last executing test programs:

9.458490908s ago: executing program 4 (id=3318):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x82, 0x42081)
socket$tipc(0x1e, 0x5, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/prev\x00')
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x81, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x808, 0x2}, 0x20)
pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x3, 0x0, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800030020"], 0xfdef)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)

9.014493397s ago: executing program 4 (id=3323):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_io_uring_setup(0x9e, &(0x7f0000000100)={0x0, 0xb601, 0x1, 0x5, 0x9c3}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x1e})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0xfff5)

6.45458091s ago: executing program 4 (id=3327):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000002d00010026bd7000fcdbdf250400000008000c00", @ANYRES32=r0, @ANYBLOB="0c2adf8dd6548e0ce47a93a3"], 0x28}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket(0x10, 0xa, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000040fe0000000000000008000f00fd000000", 0x24)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080)=<r2=>0x0)
syz_open_procfs$userns(r2, &(0x7f00000000c0))

5.986554451s ago: executing program 4 (id=3329):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000002c0)=[{{&(0x7f0000000240)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000a00)=[{&(0x7f0000000740)=""/70, 0x46}, {&(0x7f0000000840)=""/174, 0xae}, {&(0x7f0000000900)=""/83, 0x53}, {&(0x7f0000000980)=""/120, 0x78}, {&(0x7f0000000040)=""/13, 0xd}], 0x5, &(0x7f00000001c0)=""/43, 0x2b}, 0x7}], 0x1, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
tkill(r3, 0x2)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4040000)
r4 = memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0)
sendfile(r4, r4, &(0x7f0000001000), 0xfec)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004405c}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="00001601"], 0x18, 0x800}}], 0x2, 0x4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0xba31000000, 0x0)
ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r7, 0xc00464c9, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x0, 0x1, 0x7ffffffc}})
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r8, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @multicast2}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f00000bd000), 0x318, 0x0)

5.184695699s ago: executing program 2 (id=3334):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000000240), 0x2c, 0x2023, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = open(&(0x7f0000000280)='.\x00', 0x80000, 0x3)
r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x4040, 0x1ff)
write$binfmt_elf64(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e"], 0x78)
close(r3)
execveat(r2, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r4 = socket$kcm(0xa, 0x6, 0x73)
sendmsg$kcm(r4, &(0x7f0000000240)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0xff, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8, 0x10}, 0x80, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="b39e2c88143ab2f14c2f3ad9d7f5e04baada04d9308180a4de026ea621bf9e3982869c58cd6a9eac"], 0x10}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000480)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-camellia-aesni-avx2\x00'}, 0x97)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x15, 0x803, 0xfffffffe)
sendmsg$nl_route_sched(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r8, &(0x7f0000000380)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
bind$packet(r6, &(0x7f0000000040)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @remote}, 0x14)
r10 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r10, &(0x7f0000000000)=[{&(0x7f0000000340)=""/187, 0xbb}], 0x1, 0x33, 0xf00)
r11 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$alg(r11, &(0x7f0000004140)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000001c0)="14", 0x1}, {&(0x7f0000000280)="3b942cdf3dbb4d708446209c8a7a9893c711167b6aee1ac4a8cc59d92a394f460b20f21b9add9e84d2dba9e6df8034c449e64138a4aea2a8df6d35031bd3263f", 0x7fffefff}], 0x2}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000850000007d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)

4.943021771s ago: executing program 4 (id=3336):
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x6, 0xfc55, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x2, 0x2, 0x7)
getsockopt$bt_hci(r2, 0x84, 0x6d, &(0x7f0000001080)=""/4103, &(0x7f0000001040)=0xdf9226e557f1152d)
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
lseek(r3, 0x8000000000000000, 0x3)
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
listen(r4, 0x8)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000000c0)="008b34ab5a3d2838b41abeb66b168f2d757a45416f808cab2d420d941ce3cf8080224a89d2af2840ef5f67d3e584a557cbde172a3855afbe3a7c05656ee1779e7335911bba52d3870b2679c0052b70cc7afe76c6223738208230999da51cef0a56dd8acd6d6c117001c03cb29edbcece0bf7630f2ef8ece3e13f59e4ea81d5ece7825cd562d2b3ad985dda300c5cd6c6cefe9497dfaad8a06ba8a58599a950a694b17efbab769feccee162ab3eaaf18eb3e6fc9044bd8707000000000000005eb14775b679219ec39be235914d0372aa0e712d952ee4d9d8872049a46e0169262ae69ac3d1c763726fee12c641dfeafde47336ad1e3b5daaa2f91c0b3aaf14dc99cdd785a0d67f4eafce758560cf3f0a434fbc13b59964dfae47844c51dbd83bf4", 0x121, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10)
sendto$inet6(r2, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000240)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f00000003c0)={0x0, 0x2, 0x7a}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000002c0)={0x0, 0x40}, 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000005700)={{0x0, 0x0, 0x80, {0x100000, 0xeeee8000}}, "cb31455c9e9d288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97af85a08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d03ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e50100cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa710c3e20fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362eb5bf86fce896dbc2a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca433d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eeae43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b5511ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})

4.220406045s ago: executing program 2 (id=3339):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x705, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010102}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x0)

4.213086689s ago: executing program 1 (id=3340):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x701, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000240)={0x28, 0x3, r2, 0x0, &(0x7f0000001000/0x3000)=nil, 0x3000, 0x8000000000000001})
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYRES32=r3], 0x24}}, 0x0)
ioctl$IOMMU_IOAS_MAP(r1, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r2, 0x0, &(0x7f0000000200)="cc", 0x1, 0x2})
ioctl$IOMMU_IOAS_COPY(r1, 0x3b83, &(0x7f0000000080)={0x28, 0x2, r2, r2, 0x9, 0x7, 0x1200})

3.905311674s ago: executing program 1 (id=3342):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0xf5ff, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000180)="471e03886160", 0x0, 0x0, 0x0, 0x0, 0x0})

3.904969604s ago: executing program 2 (id=3343):
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x10)
r0 = openat$apparmor_thread_current(0xffffff9c, 0x0, 0x2, 0x0)
write$apparmor_current(r0, 0x0, 0xff)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000780), 0x10000, 0x0)
landlock_restrict_self(r2, 0x5)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x22102, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = eventfd(0x3)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000280)={r5, 0x2, 0x2, r5})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff, 0x8e59, 0x0, 0x3})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$TCFLSH(r6, 0x540b, 0x6)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r7 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x22}}, 0x10, 0x0}, 0x300440f1)
setsockopt$sock_attach_bpf(r7, 0x1, 0x12, &(0x7f00000007c0), 0x29)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb700000001090212"], 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaa86082b9827c186dd60cb3e0200403a00fc020000000000000000000000000000ff02000000000000000000000000000104440000000000046097436700001100fe880000000000000000000000000001fe8000000000000000000000000000aa00000000000000000001000100000000"], 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)

3.667771288s ago: executing program 1 (id=3344):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x8000)
mq_notify(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, @thr={0x0, 0x0}})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000082"], 0x34}}, 0x0)
r2 = syz_io_uring_setup(0x4a60, &(0x7f0000000080)={0x0, 0x0, 0x8000, 0xfffffffe, 0x1b3}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000000})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r6, &(0x7f0000000240), 0x0, 0x40004, 0x0, 0x0)
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x48400)
ioctl$EVIOCGMASK(r7, 0x80104592, &(0x7f0000000100)={0x0, 0x93, &(0x7f0000000300)="5f7d10d9209a001579312ebed5c9745794085b885d078ed5f88dfe2d2ff7e868e86bb84d68e3d6696f4b8a28b90038aa89b18a8a4ea6ee96a1c58c07cde315c3bdf136f69eff0255c47d5fd69d1dd2767e6ecd62eec2f971a88bef179987626661e33bd413c0c660d687dec9a0c46e350a7b59f47ff622ff85af6db7cfcd36efe06e407fa6e6fe301b99140a4f2da4b2631b90"})
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x88f, &(0x7f00000001c0)={0x0, 0x442, 0x10000, 0xffffffff, 0x16, 0x0, r2}, 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)

3.625133037s ago: executing program 0 (id=3345):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6879ce3c39314ddc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}]}}]}, 0x3c}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x10000000000000)

3.363210092s ago: executing program 1 (id=3346):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000140)=0x10, 0x4)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000180), &(0x7f00000000c0)=0x30)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {r2, r3+10000000}}, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0xfffffffffffffdb5, 0x4, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000180)="471e03886160", 0x0, 0x1, 0x0, 0x0, 0x0})
timer_getoverrun(r1)

3.220872082s ago: executing program 0 (id=3347):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x82, 0x42081)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x81, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x808, 0x2}, 0x20)
pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x3, 0x0, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800030020"], 0xfdef)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)

2.788304613s ago: executing program 0 (id=3349):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
syz_emit_ethernet(0x86, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_vs\x00')
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
symlinkat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80000, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES16=r0], 0x48)
syz_usb_connect(0x7, 0xe74, &(0x7f0000000040)=ANY=[], 0x0)
r2 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r2, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r3, @ANYRES16=r1], 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='stack\x00')
socket(0x2, 0x80805, 0x0)
ioctl$TCSETSF(r4, 0x5404, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000980), 0x80080)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)

2.74137067s ago: executing program 1 (id=3350):
fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
fsopen(&(0x7f0000000100)='cifs\x00', 0x1)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r1, 0x0)
socket$unix(0x1, 0x1, 0x0)
accept4(r1, 0x0, 0x0, 0x80000)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000002c0), 0x4000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec309d59191b00867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}], 0x2)

2.474519012s ago: executing program 3 (id=3352):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000180)={0x28, r0, 0x1, 0x0, 0x0, {0x1e, 0x0, 0xf0ff}, [@ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_PAUSE_RX={0x5}]}, 0x28}}, 0x0)

2.361440559s ago: executing program 3 (id=3353):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4001, 0xfffffffd, 0x0, 0x6}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x18}, 0x1, 0x0, 0x0, 0x20100173952782b3}, 0x0)

2.35507612s ago: executing program 3 (id=3354):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000001008006110a400000000001c1a0000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.277395246s ago: executing program 3 (id=3355):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x9}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x47}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8, 0x1, 0x1, 0x0, 0x24}, @NFTA_INNER_EXPR={0x18, 0x5, 0x0, 0x1, @immediate={{0xe}, @val={0x4}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xa4}, 0x1, 0x0, 0x0, 0xdae27cb1b3302389}, 0x0)

2.087057061s ago: executing program 3 (id=3356):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_usb_connect(0x3, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100015ae4c41096050100f5050100030109021b0001000000000904d60001b5e14500090583"], 0x0)
r0 = socket(0x1d, 0x2, 0x6)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8400, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xa4c81, 0x0)
r4 = dup3(r3, r1, 0x0)
fadvise64(r4, 0x7fffffffffffffff, 0x479888e3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r5, 0x2, {0x1, 0x0, 0x3}, 0xfd}, 0x18)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r6, @ANYBLOB="05", @ANYRES16=r6], 0x0)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x2, 0x5e, 0x5, 0x3, 0x9})
r8 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r8, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r8, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r8, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x20005e, 0x0, 0x9, 0x4, 0x2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
io_setup(0x8, &(0x7f0000004200)=<r9=>0x0)
io_pgetevents(r9, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1.82811954s ago: executing program 1 (id=3357):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x30, 0x4, 0x75}, 0x2c)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000940)={0x38, 0x5, 0x0, 0x4, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x9}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x2, 0x3, @loopback, 0x7}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x20008840, &(0x7f0000000180)={0xa, 0x2, 0x80000, @loopback, 0x9}, 0x1c)
shutdown(r2, 0x1)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5fb, @value=0x3})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x24000840)
r3 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, &(0x7f0000000840)=ANY=[@ANYBLOB="06"])
keyctl$KEYCTL_WATCH_KEY(0x20, r3, 0xffffffffffffffff, 0x0)
r4 = add_key$keyring(&(0x7f0000000300), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r3)
capset(&(0x7f0000000580)={0x20080522}, &(0x7f0000000000)={0x2, 0x401, 0x7fffffff, 0x2, 0xfffffffd, 0xfffffeff})
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)
r6 = add_key$user(&(0x7f0000000280), &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000001c0)="000000c6d222406b096cc34801000000647418aaf9b9a332f41ec9591b532723e017c8c54d863ecd9b0df090720300e43d59f817b99310b68400968f3c2f02", 0x3f, r4)
add_key$fscrypt_provisioning(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000480)=ANY=[@ANYBLOB="020000000000000001020304050607080918191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d473f40"], 0x48, 0x0)
r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r6, r7, r6}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000500)=ANY=[@ANYBLOB="120100007292bd404020305582a80000000109021b0001000000000904000001df7fa90009", @ANYBLOB="868f54c904e040c50c074d8b00bbc371b8579e53286abbb5dd99d546c39dfd201b3c3190a6815e0794c948611ea14048657ca1bd6b408f771a49b9127a25915fd9"], 0x0)

1.644656281s ago: executing program 4 (id=3358):
syz_usb_connect(0x3, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="12012000f1048108cd060202d4920000000109021b1901000000d40904150001da40df000905", @ANYRES64], 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f00000002c0)={0x14, 0x10, 0x3, 0xb, 0x4, 0x2, 0x3, 0x84, 0x1})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb10000000010200090502c383eb7dd038c4247f1833afa3a8f175fa8027bc29645fd25c943c59d6f34e67902d613599dc5d71c99160013e0a9ec024ff4db01f1deffefb"], 0x0)
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
get_mempolicy(0x0, &(0x7f0000000080), 0x8b45, &(0x7f0000c20000/0x4000)=nil, 0x4)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x20301, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000080)=0x100)
syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x0, 0xffffffff}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
io_setup(0xf, &(0x7f00000001c0)=<r4=>0x0)
r5 = eventfd2(0x3, 0x80801)
r6 = eventfd2(0x400, 0x80000)
io_submit(r4, 0x4, &(0x7f0000001580)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000300)="1adfd4a8d2d5dc9d62672ba32b6d874d46e46592f62039d2d06b4fe66af6a84d19237d3e294059ccca27197d92a5413387d9f7d2cd96da3d08cdf8399dcc1ffd889a4399c491d5353b3ee2e924ab5633df4c8e8b2a3471926f7e719da8114e811e74b8bc3e6b684f60d7831f2de52ef0a86696912a68b0f8a11563b20750a862b87b7e95e60e98eb6f1799ff12814c384a86a4e1c4ab8d2f2cde734a4548589f77decf1525ac271be9f1cc79a7aad7e35b73aa873054dbf1a1d7189c0dfce607c9fb93aadbe6984e82400d654fd4e677d924d4891e9b040eb3e5c796f01e9f25f09926224e49f4fdbf184b31f5bcd03ec72aed27281617399a636fffac7f4fbe1e461eb9dc8a8b76917345d10af1cb7cd530e58426801d0bb431566404f81aa61b9cda7ad7c1e6503939d16e746cd04f83812efc9b25a9a0be79c50be02d5bf63cd77e8a2b8ea8fb4c02836f2fd4759db1636c8f5d987a8465584d240968523cf3787ef520327a6dba0827cbc5c19cb069d400a5b057184d1113c81e8e731dba4c5efcfb2ebfc678151aca6a9e05add2f5afdec66d71aa11e29c09d77ef914e55d90aebf891403245523034c3387195616277937d6c2a89426e81348b2f0513d47b9dd0f6f6968e11226fc57b5f08175f53be5af4a252678bcdc487559eddd682155056f9866e2e9214c4868b809531619265b8a401d68e59c60cb7d449c0388889b07216a23f101ce66a9aae17393c0cd78e9d45e6261f136f1e0f96595f04f97dfde40a36e7d7981b29f82d26b09e3b2bfa14c9886ed993da4d4ba92c690db261148b95de05268d74fa660ac73927f2c126dfec8826d42cf7e1380a8ebcd8f7c850b3f653a36dceb91fc799290b59920580b74165a044bd80aef92c16e0fb6d3e61229e50a24e2752a905ac3d0a7a4934331ca9108fdcf460e546736be03366d3948a25843a7e54fc4852e82d42cf332ec1bd9f4fba672a2c7c1ab5d810937cacfe4b8a23f11096ba908412de0e0f9a3dd4a08781f6209f676d803a75e5239f074d1cbbee311969055db5af7a62627eec636ca1a25950ec794978eb011a9cbf5e83b8136673952d669da73271c805ffb33233775461593d8e603b6a7c77b5cbc6122c4baf7b0e431445630cd4c0dca736c68fddca77d305e494990a17290f97dd8e1ef968c83acb288d5c97662055805143871cf741aedcc464f53dffc32b1c54acc4a8953f8feb6154f1e727467a3c0620a32bf8245ea0e42f60071ad36d036fbd3e236fcaa3d84aa7863ff92bd933702e3ae4f8eabe35c3a3571881ec7e37c12ce5d59390449d1ca7d833bab5bb499d9c8a63bd2c70c3e9ce98e96d511206cb0e23c0c6f68617bc992876dfa32720bca74940fba8c221c33c797b54b9b2d58a0d979c73f987723c1e07708553048e8cf3a3f3d68f4f332992d59530b8b84b79d86c0de1e4aeb32cbe1ca16c967c0f26e1f1243dffb5f3beab18c637859c818d94293a1dd2727b9d53eb9a7283d7198a1106de9e1706cc07ab9b01eabb42f1f78db0164be919e7da7b10299f488a920d863210cff72200c7d061a667aea8df30c35a395c175e85475f030c673bcff29ae1e2baceb452fef960fb5b363c3fe839fa3ada03cfcc79caec5c96b7a90e88fd7476b692396e7e259640a2a8f6de4a580bc408fa2f78232039ae2e41a9ef3f5e91197dfc67cd4c8e54a266f093bd839a5192ee071afb39e3a157c1e4b6f31797725f89611ba416b6b5b54f57cb005591ef45a9f339d014cad8e8a675cf02f708a6a6a82c40edf85772816360c8c9d8131729383e44e44b8b8c7b02e80ffbd70d3777bbb8491ecb3f3763e4c1f013190d726c15155e86709432cdf6c4472fda663e1bbb303e71e9d92d8e517fa622ee56a6dcf51fa7700c29bd4b05644d2a3f55642f627facc59331435611343c07d925b599a894651498ae6f02d37e7d9e6c01744abe9aa544ecf572c98f842d079604b73d9235dcf777345c7dc01c12d366aeb9c7f551d6d5a10e53e663bfc740ec171c6ddf8ecd04870b823db6c30e773f8ddf18cb5a98fc3c882567ade17cb643ec2349aebd8c432e91804bc9ad7adfb3b43d7d9b1265cbef6953a8629551ca62c4c5a5cf4414e3febe3cf5be6b20fe8083dcc44e94a16f93b821e16a92e3f6c413fe8c3a4870ee0a903fb64c291c025774ad7ae664bf18ce0a2475d853fa06c6e530f83ea23e60cb6467ae3387e920dfc046b367cdd77059bd1dae22b0871cb9d7fdda8fa4b7b0adf7e0ae13b47424bfe1faaaa3746eeaa99f0f528bce2c88a417c16201471e6fe2414df4b2b7a03b3ebb26e9d7a84a68c343c7253a590aff2bf03aae68910d20d230d10d3c035b3681a71b85cba93ca90f12df6e588b6f04caf46ed003de6bceb02c1e7d85ac3a694e62592d3dc6a0ddcc576d28a5557bedb802d81864d2a92e439b9b21ded9b16f4125ceee0863008b4c9f9cdb71f5ed5309adef17716adedf86cbb5ea600ba3eac7d73b8c3808a29319850edfaea5496b568c57e5be6e0cc49fcd66503314722355652d7c78a205bd6c6f32a6b6efd6afacb9079b81f15fe90c7f51e66a9f4701ae3944ba694a5645177129a6f60e884ec2bf05f0b691adfc4b2295c423e1b37e25607e95f6d092a0082089540edc7e5c47c70b32d8f858aa66361a024a8bba0395eb9f7d1a5a55d99f29b532b6b2dac948a1274bff263ecafd0601bdf98188d5555a0be5de9702e70a0fcf327cd226498d38840095731938c2cc5de4c295b5ae6a3f23c14fa0a3fef003723fb1c1b4138f040bf1c192eb397c3b6a409712f3d7ef3c4d86a31a179613b6551ab5fbd1476408635113e56a87bfa90d6ce794c94401c375e46958308fedeab2199a275c8001d4451b0b050d29ae9bb2b5a2ad2c78f935951330576a495cb5350441afdab60f88aedc2a04f5345eecab0c4421cf9a53ea2692ade7bd4f425027b47bcc59a9d663ef03fe7e3e45034476d812270d18c2af835485580131b47d14005717e8878213ecb8ee67cead4047e6d57d2aeed5c0f541e197881126a48aabe256449280e8d6e3de1f58cb213df6c7e8ba9fd3aa999f648f09c6a688780ab4247e709e32ad43349b9a9647b0eeeaade2e6f106e62b87d32784f45dc2d7c21ee9a2ef2e69c62ba135185e0096404df834f761fce2cea5fde39a0bfbbe7d3360a4a9a2121fd829daa627a03af9c6e4c3811e112262fe8f8e2efa408e699a9f0755e856999448709379c2c526e0bc0c6837c5d480aae25b0182d1abd2d9810bc4681b1e8ae47bc14e09f5e975ade4e7e703edf31f2bebde66b74f3a8031c3ebc82d022184c94832f1a7fd8cc7440b083a87c01fb7118101e0170c910147da1224157d5b9253952a8541b2922ca10f1add5724c93b3decbf80655af4252b0c82ee9db543ca8b8ec880d3e2f7711d95f6711671ad5640ca2d814d1865add2a267adcdf742eea659af801b20a7c2f1bb0dced81621eeb3932be92b7c3d465fe1683eaccf654d4ead26babc2fdd9ec3f8e1c469756ce2c4455598cb9f6e37afcff570bee7c23b4583f5e1ed09c8d6f8b48ef16a2622876779d41fb94d2a97350996173063445abfab728023a213895125f883c9fb9df4f3d36c31d32a66c426e43e4c19f979e81fbefe5cc315cce55f04eb5c6b7b1ee67a10c957e1141d7f896439f29d0fcf4a83244f3f7a9ca9b24fead148bfb1db75969cbe175b003e1cb53ecd11c4bf1cafb8f5d61ceb2c09caafe39cd7c6b2a9d48b893a3dc5992ceb7956442f1f06ff8f4ac69b9bba6a40287417b78f32cf84ee1e65b56b3ebba036b36dbdbaecd2db572ca4a9318fcb56bab127193fcff4f45bb145ecf4056321e9777ecf1e25effeb970d78fd4d7933ada8697c83dbbc7ae4b0e43ff18423430f4435ea4c42aae17fddb9b3923b8145a9f75a687ee3b5ecb6cc4d4e874fbb3b0414f0368b36fdab46524baae7faa4f94db762fa778fe316a3a76377eaa0517ffe6512344d226b929f7bb2f74a14a313b0d1464ec63338bf66cb6c5acd1e6df117b6292758ff60d8d2ece93fb7f7f815f17466e27cb10ae32223902b27e39cb1b034cdee23731065b6fce072037da20272ec8c196f4e7994fc78213f758fe970ed34bbba7f4e2d53d9e405cc73423bf1edac0613d480d02162b7b192d42dae4fa81fc6fefe48164445e2651675d68cb82e441cba8457b0c89ece83e94c03e20dcae94c35b2ebd2b9757f0dbdb2eb6979fc2f8824c2632ff1b3ca63067e53fcbb865e7098665f30f8239d9d6d4c2fb49a54e9a39cfcb45c7f458b8092c764c2db23d41dd4455d57e3d61c66454f395a376a20c5cd240c991c977f850a3d9ebd795e4ccde6e4448637eb8d7acf23ac9e2b6c3df32f7be47939bfe4d10b83030b868dadd09e59b5b05b73be0acb789ebbfa61a3fe183dfb61884f49892a3a4bcaa189410dc85682e6508e1cdbb92d6105d447c393552bc32cf0b4f433a49036240f44e12f70db0fe61715f768060ba7ecb8c5de83708137001cba7af19b4a858412e983f0a53da57dc4c995fba58a7df74973a6cdda89f966ce9daead478b26da6e848230edd6d0497ac42d2be5b8fec47eb8c82219b11e156f012d12b0990c7d38309293cb15b2d327e65f331cc125f8fe43c8d9e98b92577eda0af8f42138e9b7068bc57f4bc9e212f20fd513aac41a2d873545b0d144ad9d9eeb7a3685a66c79cee20db7af820c85b4a4f88357b6d26b21c8c851c1a1bf6ae8cfcd6b5446efae6fa128407125c5f917799763470548b57de7164e810ea26727c10d921b33d9c00f51d98a4f3ba7a7db9bf47125df451859eb3b8558399989f8f294c5597fe1033a59f8e1789656cc6b66eb7db93349d5e08b2ff6a413cf4ce3815135257898036eef05dc70e10fd208a4baa893439a758750656c5748889fe85ac02388272fa87e4195f04d995f1dca7e20b1c52e284c5a109ba03c506446f3e66da075a16eb2b37383a268df72ee5407fa85f3d5fd6ae436a6684ce6d335de97f2084a7074a01e09c6d832a1d69d6040206ecaadf118fb224549d7fb9280e075f921178cd1e417d36af89ba4fe221caba82d21ef1f69a95706cf1ade74bf4f18aa76d6537259c992612eb1f19ae208863d199b08e14498133d24f5cea50b84970b5fc809e16b899abc5babd9f179838e065dcc756b44e0d51efd96e9583e2761a53110e358a46427d120c9de71841773c1b771f8aa4d412d8873c6f2d015b13c726f81c4b9d783b02988ac546e430aed4ccad4e173f9a76d0743d7d16a5f1c92cff4f45ee523b69518bcef3e9916bcc313ee848dfb776b1297c0b37a891311fd22b1e7ea3d6d2d8a8076b022687a3d5ced78486159349137e404d968fc2d6945a3440b77e8e7edd4dce30dc9ab9dcada3c7c8542bae847ebe44fd1986f744b0e87ab94a41b759a2c101c1a217657ae0c5ab120dc0b89ad3aec1c17b114004f2e5c42399f2750fc3c221b81ed065a1f83356c9cce52b621a37cecc1096f74ec007a5e5284bfe8cf5d9288eed7e1981a59aab623e23768a1cf4a8ea058769064fec58c0338ef3a27ed8cce80a36e0ce31fe4fde7e24e7a6c2c7992c189495954e5de15fe61a619ee696efa998cebe78f48a0b974c97936bf99ffab974ebb9604187f67feada1824b80f7577e7e7946fa1003f4d439763e0ef11a71f588c8910850896d6d669136d064f310570947f57afc7bdbe430c01df85d81258a7f6e4bfb8f9113f1e165c823971354e6e93b04d123ee", 0x1000, 0xff, 0x0, 0x0, r5}, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x281, r3, &(0x7f0000001300)="49b4501736090c", 0x7, 0x1, 0x0, 0x2}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x6, 0x4, r2, &(0x7f0000001380)="c10d137bc242f5c64e3b0cc8e6329e7a923b0d2ce67c23a298912dbca6adf462be248e96ba515a3b180dce5b2a845b6b51df91ff7a1de0a63f2d2c8d63c83f97707f9aa768c2553503d17cf4aa8489c83f250b754cdd69f2", 0x58, 0x0, 0x0, 0x0, r6}, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x8, r1, &(0x7f0000001440)="2d79f8c37939485965f465da0c352bdaeb2651485797a018e2956dc8a304500f3173c5ac25570b7982539f2c564ac19c8fac7244c738151da637172a1f0107ad7c6fd5f8a5c62b95f530acc320f6e236b6bdf7b609aeab8ebfc8ff1df7e16486b238acf2edc02e8e11c196f9b65da4374d47fe0cf2de3cb904ea27b938e71c31c18afbd807cd68c59b9e4d7e74882828df97469ecac1984f6586a4749ed5b4493e94b34e82415afa3389a4105dbc89bb1c33f4d058525aef51feddc8769cbfb47c3aa9d7b2c92a51cb4afabdd7d21b0a9503fb192c3dea977985cda3196fe438ff31afe3a0c0", 0xe6, 0xfffffffffffffffd, 0x0, 0x1}])
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000008009b000040"])
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000000)="f593c0dc1506b07ead472f16cfef3960ccad1fcd55f61545cbc5166668651e8d02d9a635670b7f5dfb6947f2af9df2629ab6b50850a59358c012210ff9b677f537a97db3dad14cc4d4e8ae301d0f421f43a7e5bf993166940745fb2799a95927198b62e8b58becf418ade4c1b2f09a6f45378c5bb695649d955dc81c79b406ecfd5d2993f66348d78b9c78f62cf13d7fe693982545281ba74f589626f624d8e842d0fe77af9a68c19cfc6d0aff227b3848a665635e6a65e83813052184243f19e3848fee72e91ca04a40df6d590768f49e0981aa7ce19a0f4746e4129963a022193477f435c2631ecf1ff19fa0b33113a747b849d3dc3343", 0xf8}], 0x1)

1.305431186s ago: executing program 2 (id=3359):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x82, 0x42081)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x81, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x808, 0x2}, 0x20)
pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x3, 0x0, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800030020"], 0xfdef)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)

1.129843643s ago: executing program 0 (id=3360):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)}], 0x1}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000300e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)

780.55342ms ago: executing program 0 (id=3361):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xcb}]}, 0x2c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x4c, r4, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0xd6, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x800, 0x0, <r6=>0xffffffffffffffff})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x1b10, 0x0, 0x1, 0x7}, 0x2d, [0x2, 0x1, 0x704d, 0x1, 0x3, 0x1, 0x2, 0x7db, 0x4, 0xfffffc01, 0xfffffffc, 0x8, 0x200001, 0x100, 0xfe, 0x4a, 0x7, 0x5, 0x2ca, 0x8, 0x76, 0x8, 0x0, 0x200, 0x40, 0x19b2, 0x8000, 0x7, 0xc1, 0x4000000, 0x7, 0x3, 0xe, 0x7, 0x1, 0x1, 0x5, 0xf, 0x7, 0x10001, 0x9, 0x7f, 0x8, 0x6, 0xb, 0x4, 0x6, 0x40, 0x7f, 0x9, 0x1, 0x6, 0x9, 0x2284919, 0x4, 0x5643fa73, 0x5, 0x7, 0x800, 0x2, 0x8a, 0x6, 0x1, 0x6], [0xfffffed2, 0x7fffffff, 0xffff, 0x7, 0xe62, 0x3, 0x0, 0x9, 0xc33, 0xf, 0x7, 0x800, 0x6c368002, 0x4, 0x1000007, 0x0, 0x10, 0x5, 0x8, 0x8001, 0x3, 0x7fff, 0x9, 0x0, 0x5, 0x4, 0x4, 0x8, 0x40, 0xc14, 0x80000001, 0x3, 0x3, 0x7, 0x7, 0x8, 0x8, 0x5, 0x4, 0x9, 0x5, 0x3, 0x2, 0x4, 0xfffffffc, 0xfff, 0xa4, 0x4, 0x5, 0xd69, 0x9, 0xf404, 0xf1, 0x3, 0x3, 0x1, 0x4, 0x0, 0x0, 0x6, 0x8, 0x9, 0x4, 0x2], [0x196f4ffd, 0x1, 0x4, 0xfffffffc, 0x0, 0x7fff, 0x405, 0x9, 0x1, 0xffc, 0x7, 0x4, 0xc, 0x7, 0xa, 0xa, 0x6, 0x4, 0x5, 0x5, 0x2, 0x30000000, 0x644, 0xfffffffe, 0xfffffffd, 0x7, 0x10000, 0x7f, 0x7ff, 0xd, 0x400, 0x0, 0x41, 0x81, 0xc99, 0x25a, 0x2, 0xfffffffc, 0x2, 0x5d9fff6, 0x3ff, 0x9e, 0x4, 0x8, 0x10000, 0xe7, 0x200, 0x7af5, 0x0, 0x9, 0x0, 0xffff, 0x7, 0x6, 0x0, 0x81, 0x9, 0x2000002, 0x3, 0x100, 0x8, 0x0, 0x6, 0x10], [0xffefff80, 0xd5800000, 0x0, 0x4, 0x2, 0x62a, 0x9, 0x407, 0xb343, 0x4, 0x1, 0x8, 0x7, 0x10, 0xffffff81, 0x80000000, 0x5, 0x3, 0x201, 0xfff, 0x0, 0x0, 0x3c65, 0xa, 0x6, 0x80, 0xffffffff, 0x3, 0x2, 0x7, 0x1, 0x7, 0x7, 0x8, 0x1, 0x0, 0x9, 0x17ce, 0x0, 0x3, 0x6fe, 0xe, 0x7, 0x13b, 0x7, 0x8, 0xb757, 0x2, 0x117, 0x400996, 0x54, 0x8c1, 0x0, 0x5, 0x5, 0xf, 0x100, 0x10000400, 0x9, 0x5, 0x3, 0x9, 0xc, 0x2]}, 0x45c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$DRM_IOCTL_MODE_SETGAMMA(r6, 0xc02064a5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0})

529.961854ms ago: executing program 2 (id=3362):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in6={0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, '\x00', 0x37}, 0x1}, @in6={0xa, 0x4e20, 0x10001, @private1, 0x6}, @in={0x2, 0x4e24, @local}, @in6={0xa, 0x4e22, 0x7, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x81}, @in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e21, 0x0, @private0, 0x800}], 0xa0)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x40000103)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000064000000030a01010000000000000000010000000900030073797a300000000014000480080002400000000208000140000000000900010073797a300000000008000a40000000021c0008800c00024000000000000000000c0001"], 0xac}}, 0x0)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000080)=@name={0x1e, 0x2, 0x3, {{0x42}}}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00'})
writev(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000580)="051a00000e80006558f2878f02000000", 0x10}], 0x2)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r2, 0x10f, 0x84, &(0x7f0000000100), &(0x7f00000001c0)=0x4)
r4 = socket$tipc(0x1e, 0x2, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r5, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)=ANY=[@ANYBLOB="280000000b14010026bd7200fddbdf25080001"], 0x28}}, 0x0)
r6 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
shmat(r6, &(0x7f0000000000/0x2000)=nil, 0x5000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
shmctl$SHM_LOCK(r6, 0xb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bind$tipc(r4, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x1, 0x80}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1041, 0x2}, 0xfffffffffffffcf5)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="01000000000000e7230012800900014062000064000000001400028005000100f3ff000005001b0000000000"], 0x44}}, 0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="09000000030000000400010005000000860000002f1873865d7914d9ff403a37a61172d8f93398f59d08c7201d7cf3d665a513f6e25361cd27cd0464767ddf1af6582d73aa882c83f2e79372073145", @ANYBLOB="5d25d78d7ca994c2939f1296e574b440ccca86e0f406285893a88da7ba4976fbfa51f4e169d2e8fe7b4f112202cb09b2b09458a033df7ea2d413ce0ca194c00adbaa92d3ab73bf82a8315db4e802a0f0afb098fa10045fb33633f5ce6b8ac6e5459351254025743523770916dd20e81afb71fa11310df6783c899adfdc9d7209af184de660c0f3142e4f1011757cf3043a087979e34cf22552a8c52f6b7c13", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRESDEC], 0x50)
bind$tipc(r8, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x3, 0x4}}, 0x10, 0x0}, 0x4000)

367.785483ms ago: executing program 0 (id=3363):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$kcm(0x2, 0x3, 0x2)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x3, &(0x7f0000000ac0)='gid', &(0x7f0000000b00)='\xbf%#\x00', 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000280)={0x30, 0x5, 0x0, {0x0, 0x1, 0x3}}, 0x30)
read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0xefff, 0x0, 0x0)

7.681176ms ago: executing program 3 (id=3364):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_FLAGS={0x8, 0x9, 0x1, 0x0, 0x1}, @NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_DYNSET_OP={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1bb503, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040800)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
capget(0x0, &(0x7f00000001c0)={0x7, 0x1, 0x2e7, 0x8, 0x1, 0x86d7})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000090000000000000034270072601374596eb88dd35a0973325d9dab980dfa37e1fbe2fd78ba7b486f8ca4f5b1cfa7011af17602d31d1ec1062a2ffa8d05", @ANYRES32=r4, @ANYBLOB="00d23161381d18cd4a0012800b00010062726964f3181d52b1f0ba1c3960f6c0146a0d676500002c0002800200230006000000000000000c00210003000000000000000580e6828b585c11d969de837012c7265edcec125645643855f79399ac607b847a68ef14e06ded41077afaee6ee776777eabedb6894f0a128b4b231ba57f57681895fbfd6b170e26d997fd73cbee2d7294f7f4ae32489cd9d439e7ccc6b711aad3fa45d2ca255fdb"], 0x5c}, 0x1, 0x0, 0x0, 0x2000c806}, 0x0)
sendto$inet(0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0x10, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
poll(&(0x7f0000000240)=[{0xffffffffffffffff, 0x4018}], 0x1, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
syz_open_dev$swradio(&(0x7f0000000580), 0x1, 0x2)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000540)="1d9de0ccf3678f43db0934b548ab5787a140c9341efcd419de9bacc88d7433bc3cad0b0c184f9a70ada3b45a8c36c16893f95ab1570059742250d120a8", 0x3d}], 0x1}}], 0x1, 0x4001c20)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty, 0x8}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x408, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x338, 0xffffffff, 0xffffffff, 0x338, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'dvmrp0\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x30}, 0x0, 0x238, 0x268, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@rt={{0x138}, {0xf, [0xd, 0x4], 0x0, 0x4, 0x6, [@empty, @private0, @loopback, @ipv4={'\x00', '\xff\xff', @loopback}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, @mcast2, @empty, @dev={0xfe, 0x80, '\x00', 0x2d}, @mcast2, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @loopback, @loopback, @mcast2], 0xa}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x200}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x468)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xffd8}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

0s ago: executing program 2 (id=3365):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000180)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x5b}}], 0x1, 0x2000c000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0xc, &(0x7f00000000c0)=@gcm_128={{0x304}, "8acec268a13f49f2", "b9af6c0a7eb98d5565aab422d0fa2581", "e2504010", "27c505eb92342481"}, 0x28)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x481, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x282100)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r4)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_udp(0x2, 0x2, 0x0)
userfaultfd(0x80801)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x32, &(0x7f0000000240)={@multicast, @multicast, @val={@void, {0x8100, 0x5, 0x0, 0x3}}, {@arp={0x806, @generic={0x118, 0xc, 0x6, 0xa, 0x1, @multicast, "0264ed4c0d22a40803ed", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, "0cca"}}}}, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0xfffffffffffffffd, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
creat(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r7, 0x13)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)

kernel console output (not intermixed with test programs):

or's value: 3
[  932.670630][   T43] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  932.680659][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  932.689938][   T43] usb 1-1: SerialNumber: syz
[  933.435302][ T5900] usb 2-1: USB disconnect, device number 119
[  933.972713][T17191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2994'.
[  934.178500][T17196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2996'.
[  934.200311][T17196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2996'.
[  934.288667][T17198] futex_wake_op: syz.4.2995 tries to shift op by 36; fix this program
[  935.253169][   T43] usb 1-1: 0:2 : does not exist
[  935.375693][   T43] usb 1-1: USB disconnect, device number 102
[  935.439502][T16210] udevd[16210]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  936.550037][T17223] futex_wake_op: syz.0.3004 tries to shift op by 36; fix this program
[  936.901814][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  936.908197][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  937.547971][ T5830] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  937.567991][ T5830] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  937.582144][ T5830] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  937.593003][ T5830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  937.603995][ T5830] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  937.868243][T17235] chnl_net:caif_netlink_parms(): no params data found
[  937.992736][T17235] bridge0: port 1(bridge_slave_0) entered blocking state
[  938.000345][T17235] bridge0: port 1(bridge_slave_0) entered disabled state
[  938.008228][T17235] bridge_slave_0: entered allmulticast mode
[  938.015987][T17235] bridge_slave_0: entered promiscuous mode
[  938.024612][T17235] bridge0: port 2(bridge_slave_1) entered blocking state
[  938.033150][T17235] bridge0: port 2(bridge_slave_1) entered disabled state
[  938.040745][T17235] bridge_slave_1: entered allmulticast mode
[  938.048616][T17235] bridge_slave_1: entered promiscuous mode
[  938.085137][T17235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  938.098487][T17235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  938.140212][T17235] team0: Port device team_slave_0 added
[  938.161347][T17235] team0: Port device team_slave_1 added
[  938.208223][T17235] batman_adv: batadv0: Adding interface: batadv_slave_0
[  938.215431][T17235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  938.241471][    C0] vkms_vblank_simulate: vblank timer overrun
[  938.251844][T17235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  938.265409][T17235] batman_adv: batadv0: Adding interface: batadv_slave_1
[  938.275429][T17235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  938.301432][    C0] vkms_vblank_simulate: vblank timer overrun
[  938.313888][T17235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  938.392653][T17235] hsr_slave_0: entered promiscuous mode
[  938.406565][T17235] hsr_slave_1: entered promiscuous mode
[  938.433690][T17235] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  938.466066][T17235] Cannot create hsr debugfs directory
[  939.086020][T17235] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  939.104613][T17235] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.221351][T17235] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  939.233487][T17235] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.281862][T17198] rtc_cmos 00:00: Alarms can be up to one day in the future
[  939.348656][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  939.359167][T17235] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  939.373460][T17235] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.396175][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  939.418772][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  939.444845][T17248] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3009'.
[  939.461631][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  939.485623][T17235] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  939.516069][   T43] rtc rtc0: __rtc_set_alarm: err=-22
[  939.541288][T17235] bridge0: port 3(netdevsim0) entered disabled state
[  939.596335][T17235] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  939.610370][T17235] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.686919][T16648] Bluetooth: hci5: command tx timeout
[  939.721716][T17251] bridge_slave_0: entered promiscuous mode
[  939.738115][T17251] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  939.777137][T17252] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  939.810016][T17256] bridge3: the hash_elasticity option has been deprecated and is always 16
[  939.831250][T17259] futex_wake_op: syz.0.3012 tries to shift op by 36; fix this program
[  939.877042][ T5893] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  940.036918][ T5893] usb 4-1: device descriptor read/64, error -71
[  940.138989][T17235] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  940.159001][T17235] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  940.177996][T17235] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  940.203910][T17235] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  940.277921][ T5893] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  940.380036][T17235] 8021q: adding VLAN 0 to HW filter on device bond0
[  940.408155][T17277] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3015'.
[  940.424361][T17235] 8021q: adding VLAN 0 to HW filter on device team0
[  940.432083][ T5893] usb 4-1: device descriptor read/64, error -71
[  940.465026][ T7456] bridge0: port 1(bridge_slave_0) entered blocking state
[  940.472299][ T7456] bridge0: port 1(bridge_slave_0) entered forwarding state
[  940.528193][ T7456] bridge0: port 2(bridge_slave_1) entered blocking state
[  940.535458][ T7456] bridge0: port 2(bridge_slave_1) entered forwarding state
[  940.557659][ T5893] usb usb4-port1: attempt power cycle
[  940.699099][T17287] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3017'.
[  940.722317][T17235] 8021q: adding VLAN 0 to HW filter on device batadv0
[  940.736521][T17287] 8021q: VLANs not supported on gre0
[  940.855482][T17235] veth0_vlan: entered promiscuous mode
[  940.881418][T17235] veth1_vlan: entered promiscuous mode
[  940.896871][ T5893] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  940.930597][ T5893] usb 4-1: device descriptor read/8, error -71
[  940.955606][T17235] veth0_macvtap: entered promiscuous mode
[  940.969017][T17235] veth1_macvtap: entered promiscuous mode
[  940.996402][T17235] batman_adv: batadv0: Interface activated: batadv_slave_0
[  941.038375][T17235] batman_adv: batadv0: Interface activated: batadv_slave_1
[  941.102353][T17235] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  941.113892][T17235] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  941.124025][T17235] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  941.137090][T17235] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  941.187066][ T5893] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  941.229555][ T5893] usb 4-1: device descriptor read/8, error -71
[  941.295438][T17298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3019'.
[  941.341759][ T5893] usb usb4-port1: unable to enumerate USB device
[  941.447076][T11688] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[  941.484408][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  941.514638][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  941.625423][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  941.642085][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  941.657472][T11688] usb 2-1: Using ep0 maxpacket: 8
[  941.689269][T11688] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  941.736598][T11688] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  941.767774][T16648] Bluetooth: hci5: command tx timeout
[  941.780206][T11688] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  941.845954][T11688] usb 2-1: config 0 descriptor??
[  943.636505][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  943.675445][T17322] rtc_cmos 00:00: Alarms can be up to one day in the future
[  943.687005][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  943.772919][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  943.781417][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  943.791209][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  943.833745][T17322] futex_wake_op: syz.0.3024 tries to shift op by 36; fix this program
[  943.859210][T16648] Bluetooth: hci5: command tx timeout
[  943.989953][T17315] rtc_cmos 00:00: Alarms can be up to one day in the future
[  944.307168][   T43] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  944.348596][T15870] rtc_cmos 00:00: Alarms can be up to one day in the future
[  944.356591][T15870] rtc_cmos 00:00: Alarms can be up to one day in the future
[  944.417468][T15870] rtc_cmos 00:00: Alarms can be up to one day in the future
[  944.425268][T15870] rtc_cmos 00:00: Alarms can be up to one day in the future
[  944.462909][T15870] rtc rtc0: __rtc_set_alarm: err=-22
[  945.180899][   T43] usb 4-1: config 0 has no interfaces?
[  945.221696][   T43] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  945.223450][T11688] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  945.256935][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  945.289143][   T43] usb 4-1: Product: syz
[  945.293476][   T43] usb 4-1: Manufacturer: syz
[  945.313817][   T43] usb 4-1: SerialNumber: syz
[  945.341843][   T43] usb 4-1: config 0 descriptor??
[  945.454926][T11688] usb 2-1: USB disconnect, device number 120
[  945.848622][T16648] Bluetooth: hci1: command tx timeout
[  945.858164][T17325] chnl_net:caif_netlink_parms(): no params data found
[  945.928532][T16648] Bluetooth: hci5: command tx timeout
[  946.696122][T12337] usb 4-1: USB disconnect, device number 19
[  947.045911][   T30] audit: type=1326 audit(1750590368.544:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bdc98e929 code=0x7ffc0000
[  947.068371][    C0] vkms_vblank_simulate: vblank timer overrun
[  947.129391][   T30] audit: type=1326 audit(1750590368.544:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bdc98e929 code=0x7ffc0000
[  947.151934][    C0] vkms_vblank_simulate: vblank timer overrun
[  947.286940][T15870] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[  947.438430][T17363] futex_wake_op: syz.1.3032 tries to shift op by 36; fix this program
[  947.457858][   T30] audit: type=1326 audit(1750590368.544:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0bdc98d290 code=0x7ffc0000
[  947.466965][T15870] usb 1-1: Using ep0 maxpacket: 8
[  947.497203][T15870] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  947.517164][T15870] usb 1-1: config 0 has no interface number 0
[  947.526782][   T30] audit: type=1326 audit(1750590368.544:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0bdc98e52b code=0x7ffc0000
[  947.537637][T15870] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  947.585719][   T30] audit: type=1326 audit(1750590368.544:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bdc98e929 code=0x7ffc0000
[  947.587174][   T43] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  947.627011][T15870] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  947.657217][T15870] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  947.678240][T15870] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  947.692466][T15870] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  947.701970][T15870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  947.712881][T15870] usb 1-1: config 0 descriptor??
[  947.734666][T15870] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  947.756882][   T30] audit: type=1326 audit(1750590368.544:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bdc98e929 code=0x7ffc0000
[  947.833832][   T43] usb 4-1: config 0 has an invalid interface number: 229 but max is 0
[  947.833836][   T30] audit: type=1326 audit(1750590368.544:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0bdc98d290 code=0x7ffc0000
[  947.869759][   T30] audit: type=1326 audit(1750590368.544:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0bdc98e52b code=0x7ffc0000
[  947.902480][   T43] usb 4-1: config 0 has no interface number 0
[  947.903727][   T30] audit: type=1326 audit(1750590368.544:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0bdc98e52b code=0x7ffc0000
[  947.912677][   T43] usb 4-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice= c.19
[  947.939871][   T30] audit: type=1326 audit(1750590368.544:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17357 comm="syz.0.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0bdc98e52b code=0x7ffc0000
[  947.944699][T16648] Bluetooth: hci1: command tx timeout
[  948.012207][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.077089][   T43] usb 4-1: config 0 descriptor??
[  948.176007][T17372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  948.234110][T17372] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  948.541736][T17359] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3034'.
[  948.590128][   T13] dvmrp0 (unregistering): left allmulticast mode
[  949.098843][   T13] bond1 (unregistering): (slave bond2): Releasing backup interface
[  949.107249][   T13] bond2 (unregistering): left promiscuous mode
[  949.114990][   T13] bond1 (unregistering): Released all slaves
[  949.306468][   T13] bond2 (unregistering): Released all slaves
[  949.443155][ T5900] usb 1-1: USB disconnect, device number 103
[  949.492698][ T5900] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  949.571448][   T13] tipc: Left network mode
[  949.580512][T17325] bridge0: port 1(bridge_slave_0) entered blocking state
[  949.591231][T17325] bridge0: port 1(bridge_slave_0) entered disabled state
[  949.601351][T17325] bridge_slave_0: entered allmulticast mode
[  949.622583][T17325] bridge_slave_0: entered promiscuous mode
[  949.635861][T17325] bridge0: port 2(bridge_slave_1) entered blocking state
[  949.644558][T17325] bridge0: port 2(bridge_slave_1) entered disabled state
[  949.660676][T17325] bridge_slave_1: entered allmulticast mode
[  949.673440][T17325] bridge_slave_1: entered promiscuous mode
[  949.709141][T17384] futex_wake_op: syz.2.3037 tries to shift op by 36; fix this program
[  949.733510][T17325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  949.754843][T17325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  949.836337][T17325] team0: Port device team_slave_0 added
[  949.851464][T17325] team0: Port device team_slave_1 added
[  949.941894][T17325] batman_adv: batadv0: Adding interface: batadv_slave_0
[  949.949163][T17325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  949.975051][    C0] vkms_vblank_simulate: vblank timer overrun
[  950.016913][T16648] Bluetooth: hci1: command tx timeout
[  950.021745][T17325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  950.039978][T17325] batman_adv: batadv0: Adding interface: batadv_slave_1
[  950.050327][T17325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  950.082512][T17325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  950.142925][   T13] hsr_slave_0: left promiscuous mode
[  950.162811][   T13] hsr_slave_1: left promiscuous mode
[  950.171412][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  950.195696][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  950.532220][ T5900] usb 4-1: USB disconnect, device number 20
[  950.605084][T17393] loop8: detected capacity change from 0 to 7
[  950.655225][T17393] Dev loop8: unable to read RDB block 7
[  950.675206][T17393]  loop8: unable to read partition table
[  950.689317][T17393] loop8: partition table beyond EOD, truncated
[  950.706322][T17393] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  951.099012][T15870] usb 2-1: new high-speed USB device number 121 using dummy_hcd
[  951.292858][T15870] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  951.324310][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.351397][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.398831][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.415786][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.433311][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.452696][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.500492][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.547367][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.611964][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.630073][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.639931][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.652808][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.678405][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.705200][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.740341][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.763018][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.792638][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.833790][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.867822][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.873923][   T13] team0 (unregistering): Port device team_slave_1 removed
[  951.877038][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.877073][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.878461][T15870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  951.937114][T15870] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  951.961353][T15870] usb 2-1: config 0 interface 0 has no altsetting 0
[  951.982575][T15870] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  951.992450][T15870] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  952.006865][T15870] usb 2-1: Product: syz
[  952.011197][T15870] usb 2-1: Manufacturer: syz
[  952.036386][T15870] usb 2-1: SerialNumber: syz
[  952.050533][T15870] usb 2-1: config 0 descriptor??
[  952.087096][T16648] Bluetooth: hci1: command tx timeout
[  952.099070][T15870] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  952.174677][   T13] team0 (unregistering): Port device team_slave_0 removed
[  952.349689][    C1] usb 2-1: yurex_control_callback - control failed: -71
[  952.362849][T15870] usb 2-1: USB disconnect, device number 121
[  952.388005][T15870] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  954.019761][T17402] batman_adv: batadv0: Interface deactivated: dummy0
[  954.026791][T17402] batman_adv: batadv0: Removing interface: dummy0
[  954.335089][T17402] bond0: (slave 
3
@0ÿ): Releasing backup interface
[  954.408443][T17402] 
@0ÿ: left promiscuous mode
[  954.420652][T17402] bond0: (slave bond_slave_1): Releasing backup interface
[  954.809984][T17442] futex_wake_op: syz.3.3049 tries to shift op by 36; fix this program
[  955.374130][T17402] bond_slave_1: left promiscuous mode
[  955.740046][T17402] team_slave_0: left promiscuous mode
[  955.937018][T17402] team0: Port device team_slave_0 removed
[  956.077073][T15870] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[  956.270297][T15870] usb 3-1: Using ep0 maxpacket: 8
[  956.282918][T15870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  956.323192][T15870] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  956.362571][T15870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  956.404035][T15870] usb 3-1: config 0 descriptor??
[  956.707809][T17402] team_slave_1: left promiscuous mode
[  956.802668][T17402] team0: Port device team_slave_1 removed
[  956.813884][T17402] batman_adv: batadv0: Removing interface: batadv_slave_0
[  956.824991][T17402] batman_adv: batadv0: Removing interface: batadv_slave_1
[  956.839925][T17402] geneve0: left promiscuous mode
[  956.853996][T17402] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  956.992522][T17402] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  957.009986][T17402] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  957.025686][T17402] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  957.063350][T17402] team0: Port device geneve0 removed
[  957.083235][T17402] bond2: (slave gretap1): Releasing active interface
[  957.172497][T17325] hsr_slave_0: entered promiscuous mode
[  957.184071][T17325] hsr_slave_1: entered promiscuous mode
[  957.227742][T17325] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  957.240564][T17325] Cannot create hsr debugfs directory
[  958.831576][T17465] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3052'.
[  958.958941][T15870] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  959.031420][T15870] usb 3-1: USB disconnect, device number 127
[  959.176206][T17477] FAULT_INJECTION: forcing a failure.
[  959.176206][T17477] name failslab, interval 1, probability 0, space 0, times 0
[  959.202985][T17477] CPU: 1 UID: 0 PID: 17477 Comm: syz.2.3054 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  959.203019][T17477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  959.203034][T17477] Call Trace:
[  959.203044][T17477]  <TASK>
[  959.203055][T17477]  dump_stack_lvl+0x189/0x250
[  959.203094][T17477]  ? __pfx____ratelimit+0x10/0x10
[  959.203136][T17477]  ? __pfx_dump_stack_lvl+0x10/0x10
[  959.203170][T17477]  ? __pfx__printk+0x10/0x10
[  959.203202][T17477]  ? __pfx___might_resched+0x10/0x10
[  959.203242][T17477]  should_fail_ex+0x414/0x560
[  959.203275][T17477]  should_failslab+0xa8/0x100
[  959.203300][T17477]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  959.203324][T17477]  ? __alloc_skb+0x112/0x2d0
[  959.203354][T17477]  __alloc_skb+0x112/0x2d0
[  959.203383][T17477]  netlink_sendmsg+0x5c6/0xb30
[  959.203421][T17477]  ? __pfx_netlink_sendmsg+0x10/0x10
[  959.203451][T17477]  ? aa_sock_msg_perm+0x94/0x160
[  959.203482][T17477]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  959.203510][T17477]  ? __pfx_netlink_sendmsg+0x10/0x10
[  959.203537][T17477]  __sock_sendmsg+0x21c/0x270
[  959.203574][T17477]  ____sys_sendmsg+0x505/0x830
[  959.203608][T17477]  ? __pfx_____sys_sendmsg+0x10/0x10
[  959.203646][T17477]  ? import_iovec+0x74/0xa0
[  959.203671][T17477]  ___sys_sendmsg+0x21f/0x2a0
[  959.203702][T17477]  ? __pfx____sys_sendmsg+0x10/0x10
[  959.203767][T17477]  ? __fget_files+0x2a/0x420
[  959.203792][T17477]  ? __fget_files+0x3a0/0x420
[  959.203826][T17477]  __x64_sys_sendmsg+0x19b/0x260
[  959.203856][T17477]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  959.203896][T17477]  ? __pfx_ksys_write+0x10/0x10
[  959.203914][T17477]  ? rcu_is_watching+0x15/0xb0
[  959.203954][T17477]  ? do_syscall_64+0xbe/0x3b0
[  959.203978][T17477]  do_syscall_64+0xfa/0x3b0
[  959.203997][T17477]  ? lockdep_hardirqs_on+0x9c/0x150
[  959.204028][T17477]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.204051][T17477]  ? clear_bhb_loop+0x60/0xb0
[  959.204090][T17477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.204118][T17477] RIP: 0033:0x7f37fc78e929
[  959.204137][T17477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  959.204156][T17477] RSP: 002b:00007f37fa5d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  959.204186][T17477] RAX: ffffffffffffffda RBX: 00007f37fc9b6080 RCX: 00007f37fc78e929
[  959.204203][T17477] RDX: 000000002008c014 RSI: 0000200000000580 RDI: 0000000000000003
[  959.204218][T17477] RBP: 00007f37fa5d5090 R08: 0000000000000000 R09: 0000000000000000
[  959.204232][T17477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  959.204246][T17477] R13: 0000000000000000 R14: 00007f37fc9b6080 R15: 00007f37fcadfa28
[  959.204278][T17477]  </TASK>
[  959.531648][T17462] bond_slave_0: entered promiscuous mode
[  959.537910][T17462] bond_slave_1: entered promiscuous mode
[  959.547393][T17462] macsec1: entered allmulticast mode
[  959.552907][T17462] bond0: entered allmulticast mode
[  959.563096][T17462] bond_slave_0: entered allmulticast mode
[  959.681715][T17462] bond_slave_1: entered allmulticast mode
[  959.765691][T17481] bridge2: entered allmulticast mode
[  960.158578][ T5918] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  960.270951][T17495] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3058'.
[  960.662125][ T5918] usb 3-1: config 0 has no interfaces?
[  960.739074][ T5918] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  960.770322][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  960.784905][ T5918] usb 3-1: Product: syz
[  960.819471][ T5918] usb 3-1: Manufacturer: syz
[  960.883127][ T5918] usb 3-1: SerialNumber: syz
[  960.895574][T17501] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  960.935381][ T5918] usb 3-1: config 0 descriptor??
[  961.271775][   T30] kauditd_printk_skb: 63 callbacks suppressed
[  961.271791][   T30] audit: type=1326 audit(1750590382.784:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.300886][    C0] vkms_vblank_simulate: vblank timer overrun
[  961.387675][T17325] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  961.427455][T17325] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  961.443680][   T30] audit: type=1326 audit(1750590382.824:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.466303][    C0] vkms_vblank_simulate: vblank timer overrun
[  961.549663][T17325] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  961.582603][T17325] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  961.595412][   T30] audit: type=1326 audit(1750590382.834:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.617869][    C0] vkms_vblank_simulate: vblank timer overrun
[  961.660345][   T30] audit: type=1326 audit(1750590382.834:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.703976][   T30] audit: type=1326 audit(1750590382.834:3143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.730114][   T30] audit: type=1326 audit(1750590382.854:3144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.752659][    C0] vkms_vblank_simulate: vblank timer overrun
[  961.774898][   T30] audit: type=1326 audit(1750590382.854:3145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.856097][   T30] audit: type=1326 audit(1750590382.854:3146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  961.930514][T17515] futex_wake_op: syz.1.3062 tries to shift op by 36; fix this program
[  962.129019][T17325] 8021q: adding VLAN 0 to HW filter on device bond0
[  962.146614][   T30] audit: type=1326 audit(1750590382.854:3147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  962.261503][T17325] 8021q: adding VLAN 0 to HW filter on device team0
[  962.451151][   T30] audit: type=1326 audit(1750590382.854:3148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.3.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff260f8e929 code=0x7ffc0000
[  962.482541][ T7446] bridge0: port 1(bridge_slave_0) entered blocking state
[  962.489759][ T7446] bridge0: port 1(bridge_slave_0) entered forwarding state
[  962.562296][ T7446] bridge0: port 2(bridge_slave_1) entered blocking state
[  962.569510][ T7446] bridge0: port 2(bridge_slave_1) entered forwarding state
[  962.783857][T17536] bridge0: port 2(vlan3) entered blocking state
[  962.794864][T17536] bridge0: port 2(vlan3) entered disabled state
[  962.809881][T17536] vlan3: entered allmulticast mode
[  962.822027][T17536] bond0: entered allmulticast mode
[  962.832878][T17536] 
@0ÿ: entered allmulticast mode
[  962.863637][T17536] bond_slave_1: entered allmulticast mode
[  962.998962][T17536] vlan3: entered promiscuous mode
[  963.173867][T17536] bond0: entered promiscuous mode
[  963.188670][T17536] 
@0ÿ: entered promiscuous mode
[  963.199522][T17536] bond_slave_1: entered promiscuous mode
[  963.229907][T17543] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3066'.
[  963.618955][T17325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  963.859215][T17325] veth0_vlan: entered promiscuous mode
[  963.883732][T15870] usb 3-1: USB disconnect, device number 2
[  964.016339][T17325] veth1_vlan: entered promiscuous mode
[  964.135074][T17325] veth0_macvtap: entered promiscuous mode
[  964.218466][T17325] veth1_macvtap: entered promiscuous mode
[  964.391423][T17325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  964.455990][T17325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  964.498001][T17325] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  964.587328][T17325] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  964.596248][T17325] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  964.615498][T17325] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  964.902602][T17559] dns_resolver: Unsupported server list version (0)
[  965.154429][ T1326] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  965.193386][ T1326] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  965.300274][ T7458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  965.379550][ T7458] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  966.804178][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  966.831311][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  966.850449][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  966.859474][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  966.879313][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  967.510996][ T7458] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  967.694732][T17609] futex_wake_op: syz.1.3080 tries to shift op by 36; fix this program
[  968.244414][ T7458] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  968.315992][T17614] vivid-000: disconnect
[  968.687992][T17590] vivid-000: reconnect
[  968.718232][T17618] ip6gre1: entered allmulticast mode
[  968.968275][ T7458] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  969.010441][T16648] Bluetooth: hci0: command tx timeout
[  969.351778][ T7458] netdevsim netdevsim3 ªªªªªª (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.761151][T17657] FAULT_INJECTION: forcing a failure.
[  970.761151][T17657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  970.824507][ T7458] vlan3: left allmulticast mode
[  970.881656][T17657] CPU: 0 UID: 0 PID: 17657 Comm: syz.0.3086 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  970.881690][T17657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  970.881703][T17657] Call Trace:
[  970.881712][T17657]  <TASK>
[  970.881722][T17657]  dump_stack_lvl+0x189/0x250
[  970.881762][T17657]  ? __pfx____ratelimit+0x10/0x10
[  970.881796][T17657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  970.881830][T17657]  ? __pfx__printk+0x10/0x10
[  970.881870][T17657]  ? __might_fault+0xb0/0x130
[  970.881904][T17657]  should_fail_ex+0x414/0x560
[  970.881937][T17657]  _copy_from_iter+0x1db/0x16f0
[  970.881974][T17657]  ? sock_alloc_send_pskb+0x875/0x990
[  970.882003][T17657]  ? __pfx__copy_from_iter+0x10/0x10
[  970.882033][T17657]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  970.882057][T17657]  skb_copy_datagram_from_iter+0xf5/0x720
[  970.882084][T17657]  ? skb_put+0x11b/0x210
[  970.882105][T17657]  unix_dgram_sendmsg+0x5af/0x1870
[  970.882130][T17657]  ? count_memcg_event_mm+0x21/0x260
[  970.882157][T17657]  ? __up_read+0x280/0x680
[  970.882176][T17657]  ? aa_sk_perm+0x81e/0x950
[  970.882197][T17657]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  970.882228][T17657]  ? aa_sock_msg_perm+0x94/0x160
[  970.882254][T17657]  ? unix_seqpacket_sendmsg+0x111/0x1e0
[  970.882277][T17657]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  970.882300][T17657]  __sock_sendmsg+0x21c/0x270
[  970.882327][T17657]  ____sys_sendmsg+0x52d/0x830
[  970.882351][T17657]  ? __pfx_____sys_sendmsg+0x10/0x10
[  970.882378][T17657]  ? import_iovec+0x74/0xa0
[  970.882395][T17657]  ___sys_sendmsg+0x21f/0x2a0
[  970.882417][T17657]  ? __pfx____sys_sendmsg+0x10/0x10
[  970.882469][T17657]  ? __might_fault+0xb0/0x130
[  970.882487][T17657]  __sys_sendmmsg+0x227/0x430
[  970.882511][T17657]  ? __pfx___sys_sendmmsg+0x10/0x10
[  970.882529][T17657]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  970.882573][T17657]  ? ksys_write+0x22a/0x250
[  970.882590][T17657]  ? __pfx_ksys_write+0x10/0x10
[  970.882603][T17657]  ? rcu_is_watching+0x15/0xb0
[  970.882633][T17657]  __x64_sys_sendmmsg+0xa0/0xc0
[  970.882654][T17657]  do_syscall_64+0xfa/0x3b0
[  970.882668][T17657]  ? lockdep_hardirqs_on+0x9c/0x150
[  970.882692][T17657]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.882707][T17657]  ? clear_bhb_loop+0x60/0xb0
[  970.882726][T17657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.882742][T17657] RIP: 0033:0x7f0bdc98e929
[  970.882756][T17657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  970.882770][T17657] RSP: 002b:00007f0bdd89d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  970.882787][T17657] RAX: ffffffffffffffda RBX: 00007f0bdcbb5fa0 RCX: 00007f0bdc98e929
[  970.882799][T17657] RDX: 0000000004000190 RSI: 0000200000000180 RDI: 0000000000000003
[  970.882810][T17657] RBP: 00007f0bdd89d090 R08: 0000000000000000 R09: 0000000000000000
[  970.882820][T17657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  970.882830][T17657] R13: 0000000000000000 R14: 00007f0bdcbb5fa0 R15: 00007f0bdccdfa28
[  970.882852][T17657]  </TASK>
[  970.946918][ T7458] bond0: left allmulticast mode
[  970.949068][    C0] vkms_vblank_simulate: vblank timer overrun
[  970.954376][ T7458] 
@0ÿ: left allmulticast mode
[  971.206189][ T7458] bond_slave_1: left allmulticast mode
[  971.247126][T16648] Bluetooth: hci0: command tx timeout
[  971.328988][ T7458] vlan3: left promiscuous mode
[  971.333845][ T7458] bond0: left promiscuous mode
[  971.407875][ T7458] 
@0ÿ: left promiscuous mode
[  971.412904][ T7458] bond_slave_1: left promiscuous mode
[  971.452080][ T7458] bridge0: port 2(vlan3) entered disabled state
[  971.522795][ T7458] veth0_to_bond: left allmulticast mode
[  971.541858][ T7458] veth0_to_bond: left promiscuous mode
[  971.609995][ T7458] bridge0: port 1(veth0_to_bond) entered disabled state
[  971.816978][ T5900] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[  971.966829][ T5900] usb 5-1: Using ep0 maxpacket: 8
[  971.994648][ T5900] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  972.045242][ T5900] usb 5-1: config 0 has no interface number 0
[  972.116994][ T5900] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  972.144655][ T5900] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  972.164079][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  972.238730][ T5900] usb 5-1: config 0 descriptor??
[  972.253418][ T5900] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  973.287357][T16648] Bluetooth: hci0: command tx timeout
[  973.697167][ T5900] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[  973.761188][ T7458] bond0 (unregistering): (slave 
3
@0ÿ): Releasing backup interface
[  973.788740][ T7458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  973.809758][ T7458] bond0 (unregistering): Released all slaves
[  973.880178][ T5900] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  973.891442][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.948148][ T5900] usb 2-1: config 0 descriptor??
[  974.038067][ T5900] cp210x 2-1:0.0: cp210x converter detected
[  974.150486][ T7458] bond1 (unregistering): Released all slaves
[  974.183017][ T7458] bond2 (unregistering): Released all slaves
[  974.216278][T17589] chnl_net:caif_netlink_parms(): no params data found
[  974.344658][ T5918] usb 5-1: USB disconnect, device number 105
[  975.011363][T17589] bridge0: port 1(bridge_slave_0) entered blocking state
[  975.042942][T17589] bridge0: port 1(bridge_slave_0) entered disabled state
[  975.065827][T17589] bridge_slave_0: entered allmulticast mode
[  975.095574][T17589] bridge_slave_0: entered promiscuous mode
[  975.225561][T17589] bridge0: port 2(bridge_slave_1) entered blocking state
[  975.235022][ T5900] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -71
[  975.250744][T17589] bridge0: port 2(bridge_slave_1) entered disabled state
[  975.263220][ T5900] cp210x 2-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  975.272088][T17589] bridge_slave_1: entered allmulticast mode
[  975.278480][ T5900] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  975.287617][T17589] bridge_slave_1: entered promiscuous mode
[  975.311957][ T5900] usb 2-1: cp210x converter now attached to ttyUSB0
[  975.349675][ T5900] usb 2-1: USB disconnect, device number 122
[  975.367169][T16648] Bluetooth: hci0: command tx timeout
[  975.387196][T11688] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[  975.403184][ T5900] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  975.433297][ T5900] cp210x 2-1:0.0: device disconnected
[  975.532773][T17589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  975.549177][T11688] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  975.581996][T11688] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  975.620112][ T7458] hsr_slave_0: left promiscuous mode
[  975.630105][T11688] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  975.691561][ T7458] hsr_slave_1: left promiscuous mode
[  975.712696][ T7458] batman_adv: batadv0: Interface deactivated: dummy0
[  975.727252][T11688] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  975.788826][ T7458] batman_adv: batadv0: Removing interface: dummy0
[  975.807910][T17732] futex_wake_op: syz.1.3098 tries to shift op by 36; fix this program
[  975.822716][T11688] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  975.834747][T11688] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  975.848869][ T7458] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  975.906981][ T7458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  975.942803][ T7458] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  975.960072][ T7458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  975.975783][T11688] usb 5-1: config 0 descriptor??
[  976.074163][ T7458] veth0_macvtap: left promiscuous mode
[  976.082951][ T7458] veth1_vlan: left promiscuous mode
[  976.089776][ T7458] veth0_vlan: left promiscuous mode
[  976.281737][T11688] usb 5-1: USB disconnect, device number 106
[  976.362869][ T7458] pim6reg9 (unregistering): left allmulticast mode
[  976.453478][ T7458] pimreg3 (unregistering): left allmulticast mode
[  978.562751][ T7458] team0 (unregistering): Port device team_slave_1 removed
[  978.634715][ T7458] team0 (unregistering): Port device team_slave_0 removed
[  979.256546][T17589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  979.538570][T17589] team0: Port device team_slave_0 added
[  979.569729][T17589] team0: Port device team_slave_1 added
[  979.855663][T17589] batman_adv: batadv0: Adding interface: batadv_slave_0
[  979.886758][T17589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  979.964884][T17589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  979.981698][T17780] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3108'.
[  980.015944][T17589] batman_adv: batadv0: Adding interface: batadv_slave_1
[  980.036958][T17589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  980.100735][T17589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  980.190331][T17780] bridge0: entered allmulticast mode
[  980.292011][T17776] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3105'.
[  980.503225][T17589] hsr_slave_0: entered promiscuous mode
[  980.537073][ T5900] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  980.538275][T17589] hsr_slave_1: entered promiscuous mode
[  980.746792][ T5900] usb 3-1: Using ep0 maxpacket: 16
[  980.759659][ T5900] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  980.778357][ T5900] usb 3-1: config 0 has no interface number 0
[  980.805096][ T5900] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  980.826824][T11688] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[  980.886154][ T5900] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  980.917378][ T5900] usb 3-1: config 0 interface 41 has no altsetting 0
[  980.968900][ T5900] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  980.996871][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  981.014053][ T5900] usb 3-1: Product: syz
[  981.024174][ T5900] usb 3-1: Manufacturer: syz
[  981.032390][T11688] usb 5-1: Using ep0 maxpacket: 16
[  981.081669][ T5900] usb 3-1: SerialNumber: syz
[  981.174727][ T5900] usb 3-1: config 0 descriptor??
[  981.207646][T17785] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  981.218314][T17785] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  981.271734][T17811] futex_wake_op: syz.0.3113 tries to shift op by 36; fix this program
[  981.417342][ T5892] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[  981.443686][T17785] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  981.475819][T17785] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  981.815118][ T5892] usb 2-1: config 0 has no interfaces?
[  981.899975][ T5892] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  981.955484][ T5900] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  981.994622][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.118977][ T5892] usb 2-1: Product: syz
[  982.133246][ T5892] usb 2-1: Manufacturer: syz
[  982.194232][ T5892] usb 2-1: SerialNumber: syz
[  982.273702][ T5892] usb 2-1: config 0 descriptor??
[  982.343525][ T5900] dm9601 3-1:0.41 (unnamed net_device) (uninitialized): Error reading chip ID
[  982.428778][ T5900] sr9700 3-1:0.41: probe with driver sr9700 failed with error -71
[  982.617302][ T5900] usb 3-1: USB disconnect, device number 3
[  982.766459][T17807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  982.813537][T17807] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  983.227787][T17589] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  983.306811][T17589] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  983.324512][T17589] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  983.355245][T17589] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  984.144933][T17589] 8021q: adding VLAN 0 to HW filter on device bond0
[  984.323072][T17589] 8021q: adding VLAN 0 to HW filter on device team0
[  984.489403][T17156] bridge0: port 1(bridge_slave_0) entered blocking state
[  984.496598][T17156] bridge0: port 1(bridge_slave_0) entered forwarding state
[  984.663321][T17156] bridge0: port 2(bridge_slave_1) entered blocking state
[  984.670594][T17156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  984.712885][T11688] usb 5-1: unable to get BOS descriptor or descriptor too short
[  984.763272][T11688] usb 5-1: unable to read config index 0 descriptor/start: -71
[  984.808793][T11688] usb 5-1: can't read configurations, error -71
[  984.907686][T17843] fuse: Bad value for 'fd'
[  985.361231][T17589] 8021q: adding VLAN 0 to HW filter on device batadv0
[  985.468242][T17589] veth0_vlan: entered promiscuous mode
[  985.483178][T17589] veth1_vlan: entered promiscuous mode
[  985.550532][T17589] veth0_macvtap: entered promiscuous mode
[  985.580881][T17589] veth1_macvtap: entered promiscuous mode
[  985.614666][T17589] batman_adv: batadv0: Interface activated: batadv_slave_0
[  985.640886][T17859] xt_hashlimit: max too large, truncated to 1048576
[  985.678190][T17859] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  985.697440][T17589] batman_adv: batadv0: Interface activated: batadv_slave_1
[  985.725163][T17589] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  985.736249][T17589] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  985.753060][T17589] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  985.765501][T17589] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  985.862360][   T43] usb 2-1: USB disconnect, device number 123
[  986.134642][T17864] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3120'.
[  986.150884][ T7450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  986.162711][ T7450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  986.312400][ T7458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  986.333271][ T7458] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  986.727168][   T43] usb 2-1: new high-speed USB device number 124 using dummy_hcd
[  986.904915][T17879] syzkaller1: entered promiscuous mode
[  986.920370][T17879] syzkaller1: entered allmulticast mode
[  987.073704][   T43] usb 2-1: config 0 has no interfaces?
[  987.088940][   T43] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  987.112937][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.130498][   T43] usb 2-1: Product: syz
[  987.140022][   T43] usb 2-1: Manufacturer: syz
[  987.163409][   T43] usb 2-1: SerialNumber: syz
[  987.198631][   T43] usb 2-1: config 0 descriptor??
[  987.445351][T17871] xt_policy: neither incoming nor outgoing policy selected
[  987.485461][T17871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  987.505066][T17871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  987.698405][T17890] fuse: Bad value for 'fd'
[  987.758014][T17891] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3126'.
[  988.252545][T17897] futex_wake_op: syz.2.3128 tries to shift op by 36; fix this program
[  988.586570][T17902] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  989.055263][T17911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3133'.
[  989.072907][T17911] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3133'.
[  989.104449][T17911] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3133'.
[  989.914080][T17924] netlink: 312 bytes leftover after parsing attributes in process `syz.0.3136'.
[  989.925837][T17924] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3136'.
[  989.996803][ T5918] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  990.149974][T17926] netlink: 312 bytes leftover after parsing attributes in process `syz.0.3136'.
[  990.164120][T17926] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3136'.
[  990.176213][ T5918] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  990.191190][ T5918] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  990.225009][ T5918] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  990.262030][ T5918] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  990.284851][ T5918] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  990.308705][ T5918] usb 4-1: config 0 descriptor??
[  990.703161][   T43] usb 2-1: USB disconnect, device number 124
[  990.781711][ T5918] plantronics 0003:047F:FFFF.0021: ignoring exceeding usage max
[  990.819789][T17933] fuse: Bad value for 'fd'
[  990.828109][ T5918] plantronics 0003:047F:FFFF.0021: ignoring exceeding usage max
[  990.843502][ T5918] plantronics 0003:047F:FFFF.0021: usage index exceeded
[  990.861072][ T5918] plantronics 0003:047F:FFFF.0021: item 0 1 2 2 parsing failed
[  990.889130][ T5918] plantronics 0003:047F:FFFF.0021: parse failed
[  990.903581][ T5918] plantronics 0003:047F:FFFF.0021: probe with driver plantronics failed with error -22
[  990.955988][ T5918] usb 4-1: USB disconnect, device number 21
[  991.694259][T17942] netlink: 'syz.3.3142': attribute type 10 has an invalid length.
[  991.736267][T17942] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3142'.
[  992.039931][T17953] overlayfs: missing 'lowerdir'
[  992.142934][T17951] futex_wake_op: syz.2.3146 tries to shift op by 36; fix this program
[  992.154170][T17950] rtc_cmos 00:00: Alarms can be up to one day in the future
[  992.313306][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  992.324000][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  992.333848][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  992.344096][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  992.344747][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  992.369450][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  992.409098][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  992.417510][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  992.425495][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  992.445464][   T43] rtc rtc0: __rtc_set_alarm: err=-22
[  992.459496][T17965] fuse: Bad value for 'fd'
[  992.625522][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  992.625542][   T30] audit: type=1326 audit(1750590414.134:3151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  992.741074][T17971] netlink: 'syz.3.3149': attribute type 30 has an invalid length.
[  992.756721][   T30] audit: type=1326 audit(1750590414.134:3152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  992.802720][   T30] audit: type=1326 audit(1750590414.184:3153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  992.875029][   T30] audit: type=1326 audit(1750590414.184:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  992.946360][T17980] futex_wake_op: syz.4.3152 tries to shift op by 36; fix this program
[  992.965354][   T30] audit: type=1326 audit(1750590414.184:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  993.220095][   T30] audit: type=1326 audit(1750590414.184:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  993.245429][   T30] audit: type=1326 audit(1750590414.184:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  993.319933][   T30] audit: type=1326 audit(1750590414.184:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  993.354197][   T30] audit: type=1326 audit(1750590414.184:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  993.389667][   T30] audit: type=1326 audit(1750590414.184:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[  993.530471][T17967] chnl_net:caif_netlink_parms(): no params data found
[  994.408875][T17967] bridge0: port 1(bridge_slave_0) entered blocking state
[  994.495900][ T5830] Bluetooth: hci2: command tx timeout
[  994.547364][T17967] bridge0: port 1(bridge_slave_0) entered disabled state
[  994.587502][T17967] bridge_slave_0: entered allmulticast mode
[  994.808331][T17967] bridge_slave_0: entered promiscuous mode
[  995.138718][T17967] bridge0: port 2(bridge_slave_1) entered blocking state
[  995.366177][T17967] bridge0: port 2(bridge_slave_1) entered disabled state
[  995.492633][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  995.558741][T17967] bridge_slave_1: entered allmulticast mode
[  995.678238][T17967] bridge_slave_1: entered promiscuous mode
[  995.826771][   T43] usb 4-1: new low-speed USB device number 22 using dummy_hcd
[  995.976715][   T43] usb 4-1: Invalid ep0 maxpacket: 32
[  996.116793][   T43] usb 4-1: new low-speed USB device number 23 using dummy_hcd
[  996.287888][   T43] usb 4-1: Invalid ep0 maxpacket: 32
[  996.296001][   T43] usb usb4-port1: attempt power cycle
[  996.562046][T17967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  996.580028][ T5830] Bluetooth: hci2: command tx timeout
[  996.594080][T17967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  996.757880][   T43] usb 4-1: new low-speed USB device number 24 using dummy_hcd
[  996.765147][T17967] team0: Port device team_slave_0 added
[  996.783097][   T43] usb 4-1: Invalid ep0 maxpacket: 32
[  996.800195][T18011] FAULT_INJECTION: forcing a failure.
[  996.800195][T18011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  996.821971][T17967] team0: Port device team_slave_1 added
[  996.867515][T18011] CPU: 0 UID: 0 PID: 18011 Comm: syz.0.3159 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  996.867564][T18011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  996.867578][T18011] Call Trace:
[  996.867587][T18011]  <TASK>
[  996.867598][T18011]  dump_stack_lvl+0x189/0x250
[  996.867638][T18011]  ? __pfx____ratelimit+0x10/0x10
[  996.867673][T18011]  ? __pfx_dump_stack_lvl+0x10/0x10
[  996.867707][T18011]  ? __pfx__printk+0x10/0x10
[  996.867747][T18011]  should_fail_ex+0x414/0x560
[  996.867781][T18011]  strncpy_from_user+0x36/0x290
[  996.867813][T18011]  getname_flags+0xf3/0x540
[  996.867846][T18011]  __x64_sys_execve+0x7a/0xb0
[  996.867882][T18011]  do_syscall_64+0xfa/0x3b0
[  996.867902][T18011]  ? lockdep_hardirqs_on+0x9c/0x150
[  996.867934][T18011]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  996.867957][T18011]  ? clear_bhb_loop+0x60/0xb0
[  996.867984][T18011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  996.868005][T18011] RIP: 0033:0x7f0bdc98e929
[  996.868025][T18011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  996.868044][T18011] RSP: 002b:00007f0bdd87c038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  996.868068][T18011] RAX: ffffffffffffffda RBX: 00007f0bdcbb6080 RCX: 00007f0bdc98e929
[  996.868085][T18011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  996.868099][T18011] RBP: 00007f0bdd87c090 R08: 0000000000000000 R09: 0000000000000000
[  996.868114][T18011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  996.868127][T18011] R13: 0000000000000001 R14: 00007f0bdcbb6080 R15: 00007f0bdccdfa28
[  996.868161][T18011]  </TASK>
[  996.916936][   T43] usb 4-1: new low-speed USB device number 25 using dummy_hcd
[  997.086813][T17967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  997.102877][T17967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  997.162175][T17967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  997.191806][   T43] usb 4-1: Invalid ep0 maxpacket: 32
[  997.240604][T18016] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  997.261199][   T43] usb usb4-port1: unable to enumerate USB device
[  997.270777][T17967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  997.322191][T17967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  997.385315][T17967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  997.514722][T17967] hsr_slave_0: entered promiscuous mode
[  997.534965][T17967] hsr_slave_1: entered promiscuous mode
[  997.560750][T17967] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  997.620683][T17967] Cannot create hsr debugfs directory
[  997.896535][T18019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3161'.
[  997.913939][T18019] Unsupported xt match
[  997.913958][T18019] unable to load match
[  998.140906][T18022] 8021q: VLANs not supported on vxcan0
[  998.341301][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  998.348823][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  998.586707][T18024] futex_wake_op: syz.3.3163 tries to shift op by 36; fix this program
[  998.618865][T18023] rtc_cmos 00:00: Alarms can be up to one day in the future
[  998.654789][ T5830] Bluetooth: hci2: command tx timeout
[  999.146740][T12337] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  999.284291][T17967] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  999.338614][T12337] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  999.352210][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  999.367789][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  999.396845][T12337] usb 3-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  999.417165][T12337] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  999.427162][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  999.468229][   T43] rtc_cmos 00:00: Alarms can be up to one day in the future
[  999.483856][   T43] rtc rtc0: __rtc_set_alarm: err=-22
[  999.500203][T12337] usb 3-1: config 0 descriptor??
[  999.539027][T12337] smsusb:smsusb_probe: board id=8, interface number 0
[  999.564005][T12337] smsusb:smsusb_probe: Device initialized with return code -19
[  999.909353][T17967] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  999.920149][T17967] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  999.942776][T17967] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  999.954948][T18039] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  999.979743][T18039] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1000.005310][T18054] futex_wake_op: syz.0.3169 tries to shift op by 36; fix this program
[ 1000.060628][T18039] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1000.118471][T18039] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1000.143735][T18039] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1000.171326][T18039] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1000.319531][T17967] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1000.340879][T18039] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1000.386438][T18039] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1000.406386][T17967] 8021q: adding VLAN 0 to HW filter on device team0
[ 1000.418412][T18039] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1000.445505][T18039] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1000.484994][T18039] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1000.492216][T18039] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1000.541068][T18039] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1000.594743][ T7446] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1000.601960][ T7446] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1000.630752][ T7446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1000.637953][ T7446] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1000.982289][T17967] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1001.249005][T17967] veth0_vlan: entered promiscuous mode
[ 1001.322075][T17967] veth1_vlan: entered promiscuous mode
[ 1001.454320][T18069] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3171'.
[ 1001.634455][T18069] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3171'.
[ 1001.665320][T17967] veth0_macvtap: entered promiscuous mode
[ 1001.680338][T18069] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3171'.
[ 1001.780458][T18074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3171'.
[ 1001.856699][T17967] veth1_macvtap: entered promiscuous mode
[ 1001.867661][T18074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3171'.
[ 1001.891717][T18074] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3171'.
[ 1002.008469][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1002.014738][ T5830] Bluetooth: hci3: command 0x0405 tx timeout
[ 1002.076828][T12337] usb 3-1: USB disconnect, device number 4
[ 1002.178169][T16648] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1002.276826][T11688] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1002.325046][T17967] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1002.409194][T16648] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1002.427025][T11688] usb 4-1: Using ep0 maxpacket: 8
[ 1002.521626][T17967] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1002.554090][T11688] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1002.567259][T16648] Bluetooth: hci2: command 0x0405 tx timeout
[ 1002.588274][T11688] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1002.701050][T17967] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.718364][T11688] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.735667][T17967] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.807723][T17967] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.825330][T11688] usb 4-1: config 0 descriptor??
[ 1002.840626][T17967] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1003.665324][T17156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1003.709971][T18097] futex_wake_op: syz.4.3179 tries to shift op by 36; fix this program
[ 1003.775078][T18093] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1003.790077][T17156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1003.864820][ T7448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1003.876948][ T7448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1004.088297][T16648] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1004.277502][T16648] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1004.347085][ T5918] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1004.365218][ T5918] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1004.433046][T18105] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3140'.
[ 1004.467190][ T5918] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1004.489820][T16648] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1004.547174][ T5918] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1004.554550][ T5918] rtc rtc0: __rtc_set_alarm: err=-22
[ 1004.657416][T16648] Bluetooth: hci2: command 0x0405 tx timeout
[ 1005.117978][T18110] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[ 1006.167239][T16648] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1006.327318][T16648] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1006.392211][T11688] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1006.497922][ T5918] usb 5-1: new full-speed USB device number 109 using dummy_hcd
[ 1006.527896][T11688] usb 4-1: USB disconnect, device number 26
[ 1006.577699][T16648] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1006.728216][T16648] Bluetooth: hci2: command 0x0405 tx timeout
[ 1007.485320][T18137] syz.3.3187: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1007.601863][T18137] CPU: 0 UID: 0 PID: 18137 Comm: syz.3.3187 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1007.601888][T18137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1007.601899][T18137] Call Trace:
[ 1007.601907][T18137]  <TASK>
[ 1007.601919][T18137]  dump_stack_lvl+0x189/0x250
[ 1007.601963][T18137]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1007.601997][T18137]  ? __pfx__printk+0x10/0x10
[ 1007.602019][T18137]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1007.602037][T18137]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1007.602056][T18137]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1007.602085][T18137]  warn_alloc+0x214/0x310
[ 1007.602119][T18137]  ? __pfx_warn_alloc+0x10/0x10
[ 1007.602153][T18137]  ? __get_vm_area_node+0x28f/0x300
[ 1007.602173][T18137]  ? vb2_vmalloc_alloc+0xef/0x340
[ 1007.602193][T18137]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1007.602252][T18137]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1007.602283][T18137]  ? __kasan_kmalloc+0x93/0xb0
[ 1007.602307][T18137]  vmalloc_user_noprof+0xad/0xf0
[ 1007.602329][T18137]  ? vb2_vmalloc_alloc+0xef/0x340
[ 1007.602345][T18137]  vb2_vmalloc_alloc+0xef/0x340
[ 1007.602362][T18137]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[ 1007.602385][T18137]  __vb2_queue_alloc+0x9bf/0x15a0
[ 1007.602447][T18137]  vb2_core_reqbufs+0xc31/0x1420
[ 1007.602493][T18137]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1007.602517][T18137]  ? vb2_verify_memory_type+0x1fc/0x570
[ 1007.602555][T18137]  ? vb2_reqbufs+0x3a9/0x630
[ 1007.602596][T18137]  v4l2_m2m_ioctl_reqbufs+0x10d/0x200
[ 1007.602627][T18137]  __video_do_ioctl+0xc9b/0xdb0
[ 1007.602652][T18137]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1007.602679][T18137]  video_usercopy+0x86e/0x14f0
[ 1007.602716][T18137]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1007.602739][T18137]  ? __pfx_video_usercopy+0x10/0x10
[ 1007.602775][T18137]  ? __fget_files+0x2a/0x420
[ 1007.602796][T18137]  ? __fget_files+0x2a/0x420
[ 1007.602812][T18137]  ? __fget_files+0x3a0/0x420
[ 1007.602834][T18137]  v4l2_ioctl+0x18a/0x1e0
[ 1007.602859][T18137]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1007.602885][T18137]  __se_sys_ioctl+0xfc/0x170
[ 1007.602918][T18137]  do_syscall_64+0xfa/0x3b0
[ 1007.602936][T18137]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1007.602959][T18137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1007.602975][T18137]  ? clear_bhb_loop+0x60/0xb0
[ 1007.603000][T18137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1007.603023][T18137] RIP: 0033:0x7f28af78e929
[ 1007.603041][T18137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1007.603060][T18137] RSP: 002b:00007f28ad5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1007.603083][T18137] RAX: ffffffffffffffda RBX: 00007f28af9b6160 RCX: 00007f28af78e929
[ 1007.603096][T18137] RDX: 0000200000000000 RSI: 00000000c0145608 RDI: 0000000000000004
[ 1007.603107][T18137] RBP: 00007f28af810b39 R08: 0000000000000000 R09: 0000000000000000
[ 1007.603116][T18137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1007.603126][T18137] R13: 0000000000000001 R14: 00007f28af9b6160 R15: 00007f28afadfa28
[ 1007.603156][T18137]  </TASK>
[ 1007.646910][T18137] Mem-Info:
[ 1007.897162][ T5900] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1008.053206][T18137] active_anon:9696 inactive_anon:0 isolated_anon:0
[ 1008.053206][T18137]  active_file:16533 inactive_file:4216 isolated_file:0
[ 1008.053206][T18137]  unevictable:768 dirty:167 writeback:0
[ 1008.053206][T18137]  slab_reclaimable:6938 slab_unreclaimable:117073
[ 1008.053206][T18137]  mapped:38348 shmem:4721 pagetables:1283
[ 1008.053206][T18137]  sec_pagetables:0 bounce:0
[ 1008.053206][T18137]  kernel_misc_reclaimable:0
[ 1008.053206][T18137]  free:1320004 free_pcp:14640 free_cma:0
[ 1008.246692][T18137] Node 0 active_anon:40988kB inactive_anon:0kB active_file:66104kB inactive_file:16732kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:154980kB dirty:684kB writeback:0kB shmem:19016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12460kB pagetables:5056kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1008.426796][T18137] Node 1 active_anon:0kB inactive_anon:0kB active_file:28kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1008.788146][T18137] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1008.828336][T16648] Bluetooth: hci2: command 0x0405 tx timeout
[ 1009.131086][T18137] lowmem_reserve[]: 0 2501 2502 2502 2502
[ 1009.162804][T18137] Node 0 DMA32 free:1358040kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:39228kB inactive_anon:0kB active_file:65940kB inactive_file:15212kB unevictable:1536kB writepending:760kB present:3129332kB managed:2561024kB mlocked:0kB bounce:0kB free_pcp:40160kB local_pcp:19660kB free_cma:0kB
[ 1009.213918][T18147] futex_wake_op: syz.0.3189 tries to shift op by 36; fix this program
[ 1009.410907][T18137] lowmem_reserve[]: 0 0 1 1 1
[ 1009.486974][T18137] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:144kB inactive_anon:0kB active_file:164kB inactive_file:1528kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:36kB local_pcp:32kB free_cma:0kB
[ 1009.529023][T18148] block device autoloading is deprecated and will be removed.
[ 1009.604118][T18137] lowmem_reserve[]: 0 0 0 0 0
[ 1009.623345][T18137] Node 1 Normal free:3902204kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:28kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:21312kB local_pcp:13344kB free_cma:0kB
[ 1009.804570][T18137] lowmem_reserve[]: 0 0 0 0 0
[ 1009.871473][T18137] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1009.943261][T18137] Node 0 DMA32: 2*4kB (UE) 88*8kB (ME) 277*16kB (UME) 601*32kB (UME) 298*64kB (UME) 348*128kB (UME) 368*256kB (UME) 211*512kB (UME) 110*1024kB (UM) 14*2048kB (ME) 226*4096kB (UM) = 1357240kB
[ 1010.001788][T18137] Node 0 Normal: 3*4kB (M) 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB
[ 1010.043904][T18137] Node 1 Normal: 213*4kB (UME) 53*8kB (UME) 56*16kB (UME) 178*32kB (UE) 55*64kB (UME) 13*128kB (UME) 4*256kB (UM) 4*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 947*4096kB (M) = 3902204kB
[ 1010.095464][T18137] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1010.123697][T18137] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1010.154175][T18137] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1010.185079][T18137] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1010.212030][T18137] 24976 total pagecache pages
[ 1010.232640][T18137] 0 pages in swap cache
[ 1010.255617][T18137] Free swap  = 124996kB
[ 1010.275956][T18137] Total swap = 124996kB
[ 1010.284273][T18137] 2097051 pages RAM
[ 1010.295996][T18137] 0 pages HighMem/MovableOnly
[ 1010.364999][T18137] 424689 pages reserved
[ 1010.373835][T18137] 0 pages cma reserved
[ 1010.401131][T18155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3190'.
[ 1010.422871][T18155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3190'.
[ 1010.621075][T18155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3190'.
[ 1010.650280][T18155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3190'.
[ 1010.904499][T18160] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3192'.
[ 1010.966808][ T5918] usb 2-1: new high-speed USB device number 125 using dummy_hcd
[ 1011.176873][ T5918] usb 2-1: Using ep0 maxpacket: 8
[ 1011.184159][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1011.213498][ T5918] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1011.237111][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.265394][ T5918] usb 2-1: config 0 descriptor??
[ 1011.929238][T18171] kvm: emulating exchange as write
[ 1011.950060][T18171] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1012.046772][ T5900] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 1012.125113][   T30] kauditd_printk_skb: 22 callbacks suppressed
[ 1012.125546][   T30] audit: type=1326 audit(1750590433.634:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.159303][   T30] audit: type=1326 audit(1750590433.634:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.189239][   T30] audit: type=1326 audit(1750590433.704:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.217316][   T30] audit: type=1326 audit(1750590433.704:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.277182][ T5900] usb 5-1: Using ep0 maxpacket: 16
[ 1012.284266][ T5900] usb 5-1: config 8 has an invalid interface number: 39 but max is 0
[ 1012.287255][   T30] audit: type=1326 audit(1750590433.704:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.341987][ T5900] usb 5-1: config 8 has no interface number 0
[ 1012.379110][ T5900] usb 5-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F
[ 1012.400171][   T30] audit: type=1326 audit(1750590433.704:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.435461][   T30] audit: type=1326 audit(1750590433.704:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.461569][   T30] audit: type=1326 audit(1750590433.704:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.492372][   T30] audit: type=1326 audit(1750590433.704:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.493513][ T5900] usb 5-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1012.554681][   T30] audit: type=1326 audit(1750590433.704:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18179 comm="syz.3.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1012.681874][ T5900] usb 5-1: config 8 interface 39 altsetting 1 bulk endpoint 0x8F has invalid maxpacket 0
[ 1012.738617][ T5900] usb 5-1: config 8 interface 39 has no altsetting 0
[ 1012.772662][ T5900] usb 5-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[ 1012.815523][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1012.844442][ T5900] usb 5-1: Product: syz
[ 1012.880041][ T5900] usb 5-1: Manufacturer: syz
[ 1012.924430][ T5900] usb 5-1: SerialNumber: syz
[ 1013.615178][T16648] Bluetooth: hci1: SCO packet for unknown connection handle 200
[ 1013.637406][T18199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1013.699022][T18199] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1013.727496][ T5900] ipheth 5-1:8.39: ipheth_get_macaddr: usb_control_msg: -110
[ 1013.746548][ T5900] ipheth 5-1:8.39: probe with driver ipheth failed with error -110
[ 1014.107298][T18204] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3197'.
[ 1014.231787][T18206] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3197'.
[ 1014.870596][ T5918] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1015.047342][ T5918] usb 2-1: USB disconnect, device number 125
[ 1015.676804][T15870] usb 2-1: new high-speed USB device number 126 using dummy_hcd
[ 1015.852361][T15870] usb 2-1: Using ep0 maxpacket: 8
[ 1015.902987][T15870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1015.924435][T15870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1015.943012][T15870] usb 2-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[ 1015.966986][T15870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1015.984757][T15870] usb 2-1: config 0 descriptor??
[ 1016.001920][T15870] usbhid 2-1:0.0: can't add hid device: -22
[ 1016.010459][T15870] usbhid 2-1:0.0: probe with driver usbhid failed with error -22
[ 1016.543739][T11688] usb 5-1: USB disconnect, device number 110
[ 1017.036865][T11688] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[ 1017.171568][T18241] futex_wake_op: syz.2.3213 tries to shift op by 36; fix this program
[ 1017.219992][T11688] usb 5-1: config 0 interface 0 altsetting 12 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1017.240473][T11688] usb 5-1: config 0 interface 0 altsetting 12 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1017.268034][T11688] usb 5-1: config 0 interface 0 altsetting 12 bulk endpoint 0x82 has invalid maxpacket 0
[ 1017.392017][T11688] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1017.449874][T11688] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[ 1017.470911][T11688] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1017.519972][T11688] usb 5-1: Product: syz
[ 1017.534976][T11688] usb 5-1: Manufacturer: syz
[ 1017.550984][T11688] usb 5-1: SerialNumber: syz
[ 1017.570996][T11688] usb 5-1: config 0 descriptor??
[ 1017.582994][T18229] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1017.978837][ T5918] usb 5-1: USB disconnect, device number 111
[ 1018.911616][T15870] usb 2-1: USB disconnect, device number 126
[ 1018.988336][T12337] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[ 1019.113693][T18259] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3219'.
[ 1019.126456][T18259] openvswitch: netlink: Invalid MD length 0 for MD type 0
[ 1019.137598][T18259] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1019.156772][T12337] usb 1-1: Using ep0 maxpacket: 8
[ 1019.167387][T12337] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[ 1019.211548][T12337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1019.250300][T12337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1019.296220][T12337] usb 1-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad
[ 1019.311844][T18263] netlink: 'syz.3.3221': attribute type 1 has an invalid length.
[ 1019.327454][T12337] usb 1-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3
[ 1019.378965][T12337] usb 1-1: Product: syz
[ 1019.426797][T12337] usb 1-1: Manufacturer: syz
[ 1019.435104][T12337] usb 1-1: SerialNumber: syz
[ 1019.531992][T12337] usb 1-1: config 0 descriptor??
[ 1019.674969][T12337] smsusb:smsusb_probe: board id=2, interface number 0
[ 1019.769488][T12337] smsusb:smsusb_probe: Device initialized with return code -19
[ 1020.207419][T18274] FAULT_INJECTION: forcing a failure.
[ 1020.207419][T18274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1020.246436][T18274] CPU: 1 UID: 0 PID: 18274 Comm: syz.3.3224 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1020.246475][T18274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1020.246490][T18274] Call Trace:
[ 1020.246499][T18274]  <TASK>
[ 1020.246511][T18274]  dump_stack_lvl+0x189/0x250
[ 1020.246552][T18274]  ? __pfx____ratelimit+0x10/0x10
[ 1020.246586][T18274]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1020.246620][T18274]  ? __pfx__printk+0x10/0x10
[ 1020.246646][T18274]  ? get_sigframe+0x596/0x7d0
[ 1020.246680][T18274]  should_fail_ex+0x414/0x560
[ 1020.246711][T18274]  _copy_to_user+0x31/0xb0
[ 1020.246735][T18274]  copy_siginfo_to_user+0x22/0xc0
[ 1020.246757][T18274]  x64_setup_rt_frame+0x776/0xd40
[ 1020.246805][T18274]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1020.246846][T18274]  arch_do_signal_or_restart+0x3d7/0x750
[ 1020.246883][T18274]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1020.246929][T18274]  ? exit_to_user_mode_loop+0x40/0x110
[ 1020.246965][T18274]  exit_to_user_mode_loop+0x75/0x110
[ 1020.246997][T18274]  do_syscall_64+0x2bd/0x3b0
[ 1020.247016][T18274]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1020.247047][T18274]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.247069][T18274]  ? clear_bhb_loop+0x60/0xb0
[ 1020.247097][T18274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.247118][T18274] RIP: 0033:0x7f28af78e927
[ 1020.247138][T18274] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 1020.247158][T18274] RSP: 002b:00007f28b0543038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 1020.247183][T18274] RAX: 000000000000002d RBX: 00007f28af9b5fa0 RCX: 00007f28af78e929
[ 1020.247199][T18274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1020.247212][T18274] RBP: 00007f28b0543090 R08: 0000000000000000 R09: 0000000000000000
[ 1020.247227][T18274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1020.247249][T18274] R13: 0000000000000000 R14: 00007f28af9b5fa0 R15: 00007f28afadfa28
[ 1020.247282][T18274]  </TASK>
[ 1021.820773][T15870] usb 1-1: USB disconnect, device number 104
[ 1022.261006][T18302] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3233'.
[ 1022.443425][T18300] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3234'.
[ 1022.730758][T18312] futex_wake_op: syz.0.3235 tries to shift op by 36; fix this program
[ 1022.756540][T18313] netlink: 'syz.1.3236': attribute type 12 has an invalid length.
[ 1022.845595][T16648] Bluetooth: hci1: unexpected event for opcode 0x041b
[ 1023.346241][T18330] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3243'.
[ 1023.466791][T15870] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1023.626905][T15870] usb 3-1: Using ep0 maxpacket: 8
[ 1023.654273][T15870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1023.681608][T15870] usb 3-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[ 1023.704893][T15870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.728431][T15870] usb 3-1: config 0 descriptor??
[ 1024.965749][T15870] belkin 0003:050D:3201.0022: unknown main item tag 0x0
[ 1025.030859][T15870] belkin 0003:050D:3201.0022: hiddev0,hidraw0: USB HID v0.00 Device [HID 050d:3201] on usb-dummy_hcd.2-1/input0
[ 1026.431434][T18374] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3253'.
[ 1026.523033][   T43] usb 3-1: USB disconnect, device number 5
[ 1026.726888][ T5918] usb 2-1: new low-speed USB device number 127 using dummy_hcd
[ 1026.766000][T18382] netlink: 'syz.0.3257': attribute type 4 has an invalid length.
[ 1026.850158][T18385] netlink: 'syz.4.3260': attribute type 4 has an invalid length.
[ 1026.861036][T18385] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3260'.
[ 1026.883401][T18385] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 1026.907055][ T5918] usb 2-1: Invalid ep0 maxpacket: 16
[ 1027.058937][ T5918] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[ 1027.267184][ T5918] usb 2-1: Invalid ep0 maxpacket: 16
[ 1027.273210][ T5918] usb usb2-port1: attempt power cycle
[ 1027.385620][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1027.385641][   T30] audit: type=1326 audit(1750590448.864:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18391 comm="syz.3.3262" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f28af78e929 code=0x0
[ 1027.566768][T12337] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 1027.656790][ T5918] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[ 1027.677829][ T5918] usb 2-1: Invalid ep0 maxpacket: 16
[ 1027.740542][T12337] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1027.787002][T12337] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1027.844067][T12337] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1027.857239][ T5918] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[ 1027.905030][ T5918] usb 2-1: Invalid ep0 maxpacket: 16
[ 1027.914841][ T5918] usb usb2-port1: unable to enumerate USB device
[ 1027.987350][T12337] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1027.995424][T12337] usb 5-1: SerialNumber: syz
[ 1028.389002][T12337] usb 5-1: 0:2 : does not exist
[ 1028.451329][T12337] usb 5-1: USB disconnect, device number 112
[ 1028.601303][T16210] udevd[16210]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1028.867000][ T5918] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[ 1029.027543][ T5918] usb 1-1: config 8 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1029.046595][ T5918] usb 1-1: config 8 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1029.101776][ T5918] usb 1-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[ 1029.124605][ T5918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1029.598662][ T5918] megaworld 0003:07B5:0312.0023: hidraw0: USB HID v0.00 Device [HID 07b5:0312] on usb-dummy_hcd.0-1/input0
[ 1029.647516][ T5918] megaworld 0003:07B5:0312.0023: no inputs found
[ 1029.698695][T18415] futex_wake_op: syz.4.3267 tries to shift op by 36; fix this program
[ 1029.863012][ T5918] usb 1-1: USB disconnect, device number 105
[ 1029.912714][T18414] fido_id[18414]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1030.926933][T15870] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[ 1031.235243][T15870] usb 1-1: Using ep0 maxpacket: 32
[ 1031.426990][T12337] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1031.479901][T15870] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1031.567917][T12337] usb 4-1: device descriptor read/64, error -71
[ 1031.586962][T15870] usb 1-1: config 0 has no interface number 0
[ 1031.601871][T15870] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 52, changing to 9
[ 1031.625780][T15870] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1031.772299][T15870] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1031.781661][T15870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1031.790125][T15870] usb 1-1: Product: syz
[ 1031.800158][T15870] usb 1-1: Manufacturer: syz
[ 1031.813519][T15870] usb 1-1: SerialNumber: syz
[ 1031.816831][T12337] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1031.855178][T15870] usb 1-1: config 0 descriptor??
[ 1032.081924][T18432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1032.098043][T18432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1032.117174][T12337] usb 4-1: device descriptor read/64, error -71
[ 1032.317343][T12337] usb usb4-port1: attempt power cycle
[ 1032.554800][T15870] appletouch 1-1:0.85: Geyser mode initialized.
[ 1032.594512][T15870] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input52
[ 1032.727117][T12337] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1032.838035][T11688] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1032.867873][T18432] loop8: detected capacity change from 0 to 7
[ 1032.920645][T18432] Dev loop8: unable to read RDB block 7
[ 1032.939333][T12337] usb 4-1: device descriptor read/8, error -71
[ 1032.957606][T18432]  loop8: unable to read partition table
[ 1032.984041][T18432] loop8: partition table beyond EOD, truncated
[ 1033.010733][T18432] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1033.111088][T16210] Dev loop8: unable to read RDB block 7
[ 1033.124952][T16210]  loop8: unable to read partition table
[ 1033.151873][T16210] loop8: partition table beyond EOD, truncated
[ 1033.216083][T18445] Dev loop8: unable to read RDB block 7
[ 1033.241083][T18445]  loop8: unable to read partition table
[ 1033.296781][T12337] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1033.330049][T18445] loop8: partition table beyond EOD, truncated
[ 1033.351906][T18445] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1033.364649][T15870] usb 1-1: USB disconnect, device number 106
[ 1033.389181][T12337] usb 4-1: device descriptor read/8, error -71
[ 1033.517095][T12337] usb usb4-port1: unable to enumerate USB device
[ 1033.568406][T15870] appletouch 1-1:0.85: input: appletouch disconnected
[ 1033.707819][T11688] usb 3-1: config 0 has no interfaces?
[ 1034.052731][T11688] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1034.095309][T11688] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1034.113836][T11688] usb 3-1: Product: syz
[ 1034.118605][T11688] usb 3-1: Manufacturer: syz
[ 1034.123239][T11688] usb 3-1: SerialNumber: syz
[ 1034.157359][T11688] usb 3-1: config 0 descriptor??
[ 1034.679795][T18462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3278'.
[ 1035.174541][T18481] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3284'.
[ 1035.197956][T18481] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3284'.
[ 1035.280597][T18486] futex_wake_op: syz.1.3286 tries to shift op by 36; fix this program
[ 1035.964940][T16863] usb 3-1: USB disconnect, device number 6
[ 1036.362259][T18499] futex_wake_op: syz.0.3290 tries to shift op by 36; fix this program
[ 1036.796719][T12337] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1037.046806][T12337] usb 4-1: Using ep0 maxpacket: 8
[ 1037.087361][T12337] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1037.142127][T12337] usb 4-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[ 1037.189010][T12337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1037.229854][T12337] usb 4-1: config 0 descriptor??
[ 1037.575258][T18506] kvm: kvm [18503]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 1037.605760][T18506] kvm: kvm [18503]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 1037.617039][T18506] kvm: kvm [18503]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 1037.788577][T12337] lenovo 0003:17EF:6062.0024: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.3-1/input0
[ 1038.254925][T18515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1038.283048][T18515] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1038.567091][T12337] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 1038.584196][T18515] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3291'.
[ 1038.820942][T12337] usb 5-1: Using ep0 maxpacket: 8
[ 1038.910387][T12337] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1038.920148][T12337] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1038.933890][T12337] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1038.951102][T12337] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1038.972812][T12337] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1039.048982][T12337] usbtmc 5-1:16.0: bulk endpoints not found
[ 1039.331230][ T5918] usb 5-1: USB disconnect, device number 113
[ 1039.887150][T18534] IPv4: Oversized IP packet from 127.202.26.0
[ 1040.497803][T18543] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3299'.
[ 1040.555864][T18543] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3299'.
[ 1040.806943][T16863] usb 5-1: new high-speed USB device number 114 using dummy_hcd
[ 1040.900323][T18549] netlink: 'syz.0.3300': attribute type 9 has an invalid length.
[ 1040.997874][T12337] usb 4-1: USB disconnect, device number 32
[ 1041.109807][T16863] usb 5-1: config 0 has no interfaces?
[ 1041.191926][T16863] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1041.291426][T16863] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1041.313126][T16863] usb 5-1: Product: syz
[ 1041.323260][T16863] usb 5-1: Manufacturer: syz
[ 1041.334817][T16863] usb 5-1: SerialNumber: syz
[ 1041.425828][T16863] usb 5-1: config 0 descriptor??
[ 1042.620048][T18569] futex_wake_op: syz.1.3306 tries to shift op by 36; fix this program
[ 1042.814839][T18572] ptrace attach of "./syz-executor exec"[18574] was attempted by "./syz-executor exec"[18572]
[ 1042.961188][T18577] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3309'.
[ 1043.128136][T18578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3308'.
[ 1043.141886][T18578] bridge_slave_1: left allmulticast mode
[ 1043.148179][T18578] bridge_slave_1: left promiscuous mode
[ 1043.154214][T18578] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.170983][T18578] bridge_slave_0: left allmulticast mode
[ 1043.184824][T18578] bridge_slave_0: left promiscuous mode
[ 1043.191234][T18578] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.551459][T18588] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3312'.
[ 1043.591308][T18588] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3312'.
[ 1043.640285][T18592] FAULT_INJECTION: forcing a failure.
[ 1043.640285][T18592] name failslab, interval 1, probability 0, space 0, times 0
[ 1043.725643][T18592] CPU: 1 UID: 0 PID: 18592 Comm: syz.2.3314 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1043.725677][T18592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1043.725687][T18592] Call Trace:
[ 1043.725695][T18592]  <TASK>
[ 1043.725703][T18592]  dump_stack_lvl+0x189/0x250
[ 1043.725733][T18592]  ? __pfx____ratelimit+0x10/0x10
[ 1043.725759][T18592]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1043.725784][T18592]  ? __pfx__printk+0x10/0x10
[ 1043.725812][T18592]  should_fail_ex+0x414/0x560
[ 1043.725836][T18592]  should_failslab+0xa8/0x100
[ 1043.725855][T18592]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1043.725871][T18592]  ? sctp_add_bind_addr+0x8c/0x370
[ 1043.725891][T18592]  sctp_add_bind_addr+0x8c/0x370
[ 1043.725910][T18592]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1043.725928][T18592]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1043.725944][T18592]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1043.725963][T18592]  ? sctp_v4_is_any+0x35/0x60
[ 1043.725978][T18592]  ? sctp_copy_one_addr+0x93/0x360
[ 1043.725996][T18592]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1043.726012][T18592]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1043.726038][T18592]  sctp_connect_new_asoc+0x2e0/0x690
[ 1043.726061][T18592]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1043.726080][T18592]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1043.726110][T18592]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1043.726132][T18592]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1043.726152][T18592]  sctp_sendmsg+0x155c/0x2810
[ 1043.726180][T18592]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1043.726202][T18592]  ? aa_sk_perm+0x81e/0x950
[ 1043.726224][T18592]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1043.726245][T18592]  ? sock_rps_record_flow+0x19/0x410
[ 1043.726262][T18592]  ? inet_sendmsg+0x2f4/0x370
[ 1043.726280][T18592]  __sock_sendmsg+0x19c/0x270
[ 1043.726308][T18592]  ____sys_sendmsg+0x505/0x830
[ 1043.726332][T18592]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1043.726360][T18592]  ? import_iovec+0x74/0xa0
[ 1043.726382][T18592]  ___sys_sendmsg+0x21f/0x2a0
[ 1043.726414][T18592]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1043.726480][T18592]  ? __fget_files+0x2a/0x420
[ 1043.726510][T18592]  ? __fget_files+0x3a0/0x420
[ 1043.726535][T18592]  __x64_sys_sendmsg+0x19b/0x260
[ 1043.726558][T18592]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1043.726586][T18592]  ? __pfx_ksys_write+0x10/0x10
[ 1043.726607][T18592]  ? rcu_is_watching+0x15/0xb0
[ 1043.726644][T18592]  ? do_syscall_64+0xbe/0x3b0
[ 1043.726669][T18592]  do_syscall_64+0xfa/0x3b0
[ 1043.726687][T18592]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1043.726717][T18592]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.726739][T18592]  ? clear_bhb_loop+0x60/0xb0
[ 1043.726766][T18592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.726786][T18592] RIP: 0033:0x7f37fc78e929
[ 1043.726805][T18592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1043.726824][T18592] RSP: 002b:00007f37fa5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1043.726847][T18592] RAX: ffffffffffffffda RBX: 00007f37fc9b5fa0 RCX: 00007f37fc78e929
[ 1043.726864][T18592] RDX: 0000000024004860 RSI: 0000200000000380 RDI: 0000000000000003
[ 1043.726879][T18592] RBP: 00007f37fa5f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1043.726894][T18592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1043.726907][T18592] R13: 0000000000000000 R14: 00007f37fc9b5fa0 R15: 00007f37fcadfa28
[ 1043.726942][T18592]  </TASK>
[ 1044.612197][ T5918] usb 5-1: USB disconnect, device number 114
[ 1045.234745][   T30] audit: type=1326 audit(1750590466.744:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1045.271963][   T30] audit: type=1326 audit(1750590466.744:3196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1045.306315][   T30] audit: type=1326 audit(1750590466.774:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f28af78d290 code=0x7ffc0000
[ 1045.333176][   T30] audit: type=1326 audit(1750590466.774:3198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.360906][   T30] audit: type=1326 audit(1750590466.774:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.415588][   T30] audit: type=1326 audit(1750590466.774:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.456869][T16863] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1045.496536][   T30] audit: type=1326 audit(1750590466.774:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.519383][ T5900] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1045.561648][   T30] audit: type=1326 audit(1750590466.904:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.590778][   T30] audit: type=1326 audit(1750590466.964:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.625386][   T30] audit: type=1326 audit(1750590467.044:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18617 comm="syz.3.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1045.658922][T16863] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[ 1045.667862][T16863] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1045.689199][ T5900] usb 4-1: Using ep0 maxpacket: 16
[ 1045.705209][ T5900] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[ 1045.734926][ T5900] usb 4-1: config 0 has no interface number 0
[ 1045.744354][T16863] usb 2-1: config 0 has no interface number 0
[ 1045.754997][ T5900] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1045.769462][ T5900] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1045.779963][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[ 1045.788195][T16863] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1045.797498][T16863] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1045.805539][ T5900] usb 4-1: Manufacturer: syz
[ 1045.810333][T16863] usb 2-1: Product: syz
[ 1045.814676][T16863] usb 2-1: Manufacturer: syz
[ 1045.819330][ T5900] usb 4-1: SerialNumber: syz
[ 1045.826174][ T5900] usb 4-1: config 0 descriptor??
[ 1045.834248][T16863] usb 2-1: SerialNumber: syz
[ 1045.849817][T16863] usb 2-1: config 0 descriptor??
[ 1045.861449][T16863] ims_pcu 2-1:0.41: probe with driver ims_pcu failed with error -22
[ 1046.053796][T18620] FAULT_INJECTION: forcing a failure.
[ 1046.053796][T18620] name failslab, interval 1, probability 0, space 0, times 0
[ 1046.106882][T18620] CPU: 0 UID: 0 PID: 18620 Comm: syz.3.3321 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1046.106908][T18620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1046.106918][T18620] Call Trace:
[ 1046.106925][T18620]  <TASK>
[ 1046.106933][T18620]  dump_stack_lvl+0x189/0x250
[ 1046.106962][T18620]  ? __pfx____ratelimit+0x10/0x10
[ 1046.106990][T18620]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1046.107016][T18620]  ? __pfx__printk+0x10/0x10
[ 1046.107037][T18620]  ? __pfx___might_resched+0x10/0x10
[ 1046.107061][T18620]  ? fs_reclaim_acquire+0x7d/0x100
[ 1046.107085][T18620]  should_fail_ex+0x414/0x560
[ 1046.107109][T18620]  should_failslab+0xa8/0x100
[ 1046.107128][T18620]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1046.107154][T18620]  ? audit_log_start+0x126/0x870
[ 1046.107174][T18620]  audit_log_start+0x126/0x870
[ 1046.107195][T18620]  ? __pfx_audit_log_start+0x10/0x10
[ 1046.107227][T18620]  ? migrate_enable+0x29c/0x3c0
[ 1046.107246][T18620]  ? percpu_ref_put+0x1e/0x230
[ 1046.107263][T18620]  ? __pfx_migrate_enable+0x10/0x10
[ 1046.107283][T18620]  audit_seccomp+0x64/0x190
[ 1046.107296][T18620]  ? clear_bhb_loop+0x60/0xb0
[ 1046.107313][T18620]  ? clear_bhb_loop+0xe/0xb0
[ 1046.107334][T18620]  __seccomp_filter+0x9aa/0x1a40
[ 1046.107366][T18620]  ? __pfx_do_io_getevents+0x10/0x10
[ 1046.107386][T18620]  ? __pfx___seccomp_filter+0x10/0x10
[ 1046.107411][T18620]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1046.107428][T18620]  ? _copy_from_user+0x94/0xb0
[ 1046.107445][T18620]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1046.107466][T18620]  ? __fget_files+0x3a0/0x420
[ 1046.107498][T18620]  ? __secure_computing+0xe2/0x2a0
[ 1046.107525][T18620]  syscall_trace_enter+0xaa/0x160
[ 1046.107550][T18620]  do_syscall_64+0xd3/0x3b0
[ 1046.107563][T18620]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1046.107595][T18620]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.107611][T18620]  ? clear_bhb_loop+0x60/0xb0
[ 1046.107630][T18620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.107645][T18620] RIP: 0033:0x7f28af78d33c
[ 1046.107673][T18620] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1046.107686][T18620] RSP: 002b:00007f28b0543030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1046.107703][T18620] RAX: ffffffffffffffda RBX: 00007f28af9b5fa0 RCX: 00007f28af78d33c
[ 1046.107715][T18620] RDX: 000000000000000f RSI: 00007f28b05430a0 RDI: 0000000000000004
[ 1046.107725][T18620] RBP: 00007f28b0543090 R08: 0000000000000000 R09: 0000000000000000
[ 1046.107734][T18620] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[ 1046.107745][T18620] R13: 0000000000000000 R14: 00007f28af9b5fa0 R15: 00007f28afadfa28
[ 1046.107767][T18620]  </TASK>
[ 1046.383561][ T5900] usbtouchscreen 4-1:0.214: Failed to read FW rev: -71
[ 1046.390702][ T5900] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -71
[ 1046.432591][ T5900] usb 4-1: USB disconnect, device number 33
[ 1046.607758][T18634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1046.667155][T18634] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1047.144507][T18642] netlink: 'syz.0.3325': attribute type 30 has an invalid length.
[ 1047.686744][ T5900] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1047.750171][T18647] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3327'.
[ 1047.836769][ T5900] usb 4-1: Using ep0 maxpacket: 32
[ 1047.858770][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7
[ 1047.912060][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[ 1047.961072][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1047.993237][ T5900] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 1048.020551][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1048.064704][ T5900] usb 4-1: Product: syz
[ 1048.084816][ T5900] usb 4-1: Manufacturer: syz
[ 1048.110369][ T5900] usb 4-1: SerialNumber: syz
[ 1048.139820][ T5900] usb 4-1: config 0 descriptor??
[ 1048.205837][T18650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3328'.
[ 1048.245085][T18650] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3328'.
[ 1048.261562][ T5900] usb 2-1: USB disconnect, device number 5
[ 1048.317225][T18650] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3328'.
[ 1048.348555][T18650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3328'.
[ 1048.405486][T15870] usb 4-1: USB disconnect, device number 34
[ 1048.735639][T18658] team0: Device gtp0 is of different type
[ 1049.121273][T18672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3334'.
[ 1049.259787][T18679] FAULT_INJECTION: forcing a failure.
[ 1049.259787][T18679] name failslab, interval 1, probability 0, space 0, times 0
[ 1049.274965][T18679] CPU: 0 UID: 0 PID: 18679 Comm: syz.0.3337 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1049.274997][T18679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1049.275011][T18679] Call Trace:
[ 1049.275020][T18679]  <TASK>
[ 1049.275030][T18679]  dump_stack_lvl+0x189/0x250
[ 1049.275070][T18679]  ? __pfx____ratelimit+0x10/0x10
[ 1049.275102][T18679]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1049.275136][T18679]  ? __pfx__printk+0x10/0x10
[ 1049.275164][T18679]  ? __pfx___might_resched+0x10/0x10
[ 1049.275199][T18679]  ? fs_reclaim_acquire+0x7d/0x100
[ 1049.275231][T18679]  should_fail_ex+0x414/0x560
[ 1049.275264][T18679]  should_failslab+0xa8/0x100
[ 1049.275291][T18679]  __kmalloc_noprof+0xcb/0x4f0
[ 1049.275312][T18679]  ? tomoyo_encode+0x28b/0x550
[ 1049.275349][T18679]  tomoyo_encode+0x28b/0x550
[ 1049.275396][T18679]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1049.275440][T18679]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1049.275467][T18679]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1049.275496][T18679]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1049.275542][T18679]  ? __lock_acquire+0xab9/0xd20
[ 1049.275595][T18679]  ? __fget_files+0x2a/0x420
[ 1049.275624][T18679]  ? __fget_files+0x2a/0x420
[ 1049.275648][T18679]  ? __fget_files+0x3a0/0x420
[ 1049.275671][T18679]  ? __fget_files+0x2a/0x420
[ 1049.275700][T18679]  security_file_ioctl+0xcb/0x2d0
[ 1049.275726][T18679]  __se_sys_ioctl+0x47/0x170
[ 1049.275760][T18679]  do_syscall_64+0xfa/0x3b0
[ 1049.275779][T18679]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1049.275812][T18679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1049.275834][T18679]  ? clear_bhb_loop+0x60/0xb0
[ 1049.275862][T18679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1049.275885][T18679] RIP: 0033:0x7f0bdc98e929
[ 1049.275905][T18679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1049.275949][T18679] RSP: 002b:00007f0bdd89d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1049.275973][T18679] RAX: ffffffffffffffda RBX: 00007f0bdcbb5fa0 RCX: 00007f0bdc98e929
[ 1049.275989][T18679] RDX: 0000200000000400 RSI: 00000000c0cc5615 RDI: 0000000000000003
[ 1049.276004][T18679] RBP: 00007f0bdd89d090 R08: 0000000000000000 R09: 0000000000000000
[ 1049.276018][T18679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1049.276032][T18679] R13: 0000000000000000 R14: 00007f0bdcbb5fa0 R15: 00007f0bdccdfa28
[ 1049.276065][T18679]  </TASK>
[ 1049.276432][T18679] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1050.457017][T11688] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1050.639060][T11688] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1050.678639][T11688] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1050.693309][T11688] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1050.735122][T11688] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1050.772457][T18697] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1050.811391][T11688] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1051.151132][T11688] usb 3-1: USB disconnect, device number 7
[ 1051.637498][T11688] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1051.676864][T15870] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[ 1051.796736][T11688] usb 3-1: Using ep0 maxpacket: 8
[ 1051.806507][T11688] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1051.823560][T11688] usb 3-1: config 0 has no interfaces?
[ 1051.829919][T11688] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1051.840242][T11688] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1051.848741][T15870] usb 1-1: Using ep0 maxpacket: 16
[ 1051.859356][T11688] usb 3-1: config 0 descriptor??
[ 1051.859874][T15870] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[ 1051.885232][T15870] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1051.903773][T15870] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1051.914158][T15870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1051.936280][T15870] usb 1-1: Product: syz
[ 1051.940967][T15870] usb 1-1: Manufacturer: syz
[ 1051.950671][T15870] usb 1-1: SerialNumber: syz
[ 1051.989266][   T30] kauditd_printk_skb: 74 callbacks suppressed
[ 1051.989286][   T30] audit: type=1326 audit(1750590473.504:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1052.034628][   T30] audit: type=1326 audit(1750590473.534:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28af78e929 code=0x7ffc0000
[ 1052.059858][   T30] audit: type=1326 audit(1750590473.534:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f28af78d290 code=0x7ffc0000
[ 1052.083346][   T30] audit: type=1326 audit(1750590473.534:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.117306][   T30] audit: type=1326 audit(1750590473.534:3281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.145896][   T30] audit: type=1326 audit(1750590473.544:3282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.176314][   T30] audit: type=1326 audit(1750590473.544:3283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.205490][   T30] audit: type=1326 audit(1750590473.654:3284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.294604][   T30] audit: type=1326 audit(1750590473.754:3285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.320509][T11688] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1052.355402][   T30] audit: type=1326 audit(1750590473.844:3286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18733 comm="syz.3.3356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28af78e52b code=0x7ffc0000
[ 1052.402551][T15870] usb 1-1: 0:2 : does not exist
[ 1052.425008][T15870] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[ 1052.480412][T11688] usb 4-1: Using ep0 maxpacket: 16
[ 1052.485011][T15870] usb 1-1: USB disconnect, device number 107
[ 1052.501859][T11688] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[ 1052.520664][T11688] usb 4-1: config 0 has no interface number 0
[ 1052.540373][T11688] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1052.572922][T16210] udevd[16210]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1052.604777][T11688] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1052.615392][T11688] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[ 1052.631900][T11688] usb 4-1: Manufacturer: syz
[ 1052.642614][ T5907] usb 3-1: USB disconnect, device number 8
[ 1052.691752][T11688] usb 4-1: SerialNumber: syz
[ 1052.701659][T11688] usb 4-1: config 0 descriptor??
[ 1052.806857][ T5900] usb 5-1: new high-speed USB device number 115 using dummy_hcd
[ 1052.990170][ T5900] usb 5-1: Using ep0 maxpacket: 8
[ 1053.001950][ T5900] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[ 1053.037106][T18745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1053.053231][ T5900] usb 5-1: config 0 has an invalid interface number: 21 but max is 0
[ 1053.088510][ T5900] usb 5-1: config 0 has no interface number 0
[ 1053.095224][T18745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1053.125371][ T5900] usb 5-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1053.182454][ T5900] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1053.195576][ T5900] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1053.208488][ T5900] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 1053.224602][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.243621][T18749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3360'.
[ 1053.247873][ T5900] usb 5-1: config 0 descriptor??
[ 1053.288956][T18740] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1053.336835][T11688] usbtouchscreen 4-1:0.214: Failed to read FW rev: -71
[ 1053.347765][T11688] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -71
[ 1053.359358][T12337] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1053.404489][T11688] usb 4-1: USB disconnect, device number 35
[ 1053.516901][ T7448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1053.524782][ T7448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1053.535269][T18740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1053.550963][T12337] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1053.583300][T18740] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1053.598090][T12337] usb 2-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 1053.631385][T12337] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.673604][T12337] usb 2-1: config 0 descriptor??
[ 1053.706419][T12337] smsusb:smsusb_probe: board id=8, interface number 0
[ 1053.722488][T12337] smsusb:smsusb_probe: Device initialized with return code -19
[ 1053.767152][T17156] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[ 1053.813500][ T5900] usb 5-1: USB disconnect, device number 115
[ 1053.873684][T18757] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3362'.
[ 1053.952887][T17156] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[ 1054.085448][T17156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1054.141982][T17156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1054.199183][T17156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1054.226851][T17156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1054.283157][ T7450] ------------[ cut here ]------------
[ 1054.289298][ T7450] WARNING: CPU: 0 PID: 7450 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3ca/0x440
[ 1054.299248][ T7450] Modules linked in:
[ 1054.303663][ T7450] CPU: 0 UID: 0 PID: 7450 Comm: kworker/u8:19 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1054.316099][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1054.326366][ T7450] Workqueue: cfg80211 cfg80211_event_work
[ 1054.332450][ T7450] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[ 1054.338899][ T7450] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 42 f8 f9 f6 90 0f 0b 90 eb bd e8 37 f8 f9 f6 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 27 f8 f9 f6 90 0f 0b 90 e9 de fd
[ 1054.359211][ T7450] RSP: 0018:ffffc900048cf8e0 EFLAGS: 00010293
[ 1054.365359][ T7450] RAX: ffffffff8ac66449 RBX: dffffc0000000000 RCX: ffff888078f4da00
[ 1054.373861][ T7450] RDX: 0000000000000000 RSI: ffffffff8d981f7e RDI: ffffffff8be28ac0
[ 1054.382046][ T7450] RBP: ffffc900048cf9b8 R08: ffffffff8fa108f7 R09: 1ffffffff1f4211e
[ 1054.390282][ T7450] R10: dffffc0000000000 R11: fffffbfff1f4211f R12: ffff888067414d90
[ 1054.398408][ T7450] R13: 1ffff92000919f24 R14: ffff88807e943338 R15: 0000000000000006
[ 1054.406416][ T7450] FS:  0000000000000000(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
[ 1054.415456][ T7450] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1054.422172][ T7450] CR2: 00002000002e9030 CR3: 0000000074f7c000 CR4: 00000000003526f0
[ 1054.430236][ T7450] DR0: 0000000000000000 DR1: 0000000000000099 DR2: 0000000000000000
[ 1054.438327][ T7450] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1054.446351][ T7450] Call Trace:
[ 1054.449756][ T7450]  <TASK>
[ 1054.452707][ T7450]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1054.458011][ T7450]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[ 1054.464401][ T7450]  ? cfg80211_event_work+0x24/0x60
[ 1054.469879][ T7450]  ? __pfx___mutex_lock+0x10/0x10
[ 1054.474938][ T7450]  cfg80211_process_wdev_events+0x38a/0x4f0
[ 1054.480928][ T7450]  cfg80211_process_rdev_events+0xa1/0x110
[ 1054.486811][ T7450]  cfg80211_event_work+0x2c/0x60
[ 1054.491794][ T7450]  ? process_scheduled_works+0x9ef/0x17b0
[ 1054.497594][ T7450]  process_scheduled_works+0xae1/0x17b0
[ 1054.503195][ T7450]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1054.509344][ T7450]  worker_thread+0x8a0/0xda0
[ 1054.513998][ T7450]  kthread+0x70e/0x8a0
[ 1054.518190][ T7450]  ? __pfx_worker_thread+0x10/0x10
[ 1054.523381][ T7450]  ? __pfx_kthread+0x10/0x10
[ 1054.528066][ T7450]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1054.533327][ T7450]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1054.538660][ T7450]  ? __pfx_kthread+0x10/0x10
[ 1054.543284][ T7450]  ret_from_fork+0x3f9/0x770
[ 1054.547935][ T7450]  ? __pfx_ret_from_fork+0x10/0x10
[ 1054.553077][ T7450]  ? __switch_to_asm+0x39/0x70
[ 1054.557928][ T7450]  ? __switch_to_asm+0x33/0x70
[ 1054.563103][ T7450]  ? __pfx_kthread+0x10/0x10
[ 1054.568171][ T7450]  ret_from_fork_asm+0x1a/0x30
[ 1054.572990][ T7450]  </TASK>
[ 1054.576039][ T7450] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1054.583335][ T7450] CPU: 0 UID: 0 PID: 7450 Comm: kworker/u8:19 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[ 1054.595615][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1054.605710][ T7450] Workqueue: cfg80211 cfg80211_event_work
[ 1054.611564][ T7450] Call Trace:
[ 1054.614864][ T7450]  <TASK>
[ 1054.617842][ T7450]  dump_stack_lvl+0x99/0x250
[ 1054.622460][ T7450]  ? __asan_memcpy+0x40/0x70
[ 1054.627105][ T7450]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1054.632341][ T7450]  ? __pfx__printk+0x10/0x10
[ 1054.636960][ T7450]  panic+0x2db/0x790
[ 1054.640884][ T7450]  ? __pfx_panic+0x10/0x10
[ 1054.645317][ T7450]  ? show_trace_log_lvl+0x4fb/0x550
[ 1054.650551][ T7450]  ? ret_from_fork_asm+0x1a/0x30
[ 1054.655510][ T7450]  __warn+0x31b/0x4b0
[ 1054.659539][ T7450]  ? __cfg80211_ibss_joined+0x3ca/0x440
[ 1054.665140][ T7450]  ? __cfg80211_ibss_joined+0x3ca/0x440
[ 1054.670741][ T7450]  report_bug+0x2be/0x4f0
[ 1054.675097][ T7450]  ? __cfg80211_ibss_joined+0x3ca/0x440
[ 1054.680670][ T7450]  ? __cfg80211_ibss_joined+0x3ca/0x440
[ 1054.686254][ T7450]  ? __cfg80211_ibss_joined+0x3cc/0x440
[ 1054.691825][ T7450]  handle_bug+0x84/0x160
[ 1054.696086][ T7450]  exc_invalid_op+0x1a/0x50
[ 1054.700603][ T7450]  asm_exc_invalid_op+0x1a/0x20
[ 1054.705489][ T7450] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[ 1054.711679][ T7450] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 42 f8 f9 f6 90 0f 0b 90 eb bd e8 37 f8 f9 f6 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 27 f8 f9 f6 90 0f 0b 90 e9 de fd
[ 1054.731316][ T7450] RSP: 0018:ffffc900048cf8e0 EFLAGS: 00010293
[ 1054.737400][ T7450] RAX: ffffffff8ac66449 RBX: dffffc0000000000 RCX: ffff888078f4da00
[ 1054.745386][ T7450] RDX: 0000000000000000 RSI: ffffffff8d981f7e RDI: ffffffff8be28ac0
[ 1054.753378][ T7450] RBP: ffffc900048cf9b8 R08: ffffffff8fa108f7 R09: 1ffffffff1f4211e
[ 1054.761377][ T7450] R10: dffffc0000000000 R11: fffffbfff1f4211f R12: ffff888067414d90
[ 1054.769395][ T7450] R13: 1ffff92000919f24 R14: ffff88807e943338 R15: 0000000000000006
[ 1054.777404][ T7450]  ? __cfg80211_ibss_joined+0x3c9/0x440
[ 1054.783074][ T7450]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1054.788295][ T7450]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[ 1054.794217][ T7450]  ? cfg80211_event_work+0x24/0x60
[ 1054.799369][ T7450]  ? __pfx___mutex_lock+0x10/0x10
[ 1054.804413][ T7450]  cfg80211_process_wdev_events+0x38a/0x4f0
[ 1054.810340][ T7450]  cfg80211_process_rdev_events+0xa1/0x110
[ 1054.816178][ T7450]  cfg80211_event_work+0x2c/0x60
[ 1054.821133][ T7450]  ? process_scheduled_works+0x9ef/0x17b0
[ 1054.826878][ T7450]  process_scheduled_works+0xae1/0x17b0
[ 1054.832470][ T7450]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1054.838512][ T7450]  worker_thread+0x8a0/0xda0
[ 1054.843141][ T7450]  kthread+0x70e/0x8a0
[ 1054.847251][ T7450]  ? __pfx_worker_thread+0x10/0x10
[ 1054.852377][ T7450]  ? __pfx_kthread+0x10/0x10
[ 1054.856985][ T7450]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1054.862199][ T7450]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1054.867416][ T7450]  ? __pfx_kthread+0x10/0x10
[ 1054.872030][ T7450]  ret_from_fork+0x3f9/0x770
[ 1054.876664][ T7450]  ? __pfx_ret_from_fork+0x10/0x10
[ 1054.881829][ T7450]  ? __switch_to_asm+0x39/0x70
[ 1054.886705][ T7450]  ? __switch_to_asm+0x33/0x70
[ 1054.891506][ T7450]  ? __pfx_kthread+0x10/0x10
[ 1054.896131][ T7450]  ret_from_fork_asm+0x1a/0x30
[ 1054.900925][ T7450]  </TASK>
[ 1054.904301][ T7450] Kernel Offset: disabled
[ 1054.908650][ T7450] Rebooting in 86400 seconds..