last executing test programs:

24m28.888392352s ago: executing program 32 (id=959):
r0 = shmget$private(0x0, 0x800000, 0x54003f00, &(0x7f0000800000/0x800000)=nil)
shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xbbdccba4532b703b)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_open_procfs(0x0, &(0x7f0000000900)='smaps\x00')
pread64(r1, &(0x7f0000000000)=""/190, 0xbe, 0xa0000000000000)

24m0.080402701s ago: executing program 33 (id=1112):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

22m53.425419183s ago: executing program 34 (id=1666):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r0, 0xd)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

21m17.459599102s ago: executing program 35 (id=2393):
socket$inet6(0xa, 0x5, 0x0)
socket$inet6(0xa, 0x5, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xb209, 0x400, 0x1, 0x323}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0xffffffffffffffff, 0x0})
io_uring_enter(r0, 0x47ba, 0x3e82, 0x60, 0x0, 0x0)

12m30.092512065s ago: executing program 6 (id=6193):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffd)

12m29.966466775s ago: executing program 6 (id=6195):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

12m29.745205677s ago: executing program 6 (id=6203):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmmsg$inet6(r0, &(0x7f0000004cc0)=[{{&(0x7f0000000480)={0xa, 0x4e24, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8e}, 0x1c, &(0x7f0000000d80)=[{&(0x7f0000000c40)="ea", 0x1}], 0x1}}], 0x1, 0x40)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e24, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}}, 0x0, 0x1, 0x3bf8580d, 0x0, 0xb3550aa4ba878396, 0x2}, 0x9c)

12m29.566070177s ago: executing program 6 (id=6207):
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000240)=[{0x3, 0x0, 0x1800}, {0x1, 0x800, 0x1800}, {0x1, 0xe65b}], 0x3)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000680))

12m28.628595434s ago: executing program 6 (id=6229):
r0 = syz_io_uring_setup(0x1e20, &(0x7f0000000100)={0x0, 0x86f6, 0x10100, 0x0, 0x3cf}, &(0x7f00000002c0), &(0x7f00000001c0))
mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x3000, 0x3, &(0x7f0000ffb000/0x3000)=nil)
io_uring_register$IORING_REGISTER_PBUF_STATUS(r0, 0x1a, &(0x7f0000000180)={0x1}, 0x1)

12m28.477377908s ago: executing program 6 (id=6232):
io_uring_setup(0xdac, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000041c0)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

12m13.390565648s ago: executing program 36 (id=6232):
io_uring_setup(0xdac, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000041c0)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

9m33.323110992s ago: executing program 4 (id=9095):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
socket$tipc(0x1e, 0x5, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000240)={0x1fff, 0x3, 0x2}, 0x18, 0x0)

9m31.987378778s ago: executing program 4 (id=9111):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="03000000040000000400"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

9m31.888032951s ago: executing program 4 (id=9114):
socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000600)=""/102400, 0x19000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

9m30.879592422s ago: executing program 4 (id=9120):
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2243005, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x180)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
setns(0xffffffffffffffff, 0x24020000)

9m30.756788366s ago: executing program 4 (id=9123):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040)={0x80000008})
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x3b}, 0x1c)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
socket$packet(0x11, 0x3, 0x300)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @private, @private}, &(0x7f0000000180)=0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

9m29.847985227s ago: executing program 4 (id=9131):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004020000", @ANYRES32=0x1, @ANYRESHEX], 0x48)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x7], 0x100000, 0x240046})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9m29.386449806s ago: executing program 37 (id=9131):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004020000", @ANYRES32=0x1, @ANYRESHEX], 0x48)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x7], 0x100000, 0x240046})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m24.458684751s ago: executing program 0 (id=9407):
socket(0x2, 0x3, 0xff)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
read$FUSE(r1, &(0x7f0000001f80)={0x2020}, 0x2020)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r2)
sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYBLOB], 0x11c}, 0x1, 0x0, 0x0, 0x4044000}, 0x4084)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001400030500008000ffdbdf2502075bff", @ANYRES32=r6, @ANYBLOB="080002007f00000108000400ac"], 0x3c}, 0x1, 0x0, 0x0, 0xc090}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})

8m23.475940147s ago: executing program 0 (id=9416):
r0 = syz_io_uring_setup(0x23a, &(0x7f0000000480)={0x0, 0xa101, 0x0, 0x0, 0x2cf}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000002280)=0xfffffffc, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r6, 0x0, &(0x7f0000000240), 0x0, 0x4000100, 0x1})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

8m21.602297003s ago: executing program 0 (id=9419):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0xffff, 0x3fd, 0x0, 0xb2, 0x0, 0x2}, 0x9c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000480), 0x0)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)

8m19.909604907s ago: executing program 0 (id=9423):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x0, 0xdd9f83, 0x1, 0x670, 0xf3, 0x2, 0x8, 0x722, 0x6, 0x7, 0x7f, 0x27, 0x17, {0x0, 0x6fd8e84b}, 0x3, 0xed}})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setuid(0xee00)

8m18.600292888s ago: executing program 0 (id=9426):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, &(0x7f0000002280))
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
unshare(0x62040200)
syz_usb_connect(0x6, 0x22, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff})
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)

8m5.30400308s ago: executing program 0 (id=9467):
clock_adjtime(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x88031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a60a00000000000061118000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)

8m4.682734857s ago: executing program 38 (id=9467):
clock_adjtime(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x88031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a60a00000000000061118000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)

5m18.562382282s ago: executing program 1 (id=10379):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
kexec_load(0x3e00, 0x0, 0x0, 0x0)

5m18.360418594s ago: executing program 1 (id=10384):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1})

5m18.067533389s ago: executing program 1 (id=10389):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001800010000000000fedbdf2502000000fc01c80900270000060015000200000014001680100008800c00018004", @ANYRES16, @ANYRES16, @ANYBLOB], 0x38}}, 0x20000000)

5m16.873975391s ago: executing program 1 (id=10395):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_vs_stats\x00')
ftruncate(r0, 0x80000000)

5m15.876670891s ago: executing program 1 (id=10397):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x35a71, 0x51a67}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_PEER_NOTIF_DELAY={0x8, 0x1c, 0x118}, @IFLA_BOND_MODE={0x5, 0x1, 0x5}, @IFLA_BOND_DOWNDELAY={0x8, 0x5, 0x1}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48051}, 0x20008040)

5m15.543599254s ago: executing program 1 (id=10404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000041c0)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

5m0.287457213s ago: executing program 39 (id=10404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000041c0)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

2m33.635157545s ago: executing program 9 (id=12270):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r1, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x97, 0x8, 0x0, 0x0}}, 0x10)

2m33.289335858s ago: executing program 9 (id=12274):
unshare(0x26020480)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6(0xa, 0x3, 0x8)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000080)=0x8000000a, 0x4)

2m33.045104696s ago: executing program 9 (id=12278):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000280)={r1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10)

2m32.794628089s ago: executing program 9 (id=12283):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a00000008241c00102e07000915810300020000000904010000020d00000904010102020d0000090582"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

2m30.540349245s ago: executing program 9 (id=12304):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x4c4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)

2m30.406480993s ago: executing program 9 (id=12308):
r0 = fsopen(&(0x7f0000000000)='nfsd\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x86)
fchdir(r1)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x511001, 0x488)

2m16.008785652s ago: executing program 40 (id=12308):
r0 = fsopen(&(0x7f0000000000)='nfsd\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x86)
fchdir(r1)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x511001, 0x488)

50.438887389s ago: executing program 8 (id=13150):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000000002}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffebe}, 0x90)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

49.336191027s ago: executing program 8 (id=13160):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x2, 0x1}, 0x20)

47.065583887s ago: executing program 8 (id=13166):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x181083)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x8000280)
syz_clone(0x1240100, 0x0, 0x0, 0x0, 0x0, 0x0)

46.568213306s ago: executing program 7 (id=13168):
prlimit64(0x0, 0x17, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)

42.904593175s ago: executing program 7 (id=13180):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000404000000002e"], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000400", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0200000001"], 0x48)

41.326851527s ago: executing program 7 (id=13181):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0x3, 0x8169, 0x106, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000280)={0xe7d, 0x3ff, 0x2})
r4 = syz_open_dev$dri(0x0, 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r2, 0xc00464b4, &(0x7f0000000400)={r3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
fcntl$dupfd(0xffffffffffffffff, 0x406, r4)
close_range(r0, 0xffffffffffffffff, 0x0)

41.272675275s ago: executing program 8 (id=13182):
r0 = socket$inet(0x2, 0x5, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_int(r0, 0x1, 0x2e, 0x0, 0x0)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

40.960409757s ago: executing program 8 (id=13183):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000035ffaa20cd0caf104a380102030109021b0001000010000904590201801e2a00090582"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000640)={0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000440)={0x34, &(0x7f00000001c0)={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000240)={0x20, 0x15}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

40.618934892s ago: executing program 7 (id=13186):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
listen(r0, 0x0)
close(0xffffffffffffffff)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x0, 0x80, 0x0, 0x8a}, 0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0x3b1}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x300)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

39.621240513s ago: executing program 8 (id=13188):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, 0x0, &(0x7f0000000300))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
memfd_create(0x0, 0x3)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x1f}, 0x71})
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x2000400}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x176}}], 0x400000000000172, 0x4000000)

38.913381122s ago: executing program 7 (id=13190):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r4, 0x5760, 0x5e)

35.396333941s ago: executing program 7 (id=13192):
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$rds(0x15, 0x5, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vimc0(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)

25.196829927s ago: executing program 41 (id=13188):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, 0x0, &(0x7f0000000300))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
memfd_create(0x0, 0x3)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x1f}, 0x71})
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x2000400}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x176}}], 0x400000000000172, 0x4000000)

20.7593143s ago: executing program 42 (id=13192):
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$rds(0x15, 0x5, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vimc0(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)

11.903058995s ago: executing program 3 (id=13257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$XFS_IOC_GETBMAPA(r2, 0xc020582c, &(0x7f0000000040)={0x3991, 0x8, 0x4, 0x8, 0xe95})
r3 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

10.45408402s ago: executing program 3 (id=13269):
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xbd84, 0x0, 0x1, 0x101}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000640)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x22d2, 0x20, 0x0, 0x0, 0x0)

9.346320808s ago: executing program 3 (id=13273):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
pipe2(&(0x7f0000000340), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYRES64, @ANYRESOCT=r2], 0x44}}, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.991017704s ago: executing program 3 (id=13276):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000540), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000280)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x6, 0x8, 0x101})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000240)={0x7, 0x1fd, 0x101c3c})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000340)={0x8, 0x5, 0x6})
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000000)={0x8, 0x2, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
close_range(r0, 0xffffffffffffffff, 0x0)

6.925117308s ago: executing program 3 (id=13279):
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000010c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0xffffffde, 0x3000400c, 0x0, 0xfffe, 0x2, 0xfffffffe, 0x0, 0x0, 0x100, 0x100}}, 0x50)
r2 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r5 = syz_io_uring_setup(0x3b3, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffc, 0x24d}, &(0x7f00000006c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r5, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

5.359757843s ago: executing program 2 (id=13285):
openat$kvm(0xffffffffffffff9c, 0x0, 0x24302, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = getpid()
syz_usb_connect$hid(0x3, 0x36, 0x0, 0x0)
r1 = gettid()
timer_create(0x8, &(0x7f00000000c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0xffff, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
kcmp(r0, r0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)

4.703931998s ago: executing program 2 (id=13291):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x12, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b921, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xa}, {0x6, 0xb}, {0x9, 0xa}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}}, 0x44000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4.207559844s ago: executing program 2 (id=13296):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x88}}, 0x28014014)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000003b80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d30"], 0x5c}, 0x1, 0x0, 0x0, 0x24004000}, 0x0)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000240)={&(0x7f0000000180)="484a1e9f0a296a1edda568735b175adba4a3682cabf4e8373bb7e7daf0dce87850ec769df0796230b08ed89fce6abe202dec401a3a8e7b87d7eaa3fda0984550f74589859ef7a5f516a584fa15cfcb2e45c1bb2c33905d9b03fec894fdb285c03c99a80e1e8f4a0401b76c6328", 0x0, 0x0, 0x0, 0x1}, 0x38)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000029000000370000006700000000000000140000000700000000000000340000000200000000000000180000000000000029000000360000005e000000000000041a35fd7974c34c4e5a4d46286329044b92da3d6332dfd86f9e5b82736d2d194f853a0495"], 0x48}, 0x800)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

3.912336591s ago: executing program 2 (id=13300):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1, 0x0, 0x0, 0x6000}, 0x20)

2.702767343s ago: executing program 2 (id=13303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r4 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, 0x0, 0x5)
write$cgroup_subtree(r4, &(0x7f0000000040)={[{0x2b, 'cpu'}]}, 0x5)
fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)

2.524834623s ago: executing program 3 (id=13305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc}, 0x50)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x1, r0}, 0x38)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x18, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}]}, 0x18}}, 0xc000)
sendmsg(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a5ce411744d4e3ae79c5374eb3bdc7564d840b7d870c0da80f54b31a033a88be722054380d9761c", 0x3a}, {&(0x7f00000006c0)}, {&(0x7f0000001400)="9e74720b4949dd14b726badb57f016c3874d42340685e5af37d9d352ac739667546ab1897ec0f2fca33e402e62684d6f1f7bd3b281c17ff2b9575e88ed0264d35a6a10a5635b3b95fdd129d8a7f19bfc456f92098237f0e6fadce260d131a520b26d86390dbb99fcfbb9c5716a8134f0e1df76c45f10c57c8c658c3b76a7f84ff9d6d0964edecac3bc88d2b73051513a74ac758e7bb09e11f4cf999a486c5a8c34406d79ce51b790ac546521582bc2a9ad6167d7c5b9edd962d693e080a314bd31180ff59d7ec6b77bd6036817ab9e6f175736046c9f1d0997b9902c1a1201a446bf707bd2af47ec19dc8c97dfa73e532cada9a36f3bee55f1008ead64c640830d5eb5f047ad731713100ee3aa8d7c1fb0619c254d98ac0267df6e1dd3838cb31020af60b073376c1a08800fdf3d35720041f2aa74795ed3dbdb87631bfaddbb2da8f08fcde8d868070fbe7776073fe53b582e60b2bc1a84ba46c13227852dc9a65944e9186b7278973a36d17afa6181a2cc7539b32bfb64baceffbe3fd05efc088099d1ac62d2d5b062ecb3dc9dfdae20400a0ac09418013f02eeb3407e816534b4179810e59b4382cc59b86171586b1790257fed1b9ff27748a7d90d9407380e85a21faf357ac75a5821c581b34ca0a5531d527676f4e377f056a6dd574c7ac05d16fed626083bd8206ed32289bf5d94c3ba54f9c611ba2bbfc0cc66c0aee6bd32af449860a3969680bed537c3afe4128aa9984db297894bd01b69b1ffff4c86abdb946349deb1ee92013afd9d08d933431e41dd86648bd57965e6d9452542bd09411954ea4b0c27fe46203c8fcd8a1dc462d95003420f170bed4f4353ffde59ad6378aa90d1d2aa752218233d49b416e98d4a6ffd1baa526a8ce3451162b5eb5355f3faa6289ea2fbfd61278d407e77dc321b922c548c2d0eebd9b64071581830e66d65fb2a16d268db95a4db7bc7d4c7bd9ad000cb9520642c2bea06910ad99eca323b86189aab3db9125b4285e818854a012f74b2062de694986c7a03457775e96b30403ab06c4aa786f82e92c02635ec91ae7437fc0b71bbb73f7d15f39e023c88a5b156bd0f91e119f729695c48250975fe853a056c2a603f794b80e0fc22804616136912604e3833154f6f16a4bdaf48338152756a7fbf1b4cff414e98a4bff1f024727e676210448d189952ef67acb055433f3d0cb5abaae77c12dbe9d3b4a986c31b562025ef97dcc073b03ff6d3b010569238b11892f59caff159d4c54a3ebda66936b2d37a6c207a8362f7defeca6d5879037a2a5f195c04486d27686bff036b955c9beb8561e1f625acb04791992a8080e45c939a021bd2a4212018b0d605437962cf5736a7264b8734d74ed87e5e36ebd369aafbf9e2ba3f8d69b156f763024a6268199a70356a2824868180a9ff494179b35afde7047a94c7753dcefd7649b8b9c8642a1c2998e82d83c4812aa445a3ce06b76befadfe6278e1ea44b9ab784d945e8df0e2f3c6ec25341975f6bc0af7e102b6f5168b62c92f74babb856e3bbd2a96d952e1a40c5dd61252f8b9b701df9e3d272e77043cff57849fac4511f8d9d6bdcb8be26d96612565926b025c1d4d66263c8fa097dc0dfa5b1b8a36f9ef0881cbb3538f93a488259df30727c422313faf17ba54b246bd416b38f853b4b965a101c04a9ba8298f66318a41bc03467bac68893bc9b5e1d47f5913bf3b29fb522a597facbd406486bb0bae631fd321eecccc5c3a7bb8880073882c42d22487d58ece660c23862239b7699ccde923b88f777053f351b1a6c241546cefe6a52a6013e18ef0a2c37f41688e33d79efe41dfd81df58f1423baa3c1cc4ef7bcb1bde04e0bc0c9c63233e77afd2ceb742e5e7e7a7af2265c5cf70c639b1d84a637f7bb632baa3cee451e23f065614c6afaa637c89c5191925ebafffcd84fdb9e6a0ebfee2f1f4026a16e98477c8e15aacb4bfe45011e0a052eee775d48e6d88216c52fadb55f6fa4ef07f3b1b70b63beb74c6473008bcfa08fd4f320c95de4f74c37a098a1c05c486c4b98ada818e94d96f4f67257ad6a3218ba047839e634c8801e9c9bd157211889299114752cc3cf92bc340443eb74486d32be5b8055ed20c53d58a0a047c85bf63ceaf75286f6af2b9e8a50b82d7f6828cf90611fd59cd155b8152b63f6b5d447d6527288e5051966250ebda77c910b7468a162813f09dde277a4ae30539db55fabee7a10a4cc55f39c9049f907baac8171c0502c54234f7679c1e79415635cc6851b92e51cc784f078706ebe29924169d9e5982d335ec2b4b35f002cc66eba2b47e883c05a7980e30dddc6a59a0fee2403e77a31c147c12319e05cd3f101fecb1a14ab77bddd958d0da63263aa75fb07b936686c7391d1f97576fb4d526d73acecab0573c2179cf92bd5dec0d03861846ca31d4c555efa4670cab43de38fd8c979e06a0ba5e990e5cd84c3d760f8b8f59623ed2f0063bdbe9b3d00b7967b08edf6575c4f887db243f77d07b85a9b7aa2b37d562f4adaab6891408c1003c82891b736c2eb61919f17d0657eb49fbf6bb51c56ac8547212f15b950683c533ad170fb23ac11e55eddffd044710a6bcf563e601e77a75277f1dcc92a5fb0052b41cebb282aecf93d460706f1323b8766140389c66ffed5026daf508c52fcaecb55c1aa4273cb05d25d04938c7df6bcda9174cf08b4d2b7172a3dc45ce9866e6141210c7ee5a61d35751fa2945a4ff94e5df5d77eb0c9fc63148c4871d2dca098bb192aa99ccab8dd8b78313d124cdfe5cc2eabe884554f6081abb91904fe01f6d9d01cb320ab62002a4644b5ccd248e8bec740d72851e328ff55157b39234705e8bfe947daf892be1a09230f3d8b86360adce01621ba347fc9e9e4901fc815a208c63a60266f1998709f5f03983a7b35e0e2963070a91f2912beb46c36d6d5b748944630ccd84917b3eb4abd9353b19ca8042f57a401fe05241b5771e4b8d3c7c592295771fe9e02a2906719e38d306e53105f1c48ff88cb93ff1d315428f15baeeb56fb4f5504ef6993bd0d33ce8dba40be620dc4b2d5e3b5d5a941bcd194723a3c634a19599e0d0bc7ce0d55f1411ae3b2e25caa39c96cacefe08a2870b25615e3106a64cc9181548cfcb62ffc6fe10294fec2d7d0297b913fd7326ad8bb991113172fa8dececf448f887fbf9f0def1bddb796e5e1f323234326a089bed346b3d8dcec4ee52e78b50dfc48dee499420ca1f652b34d8a64b890801e5c90f8fae2f688e68ae3d1d079f4bfc350ef007626746958ad7bcd13dee16913407bc953ff5ac3013b1592b00fdf43784497ce8eaddfb7345fcd3b07d64e284a7529cfb9899e5b8ca62c7eb1491b985f2a3f544d6978107f87bcd8496a34d0f429e65558000b472108a99028e263649be5f3e75c10ca4102819776330423e3264a87095f2b3be20e1ea911b2e285191a4c27a0eab19a5bdbf26bd08fead4f22ebe5b1c82e99edb0c49a4770f74b2e012c5b0d6c6599eaa7f6939cffe30a4184fb3dec8c5a2acd6718edda3867f25cb552926b34c0ee01ccc0160f6f90d08eb72062d014e11285b9c3d02176942c6d881ef830c313b8b578cb54a494205fe7ecf257f7d545c374b931c6c2b15dceacd926b3b76c5298edf0c3bd943537c320ec4c151e6d94743288a030f7cf759229736e68963871b3f31eb521f3e9106255a7c9b8b9db64e9627922df28b5610fa5d66d6fc5fd9966ab57c46daac489b2dabb7273fe15c14a4d837efa05449e8ca37682ea41c363b963cb7ca27d3a2e697d09b71bbab30f157fb0edbcaaf291e4ee0777afb24b1645b9286101daf36cd3af7fed31fee657ddaf2cdd9906d732051eed5bbeec96f9348ba230bd26f0a0f91e3353ab70c85b1af9af9d56d283992eeb24c1e4199088305ba9b2463c0585b28678726bd99ee89722a3525a06d01c0dc1641634748e401f38506d5066ec458235001f1a1d921154cf5bb5946cb9dcf02b5adcb94607fe95af9226346e7bd55b41d376b27d587d840be88eb0aa988e205b1cd63ce4102b7feda0d6bf632a03b80c320f4bacf1660f72c7fd18098f39e026d396135ceaa5844e8dae0b75644e69019baf7cff642d01e503f6017ab253d5af0fca728b608d17dfc86b3bcb4332a52de77e3f8f81b90fe9877cc5cd8e382290f1433404a5810a88c5bdb16d28578479956a049b4ad4fbfe739b38fcef8516699213d276d58de8e5a7989b1dad8a7f04617bb1146c97bda69c2cd9cfa526d742dc92822131d50f2b11b914ba02d5c7614fcd327a1c4446513d9443615a3de7543b3aec7a84a88e54d1ca1f53057d6b30ad49d7fc93282dc00ceab4d16e376383516b1c86732bfbfcc5ef52945fb42e751688c9359032cbfcc870006cc66e22009465e1e74e367f50cc0e8e103b690ce77b8fb641d522a129b1710835f75661301b2a300ec0ba1b883e1ca1ac39df11dd292b8df892ae1a3d705460bcd332fb42385f66d9420d1af2a8b19a36a27584c1eb24e8d02fd4bf907ff952fb30e55c188c4014680145bc2e9ea970beede08dda6aba0d0f698ee373bb94e666de280d6ad6f5200224a18053c2d1360d76926fd1dc1611e8481fcb7c6491addfbc2a2de5975bcd8478260b79134eaa13fe1e93e109f85d45305744b008de64075bf7b3ded8ef7f7d9051fd7ec24f6f36ce3ddd57316d39d2d25257bb226ad0e6950a9c488c5c366ef5c7b3d000ba11b5725755a6d70cdbd4d18e259b9a1cb1e62d8eaf4346faa259cdc09e75bf1ebc05e288f49a73004f80dfd56922a326055e3c492a70fda0044491e46af19711d7e47b898b614f3547d2201579774dd2896b892a0a6ca9e27195e7285dac63b4b2dc922e74ceb8eacccf46c618f381595c22c4d2c091a82808f8fb9fc260773f6c8cfef8e18e27d7fd05de10b8741ba6b2ffe8ce1761708e06f7a4eddd7121b70a4ab54739990a43e4842f36968449c45be8515c417fac4e9172756fef83d7906ce10261581563c6eb5f3d880f82f5e90c284c20bf95343dfcf2c63ad00a7dca4b8c6ed0614938ed7aca529c50610a0b3c5ecbe4977f6b13e40f50bb47ff53bd887e71040f0dc44d60a306a37e400cea89c6dc59aa2249693e0da9d0b94754aec6c4bbf4efef108974ceae0421dc09f2700643c9dd2fd56f7ac4296e3a3afcb2790adb9779c7bad5aca76ccfb467ec4be3462bef0ceccc5bbbbb0e1c124f569066d92fa7af10f5731801d8b325162c6411794ab42f1924aad20af5c626e4f20f79978bc1ba4c215e79ee2bacc973e17f6563e360290cb867e6bdcff998f690cd52ecdf0a9b308cfe7699a5bf2b5dc58273dd8da08961e8712d26913a394f45d40b0e6dd61e2c94851eb15725006f8d3a9badc66e79e465783eec94f9a6ae2c6697ea18d9fb1a4f314d6671b9ae8b9f543119b46c3b483e58efaf7bd2e023423008b2f12bb663958d0c2c1f1c37ac90f19d44a8aef9a65981c1e8c9122c818eb6fe77d5703aa42a96ae6e54fe90c215b8b622bc6fc3c8ce8ff715209b72f41b79293e4411211e9d0f324d2671196ca5dda91e0567d00623e144927f109fb521fe01559d7185e3f998309d4923b7ac5c18869467cefae61ba7cce5d26728d424d87a03f24f5e9219642ba1e06ee8ca0af76da5d0b642b7ec25a30bc2969e5085c963d0ed6ec16831f03a06d34960d6c91a38dc06d97745130e945dc1f", 0xfdb}], 0x3, &(0x7f0000002400)=[{0xc50, 0x1, 0x8, "244df5680b8203b6b985638f2545f2ac042a9aee660edf5459c22ed1ed6026739f79e286a1f42ab62b2270f719c0ea01f4cfde2afa600b46d7d34e10f60c895126a9adf4a9885156ee2178974a935091e8c514514f31db8fcb6395a59a1710c7cff57d7f512eb909c22710e93086e706d2a3e4c1a121465944394844b45ed609c9fabb4edaf37a3df4d37a5ea7e027b1c5b22dd328957ae0b6f90667ae9f43322d694eebddddf7f23f1943855002a99e58c8402393d5a7dfd8d88cd1fcb86fe7aac690f8fcffa5b9dc3fdbb4822e588b7773ff35873a5ea7cc83b006d00e70987f313f1b9ba1b1b93ed3eb0362a138f2fba123982919b7aa914be8ba9c71a8d76f7045daafabfb4a50993005e0686440e9f97cc259b5350c86a0effdea17facf052b6772c96ea5fedb6b9497e591f51bd0e02ac86402d6f3fe7d0e856a69c6e3d49d89ba91e2fe519d5ac2186091766c178f274e81493af54a02f7e0b3e47c0a862bd7af9712e65f74595e8c63c91a45ebd081ad910d95f26192ead1daf401b015eb772f4b91bbacf26157d5d6d626eff439e238a6dd9ebce65fb960ae90ec490d5014589a24d107c8b66a587166ce85e9bffd332defeee0c3333d15ed629874fb3259217911d50a1eec22b3c205b3c2068bdbe9d0145de5536049af47bea81d4cffdc45b277e8c06249510d2d429cb3e606d27f40918bd250818d0a09512ed8a2727c81a38e44366deb7ca5e30556b03305ae54b19cc17f6a543a9d397676d1d18c873c30f02a873c6fe6cb1c21d0ebf78c1bc732ef62cbc92e71d461886c9fa5f04d28dc4c7e3b3ed55fb39603c041d27017322610ac1a16c63c91ed376d9bba0df833d185fff47bad911c26a5918034211a3dbe77663f21a22b4bed8a3cbabfcd5622a1bbc3c015d1890391c5f5f57ff316718f57d7927f41724ee25f274c98a22d8cc1f7348cdd5ff604f4fe21d50f21a1638a75b39c6a5e5c0470812e9e7a663f4f61e6f8b008d31c6e9bd4686a17e0f4fb42c06a19436731d612990f7dbdc2d9b6dd4a5152b8cdbef0906e6f6dd07ad305da2d579fb968b000ad7075c91d35f1af5c3783cbeb9306de0cb3f086a0e2950f564b6e1d0ff9bc785d53ed0176c3feaa5356559ebf4508bccc9202ee45d1c20f768f98f60aed75b7da8dba4f1c36a8b668e3a9a19eb431d4759a7b6840c888774194f60f872790fb243fdb2fb1184bc6dd225bfdb447cc1cfa5277569536d051e8069185956aaa7c34217597ab9c93e3ac647542aab63a11dce2a50d9ae996bb2477afc23d2456f36c58a8ca9308aea7548ea875ed4159d2df58cc3edcc0f1afd5fbed7e8fd540a9e97009a801e6d1397670d528f6c8ebbfce8ac7196efb13d05df6d95942f3a5f7629c857e558f0f408cfe6c5d7b9b3c07ac388904b79ffa7f947c0738b1722e6c817cb87cbee4d26d29ac34205523c121677cf55e891a681e9e4a1847ff29a8f440a427ebb9fa040f212b558c0932ad7f7e1115f48c52adcfbfb13ca9fe08f5507a74b04fee211674865f4ffa3f5cfba2fa7640a055efb6e848f4b6f9222bbe3b26a3721ddabc492c0586ca63fb03cc73007bef0e35606cfc629fa1c551eee50593712449e31c730042128ecdf57b35c79d040c6c23c663c5d30e2f3e711c8a9b9949814afee7117207a2b3ee989dd8edf72d997b3baa3ad5b700a8bf3c29d347094df4864bd4f4c234d5ef682b20f2664f7af13ec91c2490b0ddaff7cb2214d84a0a4486e6c51db48c21b6ef2bccf637bd589204716b019f976491ec9eedea1e67d48521a6e42cbc77c808e597a876226ba352c79e5f485ce3dd499f7eb22831a3951b70c5c869c90596fa211a1b9844c8a80e3fccaef546d08c4599f43b08bf198d8ed3b666088b191103f477bcf885bee9e280c9c126f1a2ddff0963ef5da8136f405dd5479e121fccbfa18c290acbee162a13006fcca07773a3da5db87b29c6ee7d66d2340bc053b83d600b5aaab198965f691aa52be98fda0998bb6a330f54575429a3cb7dcca97db0cdf3a2f1003514b1c213875e5306feb23a152898fd2cd25d4b93867018f713fd5d070846cd9981a489bd1b26ddc9c55a84d2d69d2687c5119cda5dffd0f425205aad0533f1bbef18df707d80422c3ce3f41382bf63906622250d2013552d40d97f2ef8bfca77331262e2989401b7644797bad8525f93754b54ad7098bfccb80540686972f7bc6aae896cd999c7bfdef03d14c013fbe14d2664cedbee82453ce9c0353142b5f8a2914572b1e59c072149b467a52979027666a0659c2e509dd6fd542d2410c42509ceca783d663c5c3813becb351d4a6f1602e40d047fedcbcdffad0c0b37f93bdce20ab98003cb718f613b6900aa252648e54d8b311ab249dfd548f5b60d2d8694f8aa1859b3c5c05f76d3f9b2de17a4a8328c7f5db363d9d161ad3de19b99781ce192ac0082d3b798d84f4bed0dd93ebdca87a6301c68ef57934f00089d3a2b943235633e22d3df2364917738a1cd3a3d3a16c682f087e5df2a7b91eb6fb6902ae15dcf48f5ca55d50015a9013fc9176cba5e37d75bc8d6a7cc72b8ad3fa2da84b31570d100499c7cafd1627c41bc0201f0954e8a8e26e876cd1b090af8d053735298d0d07a86e6d72988ad1f50a9897dc4382a9f6d5c651006e15dddc8951d543d0500adf8112de6767b075655b359407a9492e2076bd357592eda6479e6f37e55ce92024b4f791066f4e815ca5187caaf9870c10b1cdc7484d8f86185690f09c8af0fb222bc8f48e83837525f219cc7f2cef1b66bd392800103fc047dcc2dcfbb33fb4bfd2bd67dacbf66b80b6287f682b4c6b8c0d58cf4f9e3a9f69ea56f9e27e52cd21aab42f9f04eba3317f1927fbdd500e10acc508ff158346839d7e2ec004d9d25d5f785971940a329e89c89ee7575e34060ecdd5333071defcfd84abbf5787a5db4248e312b9f4955d3c767ec218e726fa2f46fbcd75dd6966efdac1ae06013cfcdbb62cb6be19ec96d883676995fb9e325a8c7bf5658806de9c8dd9ce0a7d1bea024c1aca7c1baaf3d5b0a68a8eb75996dc5ca3327dee4794d121d08cae66e2ca9c749c4956deeed5f5a341ae324a98185918c63d09c262acbc3f3190f224a555e133e2629eb7e21db87e075a92d4b3d02c0938c9d155c4816842a6b916b0c57f2c80ca53ecd39194eede230b3c9377b39c8f8d62ab9ca9eb2463e69003c34c9833165ed3063e4541bc5ee55ecb2164784648a1741e505c8609e868b29d52fb4a7ca2bc762ea0a127fdd7f14787faa5188afc8e74557213ec261b86a80227566141885b6a27ef42bc90e9615439ba996c5a47c22812ca7e790ff5b992185cc95438118d34e4e967863a93be631a7e20356b29b8d46fccc0d80feb218d368a8aeae7a7dc7d5005abf36013498fb177e2c8776cc8d1f606ef95217e0be7e18bd75e209427a05895b26354f140e9e1870fc52913d17e09f78e7beb3ce86b3b3f424086b68b5eb7dbb76d45441b7523ac1b7b2c423440886c946b7f9dc1e7baadb434f30a70908a46bb2fc70c5a4ff234d13c3c62065d31931b200426b38fe46cc82cab2d95fcb12ce95ef3910ed0270fe40e65fa6eac628c46abd2aceb604fb64390313ac734f793764e9fd6579591b8b9a87394a2dcb5fee88deadad3b4774cba87c5f2c75a6ab0f2da04a583b1e47da363ca00c7f9a4c7593d139acbefb6f6ec341079d6c713b5fbfd8237e186f2166d6619411092b82b7cf4f45953b33cfccb8fadc4ab5cde926b5a909ec288eb7a9089b8cceb1cef2ef299881bd2a107574325116a7f72d68b641c0ba04024df088606a51c619d7dc1fc924e269f46fb1e73db8b55da8f87e68e66ff52967e66d971acccf2bbf0d6beaa53eb2f1215e23f961dc7370cb05c23606a2c1628509f04448091964cee7ed1eb9c419788f8b6d50f7da0c8ab6d3c206910d345d4e5da8c751145616a9fbf13c9958e253200f4cc65c542486cfd5444aa0f29da078e44f3867f996a04989acc14de81468f7e465737e6394df89fa04793d75c1dd60047fef04717536562e7149c273dfb3587753115e67a18e3de27fa09158bf8e987011b7f227cc1fde527604bf5e5faea8ed9ed60ea18d5b74f4369437adcf590ebade205567c3c4900cef28e91761746d4b031dbe202143712fc31eb9382f9700c6b90b39d6cd382923d44f46401b5325871985cce1822514686d5483725fc89b9c51b43ef05342a3a5c58be8e4220dfdd08e1c46954a9600bf682b21a6734aec38dc4f80d8a8018f2b73bb881e8380e09ec76626524b93695842145408d82817a7fc6aa28818246a554ba9c544dcbb110252cccfbc7c0c0127b66711ee999aa55bd104792077698e569e8b019acebb1b22c0938898a09fa9eef45e"}], 0xc50}, 0x40000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10805}, 0x44049)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1.384760419s ago: executing program 2 (id=13308):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000380)=[{{&(0x7f0000000580)=@nl=@proc, 0x80, &(0x7f0000001900)=[{&(0x7f0000000600)='B', 0x1}], 0x1}}, {{&(0x7f0000000200)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000400)=ANY=[], 0x5a}}], 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x4, @loopback, 0xffffffff}, 0x1c)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
listen(r1, 0x5)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed0, 0x5})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x5, 0xe, 0x0, &(0x7f0000000300)="259a00f2a309f26c578e2171a76d", 0x0, 0x7, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
accept(r1, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0xbb7, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

611.906706ms ago: executing program 5 (id=13316):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x10000000005)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='tracefs\x00', 0x1214040, 0x0)

408.636755ms ago: executing program 5 (id=13317):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20004000)
ioctl$BTRFS_IOC_GET_FEATURES(r3, 0x80189439, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001"], 0xb8}, 0x1, 0x0, 0x0, 0x4048000}, 0x14)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="760100001b"], 0x188}, 0x1, 0x0, 0x0, 0x40004}, 0x0)

381.922354ms ago: executing program 5 (id=13318):
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
socket(0xa, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000000206010800000000000000000000003f0500010006000000050005000200000005000400000000000900020073797a3100200000"], 0x4c}}, 0x20040004)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x8, 0xdd)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, 0x0)

224.267472ms ago: executing program 5 (id=13319):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000002c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x8, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, {[@eol]}}}}}}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048084)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000600)={0xfffc, 0x0, 0x3, 0xffff}, 0x8)
sendto$inet6(r3, &(0x7f0000000080)='W', 0x1, 0x4094, &(0x7f0000000000)={0xa, 0x4e22, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, 0x1c)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10c}}, 0x0)

76.34051ms ago: executing program 5 (id=13320):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 5 (id=13321):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = epoll_create1(0x0)
fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80)
r5 = epoll_create1(0x0)
r6 = fcntl$dupfd(r5, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r6, r4, 0x11, 0x0, r6}, 0x14)

kernel console output (not intermixed with test programs):

326 audit(1773002655.839:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31161 comm="syz.9.10038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1309.454173][ T5112] Bluetooth: hci0: command 0x0406 tx timeout
[ 1310.013390][ T3184] bond1 (unregistering): (slave bridge1): Releasing backup interface
[ 1310.013424][ T3184] bridge1 (unregistering): left promiscuous mode
[ 1310.285140][ T3184] bond2 (unregistering): (slave bridge3): Releasing backup interface
[ 1310.285176][ T3184] bridge3 (unregistering): left promiscuous mode
[ 1310.285201][ T3184] bridge3 (unregistering): left allmulticast mode
[ 1310.656323][ T3184] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1310.703256][ T3184] bond0 (unregistering): Released all slaves
[ 1310.719623][ T3184] bond1 (unregistering): Released all slaves
[ 1310.743620][ T3184] bond2 (unregistering): Released all slaves
[ 1310.764147][ T3184] bond3 (unregistering): Released all slaves
[ 1311.022224][ T3184] tipc: Disabling bearer <eth:batadv0>
[ 1311.162278][ T3184] tipc: Left network mode
[ 1312.280155][T31236] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1313.951485][T31277] overlayfs: failed to clone upperpath
[ 1318.608263][T31321] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1318.608296][T31321] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[ 1319.597931][ T3184] hsr_slave_0: left promiscuous mode
[ 1319.669577][ T3184] hsr_slave_1: left promiscuous mode
[ 1319.670651][ T3184] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1319.670679][ T3184] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1319.878486][ T3184] veth1_macvtap: left promiscuous mode
[ 1319.883238][ T3184] veth0_macvtap: left promiscuous mode
[ 1319.923197][ T3184] veth1_vlan: left allmulticast mode
[ 1319.923246][ T3184] veth1_vlan: left promiscuous mode
[ 1319.923393][ T3184] veth0_vlan: left promiscuous mode
[ 1321.347384][T31385] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1322.063925][T31413] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10147'.
[ 1323.760035][ T5860] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1323.902565][ T5860] usb 4-1: Using ep0 maxpacket: 16
[ 1323.904632][ T5860] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1323.904672][ T5860] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1323.908110][ T5860] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1323.908142][ T5860] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1323.908163][ T5860] usb 4-1: Product: syz
[ 1323.908177][ T5860] usb 4-1: Manufacturer: syz
[ 1323.908191][ T5860] usb 4-1: SerialNumber: syz
[ 1323.921416][ T5860] usb 4-1: config 0 descriptor??
[ 1324.207511][ T5860] usb 4-1: Can not set alternate setting to 1, error: -71
[ 1324.207564][ T5860] synaptics_usb 4-1:0.0: probe with driver synaptics_usb failed with error -71
[ 1324.325135][ T5860] usb 4-1: USB disconnect, device number 17
[ 1324.831467][T31488] netlink: 'syz.8.10180': attribute type 10 has an invalid length.
[ 1324.994986][T31488] bridge0: port 1(netdevsim0) entered blocking state
[ 1324.995080][T31488] bridge0: port 1(netdevsim0) entered disabled state
[ 1324.995238][T31488] netdevsim netdevsim8 netdevsim0: entered allmulticast mode
[ 1325.034362][T31488] netdevsim netdevsim8 netdevsim0: entered promiscuous mode
[ 1327.172003][   T37] audit: type=1326 audit(1773002674.580:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.172669][   T37] audit: type=1326 audit(1773002674.590:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.176077][   T37] audit: type=1326 audit(1773002674.590:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.176386][   T37] audit: type=1326 audit(1773002674.590:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.201448][   T37] audit: type=1326 audit(1773002674.622:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.201514][   T37] audit: type=1326 audit(1773002674.622:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.201572][   T37] audit: type=1326 audit(1773002674.622:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.214002][   T37] audit: type=1326 audit(1773002674.632:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.214228][   T37] audit: type=1326 audit(1773002674.632:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31524 comm="syz.9.10192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1327.559288][ T3184] IPVS: stop unused estimator thread 0...
[ 1327.751420][T31542] vivid-000: disconnect
[ 1327.751736][T31541] vivid-000: reconnect
[ 1327.893468][ T5112] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1328.295758][T31563] block nbd9: NBD_DISCONNECT
[ 1329.290742][T31607] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1329.290773][T31607] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1329.290822][T31607] hsr0: entered promiscuous mode
[ 1329.321921][T16705] usb 10-1: new low-speed USB device number 26 using dummy_hcd
[ 1329.442037][T31613] netlink: 196 bytes leftover after parsing attributes in process `syz.3.10228'.
[ 1329.478723][T16705] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[ 1329.478756][T16705] usb 10-1: config 179 has no interface number 0
[ 1329.478810][T16705] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[ 1329.478840][T16705] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1329.478865][T16705] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1329.478892][T16705] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[ 1329.478921][T16705] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1329.478966][T16705] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1329.478990][T16705] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1329.562670][T31597] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1329.621064][T16705] xpad 10-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1329.727289][T16705] xpad 10-1:179.65: probe with driver xpad failed with error -90
[ 1329.805158][T16705] usb 10-1: USB disconnect, device number 26
[ 1337.789329][T31833] netlink: 'syz.8.10315': attribute type 21 has an invalid length.
[ 1338.475061][ T5112] Bluetooth: hci5: command 0x0406 tx timeout
[ 1340.159102][T31856] netlink: 36 bytes leftover after parsing attributes in process `syz.8.10324'.
[ 1340.218456][ T5960] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1340.468285][ T5112] Bluetooth: hci5: command 0x0406 tx timeout
[ 1340.555115][ T5960] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1340.555165][ T5960] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1340.936353][ T5960] usb 10-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[ 1340.936391][ T5960] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1340.936413][ T5960] usb 10-1: Product: syz
[ 1340.936429][ T5960] usb 10-1: Manufacturer: syz
[ 1340.936445][ T5960] usb 10-1: SerialNumber: syz
[ 1341.680090][ T5960] usb 10-1: config 0 descriptor??
[ 1341.687485][ T5960] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[ 1341.703164][ T5960] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1341.713970][ T5960] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[ 1341.714038][ T5960] usb 10-1: media controller created
[ 1341.754537][ T5960] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1341.836157][T31878] openvswitch: netlink: Missing key (keys=800040, expected=2000)
[ 1341.928093][ T5960] DVB: Unable to find symbol tda10046_attach()
[ 1341.928113][ T5960] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[ 1341.928130][ T5960] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[ 1342.132446][ T5960] dvb_usb_m920x 10-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[ 1342.168723][ T5960] usb 10-1: USB disconnect, device number 27
[ 1346.971351][T31951] geneve1: entered allmulticast mode
[ 1349.545645][T32014] netlink: 3 bytes leftover after parsing attributes in process `syz.8.10382'.
[ 1349.545912][T32014] 0�X���: renamed from caif0
[ 1349.629525][T32014] 0�X���: entered allmulticast mode
[ 1349.629551][T32014] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[ 1352.082536][T32051] bond1: down delay (1) is not a multiple of miimon (100), value rounded to 0 ms
[ 1352.082588][T32051] bond1: peer notification delay (280) is not a multiple of miimon (100), value rounded to 200 ms
[ 1352.083629][T32051] bond1: entered allmulticast mode
[ 1352.084044][T32051] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1353.544242][T32083] netlink: 80 bytes leftover after parsing attributes in process `syz.8.10412'.
[ 1353.652973][T32087] Option '    ' to dns_resolver key: bad/missing value
[ 1354.353168][T32121] netlink: zone id is out of range
[ 1354.353187][T32121] netlink: zone id is out of range
[ 1354.353773][T32121] netlink: set zone limit has 8 unknown bytes
[ 1354.386617][   T37] audit: type=1326 audit(1773002703.159:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32116 comm="syz.9.10424" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f830ef46517 code=0x0
[ 1356.175507][T32160] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10440'.
[ 1356.751156][T32182] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10449'.
[ 1356.974010][T32194] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1356.974041][T32194] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1356.984452][T32194] vhci_hcd vhci_hcd.0: Device attached
[ 1357.010350][T32194] vhci_hcd vhci_hcd.0: port 0 already used
[ 1357.578802][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1357.596142][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1357.939159][ T5960] usb 40-1: SetAddress Request (2) to port 0
[ 1357.939366][ T5960] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1358.193105][T32219] netlink: 'syz.9.10461': attribute type 1 has an invalid length.
[ 1358.225998][T32198] vhci_hcd: connection reset by peer
[ 1358.241393][T29058] vhci_hcd vhci_hcd.3: stop threads
[ 1358.241426][T29058] vhci_hcd vhci_hcd.3: release socket
[ 1358.346586][T29058] vhci_hcd vhci_hcd.3: disconnect device
[ 1358.604746][T32234] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10467'.
[ 1358.868310][T32247] netlink: 'syz.8.10472': attribute type 10 has an invalid length.
[ 1359.029409][T32256] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1359.787722][T32293] netlink: 40 bytes leftover after parsing attributes in process `syz.9.10494'.
[ 1359.913881][T32301] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10500'.
[ 1362.786736][ T5960] usb 40-1: device descriptor read/8, error -110
[ 1363.652426][ T5960] usb usb40-port1: attempt power cycle
[ 1364.595698][T32396] netlink: 'syz.3.10539': attribute type 21 has an invalid length.
[ 1367.156898][ T5960] usb usb40-port1: unable to enumerate USB device
[ 1368.180131][ T5112] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1368.230644][ T5112] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1368.233316][ T5112] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1368.235896][ T5112] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1368.237583][ T5112] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1368.562399][T32452] lo speed is unknown, defaulting to 1000
[ 1368.587124][T32452] lo speed is unknown, defaulting to 1000
[ 1368.833385][T32479] netlink: 'syz.3.10568': attribute type 5 has an invalid length.
[ 1369.910774][T32492] netlink: 'syz.3.10572': attribute type 1 has an invalid length.
[ 1369.910818][T32492] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1370.197281][T32505] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1370.197302][T32505] IPv6: NLM_F_CREATE should be set when creating new route
[ 1370.197378][T32505] IPv6: NLM_F_CREATE should be set when creating new route
[ 1370.249402][T29566] Bluetooth: hci2: command tx timeout
[ 1371.463122][T32452] chnl_net:caif_netlink_parms(): no params data found
[ 1372.229941][T29566] Bluetooth: hci2: command tx timeout
[ 1372.781422][T32452] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1372.781554][T32452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1372.781839][T32452] bridge_slave_0: entered allmulticast mode
[ 1372.850250][T32452] bridge_slave_0: entered promiscuous mode
[ 1372.887566][T32452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1372.887695][T32452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1372.887974][T32452] bridge_slave_1: entered allmulticast mode
[ 1372.890757][T32452] bridge_slave_1: entered promiscuous mode
[ 1373.064844][T32564] netlink: 1010 bytes leftover after parsing attributes in process `syz.8.10601'.
[ 1373.168991][T32452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1373.193519][T32452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1373.289516][T32452] team0: Port device team_slave_0 added
[ 1373.293909][T32452] team0: Port device team_slave_1 added
[ 1373.411351][T32452] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1373.411373][T32452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1373.411404][T32452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1373.420069][T32452] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1373.420089][T32452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1373.420119][T32452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1373.642369][T32452] hsr_slave_0: entered promiscuous mode
[ 1373.643789][T32452] hsr_slave_1: entered promiscuous mode
[ 1373.644719][T32452] debugfs: 'hsr0' already exists in 'hsr'
[ 1373.644744][T32452] Cannot create hsr debugfs directory
[ 1374.215117][T29566] Bluetooth: hci2: command tx timeout
[ 1374.653304][T32614] net veth1_virt_wifi 
c
@0�: renamed from virt_wifi0
[ 1375.937523][T32641] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10630'.
[ 1376.117238][T32653] random: crng reseeded on system resumption
[ 1376.192224][T29566] Bluetooth: hci2: command tx timeout
[ 1377.798594][T32715] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10660'.
[ 1378.875272][ T9306] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1378.875311][ T9306] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1379.749252][  T332] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10697'.
[ 1379.860370][ T1231] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1379.981239][ T9306] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1379.981281][ T9306] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1380.011434][ T1231] usb 4-1: Using ep0 maxpacket: 32
[ 1380.014032][ T1231] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1380.015301][ T1231] usb 4-1: config 1 has an invalid interface number: 2 but max is 0
[ 1380.015326][ T1231] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.015346][ T1231] usb 4-1: config 1 has no interface number 0
[ 1380.015376][ T1231] usb 4-1: too many endpoints for config 1 interface 2 altsetting 144: 195, using maximum allowed: 30
[ 1380.015423][ T1231] usb 4-1: config 1 interface 2 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 195
[ 1380.015452][ T1231] usb 4-1: config 1 interface 2 has no altsetting 0
[ 1380.018294][ T1231] usb 4-1: New USB device found, idVendor=04b4, idProduct=931d, bcdDevice= 0.40
[ 1380.018324][ T1231] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1380.018345][ T1231] usb 4-1: Product: syz
[ 1380.018359][ T1231] usb 4-1: Manufacturer: syz
[ 1380.018375][ T1231] usb 4-1: SerialNumber: syz
[ 1380.272983][  T345] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10704'.
[ 1380.432689][ T1231] usb 4-1: can't set first interface for hiFace device.
[ 1380.432732][ T1231] snd-usb-hiface 4-1:1.2: probe with driver snd-usb-hiface failed with error -5
[ 1380.451543][ T1231] usb 4-1: USB disconnect, device number 18
[ 1380.721313][  T359] netlink: 400 bytes leftover after parsing attributes in process `syz.9.10708'.
[ 1381.018552][ T9306] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1381.018594][ T9306] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1382.706666][ T9306] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode
[ 1382.788316][ T9306] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1382.788357][ T9306] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.526807][  T438] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10739'.
[ 1383.859853][T32452] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1383.997212][  T459] netlink: 'syz.8.10749': attribute type 1 has an invalid length.
[ 1384.010789][T32452] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1384.349792][T32452] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1384.434195][T32452] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1385.635763][ T9306] bridge_slave_1: left allmulticast mode
[ 1385.635795][ T9306] bridge_slave_1: left promiscuous mode
[ 1385.636053][ T9306] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.705150][ T9306] bridge_slave_0: left allmulticast mode
[ 1385.705182][ T9306] bridge_slave_0: left promiscuous mode
[ 1385.705457][ T9306] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1388.612347][  T563] netlink: 'syz.3.10782': attribute type 1 has an invalid length.
[ 1390.232790][ T9306] bond2 (unregistering): (slave bridge2): Releasing backup interface
[ 1390.232826][ T9306] bridge2 (unregistering): left promiscuous mode
[ 1390.381010][ T9306] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1390.452434][ T9306] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1390.504391][ T9306] bond0 (unregistering): Released all slaves
[ 1390.520333][ T9306] bond1 (unregistering): Released all slaves
[ 1390.549991][ T9306] bond2 (unregistering): Released all slaves
[ 1391.078489][T32452] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1391.142467][ T9306] tipc: Disabling bearer <eth:batadv0>
[ 1391.330459][ T9306] tipc: Left network mode
[ 1391.387225][T32452] 8021q: adding VLAN 0 to HW filter on device team0
[ 1391.452427][   T70] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1391.453030][   T70] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1391.513164][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1391.513294][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1391.540201][  T644] netlink: 20 bytes leftover after parsing attributes in process `syz.9.10817'.
[ 1391.540234][  T644] netlink: 36 bytes leftover after parsing attributes in process `syz.9.10817'.
[ 1392.403235][ T5860] usb 10-1: new full-speed USB device number 28 using dummy_hcd
[ 1392.572549][ T5860] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1392.573149][ T5860] usb 10-1: not running at top speed; connect to a high speed hub
[ 1392.574442][ T5860] usb 10-1: config 2 has an invalid interface number: 59 but max is 1
[ 1392.574468][ T5860] usb 10-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1392.574489][ T5860] usb 10-1: config 2 has no interface number 1
[ 1392.574534][ T5860] usb 10-1: config 2 interface 59 has no altsetting 0
[ 1392.623663][ T5860] usb 10-1: string descriptor 0 read error: -22
[ 1392.623826][ T5860] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=b2.86
[ 1392.623853][ T5860] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1392.968611][ T5860] snd-usb-6fire 10-1:2.59: unable to receive device firmware state.
[ 1392.968660][ T5860] snd-usb-6fire 10-1:2.59: probe with driver snd-usb-6fire failed with error -71
[ 1392.994079][ T5860] usb 10-1: USB disconnect, device number 28
[ 1393.144613][  T699] netlink: 164 bytes leftover after parsing attributes in process `syz.3.10836'.
[ 1393.783286][  T730] NILFS (nbd3): device size too small
[ 1394.048949][  T742] tmpfs: Bad value for 'mpol'
[ 1394.200681][T32452] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1396.164662][ T9306] hsr_slave_0: left promiscuous mode
[ 1396.210678][ T9306] hsr_slave_1: left promiscuous mode
[ 1396.211762][ T9306] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1396.211790][ T9306] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1396.416400][ T9306] veth1_macvtap: left promiscuous mode
[ 1396.416527][ T9306] veth0_macvtap: left promiscuous mode
[ 1396.417181][ T9306] veth1_vlan: left promiscuous mode
[ 1396.417358][ T9306] veth0_vlan: left promiscuous mode
[ 1396.595547][ T1231] kernel write not supported for file /snd/seq (pid: 1231 comm: kworker/0:3)
[ 1397.236352][ T9306] pimreg3 (unregistering): left allmulticast mode
[ 1399.032935][ T9306] team0 (unregistering): Port device team_slave_1 removed
[ 1399.101450][ T9306] team0 (unregistering): Port device team_slave_0 removed
[ 1400.057098][T32452] veth0_vlan: entered promiscuous mode
[ 1400.104315][T32452] veth1_vlan: entered promiscuous mode
[ 1400.167475][T32452] veth0_macvtap: entered promiscuous mode
[ 1400.220659][T32452] veth1_macvtap: entered promiscuous mode
[ 1400.266457][T32452] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1400.306679][T32452] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1400.402241][   T70] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1400.424051][   T70] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1400.431071][   T70] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1400.462769][   T70] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1401.095525][  T961] netlink: 48 bytes leftover after parsing attributes in process `syz.8.10933'.
[ 1401.946123][  T120] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1401.946145][  T120] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1401.994272][    T9] usb 10-1: new full-speed USB device number 29 using dummy_hcd
[ 1402.099355][  T120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1402.099382][  T120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1402.206440][    T9] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1402.207440][    T9] usb 10-1: not running at top speed; connect to a high speed hub
[ 1402.233799][    T9] usb 10-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice= 0.40
[ 1402.233834][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1402.233857][    T9] usb 10-1: Product: syz
[ 1402.233874][    T9] usb 10-1: Manufacturer: syz
[ 1402.233889][    T9] usb 10-1: SerialNumber: syz
[ 1402.534167][  T996] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10946'.
[ 1402.549436][    T9] snd-usb-audio 10-1:1.0: probe with driver snd-usb-audio failed with error -71
[ 1402.621335][    T9] snd-usb-audio 10-1:1.1: probe with driver snd-usb-audio failed with error -71
[ 1402.694904][    T9] snd-usb-audio 10-1:1.2: probe with driver snd-usb-audio failed with error -71
[ 1402.796177][    T9] usb 10-1: USB disconnect, device number 29
[ 1403.097024][ T1012] netlink: 104 bytes leftover after parsing attributes in process `syz.8.10950'.
[ 1403.452529][ T1025] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[ 1403.838080][   T37] audit: type=1400 audit(1773002755.077:1368): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=1052 comm="syz.2.10964" daddr=::ffff:255.255.255.255 dest=20003
[ 1404.328137][ T5860] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1404.465922][ T1087] syz_tun: entered promiscuous mode
[ 1404.480062][ T5860] usb 3-1: Using ep0 maxpacket: 32
[ 1404.483513][ T5860] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1404.483546][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1404.513727][ T5860] usb 3-1: config 0 descriptor??
[ 1404.531676][ T1087] syz_tun: left promiscuous mode
[ 1404.618746][ T5860] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1404.898943][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1404.923929][ T5860] gspca_vc032x: reg_w err -71
[ 1404.923951][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.923962][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.923973][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.923983][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.923993][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924003][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924012][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924022][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924032][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924041][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924051][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924061][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924070][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924079][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924089][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924099][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924108][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924117][ T5860] gspca_vc032x: I2c Bus Busy Wait 00
[ 1404.924127][ T5860] gspca_vc032x: Unknown sensor...
[ 1404.924211][ T5860] vc032x 3-1:0.0: probe with driver vc032x failed with error -22
[ 1404.973019][ T5860] usb 3-1: USB disconnect, device number 15
[ 1405.086336][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1405.086371][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1405.086412][    T9] usb 4-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[ 1405.086437][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1405.131522][    T9] usb 4-1: config 0 descriptor??
[ 1406.385896][    T9] hid_parser_main: 245 callbacks suppressed
[ 1406.385917][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.385940][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.385960][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.385979][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.385999][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.386018][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.386037][    T9] steelseries 0003:1038:12B6.0026: unknown main item tag 0x0
[ 1406.499467][    T9] steelseries 0003:1038:12B6.0026: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.3-1/input0
[ 1406.986948][    T9] steelseries 0003:1038:12B6.0026: hid_hw_raw_request() failed with -71
[ 1407.023764][ T1139] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 1407.050964][ T1144] syz.9.10992 (1144): /proc/1142/oom_adj is deprecated, please use /proc/1142/oom_score_adj instead.
[ 1407.068895][ T1139] batman_adv: batadv0: Adding interface: gretap1
[ 1407.068916][ T1139] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1407.112531][ T1139] batman_adv: batadv0: Interface activated: gretap1
[ 1407.141069][    T9] usb 4-1: USB disconnect, device number 19
[ 1409.172239][T32342] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1409.759260][T32342] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1409.759326][T32342] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1409.760820][T32342] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1409.760853][T32342] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1409.760875][T32342] usb 3-1: Manufacturer: syz
[ 1409.803134][T32342] usb 3-1: config 0 descriptor??
[ 1409.928521][T32342] rc_core: IR keymap rc-hauppauge not found
[ 1409.928545][T32342] Registered IR keymap rc-empty
[ 1409.935054][T32342] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1409.961031][T32342] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input46
[ 1410.154601][    T9] usb 3-1: USB disconnect, device number 16
[ 1413.752366][    T9] usb 10-1: new full-speed USB device number 30 using dummy_hcd
[ 1413.925823][    T9] usb 10-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[ 1413.925876][    T9] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1413.925906][    T9] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1413.925931][    T9] usb 10-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[ 1413.925970][    T9] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1413.926006][    T9] usb 10-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1413.926032][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.174725][    T9] usb 10-1: config 0 descriptor??
[ 1414.218149][   T37] audit: type=1400 audit(1773002765.976:1369): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=1298 comm="syz.2.11038" daddr=::ffff:127.0.0.1 dest=16385
[ 1414.580886][T29566] Bluetooth: hci0: unexpected event for opcode 0x2002
[ 1414.740383][    T9] ryos 0003:1E7D:3138.0027: reserved main item tag 0xd
[ 1414.774615][    T9] ryos 0003:1E7D:3138.0027: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.9-1/input0
[ 1416.073101][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1416.073523][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1416.484509][ T1331] netlink: 'syz.8.11047': attribute type 4 has an invalid length.
[ 1416.484537][ T1331] netlink: 84 bytes leftover after parsing attributes in process `syz.8.11047'.
[ 1416.576622][ T5112] Bluetooth: hci0: command 0x0406 tx timeout
[ 1417.633428][    T9] usb 10-1: USB disconnect, device number 30
[ 1418.559398][T29566] Bluetooth: hci0: command 0x0406 tx timeout
[ 1419.024453][ T1356] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1423.394344][ T1439] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11088'.
[ 1425.639712][ T1509] netlink: 236 bytes leftover after parsing attributes in process `syz.3.11113'.
[ 1427.179842][   T37] audit: type=1326 audit(1773002779.593:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.179905][   T37] audit: type=1326 audit(1773002779.593:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.182969][   T37] audit: type=1326 audit(1773002779.593:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.183129][   T37] audit: type=1326 audit(1773002779.593:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.183267][   T37] audit: type=1326 audit(1773002779.593:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.228267][   T37] audit: type=1326 audit(1773002779.604:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.228327][   T37] audit: type=1326 audit(1773002779.635:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.228375][   T37] audit: type=1326 audit(1773002779.635:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1566 comm="syz.9.11139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830ef4c799 code=0x7ffc0000
[ 1427.545745][ T1578] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11143'.
[ 1427.614352][ T1231] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[ 1427.793483][ T1231] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1427.793514][ T1231] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1427.793566][ T1231] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1427.793591][ T1231] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1427.876245][ T1231] usb 3-1: config 0 descriptor??
[ 1427.934457][ T1231] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1427.934555][ T1231] dvb-usb: bulk message failed: -22 (3/0)
[ 1428.010526][ T1231] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1428.022986][ T1231] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1428.023156][ T1231] usb 3-1: media controller created
[ 1428.053514][ T1231] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1428.268379][ T1231] dvb-usb: bulk message failed: -22 (6/0)
[ 1428.268563][ T1231] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1428.365081][ T1231] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input47
[ 1428.385050][ T1231] dvb-usb: schedule remote query interval to 150 msecs.
[ 1428.385077][ T1231] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1428.410945][ T1231] usb 3-1: USB disconnect, device number 17
[ 1428.681167][ T1231] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1429.069306][   T37] audit: type=1400 audit(1773002781.556:1378): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=1630 comm="syz.2.11162" daddr=::1:0:20:0
[ 1429.149035][ T5960] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1429.291500][ T5960] usb 4-1: Using ep0 maxpacket: 32
[ 1429.295746][ T5960] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[ 1429.295776][ T5960] usb 4-1: config 0 has no interface number 0
[ 1429.322658][ T5960] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1429.322692][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1429.322716][ T5960] usb 4-1: Product: syz
[ 1429.322733][ T5960] usb 4-1: Manufacturer: syz
[ 1429.322749][ T5960] usb 4-1: SerialNumber: syz
[ 1429.386677][ T5960] usb 4-1: config 0 descriptor??
[ 1429.400650][ T5960] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1430.267509][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1430.461568][ T5960] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1430.512897][ T5960] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1430.549234][ T5960] usb 4-1: USB disconnect, device number 20
[ 1430.556696][ T5960] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1430.585258][ T5960] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1430.586189][ T5960] quatech2 4-1:0.51: device disconnected
[ 1433.774502][ T1731] netlink: 966 bytes leftover after parsing attributes in process `syz.8.11196'.
[ 1434.367196][   T37] audit: type=1400 audit(1773002787.131:1379): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=1761 comm="syz.3.11208" daddr=::ffff:172.20.20.52 dest=52772
[ 1435.129070][ T1793] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false
[ 1435.711366][ T5112] Bluetooth: hci2: command tx timeout
[ 1435.844637][ T1822] [U] �
[ 1440.628915][ T1854] netlink: 32 bytes leftover after parsing attributes in process `syz.9.11246'.
[ 1442.629084][ T1918] 9p: Bad value for 'rfdno'
[ 1443.962245][T28854] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[ 1444.132811][T28854] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1444.132851][T28854] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1444.132896][T28854] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1444.132922][T28854] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.188204][T28854] usb 10-1: config 0 descriptor??
[ 1444.426535][T28854] usbhid 10-1:0.0: can't add hid device: -71
[ 1444.426671][T28854] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1444.464433][T28854] usb 10-1: USB disconnect, device number 31
[ 1445.028514][T32342] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[ 1445.344489][T32342] usb 10-1: Using ep0 maxpacket: 16
[ 1445.450747][T32342] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1445.450783][T32342] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1445.450825][T32342] usb 10-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1445.450851][T32342] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1445.530250][T32342] usb 10-1: config 0 descriptor??
[ 1445.581779][T32342] uvcvideo 10-1:0.0: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1445.581863][T32342] uvcvideo 10-1:0.0: No valid video chain found.
[ 1446.545227][ T5960] usb 10-1: USB disconnect, device number 32
[ 1447.183845][ T2000] netlink: 212 bytes leftover after parsing attributes in process `syz.2.11299'.
[ 1447.183875][ T2000] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11299'.
[ 1447.183890][ T2000] tc_dump_action: action bad kind
[ 1447.295135][ T2004] netlink: 'syz.9.11301': attribute type 26 has an invalid length.
[ 1447.481250][ T2014] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11306'.
[ 1447.481281][ T2014] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11306'.
[ 1447.989644][T28854] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1448.045141][ T2046] RDS: rds_bind could not find a transport for 6669:6c65:302f:2e2e::, load rds_tcp or rds_rdma?
[ 1448.154438][T28854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1448.154473][T28854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1448.154498][T28854] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1448.154543][T28854] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1448.154568][T28854] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1448.172165][T28854] usb 4-1: config 0 descriptor??
[ 1448.699163][T28854] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1448.838635][T28854] usb 4-1: USB disconnect, device number 21
[ 1449.144879][ T2067] fido_id[2067]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1449.330190][ T2089] Invalid logical block size (8192)
[ 1450.675338][ T2119] bridge_slave_1: left allmulticast mode
[ 1450.675369][ T2119] bridge_slave_1: left promiscuous mode
[ 1450.675626][ T2119] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1450.773163][ T2119] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[ 1450.851307][T28854] usb 10-1: new full-speed USB device number 33 using dummy_hcd
[ 1450.992926][T28854] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1450.992966][T28854] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1450.993008][T28854] usb 10-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1450.993034][T28854] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1451.054960][T28854] usb 10-1: config 0 descriptor??
[ 1452.627813][T28854] elan 0003:04F3:0755.0029: failed to start in urb: -90
[ 1452.656294][T28854] elan 0003:04F3:0755.0029: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.9-1/input0
[ 1452.680165][T28854] usb 10-1: USB disconnect, device number 33
[ 1452.900061][ T2164] netlink: 16178 bytes leftover after parsing attributes in process `syz.9.11369'.
[ 1453.096713][   T37] audit: type=1400 audit(1773002806.796:1380): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=2173 comm="syz.9.11374" daddr=::ffff:172.20.20.29 dest=20003
[ 1453.123009][ T2168] fido_id[2168]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1453.209392][   T37] audit: type=1400 audit(1773002806.922:1381): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=2179 comm="syz.8.11375" daddr=::ffff:172.20.20.170
[ 1453.531363][ T5810] usb 10-1: new high-speed USB device number 34 using dummy_hcd
[ 1453.677133][ T5810] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1453.677168][ T5810] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1453.677194][ T5810] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1453.679993][ T5810] usb 10-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1453.680027][ T5810] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1453.680048][ T5810] usb 10-1: Product: syz
[ 1453.680066][ T5810] usb 10-1: Manufacturer: syz
[ 1453.680083][ T5810] usb 10-1: SerialNumber: syz
[ 1453.766187][ T2201] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.11383' sets config #1
[ 1453.785126][ T5810] usb 10-1: config 0 descriptor??
[ 1454.045975][ T5810] adutux 10-1:0.0: ADU208  now attached to /dev/usb/adutux0
[ 1454.073650][ T5810] usb 10-1: USB disconnect, device number 34
[ 1454.335750][ T2216] nfs: Unknown parameter '"��sN%�D<���SN��צ����H)q�A�
�<{�m�0�/�֒�>�S������t�ִN�%��y�M���nx�[E>���D�r�'�c��.�������
}zQ!F(r&� �������Y�\_m���������Y�l!��M õl���c�KT�w_)�1��33v€�+��w�H�U%|B�J�s�3���'
[ 1454.912747][ T1951] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1455.065518][ T1951] usb 4-1: Using ep0 maxpacket: 8
[ 1455.071291][ T1951] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1455.086362][ T1951] usb 4-1: config 4 interface 0 has no altsetting 0
[ 1455.101739][ T1951] usb 4-1: string descriptor 0 read error: -22
[ 1455.121982][ T1951] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 1455.122019][ T1951] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[ 1455.139366][ T2250] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[ 1455.247366][ T1951] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 1455.308831][ T1951] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1455.309254][ T1951] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 1455.309304][ T1951] usb 4-1: media controller created
[ 1455.664356][ T2260] netlink: 92 bytes leftover after parsing attributes in process `syz.8.11404'.
[ 1456.367678][ T2260] vlan0: entered promiscuous mode
[ 1456.367706][ T2260] bridge0: entered promiscuous mode
[ 1456.469324][ T1951] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1456.590308][ T1951] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1456.843683][ T1951] usb 4-1: USB disconnect, device number 22
[ 1457.322397][ T1951] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1457.404138][   T37] audit: type=1326 audit(1773002811.322:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2301 comm="syz.2.11420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cf1c799 code=0x7ffc0000
[ 1457.418500][   T37] audit: type=1326 audit(1773002811.343:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2301 comm="syz.2.11420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f6b2cf1c799 code=0x7ffc0000
[ 1457.418990][   T37] audit: type=1326 audit(1773002811.343:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2301 comm="syz.2.11420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cf1c799 code=0x7ffc0000
[ 1457.442793][   T37] audit: type=1326 audit(1773002811.364:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2301 comm="syz.2.11420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cf1c799 code=0x7ffc0000
[ 1457.447546][   T37] audit: type=1326 audit(1773002811.374:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2301 comm="syz.2.11420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f6b2cf1c799 code=0x7ffc0000
[ 1457.449795][   T37] audit: type=1326 audit(1773002811.374:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2301 comm="syz.2.11420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cf1c799 code=0x7ffc0000
[ 1457.608908][ T1951] usb 4-1: Using ep0 maxpacket: 16
[ 1457.612280][ T1951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1457.612315][ T1951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1457.612356][ T1951] usb 4-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[ 1457.612381][ T1951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1457.680642][ T1951] usb 4-1: config 0 descriptor??
[ 1458.224148][ T1951] ntrig 0003:1B96:0008.002A: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.3-1/input0
[ 1458.395195][ T1951] usb 4-1: USB disconnect, device number 23
[ 1458.584739][ T2330] fido_id[2330]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1459.827389][T28854] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[ 1459.913484][   T37] audit: type=1326 audit(1773002813.957:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.913991][   T37] audit: type=1326 audit(1773002813.957:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.980857][   T37] audit: type=1326 audit(1773002814.030:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.981021][   T37] audit: type=1326 audit(1773002814.030:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.981400][   T37] audit: type=1326 audit(1773002814.030:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.981772][   T37] audit: type=1326 audit(1773002814.030:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.981931][   T37] audit: type=1326 audit(1773002814.030:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1459.998647][T28854] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1459.998688][T28854] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1459.998733][T28854] usb 10-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 1459.998761][T28854] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1460.032018][   T37] audit: type=1326 audit(1773002814.083:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1460.039607][   T37] audit: type=1326 audit(1773002814.093:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1460.039842][   T37] audit: type=1326 audit(1773002814.093:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2372 comm="syz.3.11446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1460.213927][T28854] usb 10-1: config 0 descriptor??
[ 1460.651158][ T2386] program syz.3.11450 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1460.726923][T28854] holtek_kbd 0003:04D9:A055.002B: unknown main item tag 0x1
[ 1460.782105][T28854] holtek_kbd 0003:04D9:A055.002B: hidraw0: USB HID v10.00 Device [HID 04d9:a055] on usb-dummy_hcd.9-1/input0
[ 1460.970383][ T5860] usb 10-1: USB disconnect, device number 35
[ 1461.245569][ T2411] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11462'.
[ 1461.245602][ T2411] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11462'.
[ 1461.294987][ T2402] fido_id[2402]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1461.529390][ T2422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11464'.
[ 1462.196771][ T2459] netlink: 15 bytes leftover after parsing attributes in process `syz.3.11477'.
[ 1462.275110][ T5810] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1462.422660][ T5810] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1462.422694][ T5810] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1462.422716][ T5810] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1462.422768][ T5810] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1462.422797][ T5810] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1462.478252][ T5810] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1462.478289][ T5810] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1462.478311][ T5810] usb 3-1: Product: syz
[ 1462.478327][ T5810] usb 3-1: Manufacturer: syz
[ 1462.527436][ T5810] cdc_wdm 3-1:1.0: skipping garbage
[ 1462.527461][ T5810] cdc_wdm 3-1:1.0: skipping garbage
[ 1462.543865][ T5810] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1462.543889][ T5810] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1462.759478][ T2450] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[ 1462.768292][ T5810] usb 3-1: USB disconnect, device number 18
[ 1463.063568][ T2504] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11493'.
[ 1463.650291][ T2539] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11504'.
[ 1464.810584][ T5960] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 1464.817093][ T2601] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11525'.
[ 1464.975260][ T5960] usb 3-1: Using ep0 maxpacket: 16
[ 1464.993345][ T5960] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1464.993390][ T5960] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1464.993459][ T5960] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1464.993550][ T5960] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1464.993577][ T5960] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1465.159719][ T5960] usb 3-1: config 0 descriptor??
[ 1465.821696][ T5810] usb 10-1: new high-speed USB device number 36 using dummy_hcd
[ 1466.187511][ T5960] hid (null): bogus close delimiter
[ 1466.421697][ T5810] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1466.421772][ T5810] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1466.519667][ T5810] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1466.519765][ T5810] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1466.519789][ T5810] usb 10-1: Product: syz
[ 1466.519806][ T5810] usb 10-1: Manufacturer: syz
[ 1466.519822][ T5810] usb 10-1: SerialNumber: syz
[ 1466.720453][ T5810] usb 10-1: config 0 descriptor??
[ 1467.057491][ T5810] usb 10-1: selecting invalid altsetting 0
[ 1467.209444][ T5960] usb 3-1: USB disconnect, device number 19
[ 1467.630431][   T37] kauditd_printk_skb: 8 callbacks suppressed
[ 1467.630453][   T37] audit: type=1326 audit(1773002822.062:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1467.633542][   T37] audit: type=1326 audit(1773002822.062:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1467.707032][   T37] audit: type=1326 audit(1773002822.136:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1467.707106][   T37] audit: type=1326 audit(1773002822.136:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1467.708726][ T5810] usb 10-1: USB disconnect, device number 36
[ 1467.774572][   T37] audit: type=1326 audit(1773002822.146:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1467.860402][   T37] audit: type=1326 audit(1773002822.304:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1467.860461][   T37] audit: type=1326 audit(1773002822.304:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2640 comm="syz.3.11539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1468.262021][ T2666] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11546'.
[ 1468.770996][ T5810] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1468.927992][ T5810] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1468.928025][ T5810] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1468.928047][ T5810] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1468.928100][ T5810] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1468.928130][ T5810] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1468.930568][ T5810] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1468.930602][ T5810] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1468.930625][ T5810] usb 4-1: Product: syz
[ 1468.930641][ T5810] usb 4-1: Manufacturer: syz
[ 1469.071801][ T5810] cdc_wdm 4-1:1.0: skipping garbage
[ 1469.071823][ T5810] cdc_wdm 4-1:1.0: skipping garbage
[ 1469.080742][ T5810] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 1469.080765][ T5810] cdc_wdm 4-1:1.0: Unknown control protocol
[ 1469.269211][ T2681] cdc_wdm 4-1:1.0: Error submitting int urb - -90
[ 1469.271303][ T1951] usb 4-1: USB disconnect, device number 24
[ 1470.302757][ T2777] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11590'.
[ 1470.780999][ T5860] usb 10-1: new full-speed USB device number 37 using dummy_hcd
[ 1470.950261][ T5860] usb 10-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1470.950411][ T5860] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1470.985017][ T5860] usb 10-1: config 0 descriptor??
[ 1471.223443][ T5860] udl 10-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1471.415727][ T5860] [drm:udl_init] *ERROR* Selecting channel failed
[ 1471.452700][ T5860] [drm] Initialized udl 0.0.1 for 10-1:0.0 on minor 2
[ 1471.452729][ T5860] [drm] Initialized udl on minor 2
[ 1471.455414][ T5860] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1471.456022][ T5860] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[ 1471.537494][ T5860] usb 10-1: USB disconnect, device number 37
[ 1471.538984][ T1951] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1472.178390][ T2862] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11622'.
[ 1472.336561][   T37] audit: type=1400 audit(1773002826.997:1413): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=2865 comm="syz.9.11625" daddr=2001:: dest=20000
[ 1472.341330][   T37] audit: type=1400 audit(1773002826.997:1414): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=2865 comm="syz.9.11625" daddr=2001:: dest=8192
[ 1472.752129][ T5960] usb 10-1: new full-speed USB device number 38 using dummy_hcd
[ 1472.898175][ T5960] usb 10-1: not running at top speed; connect to a high speed hub
[ 1472.900133][ T5960] usb 10-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 1023
[ 1472.904515][ T5960] usb 10-1: string descriptor 0 read error: -22
[ 1472.904933][ T5960] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1472.905005][ T5960] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1473.868606][ T5960] usb 10-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 1473.870128][ T5960] usb 10-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1474.178693][ T5960] usb 10-1: USB disconnect, device number 38
[ 1474.571577][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1474.571653][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1475.011767][ T5860] kernel read not supported for file /dsp1 (pid: 5860 comm: kworker/0:4)
[ 1475.768907][ T2992] pim6reg0: tun_chr_ioctl cmd 1074025677
[ 1475.769177][ T2992] pim6reg0: linktype set to 769
[ 1477.399985][ T3062] vlan2: entered allmulticast mode
[ 1477.400010][ T3062] veth0_to_bond: entered allmulticast mode
[ 1478.933909][ T3126] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11736'.
[ 1479.760754][ T3162] netlink: 132 bytes leftover after parsing attributes in process `syz.8.11752'.
[ 1479.760783][ T3162] netlink: 132 bytes leftover after parsing attributes in process `syz.8.11752'.
[ 1479.760801][ T3162] netlink: 39 bytes leftover after parsing attributes in process `syz.8.11752'.
[ 1480.193789][ T5112] block nbd0: Receive control failed (result -32)
[ 1480.420314][ T3178] bridge0: entered allmulticast mode
[ 1480.825780][ T3201] program syz.9.11772 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1481.204204][ T3216] netlink: 104 bytes leftover after parsing attributes in process `syz.8.11778'.
[ 1481.329224][ T3220] netlink: 52 bytes leftover after parsing attributes in process `syz.3.11780'.
[ 1481.329248][ T3220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11780'.
[ 1483.225618][ T3305] netlink: 12 bytes leftover after parsing attributes in process `syz.8.11819'.
[ 1483.225661][ T3305] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11819'.
[ 1483.376227][ T3310] loop5: detected capacity change from 0 to 7
[ 1483.420208][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.420249][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.455234][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.455280][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.493763][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.493816][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.497044][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.497096][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.603671][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.603716][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.607627][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.607668][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.608395][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.608428][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.608638][ T3310] ldm_validate_partition_table(): Disk read failed.
[ 1483.608818][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.608865][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.609236][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.609269][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.620552][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1483.620592][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1483.629861][ T3310] Dev loop5: unable to read RDB block 0
[ 1483.646319][ T3310]  loop5: unable to read partition table
[ 1483.646988][ T3310] loop5: partition table beyond EOD, truncated
[ 1483.647030][ T3310] loop_reread_partitions: partition scan of loop5 (���W������ý�*���	���%���4FLQk݊5) failed (rc=-5)
[ 1483.941362][ T3325] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11829'.
[ 1484.331866][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1484.477555][T32342] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1484.624372][T32342] usb 3-1: Using ep0 maxpacket: 16
[ 1484.639827][T32342] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1484.659569][T32342] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1484.659603][T32342] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1484.659626][T32342] usb 3-1: Product: syz
[ 1484.659642][T32342] usb 3-1: Manufacturer: syz
[ 1484.659657][T32342] usb 3-1: SerialNumber: syz
[ 1484.701891][T32342] usb 3-1: config 0 descriptor??
[ 1484.723102][T32342] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[ 1484.724851][ T3361] program syz.9.11845 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1484.749846][T32342] usb 3-1: Detected FT232R
[ 1484.922445][ T3335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1484.945808][ T3335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1484.948864][T32342] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1485.144149][T32342] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[ 1485.149777][T32342] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1485.188204][T32342] usb 3-1: USB disconnect, device number 20
[ 1485.214746][T32342] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1485.215599][T32342] ftdi_sio 3-1:0.0: device disconnected
[ 1485.372986][T28854] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1485.534200][T28854] usb 4-1: Using ep0 maxpacket: 16
[ 1485.541414][T28854] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1485.541451][T28854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1485.544981][T28854] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1485.545065][T28854] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1485.545130][T28854] usb 4-1: Product: syz
[ 1485.545171][T28854] usb 4-1: Manufacturer: syz
[ 1485.545217][T28854] usb 4-1: SerialNumber: syz
[ 1485.593838][T28854] usb 4-1: config 0 descriptor??
[ 1485.632837][T28854] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1485.632883][T28854] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1485.727054][ T3394] netlink: 'syz.8.11861': attribute type 10 has an invalid length.
[ 1485.727172][ T3394] netdevsim netdevsim8 netdevsim0: left allmulticast mode
[ 1485.727204][ T3394] netdevsim netdevsim8 netdevsim0: left promiscuous mode
[ 1485.727498][ T3394] bridge0: port 1(netdevsim0) entered disabled state
[ 1485.914224][ T3394] batman_adv: batadv0: Adding interface: netdevsim0
[ 1485.914244][ T3394] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1485.914276][ T3394] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[ 1486.253440][T28854] em28xx 4-1:0.0: chip ID is em2874
[ 1486.306739][ T3340] Bluetooth: hci2: command 0x0406 tx timeout
[ 1486.950797][T28854] usb 4-1: USB disconnect, device number 25
[ 1486.979358][T28854] em28xx 4-1:0.0: Disconnecting em28xx
[ 1487.333679][T28854] em28xx 4-1:0.0: Freeing device
[ 1487.448254][ T3436] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11876'.
[ 1489.191992][ T3480] netlink: 56 bytes leftover after parsing attributes in process `syz.2.11894'.
[ 1489.976664][T16705] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1490.025262][ T3506] netlink: set zone limit has 4 unknown bytes
[ 1490.116796][T16705] usb 4-1: Using ep0 maxpacket: 16
[ 1490.119126][T16705] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1490.119162][T16705] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1490.122402][T16705] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1490.122434][T16705] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1490.122455][T16705] usb 4-1: Product: syz
[ 1490.122472][T16705] usb 4-1: Manufacturer: syz
[ 1490.122488][T16705] usb 4-1: SerialNumber: syz
[ 1490.188085][T16705] usb 4-1: config 0 descriptor??
[ 1490.246655][T16705] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1490.246694][T16705] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1490.344494][ T3519] 9p: Bad value for 'rfdno'
[ 1490.784341][T16705] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[ 1490.966031][   T37] audit: type=1400 audit(1773002847.561:1415): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=3538 comm="syz.8.11920" daddr=::ffff:172.20.20.187 dest=20002
[ 1491.000969][T16705] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[ 1491.001428][T16705] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[ 1491.001528][T16705] em28xx 4-1:0.0: No AC97 audio processor
[ 1491.099756][T16705] usb 4-1: USB disconnect, device number 26
[ 1491.102200][T16705] em28xx 4-1:0.0: Disconnecting em28xx
[ 1491.241156][T16705] em28xx 4-1:0.0: Freeing device
[ 1493.389299][   T37] audit: type=1400 audit(1773002850.101:1416): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=3639 comm="syz.9.11961" daddr=2001::2 dest=20005
[ 1494.050880][T32342] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1494.197745][T32342] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[ 1494.197777][T32342] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1494.197798][T32342] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1494.197820][T32342] usb 4-1: config 220 has no interface number 2
[ 1494.197901][T32342] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1494.197930][T32342] usb 4-1: config 220 interface 0 has no altsetting 0
[ 1494.197951][T32342] usb 4-1: config 220 interface 76 has no altsetting 0
[ 1494.197972][T32342] usb 4-1: config 220 interface 1 has no altsetting 0
[ 1494.200930][T32342] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1494.200963][T32342] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1494.200986][T32342] usb 4-1: Product: syz
[ 1494.201001][T32342] usb 4-1: Manufacturer: syz
[ 1494.201019][T32342] usb 4-1: SerialNumber: syz
[ 1494.361420][ T3670] netlink: 'syz.2.11976': attribute type 5 has an invalid length.
[ 1494.603863][T32342] usb 4-1: selecting invalid altsetting 0
[ 1494.604561][T32342] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1494.604595][T32342] uvcvideo 4-1:220.0: No valid video chain found.
[ 1494.693249][T32342] usb 4-1: selecting invalid altsetting 0
[ 1494.693295][T32342] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[ 1494.718277][T32342] usb 4-1: USB disconnect, device number 27
[ 1494.736291][ T1951] usb 10-1: new high-speed USB device number 39 using dummy_hcd
[ 1494.904251][ T1951] usb 10-1: Using ep0 maxpacket: 16
[ 1494.920068][ T1951] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1494.920107][ T1951] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1494.920132][ T1951] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1494.920180][ T1951] usb 10-1: New USB device found, idVendor=056a, idProduct=1093, bcdDevice= 0.00
[ 1494.920205][ T1951] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1494.978031][ T1951] usb 10-1: config 0 descriptor??
[ 1495.456626][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456655][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456696][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456724][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456752][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456779][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456806][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456832][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456865][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.456885][ T1951] wacom 0003:056A:1093.002D: unknown main item tag 0x0
[ 1495.560523][ T3706] input: syz1 as /devices/virtual/input/input48
[ 1495.622691][ T1951] usb 10-1: USB disconnect, device number 39
[ 1496.043545][ T3719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11999'.
[ 1496.314474][ T3731] pimreg: tun_chr_ioctl cmd 1074025672
[ 1496.314500][ T3731] pimreg: ignored: set checksum disabled
[ 1496.685211][ T3747] netlink: 'syz.3.12011': attribute type 4 has an invalid length.
[ 1497.431954][ T1951] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1497.584757][ T1951] usb 4-1: Using ep0 maxpacket: 8
[ 1497.587177][ T1951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1497.587228][ T1951] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1497.587253][ T1951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1497.623875][ T1951] usb 4-1: config 0 descriptor??
[ 1497.844897][ T1951] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1498.356137][ T5960] usb 4-1: USB disconnect, device number 28
[ 1498.718730][ T5960] usb 10-1: new high-speed USB device number 40 using dummy_hcd
[ 1498.871854][ T5960] usb 10-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1498.871889][ T5960] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1498.883146][ T5960] usb 10-1: config 0 descriptor??
[ 1498.923349][ T5960] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1499.286900][ T5960] cpia1 10-1:0.0: unexpected state after lo power cmd: 00
[ 1499.593004][ T3843] netlink: 32 bytes leftover after parsing attributes in process `syz.2.12054'.
[ 1499.696075][ T5960] gspca_cpia1: usb_control_msg 02, error -71
[ 1499.696099][ T5960] cpia1 10-1:0.0: only firmware version 1 is supported (got: 0)
[ 1499.729600][ T5960] usb 10-1: USB disconnect, device number 40
[ 1500.020689][ T3865] overlayfs: failed to clone upperpath
[ 1500.284753][   T37] audit: type=1400 audit(1773002857.345:1417): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=3872 comm="syz.8.12068" daddr=::ffff:0.0.0.0 dest=20002
[ 1500.506254][ T3883] netlink: 'syz.8.12073': attribute type 17 has an invalid length.
[ 1500.540509][T32342] lo speed is unknown, defaulting to 1000
[ 1501.049844][   T37] audit: type=1400 audit(1773002858.143:1418): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=3904 comm="syz.8.12083" daddr=::ffff:172.20.20.0
[ 1501.061287][T28854] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 1501.292743][T28854] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1501.292779][T28854] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1501.292800][T28854] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1501.292853][T28854] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1501.304845][T28854] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1501.304947][T28854] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1501.305013][T28854] usb 10-1: Product: syz
[ 1501.305056][T28854] usb 10-1: Manufacturer: syz
[ 1501.386810][T28854] cdc_wdm 10-1:1.0: skipping garbage
[ 1501.386833][T28854] cdc_wdm 10-1:1.0: skipping garbage
[ 1501.411936][T28854] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[ 1501.411960][T28854] cdc_wdm 10-1:1.0: Unknown control protocol
[ 1501.499863][ T5960] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[ 1501.642656][ T5960] usb 3-1: Using ep0 maxpacket: 32
[ 1501.668913][ T5960] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1501.668949][ T5960] usb 3-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[ 1501.668977][ T5960] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1501.717794][ T5960] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1501.717898][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1501.717923][ T5960] usb 3-1: Product: syz
[ 1501.717939][ T5960] usb 3-1: Manufacturer: syz
[ 1501.717956][ T5960] usb 3-1: SerialNumber: syz
[ 1501.776645][ T5960] usb 3-1: config 0 descriptor??
[ 1502.196715][T28854] usb 10-1: USB disconnect, device number 41
[ 1502.245211][ T5960] gs_usb 3-1:0.0: Configuring for 1 interfaces
[ 1502.846929][ T5810] usb 3-1: USB disconnect, device number 21
[ 1503.753817][ T3952] overlayfs: statfs failed on './file0'
[ 1504.423944][ T5810] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1504.566641][ T5810] usb 4-1: Using ep0 maxpacket: 32
[ 1504.569125][ T5810] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[ 1504.569156][ T5810] usb 4-1: config 0 has no interface number 0
[ 1504.569205][ T5810] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1504.569235][ T5810] usb 4-1: config 0 interface 85 has no altsetting 0
[ 1504.572928][ T5810] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1504.572961][ T5810] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1504.572983][ T5810] usb 4-1: Product: syz
[ 1504.572999][ T5810] usb 4-1: Manufacturer: syz
[ 1504.573015][ T5810] usb 4-1: SerialNumber: syz
[ 1504.654729][ T5810] usb 4-1: config 0 descriptor??
[ 1505.235215][ T4032] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1505.274947][ T5810] appletouch 4-1:0.85: Geyser mode initialized.
[ 1505.278562][ T5810] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.85/input/input49
[ 1505.502183][ T5810] usb 4-1: USB disconnect, device number 29
[ 1505.625876][ T5810] appletouch 4-1:0.85: input: appletouch disconnected
[ 1506.134415][   T37] audit: type=1400 audit(1773002863.476:1419): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=4051 comm="syz.3.12150" daddr=::ffff:172.20.20.0
[ 1506.431225][ T4032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1506.458554][ T4032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1506.553188][ T4069] netlink: 'syz.9.12157': attribute type 5 has an invalid length.
[ 1506.603744][ T4070] netlink: 'syz.9.12157': attribute type 5 has an invalid length.
[ 1507.767539][   T37] audit: type=1800 audit(1773002865.187:1420): pid=4108 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.8.12176" name="nullb0" dev="tmpfs" ino=8974 res=0 errno=0
[ 1508.158149][   T70] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.217282][   T70] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.217406][   T70] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.217448][   T70] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.944675][ T4157] �2��: renamed from team_slave_1
[ 1509.719728][   T37] audit: type=1400 audit(1773002867.244:1421): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=4190 comm="syz.3.12213" daddr=::ffff:172.20.20.187
[ 1509.850525][   T37] audit: type=1400 audit(1773002867.381:1422): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=4198 comm="syz.9.12216" dest=20001
[ 1509.880083][ T4197] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12217'.
[ 1509.880127][ T4197] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12217'.
[ 1510.023258][   T37] audit: type=1400 audit(1773002867.559:1423): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=4206 comm="syz.3.12221" daddr=2001::2 dest=19996
[ 1510.023855][   T37] audit: type=1400 audit(1773002867.559:1424): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=4206 comm="syz.3.12221" daddr=2001::
[ 1510.041190][ T4203] syzkaller1: entered promiscuous mode
[ 1510.041274][ T4203] syzkaller1: entered allmulticast mode
[ 1511.069979][ T4248] netlink: 104 bytes leftover after parsing attributes in process `syz.2.12240'.
[ 1511.225707][T28854] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1511.384325][T28854] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1511.384359][T28854] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1511.384382][T28854] usb 4-1: Product: syz
[ 1511.384396][T28854] usb 4-1: Manufacturer: syz
[ 1511.384412][T28854] usb 4-1: SerialNumber: syz
[ 1511.427712][T28854] usb 4-1: config 0 descriptor??
[ 1511.709274][ T4271] lo speed is unknown, defaulting to 1000
[ 1511.718937][ T4271] lo speed is unknown, defaulting to 1000
[ 1511.755045][ T5810] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1511.919833][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1511.919871][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1511.919897][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1511.956706][ T5810] usb 3-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1511.956742][ T5810] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1511.956764][ T5810] usb 3-1: Product: syz
[ 1511.956781][ T5810] usb 3-1: Manufacturer: syz
[ 1511.956797][ T5810] usb 3-1: SerialNumber: syz
[ 1511.995757][ T5810] usb 3-1: config 0 descriptor??
[ 1512.037393][T28854] usb 4-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0)
[ 1512.037426][T28854] usb 4-1: Firmware version (0.0) predates our first public release.
[ 1512.037446][T28854] usb 4-1: Please update to version 0.2 or newer
[ 1512.227235][ T5810] adutux 3-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[ 1512.464978][ T5810] usb 3-1: USB disconnect, device number 22
[ 1512.712299][T28854] usb 4-1: USB disconnect, device number 30
[ 1514.016109][    T9] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1514.285581][    T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1514.285620][    T9] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1514.285664][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1514.285690][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1514.294845][ T4302] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1514.351987][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1514.696161][    T9] usb 3-1: USB disconnect, device number 23
[ 1514.889734][ T4334] batadv_slave_1: entered promiscuous mode
[ 1514.899556][ T4332] batadv_slave_1: left promiscuous mode
[ 1514.966782][ T4331] process '/newroot/1836/file0' started with executable stack
[ 1515.155891][   T37] audit: type=1400 audit(1773002872.945:1425): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=4345 comm="syz.2.12284" daddr=2001::2 dest=20003
[ 1515.273859][ T5960] usb 10-1: new high-speed USB device number 42 using dummy_hcd
[ 1515.420437][ T5960] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1515.420511][ T5960] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1515.420560][ T5960] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1515.420585][ T5960] usb 10-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1515.424913][ T5960] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1515.424946][ T5960] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1515.424969][ T5960] usb 10-1: Product: syz
[ 1515.424984][ T5960] usb 10-1: Manufacturer: syz
[ 1515.425000][ T5960] usb 10-1: SerialNumber: syz
[ 1515.531731][ T5960] cdc_ncm 10-1:1.0: skipping garbage
[ 1515.561304][ T4360] netlink: 'syz.3.12291': attribute type 2 has an invalid length.
[ 1516.644278][ T5960] cdc_ncm 10-1:1.0: bind() failure
[ 1516.684755][ T5960] cdc_ncm 10-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1516.686129][ T5960] cdc_mbim 10-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1516.688537][ T5960] usbtest 10-1:1.1: probe with driver usbtest failed with error -71
[ 1516.732810][ T5960] usb 10-1: USB disconnect, device number 42
[ 1518.012471][ T4424] binder: 4423:4424 ioctl c0306201 2000000001c0 returned -14
[ 1518.826493][ T5960] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1518.969625][ T5960] usb 3-1: Using ep0 maxpacket: 32
[ 1518.972211][ T5960] usb 3-1: config 2 has an invalid interface number: 88 but max is 0
[ 1518.972242][ T5960] usb 3-1: config 2 has no interface number 0
[ 1518.972293][ T5960] usb 3-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[ 1518.972322][ T5960] usb 3-1: config 2 interface 88 has no altsetting 0
[ 1518.975851][ T5960] usb 3-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[ 1518.975885][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1518.975908][ T5960] usb 3-1: Product: syz
[ 1518.975924][ T5960] usb 3-1: Manufacturer: syz
[ 1518.975940][ T5960] usb 3-1: SerialNumber: syz
[ 1519.067269][ T4436] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1519.299130][ T4436] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1521.159494][ T5960] asix 3-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1521.159851][ T5960] asix 3-1:2.88: probe with driver asix failed with error -71
[ 1521.243874][ T5960] usb 3-1: USB disconnect, device number 24
[ 1522.142147][T28854] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1522.313339][T28854] usb 4-1: Using ep0 maxpacket: 16
[ 1522.316074][T28854] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1522.316110][T28854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1522.384354][T28854] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1522.384393][T28854] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1522.384418][T28854] usb 4-1: Product: syz
[ 1522.384429][T28854] usb 4-1: Manufacturer: syz
[ 1522.384440][T28854] usb 4-1: SerialNumber: syz
[ 1522.440517][T28854] usb 4-1: config 0 descriptor??
[ 1522.454645][T28854] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1522.454685][T28854] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1523.230460][T28854] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[ 1523.231409][T28854] em28xx 4-1:0.0: Config register raw data: 0x41
[ 1523.294737][ T4510] bridge5: entered promiscuous mode
[ 1523.294771][ T4510] bridge5: entered allmulticast mode
[ 1523.299509][ T4510] team0: Port device bridge5 added
[ 1523.438104][    T9] usb 4-1: USB disconnect, device number 31
[ 1523.440907][    T9] em28xx 4-1:0.0: Disconnecting em28xx
[ 1523.468043][ T4510] bridge0: port 1(team0) entered blocking state
[ 1523.468195][ T4510] bridge0: port 1(team0) entered disabled state
[ 1523.469382][ T4510] team0: entered allmulticast mode
[ 1523.532788][ T4510] team0: entered promiscuous mode
[ 1523.549118][    T9] em28xx 4-1:0.0: Freeing device
[ 1523.665909][ T4046] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[ 1523.673525][ T5112] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1523.673558][ T5112] CPU: 0 UID: 0 PID: 5112 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1523.673590][ T5112] Tainted: [L]=SOFTLOCKUP
[ 1523.673599][ T5112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1523.673615][ T5112] Workqueue: hci0 hci_rx_work
[ 1523.673652][ T5112] Call Trace:
[ 1523.673662][ T5112]  <TASK>
[ 1523.673673][ T5112]  dump_stack_lvl+0xe8/0x150
[ 1523.673713][ T5112]  sysfs_create_dir_ns+0x271/0x2a0
[ 1523.673741][ T5112]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1523.673771][ T5112]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1523.673803][ T5112]  ? rt_spin_unlock+0x160/0x200
[ 1523.673833][ T5112]  kobject_add_internal+0x631/0xd10
[ 1523.673880][ T5112]  kobject_add+0x163/0x240
[ 1523.673919][ T5112]  ? __pfx_kobject_add+0x10/0x10
[ 1523.673964][ T5112]  ? get_device_parent+0x370/0x3a0
[ 1523.674005][ T5112]  device_add+0x408/0xb80
[ 1523.674061][ T5112]  hci_conn_add_sysfs+0xd5/0x210
[ 1523.674093][ T5112]  le_conn_complete_evt+0xf1d/0x1430
[ 1523.674141][ T5112]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1523.674179][ T5112]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1523.674211][ T5112]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1523.674244][ T5112]  ? skb_pull_data+0xfb/0x200
[ 1523.674275][ T5112]  hci_le_conn_complete_evt+0x187/0x470
[ 1523.674319][ T5112]  hci_event_packet+0x7af/0x12c0
[ 1523.674355][ T5112]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1523.674389][ T5112]  ? __pfx_hci_event_packet+0x10/0x10
[ 1523.674418][ T5112]  ? rt_spin_unlock+0x14f/0x200
[ 1523.674462][ T5112]  ? hci_send_to_monitor+0xe2/0x590
[ 1523.674491][ T5112]  hci_rx_work+0x3ee/0x1030
[ 1523.674529][ T5112]  ? process_scheduled_works+0xa25/0x1830
[ 1523.674570][ T5112]  process_scheduled_works+0xb02/0x1830
[ 1523.674637][ T5112]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1523.674676][ T5112]  ? assign_work+0x3d5/0x5e0
[ 1523.674731][ T5112]  worker_thread+0xa50/0xfc0
[ 1523.674794][ T5112]  kthread+0x388/0x470
[ 1523.674818][ T5112]  ? __pfx_worker_thread+0x10/0x10
[ 1523.674848][ T5112]  ? __pfx_kthread+0x10/0x10
[ 1523.674873][ T5112]  ret_from_fork+0x51e/0xb90
[ 1523.674909][ T5112]  ? __pfx_ret_from_fork+0x10/0x10
[ 1523.674937][ T5112]  ? __switch_to+0xc7d/0x1450
[ 1523.674971][ T5112]  ? __pfx_kthread+0x10/0x10
[ 1523.674997][ T5112]  ret_from_fork_asm+0x1a/0x30
[ 1523.675048][ T5112]  </TASK>
[ 1523.675084][ T5112] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1523.675584][ T5112] Bluetooth: hci0: failed to register connection device
[ 1523.826974][ T4046] usb 3-1: not running at top speed; connect to a high speed hub
[ 1523.975574][ T4046] usb 3-1: New USB device found, idVendor=1199, idProduct=9003, bcdDevice=d7.34
[ 1523.975606][ T4046] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1523.975622][ T4046] usb 3-1: Product: syz
[ 1523.975633][ T4046] usb 3-1: Manufacturer: syz
[ 1523.975644][ T4046] usb 3-1: SerialNumber: syz
[ 1524.641017][ T4046] qmi_wwan 3-1:251.0: probe with driver qmi_wwan failed with error -22
[ 1524.928425][    T9] usb 3-1: USB disconnect, device number 25
[ 1525.837427][T32342] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1525.843736][ T4578] netlink: 104 bytes leftover after parsing attributes in process `syz.3.12385'.
[ 1525.989828][T32342] usb 3-1: Using ep0 maxpacket: 32
[ 1525.993442][T32342] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1525.993479][T32342] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1525.993521][T32342] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1525.993547][T32342] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.047585][T32342] usb 3-1: config 0 descriptor??
[ 1526.053107][T32342] hub 3-1:0.0: USB hub found
[ 1526.246497][T32342] hub 3-1:0.0: 1 port detected
[ 1526.672199][ T4601] lo speed is unknown, defaulting to 1000
[ 1526.675215][ T4601] lo speed is unknown, defaulting to 1000
[ 1526.772461][ T4609] input: syz1 as /devices/virtual/input/input50
[ 1526.826511][T32342] hub 3-1:0.0: activate --> -90
[ 1527.266926][ T5960] usb 3-1: USB disconnect, device number 26
[ 1527.271465][   T70] usb 3-1: Failed to suspend device, error -71
[ 1527.970405][ T4649] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12415'.
[ 1527.970450][ T4649] netlink: 'syz.8.12415': attribute type 26 has an invalid length.
[ 1527.970468][ T4649] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12415'.
[ 1528.001899][ T4649] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12415'.
[ 1528.001940][ T4649] netlink: 'syz.8.12415': attribute type 26 has an invalid length.
[ 1528.001958][ T4649] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12415'.
[ 1528.145855][ T4657] netlink: 44 bytes leftover after parsing attributes in process `syz.8.12419'.
[ 1528.148777][ T4657] netlink: 44 bytes leftover after parsing attributes in process `syz.8.12419'.
[ 1529.717084][ T4725] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12451'.
[ 1529.717105][ T4725] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12451'.
[ 1529.717710][ T4725] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12451'.
[ 1530.128592][ T4622] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1531.895595][ T4046] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1532.059436][ T4046] usb 4-1: Using ep0 maxpacket: 16
[ 1532.062248][ T4046] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1532.062288][ T4046] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1532.062322][ T4046] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1532.062361][ T4046] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1532.062388][ T4046] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1532.155362][ T4046] usb 4-1: config 0 descriptor??
[ 1532.469683][T29566] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1532.476281][T29566] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1532.487038][T29566] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1532.525680][T29566] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1532.548338][T29566] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1532.672658][ T4046] hid_parser_main: 28 callbacks suppressed
[ 1532.672687][ T4046] nzxt-smart2 0003:1E71:2009.002E: unknown main item tag 0x0
[ 1532.672722][ T4046] nzxt-smart2 0003:1E71:2009.002E: unknown main item tag 0x0
[ 1532.672751][ T4046] nzxt-smart2 0003:1E71:2009.002E: unknown main item tag 0x0
[ 1532.672780][ T4046] nzxt-smart2 0003:1E71:2009.002E: unknown main item tag 0x0
[ 1532.672847][ T4046] nzxt-smart2 0003:1E71:2009.002E: unknown main item tag 0x0
[ 1532.690734][ T4046] nzxt-smart2 0003:1E71:2009.002E: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0
[ 1532.901813][ T4046] usb 4-1: USB disconnect, device number 32
[ 1533.005215][ T4822] fido_id[4822]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[ 1533.035096][ T4813] lo speed is unknown, defaulting to 1000
[ 1533.067122][ T4813] lo speed is unknown, defaulting to 1000
[ 1533.104045][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1533.104122][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1534.153453][ T3340] Bluetooth: hci2: command 0x0406 tx timeout
[ 1534.485493][ T4813] chnl_net:caif_netlink_parms(): no params data found
[ 1534.610957][ T3340] Bluetooth: hci4: command tx timeout
[ 1534.876549][ T4813] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1534.876782][ T4813] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1534.877622][ T4813] bridge_slave_0: entered allmulticast mode
[ 1534.881031][ T4813] bridge_slave_0: entered promiscuous mode
[ 1534.885119][ T4813] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1534.885334][ T4813] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1534.885564][ T4813] bridge_slave_1: entered allmulticast mode
[ 1534.892708][ T4813] bridge_slave_1: entered promiscuous mode
[ 1535.085927][ T4813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1535.106886][ T4813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1535.168631][ T4813] team0: Port device team_slave_0 added
[ 1535.181383][ T4813] team0: Port device team_slave_1 added
[ 1535.252597][ T4813] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1535.252618][ T4813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1535.252648][ T4813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1535.255393][ T4813] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1535.255413][ T4813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1535.255445][ T4813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1535.409526][ T4813] hsr_slave_0: entered promiscuous mode
[ 1535.417183][ T4813] hsr_slave_1: entered promiscuous mode
[ 1535.418236][ T4813] debugfs: 'hsr0' already exists in 'hsr'
[ 1535.418264][ T4813] Cannot create hsr debugfs directory
[ 1536.591856][ T3340] Bluetooth: hci4: command tx timeout
[ 1537.241128][ T4931] __nla_validate_parse: 1 callbacks suppressed
[ 1537.241154][ T4931] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12537'.
[ 1537.241517][ T4934] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12537'.
[ 1538.583029][ T3340] Bluetooth: hci4: command tx timeout
[ 1539.466922][   T37] audit: type=1400 audit(1773002898.465:1426): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=5006 comm="syz.3.12560" daddr=2001::2 dest=19996
[ 1539.466990][   T37] audit: type=1400 audit(1773002898.465:1427): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=5006 comm="syz.3.12560" daddr=2001::
[ 1540.400701][ T4813] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1540.547243][ T4813] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1540.555178][ T3340] Bluetooth: hci4: command tx timeout
[ 1540.681251][ T4813] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1540.840322][ T4813] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1541.541412][ T4813] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1541.710401][ T4813] 8021q: adding VLAN 0 to HW filter on device team0
[ 1541.754634][ T7330] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.775161][ T7330] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1541.804466][ T7330] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.804639][ T7330] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1542.807814][   T37] audit: type=1326 audit(1773002901.982:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.813577][   T37] audit: type=1326 audit(1773002901.982:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.813637][   T37] audit: type=1326 audit(1773002901.982:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.813682][   T37] audit: type=1326 audit(1773002901.982:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.813727][   T37] audit: type=1326 audit(1773002901.982:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.814540][   T37] audit: type=1326 audit(1773002901.993:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.814595][   T37] audit: type=1326 audit(1773002901.993:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1542.818248][   T37] audit: type=1326 audit(1773002901.993:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5096 comm="syz.3.12585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f24390dc799 code=0x7ffc0000
[ 1543.238556][ T4813] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1544.069604][T16705] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1544.231515][T16705] usb 4-1: Using ep0 maxpacket: 16
[ 1544.234013][T16705] usb 4-1: config 1 has an invalid interface number: 228 but max is 0
[ 1544.234043][T16705] usb 4-1: config 1 has no interface number 0
[ 1544.234078][T16705] usb 4-1: config 1 interface 228 has no altsetting 0
[ 1544.254849][T16705] usb 4-1: New USB device found, idVendor=0a5c, idProduct=396e, bcdDevice=21.b9
[ 1544.254884][T16705] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1544.254907][T16705] usb 4-1: Product: syz
[ 1544.254922][T16705] usb 4-1: Manufacturer: syz
[ 1544.254939][T16705] usb 4-1: SerialNumber: syz
[ 1544.561894][T16705] usb 4-1: USB disconnect, device number 33
[ 1544.782297][ T4813] veth0_vlan: entered promiscuous mode
[ 1544.799634][ T4813] veth1_vlan: entered promiscuous mode
[ 1544.946441][ T4813] veth0_macvtap: entered promiscuous mode
[ 1544.964871][ T4813] veth1_macvtap: entered promiscuous mode
[ 1545.095700][ T4813] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1545.149681][ T4813] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1545.212862][ T9294] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1545.214994][ T9294] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1545.221011][ T9294] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1545.221133][ T9294] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1545.971520][ T7330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1545.971547][ T7330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1546.162439][ T7330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1546.162463][ T7330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1546.199141][ T4046] libceph: connect (1)[c::]:6789 error -101
[ 1546.199330][ T4046] libceph: mon0 (1)[c::]:6789 connect error
[ 1546.273182][ T4046] libceph: connect (1)[c::]:6789 error -101
[ 1546.273393][ T4046] libceph: mon0 (1)[c::]:6789 connect error
[ 1546.526094][ T4046] libceph: connect (1)[c::]:6789 error -101
[ 1546.526298][ T4046] libceph: mon0 (1)[c::]:6789 connect error
[ 1546.872571][ T5189] ceph: No mds server is up or the cluster is laggy
[ 1547.013382][ T4046] libceph: connect (1)[c::]:6789 error -101
[ 1547.013597][ T4046] libceph: mon0 (1)[c::]:6789 connect error
[ 1551.102138][ T5302] kvm: Disabled LAPIC found during irq injection
[ 1551.973679][ T5318] lo speed is unknown, defaulting to 1000
[ 1552.002144][ T5318] lo speed is unknown, defaulting to 1000
[ 1552.603240][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1554.315698][T29060] Bluetooth: hci7: Frame reassembly failed (-84)
[ 1555.099252][ T5387] netlink: 16 bytes leftover after parsing attributes in process `syz.7.12666'.
[ 1556.253254][ T5112] Bluetooth: hci7: command 0x1003 tx timeout
[ 1556.253576][ T3340] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1557.981093][ T5460] 0�X���: left allmulticast mode
[ 1557.981327][ T5460] batadv0: left promiscuous mode
[ 1557.981348][ T5460] batadv0: left allmulticast mode
[ 1559.454787][ T5460] sit1: left allmulticast mode
[ 1559.457353][ T5460] bridge1: left promiscuous mode
[ 1559.531374][ T5460] bond1: left allmulticast mode
[ 1559.587126][ T5460] geneve2: left promiscuous mode
[ 1559.670595][ T5460] batman_adv: batadv0: Interface deactivated: gretap1
[ 1559.715635][ T5460] vlan0: left promiscuous mode
[ 1559.715670][ T5460] bridge0: left promiscuous mode
[ 1559.715949][ T5460] team0: left promiscuous mode
[ 1559.749477][ T5460] bridge5: left promiscuous mode
[ 1559.796997][ T7330] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1559.799030][ T7330] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1559.799098][ T7330] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1559.799142][ T7330] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1559.809557][ T4046] lo speed is unknown, defaulting to 1000
[ 1559.809662][ T4046] syz0: Port: 1 Link DOWN
[ 1560.280961][ T5553] loop2: detected capacity change from 0 to 7
[ 1560.298484][ T5553]  loop2:
[ 1560.298525][ T5553] loop2: partition table partially beyond EOD, truncated
[ 1563.043620][ T5598] netlink: 'syz.8.12735': attribute type 15 has an invalid length.
[ 1563.043648][ T5598] netlink: 48 bytes leftover after parsing attributes in process `syz.8.12735'.
[ 1563.132079][ T5598] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12735'.
[ 1563.133376][ T5594] lo speed is unknown, defaulting to 1000
[ 1563.135084][ T5594] lo speed is unknown, defaulting to 1000
[ 1565.592066][ T5689] binder: 5685:5689 unknown command 0
[ 1565.592092][ T5689] binder: 5685:5689 ioctl c0306201 200000000640 returned -22
[ 1565.592204][ T5687] binder: 5685:5687 ioctl c0306201 2000000000c0 returned -14
[ 1570.774925][ T5804] loop5: detected capacity change from 0 to 7
[ 1570.800898][ T5804]  loop5:
[ 1570.800926][ T5804] loop5: partition table partially beyond EOD, truncated
[ 1571.857458][ T5839] netlink: 64 bytes leftover after parsing attributes in process `syz.2.12813'.
[ 1575.715208][   T37] kauditd_printk_skb: 7 callbacks suppressed
[ 1575.715229][   T37] audit: type=1400 audit(1773002936.531:1443): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=5947 comm="syz.2.12858" dest=20002
[ 1575.939182][ T5958] overlayfs: failed to clone upperpath
[ 1576.826174][ T5990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12871'.
[ 1580.869221][ T6097] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12912'.
[ 1581.186504][   T37] audit: type=1400 audit(1773002942.263:1444): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="TIPCv2" requested=w pid=6109 comm="syz.8.12918" dest=20004
[ 1581.972242][ T6138] fuse: root generation should be zero
[ 1585.695767][ T3340] Bluetooth: hci4: unexpected event 0x14 length: 20 > 6
[ 1586.838976][ T6209] syz.7.12957 (6209) used greatest stack depth: 16840 bytes left
[ 1591.199285][ T6254] tipc: Failed to remove unknown binding: 66,0,0/0:3830998029/3830998030
[ 1591.199817][ T6254] tipc: Failed to remove unknown binding: 66,0,0/0:3830998029/3830998030
[ 1591.619710][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1591.619787][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1593.722275][ T6321] overlayfs: failed to clone upperpath
[ 1593.737866][ T6324] netlink: 164 bytes leftover after parsing attributes in process `syz.7.12998'.
[ 1595.969662][ T6367] tipc: Started in network mode
[ 1595.969700][ T6367] tipc: Node identity 82e1b053f2c2, cluster identity 4711
[ 1596.000173][ T6367] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1596.210517][ T6367] tipc: Resetting bearer <eth:syzkaller0>
[ 1597.070971][ T6366] tipc: Disabling bearer <eth:syzkaller0>
[ 1597.262515][T28854] tipc: Node number set to 1881387091
[ 1601.331939][   T37] audit: type=1326 audit(1773002963.406:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6441 comm="syz.8.13044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e2a42c799 code=0x7ffc0000
[ 1601.368090][   T37] audit: type=1326 audit(1773002963.459:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6441 comm="syz.8.13044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e2a42c799 code=0x7ffc0000
[ 1610.410731][T28854] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1610.585811][T28854] usb 4-1: Using ep0 maxpacket: 16
[ 1610.594967][T28854] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1610.595029][T28854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1610.595061][T28854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1610.595086][T28854] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1610.595113][T28854] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1610.633941][T28854] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1610.634283][T28854] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1610.634363][T28854] usb 4-1: Manufacturer: syz
[ 1610.709546][T28854] usb 4-1: config 0 descriptor??
[ 1611.053391][T28854] rc_core: IR keymap rc-hauppauge not found
[ 1611.053414][T28854] Registered IR keymap rc-empty
[ 1611.053575][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.084479][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.115512][T28854] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[ 1611.141532][ T6633] netlink: 64 bytes leftover after parsing attributes in process `syz.8.13114'.
[ 1611.156817][T28854] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input51
[ 1611.189248][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.233758][    C0] rc rc0: IR event FIFO is full!
[ 1611.233784][    C0] rc rc0: IR event FIFO is full!
[ 1611.233802][    C0] rc rc0: IR event FIFO is full!
[ 1611.233817][    C0] rc rc0: IR event FIFO is full!
[ 1611.234583][    C0] rc rc0: IR event FIFO is full!
[ 1611.234603][    C0] rc rc0: IR event FIFO is full!
[ 1611.234620][    C0] rc rc0: IR event FIFO is full!
[ 1611.234636][    C0] rc rc0: IR event FIFO is full!
[ 1611.234693][    C0] rc rc0: IR event FIFO is full!
[ 1611.234749][    C0] rc rc0: IR event FIFO is full!
[ 1611.234801][    C0] rc rc0: IR event FIFO is full!
[ 1611.234831][    C0] rc rc0: IR event FIFO is full!
[ 1611.234875][    C0] rc rc0: IR event FIFO is full!
[ 1611.234919][    C0] rc rc0: IR event FIFO is full!
[ 1611.235297][    C0] rc rc0: IR event FIFO is full!
[ 1611.235348][    C0] rc rc0: IR event FIFO is full!
[ 1611.235393][    C0] rc rc0: IR event FIFO is full!
[ 1611.235437][    C0] rc rc0: IR event FIFO is full!
[ 1611.235481][    C0] rc rc0: IR event FIFO is full!
[ 1611.235849][    C0] rc rc0: IR event FIFO is full!
[ 1611.235895][    C0] rc rc0: IR event FIFO is full!
[ 1611.235938][    C0] rc rc0: IR event FIFO is full!
[ 1611.235975][    C0] rc rc0: IR event FIFO is full!
[ 1611.236018][    C0] rc rc0: IR event FIFO is full!
[ 1611.236054][    C0] rc rc0: IR event FIFO is full!
[ 1611.236098][    C0] rc rc0: IR event FIFO is full!
[ 1611.236143][    C0] rc rc0: IR event FIFO is full!
[ 1611.236539][    C0] rc rc0: IR event FIFO is full!
[ 1611.236585][    C0] rc rc0: IR event FIFO is full!
[ 1611.236629][    C0] rc rc0: IR event FIFO is full!
[ 1611.236672][    C0] rc rc0: IR event FIFO is full!
[ 1611.237027][    C0] rc rc0: IR event FIFO is full!
[ 1611.237075][    C0] rc rc0: IR event FIFO is full!
[ 1611.237118][    C0] rc rc0: IR event FIFO is full!
[ 1611.238137][    C0] rc rc0: IR event FIFO is full!
[ 1611.238191][    C0] rc rc0: IR event FIFO is full!
[ 1611.238554][    C0] rc rc0: IR event FIFO is full!
[ 1611.238599][    C0] rc rc0: IR event FIFO is full!
[ 1611.238644][    C0] rc rc0: IR event FIFO is full!
[ 1611.238688][    C0] rc rc0: IR event FIFO is full!
[ 1611.239072][    C0] rc rc0: IR event FIFO is full!
[ 1611.239423][    C0] rc rc0: IR event FIFO is full!
[ 1611.239441][    C0] rc rc0: IR event FIFO is full!
[ 1611.239455][    C0] rc rc0: IR event FIFO is full!
[ 1611.239470][    C0] rc rc0: IR event FIFO is full!
[ 1611.239484][    C0] rc rc0: IR event FIFO is full!
[ 1611.239497][    C0] rc rc0: IR event FIFO is full!
[ 1611.239512][    C0] rc rc0: IR event FIFO is full!
[ 1611.239528][    C0] rc rc0: IR event FIFO is full!
[ 1611.239856][    C0] rc rc0: IR event FIFO is full!
[ 1611.239910][    C0] rc rc0: IR event FIFO is full!
[ 1611.239961][    C0] rc rc0: IR event FIFO is full!
[ 1611.239999][    C0] rc rc0: IR event FIFO is full!
[ 1611.240049][    C0] rc rc0: IR event FIFO is full!
[ 1611.240099][    C0] rc rc0: IR event FIFO is full!
[ 1611.240459][    C0] rc rc0: IR event FIFO is full!
[ 1611.240504][    C0] rc rc0: IR event FIFO is full!
[ 1611.240547][    C0] rc rc0: IR event FIFO is full!
[ 1611.240591][    C0] rc rc0: IR event FIFO is full!
[ 1611.240960][    C0] rc rc0: IR event FIFO is full!
[ 1611.241007][    C0] rc rc0: IR event FIFO is full!
[ 1611.241045][    C0] rc rc0: IR event FIFO is full!
[ 1611.241089][    C0] rc rc0: IR event FIFO is full!
[ 1611.241131][    C0] rc rc0: IR event FIFO is full!
[ 1611.241167][    C0] rc rc0: IR event FIFO is full!
[ 1611.241211][    C0] rc rc0: IR event FIFO is full!
[ 1611.241878][    C0] rc rc0: IR event FIFO is full!
[ 1611.243376][    C0] rc rc0: IR event FIFO is full!
[ 1611.243431][    C0] rc rc0: IR event FIFO is full!
[ 1611.243475][    C0] rc rc0: IR event FIFO is full!
[ 1611.243518][    C0] rc rc0: IR event FIFO is full!
[ 1611.243555][    C0] rc rc0: IR event FIFO is full!
[ 1611.243600][    C0] rc rc0: IR event FIFO is full!
[ 1611.243745][    C0] rc rc0: IR event FIFO is full!
[ 1611.243789][    C0] rc rc0: IR event FIFO is full!
[ 1611.243830][    C0] rc rc0: IR event FIFO is full!
[ 1611.243846][    C0] rc rc0: IR event FIFO is full!
[ 1611.244084][    C0] rc rc0: IR event FIFO is full!
[ 1611.244102][    C0] rc rc0: IR event FIFO is full!
[ 1611.244146][    C0] rc rc0: IR event FIFO is full!
[ 1611.244191][    C0] rc rc0: IR event FIFO is full!
[ 1611.244206][    C0] rc rc0: IR event FIFO is full!
[ 1611.244221][    C0] rc rc0: IR event FIFO is full!
[ 1611.244508][    C0] rc rc0: IR event FIFO is full!
[ 1611.244556][    C0] rc rc0: IR event FIFO is full!
[ 1611.244599][    C0] rc rc0: IR event FIFO is full!
[ 1611.244621][    C0] rc rc0: IR event FIFO is full!
[ 1611.244657][    C0] rc rc0: IR event FIFO is full!
[ 1611.244993][    C0] rc rc0: IR event FIFO is full!
[ 1611.245055][    C0] rc rc0: IR event FIFO is full!
[ 1611.245115][    C0] rc rc0: IR event FIFO is full!
[ 1611.245498][    C0] rc rc0: IR event FIFO is full!
[ 1611.245542][    C0] rc rc0: IR event FIFO is full!
[ 1611.245585][    C0] rc rc0: IR event FIFO is full!
[ 1611.245629][    C0] rc rc0: IR event FIFO is full!
[ 1611.245666][    C0] rc rc0: IR event FIFO is full!
[ 1611.787617][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.821888][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.846302][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.863684][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.882386][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.921006][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.939195][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.961160][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1611.987280][T28854] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1612.018413][T28854] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1612.018434][T28854] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1612.124965][T28854] usb 4-1: USB disconnect, device number 34
[ 1615.785309][ T6686] vlan1: entered promiscuous mode
[ 1615.785335][ T6686] bridge0: entered promiscuous mode
[ 1615.785353][ T6686] team0: entered promiscuous mode
[ 1615.785368][ T6686] bridge5: entered promiscuous mode
[ 1616.679204][   T37] audit: type=1326 audit(1773002979.531:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6698 comm="syz.3.13141" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f24390dc799 code=0x0
[ 1642.699033][ T6886] syzkaller0: entered promiscuous mode
[ 1642.699056][ T6886] syzkaller0: entered allmulticast mode
[ 1642.967951][ T6893] tipc: Started in network mode
[ 1642.967989][ T6893] tipc: Node identity eae294762ed4, cluster identity 4711
[ 1642.994745][ T6893] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1643.338394][ T6885] tipc: Resetting bearer <eth:syzkaller0>
[ 1643.394053][ T5112] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1643.432093][ T5112] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1643.437588][ T5112] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1643.439047][ T5112] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1643.448755][ T5112] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1645.173735][ T6885] tipc: Disabling bearer <eth:syzkaller0>
[ 1645.423812][ T4046] tipc: Node number set to 3291911286
[ 1645.488932][ T3340] Bluetooth: hci7: command tx timeout
[ 1645.806353][ T6924] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13217'.
[ 1646.761033][ T6904] lo speed is unknown, defaulting to 1000
[ 1646.944278][ T6904] lo speed is unknown, defaulting to 1000
[ 1647.267749][ T6933] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13221'.
[ 1647.479191][ T3340] Bluetooth: hci7: command tx timeout
[ 1647.944552][ T5112] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1648.119479][ T5112] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1649.070443][ T5112] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1649.251356][ T5112] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1649.268660][ T5112] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1649.451612][ T3340] Bluetooth: hci7: command tx timeout
[ 1650.034877][ T6939] lo speed is unknown, defaulting to 1000
[ 1650.142706][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1650.142782][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1650.236857][ T6939] lo speed is unknown, defaulting to 1000
[ 1650.856193][ T6904] chnl_net:caif_netlink_parms(): no params data found
[ 1651.461398][ T5112] Bluetooth: hci7: command tx timeout
[ 1651.594464][ T5112] Bluetooth: hci8: command tx timeout
[ 1652.745181][ T6904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1652.745349][ T6904] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1652.745631][ T6904] bridge_slave_0: entered allmulticast mode
[ 1652.752249][ T6904] bridge_slave_0: entered promiscuous mode
[ 1653.182094][ T4046] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1653.385335][ T4046] usb 4-1: Using ep0 maxpacket: 32
[ 1653.413933][ T4046] usb 4-1: config 0 has no interfaces?
[ 1653.439648][ T4046] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[ 1653.439687][ T4046] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1653.439712][ T4046] usb 4-1: Product: syz
[ 1653.439730][ T4046] usb 4-1: Manufacturer: syz
[ 1653.439746][ T4046] usb 4-1: SerialNumber: syz
[ 1653.501809][ T4046] usb 4-1: config 0 descriptor??
[ 1653.516779][ T9300] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1653.573092][ T5112] Bluetooth: hci8: command tx timeout
[ 1653.656503][ T6939] chnl_net:caif_netlink_parms(): no params data found
[ 1653.678569][ T6904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1653.678705][ T6904] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1653.679015][ T6904] bridge_slave_1: entered allmulticast mode
[ 1653.686811][ T6904] bridge_slave_1: entered promiscuous mode
[ 1653.794120][ T4046] usb 4-1: USB disconnect, device number 35
[ 1655.794472][ T5112] Bluetooth: hci8: command tx timeout
[ 1657.127619][ T9300] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1657.312781][ T7050] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[ 1657.402120][ T6904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1657.402263][ T7044] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[ 1657.721766][ T6904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1657.764855][ T3340] Bluetooth: hci8: command tx timeout
[ 1659.693886][ T9300] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.550909][ T6904] team0: Port device team_slave_0 added
[ 1660.555141][ T6904] team0: Port device team_slave_1 added
[ 1660.690898][ T6939] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1660.691036][ T6939] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1660.691259][ T6939] bridge_slave_0: entered allmulticast mode
[ 1660.726564][ T6939] bridge_slave_0: entered promiscuous mode
[ 1660.813371][ T6939] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1660.813507][ T6939] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1660.813778][ T6939] bridge_slave_1: entered allmulticast mode
[ 1660.845696][ T6939] bridge_slave_1: entered promiscuous mode
[ 1660.869460][ T6904] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1660.869480][ T6904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1660.869513][ T6904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1660.948190][ T6904] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1660.948211][ T6904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1660.948245][ T6904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1662.363744][ T7102] 9p: Bad value for 'rfdno'
[ 1662.409094][ T9300] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1662.495720][ T6939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1662.529551][ T6939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1662.738142][ T6904] hsr_slave_0: entered promiscuous mode
[ 1662.739266][ T6904] hsr_slave_1: entered promiscuous mode
[ 1662.759674][ T6904] debugfs: 'hsr0' already exists in 'hsr'
[ 1662.759707][ T6904] Cannot create hsr debugfs directory
[ 1662.763689][ T6939] team0: Port device team_slave_0 added
[ 1662.797167][ T6939] team0: Port device team_slave_1 added
[ 1663.030187][ T6939] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1663.030207][ T6939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1663.030239][ T6939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1663.104507][ T6939] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1663.104528][ T6939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1663.104561][ T6939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1663.325229][ T7120] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1663.801114][ T6939] hsr_slave_0: entered promiscuous mode
[ 1663.802701][ T6939] hsr_slave_1: entered promiscuous mode
[ 1663.803738][ T6939] debugfs: 'hsr0' already exists in 'hsr'
[ 1663.803767][ T6939] Cannot create hsr debugfs directory
[ 1665.193637][ T9300] bridge_slave_1: left allmulticast mode
[ 1665.193673][ T9300] bridge_slave_1: left promiscuous mode
[ 1665.193918][ T9300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1665.851424][ T9300] bridge_slave_0: left allmulticast mode
[ 1665.853069][ T9300] bridge_slave_0: left promiscuous mode
[ 1666.107435][ T9300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1667.818078][   T38] INFO: task syz.9.12308:4402 blocked for more than 144 seconds.
[ 1667.818112][   T38]       Tainted: G             L      syzkaller #0
[ 1667.818127][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1667.818140][   T38] task:syz.9.12308     state:D stack:24832 pid:4402  tgid:4402  ppid:22745  task_flags:0x400040 flags:0x00080003
[ 1667.818215][   T38] Call Trace:
[ 1667.818225][   T38]  <TASK>
[ 1667.818243][   T38]  __schedule+0x1553/0x5240
[ 1667.818380][   T38]  ? trace_irq_disable+0x3b/0x150
[ 1667.818457][   T38]  ? __pfx___schedule+0x10/0x10
[ 1667.818506][   T38]  rt_mutex_schedule+0x76/0xf0
[ 1667.818558][   T38]  rt_mutex_slowlock_block+0x508/0x680
[ 1667.818600][   T38]  ? rt_mutex_slowlock_block+0x2e9/0x680
[ 1667.818631][   T38]  rt_mutex_slowlock+0x2dc/0x7b0
[ 1667.818661][   T38]  ? rt_mutex_slowlock+0x1fd/0x7b0
[ 1667.818689][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1667.818744][   T38]  ? lock_acquire+0x20b/0x2e0
[ 1667.818805][   T38]  ? nfsd_shutdown_threads+0x4e/0xd0
[ 1667.818861][   T38]  mutex_lock_nested+0x168/0x1d0
[ 1667.818952][   T38]  nfsd_shutdown_threads+0x4e/0xd0
[ 1667.818981][   T38]  nfsd_umount+0x41/0x60
[ 1667.819014][   T38]  deactivate_locked_super+0xbc/0x130
[ 1667.819078][   T38]  cleanup_mnt+0x437/0x4d0
[ 1667.819121][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1667.819165][   T38]  task_work_run+0x1d9/0x270
[ 1667.819198][   T38]  ? __pfx_task_work_run+0x10/0x10
[ 1667.819238][   T38]  exit_to_user_mode_loop+0xed/0x480
[ 1667.819279][   T38]  ? rcu_is_watching+0x15/0xb0
[ 1667.819317][   T38]  do_syscall_64+0x32d/0xf80
[ 1667.819359][   T38]  ? trace_irq_disable+0x3b/0x150
[ 1667.819385][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1667.819431][   T38]  ? clear_bhb_loop+0x40/0x90
[ 1667.819461][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1667.819487][   T38] RIP: 0033:0x7f830ef4c799
[ 1667.819517][   T38] RSP: 002b:00007fffde0a6438 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1667.819542][   T38] RAX: 0000000000000000 RBX: 00007f830f1c7da0 RCX: 00007f830ef4c799
[ 1667.819559][   T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1667.819575][   T38] RBP: 00007f830f1c7da0 R08: 00007f8[ 1667.819575][   T38] RBP: 00007f830f1c7da0 R08: 00007f830f1c6128 R09: 0000000000000000
[ 1667.819592][   T38] R10: 00000000005fafac R11: 0000000000000246 R12: 0000000000175966
[ 1667.819608][   T38] R13: 00007f830f1c618c R14: 00000000001756d0 R15: 00007f830f1c6180
[ 1667.819648][   T38]  </TASK>
[ 1667.819684][   T38] 
[ 1667.819684][   T38] Showing all locks held in the system:
[ 1667.819697][   T38] 2 locks held by rcuc/0/20:
[ 1667.819802][   T38] 1 lock held by khungtaskd/38:
[ 1667.819817][   T38]  #0: ffffffff8ddcb840 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1667.819925][   T38] 2 locks held by dhcpcd/5457:
[ 1667.819939][   T38]  #0: ffff888039c90928 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: netlink_dump+0xe4/0xe80
[ 1667.820125][   T38]  #1: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200
[ 1667.820245][   T38] 2 locks held by getty/5550:
[ 1667.820259][   T38]  #0: ffff8880373250a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1667.820350][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0
[ 1667.820417][   T38] 10 locks held by syz-executor/8217:
[ 1667.820433][   T38] 3 locks held by kworker/u8:19/9298:
[ 1667.820446][   T38]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1667.820509][   T38]  #1: ffffc900040dfc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1667.820572][   T38]  #2: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1667.820636][   T38] 4 locks held by kworker/u8:21/9300:
[ 1667.820650][   T38]  #0: ffff88801aee1138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1667.820712][   T38]  #1: ffffc90003fefc40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1667.820774][   T38]  #2: ffffffff8f14b840 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[ 1667.820890][   T38]  #3: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x940
[ 1667.820950][   T38] 3 locks held by kworker/0:2/16705:
[ 1667.820962][   T38]  #0: ffff888019c03938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1667.821030][   T38]  #1: ffffc90005ad7c40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1667.821091][   T38]  #2: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 1667.821246][   T38] 2 locks held by syz.1.10404/32069:
[ 1667.821261][   T38]  #0: ffffffff8f1c85a0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1667.927217][   T38]  #1: ffffffff8e0e56f8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x13e/0x1630
[ 1667.927422][   T38] 2 locks held by syz.9.12308/4402:
[ 1667.927465][   T38]  #0: ffff88806241a0d0 (&type->s_umount_key#97){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 1667.927675][   T38]  #1: ffffffff8e0e56f8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x4e/0xd0
[ 1667.928129][   T38] 2 locks held by syz-executor/6904:
[ 1667.928164][   T38]  #0: ffffffff8f6a5600 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[ 1667.928350][   T38]  #1: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0
[ 1667.928513][   T38] 2 locks held by syz-executor/6939:
[ 1667.928546][   T38]  #0: ffffffff8e8b5ca8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[ 1667.928722][   T38]  #1: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0
[ 1667.928878][   T38] 2 locks held by syz.3.13305/7161:
[ 1667.928911][   T38]  #0: ffffffff8f1c85a0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1667.973365][   T38]  #1: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930
[ 1667.973729][   T38] 1 lock held by syz.2.13308/7164:
[ 1667.973776][   T38] 5 locks held by syz.5.13321/7190:
[ 1667.976630][   T38] 
[ 1667.976661][   T38] =============================================
[ 1667.976661][   T38] 
[ 1667.976703][   T38] NMI backtrace for cpu 0
[ 1667.976743][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1667.976846][   T38] Tainted: [L]=SOFTLOCKUP
[ 1667.976871][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1667.976921][   T38] Call Trace:
[ 1667.976955][   T38]  <TASK>
[ 1667.977013][   T38]  dump_stack_lvl+0xe8/0x150
[ 1667.977137][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[ 1667.977223][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1667.977327][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1667.977405][   T38]  sys_info+0x135/0x170
[ 1667.977569][   T38]  watchdog+0xfd9/0x1030
[ 1667.977659][   T38]  ? watchdog+0x21a/0x1030
[ 1667.977743][   T38]  kthread+0x388/0x470
[ 1667.977810][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1667.977878][   T38]  ? __pfx_kthread+0x10/0x10
[ 1667.977950][   T38]  ret_from_fork+0x51e/0xb90
[ 1667.978051][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1667.978139][   T38]  ? __switch_to+0xc7d/0x1450
[ 1667.978274][   T38]  ? __pfx_kthread+0x10/0x10
[ 1667.978354][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1667.978458][   T38]  </TASK>
[ 1667.978570][   T38] Sending NMI from CPU 0 to CPUs 1:
[ 1667.978606][    C1] NMI backtrace for cpu 1
[ 1667.978625][    C1] CPU: 1 UID: 0 PID: 17 Comm: pr/legacy Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1667.978652][    C1] Tainted: [L]=SOFTLOCKUP
[ 1667.978659][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1667.978672][    C1] RIP: 0010:pvclock_clocksource_read_nowd+0x42/0xf0
[ 1667.978727][    C1] Code: 56 44 89 f1 48 d3 e0 83 e5 fe 4c 89 3c 24 48 f7 24 24 48 0f ac d0 20 48 8b 4f 10 0f b6 57 1d 8b 37 39 f5 89 f5 74 70 0f 01 f9 <66> 90 48 89 c1 48 89 d0 48 c1 e0 20 48 09 c8 48 2b 47 08 44 8b 7f
[ 1667.978744][    C1] RSP: 0018:ffffc900001675b8 EFLAGS: 00000003
[ 1667.978763][    C1] RAX: 00000000c8ec48d6 RBX: 0000000000000000 RCX: 0000000000000001
[ 1667.978776][    C1] RDX: 0000000000000358 RSI: 0000000000000000 RDI: ffffffff92545040
[ 1667.978790][    C1] RBP: 000000000000000e R08: 0000000000000003 R09: 0000000000000004
[ 1667.978801][    C1] R10: dffffc0000000000 R11: fffff5200002ceb0 R12: 0000000000000005
[ 1667.978816][    C1] R13: 0000000000000046 R14: ffff8880b893bc20 R15: ffff88801ca96800
[ 1667.978831][    C1] FS:  0000000000000000(0000) GS:ffff88812643f000(0000) knlGS:0000000000000000
[ 1667.978847][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1667.978861][    C1] CR2: 00007fee7039da08 CR3: 000000009abee000 CR4: 00000000003526f0
[ 1667.978879][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1667.978891][    C1] DR3: 000000000000000c DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1667.978904][    C1] Call Trace:
[ 1667.978912][    C1]  <TASK>
[ 1667.978919][    C1]  ? sched_clock+0xb/0x60
[ 1667.978945][    C1]  kvm_sched_clock_read+0x11/0x20
[ 1667.978969][    C1]  sched_clock+0x17/0x60
[ 1667.978992][    C1]  lock_pin_lock+0xca/0x150
[ 1667.979013][    C1]  _task_rq_lock+0x342/0x470
[ 1667.979043][    C1]  __schedule+0x16d3/0x5240
[ 1667.979067][    C1]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1667.979095][    C1]  ? rtlock_slowlock_locked+0xfb/0x3c80
[ 1667.979117][    C1]  ? __pfx_sprintf+0x10/0x10
[ 1667.979137][    C1]  ? desc_read+0x208/0x3f0
[ 1667.979161][    C1]  ? __pfx___schedule+0x10/0x10
[ 1667.979182][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1667.979205][    C1]  ? __pfx_info_print_prefix+0x10/0x10
[ 1667.979239][    C1]  preempt_schedule_irq+0x4d/0xa0
[ 1667.979263][    C1]  irqentry_exit+0x599/0x620
[ 1667.979289][    C1]  ? trace_irq_disable+0x3b/0x150
[ 1667.979316][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1667.979338][    C1] RIP: 0010:io_serial_in+0x77/0xc0
[ 1667.979402][    C1] Code: e8 ce e3 94 fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 8f ff fa fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f c3 cc cc cc cc cc 44 89 f9 80 e1 07
[ 1667.979418][    C1] RSP: 0018:ffffc900001679d0 EFLAGS: 00000202
[ 1667.979435][    C1] RAX: 1ffffffff332a000 RBX: 00000000000003fd RCX: 0000000000000000
[ 1667.979448][    C1] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000
[ 1667.979460][    C1] RBP: ffffffff99950730 R08: 0000000000000000 R09: 0000000000000000
[ 1667.979473][    C1] R10: dffffc0000000000 R11: ffffffff852f6fb0 R12: dffffc0000000000
[ 1667.979488][    C1] R13: 0000000000000000 R14: ffffffff999504a0 R15: 0000000000000000
[ 1667.979504][    C1]  ? __pfx_io_serial_in+0x10/0x10
[ 1667.979536][    C1]  wait_for_lsr+0x1aa/0x2f0
[ 1667.979568][    C1]  serial8250_console_write+0x120d/0x1b90
[ 1667.979601][    C1]  ? __pfx_serial8250_console_write+0x10/0x10
[ 1667.979630][    C1]  ? console_flush_one_record+0x48f/0xb90
[ 1667.979662][    C1]  console_flush_one_record+0x68b/0xb90
[ 1667.979706][    C1]  ? console_flush_one_record+0xfa/0xb90
[ 1667.979739][    C1]  ? __pfx_console_flush_one_record+0x10/0x10
[ 1667.979770][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1667.979799][    C1]  legacy_kthread_func+0x1b6/0x250
[ 1667.979830][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1667.979858][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1667.979889][    C1]  ? __kthread_parkme+0x7a/0x1f0
[ 1667.979923][    C1]  kthread+0x388/0x470
[ 1667.979942][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1667.979970][    C1]  ? __pfx_kthread+0x10/0x10
[ 1667.979990][    C1]  ret_from_fork+0x51e/0xb90
[ 1667.980019][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1667.980045][    C1]  ? __switch_to+0xc7d/0x1450
[ 1667.980070][    C1]  ? __pfx_kthread+0x10/0x10
[ 1667.980090][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1667.980117][    C1]  </TASK>
[ 1668.051774][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 1668.051853][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1668.051939][   T38] Tainted: [L]=SOFTLOCKUP
[ 1668.051962][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1668.052004][   T38] Call Trace:
[ 1668.052030][   T38]  <TASK>
[ 1668.052062][   T38]  vpanic+0x56c/0xa60
[ 1668.052175][   T38]  ? __pfx___schedule+0x10/0x10
[ 1668.052290][   T38]  ? __pfx_vpanic+0x10/0x10
[ 1668.052413][   T38]  panic+0xc5/0xd0
[ 1668.052502][   T38]  ? __pfx_panic+0x10/0x10
[ 1668.052592][   T38]  ? preempt_schedule_thunk+0x16/0x30
[ 1668.052692][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1668.052771][   T38]  watchdog+0x1023/0x1030
[ 1668.052861][   T38]  ? watchdog+0x21a/0x1030
[ 1668.052959][   T38]  kthread+0x388/0x470
[ 1668.053026][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1668.053102][   T38]  ? __pfx_kthread+0x10/0x10
[ 1668.053170][   T38]  ret_from_fork+0x51e/0xb90
[ 1668.053276][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1668.053355][   T38]  ? __switch_to+0xc7d/0x1450
[ 1668.053443][   T38]  ? __pfx_kthread+0x10/0x10
[ 1668.053518][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1668.053626][   T38]  </TASK>
[ 1668.054276][   T38] Kernel Offset: disabled