ffff8880318215e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.850442][   T31] 1 lock held by syz-executor/5850:
[  538.855982][   T31]  #0: ffff888030ee47e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.867435][   T31] 1 lock held by syz.0.1060/9183:
[  538.872710][   T31]  #0: ffff88801a471fe0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.882000][   T31] 1 lock held by syz.4.1062/9187:
[  538.887073][   T31]  #0: ffff88801a470be0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.896483][   T31] 1 lock held by syz.2.1063/9182:
[  538.901955][   T31]  #0: ffff88807deadbe0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.911471][   T31] 1 lock held by syz.3.1064/9186:
[  538.916731][   T31]  #0: ffff88801a4733e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.926266][   T31] 1 lock held by syz.1.1065/9189:
[  538.931752][   T31]  #0: ffff88801a4715e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28e/0xb50
[  538.944597][   T31] 
[  538.946983][   T31] =============================================
[  538.946983][   T31] 
[  538.955643][   T31] NMI backtrace for cpu 1
[  538.955665][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  538.955688][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.955701][   T31] Call Trace:
[  538.955709][   T31]  <TASK>
[  538.955718][   T31]  dump_stack_lvl+0x189/0x250
[  538.955746][   T31]  ? __wake_up_klogd+0xd9/0x110
[  538.955778][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  538.955801][   T31]  ? __pfx__printk+0x10/0x10
[  538.955841][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  538.955875][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  538.955902][   T31]  ? _printk+0xcf/0x120
[  538.955932][   T31]  ? __pfx__printk+0x10/0x10
[  538.955960][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  538.955995][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  538.956032][   T31]  watchdog+0xfee/0x1030
[  538.956065][   T31]  ? watchdog+0x1de/0x1030
[  538.956103][   T31]  kthread+0x70e/0x8a0
[  538.956135][   T31]  ? __pfx_watchdog+0x10/0x10
[  538.956165][   T31]  ? __pfx_kthread+0x10/0x10
[  538.956195][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  538.956216][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.956236][   T31]  ? __pfx_kthread+0x10/0x10
[  538.956265][   T31]  ret_from_fork+0x3fc/0x770
[  538.956288][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  538.956315][   T31]  ? __switch_to_asm+0x39/0x70
[  538.956339][   T31]  ? __switch_to_asm+0x33/0x70
[  538.956363][   T31]  ? __pfx_kthread+0x10/0x10
[  538.956392][   T31]  ret_from_fork_asm+0x1a/0x30
[  538.956446][   T31]  </TASK>
[  538.956455][   T31] Sending NMI from CPU 1 to CPUs 0:
[  539.117550][    C0] NMI backtrace for cpu 0
[  539.117569][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  539.117590][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  539.117601][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  539.117626][    C0] Code: 53 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 ad 21 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  539.117643][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[  539.117660][    C0] RAX: 9d4d8ce9a72b9c00 RBX: ffffffff81976918 RCX: 9d4d8ce9a72b9c00
[  539.117674][    C0] RDX: 0000000000000001 RSI: ffffffff8d982fba RDI: ffffffff8be1ba40
[  539.117687][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[  539.117701][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0b3f0
[  539.117715][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[  539.117727][    C0] FS:  0000000000000000(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000
[  539.117770][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  539.117783][    C0] CR2: 00007f0668f84198 CR3: 000000007a324000 CR4: 00000000003526f0
[  539.117799][    C0] Call Trace:
[  539.117808][    C0]  <TASK>
[  539.117815][    C0]  default_idle+0x13/0x20
[  539.117838][    C0]  default_idle_call+0x74/0xb0
[  539.117860][    C0]  do_idle+0x1e8/0x510
[  539.117880][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  539.117901][    C0]  ? __pfx_do_idle+0x10/0x10
[  539.117924][    C0]  ? do_idle+0x4ec/0x510
[  539.117946][    C0]  cpu_startup_entry+0x44/0x60
[  539.117965][    C0]  rest_init+0x2de/0x300
[  539.117988][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  539.118017][    C0]  start_kernel+0x47d/0x500
[  539.118046][    C0]  x86_64_start_reservations+0x24/0x30
[  539.118073][    C0]  x86_64_start_kernel+0x143/0x1c0
[  539.118100][    C0]  common_startup_64+0x13e/0x147
[  539.118132][    C0]  </TASK>
[  539.119457][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  539.318762][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  539.328716][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  539.338795][   T31] Call Trace:
[  539.342270][   T31]  <TASK>
[  539.345238][   T31]  dump_stack_lvl+0x99/0x250
[  539.350256][   T31]  ? __asan_memcpy+0x40/0x70
[  539.354880][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.360135][   T31]  ? __pfx__printk+0x10/0x10
[  539.365040][   T31]  panic+0x2db/0x790
[  539.369051][   T31]  ? __pfx_panic+0x10/0x10
[  539.373695][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  539.379635][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  539.385057][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  539.391353][   T31]  watchdog+0x102d/0x1030
[  539.395819][   T31]  ? watchdog+0x1de/0x1030
[  539.400384][   T31]  kthread+0x70e/0x8a0
[  539.404508][   T31]  ? __pfx_watchdog+0x10/0x10
[  539.409469][   T31]  ? __pfx_kthread+0x10/0x10
[  539.414197][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  539.419425][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  539.424740][   T31]  ? __pfx_kthread+0x10/0x10
[  539.429364][   T31]  ret_from_fork+0x3fc/0x770
[  539.433990][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  539.439126][   T31]  ? __switch_to_asm+0x39/0x70
[  539.444004][   T31]  ? __switch_to_asm+0x33/0x70
[  539.448804][   T31]  ? __pfx_kthread+0x10/0x10
[  539.453543][   T31]  ret_from_fork_asm+0x1a/0x30
[  539.458446][   T31]  </TASK>
[  539.461727][   T31] Kernel Offset: disabled
[  539.466072][   T31] Rebooting in 86400 seconds..