last executing test programs:

2m34.685132291s ago: executing program 2 (id=785):
socket$netlink(0x10, 0x3, 0x6)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02"], 0x4)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$pid(0x3, r1, 0x2007)

2m33.280967078s ago: executing program 2 (id=789):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffffa4, &(0x7f0000006940)=0x6)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x200000000000)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x2, &(0x7f0000000680)=ANY=[@ANYBLOB="7a715000fcffffff85200000020000006cf7f7fc3d189a3f3e6a0eeccc60588c04aa2207024c57bb717d37402856c50e0a54449ad63b7dbb7c1e7922a1400a96a8079756669c410faf3d3424d51d32a8e2cb2aaca2acc6f1fbc9813499c858976b72c76fb6c0aa2cc1b6833f1cfe2b93ed694dcf46d6b8dc2406c2aa46d8dffb6f91b1775a4e01b66c3cd943dbbd6043b8effba07f05384be519013afbc2c690f93b091a76acf8d369cba87c228200b8c6d7e510e8f43cf3089d036c9b050021e321919d6063a866ee1736e0794398a66cd68bfb42264bc3c2dc84439cd3743ef300b455ed5309d781d67dd0a02fe1c4cbf0bb87271a9cc86d866efc03ae394ab745b30211aca714a60cf47dde2a38ee59e0e581fc83047b7f1197c08282f45918885879817137c40a6cdd4589feda614e88d462f7fbe1c88a3dfdf8b7e6"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x4, &(0x7f0000000300)=""/4, 0x41100, 0x20, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000380)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x9, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000580), 0x10, 0x5, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000900)='Z', 0x1}], 0x1}, 0x0)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000080)={0x1, @pix={0x0, 0x0, 0x35314258, 0x0, 0x0, 0x0, 0x0, 0xfeedcafe, 0x3, 0x0, 0x0, 0x4}})
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000040)=0x32, 0x4)
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@file={0x1, './cgroup.cpu/cgroup.procs\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f0000009280)=[{{&(0x7f00000007c0)=@generic, 0x80, &(0x7f0000002bc0)=[{&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f0000000840)=""/106, 0x6a}, {&(0x7f0000000580)=""/14, 0xe}, {&(0x7f0000001940)=""/247, 0xf7}, {&(0x7f00000008c0)=""/60, 0x3c}, {&(0x7f0000001a40)=""/126, 0x7e}, {&(0x7f0000001ac0)=""/247, 0xf7}, {&(0x7f0000001bc0)=""/4096, 0x1000}], 0x9, &(0x7f0000002c80)=""/11, 0xb}, 0x777}, {{&(0x7f0000002cc0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f0000006080)=[{&(0x7f0000002d40)=""/96, 0x60}, {&(0x7f0000002dc0)=""/48, 0x30}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f0000003e00)=""/206, 0xce}, {&(0x7f0000003f00)=""/4096, 0x1000}, {&(0x7f0000004f00)=""/157, 0x9d}, {&(0x7f0000004fc0)=""/143, 0x8f}, {&(0x7f0000005080)=""/4096, 0x1000}], 0x8, &(0x7f0000006100)=""/112, 0x70}, 0xfff}, {{&(0x7f0000006180)=@nfc_llcp, 0x80, &(0x7f00000067c0)=[{&(0x7f0000006200)=""/160, 0xa0}, {&(0x7f00000062c0)=""/180, 0xb4}, {&(0x7f0000006380)=""/215, 0xd7}, {&(0x7f0000006480)=""/83, 0x53}, {&(0x7f0000006500)=""/95, 0x5f}, {&(0x7f0000006580)=""/154, 0x9a}, {&(0x7f0000006640)=""/150, 0x96}, {&(0x7f0000006700)=""/129, 0x81}], 0x8, &(0x7f0000006840)=""/90, 0x5a}, 0x4}, {{&(0x7f00000068c0)=@tipc=@name, 0x80, &(0x7f00000069c0)=[{&(0x7f0000009440)=""/59, 0x3b}, {&(0x7f0000006980)=""/28, 0x1c}], 0x2, &(0x7f0000006a00)=""/246, 0xf6}}, {{0x0, 0x0, &(0x7f0000006c40)=[{&(0x7f0000006b00)=""/46, 0x2e}, {&(0x7f0000006b40)=""/243, 0xf3}], 0x2, &(0x7f0000006c80)=""/182, 0xb6}, 0x6}, {{&(0x7f0000006d40)=@phonet, 0x80, &(0x7f0000008040)=[{&(0x7f0000006dc0)=""/216, 0xd8}, {&(0x7f0000006ec0)=""/4096, 0x1000}, {&(0x7f0000007ec0)=""/231, 0xe7}, {&(0x7f0000007fc0)=""/66, 0x42}], 0x4, &(0x7f0000008080)=""/4096, 0x1000}, 0x6}, {{&(0x7f0000009080), 0x80, &(0x7f0000009180)=[{&(0x7f0000009100)=""/73, 0x49}], 0x1, &(0x7f00000091c0)=""/142, 0x8e}, 0x3}], 0x7, 0x22, 0x0)
read$eventfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)

2m31.706513322s ago: executing program 2 (id=794):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000740)={0x1f4, r1, 0x10, 0x70bd2d, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x1f4}, 0x1, 0x0, 0x0, 0xc000}, 0x880)
r2 = socket$netlink(0x10, 0x3, 0x5)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003ed11410ca160215c1050102030109021b0001000000000904"], 0x0)
close(r3)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e0004000000084000000b000000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x7}, 0x1c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000040000000000000000840000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c000240000000000000001014000180090001006c6173740000000004000280140001800a0001006c696d697400000004000280140000121000010000000000000000"], 0x118}}, 0x0)

2m29.58834029s ago: executing program 2 (id=804):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, 0x0, 0x0)
open(0x0, 0x0, 0x0)
read$FUSE(r3, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000480)='./file0\x00', 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f00000004c0))
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2m28.187994997s ago: executing program 2 (id=806):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
accept4(r0, 0x0, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x1000000, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x670, 0x5, 0x4e8, 0x450, 0x2c0, 0xffffffff, 0x3a8, 0x2c0, 0x450, 0x450, 0xffffffff, 0x450, 0x450, 0x5, 0x0, {[{{@uncond, 0x0, 0x1f0, 0x228, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'kmp\x00', "0d01d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x10}, [0xffffff00, 0xff000000, 0x0, 0xffffff00], @ipv4=@dev={0xac, 0x14, 0x14, 0x29}, [0x0, 0xffffff00, 0xff000000, 0xffffffff], @ipv6=@local, [0xff000000, 0xff, 0x0, 0xff], @ipv4=@broadcast, [0xffffffff, 0xffffff00, 0xff], 0x3ff, 0x1, 0x5c, 0x4e20, 0x4e22, 0x4e24, 0x4e24, 0x804, 0x20c0}, 0x80, 0x2}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x801, {0x0, @broadcast, @multicast2, @port=0x1, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'veth1_vlan\x00'}, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30}, {0x890, 0x218, 0x0, 0x1}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0xe, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x65, @port=0x4e21}}}, {{@ip={@private=0xa010100, @rand_addr, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x40000000)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000003e000701fcfffffffd9bdf25037c0000040038800c0001800800030004009d"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, &(0x7f0000000080))

2m26.825131995s ago: executing program 2 (id=810):
socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="31032fbd7000fddbdf250800000008000300", @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x8814}, 0x20000084)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x6080}, 0x4000810)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe, 0xfffe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)

2m26.14478471s ago: executing program 32 (id=810):
socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="31032fbd7000fddbdf250800000008000300", @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x8814}, 0x20000084)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x6080}, 0x4000810)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe, 0xfffe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)

11.238663731s ago: executing program 4 (id=1341):
unshare(0x60040200)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000140)='cgroup\x00'}, 0x30)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r9, 0x0)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r10 = getpid()
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff})
connect$unix(r11, &(0x7f000057eff8)=@abs, 0x6e)

10.492170391s ago: executing program 0 (id=1342):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x40a00, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r3}]}, 0x20}}, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f00000001c0)=@l={0x92, 0x0, 0xd0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c8500"], &(0x7f0000000240)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = gettid()
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r8 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r8, 0xc0184800, &(0x7f0000000100)={0x4, r7})
r9 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x24, 0x40000339}, &(0x7f00000006c0)=<r10=>0x0, &(0x7f00000020c0)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r9, 0x47ba, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TIOCMIWAIT(r0, 0x545c, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x60281, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r12 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r12, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)

9.097923982s ago: executing program 5 (id=1345):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
fcntl$setsig(r0, 0xa, 0x41)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x400000bce)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000003c0))
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
read$msr(r1, &(0x7f000001b000)=""/102400, 0x19000)
rseq(&(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x2}, 0x1}, 0x20, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14, 0x80000)
getsockname$packet(r3, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
accept4$phonet_pipe(r4, &(0x7f0000000340), 0x0, 0x400)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
preadv2(r5, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000400), 0x802, 0x0)
sendfile(r4, r4, 0x0, 0x106f)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRES32=0x0], 0x48)
rseq(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES64=r6], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x2})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
timer_create(0x3, 0x0, 0x0)
socket(0x1, 0x4, 0x4)
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_create(0x4, &(0x7f00000006c0)={0x0, 0x10000026, 0x1}, &(0x7f0000000440))
syz_open_dev$dri(0x0, 0x0, 0x2)

8.509081353s ago: executing program 5 (id=1347):
r0 = syz_open_dev$cec(&(0x7f00000001c0), 0x0, 0x101000) (async, rerun: 64)
r1 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0xd8, 0x30, 0xffff, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x0, 0x20000000}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xd8}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)=@ccm_128={{0x303}, "0c9f64b7925d92bb", "74c1bd9b3457a50cf6ff36db1228f8b6", "c100a56c", "9003fe737030526f"}, 0x28) (async, rerun: 64)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000380)=0xe1) (async, rerun: 64)
r2 = socket$netlink(0x10, 0x3, 0x0) (async)
syz_usb_connect(0x5, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="120100034c692f0808161e02987f01020301e1060277cf8c0309050600400004c50809050702ffe005040800"/54], &(0x7f0000000c40)={0x0, 0x0, 0x2f, &(0x7f00000007c0)={0x5, 0xf, 0x2f, 0x2, [@generic={0x16, 0x10, 0x4, "19763202b18ffe35b679a1f3492539f2ea5d9d"}, @ssp_cap={0x14, 0x10, 0xa, 0x7, 0x2, 0x4, 0xf0f, 0xdb, [0xff7e18, 0xffff3f]}]}})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="50000000100003eeffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="0001000020010000300012800b0001006d61637365630000200002800c0004000400000100c28000050003"], 0x50}}, 0x0)

8.182056032s ago: executing program 3 (id=1349):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'macvlan1\x00', 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0xff0f0000, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
socketpair$unix(0x1, 0x5, 0x0, 0x0)
chdir(&(0x7f0000000340)='./file0\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mount$pvfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x8184c, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x54, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7ffff000, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x10)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

7.836531445s ago: executing program 0 (id=1350):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0xb2, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x23}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd00}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x6}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x2}, {0x7, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x7}, {0x18, 0x6, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

7.736980282s ago: executing program 5 (id=1352):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a30000000005c000000030a01030000000000000000050000000900010073797a30000000000900030073797a320000000008000a4000000003280004800800024000000012080001400000000014000300776c616e31000000000000000000000014000000110001"], 0xa4}}, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 64)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async, rerun: 64)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) (rerun: 64)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_GET_REQUEST_TABLE(r5, 0x2275, &(0x7f00000018c0)) (async)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x2000}, 0x4) (async)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, 0x0, 0x0) (async)
r7 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000dc0)=ANY=[@ANYBLOB="120100000000004032151d0100000000000109022400010000800009040000030300000009210000000122ac05030009058103000000"], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0) (async)
r8 = syz_usb_connect(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000df2bfd404b0c0001cad7010203010902240001000000000904450002c9cee40009050802ff03000000090582030004"], 0x0)
syz_usb_ep_write$ath9k_ep1(r8, 0x82, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="01"])
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
syz_usb_control_io(r7, &(0x7f0000000740)={0x2c, &(0x7f00000004c0)=ANY=[@ANYBLOB="4002ef000000ef210000f8da2690b32ca829573f6bee33ec4485abd148ea67f3bae4245a4bf4d985a26ca7d3c82267d805c8b7d4ff50006b3553bc774dcb5a1bf1c4224ea6abb7ff024b3bcc8da9367c6ab7b0c09daa9b36f507ab3bde79d9422cda0ab859efcc26393c2fdf95cd1ba82919c5f927e568ddcaef122da0d3f1922004c80865e9ba137d8ee8ab5029c73977bd14e88d6a8e1800a7f0f2b6a48580eab0689626d9a81428e96a123f34e87914993f03140900d7fb490540842edfc66a87422f4022281c46357bebf30d0c38095cf8e9c9476f9ce65400271373a01df3bbb62f6e9c35cc05db9d30f24b27f8877f7cfffc91a95f960cc1c311d263ba9540d3b5be8f02716515ca512d29c4ff404cea51a9074525a45793d59c1cdbc9350d0e73d675e6e9039a4c83ff6d17cf22ce0268"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="7f454c460004000cff7f00000000000002003e00ecffffff94020000000000004000000000000000a000000000000000000000000000380001006c0f7f00080003000000ec00000002000000000000000000000000000000030000000000000002"], 0x78) (async)
close(r9) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x17, 0x17, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x262}, {}, {}, [@map_fd={0x18, 0x8, 0x1, 0x0, r5}, @alu={0x4, 0x0, 0x3, 0x4, 0x1, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80000000}, @exit, @cb_func={0x18, 0x1, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x7ff, 0x0, 0x0, 0x41000, 0x4b, '\x00', 0x0, @cgroup_sysctl=0x12, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x5, 0xd, 0x3, 0xb}, 0x10, 0xffffffffffffffff, r5, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x5, 0xa}, {0x4, 0x2, 0xb, 0x9}], 0x10, 0x401, @void, @value}, 0x94)

7.303367501s ago: executing program 5 (id=1353):
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
gettid()
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x5, 0x8010000000000084)
r2 = openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
socket$unix(0x1, 0x1, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000040)={'b', ' *:* ', 'rm\x00'}, 0x9)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)

6.457181262s ago: executing program 0 (id=1355):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x10}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
read$char_usb(r2, 0x0, 0x0)
syz_usb_disconnect(r1)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB="080005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0003020000000003"], 0x0, 0x0}, 0x0)
umount2(&(0x7f0000000080)='./cgroup\x00', 0x9)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000005c0)={0x0, 0x3, 0x5, @string={0x5, 0x3, "4b43ba"}}, 0x0, 0x0}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x10}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10) (async)
read$char_usb(r2, 0x0, 0x0) (async)
syz_usb_disconnect(r1) (async)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB="080005"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0003020000000003"], 0x0, 0x0}, 0x0) (async)
umount2(&(0x7f0000000080)='./cgroup\x00', 0x9) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000005c0)={0x0, 0x3, 0x5, @string={0x5, 0x3, "4b43ba"}}, 0x0, 0x0}, 0x0) (async)

6.125059251s ago: executing program 3 (id=1356):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
r1 = getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card2/oss_mixer\x00', 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/slabinfo\x00', 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4040)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="2400000007140c082cbd7000fddbdf250900020073797a30000000000800010001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x40)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, 0x0, 0x0)
write$proc_mixer(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \''], 0x86)
socket(0xa, 0x1, 0x0)
setregid(0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x2802, 0x0)
dup3(r7, r0, 0x0)

5.794677104s ago: executing program 3 (id=1358):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x2ac, &(0x7f0000000300)={[{0x9c, 0x4e00, "5c9c32871137143d39e60d8604367b303f51830e7691fd71e85a3dc5205b8a8b61feecf436e18327dac83e94a1d0eecce66831eb5390cf9f1e4635a81afa493f53335f9f19f9b92a6b084a9832f7e3291161a093b7804f8284593dcc8f2b9bb0d874eb3c279ac695fba437661956db854923d348dfe5afd41d268138bb1af2b21715869ac01650413cbaf609bff10609510851de827c7d0bbd480def"}, {0xfffffffffffffd64, 0x4e00, "b9adb4595a9f1e8afaffb63d547ee4bd04a6873e55fab77fcef17d0754f3632ab78b587388dea5d2eff6a631d7a59102416e975fb9d63ab397b106062ed660c5ab7a1e2233f04eb9f2b88574abc84346cbace29549b902367bd98db69f08b5ef6eef6dcf44a29307167f1e37048c911a49688d8a5166e75e6f92a000e7fae7d1de0622a8adce5280e42a98d78fed9784e69a8c0a7de0dc008fca6d37085a2b39b7169845df64713fa47c7d88a1bcec5132b34da2096aa35a221b505b0f86faa5750c825ed75493626b35bc785b36e262de7d548fd358"}, {0xe1, 0x4e00, "cec0e77a196b71c4415f10a4adf4e5e950765c7f48b9c7fd3120119d4f295b22764b038c034d0bd17097731034c300025b91497a57f998442896c796af7fb974f79d6c94822e86011af85f8f926188fe92e7ea0a627c236b7648d5ade74028b0f998b516bd7c2a544fa02abe9fe04786ec72033bb3400c4ff2f98fb91d4bc42866c789d7301a15c36639b488b0afb46650577aea9fe347a82caf71133187a859fdd9e1ca5fbf409d2707244b7d724fe5a2b974e0ad510c29b4281c2ef2d5f409671fb54ed55c65e166f14b8bd51d7f710c42c334722f511cd5835dcc87e6a9b286"}, {0xfffffd1f, 0x4e00, "5e87523379ed8e4f7f291aa1b7985b025ee113bd75d6b55d066c4ee690d45490fa3e7c926dee407b40840a39ec09a989250fba3c5f9028c841"}, {0xffffffffffffff56, 0x4e00, "84"}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000043, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000200c0002006e6c383032313100"], 0x20}}, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="6000000000000900000000000000000009760a384a66dbd42852a4b7c06f81eb95b31bda889d8c0150933301e28fddc34ec6ce24ca5cb45e2942052eea37be28638c2a30294bb1ab39784ca652ac40af6a550b1c9c992f5c76db19a035964366f32b393a26b07ba6bca6ba511f87a041050c01c6ca1d0bd428cef5c9df56201e4ee406b87b9ab4b165d40e291dd5", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000020000000200"/28], 0x50)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880)
connect$pppoe(r7, &(0x7f00000000c0)={0x18, 0x0, {0x3, @remote, 'nicvf0\x00'}}, 0x1e)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r6}, &(0x7f0000000040), &(0x7f00000000c0)=r0}, 0x20)

5.552129429s ago: executing program 5 (id=1360):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_submit(0x0, 0x0, &(0x7f0000000180))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x4)
getpid()
ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_open_dev$vim2m(&(0x7f0000000140), 0x800000001005, 0x2)
r5 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3cc023001000010010000000ffdbdf2530000000", @ANYRES32=r7, @ANYRES16=r3], 0x3c}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000000)={'veth0_to_hsr\x00', @random="0106002010ff"})
unshare(0x68060200)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$evdev(0x0, 0x0, 0x2002)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000407d1ed4300000090400000103000000092100000005000000090509"], 0x0)

4.116870323s ago: executing program 1 (id=1362):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getpeername$inet(r0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ifreq(r0, 0x8929, &(0x7f0000000000)={'caif0\x00', @ifru_flags=0x2000})
pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x7, 0x5, 0x7, 0x1a5e9506, 0x1ff}, &(0x7f0000000080)={0x2, 0x0, 0x4, 0x7, 0x4, 0x82, 0x400}, &(0x7f00000000c0)={0x6, 0x4, 0x10000, 0x4, 0x5, 0x200, 0x2, 0x4bf7}, &(0x7f0000000100), &(0x7f00000001c0)={&(0x7f0000000140)={[0x113]}, 0x8})
r2 = syz_open_dev$vivid(&(0x7f0000000200), 0x1, 0x2)
ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f0000000240)={0x6, 0x0, 0x3, {0x54, 0x4, 0x19f6b34, 0x9}})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_mreq(r3, 0x29, 0x50, 0x0, &(0x7f0000000180))
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=ANY=[@ANYBLOB="380100001000130728bd700404000000fc010000000000000000000000000001ff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000020000000000000000000000480003006c7a73000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000"], 0x138}}, 0x1880) (async)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=ANY=[@ANYBLOB="380100001000130728bd700404000000fc010000000000000000000000000001ff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000020000000000000000000000480003006c7a73000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000"], 0x138}}, 0x1880)
socket$kcm(0x29, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000000210"], 0x18}}, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000000210"], 0x18}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) (async)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
accept(r4, 0x0, &(0x7f00000003c0)) (async)
r7 = accept(r4, 0x0, &(0x7f00000003c0))
r8 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x29c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0) (async)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f00000005c0)={0x24, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x22, 0x7, {[@main=@item_012={0x2, 0x0, 0xa, "71ed"}, @main=@item_012={0x2, 0x0, 0xc, '\x00\x00'}, @global=@item_012={0x0, 0x1, 0x6}]}}, 0x0}, 0x0)
sendmsg$netlink(r4, &(0x7f0000000bc0)={&(0x7f0000000200)=@proc={0x10, 0x0, 0x25dfdbfb, 0x4}, 0xc, &(0x7f00000002c0)=[{&(0x7f0000001340)=ANY=[@ANYBLOB="3c0600001d00000829bd7000fcdbdf2504001e00e2184911ccd212c8bc810787465df2267daf5ed3a6ac8ae352f8aac86c49fc44c4f9061f88716c59bdaf6cdbdefcd98bf0a08e5cd32bfced743e74a9d9219090be8dd9b8299674de8d33dd20f5acf95f4898370efec8435e337d8cf0a30765f3515f1c301df0bc6b1a344c16650ae83eca9dc6497a32d14133e289cc19bacf81df5799bf5447e5cdf80f18f364a84bfd3b0ab556b20e212d336c3ea5e70d0eb8ea66f2ad0e34a00800c480040033808603808055ef159d17ee17c38631d228a3c92b978069738baf09a1dea6eff71a71bc0e0ff2067eee6454a1ed4ab6d8d6060000005b3bc1977a89adb259b1bdc0459325e755a933c09eb09f4a56af99c5c8bc750fdc669934a40ac86d4b6bf702a6cbee840fd047ccb58554ad94eb7d6ff5050d107431c4bb23b624aa67734d6910f6856b25f001a72cfbc469d6e6f2348a3843e2864f3cde2f1a67e1e1e5ebff330eab49af80a65a04c759af3a559f2fd215689dcb297e511af9bf8fe4b95ccdbf443a20be1be6bb46d709741bd3f7bcb0b270657ea4a6fac7d21903a77efb47095ac14e355904001e808c3bf627e0f27c7d63887e858de8677e1c8b8e5064938f6c2aa47e3ffd87e833e271ea695fa07ff6fa64ecf27d04553a3c6f6b58897aee83400cc809b7988fe53dffbed388ec3b86696e95b6abfd48ae1d23ed00cba2f0cfc9459a0dc31866383cfa902c38ffb6c6b06e9ad80573fb0287189abf5e8dc247fb1ee9e133d3e836652451c3b7ba129c14e362701a690a86c9cf31f6502cc4123dff9e5eb8d99db437bcd4baf5b745705db0b5f24159f5e868136d608caa5235fb77d2a54fcf0817c65d85091b16349b085e05092c27fc6efe038e927d5efa76447c2f25643d513cc9a4b510fb099c8da26f3e25059690972102adfcab216a66766babe31a01d4a9aa7df2066dc86813d5054a7c434d066c3f003d71d3731d5ca3a8608e4cca3c39929d89957f0b96930cbe9ce271fbaa676a47e74ba40cd7dffda631af61024c3caf6d7e162178d1a0b38c75c744dc064aed8cdb8a955cd7ac040d40757da940a56d554ed9127f43fc86e798d91164049cf4647513c8a3603c33b23f1590a6f043c5eeb45488a664a405c975ebd88bff4cc446476049bba402854431839f2e47e8f75b8459400ef40a22f50d9cbf9259da8d9af33080b9cb84acf800eafce176979cbe9d1a0a19f498862aa0166e793bf0e3206072b2d57251f8a274e3bb29b8fc1e7178f48e3a24437054dcf8f28158d96bd28aa507e77b7c96551058455ba110c07b33059254577313af700f1874d4fc44206788f7f88e62173c8888262b5be7f9b7ab7d9178769f1c3fff3ba2b83643845c51259a3a8ab9e3ebccbcf99dc3c2d6c3a4d95ead73f6f0ec400f03e53b07743d026b4e1e1614f34cd1c46ec80a1769dbf9ef67192fb1bfb47b3128d950c63842721fc3f3814c84cb8f685ad630d4e16c521e33c073be071f473e7f2802ee72271093a02a6e00001800488008002200ac1414200c00080005000000000000005f75572da72dd8faf6440a20f5430a21d9718d37c41371ef565a4d81706075d0d8663039ff985194970492eb33da4ec1d3e5f8069491ceb192cde3fe952aaa2886d8b80ead6b8b0e1c0d7619449cd1a79328d587fa8620e0758c8b5021a29f6329dc10bae3b44044d24ffa443f45d8b3c28257bb2ad2acbc91e778dd63043a2e82a7bedb339150519768e9ba81d841163da616405468935841533d046f067bebddf855930f7abefd89f1b5c3c663e54643d8052c818f63be7f76f7d2a1be7c78ee43321cf4f223200a6b83eeeda6190febf9b1462d9f367be6a8ce76d4d56cff9138c262a212c5396c00f100900bf79e"], 0x63c}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000001000000000000000010000000100000020000000000000000100000001000000", @ANYRES32=r6, @ANYRES32, @ANYRES32=r4, @ANYRES32=r7, @ANYBLOB="140000f3000000000100000001000000", @ANYRES32=r5, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x88, 0x4008850}, 0x8000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000380), 0x400) (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000380), 0x400)
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000400)={{{@in=@initdev, @in6=@dev}}, {{@in6}, 0x0, @in6=@private2}}, &(0x7f0000000500)=0xe8) (async)
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000400)={{{@in=@initdev, @in6=@dev}}, {{@in6}, 0x0, @in6=@private2}}, &(0x7f0000000500)=0xe8)
r9 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r10=>0x0}, &(0x7f0000cab000)=0xa)
setfsgid(r10)
socket$key(0xf, 0x3, 0x2) (async)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x2, 0x1, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setfsgid(r10)
getgroups(0x5, &(0x7f0000000540)=[0xee00, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff]) (async)
getgroups(0x5, &(0x7f0000000540)=[0xee00, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff])
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))

3.643625483s ago: executing program 4 (id=1363):
r0 = socket$nl_route(0x10, 0x3, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x2)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0xffffffff}, 0x1c)
setsockopt$packet_int(r3, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4)
syz_emit_ethernet(0xfdef, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r1], 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$tipc(0x1e, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000840), r4)
sendmsg$TIPC_CMD_GET_NODES(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r5, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
syz_open_procfs(0x0, &(0x7f0000000340)='fdinfo/3\x00')
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd7, 0x0, 0x0, 0x10, &(0x7f0000000380), &(0x7f0000000540), 0x8, 0x15, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r7, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffb4, 0x0}}, 0x10)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000000206030004000000000000000000000005000100070000000900020073797a30000000001400078005001500040000000800124000000000050005000a000000050004000000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x10000)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000016c0)=ANY=[@ANYRES64=r3], 0x510}, 0x1, 0x0, 0x0, 0x5}, 0x8c4)
unshare(0x46000200)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a800000000000000000000008001b00", @ANYRES32=0x0, @ANYBLOB="d01ff88b3b4c3a5e047c04588fd5a2aea2fb"], 0x2c}}, 0x0)

2.989399071s ago: executing program 1 (id=1364):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x5, 0xaa4, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, &(0x7f00000001c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$rxrpc(0x21, 0x2, 0x2)
r3 = syz_io_uring_setup(0x893, &(0x7f00000003c0)={0x0, 0xaee1, 0x0, 0x0, 0x1a3}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f0000001400)={0x0, 0x0, 0x0}, 0x0, 0x40000000, 0x1})
io_uring_enter(r3, 0x5361, 0xfffffffd, 0x2, 0x0, 0x0)

2.88109679s ago: executing program 4 (id=1365):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000200)={'veth1_to_bridge\x00', &(0x7f00000005c0)=@ethtool_ts_info}) (async)
creat(&(0x7f0000000600)='./file0\x00', 0xe5) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r3, 0x0, 0x0}, 0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r7, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)={0x20, 0x12, 0x1, 0x0, 0x0, "", [@typed={0xf, 0x35, 0x0, 0x0, @str='/proc/keys\x00'}]}, 0x20}], 0x1, 0x0, 0x0, 0x40001}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r6, 0x0) (async)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) (async)
ioctl$KVM_SET_FPU(r6, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x2, 0x2, '\x00', 0xc94})
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
r9 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r0, &(0x7f0000000280)={0x60002003})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f0000001480))

2.823600001s ago: executing program 0 (id=1366):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82004000035", @ANYRES32=r0, @ANYBLOB="0000800000000000180034801400"], 0x38}, 0x1, 0x300}, 0x0)

2.804101111s ago: executing program 1 (id=1367):
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
gettid()
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x5, 0x8010000000000084)
r2 = openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
socket$unix(0x1, 0x1, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$cgroup_devices(r2, 0x0, 0x0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000740)={"8c3ef01be86258108b331b07f91efab2", 0x0, 0x0, {0x6, 0x40}, {0x3, 0x1}, 0x6, [0x3, 0x5, 0x9, 0x7, 0x7, 0x5, 0x10, 0x953, 0x1, 0x4, 0x8, 0x9000000000000000, 0x2, 0x4, 0x2, 0x5]})
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)

2.541089161s ago: executing program 0 (id=1368):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x40000)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0)
write$dsp(r1, &(0x7f0000000280)="3f3ebf96496a790c1a90be2dc1f4f354874823223d84a059c0965274226d8615ef6db50148787dea82a0d6ceafba54d8a1bb4c021dae906675370cb828fb2b39d793815a60315f1a2c516b44fe84da111f9a24a265148ee0b345a915d7d651736563e62863e45a0ada9d51cf88eae940d2770cc5892be40bde7cb251be69ed71fc48f9df1574b43fd4b8782fc9c9512f34a1df4cf795c4df2145a82d24733685caa2c47a7f191d4dfdb6d16cdddfb3183687b4e8800895566e1e90a21b3d24a382c617104bf4bcdab75edd04d849680d079bed2daa190c23489bcb8f705fdd2195f6abe775ea3f8d280c5875afd303816fbedc65b9859964b6ffbb7fc4f702abeb03adc885e85752144a76ba9504848be70f4d7cd865dfe7495345791ed721c93f9d17b4a78a9b3e3f467adabf03efac22dd1d78151e4845dacceffc1cb1b42f4482f2d251649a9d5af02697b7a1b0abb808f6cb75c22f7bcfd92668672e75c1edf39ca05737def4d603abd0358e4e129af84062fd64401530f00304e6ec889507aeec17a5311e3aa426f805a8a92518176dfd0a32297cda2a7fb693c81bfc5cdcae8ea131d1411144308106666e5be8f56ea8b3ff8c28b09e9773c8085c5392a4750cced5202228261bc00765c30f0b5caf4438a3157764c3d3bbeb82c5265dd82f40a95b33d08e569cc79465e85e8c8bf15952ac6493147e007d19d79935a44061621f73aca555d2e142dcd6f356c86e70b8b577c81c93acc0509819dbe268e579761e9155fe74a969d14197ac7b552307acaa547d967685546530b7c6ad617c8e12d46e8bb281442de856e02b965c41cf1c9479ccee57b694aa531ad505efea789f3f36eecf490b8d06e75d5b83fc091116da24f7909f8a2877ce3dbba33e804ff988da7a4ec3b506beb2bf3ac52a5153b10ac636979472b1df2100d3e3fcab98c85e3b9143a82c95c3b517a32c1cf60150f4b6c0b1f557ed4659dcb8e2c14bdb960b985996024ef067fcb3f29c2609b03a95faba2c01a5d86d7f7152340c54568e5aac57554b1d3c0385b4d3f45afeb77b373e2012f2d3ffcaec079b6e282f506cd96bcab291ca506c5bf88bb26c2cf449e2270902147462835d19fb96d98e858003aa33a3d3f28ac428e182e8e903d2a621389d78470f75f942a175cd104cceef2295930bbf83deca1403bb471c1f59f4cc5a07ef6980ffacad4de3d7825fef97a27dd01e02a12c4e3f589f61edff38f577a515d6189d500724bf7f25c39921c6be65c036d0e5050237d12d68c61c9ec80fa722bf288fa503da63746a0aac4326026e61d3f185984896c2b07f9c04a2643d216b0c128152fe2be48d641a1093a2a82b94b488f802bd7ce72bcb7db98b3e9470d96ec6f352f54de83b87a3d5f6c8e0c619f5d0279edd1629966b4c795160c08329327fcad3cfcca0b12fd1098d58ad09803257235505305a63846397d7036b65937a50283e1874b74c1d57e238c31e034931292f346ae8212906f388d3be2319219767a7ad7547ee07e0c119437b0254092bcfe4d70a5f2bff015901a6219c8629a88abf01f7a1ae3960877d82796878ff5dc14ac3db83a0a3ac45f217a40e6b9964cbc2f2c5681b3a074666755786cca48980826f929ed03ad448ca46cb1a3cfb37bb254a35bafd7e8ee5552e72369a5aa4035677fbe405fad0abd9c9d89fce5cb88a862fec636cc8a06915a4e19a2cf1b517a0883a5c8667896d2b276dc6a0bc333fb070d0fb388b6a4bcdb314190ebe9c24cdb105b487ae65d8f786008e175ead678207bfdee90c9316e541b09b51c6d25e148d89e76fcdcd26d259820e6dba7589446aafe2e93c24d03f2de39cc5fc96c9418f3acc67537327071dcdbdd92f4bd7019db4dc3b56355b49172d6a7b6e6cb4a3aa322a1be262df78947bba2367fbffceaec411fb992831a96d7f8d6638ba72da2c5cf02c61a58c7cc765a0717b13d124ce21f57e367c3acb721b4f420f6d5755871ba7ea04240a190d968f2345eb99f67cb133139e4a2017ba6861ae48bbbb99ef5f3976459aae3e49facd3e89c32503032548c7dc7c309a706c5670ed5f5ab7d56f4502ceb69fa20a1b87b002095268a8acf9dbab2a238ff2e5d287d68d1944b3a7a128a05186e995c2bb3ccee72bc9d08b6929f2b9111c1d886ff0ea503200ca9d828f69a897b9497ed1075ed953b113b86d74d4e7deba7501ada321436d8c02e6970db5bade5c7ec1547534c3891b36dd2307eef6481dcffd94d7ce007375dfb3dd73a6a2aeaca9d8b094aeed37887376d3dc4bb46b6cd142843a56be1f55d4df1e747ffdbf08add9e520e089e3b1f3a1143d4ab887c43fe668eaa3a443068fb6421e8529050d89963570da761404cbcf09aecac53d4d9510eb984f14cf7100dbdc3315f84cc63956ef8a56d27bbc91910d72d6cc1831b7b273cc9b4b0ee8df86c5ec73226e483f7fd7efd5b8214c7c3d8a7f09151d14f990e82b3a838cc2fa467d34aff4f5695b0d22cebf92b2647a6ea520b785a7b45ccb5d15e0d13ea3c5b49163fa9e92dbf4bd56cca975d662ec2d0a4a2fd2bd3c9ae4abc2bc757adceb6f3fd5fe421305273ba26ad761f4de5dfd1f22780087917097d0131158903b20eb65d26dc7edcf1d5e14f38435827a35be9de906bd87ef5d452a77660d02c5115be6a0aa7287c5eee0af3fafe0038904b6c85b994f3dedec499ee1b7aaca73ebbf0867b072bfa492fdbf98357aa6e0bb6bf29954e0731c3bf412a3dd8f1abf37f6eaec11aa3dd2c94f3452944ee37e3511d6765b46a1ba46c6bc2845c9ada71981bd6e176348e0965824efdf6d6fdc09d404fc69aeede1648ec2e65d2d0ea96823288ea4132e2aab89b32d17d47909732e5a1c7fd00cb0d2bcbb6b897a2ca1c4b3e4eaba66c4f1af2909e6d905d441c80e7c6ee02a3903474b2e432b032cacd2322fd800ce75c7582195adcc0fdd2288e54bea0021d105eaf9c378f7f1a5a786fe26bf74feea1c542bd39efa3d2260c68914578b7fe30b578c4fff43b7364d18b74d06929e76d16e2e4c8851babf157e7fd0bb88882cfcc79c84d1821d6c056f9bc47d1577abbbaf40bed2a441c500500fc6f75ef98f8fa226d48e99a8ef869498de983b028d1cf5eb88c19115188d350ad235a07c160f144d8a8a10b3a3b75d548656741a4f4f932be79db1287aa0482dbe08279e2888c6ff42c7942274fe934cf38a266fbc767899ff9c5d7132d97871d2f353e261c33b97210342e74679e450617014cb974506c247123e0437bd32d125bbb7d3977ca323f6a532e7eeb4c78efbef904f7378831f3a04fc4c50a8e95db138ee1de36e58404dcf3159d1d869061afbdff58b2c120dc7830aa9551f152c1fdd451bb347e7b241b37038e1e81558ed0ef51d5ad8c9ae59f8741a1a237a22027cd950da11b619f109fdcc96aa85bd54cefd9c8d533869065b3276fcc9038ebe3c7e9d091c537f53d02b357ce6ecb6e133be4cc8adeeb61959c31b2324443182e555c3f2ea611f63eece94da2ae91cab7ca7274105efc48c3a6a133ca86e26b020a6b2083c98310d9f477b9c665f51946f7ae643ba85869878413a032f6a85e6476a998cf76a8a3ddd2c773069d0625de39d91b52a136fe9b65126657c8bbbc7bdb6b686de0cc3ea8ddbebab503ff0403c1f00b32ed4c712d513a1c4f788cc8b659e7d31d807450697310af6b8cb12ec564c1c488ff70c6d64a3aa624507c32399cbeba55ee9ce7951fd364b19d3fa16d944090c6271f1981ab94579aaf691c6ce392e21a223f7f284fca0c6ed55aafb024b4e1832324bc7bd18dbef1f90d0a854f0cfa2784dfce1fe4cd81e83c8294e323b69b95e48261e4e0d4e95436f000d6cb2a157203a3db65d11fa693bdc91371583cb956119aea7b5a88daa59a9b9d73404d32408a273950f58d719ac4332a4c698526eb77d5704b2e00d7ced752648f3690a76e5e15a14312131c197c8491d224af8b681e3f24bcff244056674a298fe5fb4a0ca779dfafa69f5ddc2d012123bd706051a09f3609bb6558bf47dfef967db47887a2e178fa6f887a057447c56b1d45af4a97207e2630963e46e2a9e054038addf8426190fb04cea244795683338656330ac2030e0b75534f47eebf8b6ceaddc85b0866796cb02a7f94138f281561eada7a5c15efbeed14c49b04a07e3e9202ebc7072801bf817eab45825aacb874a7cfbb586157feca8a2f834afe707934eeeb1a11089da8f87ef36ab9b5d0f038a0d7a21ce93362b782b1de35dde0e10655edc4c7b0ab7a5813e382f17fd87d4d092265c71a8cfc88655a01c3b016f2363a26ec137d0272fe75df369a35659063f31b8659cfab3d84d445606c84a2e73e53ce218a046e11a63cd6eee83201e3f26a1b9908e04d8640ea69d4ce98132b8eee0439e4c1792a81752bcea45126d744e1f020e00c68fd1e1fbb70add2bc4c04b61515e33b0e40fdb3acdb4d18781a3d1eed8f3f30fcf60d6b166af035c25eaeeeb413d6f0bbdbba20185336f2c35d5ce610a5a77993daa6cc69f820dc3571fd44f85afeac7f62df8c70515c2375d2f0669beb47ce0e5bfa3792fbb1c49449772efdae483ff667d22f4bccb2ec6c14c9d5b512392a9a493d401992d3d612c4932abaf9e18c01832cc3e19738e59e1595f7d900f9742c8d081715dc900c05278a3720a745853a71ba1a4d868468a34aa8c1d00b6e7551f357d7da06369b0c30ca89752f3a25358c5d2b68032970060b23f7b9dfcc648fc89a80d2617a75a5423134aaa5b042414313b2752e17f8d47cb0b5c97c0f550c973b5943f31108d05d77fc504e36814f8b102a3937f53fa4d0eb901e234517f7fd653e0a142576985e15772b84f91ee0a3856b47437c21598fdf1f4064b30cfa773112df502316994111d57db3971073f36310c1de4ff63752c79c8f8f7b7cd2b0090dd362fb3c87796dde5ede4cd8b9131a9c7c1c5245081a9fba39cfb1564b6bcb11772a7c3e4946e28220bd78a2974a73ace42d21fbeb84af6d95070fc14aee97e15ef637a724301881bed0390b33be0bb35ca8373cc479cf59f279089d73f4fbd99d888504d1d82993ebe1140c1e4a624b3283cc079b34d1a22b82087d87ed0f1f09ade10a610c5101cc719077eed7ec8e03d3e152f2f24b63aa61b04d3ed9a86dc438ee2efb0ab6d7a1dce911c7fb0d1a8fde2886a934509372aa1de1cec45f658a95bca826e334b9c19837b3299e3a3c2cf246276a9ac8211034654695318dff4005db8f5ce87dd34925262c377bec6cd183b159fdde3301f65dbff01d82132e917fb0fc324c08dcb262ca79bdd063a5d9207b7346b4985b5d9e1f49cec67e21077c4224a3b70953ce00b06d31f58bd374ae2d4f9ba63cf337d8370c8d3e16dd951509677de8c997c893b38f241a7b0842ab29ad8a2496b46d06ae47572df59ebf1e6ccb863ba8ccf84aa8ff05462437965074e1199bbddea6151bbe555b9a8bee1659decc2e6f9c9c0d1e19f0b4a0f0a632937f1ff6f42a12c5f5cd04f6eef26a93dfe68a8d396c0aeff6facee8e3f5f45891816993dc86e310524b052fd2d710b67934b773cdd5b2bcdf436e1bffc768b415b2a34aeaee998e0cb77bc41f1cada767eb699bcf62c6c076b699b8f3f32d57feb00c0d9e375f488a22c372d5305ff28c81b765ca83502cdf0f8b3dac5c5686bf55cd2ddc170ff78ab277231e7db9fe9703d15c3bc3d056acffed5431b57473ad9ba482c649b8811dbad473186b33a7c4b680ad7baab6c", 0x1000)
socket$inet_icmp(0x2, 0x2, 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000001280)={{{@in=@private=0xffffffff, @in6=@dev, 0x0, 0x0, 0x4e24, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x3, 0x4}}, 0xe8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f00000000c0)=""/102)
ptrace(0x10, r8)

2.457755091s ago: executing program 3 (id=1369):
prctl$PR_SCHED_CORE(0x4c, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
ioprio_set$pid(0x1, r0, 0x2007)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000c, 0x30, r2, 0x4ee7000)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x40)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
prlimit64(r1, 0x5, &(0x7f0000000380)={0xbd3, 0x7fff}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x8814)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x40, 0x7fff0001}]})
getitimer(0x0, 0x0)
r3 = socket(0xa, 0x5, 0x3a)
setsockopt$MRT6_ADD_MFC(r3, 0x29, 0xcc, &(0x7f0000000240)={{0xa, 0x0, 0x0, @empty, 0x5}, {0xa, 0x4e24, 0x4, @mcast2, 0xffffffff}, 0xfffd, {[0x0, 0x0, 0x1003, 0x40000000, 0x0, 0x0, 0x78ee, 0x4]}}, 0x5c)
prlimit64(r1, 0xf, &(0x7f0000000040)={0x4, 0x4000010000}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1b, 0x7, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0xffffff1b}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0xe}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000300)='GPL\x00', 0x8, 0x17, &(0x7f00000003c0)=""/23, 0x41100, 0x8, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x4, 0x5, 0x6, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f0000000640), &(0x7f0000000680)=[{0x1, 0x1, 0xc, 0xb}, {0x0, 0x5, 0xa, 0x9}, {0x5, 0xffffffff, 0x10, 0x3}, {0x4, 0x2, 0xc, 0x5}], 0x10, 0x7, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00'})
syz_open_dev$vim2m(&(0x7f0000000000), 0x200, 0x2)

2.429443083s ago: executing program 4 (id=1370):
r0 = socket$kcm(0xa, 0x1, 0x106)
close(0xffffffffffffffff)
bind$802154_dgram(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
sendmsg$kcm(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x4000800)
close(r0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfccabb00f90429fc60", 0x14}], 0x1, 0x0, 0x0, 0x3000000}, 0x2400c000)

2.279529339s ago: executing program 5 (id=1371):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d0f4700000000000055a1180015000600142603600e120900210000000401a8001600a40001", 0x37}, {&(0x7f0000000080)="e656a6f4", 0x4}, {&(0x7f0000000640)="e440d3ed50fed23301b77619aa3bea44add7422b8452524c7ad03455b99f67889030f6234df1733197a74d009e43e7cd030aa5235faae2209d27cc047382d4676e888a8cf8e9a8b378aa501d517add39d0dfcda1b3d27dbbd1648140d2a7f0475dc2a1d077d4147424fa9a476d3d4995926e475ba5d0f3a54c2c31c995290bd7cff4bc0842876fe69b4d3692ed803de439bb2b90151933c64841f06276", 0x9d}], 0x3}, 0x0)
listen(r0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x98, &(0x7f0000000000)=""/152, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x15, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r3, r2, 0x7, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r3, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='test_pages_isolated\x00', r2, 0x0, 0xffff}, 0x18)
fcntl$dupfd(r0, 0x0, r2)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f0000000100)={0x0, 0x20d, &(0x7f00000000c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40005}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10)
r7 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xbcV\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x6)
ftruncate(r7, 0x0)
syz_usb_connect(0x5, 0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000062a10b40450c1010fce60102030109023800010000000009043200019740a400052406000105240000000d240f0109000000020009004e06241a00b51409058203ff"], 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(r8, 0x0, 0x20040000)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()

2.144357697s ago: executing program 4 (id=1372):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xfffffffffffffffc)
open(0x0, 0x64842, 0x22)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000006880)={0x80000010})
io_submit(0x0, 0x1, &(0x7f00000000c0)=[0x0])
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
getsockopt$SO_J1939_PROMISC(r0, 0x6b, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000008c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r2, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000000)={0x14, r3, 0xe2c40cf0776ef37, 0x70bd2a, 0x200000, {0x5}}, 0x14}, 0x1, 0x0, 0xf0ffff}, 0x24000000)

1.855182896s ago: executing program 1 (id=1373):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
pread64(r1, &(0x7f0000001600)=""/4103, 0x1007, 0x97)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r0, r1, 0x0, 0x5, &(0x7f0000000280)='$\x8b{!\x00'}, 0x30)
getsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, &(0x7f0000000100), &(0x7f0000000180)=0x4)
syz_emit_ethernet(0x14e, &(0x7f0000000a40)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x118, 0x3a, 0x0, @remote, @local, {[@hopopts={0x4, 0x14, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x1, 0x2, 0x80, 0x1, [0x7]}}, @generic={0xc, 0x2b, "2d7fbfa01387dd83b926068210b5565b0c0ab7d7fa958986f83ed986ef16e75b4604403840fd93d025a927"}, @jumbo={0xc2, 0x4, 0x28}, @calipso={0x7, 0x48, {0x3, 0x10, 0xe, 0x4, [0xc, 0x10001, 0x899e, 0xfffffffffffffbff, 0x20000000, 0x8, 0x6, 0x800]}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x1}]}, @routing={0x11, 0x2, 0x1, 0x10, 0x0, [@ipv4={'\x00', '\xff\xff', @empty}]}, @hopopts={0x6c}, @hopopts={0x2b}], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "5b29ab", 0x0, 0x11, 0x0, @private1, @local, [@hopopts={0x2b, 0x1, '\x00', [@padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}]}}}}}}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000090000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=ANY=[@ANYBLOB="380100001a00010000f70000fddbdf25fc02580000f4ffffffffffffff00"/48, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000000003300000000000000000000000000ffffe0000002fffffffffffffffffdffffffffffffff000000000000000001040000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00010000000000000000"], 0x138}}, 0x20000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)

1.768200422s ago: executing program 3 (id=1374):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = creat(&(0x7f00000004c0)='./bus\x00', 0x40)
write$cgroup_int(r0, &(0x7f00000003c0)=0xd9d, 0x12)
setxattr$security_ima(&(0x7f0000000180)='./bus\x00', &(0x7f0000000000), &(0x7f0000000380)=@ng={0x4, 0x11}, 0x2, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x3f00000000000000)

999.812897ms ago: executing program 3 (id=1375):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'sit0\x00', <r5=>0x0})
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x3000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)

781.028726ms ago: executing program 1 (id=1376):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r1, 0x1, 0x9, &(0x7f0000000140)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x204801, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$drirender128(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000006000/0x4000)=nil, 0x4000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x1d, 0x0, 0x0)
r5 = syz_io_uring_setup(0x3c44, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x1}, 0x0, &(0x7f0000000180))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x40}, {r5, 0xf3d9cc40ef8cd327}, {r1, 0x40}], 0x3, 0x40002001)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
iopl(0x4)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0xe8e80)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000840)={{0x400007b, 0x4, 0x4, 0x4, 'syz0\x00', 0x6}, 0x1, 0x20000000, 0x6, r7, 0x0, 0x4, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r6, 0xc0405519, &(0x7f0000000ac0)={0x6, 0x1, 0x9, 0x10, '\x00', 0x35})
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, 0x0, &(0x7f00000000c0))
socket(0x2b, 0x6, 0xbaa6)
sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005bc0)=ANY=[@ANYBLOB="4800659a82a1", @ANYRES32=0x0, @ANYBLOB="f224000000000000280012800b0001006d61637365630000180002800c0004000200000100c28000050003000c000000"], 0x48}}, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)

304.640526ms ago: executing program 0 (id=1377):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$audion(&(0x7f0000000000), 0x7, 0x402)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r0, 0x0, 0x2}, 0x18)
timer_gettime(0x0, &(0x7f0000000000))
request_key(0x0, &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVix:De', 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000003000)=@abs={0x1}, 0x4f)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0xb, 0xffff4bcd, 0x7, 0x200, r4, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x4, 0x2, @void, @value, @void, @value}, 0x50)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall() (fail_nth: 1)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

141.997872ms ago: executing program 4 (id=1378):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r4, 0x0, 0x0, 0x8008801)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r5)
sendmsg$DEVLINK_CMD_RATE_SET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x34, r6, 0xffffffffffffffff, 0x0, 0xffffffa6, {0x2a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x20044014)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549", 0x5b}, {&(0x7f0000000300)='V', 0x1}], 0x2, 0x0, 0x0, 0x8010}, 0xf5)
socket$pptp(0x18, 0x1, 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setreuid(0xee00, 0x0)
r7 = getuid()
setreuid(0xee00, r7)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

0s ago: executing program 1 (id=1379):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$audion(&(0x7f0000000000), 0x7, 0x402)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r0, 0x0, 0x2}, 0x18)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x0, 0x5, @thr={&(0x7f0000000540)="8e32fa56378348fbcbe0bc87ba91f364a9391fa47912e09f2c4495dc6740cf4899c00b39b0f7114ea1f9153160efd9752cd664dd989e676d0b563ed740c6f6606119a4c130ab40a47b4c9d09adb3a962d57b1e85dd7472a67ceb45e43190168124671f7894d4533d10635fae20b33e8716986adff3a71e90bb1db1e0a4050b139a99fbe0d3951734f3a066bd44966f1f9c2d989afdeb598b545ab1f84047cc8bfd2c0f7a84bd98fa91dd39bd3ee5acb2eae2a0da3eee46ec023e10aca0bc0706e53836d526e6eb07715f77b5112e91e285457caa2678899970ee171ff3a1ea7d15e3c415c45813b9d13d55a5f9", &(0x7f0000000640)="b0e70b6e4dddb45e180cd5542b5bae1e553ddd65fd5da8567aec44915cf5d0e0ba11ce9b213c3d100b1045ff5d3db3373a8a328c8322a4fbe13ae13cdea4e2b3ea07a93b93b550e3cc399122bc24dd1915009dfcfb523d1187518dceb0ad14a27a4d3b5ebece99e5fefcd066161ddd191619c82eed63321f536e57544e789aa1388763a5611b74b6a43ac16f1e5d7f286b185405e190ba5df0348fd0d92626c5cfab6760a21da55a8a77a7e941556ba9588f22216e45f2252fd300ff21c3c01831051e16e06f67373fa7fee25d674a16d98b4061a1c43da90a087d2201a95457b10038ec60ce525f56b65fa5bc1b"}}, &(0x7f0000000100))
timer_gettime(0x0, &(0x7f0000000040))
request_key(0x0, &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVix:De', 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000003000)=@abs={0x1}, 0x4f)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0xb, 0xffff4bcd, 0x7, 0x200, r4, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x4, 0x2, @void, @value, @void, @value}, 0x50)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

kernel console output (not intermixed with test programs):

 __pfx_ksys_read+0x10/0x10
[  282.474333][ T8496]  do_syscall_64+0xcd/0x260
[  282.474358][ T8496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.474375][ T8496] RIP: 0033:0x7f7c6718d37c
[  282.474389][ T8496] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  282.474404][ T8496] RSP: 002b:00007f7c6807a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  282.474420][ T8496] RAX: ffffffffffffffda RBX: 00007f7c673b5fa0 RCX: 00007f7c6718d37c
[  282.474430][ T8496] RDX: 000000000000000f RSI: 00007f7c6807a0a0 RDI: 0000000000000006
[  282.474439][ T8496] RBP: 00007f7c6807a090 R08: 0000000000000000 R09: 0000000000000014
[  282.474448][ T8496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.474457][ T8496] R13: 0000000000000000 R14: 00007f7c673b5fa0 R15: 00007ffc7a2fdf78
[  282.474479][ T8496]  </TASK>
[  282.685021][ T5862] usb 5-1: USB disconnect, device number 24
[  282.689487][   T30] audit: type=1326 audit(1748002226.667:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce2d18e969 code=0x7ffc0000
[  282.740980][   T10] usb 3-1: reset high-speed USB device number 23 using dummy_hcd
[  282.762417][   T30] audit: type=1326 audit(1748002226.667:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fce2d18e969 code=0x7ffc0000
[  282.788511][   T30] audit: type=1326 audit(1748002226.667:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce2d18e969 code=0x7ffc0000
[  282.869490][   T30] audit: type=1326 audit(1748002226.667:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce2d18e969 code=0x7ffc0000
[  282.935802][   T30] audit: type=1326 audit(1748002226.667:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce2d18e969 code=0x7ffc0000
[  282.959970][ T8504] netlink: 'syz.0.717': attribute type 5 has an invalid length.
[  282.965933][   T30] audit: type=1326 audit(1748002226.667:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce2d18e969 code=0x7ffc0000
[  283.820813][ T5859] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  284.410175][    T9] usb 3-1: USB disconnect, device number 23
[  284.521110][ T5859] usb 2-1: device descriptor read/64, error -71
[  284.599894][ T8524] netlink: 'syz.0.725': attribute type 23 has an invalid length.
[  284.640038][ T8517] new mount options do not match the existing superblock, will be ignored
[  284.804367][ T5859] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  284.847221][ T5812] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  284.879209][    T9] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  284.954089][ T5859] usb 2-1: device descriptor read/64, error -71
[  285.039609][    T9] usb 3-1: Using ep0 maxpacket: 8
[  285.047792][    T9] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  285.064151][ T5812] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  285.077372][    T9] usb 3-1: config 179 has no interface number 0
[  285.078168][ T5812] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  285.093204][ T5859] usb usb2-port1: attempt power cycle
[  285.096365][ T5812] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  285.099053][    T9] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  285.109848][ T5812] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  285.133616][ T5812] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.181402][ T8512] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  285.205529][    T9] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  285.216576][ T5812] hub 5-1:1.0: bad descriptor, ignoring hub
[  285.231112][ T5812] hub 5-1:1.0: probe with driver hub failed with error -5
[  285.250882][    T9] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  285.278490][ T5812] cdc_wdm 5-1:1.0: skipping garbage
[  285.295168][ T5812] cdc_wdm 5-1:1.0: skipping garbage
[  285.305321][    T9] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  285.321933][ T5812] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  285.337474][ T5812] cdc_wdm 5-1:1.0: Unknown control protocol
[  285.357300][    T9] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  285.391413][    T9] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  285.428029][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.477796][ T5859] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  285.499608][ T8522] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  285.510456][ T5859] usb 2-1: device descriptor read/8, error -71
[  285.777268][ T5859] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  285.874460][ T5859] usb 2-1: device descriptor read/8, error -71
[  286.018423][ T5859] usb usb2-port1: unable to enumerate USB device
[  286.051633][    T9] usb 3-1: USB disconnect, device number 24
[  286.051668][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  286.065962][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  286.268028][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.334821][ T8548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  287.165751][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.658916][ T5812] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  288.309957][ T5862] usb 5-1: USB disconnect, device number 25
[  288.646800][   T24] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  289.033099][   T24] usb 2-1: too many configurations: 72, using maximum allowed: 8
[  289.227983][   T24] usb 2-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  289.364528][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.620753][ T8563] netlink: 12 bytes leftover after parsing attributes in process `syz.4.737'.
[  289.667006][ T5812] usb 1-1: device descriptor read/all, error -71
[  290.259135][   T24] usb 2-1: config 0 descriptor??
[  290.516346][ T8558] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  290.550013][    T9] usb 2-1: USB disconnect, device number 22
[  292.327680][ T5826] Bluetooth: hci2: unexpected event for opcode 0x0c58
[  292.978535][ T5859] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  293.068368][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.743'.
[  293.118405][ T8589] IPVS: ip_vs_add_dest(): server weight less than zero
[  293.165194][ T5859] usb 5-1: no configurations
[  293.169952][ T5859] usb 5-1: can't read configurations, error -22
[  293.250357][ T5826] Bluetooth: hci1: unexpected event for opcode 0x2041
[  293.314108][ T5859] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  293.319804][ T8587] mmap: syz.3.743 (8587) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  293.354482][ T8586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  293.364731][   T24] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  293.486699][ T5859] usb 5-1: no configurations
[  293.495864][ T5859] usb 5-1: can't read configurations, error -22
[  293.504354][ T5859] usb usb5-port1: attempt power cycle
[  293.522314][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  293.522332][   T30] audit: type=1400 audit(1748002238.192:701): avc:  denied  { mount } for  pid=8600 comm="syz.2.747" name="/" dev="autofs" ino=21343 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  293.655897][   T24] usb 1-1: New USB device found, idVendor=093a, idProduct=050f, bcdDevice=c2.b7
[  293.665239][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.683871][   T24] gspca_main: mars-2.14.0 probing 093a:050f
[  294.286608][ T8611] netlink: 12 bytes leftover after parsing attributes in process `syz.0.744'.
[  294.669642][   T30] audit: type=1400 audit(1748002239.052:702): avc:  denied  { setopt } for  pid=8590 comm="syz.0.744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  294.698959][ T8612] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  295.182675][   T30] audit: type=1400 audit(1748002239.726:703): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  295.530245][ T5859] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  295.805094][ T5859] usb 3-1: Using ep0 maxpacket: 8
[  296.015525][ T8640] vivid-003: disconnect
[  296.076542][ T5859] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.112832][ T5859] usb 3-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  296.160731][ T5859] usb 3-1: config 0 interface 0 has no altsetting 0
[  296.186251][ T5859] usb 3-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  296.217746][ T5859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.306816][ T5859] usb 3-1: config 0 descriptor??
[  296.407299][ T5895] usb 1-1: USB disconnect, device number 33
[  296.593922][   T30] audit: type=1326 audit(1748002241.026:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  296.633145][ T5826] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  296.645798][ T5826] Bluetooth: hci2: Injecting HCI hardware error event
[  296.665879][ T5826] Bluetooth: hci2: hardware error 0x00
[  296.680431][ T8636] vivid-003: reconnect
[  296.790800][   T30] audit: type=1326 audit(1748002241.026:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  296.890326][ T8645] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  296.897226][ T8645] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  296.913784][ T8645] vhci_hcd vhci_hcd.0: Device attached
[  296.927726][   T30] audit: type=1326 audit(1748002241.026:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  296.956127][   T30] audit: type=1326 audit(1748002241.026:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  296.980402][   T30] audit: type=1326 audit(1748002241.026:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  297.005843][   T30] audit: type=1326 audit(1748002241.026:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  297.032720][   T30] audit: type=1326 audit(1748002241.026:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.4.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20718e969 code=0x7fc00000
[  297.098650][ T5895] vhci_hcd: vhci_device speed not set
[  297.163099][ T5895] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  297.194895][ T5812] usb 4-1: new low-speed USB device number 25 using dummy_hcd
[  297.364344][ T5812] usb 4-1: config 0 has no interfaces?
[  297.464042][ T5812] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  298.185057][ T5812] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.214285][ T5812] usb 4-1: config 0 descriptor??
[  298.438718][ T8645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.450977][ T8650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.468226][ T8645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.476606][ T8650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.694314][ T5816] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  298.706687][ T5859] usb 3-1: string descriptor 0 read error: -71
[  298.868507][ T5826] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  298.876550][ T5859] usbhid 3-1:0.0: can't add hid device: -71
[  298.893902][ T5859] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  298.947926][ T5859] usb 3-1: USB disconnect, device number 25
[  300.191988][ T8648] usb 39-1: recv xbuf, -104
[  300.244275][   T24] usb 4-1: USB disconnect, device number 25
[  300.260423][ T6955] vhci_hcd: stop threads
[  300.272410][ T6955] vhci_hcd: release socket
[  300.306855][ T5895] vhci_hcd: vhci_device speed not set
[  300.351169][ T6955] vhci_hcd: disconnect device
[  300.380465][ T5895] usb 39-1: device descriptor read/64, error -71
[  300.935227][ T5895] vhci_hcd: vhci_device speed not set
[  301.002295][ T8689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.013878][   T30] kauditd_printk_skb: 63 callbacks suppressed
[  301.013892][   T30] audit: type=1400 audit(1748002245.198:774): avc:  denied  { create } for  pid=8690 comm="syz.3.772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  301.047497][ T8689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.175995][ T8689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.196376][ T8689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.235888][    T9] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  301.707060][    T9] usb 3-1: device descriptor read/all, error -71
[  303.132465][   T30] audit: type=1400 audit(1748002247.181:775): avc:  denied  { setopt } for  pid=8712 comm="syz.1.777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  303.399419][ T8717] gfs2: gfs2 mount does not exist
[  305.931645][   T30] audit: type=1400 audit(1748002249.790:776): avc:  denied  { connect } for  pid=8720 comm="syz.1.779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  306.220715][   T30] audit: type=1400 audit(1748002250.071:777): avc:  denied  { listen } for  pid=8735 comm="syz.2.782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  306.473650][ T8745] batadv1: entered promiscuous mode
[  306.772857][   T30] audit: type=1400 audit(1748002250.099:778): avc:  denied  { write } for  pid=8735 comm="syz.2.782" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  306.906593][ T8752] digital: digital_start_poll: Unknown protocol
[  307.531699][ T5826] Bluetooth: hci4: ACL packet too small
[  309.074020][ T8783] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  309.597866][ T5895] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  309.998736][ T8792] openvswitch: netlink: Multiple metadata blocks provided
[  310.095139][   T30] audit: type=1400 audit(1748002253.691:779): avc:  denied  { create } for  pid=8794 comm="syz.2.794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  310.141112][ T5895] usb 1-1: Using ep0 maxpacket: 32
[  310.148299][ T5895] usb 1-1: config 0 has an invalid interface number: 89 but max is 0
[  310.157912][ T5895] usb 1-1: config 0 has no interface number 0
[  310.168415][ T5895] usb 1-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68
[  310.180859][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.201613][ T5895] usb 1-1: Product: syz
[  310.210050][ T5895] usb 1-1: Manufacturer: syz
[  310.214729][ T5895] usb 1-1: SerialNumber: syz
[  310.224538][ T5895] usb 1-1: config 0 descriptor??
[  310.233834][ T5895] hub 1-1:0.89: bad descriptor, ignoring hub
[  310.241107][ T5895] hub 1-1:0.89: probe with driver hub failed with error -5
[  310.252107][ T5895] option 1-1:0.89: GSM modem (1-port) converter detected
[  310.264942][ T5895] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB0
[  310.272985][   T24] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  310.419094][    T9] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  310.459346][ T8801] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  310.590750][   T24] usb 4-1: device descriptor read/64, error -71
[  310.606211][ T8787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.792'.
[  310.627597][    T9] usb 3-1: Using ep0 maxpacket: 16
[  310.773573][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  310.775944][ T8787] netlink: 76 bytes leftover after parsing attributes in process `syz.0.792'.
[  310.847401][ T5895] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  310.917567][   T24] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  310.959539][    T9] usb 3-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice= 5.c1
[  310.968910][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.979379][    T9] usb 3-1: Product: syz
[  310.987282][    T9] usb 3-1: Manufacturer: syz
[  310.994997][    T9] usb 3-1: SerialNumber: syz
[  311.003796][    T9] usb 3-1: config 0 descriptor??
[  311.195027][ T5862] usb 1-1: USB disconnect, device number 34
[  311.201319][   T24] usb 4-1: device descriptor read/64, error -71
[  311.205772][ T5826] Bluetooth: hci1: ACL packet too small
[  311.217161][ T5862] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  311.366494][   T24] usb usb4-port1: attempt power cycle
[  311.376599][ T5895] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  311.386278][ T5862] option 1-1:0.89: device disconnected
[  311.391863][ T5895] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.396096][    T9] usb 3-1: USB disconnect, device number 28
[  311.473691][ T5895] usb 5-1: Product: syz
[  311.478288][ T5895] usb 5-1: Manufacturer: syz
[  311.484390][ T5895] usb 5-1: SerialNumber: syz
[  311.499904][ T5895] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  311.519884][ T5862] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  312.129095][    C1] usb 5-1: ath9k_htc: invalid pkt_len (fd64)
[  312.514428][ T5895] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  312.631677][ T8833] bond0: entered promiscuous mode
[  312.637433][ T8833] bond_slave_0: entered promiscuous mode
[  312.644818][ T8833] bond_slave_1: entered promiscuous mode
[  312.691642][ T5862] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  312.888299][ T5862] ath9k_htc: Failed to initialize the device
[  312.956516][ T5862] usb 5-1: ath9k_htc: USB layer deinitialized
[  313.038959][ T5895] usb 1-1: Using ep0 maxpacket: 8
[  313.055235][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[  313.070398][ T5895] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  313.088423][ T5895] usb 1-1: New USB device found, idVendor=058f, idProduct=9410, bcdDevice= 0.00
[  313.097915][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.150574][ T5895] usb 1-1: config 0 descriptor??
[  313.665852][ T5895] maltron 0003:058F:9410.0014: hidraw0: USB HID vf.ff Device [HID 058f:9410] on usb-dummy_hcd.0-1/input0
[  314.440207][    T9] usb 5-1: USB disconnect, device number 29
[  314.473910][   T30] audit: type=1400 audit(1748002257.788:780): avc:  denied  { bind } for  pid=8828 comm="syz.0.803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  314.473967][   T30] audit: type=1400 audit(1748002257.788:781): avc:  denied  { listen } for  pid=8828 comm="syz.0.803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  314.948516][ T5863] usb 1-1: USB disconnect, device number 35
[  315.677788][ T8859] netlink: 12 bytes leftover after parsing attributes in process `syz.4.814'.
[  316.399432][ T8874] vivid-000: disconnect
[  316.424145][   T30] audit: type=1400 audit(1748002259.612:782): avc:  denied  { mount } for  pid=8871 comm="syz.4.817" name="/" dev="pstore" ino=1946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  316.454961][ T8872] Invalid source name
[  316.514572][ T8871] vivid-000: reconnect
[  316.525701][ T8876] netlink: 12 bytes leftover after parsing attributes in process `syz.0.816'.
[  317.042518][   T30] audit: type=1400 audit(1748002259.640:783): avc:  denied  { mounton } for  pid=8871 comm="syz.4.817" path="/151/file0" dev="pstore" ino=1946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1
[  317.065059][    C1] vkms_vblank_simulate: vblank timer overrun
[  317.087044][   T30] audit: type=1400 audit(1748002260.230:784): avc:  denied  { unmount } for  pid=5819 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  317.274084][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.293625][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.415753][ T8887] netlink: 96 bytes leftover after parsing attributes in process `syz.4.820'.
[  317.758766][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.844017][ T5816] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  317.861840][ T5816] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  317.869647][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.874668][ T5816] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  317.879517][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.887540][ T5816] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  317.896803][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.912680][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  317.915422][ T5816] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  317.923009][ T8883] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.819'.
[  318.367927][ T8899] batadv1: entered promiscuous mode
[  319.022368][ T5895] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  319.343506][   T30] audit: type=1400 audit(1748002262.334:785): avc:  denied  { read } for  pid=8906 comm="syz.3.825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  319.538807][ T5895] usb 5-1: no configurations
[  319.543831][ T5895] usb 5-1: can't read configurations, error -22
[  319.712532][ T5895] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  319.977063][ T5895] usb 5-1: no configurations
[  319.986898][ T5895] usb 5-1: can't read configurations, error -22
[  320.006818][ T5895] usb usb5-port1: attempt power cycle
[  320.126441][ T5816] Bluetooth: hci4: command tx timeout
[  320.294507][ T8885] chnl_net:caif_netlink_parms(): no params data found
[  320.303805][   T30] audit: type=1400 audit(1748002263.242:786): avc:  denied  { bind } for  pid=8929 comm="syz.3.831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  320.323034][    C1] vkms_vblank_simulate: vblank timer overrun
[  320.426082][ T5895] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  320.447830][ T5895] usb 5-1: no configurations
[  320.452480][ T5895] usb 5-1: can't read configurations, error -22
[  320.492222][ T8885] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.499353][ T8885] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.508290][ T8885] bridge_slave_0: entered allmulticast mode
[  320.519729][ T8885] bridge_slave_0: entered promiscuous mode
[  320.539690][ T8885] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.547449][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  320.556545][ T8885] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.568373][ T8885] bridge_slave_1: entered allmulticast mode
[  320.575914][ T8885] bridge_slave_1: entered promiscuous mode
[  320.596602][ T5895] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  320.619976][ T5895] usb 5-1: no configurations
[  320.621646][ T8885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.624635][ T5895] usb 5-1: can't read configurations, error -22
[  320.637533][ T8885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  320.647075][ T5895] usb usb5-port1: unable to enumerate USB device
[  320.887614][ T8885] team0: Port device team_slave_0 added
[  320.894947][ T8885] team0: Port device team_slave_1 added
[  320.922642][ T8885] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.929948][ T8885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.938520][    T9] usb 2-1: Using ep0 maxpacket: 8
[  320.956819][ T8885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.967947][    T9] usb 2-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00
[  320.974357][ T8885] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.985113][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.991955][ T8885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.000308][    T9] usb 2-1: config 0 descriptor??
[  321.022533][    C1] vkms_vblank_simulate: vblank timer overrun
[  321.050671][ T8885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.186466][ T8885] hsr_slave_0: entered promiscuous mode
[  321.221257][ T8885] hsr_slave_1: entered promiscuous mode
[  321.228371][ T8885] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  321.235979][ T8885] Cannot create hsr debugfs directory
[  321.453317][ T8952] affs: No valid root block on device nullb0
[  321.613668][ T8957] netlink: 'syz.4.839': attribute type 10 has an invalid length.
[  321.647945][    T9] nti 0003:0757:0A00.0015: reserved main item tag 0xd
[  321.718966][    T9] nti 0003:0757:0A00.0015: unexpected long global item
[  321.751825][    T9] nti 0003:0757:0A00.0015: probe with driver nti failed with error -22
[  321.848055][ T8955] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.864071][ T8955] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.879485][ T8955] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.893165][ T5895] usb 2-1: USB disconnect, device number 23
[  321.898922][ T8955] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.932534][ T8955] geneve2: entered promiscuous mode
[  321.947024][ T8955] geneve2: entered allmulticast mode
[  322.349726][ T5816] Bluetooth: hci4: command tx timeout
[  322.810797][ T8963] batadv1: entered promiscuous mode
[  323.188138][ T8971] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  323.332322][   T30] audit: type=1400 audit(1748002266.038:787): avc:  denied  { append } for  pid=8970 comm="syz.0.843" name="usbmon3" dev="devtmpfs" ino=725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  323.435404][   T30] audit: type=1400 audit(1748002266.160:788): avc:  denied  { connect } for  pid=8973 comm="syz.3.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  323.493446][ T8979] __nla_validate_parse: 28 callbacks suppressed
[  323.499990][ T8979] netlink: 20 bytes leftover after parsing attributes in process `syz.3.844'.
[  323.688945][ T8979] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  323.700171][ T8979] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  323.709102][ T8979] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  323.717858][ T8979] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  323.728181][ T8979] vxlan1: entered promiscuous mode
[  323.888782][ T8885] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  323.908255][ T8885] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  323.934313][ T8885] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  323.959404][ T8885] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  324.265932][ T8885] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.268381][   T24] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  324.291965][   T30] audit: type=1400 audit(1748002266.964:789): avc:  denied  { ioctl } for  pid=8987 comm="syz.3.848" path="socket:[23402]" dev="sockfs" ino=23402 ioctlcmd=0x9426 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  324.334136][ T8885] 8021q: adding VLAN 0 to HW filter on device team0
[  324.351262][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.359782][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.377183][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.384362][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.456264][    T9] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  324.633938][ T5816] Bluetooth: hci4: command tx timeout
[  324.642381][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  324.673254][ T8997] netlink: 'syz.3.850': attribute type 23 has an invalid length.
[  324.765309][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  324.783043][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  324.794433][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  324.843529][    T9] usb 1-1: Using ep0 maxpacket: 16
[  324.848665][   T24] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  324.848693][   T24] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  324.871465][   T24] usb 2-1: Manufacturer: syz
[  324.891947][   T24] usb 2-1: config 0 descriptor??
[  324.900941][    T9] usb 1-1: config 0 has an invalid interface number: 235 but max is 0
[  324.919863][    T9] usb 1-1: config 0 has no interface number 0
[  325.794418][    T9] usb 1-1: config 0 interface 235 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024
[  326.271369][    T9] usb 1-1: New USB device found, idVendor=0421, idProduct=0420, bcdDevice=32.97
[  326.297280][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.315887][   T24] rc_core: IR keymap rc-hauppauge not found
[  326.338797][    T9] usb 1-1: Product: syz
[  326.340140][   T24] Registered IR keymap rc-empty
[  326.343003][    T9] usb 1-1: Manufacturer: syz
[  326.343025][    T9] usb 1-1: SerialNumber: syz
[  326.387895][    T9] usb 1-1: config 0 descriptor??
[  326.393243][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  326.407627][    T9] usb 1-1: bad CDC descriptors
[  326.422900][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  326.447372][    T9] cdc_acm 1-1:0.235: Zero length descriptor references
[  326.461846][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  326.465164][    T9] cdc_acm 1-1:0.235: probe with driver cdc_acm failed with error -22
[  326.537729][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input17
[  326.582945][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  326.759081][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  326.782763][ T8885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.797477][ T5816] Bluetooth: hci4: command tx timeout
[  326.798291][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  326.822022][    T9] usb 1-1: USB disconnect, device number 36
[  326.894397][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  326.901922][   T30] audit: type=1400 audit(1748002269.396:790): avc:  denied  { bind } for  pid=9013 comm="syz.4.854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  326.926023][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.000670][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.032308][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.075018][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.097672][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.118242][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.160602][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  327.198918][   T24] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  327.232542][   T24] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  327.274011][   T24] usb 2-1: USB disconnect, device number 24
[  327.541417][ T8885] veth0_vlan: entered promiscuous mode
[  327.616216][ T8885] veth1_vlan: entered promiscuous mode
[  327.733362][ T8885] veth0_macvtap: entered promiscuous mode
[  327.762188][ T8885] veth1_macvtap: entered promiscuous mode
[  327.828676][ T8885] batman_adv: batadv0: Interface activated: batadv_slave_0
[  327.889924][ T8885] batman_adv: batadv0: Interface activated: batadv_slave_1
[  327.932351][ T8885] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.942239][ T8885] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.950964][ T8885] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.993146][ T8885] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.127828][   T30] audit: type=1400 audit(1748002270.547:791): avc:  denied  { bind } for  pid=9031 comm="syz.4.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  328.279403][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.291549][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.371681][ T9030] xt_CT: No such helper "pptp"
[  328.726628][ T6152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.739014][ T6152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.800092][   T30] audit: type=1400 audit(1748002271.192:792): avc:  denied  { mounton } for  pid=8885 comm="syz-executor" path="/root/syzkaller.JO1aX6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  328.960738][   T30] audit: type=1400 audit(1748002271.305:793): avc:  denied  { mounton } for  pid=8885 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  329.158151][   T30] audit: type=1400 audit(1748002271.520:794): avc:  denied  { mount } for  pid=9047 comm="syz.4.860" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  329.526019][    T9] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  329.671904][   T30] audit: type=1400 audit(1748002271.988:795): avc:  denied  { bind } for  pid=9058 comm="syz.5.862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  330.421933][    T9] usb 5-1: device descriptor read/64, error -71
[  330.670057][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  330.676366][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  330.699509][    T9] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  330.817717][ T9069] netlink: 148 bytes leftover after parsing attributes in process `syz.5.865'.
[  330.898309][   T30] audit: type=1400 audit(1748002273.147:796): avc:  denied  { write } for  pid=9068 comm="syz.5.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  330.913964][    T9] usb 5-1: device descriptor read/64, error -71
[  331.063015][    T9] usb usb5-port1: attempt power cycle
[  331.081316][ T9084] trusted_key: encrypted_key: insufficient parameters specified
[  331.469775][    T9] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  331.502472][    T9] usb 5-1: device descriptor read/8, error -71
[  331.770387][    T9] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  331.847381][    T9] usb 5-1: device descriptor read/8, error -71
[  331.990079][    T9] usb usb5-port1: unable to enumerate USB device
[  332.006235][   T30] audit: type=1400 audit(1748002274.186:797): avc:  denied  { read } for  pid=9097 comm="syz.3.873" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  332.080285][ T5895] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  332.090931][ T9099] netlink: 8 bytes leftover after parsing attributes in process `syz.3.873'.
[  332.102765][   T30] audit: type=1400 audit(1748002274.186:798): avc:  denied  { open } for  pid=9097 comm="syz.3.873" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  332.323530][ T5895] usb 2-1: device descriptor read/64, error -71
[  332.634093][ T5895] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  333.293832][ T9108] xt_CT: You must specify a L4 protocol and not use inversions on it
[  333.451457][ T5895] usb 2-1: device descriptor read/64, error -71
[  333.603418][ T5895] usb usb2-port1: attempt power cycle
[  334.560510][ T5895] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  334.582058][ T5895] usb 2-1: device descriptor read/8, error -71
[  334.951969][ T5895] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  335.128371][ T9135] fuseblk: Bad value for 'fd'
[  335.231911][ T5895] usb 2-1: device not accepting address 28, error -71
[  335.242870][ T5895] usb usb2-port1: unable to enumerate USB device
[  335.311836][ T9140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.886'.
[  335.899023][ T9131] fuse: Bad value for 'fd'
[  336.258229][ T5895] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  336.429259][ T5895] usb 6-1: Using ep0 maxpacket: 8
[  336.444285][ T5895] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  336.502741][ T5895] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  336.843726][ T5895] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  336.925675][ T5895] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  337.114311][ T5895] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  337.224536][ T5895] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.553495][ T5895] usb 6-1: GET_CAPABILITIES returned 0
[  337.582239][ T5895] usbtmc 6-1:16.0: can't read capabilities
[  338.134284][   T30] audit: type=1400 audit(1748002279.499:799): avc:  denied  { watch } for  pid=9163 comm="syz.0.894" path="/185/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  338.187341][ T9174] gtp0: entered allmulticast mode
[  338.313102][   T30] audit: type=1400 audit(1748002279.499:800): avc:  denied  { watch_sb } for  pid=9163 comm="syz.0.894" path="/185/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1001 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  338.784793][ T9186] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  339.304631][ T9187] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  340.371168][ T5862] usb 6-1: USB disconnect, device number 2
[  340.544478][   T30] audit: type=1400 audit(1748002282.165:801): avc:  denied  { write } for  pid=9196 comm="syz.5.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  340.583092][ T9200] netlink: 20 bytes leftover after parsing attributes in process `syz.0.904'.
[  340.592943][ T9200] netlink: 8 bytes leftover after parsing attributes in process `syz.0.904'.
[  340.641506][ T5896] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  340.659395][   T30] audit: type=1400 audit(1748002282.165:802): avc:  denied  { nlmsg_write } for  pid=9196 comm="syz.5.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  340.850265][   T30] audit: type=1400 audit(1748002282.455:803): avc:  denied  { bind } for  pid=9196 comm="syz.5.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  342.607154][ T9209] netlink: 12 bytes leftover after parsing attributes in process `syz.5.906'.
[  343.106460][ T5816] Bluetooth: hci1: ACL packet too small
[  344.194119][ T9226] netlink: 8 bytes leftover after parsing attributes in process `syz.5.913'.
[  344.348717][ T9226] netlink: 'syz.5.913': attribute type 21 has an invalid length.
[  345.066291][ T9242] xt_CT: You must specify a L4 protocol and not use inversions on it
[  345.120042][ T9244] vlan2: entered allmulticast mode
[  345.166853][ T9244] bond0: entered allmulticast mode
[  345.183047][ T9244] bond_slave_0: entered allmulticast mode
[  345.201927][ T9244] bond_slave_1: entered allmulticast mode
[  345.269442][ T9251] fuse: Bad value for 'user_id'
[  345.278384][ T9251] fuse: Bad value for 'user_id'
[  345.571133][ T9263] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  346.511827][ T9268] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  347.316696][   T30] audit: type=1400 audit(1748002288.507:804): avc:  denied  { name_bind } for  pid=9287 comm="syz.4.934" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  347.391669][ T9293] netlink: 20 bytes leftover after parsing attributes in process `syz.0.936'.
[  347.536318][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.935'.
[  347.547578][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.935'.
[  347.695196][ T9303] netlink: 12 bytes leftover after parsing attributes in process `syz.3.938'.
[  347.891549][ T9300] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  347.917319][ T9309] netlink: 'syz.3.940': attribute type 4 has an invalid length.
[  347.925366][ T9309] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.940'.
[  349.788453][ T5816] Bluetooth: hci3: ACL packet too small
[  350.175259][ T9343] IPVS: set_ctl: invalid protocol: 255 10.1.1.1:19999
[  350.190442][ T9343] netlink: 'syz.1.951': attribute type 7 has an invalid length.
[  350.202380][   T30] audit: type=1400 audit(1748002291.201:805): avc:  denied  { getopt } for  pid=9342 comm="syz.1.951" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  350.222424][    C0] vkms_vblank_simulate: vblank timer overrun
[  350.519481][ T5896] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  350.616792][ T9352] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  350.699595][ T5896] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  350.772013][ T5896] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  350.956926][ T5896] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  351.100801][ T5896] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  351.129194][ T5896] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  351.139201][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.191321][ T9359] netlink: 4 bytes leftover after parsing attributes in process `syz.5.954'.
[  351.210556][ T9359] netlink: 4 bytes leftover after parsing attributes in process `syz.5.954'.
[  351.266829][ T5896] usb 1-1: config 0 descriptor??
[  351.629732][ T9361] netlink: 44 bytes leftover after parsing attributes in process `syz.4.958'.
[  351.652677][ T5863] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  351.814667][ T5863] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  351.833046][ T5863] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  351.847143][ T5863] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.861851][ T5896] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  351.870299][ T5896] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  351.884183][ T5896] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  351.884245][ T5863] usb 4-1: Product: syz
[  351.921754][ T5863] usb 4-1: Manufacturer: syz
[  351.929384][ T9368] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  351.930547][ T5863] usb 4-1: SerialNumber: syz
[  352.058298][    T9] usb 1-1: USB disconnect, device number 37
[  352.208745][ T5863] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 29 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  352.804133][   T30] audit: type=1326 audit(1748002293.642:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.828739][   T30] audit: type=1326 audit(1748002293.642:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.854481][   T30] audit: type=1326 audit(1748002293.642:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.881154][   T30] audit: type=1326 audit(1748002293.642:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.905776][   T30] audit: type=1326 audit(1748002293.642:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.935255][   T30] audit: type=1326 audit(1748002293.642:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.958596][   T30] audit: type=1326 audit(1748002293.642:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  352.987840][   T30] audit: type=1326 audit(1748002293.642:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  353.042843][   T30] audit: type=1326 audit(1748002293.651:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  353.159599][ T9382] netlink: 8 bytes leftover after parsing attributes in process `syz.4.964'.
[  353.483976][   T30] audit: type=1326 audit(1748002293.651:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9357 comm="syz.3.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f7c6718e969 code=0x7ffc0000
[  353.502892][ T5896] usb 4-1: USB disconnect, device number 29
[  353.544588][ T5896] usblp0: removed
[  353.823830][ T9393] lo speed is unknown, defaulting to 1000
[  353.830096][ T9393] lo speed is unknown, defaulting to 1000
[  353.836836][ T9393] lo speed is unknown, defaulting to 1000
[  353.850410][ T9393] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  353.862549][ T9393] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  353.878731][ T9394] vivid-000: =================  START STATUS  =================
[  353.886629][ T9394] vivid-000: Radio HW Seek Mode: Bounded
[  353.892553][ T9394] vivid-000: Radio Programmable HW Seek: false
[  353.898826][ T9394] vivid-000: RDS Rx I/O Mode: Block I/O
[  353.904360][ T9394] vivid-000: Generate RBDS Instead of RDS: false
[  353.913151][ T9394] vivid-000: RDS Reception: true
[  353.918100][ T9394] vivid-000: RDS Program Type: 0 inactive
[  353.923901][ T9394] vivid-000: RDS PS Name:  inactive
[  353.924298][ T9393] lo speed is unknown, defaulting to 1000
[  353.929112][ T9394] vivid-000: RDS Radio Text:  inactive
[  353.936740][ T9393] lo speed is unknown, defaulting to 1000
[  353.940804][ T9394] vivid-000: RDS Traffic Announcement: false inactive
[  353.940837][ T9394] vivid-000: RDS Traffic Program: false
[  353.947819][ T9393] lo speed is unknown, defaulting to 1000
[  353.953375][ T9394]  inactive
[  353.960090][ T9393] lo speed is unknown, defaulting to 1000
[  353.964612][ T9394] vivid-000: RDS Music: 
[  353.968878][ T9393] lo speed is unknown, defaulting to 1000
[  353.973414][ T9394] false inactive
[  353.973432][ T9394] vivid-000: ==================  END STATUS  ==================
[  353.983198][ T9393] lo speed is unknown, defaulting to 1000
[  354.104400][ T9400] netlink: 44 bytes leftover after parsing attributes in process `syz.0.970'.
[  354.400228][ T5896] hid (null): global environment stack underflow
[  354.426445][ T5896] hid (null): invalid report_size 1136983575
[  354.445665][ T5896] hid (null): unknown global tag 0x85
[  354.459561][ T5896] hid (null): invalid report_size 53152
[  354.474078][ T5896] hid (null): unknown global tag 0xe
[  354.485133][ T5896] hid (null): unknown global tag 0xc
[  354.494238][ T5896] hid (null): unknown global tag 0xd
[  354.502656][ T5896] hid (null): global environment stack underflow
[  354.525209][ T5896] hid (null): invalid report_count -1443969725
[  354.600971][ T5896] hid (null): unknown global tag 0x52
[  354.723282][ T5896] hid (null): global environment stack underflow
[  354.739930][ T5896] hid (null): report_id 2469979806 is invalid
[  354.749718][ T5896] hid (null): invalid report_size 60110
[  354.755403][ T5896] hid (null): unknown global tag 0x51
[  354.761069][ T5896] hid (null): unknown global tag 0xe
[  354.766976][ T5896] hid (null): unknown global tag 0x79
[  354.772608][ T5896] hid (null): bogus close delimiter
[  354.778298][ T5896] hid (null): report_id 54094 is invalid
[  354.784985][ T5896] hid (null): unknown global tag 0x89
[  355.329211][ T5896] hid (null): unknown global tag 0x5f
[  355.562526][ T5896] hid (null): unknown global tag 0xc8
[  355.587617][ T5896] hid (null): invalid report_size -197860576
[  355.639958][ T5896] hid (null): unknown global tag 0xe
[  355.707266][ T5896] hid (null): unknown global tag 0xe
[  355.712614][ T5896] hid (null): global environment stack underflow
[  355.723758][ T5896] hid (null): global environment stack underflow
[  355.732922][ T5896] hid (null): invalid report_count 1916245701
[  355.836293][ T5896] hid (null): invalid report_count -515503639
[  355.850193][ T5896] hid (null): unknown global tag 0x83
[  355.868805][ T5896] hid-generic 63C9:0046:0002.0017: reserved main item tag 0xe
[  355.878263][ T5896] hid-generic 63C9:0046:0002.0017: unknown main item tag 0x7
[  355.887157][ T5896] hid-generic 63C9:0046:0002.0017: collection stack underflow
[  356.239122][ T5895] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  356.420639][ T5895] usb 4-1: Using ep0 maxpacket: 16
[  356.432469][ T5896] hid-generic 63C9:0046:0002.0017: item 0 0 0 12 parsing failed
[  356.441424][ T5895] usb 4-1: config index 0 descriptor too short (expected 8192, got 18)
[  356.452269][ T5895] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  356.485371][ T5896] hid-generic 63C9:0046:0002.0017: probe with driver hid-generic failed with error -22
[  356.511724][ T5895] usb 4-1: config 0 has no interfaces?
[  356.537255][ T5895] usb 4-1: New USB device found, idVendor=05ac, idProduct=1291, bcdDevice=43.25
[  356.568520][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  356.591567][ T5895] usb 4-1: Product: syz
[  356.595948][ T5895] usb 4-1: Manufacturer: syz
[  356.709625][ T5895] usb 4-1: SerialNumber: syz
[  356.739203][ T5895] apple-mfi-fastcharge 4-1: config 0 descriptor??
[  356.816411][ T9437] netlink: 8 bytes leftover after parsing attributes in process `syz.5.981'.
[  357.382770][ T9438] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.390655][ T9438] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.500048][   T24] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  357.680737][ T9441] netlink: 8 bytes leftover after parsing attributes in process `syz.5.984'.
[  357.692180][ T9441] netlink: 12 bytes leftover after parsing attributes in process `syz.5.984'.
[  357.702780][   T24] usb 1-1: Using ep0 maxpacket: 16
[  357.717210][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  357.734161][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  357.752815][   T24] usb 1-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[  357.763717][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.773425][ T9441] netlink: 'syz.5.984': attribute type 3 has an invalid length.
[  357.782651][   T24] usb 1-1: config 0 descriptor??
[  357.789122][ T9441] netlink: 8 bytes leftover after parsing attributes in process `syz.5.984'.
[  358.219401][ T9428] lo speed is unknown, defaulting to 1000
[  358.235236][   T24] aquacomputer_d5next 0003:0C70:F00A.0018: hidraw0: USB HID v0.00 Device [HID 0c70:f00a] on usb-dummy_hcd.0-1/input0
[  358.432850][ T9454] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  358.540164][ T9454] kvm: pic: non byte read
[  358.585624][ T9454] kvm: pic: non byte read
[  358.936395][ T9454] kvm: pic: non byte read
[  359.036672][ T9454] kvm: pic: non byte read
[  359.062462][ T5895] apple-mfi-fastcharge 4-1: USB disconnect, device number 30
[  359.085497][ T9454] kvm: pic: non byte read
[  359.091307][ T9454] kvm: pic: non byte read
[  359.102262][ T9454] kvm: pic: non byte read
[  359.107256][ T9454] kvm: pic: non byte read
[  359.112006][ T9454] kvm: pic: non byte read
[  359.133033][ T5863] usb 1-1: USB disconnect, device number 38
[  359.139259][ T9454] kvm: pic: non byte read
[  359.479492][ T9471] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.480815][ T9471] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.734970][ T5895] usb 4-1: new full-speed USB device number 31 using dummy_hcd
[  359.768658][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  359.768676][   T30] audit: type=1400 audit(1748002300.162:854): avc:  denied  { mounton } for  pid=9472 comm="syz.4.990" path="/syzcgroup/unified/syz4" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  359.771827][ T9473] syz.4.990: attempt to access beyond end of device
[  359.771827][ T9473] loop4: rw=0, sector=64, nr_sectors = 2 limit=0
[  359.816246][ T9473] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32
[  359.911129][ T5895] usb 4-1: config 7 has an invalid interface number: 191 but max is 0
[  359.932476][ T5895] usb 4-1: config 7 has no interface number 0
[  359.954289][ T5895] usb 4-1: config 7 interface 191 has no altsetting 0
[  359.963293][ T5895] usb 4-1: New USB device found, idVendor=064b, idProduct=7825, bcdDevice=23.af
[  359.972677][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.005400][ T5895] usb 4-1: Product: syz
[  360.009622][ T5895] usb 4-1: Manufacturer: syz
[  360.018139][ T5895] usb 4-1: SerialNumber: syz
[  360.683054][ T5895] upd78f0730 4-1:7.191: upd78f0730 converter detected
[  360.697807][ T5895] usb 4-1: upd78f0730 converter now attached to ttyUSB0
[  360.711096][ T5895] usb 4-1: USB disconnect, device number 31
[  360.724567][ T5895] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0
[  360.736827][ T5895] upd78f0730 4-1:7.191: device disconnected
[  361.017295][   T30] audit: type=1326 audit(1748002301.322:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.045578][   T30] audit: type=1326 audit(1748002301.322:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.072734][   T30] audit: type=1326 audit(1748002301.350:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.103859][   T30] audit: type=1326 audit(1748002301.350:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.148409][   T30] audit: type=1326 audit(1748002301.350:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.172267][   T30] audit: type=1326 audit(1748002301.350:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad1eb8e56b code=0x7ffc0000
[  361.252142][ T5863] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  361.260077][   T30] audit: type=1326 audit(1748002301.350:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.605795][ T5863] usb 6-1: Using ep0 maxpacket: 16
[  361.612420][ T5863] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.635101][   T30] audit: type=1326 audit(1748002301.350:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1eb8e969 code=0x7ffc0000
[  361.662456][ T5863] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  361.700702][   T30] audit: type=1326 audit(1748002301.350:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9489 comm="syz.1.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad1eb8e56b code=0x7ffc0000
[  361.784794][ T5863] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.941031][ T5863] usb 6-1: config 0 descriptor??
[  362.054935][ T9503] fuse: Bad value for 'group_id'
[  362.059958][ T9503] fuse: Bad value for 'group_id'
[  362.070442][ T9503] overlayfs: conflicting options: userxattr,verity=require
[  362.806459][ T5863] mcp2221 0003:04D8:00DD.0019: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  363.617555][   T24] usb 6-1: USB disconnect, device number 3
[  363.680049][ T9516] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1004'.
[  363.886289][ T9524] binder: 9523:9524 ioctl c0306201 200000000640 returned -22
[  364.165510][ T9528] input: syz1 as /devices/virtual/input/input18
[  364.372143][ T9533] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  366.973902][ T5863] page_pool_release_retry() stalled pool shutdown: id 31, 1 inflight 60 sec
[  367.637069][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  367.637089][   T30] audit: type=1400 audit(1748002307.131:870): avc:  denied  { getopt } for  pid=9558 comm="syz.1.1017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  367.777694][ T9567] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1018'.
[  368.220973][ T9571] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1021'.
[  368.251626][ T9577] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  371.906488][ T9616] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1033'.
[  372.781106][ T9629] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  373.527099][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  373.770397][   T24] usb 6-1: Using ep0 maxpacket: 16
[  373.795440][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  373.817949][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  373.832593][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  373.957633][ T9640] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  374.007589][   T24] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  374.027147][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.062935][   T24] usb 6-1: config 0 descriptor??
[  374.488497][ T5859] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  374.519372][   T24] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[  374.553624][   T24] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.001A/input/input19
[  374.669525][ T5859] usb 1-1: Using ep0 maxpacket: 8
[  374.676936][ T5859] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  374.681148][   T24] microsoft 0003:045E:07DA.001A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  374.684519][ T5859] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.763638][ T5859] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.787528][ T5859] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.808493][ T5859] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.936113][ T5859] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  374.943687][ T5859] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  376.251811][ T5859] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  376.263882][ T5859] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  377.150772][ T5859] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  377.203245][   T24] usb 6-1: reset high-speed USB device number 4 using dummy_hcd
[  379.416047][ T5859] usb 1-1: unable to read config index 2 descriptor/start: -71
[  379.450736][ T5859] usb 1-1: can't read configurations, error -71
[  379.785708][ T9685] overlayfs: failed to clone upperpath
[  380.064425][   T30] audit: type=1400 audit(1748002319.141:871): avc:  denied  { read } for  pid=9692 comm="syz.3.1055" path="socket:[26045]" dev="sockfs" ino=26045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  380.984702][ T9706] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1053'.
[  381.097813][ T5862] usb 6-1: USB disconnect, device number 4
[  381.538450][ T9721] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1060'.
[  381.663607][   T30] audit: type=1400 audit(1748002320.628:872): avc:  denied  { mount } for  pid=9724 comm="syz.5.1061" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  381.948442][ T9738] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9738 comm=syz.1.1065
[  382.000963][   T30] audit: type=1400 audit(1748002320.946:873): avc:  denied  { unmount } for  pid=8885 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  382.077388][ T9743] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1065'.
[  382.290874][ T9752] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1069'.
[  382.454733][ T9755] lo speed is unknown, defaulting to 1000
[  382.460600][ T9755] lo speed is unknown, defaulting to 1000
[  382.467159][ T9755] lo speed is unknown, defaulting to 1000
[  382.505165][ T9755] infiniband s…z0: RDMA CMA: cma_listen_on_dev, error -98
[  383.033776][ T9758] smc: net device bond0 applied user defined pnetid SYZ2
[  383.083683][ T9755] lo speed is unknown, defaulting to 1000
[  383.098123][ T9755] lo speed is unknown, defaulting to 1000
[  383.112081][ T9755] lo speed is unknown, defaulting to 1000
[  383.125978][ T9755] lo speed is unknown, defaulting to 1000
[  383.139334][ T9755] lo speed is unknown, defaulting to 1000
[  383.153296][ T9755] lo speed is unknown, defaulting to 1000
[  383.361024][ T5862] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  383.553712][ T5862] usb 6-1: Using ep0 maxpacket: 32
[  383.617781][ T9768] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1072'.
[  383.647068][ T5862] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  383.674972][ T5862] usb 6-1: config 0 has no interface number 0
[  383.745166][ T5862] usb 6-1: config 0 interface 85 has no altsetting 0
[  383.752497][ T5895] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  383.856907][ T5862] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  383.890001][ T5862] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.922428][ T5862] usb 6-1: Product: syz
[  383.926652][ T5862] usb 6-1: Manufacturer: syz
[  383.939057][ T5862] usb 6-1: SerialNumber: syz
[  383.953555][ T5862] usb 6-1: config 0 descriptor??
[  383.967575][ T5862] appletouch 6-1:0.85: Could not find int-in endpoint
[  383.976141][ T5862] appletouch 6-1:0.85: probe with driver appletouch failed with error -5
[  383.985103][ T5895] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  383.994043][ T5895] usb 5-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config
[  384.007361][ T5862] usbhid 6-1:0.85: couldn't find an input interrupt endpoint
[  384.016076][ T5895] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  384.033000][ T5895] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  384.078768][ T5895] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  384.098815][ T5895] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  384.108176][ T5895] usb 5-1: Product: syz
[  384.116156][ T5895] usb 5-1: Manufacturer: syz
[  384.135737][ T5895] cdc_wdm 5-1:1.0: skipping garbage
[  384.145696][ T5895] cdc_wdm 5-1:1.0: skipping garbage
[  384.161712][ T5895] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  385.194636][ T9748] infiniband syz2: set down
[  385.259935][ T9748] infiniband syz2: added ipvlan1
[  385.698428][ T9748] RDS/IB: syz2: added
[  385.710940][ T9748] smc: adding ib device syz2 with port count 1
[  385.802249][ T5826] Bluetooth: hci1: ACL packet too small
[  385.809310][ T9748] smc:    ib device syz2 port 1 has pnetid 
[  386.750367][ T5859] usb 5-1: USB disconnect, device number 39
[  386.853920][ T9804] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1080'.
[  386.902423][ T9808] netlink: 'syz.1.1081': attribute type 21 has an invalid length.
[  386.922068][ T9808] IPv6: NLM_F_CREATE should be specified when creating new route
[  387.046643][ T9806] veth0: entered promiscuous mode
[  387.132952][ T9802] veth0: left promiscuous mode
[  387.232346][    T9] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  387.391367][    T9] usb 1-1: Using ep0 maxpacket: 8
[  387.406267][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  387.428883][    T9] usb 1-1: config 128 has an invalid interface number: 4 but max is 0
[  387.449551][    T9] usb 1-1: config 128 has no interface number 0
[  387.471382][    T9] usb 1-1: config 128 interface 4 has no altsetting 0
[  387.494927][    T9] usb 1-1: New USB device found, idVendor=19d2, idProduct=0125, bcdDevice=d3.4e
[  387.508922][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.509129][ T5896] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  387.517865][    T9] usb 1-1: Product: syz
[  387.562810][    T9] usb 1-1: Manufacturer: syz
[  387.567467][    T9] usb 1-1: SerialNumber: syz
[  387.714324][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  387.733495][ T5896] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  387.743650][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.754033][ T5896] usb 5-1: config 0 descriptor??
[  387.807557][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1083'.
[  387.834702][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1083'.
[  388.570781][ T9831] veth0_vlan: entered allmulticast mode
[  388.585225][ T9832] veth0_to_hsr: entered allmulticast mode
[  388.876739][ T9833] lo speed is unknown, defaulting to 1000
[  388.883356][ T9833] lo speed is unknown, defaulting to 1000
[  388.908389][    T9] option 1-1:128.4: GSM modem (1-port) converter detected
[  388.908595][ T5896] lg-g15 0003:046D:C222.001B: hidraw0: USB HID v10.00 Device [HID 046d:c222] on usb-dummy_hcd.4-1/input0
[  388.949088][    T9] usb 1-1: USB disconnect, device number 41
[  388.963969][    T9] option 1-1:128.4: device disconnected
[  389.103080][ T5896] usb 5-1: USB disconnect, device number 40
[  389.159904][ T5859] usb 6-1: USB disconnect, device number 5
[  389.213557][ T9842] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1091'.
[  389.224783][ T9842] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1091'.
[  389.340329][   T30] audit: type=1400 audit(1748002327.822:874): avc:  denied  { connect } for  pid=9848 comm="syz.0.1094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  389.393510][ T9851] netlink: 'syz.3.1093': attribute type 23 has an invalid length.
[  389.599464][ T9849] lo speed is unknown, defaulting to 1000
[  389.606393][ T9849] lo speed is unknown, defaulting to 1000
[  389.636388][ T5859] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  389.807518][ T5859] usb 6-1: Using ep0 maxpacket: 16
[  389.834449][ T5859] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  389.861056][ T5859] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  389.874227][ T5859] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  389.884289][ T5859] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  389.895137][ T5859] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  389.913017][ T5859] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  389.931358][ T5859] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  389.939924][ T5859] usb 6-1: Manufacturer: syz
[  389.972593][ T5859] usb 6-1: config 0 descriptor??
[  390.192347][   T24] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  390.395800][   T24] usb 1-1: Using ep0 maxpacket: 16
[  390.458605][ T9845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.542480][ T5859] rc_core: IR keymap rc-hauppauge not found
[  390.866176][ T9845] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.879651][ T5859] Registered IR keymap rc-empty
[  390.896990][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  390.951936][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  390.987320][   T24] usb 1-1: unable to read config index 0 descriptor/start: -71
[  391.011679][   T24] usb 1-1: can't read configurations, error -71
[  391.012441][ T5859] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  391.048627][ T5859] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input20
[  391.087068][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.261425][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.283199][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.304142][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.326662][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.349502][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.368430][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.425285][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.455073][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.928809][ T5859] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  391.968811][ T5859] mceusb 6-1:0.0: Registered  with mce emulator interface version 1
[  391.976920][ T5859] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  392.119194][ T5859] usb 6-1: USB disconnect, device number 6
[  392.308616][ T9884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1104'.
[  392.355152][ T9889] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1106'.
[  392.623137][ T5826] Bluetooth: hci1: ACL packet too small
[  392.834732][ T9903] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1110'.
[  392.886080][ T9904] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  392.920018][ T9909] netlink: 'syz.1.1111': attribute type 23 has an invalid length.
[  393.006083][ T9902] sg_write: data in/out 49020/1 bytes for SCSI command 0x1c-- guessing data in;
[  393.006083][ T9902]    program syz.5.1107 not setting count and/or reply_len properly
[  393.704587][   T36] wlan0: Trigger new scan to find an IBSS to join
[  393.830569][ T9915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1113'.
[  395.148873][ T9934] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1119'.
[  395.331149][ T5826] Bluetooth: hci1: ACL packet too small
[  396.165277][ T9949] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  396.311013][ T9952] netlink: 'syz.1.1125': attribute type 23 has an invalid length.
[  396.331401][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  396.337988][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  396.507255][ T9930] tipc: Enabling of bearer <ã0lC*eth:syz> rejected, media not registered
[  397.145167][ T9968] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1128'.
[  397.171647][ T9929] lo speed is unknown, defaulting to 1000
[  397.225552][ T9929] lo speed is unknown, defaulting to 1000
[  397.483339][   T24] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  397.643813][   T24] usb 1-1: device descriptor read/64, error -71
[  397.649451][ T9985] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1131'.
[  397.661209][   T30] audit: type=1400 audit(1748002335.604:875): avc:  denied  { read } for  pid=9986 comm="syz.1.1136" lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  397.699210][   T78] wlan0: Trigger new scan to find an IBSS to join
[  397.727020][ T9990] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  397.748203][ T9990] xt_TPROXY: Can be used only with -p tcp or -p udp
[  397.961556][   T24] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  398.135766][   T24] usb 1-1: device descriptor read/64, error -71
[  398.221412][ T5896] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  398.285509][   T24] usb usb1-port1: attempt power cycle
[  398.392125][ T5896] usb 5-1: device descriptor read/64, error -71
[  398.650517][ T8177] wlan0: Creating new IBSS network, BSSID 36:75:43:0b:0e:c1
[  398.668975][   T24] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  398.713900][ T5896] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  398.768167][   T24] usb 1-1: device descriptor read/8, error -71
[  398.937478][ T5896] usb 5-1: device descriptor read/64, error -71
[  399.077416][   T24] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  399.096389][ T5896] usb usb5-port1: attempt power cycle
[  399.180665][   T24] usb 1-1: device descriptor read/8, error -71
[  399.449813][   T24] usb usb1-port1: unable to enumerate USB device
[  400.250510][ T5896] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  400.295764][ T5896] usb 5-1: device descriptor read/8, error -71
[  400.583715][ T5896] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  400.657343][ T5896] usb 5-1: device descriptor read/8, error -71
[  400.777631][ T5896] usb usb5-port1: unable to enumerate USB device
[  400.826911][ T5895] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  401.246543][ T5895] usb 1-1: Using ep0 maxpacket: 16
[  401.342587][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  401.365100][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  401.375103][ T5895] usb 1-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[  401.412381][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.456194][ T5895] usb 1-1: config 0 descriptor??
[  401.630326][T10038] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1155'.
[  401.759735][ T5896] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  402.209870][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  402.232079][ T5895] aquacomputer_d5next 0003:0C70:F00A.001C: hidraw0: USB HID v0.00 Device [HID 0c70:f00a] on usb-dummy_hcd.0-1/input0
[  402.257283][ T5896] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  402.272688][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  402.282345][ T5896] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  402.312879][T10042] netlink: 'syz.5.1152': attribute type 10 has an invalid length.
[  402.316833][ T5896] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  402.320917][T10042] team0: Device hsr0 is up. Set it down before adding it as a team port
[  402.341595][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  402.375829][ T5896] usb 5-1: Product: syz
[  402.389175][ T5896] usb 5-1: Manufacturer: syz
[  402.406049][ T5896] usb 5-1: SerialNumber: syz
[  402.428711][ T5896] usb 5-1: config 0 descriptor??
[  402.481590][ T5896] ums-isd200 5-1:0.0: USB Mass Storage device detected
[  402.799988][T10058] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  403.053852][ T5896] ums-isd200 5-1:0.0: probe with driver ums-isd200 failed with error -22
[  403.619864][ T5862] usb 1-1: reset high-speed USB device number 48 using dummy_hcd
[  403.945948][T10082] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1167'.
[  404.699482][ T5895] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  404.834487][ T5812] usb 5-1: USB disconnect, device number 45
[  404.860561][ T5896] usb 1-1: USB disconnect, device number 48
[  404.908052][ T5895] usb 6-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=2d.62
[  405.467952][ T5895] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.480398][ T5895] usb 6-1: config 0 descriptor??
[  405.488349][ T5895] usb 6-1: selecting invalid altsetting 1
[  405.508291][ T5895] flexcop_usb: set interface failed.
[  405.571705][ T5895] b2c2_flexcop_usb 6-1:0.0: probe with driver b2c2_flexcop_usb failed with error -22
[  405.612141][T10095] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1172'.
[  405.726786][ T5859] usb 6-1: USB disconnect, device number 7
[  406.474804][   T30] audit: type=1326 audit(1748002343.826:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.3.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c6718e969 code=0x7fc00000
[  406.678868][   T30] audit: type=1326 audit(1748002343.826:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.3.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f7c6718e969 code=0x7fc00000
[  406.717442][T10127] vivid-000: disconnect
[  406.850450][ T5895] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  407.149809][ T5895] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  407.215431][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.305641][ T5895] usb 1-1: Product: syz
[  407.345992][ T5895] usb 1-1: Manufacturer: syz
[  407.390297][ T5895] usb 1-1: SerialNumber: syz
[  407.489014][   T30] audit: type=1326 audit(1748002344.790:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  407.558384][T10121] vivid-000: reconnect
[  407.564701][   T30] audit: type=1326 audit(1748002344.818:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  407.575296][ T5895] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  407.636911][   T30] audit: type=1326 audit(1748002344.818:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  407.772542][ T5896] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  407.799961][   T30] audit: type=1326 audit(1748002344.818:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  407.823972][   T30] audit: type=1326 audit(1748002344.818:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  408.114643][ T5826] Bluetooth: hci4: ACL packet too small
[  408.132719][   T30] audit: type=1326 audit(1748002344.818:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  408.156312][   T30] audit: type=1326 audit(1748002344.818:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  408.230438][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805e5b0800: rx timeout, send abort
[  408.239012][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807faaf000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  408.388096][   T30] audit: type=1326 audit(1748002344.818:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10121 comm="syz.5.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7fc00000
[  408.773268][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805e5b0800: abort rx timeout. Force session deactivation
[  409.278261][T10153] bond0: entered promiscuous mode
[  409.283446][T10153] bond_slave_0: entered promiscuous mode
[  409.289552][T10153] bond_slave_1: entered promiscuous mode
[  409.370409][ T5896] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  409.459063][ T5896] ath9k_htc: Failed to initialize the device
[  410.414678][ T5896] usb 1-1: ath9k_htc: USB layer deinitialized
[  411.552550][ T5812] usb 1-1: USB disconnect, device number 49
[  414.478429][T10212] 9pnet_fd: Insufficient options for proto=fd
[  416.009066][T10235] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1211'.
[  416.709649][    T9] IPVS: starting estimator thread 0...
[  416.755930][T10247] kAFS: No cell specified
[  416.916234][T10245] IPVS: using max 81 ests per chain, 194400 per kthread
[  417.826201][T10251] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1216'.
[  419.516893][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  419.518423][   T30] audit: type=1400 audit(1748002809.035:945): avc:  denied  { open } for  pid=10270 comm="syz.0.1223" path="/dev/ttyq5" dev="devtmpfs" ino=380 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  420.042095][T10280] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1224'.
[  420.200166][T10276] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1224'.
[  420.220797][T10286] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  422.339293][ T5896] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  423.055260][ T5896] usb 6-1: Using ep0 maxpacket: 32
[  423.086899][ T5896] usb 6-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  423.111150][ T5896] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.124902][ T5896] usb 6-1: Product: syz
[  423.129209][ T5896] usb 6-1: Manufacturer: syz
[  423.134699][ T5896] usb 6-1: SerialNumber: syz
[  423.144806][ T5896] usb 6-1: config 0 descriptor??
[  423.518804][   T30] audit: type=1326 audit(1748002812.786:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10322 comm="syz.0.1239" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fce2d18e969 code=0x0
[  423.545792][   T30] audit: type=1400 audit(1748002812.786:947): avc:  denied  { ioctl } for  pid=10324 comm="syz.4.1240" path="socket:[29743]" dev="sockfs" ino=29743 ioctlcmd=0x8b1a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  423.597689][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1240'.
[  423.606816][ T5896] peak_usb 6-1:0.0 can0: unable to request usb[type=0 value=0] err=-32
[  423.606846][ T5896] peak_usb 6-1:0.0: unable to read PCAN-USB Pro bootloader info (err -32)
[  423.688332][ T5896] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -32
[  423.702684][ T5896] usb 6-1: USB disconnect, device number 8
[  424.471602][T10331] lo speed is unknown, defaulting to 1000
[  424.478362][T10331] lo speed is unknown, defaulting to 1000
[  424.584094][    T9] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  424.728025][    T9] usb 5-1: device descriptor read/64, error -71
[  424.991863][    T9] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  425.150914][    T9] usb 5-1: device descriptor read/64, error -71
[  425.269829][    T9] usb usb5-port1: attempt power cycle
[  425.909797][ T5896] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  426.070114][    T9] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  426.093733][    T9] usb 5-1: device descriptor read/8, error -71
[  426.176881][ T5896] usb 1-1: Using ep0 maxpacket: 8
[  426.185468][ T5896] usb 1-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d9.40
[  426.194815][ T5896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.202907][ T5896] usb 1-1: Product: syz
[  426.207128][ T5896] usb 1-1: Manufacturer: syz
[  426.238007][ T5896] usb 1-1: SerialNumber: syz
[  426.245025][ T5896] usb 1-1: config 0 descriptor??
[  426.369420][    T9] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  426.411081][    T9] usb 5-1: device descriptor read/8, error -71
[  426.543426][    T9] usb usb5-port1: unable to enumerate USB device
[  426.632272][T10351] mkiss: ax0: crc mode is auto.
[  426.643746][T10351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  426.652507][T10351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  426.679128][T10361] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  427.039146][T10368] nfs: Unknown parameter ''
[  427.053930][   T30] audit: type=1400 audit(1748002816.088:948): avc:  denied  { connect } for  pid=10366 comm="syz.4.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  427.207965][   T30] audit: type=1400 audit(1748002816.098:949): avc:  denied  { bind } for  pid=10366 comm="syz.4.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  427.515941][   T30] audit: type=1400 audit(1748002816.098:950): avc:  denied  { listen } for  pid=10366 comm="syz.4.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  427.598890][   T30] audit: type=1400 audit(1748002816.098:951): avc:  denied  { accept } for  pid=10366 comm="syz.4.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  427.634358][ T8177] wlan1: Trigger new scan to find an IBSS to join
[  427.769790][   T30] audit: type=1400 audit(1748002816.687:952): avc:  denied  { setopt } for  pid=10370 comm="syz.5.1255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  428.063999][T10375] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  429.166858][T10380] netlink: 'syz.3.1258': attribute type 16 has an invalid length.
[  429.174859][T10380] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.1258'.
[  429.406028][   T30] audit: type=1400 audit(1748002818.277:953): avc:  denied  { unmount } for  pid=5809 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  429.481047][ T5896] usb 1-1: USB disconnect, device number 50
[  429.495226][T10385] team0: No ports can be present during mode change
[  429.576790][T10385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1260'.
[  429.580217][T10389] batadv0: entered promiscuous mode
[  429.625795][T10389] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  429.658587][T10391] input: syz0 as /devices/virtual/input/input21
[  429.681355][T10389] macvlan2: entered promiscuous mode
[  429.718207][T10389] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  430.119106][T10385] team0 (unregistering): Port device team_slave_0 removed
[  430.129829][T10385] team0 (unregistering): Port device team_slave_1 removed
[  430.175671][T10397] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  430.226460][ T5863] kernel write not supported for file [eventfd] (pid: 5863 comm: kworker/0:5)
[  430.440665][T10417] bridge_slave_0: left allmulticast mode
[  430.447005][T10417] bridge_slave_0: left promiscuous mode
[  430.452792][T10417] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.463583][T10417] bridge_slave_1: left allmulticast mode
[  430.472743][T10417] bridge_slave_1: left promiscuous mode
[  430.481556][T10417] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.492459][T10417] bond0: (slave bond_slave_0): Releasing backup interface
[  430.502152][T10417] bond0: (slave bond_slave_1): Releasing backup interface
[  430.524986][T10417] team0: Port device team_slave_0 removed
[  430.543204][T10421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1271'.
[  430.544552][T10417] team0: Port device team_slave_1 removed
[  430.559329][T10417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  430.568927][T10417] batman_adv: batadv0: Removing interface: batadv_slave_0
[  430.577360][T10417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  430.585685][T10417] batman_adv: batadv0: Removing interface: batadv_slave_1
[  430.707928][ T5896] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  430.760220][ T6152] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  430.884612][ T5896] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  432.750217][   T65] wlan1: Trigger new scan to find an IBSS to join
[  432.871677][ T5896] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  432.894130][T10431] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1275'.
[  432.916908][ T5896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.928794][ T5896] usb 1-1: Product: syz
[  432.933000][ T5896] usb 1-1: Manufacturer: syz
[  432.944044][ T5896] usb 1-1: SerialNumber: syz
[  432.988843][T10431] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1275'.
[  433.034688][   T30] audit: type=1326 audit(1748002821.673:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.088516][   T30] audit: type=1326 audit(1748002821.673:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.149527][   T30] audit: type=1326 audit(1748002821.682:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.202027][   T30] audit: type=1326 audit(1748002821.682:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.226832][   T30] audit: type=1326 audit(1748002821.682:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.250344][   T30] audit: type=1326 audit(1748002821.682:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.275531][   T30] audit: type=1326 audit(1748002821.682:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.281573][ T5896] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 51 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  433.305317][   T30] audit: type=1326 audit(1748002821.691:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.405971][T10444] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1276'.
[  433.767734][   T30] audit: type=1326 audit(1748002821.691:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.808922][ T5896] usb 1-1: USB disconnect, device number 51
[  433.838301][   T30] audit: type=1326 audit(1748002821.691:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10434 comm="syz.5.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa20158e969 code=0x7ffc0000
[  433.873121][ T5896] usblp0: removed
[  433.996030][   T12] wlan1: Creating new IBSS network, BSSID ce:30:17:ff:47:49
[  434.064886][    T9] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=9 comm=kworker/0:0
[  434.158226][T10457] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[  434.225439][T10457] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967291 (274877906624 ns) > initial count (30400 ns). Using initial count to start timer.
[  434.277942][T10457] netlink: 'syz.4.1284': attribute type 1 has an invalid length.
[  434.295209][T10457] netlink: 'syz.4.1284': attribute type 2 has an invalid length.
[  434.814915][ T5896] usb 1-1: new full-speed USB device number 52 using dummy_hcd
[  434.876753][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.986998][T10470] xt_CT: No such helper "syz1"
[  435.420704][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.638005][    C0] hrtimer: interrupt took 24879 ns
[  435.916069][    T9] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  436.142866][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.183890][    T9] usb 5-1: Using ep0 maxpacket: 8
[  436.382738][    T9] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  436.519892][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.623542][    T9] usb 5-1: Product: syz
[  436.681751][    T9] usb 5-1: Manufacturer: syz
[  436.769429][    T9] usb 5-1: SerialNumber: syz
[  436.912733][    T9] usb 5-1: config 0 descriptor??
[  436.946304][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.074691][    T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  437.205100][    T9] usb 5-1: setting power ON
[  437.323456][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  437.599631][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  437.742501][    T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  437.784656][    T9] usb 5-1: media controller created
[  437.796347][   T36] bridge_slave_1: left allmulticast mode
[  437.808407][   T36] bridge_slave_1: left promiscuous mode
[  437.816503][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.843851][   T36] bridge_slave_0: left allmulticast mode
[  437.856582][   T36] bridge_slave_0: left promiscuous mode
[  437.869909][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  437.893270][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.004283][    T9] usb 5-1: selecting invalid altsetting 6
[  438.013020][    T9] usb 5-1: digital interface selection failed (-22)
[  438.023848][    T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  438.035662][    T9] usb 5-1: setting power OFF
[  438.046912][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  438.054245][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  438.063877][    T9] (NULL device *): no alternate interface
[  439.135504][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  439.160110][    T9] usb 5-1: USB disconnect, device number 50
[  439.302755][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1298'.
[  439.574111][   T36] bond1 (unregistering): (slave geneve2): Releasing active interface
[  439.600047][   T36] bond1 (unregistering): (slave geneve2): the permanent HWaddr of slave - 7a:bc:80:ad:54:8f - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  439.690090][   T36] geneve2 (unregistering): left allmulticast mode
[  439.932846][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.933497][   T12] smc: removing ib device syz1
[  439.962402][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  439.974929][   T36] bond0 (unregistering): Released all slaves
[  440.116860][   T36] bond1 (unregistering): (slave veth3): Releasing active interface
[  440.134996][   T36] bond1 (unregistering): Released all slaves
[  440.170157][T10499] batadv_slave_1: entered promiscuous mode
[  440.268097][T10514] lo speed is unknown, defaulting to 1000
[  440.274616][T10514] lo speed is unknown, defaulting to 1000
[  440.435068][T10498] batadv_slave_1: left promiscuous mode
[  440.866018][    T9] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  441.226519][    T9] usb 6-1: Using ep0 maxpacket: 32
[  441.242075][    T9] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  441.286276][    T9] usb 6-1: config 0 has no interface number 0
[  441.300121][    T9] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  441.321640][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.409232][    T9] usb 6-1: Product: syz
[  441.441944][    T9] usb 6-1: Manufacturer: syz
[  441.453376][    T9] usb 6-1: SerialNumber: syz
[  441.472769][    T9] usb 6-1: config 0 descriptor??
[  441.482023][T10545] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1305'.
[  441.558256][T10547] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1306'.
[  441.585550][    T9] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  441.655277][T10547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1306'.
[  441.872295][    T9] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  441.899612][    T9] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  444.362988][T10590] netlink: 'syz.1.1316': attribute type 23 has an invalid length.
[  444.379166][T10591] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5133 sclass=netlink_route_socket pid=10591 comm=syz.0.1317
[  444.445604][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  444.446443][ T5812] usb 6-1: USB disconnect, device number 9
[  444.519590][ T5812] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  444.584594][T10588] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1315'.
[  444.688725][ T5812] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  444.971247][ T5812] quatech2 6-1:0.51: device disconnected
[  445.234968][T10604] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1318'.
[  445.712523][T10618] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  446.903736][ T5826] Bluetooth: hci1: ACL packet too small
[  447.634926][T10639] overlayfs: missing 'lowerdir'
[  447.768017][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  447.768035][   T30] audit: type=1400 audit(1748002835.470:983): avc:  denied  { connect } for  pid=10635 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  449.334138][T10664] overlayfs: failed to resolve './file0': -2
[  449.550603][T10672] netlink: 'syz.0.1336': attribute type 10 has an invalid length.
[  449.636075][T10673] xt_hashlimit: size too large, truncated to 1048576
[  450.325806][   T36] hsr_slave_0: left promiscuous mode
[  450.345290][   T36] hsr_slave_1: left promiscuous mode
[  450.363149][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  450.395212][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  450.448062][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  450.484281][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  451.187252][T10698] tmpfs: Bad value for 'mpol'
[  451.264672][   T36] veth1_macvtap: left promiscuous mode
[  451.287832][   T36] veth0_macvtap: left promiscuous mode
[  451.304650][   T36] veth1_vlan: left promiscuous mode
[  453.041025][   T36] team0 (unregistering): Port device team_slave_1 removed
[  453.171197][   T36] team0 (unregistering): Port device team_slave_0 removed
[  453.388350][ T5826] Bluetooth: hci4: command 0x0406 tx timeout
[  455.137118][T10696] lo speed is unknown, defaulting to 1000
[  455.146130][T10696] lo speed is unknown, defaulting to 1000
[  455.215801][T10742] netlink: 'syz.1.1354': attribute type 1 has an invalid length.
[  455.245669][   T36] IPVS: stop unused estimator thread 0...
[  455.258819][T10743] netlink: 'syz.5.1353': attribute type 23 has an invalid length.
[  455.350054][T10742] 8021q: adding VLAN 0 to HW filter on device bond1
[  455.418643][T10746] bond1: (slave geneve2): making interface the new active one
[  455.445350][T10746] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  455.530414][T10742] veth3: entered promiscuous mode
[  455.569701][T10742] bond1: (slave veth3): Enslaving as an active interface with a down link
[  455.598409][ T5812] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  455.609919][T10746] vlan2: entered allmulticast mode
[  455.624175][T10746] bond1: entered allmulticast mode
[  455.632250][T10746] geneve2: entered allmulticast mode
[  455.639316][T10746] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  455.780728][ T5812] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  455.797150][ T5812] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  455.822277][ T5812] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  455.832381][ T5812] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.853355][ T5812] usb 1-1: config 0 descriptor??
[  456.346570][T10760] bond0: entered promiscuous mode
[  456.351728][T10760] bond_slave_0: entered promiscuous mode
[  456.358684][T10760] bond_slave_1: entered promiscuous mode
[  456.711329][T10762] veth0_vlan: entered allmulticast mode
[  456.798322][T10762] veth0_to_hsr: entered allmulticast mode
[  457.211097][T10747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  457.227333][T10747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  457.468672][ T5863] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  457.474705][T10762] lo speed is unknown, defaulting to 1000
[  457.483684][T10762] lo speed is unknown, defaulting to 1000
[  457.647058][T10766] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1362'.
[  457.664484][T10767] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1362'.
[  457.674595][ T5863] usb 6-1: no configurations
[  457.679689][ T5863] usb 6-1: can't read configurations, error -22
[  457.692912][   T30] audit: type=1400 audit(1748002844.749:984): avc:  denied  { accept } for  pid=10765 comm="syz.1.1362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  457.717744][ T5812] usb 1-1: string descriptor 0 read error: -22
[  457.832779][ T5863] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  458.014041][ T5863] usb 6-1: no configurations
[  458.019352][ T5863] usb 6-1: can't read configurations, error -22
[  458.028732][ T5863] usb usb6-port1: attempt power cycle
[  458.169075][T10747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  458.246683][T10773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  458.257463][ T5812] uclogic 0003:256C:006D.001D: interface is invalid, ignoring
[  458.575174][T10770] netlink: 'syz.4.1363': attribute type 27 has an invalid length.
[  458.583153][T10770] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1363'.
[  458.612290][T10772] lo speed is unknown, defaulting to 1000
[  458.619004][T10772] lo speed is unknown, defaulting to 1000
[  458.750102][T10747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  458.762365][T10773] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  458.795979][ T5863] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  458.898552][ T5863] usb 6-1: no configurations
[  458.916821][ T5890] usb 1-1: USB disconnect, device number 53
[  458.943688][   T30] audit: type=1400 audit(1748002845.825:985): avc:  denied  { read } for  pid=10776 comm="syz.1.1364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  458.957419][ T5863] usb 6-1: can't read configurations, error -22
[  459.075332][T10786] netlink: 'syz.1.1367': attribute type 23 has an invalid length.
[  459.146755][ T5863] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  459.197492][ T5863] usb 6-1: no configurations
[  459.209832][ T5863] usb 6-1: can't read configurations, error -22
[  459.230348][ T5863] usb usb6-port1: unable to enumerate USB device
[  459.545789][T10799] netlink: 196 bytes leftover after parsing attributes in process `syz.5.1371'.
[  460.219986][T10809] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1373'.
[  460.652633][T10810] overlayfs: failed to clone upperpath
[  460.677049][   T58] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  460.850209][   T58] usb 6-1: config 0 has an invalid interface number: 50 but max is 0
[  460.926475][   T58] usb 6-1: config 0 has no interface number 0
[  460.934819][   T58] usb 6-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 162, changing to 11
[  460.951261][   T58] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  460.960449][   T58] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.968992][   T58] usb 6-1: Product: syz
[  460.974020][   T58] usb 6-1: Manufacturer: syz
[  460.978766][   T58] usb 6-1: SerialNumber: syz
[  461.003028][   T58] usb 6-1: config 0 descriptor??
[  461.033397][   T58] yurex 6-1:0.50: USB YUREX device now attached to Yurex #0
[  461.594145][ T5890] usb 6-1: USB disconnect, device number 14
[  461.742917][ T5890] yurex 6-1:0.50: USB YUREX #0 now disconnected
[  461.990915][T10828] FAULT_INJECTION: forcing a failure.
[  461.990915][T10828] name failslab, interval 1, probability 0, space 0, times 0
[  462.004106][T10828] CPU: 0 UID: 0 PID: 10828 Comm: syz.0.1377 Not tainted 6.15.0-rc7-syzkaller-00099-g94305e83eccb #0 PREEMPT(full) 
[  462.004135][T10828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  462.004146][T10828] Call Trace:
[  462.004153][T10828]  <TASK>
[  462.004161][T10828]  dump_stack_lvl+0x16c/0x1f0
[  462.004195][T10828]  should_fail_ex+0x512/0x640
[  462.004220][T10828]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  462.004241][T10828]  should_failslab+0xc2/0x120
[  462.004263][T10828]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  462.004283][T10828]  ? mas_alloc_nodes+0x18b/0x8b0
[  462.004310][T10828]  mas_alloc_nodes+0x18b/0x8b0
[  462.004339][T10828]  mas_node_count_gfp+0x105/0x130
[  462.004365][T10828]  mas_preallocate+0x53e/0xcd0
[  462.004384][T10828]  ? __lock_acquire+0xaa4/0x1ba0
[  462.004415][T10828]  ? __pfx_mas_preallocate+0x10/0x10
[  462.004433][T10828]  ? is_bpf_text_address+0x94/0x1a0
[  462.004462][T10828]  ? __asan_memset+0x23/0x50
[  462.004493][T10828]  commit_merge+0x29a/0x1020
[  462.004525][T10828]  ? __pfx_commit_merge+0x10/0x10
[  462.004557][T10828]  ? vma_merge_existing_range+0x113c/0x1cd0
[  462.004587][T10828]  ? dup_anon_vma.constprop.0+0x74/0x320
[  462.004619][T10828]  vma_merge_existing_range+0xc50/0x1cd0
[  462.004656][T10828]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  462.004694][T10828]  vma_modify+0x87/0x510
[  462.004713][T10828]  vma_modify_flags+0x212/0x2d0
[  462.004732][T10828]  ? __pfx_vma_modify_flags+0x10/0x10
[  462.004749][T10828]  ? mtree_range_walk+0x718/0xc00
[  462.004789][T10828]  mlock_fixup+0x27c/0xe50
[  462.004812][T10828]  apply_mlockall_flags+0x2d4/0x470
[  462.004832][T10828]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  462.004849][T10828]  ? __pfx___might_resched+0x10/0x10
[  462.004883][T10828]  ? __pfx_down_write_killable+0x10/0x10
[  462.004901][T10828]  ? __pfx_ksys_write+0x10/0x10
[  462.004926][T10828]  ? rcu_is_watching+0x12/0xc0
[  462.004954][T10828]  __do_sys_munlockall+0xc5/0x280
[  462.004975][T10828]  do_syscall_64+0xcd/0x260
[  462.005009][T10828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  462.005028][T10828] RIP: 0033:0x7fce2d18e969
[  462.005044][T10828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  462.005062][T10828] RSP: 002b:00007fce2e00f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  462.005080][T10828] RAX: ffffffffffffffda RBX: 00007fce2d3b6160 RCX: 00007fce2d18e969
[  462.005091][T10828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  462.005101][T10828] RBP: 00007fce2e00f090 R08: 0000000000000000 R09: 0000000000000000
[  462.005112][T10828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  462.005122][T10828] R13: 0000000000000000 R14: 00007fce2d3b6160 R15: 00007ffe40cd3558
[  462.005147][T10828]  </TASK>
[  462.005165][T10828] vmg ffffc900001f7c80 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start)
[  462.336009][T10828] vmg ffffc900001f7c80 state: mm ffff888060743c00 pgoff 0
[  462.336009][T10828] vmi ffffc900001f7e38 [200000000000,200000800000)
[  462.336009][T10828] prev ffff888029a91a00 middle ffff888029a91a00 next 0000000000000000 target 0000000000000000
[  462.336009][T10828] start 200000000000 end 200000800000 flags 80000fe
[  462.336009][T10828] file ffff88802fde16c0 anon_vma 0000000000000000 policy 0000000000000000
[  462.336009][T10828] uffd_ctx 0000000000000000
[  462.336009][T10828] anon_name 0000000000000000
[  462.336009][T10828] state 0
[  462.336009][T10828] just_expand 0
[  462.336009][T10828] __adjust_middle_start 0 __adjust_next_start 0
[  462.336009][T10828] __remove_middle 0 __remove_next 0
[  462.401183][T10828] vmg ffffc900001f7c80 mm:
[  462.405712][T10828] mm ffff888060743c00 task_size 140737488351232
[  462.405712][T10828] mmap_base 140523512111104 mmap_legacy_base 47109283057664
[  462.405712][T10828] pgd ffff888032827000 mm_users 4 mm_count 1 pgtables_bytes 139264 map_count 37
[  462.405712][T10828] hiwater_rss 160e hiwater_vm 5fad total_vm 5fef locked_vm 800
[  462.405712][T10828] pinned_vm 0 data_vm 18c5 exec_vm 1a4 stack_vm 21
[  462.405712][T10828] start_code 7fce2d049000 end_code 7fce2d1eadf9 start_data 7fce2d390000 end_data 7fce2d390000
[  462.405712][T10828] start_brk 55556469b000 brk 5555646cf000 start_stack 7ffe40cd3dc0
[  462.405712][T10828] arg_start 7ffe40cd5f6d arg_end 7ffe40cd5f81 env_start 7ffe40cd5f81 env_end 7ffe40cd5fe9
[  462.405712][T10828] binfmt ffffffff8e609d20 flags 800007fd
[  462.405712][T10828] ioctx_table 0000000000000000
[  462.405712][T10828] owner ffff88805bdc2440 exe_file ffff8880328d8000
[  462.405712][T10828] notifier_subscriptions 0000000000000000
[  462.405712][T10828] numa_next_scan 4294981178 numa_scan_offset 0 numa_scan_seq 0
[  462.405712][T10828] tlb_flush_pending 0
[  462.405712][T10828] def_flags: 0x0()
[  462.513142][T10828] vmg ffffc900001f7c80 prev:
[  462.517872][T10828] vma ffff888029a91a00 start 0000200000000000 end 0000200000800000 mm ffff888060743c00
[  462.517872][T10828] prot 27 anon_vma 0000000000000000 vm_ops ffffffff8b99e6a0
[  462.517872][T10828] pgoff 0 file ffff88802fde16c0 private_data 0000000000000000
[  462.517872][T10828] refcnt 1
[  462.517872][T10828] flags: 0x80020fe(write|exec|shared|mayread|maywrite|mayexec|mayshare|locked|softdirty)
[  462.558514][T10828] vmg ffffc900001f7c80 middle:
[  462.563407][T10828] vma ffff888029a91a00 start 0000200000000000 end 0000200000800000 mm ffff888060743c00
[  462.563407][T10828] prot 27 anon_vma 0000000000000000 vm_ops ffffffff8b99e6a0
[  462.563407][T10828] pgoff 0 file ffff88802fde16c0 private_data 0000000000000000
[  462.563407][T10828] refcnt 1
[  462.563407][T10828] flags: 0x80020fe(write|exec|shared|mayread|maywrite|mayexec|mayshare|locked|softdirty)
[  462.600372][T10828] vmg ffffc900001f7c80 next: (NULL)
[  462.605649][T10828] vmg ffffc900001f7c80 vmi:
[  462.610247][T10828] MAS: tree=ffff888060743c40 enode=ffff8880227bec0c 
[  462.610262][T10828] (ma_active)
[  462.618267][T10828] Store Type: 
[  462.621639][T10828] node_store
[  462.628260][T10828] [6/11] index=200000000000 last=2000007fffff
[  462.637753][T10828]      min=0 max=5555646bcfff alloc=0000000000000000, depth=1, flags=0
[  462.646199][T10828] maple_tree(ffff888060743c40) flags 30B, height 2 root ffff88802369fa1e
[  462.654752][T10828] 0-ffffffffffffffff: node ffff88802369fa00 depth 0 type 3 parent ffff888060743c41 contents: 35556369a000 2a78c6928000 101000 ffff8001bf32a000 0 0 0 0 0 0 | 03 03| ffff8880227bec0c 5555646BCFFF ffff88802369f40c 7FCE2CFFFFFF ffff88803616c80c 7FCE2E010FFF ffff88802369f60c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000
[  462.695273][T10828]   0-5555646bcfff: node ffff8880227bec00 depth 1 type 1 parent ffff88802369fa06 contents: 0000000000000000 110C22FFFF ffff888054e9e640 110E22FFFF 0000000000000000 1B2E51FFFF ffff888054e9e780 1B2E55FFFF 0000000000000000 1FFFFFFFEFFF ffff888054e9e8c0 1FFFFFFFFFFF ffff888029a91a00 2000007FFFFF ffff88807e388500 200000B35FFF ffff888029a918c0 200000FFFFFF ffff888054e9eb40 200001000FFF 0000000000000000 55556469AFFF ffff888054e9ec80 5555646BCFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 000000000000000b
[  462.757664][T10828]     0-110c22ffff: 0000000000000000
[  462.767320][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  462.773818][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  462.787320][T10828]     110c230000-110e22ffff: ffff888054e9e640
[  462.867069][T10828]     110e230000-1b2e51ffff: 0000000000000000
[  462.874401][T10828]     1b2e520000-1b2e55ffff: ffff888054e9e780
[  462.882348][T10828]     1b2e560000-1fffffffefff: 0000000000000000
[  462.893307][T10828]     1ffffffff000-1fffffffffff: ffff888054e9e8c0
[  462.901326][T10828]     200000000000-2000007fffff: ffff888029a91a00
[  462.908282][T10828]     200000800000-200000b35fff: ffff88807e388500
[  462.917320][T10828]     200000b36000-200000ffffff: ffff888029a918c0
[  462.925320][T10828]     200001000000-200001000fff: ffff888054e9eb40
[  462.933278][T10828]     200001001000-55556469afff: 0000000000000000
[  462.940884][T10828]     55556469b000-5555646bcfff: ffff888054e9ec80
[  462.951334][T10828]   5555646bd000-7fce2cffffff: node ffff88802369f400 depth 1 type 1 parent ffff88802369fa0e contents: ffff888054e9edc0 5555646CEFFF 0000000000000000 7FCE2AFF6FFF ffff88805dd03000 7FCE2AFF7FFF ffff88805dd03140 7FCE2B7F7FFF ffff88805dd03280 7FCE2B7F8FFF ffff88805dd033c0 7FCE2BFF8FFF ffff888035195640 7FCE2BFFAFFF ffff888035195500 7FCE2C3FAFFF ffff8880351958c0 7FCE2C3FCFFF ffff888035195000 7FCE2C7FCFFF ffff888035195780 7FCE2C7FEFFF ffff888035195dc0 7FCE2CBFEFFF ffff888035195c80 7FCE2CBFFFFF ffff8880351953c0 7FCE2CFFFFFF 0000000000000000 0 000000000000000d
[  463.008316][T10828]     5555646bd000-5555646cefff: ffff888054e9edc0
[  463.015107][T10828]     5555646cf000-7fce2aff6fff: 0000000000000000
[  463.022288][T10828]     7fce2aff7000-7fce2aff7fff: ffff88805dd03000
[  463.032288][T10828]     7fce2aff8000-7fce2b7f7fff: ffff88805dd03140
[  463.043310][T10828]     7fce2b7f8000-7fce2b7f8fff: ffff88805dd03280
[  463.050143][T10828]     7fce2b7f9000-7fce2bff8fff: ffff88805dd033c0
[  463.056772][T10828]     7fce2bff9000-7fce2bffafff: ffff888035195640
[  463.065277][T10828]     7fce2bffb000-7fce2c3fafff: ffff888035195500
[  463.077273][T10828]     7fce2c3fb000-7fce2c3fcfff: ffff8880351958c0
[  463.083842][T10828]     7fce2c3fd000-7fce2c7fcfff: ffff888035195000
[  463.090686][T10828]     7fce2c7fd000-7fce2c7fefff: ffff888035195780
[  463.100274][T10828]     7fce2c7ff000-7fce2cbfefff: ffff888035195dc0
[  463.107318][T10828]     7fce2cbff000-7fce2cbfffff: ffff888035195c80
[  463.117385][T10828]     7fce2cc00000-7fce2cffffff: ffff8880351953c0
[  463.125316][T10828]   7fce2d000000-7fce2e010fff: node ffff88803616c800 depth 1 type 1 parent ffff88802369fa16 contents: ffff888035195280 7FCE2D048FFF ffff8880622f5500 7FCE2D1EAFFF ffff8880622f53c0 7FCE2D297FFF ffff8880622f5000 7FCE2D37CFFF ffff8880622f5780 7FCE2D385FFF 0000000000000000 7FCE2D38FFFF ffff8880622f5640 7FCE2DEEDFFF 0000000000000000 7FCE2DFEEFFF ffff88807e388280 7FCE2DFEFFFF ffff88805dd03780 7FCE2E00FFFF ffff88807e3883c0 7FCE2E010FFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 000000000000000a
[  463.173743][T10828]     7fce2d000000-7fce2d048fff: ffff888035195280
[  463.180618][T10828]     7fce2d049000-7fce2d1eafff: ffff8880622f5500
[  463.187187][T10828]     7fce2d1eb000-7fce2d297fff: ffff8880622f53c0
[  463.194029][T10828]     7fce2d298000-7fce2d37cfff: ffff8880622f5000
[  463.200544][T10828]     7fce2d37d000-7fce2d385fff: ffff8880622f5780
[  463.207040][T10828]     7fce2d386000-7fce2d38ffff: 0000000000000000
[  463.213682][T10828]     7fce2d390000-7fce2deedfff: ffff8880622f5640
[  463.220213][T10828]     7fce2deee000-7fce2dfeefff: 0000000000000000
[  463.226699][T10828]     7fce2dfef000-7fce2dfeffff: ffff88807e388280
[  463.233311][T10828]     7fce2dff0000-7fce2e00ffff: ffff88805dd03780
[  463.262568][T10828]     7fce2e010000-7fce2e010fff: ffff88807e3883c0
[  463.283945][T10828]   7fce2e011000-ffffffffffffffff: node ffff88802369f600 depth 1 type 1 parent ffff88802369fa1e contents: ffff88805dd03640 7FCE2E030FFF ffff88805dd038c0 7FCE2E031FFF ffff88805dd03500 7FCE2E051FFF ffff8880622f5140 7FCE2E055FFF ffff8880622f5280 7FCE2E057FFF ffff888034ac8500 7FCE2E059FFF 0000000000000000 7FFE40CB4FFF ffff888034ac8780 7FFE40CD5FFF 0000000000000000 FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[  463.426961][T10828]     7fce2e011000-7fce2e030fff: ffff88805dd03640
[  463.444838][T10828]     7fce2e031000-7fce2e031fff: ffff88805dd038c0
[  463.475651][T10828]     7fce2e032000-7fce2e051fff: ffff88805dd03500
[  463.493044][T10828]     7fce2e052000-7fce2e055fff: ffff8880622f5140
[  463.499543][T10828]     7fce2e056000-7fce2e057fff: ffff8880622f5280
[  463.506590][T10828]     7fce2e058000-7fce2e059fff: ffff888034ac8500
[  463.513100][T10828]     7fce2e05a000-7ffe40cb4fff: 0000000000000000
[  463.519694][T10828]     7ffe40cb5000-7ffe40cd5fff: ffff888034ac8780
[  463.526361][T10828]     7ffe40cd6000-ffffffffffffffff: 0000000000000000
[  463.533732][T10828] ------------[ cut here ]------------
[  463.539271][T10828] WARNING: CPU: 0 PID: 10828 at mm/vma.c:768 vma_merge_existing_range+0x5d1/0x1cd0
[  463.549071][T10828] Modules linked in:
[  463.557417][T10828] CPU: 0 UID: 0 PID: 10828 Comm: syz.0.1377 Not tainted 6.15.0-rc7-syzkaller-00099-g94305e83eccb #0 PREEMPT(full) 
[  463.569744][T10828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  463.579967][T10828] RIP: 0010:vma_merge_existing_range+0x5d1/0x1cd0
[  463.586516][T10828] Code: 00 00 00 48 89 d8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 14 da 5e 09 e8 1f 07 aa ff 48 c7 c6 a0 da 9b 8b 48 89 df e8 50 ba f2 ff 90 <0f> 0b 90 e9 9d fc ff ff e8 02 07 aa ff 48 8b 54 24 20 48 b8 00 00
[  463.607413][T10828] RSP: 0018:ffffc900001f7b20 EFLAGS: 00010293
[  463.613558][T10828] RAX: 0000000000000000 RBX: ffffc900001f7c80 RCX: ffffffff8b63a713
[  463.623309][T10828] RDX: ffff8880363a2440 RSI: ffffffff82113ee0 RDI: 0000000000000006
[  463.631399][T10828] RBP: ffff888029a91a00 R08: 0000000000000006 R09: ffffffffffffffff
[  463.639473][T10828] R10: ffffffffffffffff R11: 0000000000000001 R12: 0000200000800000
[  463.647520][T10828] R13: ffffc900001f7ca0 R14: ffff888029a91a00 R15: 0000200000000000
[  463.655532][T10828] FS:  00007fce2e00f6c0(0000) GS:ffff8881249da000(0000) knlGS:0000000000000000
[  463.665440][T10828] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  463.672143][T10828] CR2: 0000000000000000 CR3: 0000000032827000 CR4: 00000000003526f0
[  463.680369][T10828] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  463.688386][T10828] DR3: 00000000000000a8 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  463.696445][T10828] Call Trace:
[  463.699763][T10828]  <TASK>
[  463.702802][T10828]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  463.709275][T10828]  vma_modify+0x87/0x510
[  463.713655][T10828]  vma_modify_flags+0x212/0x2d0
[  463.718551][T10828]  ? __pfx_vma_modify_flags+0x10/0x10
[  463.725756][T10828]  ? mtree_range_walk+0x718/0xc00
[  463.730869][T10828]  ? mas_walk+0x6a6/0x910
[  463.735314][T10828]  mlock_fixup+0x27c/0xe50
[  463.739799][T10828]  apply_mlockall_flags+0x2d4/0x470
[  463.745104][T10828]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  463.750889][T10828]  ? __pfx___might_resched+0x10/0x10
[  463.756283][T10828]  ? __pfx_down_write_killable+0x10/0x10
[  463.761981][T10828]  ? __pfx_ksys_write+0x10/0x10
[  463.766935][T10828]  ? rcu_is_watching+0x12/0xc0
[  463.771770][T10828]  __do_sys_munlockall+0xc5/0x280
[  463.777018][T10828]  do_syscall_64+0xcd/0x260
[  463.781582][T10828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.787580][T10828] RIP: 0033:0x7fce2d18e969
[  463.792067][T10828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.811847][T10828] RSP: 002b:00007fce2e00f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  463.820700][T10828] RAX: ffffffffffffffda RBX: 00007fce2d3b6160 RCX: 00007fce2d18e969
[  463.828792][T10828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  463.837413][T10828] RBP: 00007fce2e00f090 R08: 0000000000000000 R09: 0000000000000000
[  463.847949][T10828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.856142][T10828] R13: 0000000000000000 R14: 00007fce2d3b6160 R15: 00007ffe40cd3558
[  463.864259][T10828]  </TASK>
[  463.867259][T10828] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  463.874519][T10828] CPU: 0 UID: 0 PID: 10828 Comm: syz.0.1377 Not tainted 6.15.0-rc7-syzkaller-00099-g94305e83eccb #0 PREEMPT(full) 
[  463.886562][T10828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  463.896590][T10828] Call Trace:
[  463.899847][T10828]  <TASK>
[  463.902759][T10828]  dump_stack_lvl+0x3d/0x1f0
[  463.907335][T10828]  panic+0x71c/0x800
[  463.911216][T10828]  ? __pfx_panic+0x10/0x10
[  463.915615][T10828]  ? show_trace_log_lvl+0x29b/0x3e0
[  463.920796][T10828]  ? check_panic_on_warn+0x1f/0xb0
[  463.925887][T10828]  ? vma_merge_existing_range+0x5d1/0x1cd0
[  463.931695][T10828]  check_panic_on_warn+0xab/0xb0
[  463.936612][T10828]  __warn+0xf6/0x3c0
[  463.940486][T10828]  ? vma_merge_existing_range+0x5d1/0x1cd0
[  463.946289][T10828]  report_bug+0x3c3/0x580
[  463.950602][T10828]  ? vma_merge_existing_range+0x5d1/0x1cd0
[  463.956389][T10828]  handle_bug+0x184/0x210
[  463.960694][T10828]  exc_invalid_op+0x17/0x50
[  463.965169][T10828]  asm_exc_invalid_op+0x1a/0x20
[  463.970001][T10828] RIP: 0010:vma_merge_existing_range+0x5d1/0x1cd0
[  463.976396][T10828] Code: 00 00 00 48 89 d8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 14 da 5e 09 e8 1f 07 aa ff 48 c7 c6 a0 da 9b 8b 48 89 df e8 50 ba f2 ff 90 <0f> 0b 90 e9 9d fc ff ff e8 02 07 aa ff 48 8b 54 24 20 48 b8 00 00
[  463.996001][T10828] RSP: 0018:ffffc900001f7b20 EFLAGS: 00010293
[  464.002055][T10828] RAX: 0000000000000000 RBX: ffffc900001f7c80 RCX: ffffffff8b63a713
[  464.010001][T10828] RDX: ffff8880363a2440 RSI: ffffffff82113ee0 RDI: 0000000000000006
[  464.018470][T10828] RBP: ffff888029a91a00 R08: 0000000000000006 R09: ffffffffffffffff
[  464.026414][T10828] R10: ffffffffffffffff R11: 0000000000000001 R12: 0000200000800000
[  464.034369][T10828] R13: ffffc900001f7ca0 R14: ffff888029a91a00 R15: 0000200000000000
[  464.042322][T10828]  ? mt_dump_node+0xcd3/0x16d0
[  464.047080][T10828]  ? vma_merge_existing_range+0x5d0/0x1cd0
[  464.052883][T10828]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  464.058935][T10828]  vma_modify+0x87/0x510
[  464.063151][T10828]  vma_modify_flags+0x212/0x2d0
[  464.067975][T10828]  ? __pfx_vma_modify_flags+0x10/0x10
[  464.073320][T10828]  ? mtree_range_walk+0x718/0xc00
[  464.078329][T10828]  ? mas_walk+0x6a6/0x910
[  464.082641][T10828]  mlock_fixup+0x27c/0xe50
[  464.087040][T10828]  apply_mlockall_flags+0x2d4/0x470
[  464.092212][T10828]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  464.097905][T10828]  ? __pfx___might_resched+0x10/0x10
[  464.103173][T10828]  ? __pfx_down_write_killable+0x10/0x10
[  464.108789][T10828]  ? __pfx_ksys_write+0x10/0x10
[  464.113618][T10828]  ? rcu_is_watching+0x12/0xc0
[  464.118628][T10828]  __do_sys_munlockall+0xc5/0x280
[  464.123627][T10828]  do_syscall_64+0xcd/0x260
[  464.128123][T10828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.133991][T10828] RIP: 0033:0x7fce2d18e969
[  464.138397][T10828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.157993][T10828] RSP: 002b:00007fce2e00f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  464.166407][T10828] RAX: ffffffffffffffda RBX: 00007fce2d3b6160 RCX: 00007fce2d18e969
[  464.174387][T10828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  464.182335][T10828] RBP: 00007fce2e00f090 R08: 0000000000000000 R09: 0000000000000000
[  464.190278][T10828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.198225][T10828] R13: 0000000000000000 R14: 00007fce2d3b6160 R15: 00007ffe40cd3558
[  464.206180][T10828]  </TASK>
[  464.209414][T10828] Kernel Offset: disabled
[  464.213732][T10828] Rebooting in 86400 seconds..