last executing test programs:

15.162301374s ago: executing program 3 (id=419):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f0000000380)={{0x3, 0x81}, 'port0\x00', 0x41, 0x20010, 0x2, 0x1ff, 0x8000, 0xfffffffe, 0x8, 0x0, 0x4, 0xf5})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x19a1, 0x2, 0x1}, 0x21, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x3, 0xbfdffff8}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x40})
io_uring_enter(r5, 0x47f6, 0x0, 0x2, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000389000/0x4000)=nil)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01003fbd7000fedbdf250e00000004000180180001801400020076657468315f746f5f68737200"], 0x30}, 0x1, 0x0, 0x0, 0x20048844}, 0x48040)
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000000cc0)={0x0, 0x0, {0xfffff982, 0x8, 0x300f, 0x3, 0x7, 0x0, 0x2, 0x1}})
socket(0x2b, 0x80801, 0x1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x2000000000000000, &(0x7f00000002c0)=ANY=[@ANYRESOCT, @ANYRES32=r3, @ANYRESOCT=r0, @ANYRES8=r7, @ANYRESHEX=r2, @ANYRES32=r9, @ANYRES16, @ANYRES16=r4, @ANYBLOB="a50540957f17006f31b7b70997", @ANYRES8=r4], 0x48)

14.446392521s ago: executing program 0 (id=421):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000300)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000001c0)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000f80)={&(0x7f0000000d80)=[0x0, 0x0, 0x0], &(0x7f0000000dc0)=[{}, {}], &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000f40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x9, 0x3})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x2001)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x8, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r4, 0x40505330, &(0x7f0000000ec0)={0x800100, 0xfffffffd, 0x22, 0x100, 0x81, 0x5})
write$apparmor_exec(r2, &(0x7f00000000c0)={'exec ', ':\x00\b\xc4\x99\x10\tI\xc22b\xe8\r\xfa\xc1\xd6-\xe5\xd3-\xce\xeapE\xb53&\v\xa0\xd3\v#E\xc4I\x97\xfd'}, 0x2a)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x2, 0xfffffffd, 0xb49, 0x9, 0x5, 0x1, 0x3}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c000000020601000000000600000000000000000e0003006269746d61703a69700000000500040000ffed000900020073797a3200000000240007800c00028008000140ffffffff0c0001800800014080ffffff050014000200000005000500020000"], 0x6c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d40)={0x1c, 0x3, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x40080d0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x103902, 0x0)
sendfile(r7, r7, 0x0, 0x20004)
getsockopt(r6, 0x111, 0x6, 0x0, 0x0)

13.867521359s ago: executing program 3 (id=422):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000540), 0x6700, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000180)=0x7a, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendto$inet(r2, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x20200, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0x4004743d, 0x110e22fff6)
close(r3)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x936, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0x403, 0x0, 0x4)

13.718475528s ago: executing program 4 (id=423):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240), 0x4000095, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x40c80)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
dup(r6)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="200000001300034700bb65e1c3e4ffff01000000010000005600000025000000", 0x20}], 0x1)
setsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="500000000201030000000000000000000a0000053c0002800c00028005000100"], 0x50}, 0x1, 0x0, 0x0, 0x20008014}, 0x4000c090)

13.138389212s ago: executing program 1 (id=424):
r0 = socket(0x10, 0x80002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000100)=@caif=@rfm={0x25, 0x5, "cdfaaf7254f4ef6249f068fcdd7e1cbd"}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000880)="27050200340f14000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000102821880b000000000000002143ce554b6df654cb0173677c4e2eaa2eb5035d135958831197684b763f499a2fafc724413afe7af5b53e61532895bae8d3f0f02cc4e729883f078a2552275a1486218834476323059f91a91c500e035c5c70afee9d16b5acd7cd4b94e3600c9c69aeb79e259488e089b1c59bc6fca826d38a7b3229ccd5b1bde01e63f1edd3c0f933e5c02936de55f2a4ee254bbe8aed1d2260c97783b615850d488b7f0c4a80715bed3cf1adb2dafbb7672328e2300fa2623704da7b9889a57e231be318f5eb6d294a302e753e75b741b63e898748f228e6752d15bf99e02c3d366fa091326029d899c493df701ad6c37c55598f3a19e748f58475398fda5f6153cb11a4ffde399dc21f96bed56d31fd6bfa0a75d0df449393", 0x15f}, {&(0x7f0000001280)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292034a9952f18ec3d8b37bb3391096c1d4442a754899299321c03cbcfb98a26994b2a072c2b9d9c70d619545e5f61b050e40166d2ff57dcc008f24fd5339e7bc21e25863f80d2487c30b6bf781608a31d68e9319ab1712d8f5bdde849c040417c864cbfd3923dcb9fc6bdc2ea53334184b03efcb631dc68f0a7b6e13eea4b80d4237120e32932ca4e2b50bad0a35496d36a191d91f03b477b9587bc0ba489932e34f819fa1524ebad53a3d94b46c6aeff4f42fa067729fbb2862c09d337a75e0c8429d4bfe0dee2e1e23e8c22787178600ecca135623731e4701f35bd4e7c936a8ee274120e7662328a5aba1161b05889b045696721c79bff0547efe051f3c5de77fdd3c77afd41a1a7747a982b7efb013c9d6bac7d3ad1f9b7c3a5a1448b35696f03bca1c875e346edc55b7a271c3e5f3c0df72c8e4d7cccfa2e9b598f0ae06efbc1a5d5bd91aed6b32deccf7755cef50fab72633c802533b9d94f17f9be978f2514c47671575ee528fbdddc6194328e605e4d10e293756d20eb8a545f2bfe48df5d1d98a270458392a0a57647dcb8e35c0245b618452612d0429b9b9957a695c3289b4a59469691115e6ba204181708b9d1ae47418ed594b8128f20c100f5485a84e60d73ab818da73fab78caf42afd1f89cdb29dfdd6676c55ea00d35321bc4878170c62b056b4e03ae556ac804026cabcbc8e79e7a18f2f56442cd650aa2bc88f62ebb65bfafd3e5b4c62ac2e720ff0fdf03c46789df55ff91058319c953f90cd6e7f7b15d56a58ff6128357510c4c61fae925f3147ee3e72c8aa25434881d58c39092969ba1f7c444465f16d1f2561991e357bda928f2a50422f774f318fb41169a0d0324a8efd19b940a17c28cda06b750cd02155dbdbd1dc695e190a997ae8f4bb8766983d8db8678a78ae8f044b868549e9c60f7ce2925a36300ce07f304e75d285e914b3aec703969df969b2736dd99fcab1944c751f8ef4c34cbb86d5f27ef9982be245949d5579b540750d1eac428b0cd2541295b577573b27e9ecac3934987e85b44bc85e6e307cf6f5683bf1c817369d556a368bc5560a1737aa2bec3cac4689e04fbe851ed4b6c1a355950522f8918af3855fe97ec285da15a20e8119483e7419fa2b0639d5add10b396a8033ec2b98d9a9fca3fc4202d0a6bcfa55798eacacc78cb5c8b4f26222883707b61fa4c8efafb73a2ab89bb58b0c20364a6ad9c233dfb1bdbb87b8f91e3ab9790e876f906107183419aa7480e327388c01dc5f2d5bcb8a7565cddc4e1275741116416b66bf3adf9e7e31c3fc518740446ed2a394e7699baf9408c62b4c0e7a11dec8f4a67e78a3f00bedae9f55f36c52a1fd4ee3a8be7285f9ca898ee63d3718a7c4603bcb9a24537b34a41a6c0eee4cc609b014d3f4fb928aa7e3fa7a4f97dcef5c0e526b650284ffeda82f603ed9ea1eb6627d29d8bcd6c7e6fe128b1c4463b2cfe50c0ff9a46090635dde4b4d4a984e5a91f7486856cd2bf85088fa4b97b219628be8cdba7e54d00985a73fb5b0b4b0f96844e73a8ff7884bdee1a0d6e62decfeebfb56351c135e6580fd61ea806ee5592fe4ffba5c73b8a4a04d44aa52645320cb73fe0c5f14a971d3b3f64c85f5ebaab5e1a061f5186050230286331048e43368e45cfc88e8f4d0d3b1b86b64d5394bc68c2b754389b3c18a45c1edb0496dd88cb3113bbdf1a0f127eb8cd52caf8da95b83d0decad3775b2f2e43776d0d32d447cdd0b267b32775e3473f51a233f8c91a4c07ad669da1844f3d9554f399d43ca1eda29c5c761b3936f845f0c4d1c6a56b8b34b5ab3291e06cd86de6116fc3236a11343d6f4ad02199717054ac1f15471c5a2b8efe67bd4bea33c0ca36e2c4209026849de21c1da1057f353dc824947d75119e4501b98cb9e621d0644e3f4a75353093557afcee7da41ad368fe1cbb426922772b9b262a861fbce9ae86d6e8c5a8de6a1e8f03456c0a354277a2f3ff46a62b6d6cdee4febf23e2350f94b47a05a4d0e7da37a2e97b899d92ca1f3bd1cded5588593e8bb99b9dce0731fa1174de14b63be2bf7e424f870551f213fab437aac092c2e9798959fa3616465e2b36fd49cc9af902d47debec02558c036ed991f1a3895b37cd70f3c405cca362c885542fd976e73be4cf7580a0c4d5a9527c77c189573e3be07ed15472f6b012939abb5be9f3e8a5b720307fb2dbca48b35d121702cfb6b3690559b08fbeb77d53d37582d7f44fe269ac51665632bf070cfc7445741b70306cb3f19b7fbecd19a78092dfd086a0da019734d95660ba4e5ce5bcf25f09403c32e3ec902f3717cca0eca05e791c2b8c2b8988645afa2446d5218abce136c0db9afb95e4f4727a29cc567b3f73d5dbc1aeee746653a7f5c445add24a9c1b67d1bfeec85d2a6478e80c3acdb9439aa46c8cf14a98ffa89790ef7a94b3146088566812e28ccbafb466772b7fbb98dcf1e792eb6d0de0829c3c49c5ecdeea3e80017324a0fe724565c4e7a242764e9012442cae44b57c7121889c044be05b5eca70efb649bb528e751f072af93ae2c5053fdce196cce158136f904cf64f2cb8becc2d024f5ec32a38d78b87a4dfe7c53769dadef890efd160eb662cedb18a756aed83edfb9efbbb3648eb399e61f80077e64b95eae9d17083aed05cfc2e148621e36be1f41d373c721a11804fce269c688b0c647d6e1083e336d1f7f90a7a080a83397773cc351531070af5c1a1418f28dce95c01052a314a9ebe39cb9cddb8e7855e58c4a636b7f6250ecad312ede18664c03d92e330935295a35ea3e0306f25ca971300f782ae2f6e79a513732d22ef9b9bc41d17df3352a855cdd19b18f5abd6e6420f4f42f01750a64f6acdb6b46622fafebe3e913c64a1a6a59f980e97deae0dc83c12ccae6b430d7a28f21c3e0e38b32f3d5f1d44927fc34ed5c9ddb5be8eb936dbdcd327b63ea69d86c2da15cb834a18ee51a44f2da7b11d79486942fd04eade92fe5d93342970ca4cc73861b15facf97e9c53c15488c5630b17b9364c58652cfa6de0918327498ba8d6120d3be9139c51a6e9017525772397529ddd4fd1905614fd1cc7f1370a577ad10ec9ea742f9aedc9fee42c3df38f4b35cdfd70fd677bcd396b37c60e439693dcb1cf8590eaf770b3f74af21f5119ac238e82e92c83321b06f106530abbbd321c3e1dc948accdc21a586ff37253ad1d0c5bfb51541f876be1b6e4f490046204b9edfe9a9721b9019a495d1efed10d4570f4c75ac8b46cfe8899f6d92e862611b35be8931a2460dc646ed332b3046baf48613bbb543f4abda22d3d62a484665ba5bbf8fec1bb199b430a6e96cfad417a1644cc5f7f640004836c60f15a174eb7eb1750a71a141549f393c7d88b8729a33f841f7f8f2bd03dccaaa825f2e29105f6b4c11ac8e06bb3be9dfdecce66294a0be9dbc5f40123644fcac59ed0c968eb62fb14d111e900ad1c038f17d5471ab088f704de7db35753f818f55669a76e621b29d975253d177791e1434644a81b2b8bc4c8e147961b4f1b7f3e225571fecb10906957791b27d35a89e3ce84c91a2dc60aee460d8f41eb7b5e171516ef34d8c7dbbc8122cdeffa51b5a393d2cae7f69826d342d4d85b58ca7ddb0e688a15b39a00ef1aed5db337d1ab87e06f835663a496857fb6320e5ee9086f42588d9b8ea04ff3d9eac2b8ffd1155a504230103a68bd8b3c416a10d76cee236442a68393896587bc66c01a5f7f411325578d023d7619a89d0bcbbacae99b925fb72994e1ef4240cddad2294a56bec6d6243b95b04345c215bd48a3aa89786ba39b4d2f5015d8bd038c32a7b0eb02a4eb5a640371d9b4af540eb99a1e26547cc214da21e9538754a802972411a0bf416707b95457d0b77daac9bdf27a82b9aa7992ad1d3815f9a56a746eefa6f7e1913b6e3e859b2cc7797adcae825b7aad17c11e66597042c327a6473489a9664c5ce0ff8b1ecfb691daa0bd50c17f4597826553686bc2ee08eaca8dd6f77c626691699141a698e5b517e02130587ee503c7b5f638cbf32166b0d4ebe9222b6c9d50fb3db9d1ab060c31aabeef52cd51e5cf485eecc741e37a47c4996068f1d4b25f182b9d7bee4bec5cb070d3cea2f9762a41bb8d9ec5896ebcb2b17ca82f29bcce456412d8ed531afda50d259fcb7794216b6a9a873b6c3c4493c0c6d3e6a4f81f3b40dcc745a4e2383c678c472b1d5bf3ff02992bfe893a5bc96824039da1ee3cf8593e7d616d62f6e3c3e2c4e0cc58d5445998cf5b1c91c2468b2571b118709668efbbe72911f1bfa96b97c32f71cd7071f4c729e88631a89b53dd4bae6ef9c4ed082916e267479195599e9871b26b92c6885ded29f990070fddc4d8535088ddc70d6e83f797b6fa2260a92602eb9098e6db801cb7394f0c90fb5913b2f8d8d24c8f1056920e1facbe643dd49d8983b277da7282a986c28d5468aed9a4730579a20346d35f78b6bd2cacb4b9237fbfb0b7a2314105ff3b074a0e340b904e715e99c501e1435c15eaa262893c2883c90f26d2ff91792d46e4d867b62570e0c1e4739b8ac4fff8f778960de1ae40d4c85c51e1c60040bb2caeaf0c71dbb67c30715b8c14d6921831d7678522eeed29444df421ee206ca3be20d1b5fd2d2baf832f097fef590290eea77f8f3ed00b39841421b61f1c0d01def54bec0348be2216a8dad60838f3ad3595a744edeb6202dbcbd9c73a126a79cbefa43c7db0493103c2aa8fecb5cde1773ad0cdd03f5b0cfb0270642a96a9e14d116e9140501df48cdbf725611b398eb2b9e93f8da49e601099e0b2e880a95525b5f3f2edd74ae9d664a1f2e932489b61634ab53a1e2f3bf56add0a7f09c1685383b8e2c31", 0xdeb}], 0x2}, 0x800)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000040)=@generic={0x0, 0x0, 0x6})
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYBLOB, @ANYRESDEC=0x0, @ANYRESDEC=0x0])
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000002c0)="ae", 0x1, 0xfffffffffffffffd)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
msgctl$MSG_STAT(0x0, 0xb, &(0x7f0000000280)=""/254)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x18, 0x2d, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x4, 0x18, 0x0, 0x0, @binary}]}, 0x18}}, 0x84)
msgget$private(0x0, 0x40)
r6 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r6, &(0x7f00000000c0), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r6, &(0x7f0000000180)={0x2, 0xfc}, 0x2)

12.597425072s ago: executing program 2 (id=425):
mmap$IORING_OFF_SQ_RING(&(0x7f000040d000/0x4000)=nil, 0x4000, 0xd, 0x11, 0xffffffffffffffff, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0x0)
ioctl$TIOCMSET(r0, 0x5418, 0x0)
openat$ttyS3(0xffffff9c, &(0x7f0000000140), 0x20040, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xd)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x42281)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[<r4=>0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x57})
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f00000001c0)={0x0, r4, 0x1, 0xffff, 0xe, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(0xffffffffffffffff, 0xc02464bb, &(0x7f0000000080)={0x3, r4, 0x1fa, 0x0, 0x4, 0x800008, 0x0, 0x4, 0x4040})
syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$EVIOCGMASK(r3, 0x80104592, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8923, &(0x7f0000000000)={'bridge_slave_0\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000004000000000000000000850800007a0000089500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, 0x0, 0x0)

12.474402036s ago: executing program 0 (id=426):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, 0x0, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
set_mempolicy(0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {r6, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0xf28, 0xe7, {"6dcab0e3d68f00000000459dba1dbe10"}, 0x7, 0xb, 0x4}, @ib={0x1b, 0x7ac, 0x0, {"b2000000000000d24d93cfe66ee5a001"}, 0x9, 0x0, 0x400000000}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0, r6, 0x2}}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r9 = dup(r8)
syz_genetlink_get_family_id$fou(&(0x7f0000000000), r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r9, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

11.822777492s ago: executing program 4 (id=427):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/user\x00')
r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x688200, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
dup(r2)
mmap(&(0x7f0000952000/0x3000)=nil, 0x3000, 0xb, 0x13, r0, 0xcb016000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d2, &(0x7f0000000240)={0x0, 0x3858, 0x80, 0x3, 0x2349}, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BLKOPENZONE(r2, 0x40101286, &(0x7f00000001c0)={0x7, 0x60})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
fchdir(r1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x64500, 0x0)

11.711044542s ago: executing program 3 (id=428):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x7, 0x9, 0x0, 0xb49, 0x9, 0x8, 0x1, 0x3}, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x2193, 0xd000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_ENABLED={0x5}, @IFLA_BR_VLAN_STATS_PER_PORT={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f00000001c0)={{0x2, 0x4e22, @rand_addr=0x64010100}, {0x0, @local}, 0x12, {0x2, 0x4e20, @rand_addr=0x64010101}, 'sit0\x00'})
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000200)='0', 0x1)
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x20, &(0x7f0000009b00)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420002e61afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x40, 0x0, @fd, 0x0, 0x20000000, 0x801e, 0x0, 0x1, {0x1}})
mmap(&(0x7f0000745000/0x4000)=nil, 0x4000, 0x9, 0x10, 0xffffffffffffffff, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f00000001c0)={&(0x7f0000000180)=[{0x1, 0x8000, 0x0, 0x0}], 0x1})
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r4, 0x28, 0x8, 0x0, 0x0)
r6 = syz_open_dev$sg(0x0, 0x6, 0x10dc80)
ioctl$SCSI_IOCTL_GET_PCI(r6, 0x5393, &(0x7f0000000000))

10.990407201s ago: executing program 1 (id=429):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f00000000c0)='/dev/input/event#\x00')
socket$inet6_sctp(0xa, 0x0, 0x84)
r1 = syz_open_procfs(0x0, &(0x7f0000000340)='fd\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x5, 0x0, 0x0, 0x4ee59ce4, 0xfffffffffffffffe, 0xfffffffb}, 0x0)
getpid()
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0)
setns(0xffffffffffffffff, 0x8020000)
syz_clone3(&(0x7f00000008c0)={0x14860000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, 0x0, 0xd00}, 0x58)
getdents64(r1, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = eventfd2(0xe5c, 0x80000)
r6 = eventfd2(0x4001, 0x800)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000100)={r5, 0x7, 0x2, r6})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r8 = eventfd2(0x8, 0x80001)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000140)={r8, 0x7, 0x2, r8})
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x2d, 0xc0, 0x5, 0x7, 0x7f, 0x5, 0xf, 0x9, 0x3, 0x41, 0x7, 0x5c, 0x5, 0x5, 0xb, 0x7f}})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xe, 0x4, 0x4, 0x2, 0x1000, 0xf1, 0x0, 0x7fffffffffffb, 0x5, 0x0, 0x1, 0x0, 0x5, 0x0, 0xbde], 0x1000, 0x3c4210})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

10.366001044s ago: executing program 4 (id=430):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/user\x00')
r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x688200, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
dup(r2)
mmap(&(0x7f0000952000/0x3000)=nil, 0x3000, 0xb, 0x13, r0, 0xcb016000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d2, &(0x7f0000000240)={0x0, 0x3858, 0x80, 0x3, 0x2349}, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BLKOPENZONE(r2, 0x40101286, &(0x7f00000001c0)={0x7, 0x60})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
fchdir(r1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x64500, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)

10.292932797s ago: executing program 2 (id=431):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000001c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000004800010000000000000000000a00806e0800000000000000140001800d2a79075827af5aa534d6815c2e93f10c000280", @ANYRES32=0x0], 0x3c}}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000"])
socket(0x80000000000000a, 0x2, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x2}]}}}]}, 0x3c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x48)
r8 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r8, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$sock_linger(r8, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
getsockopt$IP_VS_SO_GET_SERVICE(r8, 0x0, 0x483, &(0x7f0000000380), &(0x7f0000000400)=0x68)
fremovexattr(r3, &(0x7f0000000200)=@known='security.apparmor\x00')
sendmmsg$inet6(r8, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

10.110096512s ago: executing program 0 (id=432):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
set_mempolicy(0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {r6, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0xf28, 0xe7, {"6dcab0e3d68f00000000459dba1dbe10"}, 0x7, 0xb, 0x4}, @ib={0x1b, 0x7ac, 0x0, {"b2000000000000d24d93cfe66ee5a001"}, 0x9, 0x0, 0x400000000}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0, r6, 0x2}}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r9 = dup(r8)
syz_genetlink_get_family_id$fou(&(0x7f0000000000), r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r9, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

8.889670556s ago: executing program 1 (id=433):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
ftruncate(r0, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000})
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00"})
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0xfded4000)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000300)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f00000001c0)={r6, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r8=>0x0], &(0x7f0000000040), 0x2, r7})
ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r7], &(0x7f0000000180)=[0x7], &(0x7f0000000280)=[r8, r8], &(0x7f0000000040)=[0x0]})
sendfile(r4, r3, &(0x7f00000000c0)=0x58, 0x5)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, &(0x7f0000000000)=0x1)

8.177012144s ago: executing program 4 (id=434):
r0 = semget$private(0x0, 0x20000000102, 0x0)
semctl$SEM_STAT(r0, 0x2, 0x12, 0x0)
semop(r0, &(0x7f0000000240)=[{0x3, 0x0, 0x1800}, {0x1, 0xe65b}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000680)=[0x7, 0x7f, 0x1, 0x9d])
r1 = semget$private(0x0, 0x0, 0xc1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semctl$IPC_SET(r1, 0x0, 0x1, &(0x7f00000004c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0xfff6}, 0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc6})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
execve(0x0, 0x0, 0x0)
sched_setattr(0xffffffffffffffff, &(0x7f0000000100)={0x38, 0x0, 0x40, 0x8, 0xab9, 0x75, 0x3, 0x348, 0x8, 0x3ff}, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x400080, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000280)=0x40000002)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f00000000c0))
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000009, 0x8012, r4, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGPGRP(r2, 0x8904, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'hsr0\x00', <r5=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x3, r5, 0x1, 0x0, 0x6, @local}, 0x14)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@getchain={0x74, 0x11, 0x839, 0x8, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xc}, {0xfff3, 0xffff}}, [{0x8, 0xb, 0x1}, {0x8, 0xb, 0x8000}, {0x8, 0xb, 0x800}, {0x8, 0xb, 0x89}, {0x8, 0xb, 0x7f}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x12}, {0x8, 0xb, 0x2}, {0x8, 0xb, 0x400}, {0x8}]}, 0x74}}, 0x20040000)

7.204079755s ago: executing program 3 (id=435):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x1052c0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r4}}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0xc}]}, 0x40}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000440)={r9, 0x0, 0x0, 0x0, 0x0, [<r10=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r10, 0x0, <r11=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000200)={r9, 0x0, 0x0, 0x0, 0x0, [<r12=>0x0]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r7, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r11})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r11, 0xc04064a0, &(0x7f00000004c0)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], 0x8, 0xa, 0x2, 0x4})
ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864bc, &(0x7f0000000640)={0x1, 0x5, &(0x7f0000000500)=[r8, r13, r8, r8, r8], &(0x7f0000000540)=[0x335, 0xffffff98, 0xd9d0, 0xfff, 0x8], &(0x7f0000000580), &(0x7f00000005c0)=[0xa, 0x9, 0x9, 0xffffffffffff0001, 0x5, 0x1, 0x8000, 0x8, 0x5], 0x0, 0x4a07})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, &(0x7f0000000040)={r12})
close_range(r0, 0xffffffffffffffff, 0x0)

6.778600224s ago: executing program 2 (id=436):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x881}, 0x20044014)
r2 = socket(0x1d, 0x2, 0x6)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r3, 0x3ba0, &(0x7f0000000400)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5})
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100))
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x6, 0x3, 0x3234564e, 0x6, 0x4, [{0x3}, {0x180000, 0x4}, {0x9, 0x101}, {0x80000000, 0x80}, {0x3, 0x8}, {0xfff, 0x5415}, {0x3ff, 0x7ff}, {0x40000003, 0x4}], 0x5, 0x7, 0x4, 0x1, 0x5}})
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1)
r6 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{0x0}], 0x1, 0x7000, 0x0, 0x3)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r6, 0xc2604111, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
r7 = syz_open_procfs(0x0, 0x0)
pread64(r7, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
syz_emit_ethernet(0x4e, &(0x7f0000000a40)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x18, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x29}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}]}}}}}}}}, 0x0)

6.101894287s ago: executing program 1 (id=437):
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x100000000, 0x8, 0x0, 0x3}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000000c0)=0x9, 0x4)
sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0xb0}}, 0x20050800)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x1, 0x4, 0x301}, 0x14}}, 0x0)
mlock2(&(0x7f000027f000/0x2000)=nil, 0x2000, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
add_key$fscrypt_v1(0x0, &(0x7f0000000480), &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000300), 0x80)

5.345349526s ago: executing program 3 (id=438):
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000000c0)=0x9, 0x4)
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r3)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0xb0}}, 0x20050800)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x1, 0x4, 0x301}, 0x14}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r4, 0x0, 0x0)
mlock2(&(0x7f000027f000/0x2000)=nil, 0x2000, 0x1)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r5, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x1feffe}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000380)}, 0x101}], 0x3, 0x40010022, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000480), &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r6, 0x5761, 0x0)

5.26295602s ago: executing program 2 (id=439):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x400)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x10, @scatter={0x0, 0xcc, 0x0}, &(0x7f0000000240)="238d7acf0800", 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0)
syz_open_dev$vim2m(0x0, 0x4, 0x2)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x3, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f00000000c0)={0x2, 0x0, 0x40, 0x0, 0x8})
syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r7=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r5, 0xc01c64a3, &(0x7f0000000280)={0x1, r7, 0x1, 0x1, 0xa, 0x1ff, 0x1})
close_range(r4, 0xffffffffffffffff, 0x0)

4.753890122s ago: executing program 0 (id=440):
r0 = syz_io_uring_setup(0x131, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x3, 0xfffffffd}, 0x0, &(0x7f0000000280))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x16, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x7, 0x0, &(0x7f0000000080)="f4b84de4115d64", 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
io_uring_enter(r0, 0x1e76, 0xf728, 0x5, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000b00)=0x6)
read(r3, &(0x7f0000000a40)=""/141, 0x8d)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000540)={{0x1, 0x0, 0x800, 0x0, 'syz0\x00', 0xa7d}, 0x0, [0xfffffffffffffe00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffff6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd0f, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3e56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]})
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000740)='wlan0\x00', 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e22, @broadcast}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000300)="18", 0x1)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000100), 0x4)

4.749771664s ago: executing program 1 (id=441):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/user\x00')
r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x688200, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
dup(r2)
mmap(&(0x7f0000952000/0x3000)=nil, 0x3000, 0xb, 0x13, r0, 0xcb016000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d2, &(0x7f0000000240)={0x0, 0x3858, 0x80, 0x3, 0x2349}, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BLKOPENZONE(r2, 0x40101286, &(0x7f00000001c0)={0x7, 0x60})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
fchdir(r1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x64500, 0x0)

4.074535814s ago: executing program 4 (id=442):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, 0x0, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
set_mempolicy(0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {r6, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0xf28, 0xe7, {"6dcab0e3d68f00000000459dba1dbe10"}, 0x7, 0xb, 0x4}, @ib={0x1b, 0x7ac, 0x0, {"b2000000000000d24d93cfe66ee5a001"}, 0x9, 0x0, 0x400000000}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0, r6, 0x2}}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r9 = dup(r8)
syz_genetlink_get_family_id$fou(&(0x7f0000000000), r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r9, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

3.598224441s ago: executing program 2 (id=443):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
bind$qrtr(r2, &(0x7f0000000200), 0xc)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r3 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x8, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000340)={0x5, 0x90, 0x1, 'queue0\x00', 0x3})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r4, 0x40505330, &(0x7f0000000ec0)={0x800100, 0xfffffffd, 0x22, 0x100, 0x81, 0x5})
close(r4)
mq_timedreceive(r3, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)
ioctl$TIOCMGET(0xffffffffffffffff, 0x541e, &(0x7f0000000040))
openat$sndseq(0xffffffffffffff9c, 0x0, 0x40041)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001a80)=ANY=[@ANYBLOB="b700000017000000bfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff0000000015040000000002000f030000000000003404000001ed0a0014040000170000801c400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090d030000003acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e31a3446cd57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9be0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd08000000e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119d2a673bdae05779208409e6cf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a397ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc0700bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c0da4e95f75b1496a97a46a06e4e1f5a8438d49dbd493ba2482c398ab724577fd742bf44cdd8489086e61aa3cb1d3ab3dac8183102fe6fc8a038e3868a0592811446867969f0fb3f547e83c4ca35aac023f09f15bb0acb3cdc6efd9b0e9df56af7fda01280a384028b35994388"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1e}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r5, 0x0, 0x0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delqdisc={0x24, 0x25, 0x2, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x5, 0x8}, {0x3, 0xd}, {0x8, 0x1}}}, 0x24}}, 0x40004)
openat$cgroup_int(r2, &(0x7f00000002c0)='cpu.max.burst\x00', 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)

3.490103601s ago: executing program 3 (id=444):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
set_mempolicy(0x2, 0x0, 0xf5)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000e80)}, {&(0x7f0000000580)="1eac4d20f8509e8f36d2842c8fae7bbe58c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d0558de77df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bbbe0131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d964b0161c1856697820eb52f55c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d09d0f74e180df6eaa94651336e7713414e49956fcb68a973e8239e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fbe071de646385dcf5cb7adf1ec70baef4061d2da93d2f5eef8b1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c109db5cfe", 0x1aa}], 0x2, 0x0, 0x0, 0x4090}, 0x0)
sendmsg$alg(r3, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
read$alg(r3, &(0x7f0000003780)=""/4096, 0x1000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r7, 0x0, 0x0, 0xf27b)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x400480, 0x3, 0x14}, 0x18)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010100000000000000000a0000000900010073797a300000000050000000030a010200000000000000000a0000000900010073797a30000000000900030073797a3100000000080007006e6174001c00048008000140000000000800024000000000080002400eb489d814000000020a010800000027f00000000000000114000000110001000f000000000000"], 0xac}, 0x1, 0x0, 0x0, 0x4c014}, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/igmp6\x00')
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

3.102068066s ago: executing program 0 (id=445):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[], 0x57)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x40c80)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="200000001300034700bb65e1c3e4ffff01000000010000005600000025000000", 0x20}], 0x1)
setsockopt$inet_mreqsrc(r1, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, 0x0, 0x0)

2.423999279s ago: executing program 1 (id=446):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
write$vga_arbiter(r3, &(0x7f0000000240)=@target={'target ', {'PCI:', '0', ':', '8', ':', '1f', '.', '1'}}, 0x14)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r4)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000300)={<r5=>0x0, <r6=>0x0})
recvmmsg$unix(r0, &(0x7f00000001c0)=[{{&(0x7f0000000140), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000380)=""/218, 0xda}], 0x1, &(0x7f0000000280)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x10}}], 0x60}}], 0x1, 0x0, &(0x7f0000000480)={r5, r6+60000000})
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r8, 0x40405514, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0xfffffffffffffe00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x2, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

1.684032498s ago: executing program 4 (id=447):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={'\x00', 0x401, 0x8, 0x1, 0x6, 0x5, <r4=>0x0})
fcntl$lock(r2, 0x24, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x2, r4})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r8, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000001500)={0x30, r7, 0x1, 0x70bd07, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x64}, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0xb, 0x43}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x40000a0}, 0x810)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2555000000080001005c00000008000300", @ANYRES32=r9], 0x30}, 0x1, 0x0, 0x0, 0x40895}, 0x4040040)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010026bd5000f8dbdf2555000000080001004f00000008000300", @ANYRES32=r9], 0x24}, 0x1, 0x0, 0x0, 0x20044040}, 0x24008004)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6000000000142c00fe800000000000000000000000000008000000000000000000000000000000002c", @ANYRES32=0x41424344, @ANYBLOB="500000c1e94a0b"], 0x0)

1.655219185s ago: executing program 0 (id=448):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000200)='0', 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203}, 0x94)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000000, 0x801e, 0x0, 0x1, {0x1}})
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000))
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f0000000280)={{0x6, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x40000000000, 0xffffffffffffffff, 0xffffffefffffffff, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffeffbfffffff, 0x0, 0x0, 0x0, 0x3, 0x80000000, 0x3, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x100200000, 0xb, 0x6, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000, 0x1000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x10000, 0x7785, 0x0, 0x4, 0x4, 0x8, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x80000002000, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1000000000, 0x0, 0x80000000000000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x100, 0x81, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2, 0x100000000000, 0x0, 0x3, 0x2, 0x0, 0x7, 0xc0c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffeffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x80]})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000080)=0x800002, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r6, &(0x7f0000000200)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x1, @in6={0xa, 0x4e23, 0x200, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x8df}}}, 0xa0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r7, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x550, 0x40, 0x1000, 0x0, 0xd968d5b908ac0cde, 0x0, {0x0, 0x8}, {0x350}, {0xf4ef}, {0x0, 0x0, 0xffe}, 0x1, 0x100, 0x0, 0xd614, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, 0x0, 0xb})

0s ago: executing program 2 (id=449):
r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000000c0)={0x0, 0x2, 0x5, &(0x7f0000000080)={0x8, "90f541a5e64f61909103f1fbbc2bd3c9f144d76e44c7b2986eb5e52829e7cb8393"}})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000006c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x438, 0x98, 0x0, 0x248, 0x358, 0x358, 0x418, 0x418, 0x418, 0x418, 0x418, 0x6, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1_macvtap\x00', 'veth0_to_team\x00', {}, {}, 0x11, 0x0, 0x41}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x3f}, @loopback, 0xff, 0xffffff00, 'ip6gre0\x00', 'macvlan1\x00', {0xff}, {0xff}, 0x33, 0x1, 0xa}, 0x0, 0xb0, 0xf0, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x7, 0x1, 0x1, 0x4, 0x1d], 0x0, 0x6}}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x2, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24}}}, {{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @empty, 0x0, 0x0, 'macvlan1\x00', 'rose0\x00', {}, {}, 0x0, 0x0, 0x1d}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @TTL={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x21, 0x6, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x498)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}, 0x102}, 0x1c)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443", 0x67}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.164' (ED25519) to the list of known hosts.
[   71.936729][ T5856] cgroup: Unknown subsys name 'net'
[   72.066301][ T5856] cgroup: Unknown subsys name 'cpuset'
[   72.074530][ T5856] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   73.446649][ T5856] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   75.769105][ T5868] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   75.778872][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   75.786792][ T5868] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   75.794712][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   75.804693][ T5871] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   75.812959][ T5869] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   75.829444][ T5873] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   75.837666][ T5873] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   75.845155][ T5873] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   75.854613][ T5873] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   75.862441][ T5873] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   75.883290][ T5873] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   75.893528][ T5873] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   75.897322][ T5877] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   75.910671][ T5877] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   75.910797][ T5189] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   75.943449][ T5189] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   75.953572][ T5189] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   75.961598][ T5189] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   75.963785][ T5879] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   75.980442][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   75.988203][ T5868] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   75.995917][ T5868] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   76.004817][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   76.013831][ T5869] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   76.598634][ T5884] chnl_net:caif_netlink_parms(): no params data found
[   76.697475][ T5882] chnl_net:caif_netlink_parms(): no params data found
[   76.732156][ T5885] chnl_net:caif_netlink_parms(): no params data found
[   76.800591][ T5888] chnl_net:caif_netlink_parms(): no params data found
[   76.921226][ T5883] chnl_net:caif_netlink_parms(): no params data found
[   76.967193][ T5884] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.974980][ T5884] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.982208][ T5884] bridge_slave_0: entered allmulticast mode
[   76.989380][ T5884] bridge_slave_0: entered promiscuous mode
[   77.018363][ T5884] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.025656][ T5884] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.032751][ T5884] bridge_slave_1: entered allmulticast mode
[   77.039994][ T5884] bridge_slave_1: entered promiscuous mode
[   77.164384][ T5884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.176591][ T5884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.185869][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.193050][ T5882] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.200722][ T5882] bridge_slave_0: entered allmulticast mode
[   77.207749][ T5882] bridge_slave_0: entered promiscuous mode
[   77.216500][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.223695][ T5882] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.230795][ T5882] bridge_slave_1: entered allmulticast mode
[   77.238752][ T5882] bridge_slave_1: entered promiscuous mode
[   77.245697][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.252813][ T5885] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.260313][ T5885] bridge_slave_0: entered allmulticast mode
[   77.267328][ T5885] bridge_slave_0: entered promiscuous mode
[   77.275621][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.282744][ T5885] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.289940][ T5885] bridge_slave_1: entered allmulticast mode
[   77.297516][ T5885] bridge_slave_1: entered promiscuous mode
[   77.390432][ T5888] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.397612][ T5888] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.405335][ T5888] bridge_slave_0: entered allmulticast mode
[   77.412171][ T5888] bridge_slave_0: entered promiscuous mode
[   77.435118][ T5884] team0: Port device team_slave_0 added
[   77.452588][ T5885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.465913][ T5885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.475767][ T5888] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.482875][ T5888] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.490628][ T5888] bridge_slave_1: entered allmulticast mode
[   77.499137][ T5888] bridge_slave_1: entered promiscuous mode
[   77.520403][ T5884] team0: Port device team_slave_1 added
[   77.528966][ T5882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.541705][ T5882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.575518][ T5883] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.582625][ T5883] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.589985][ T5883] bridge_slave_0: entered allmulticast mode
[   77.597685][ T5883] bridge_slave_0: entered promiscuous mode
[   77.642393][ T5885] team0: Port device team_slave_0 added
[   77.661282][ T5883] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.668784][ T5883] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.676375][ T5883] bridge_slave_1: entered allmulticast mode
[   77.684138][ T5883] bridge_slave_1: entered promiscuous mode
[   77.717517][ T5885] team0: Port device team_slave_1 added
[   77.741616][ T5888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.761164][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.769006][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.795620][ T5884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.809414][ T5882] team0: Port device team_slave_0 added
[   77.829587][ T5888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.851876][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.859177][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.885608][ T5884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.898720][ T5882] team0: Port device team_slave_1 added
[   77.919100][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.926625][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.953881][ T5871] Bluetooth: hci1: command tx timeout
[   77.953881][ T5868] Bluetooth: hci0: command tx timeout
[   77.965071][ T5885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.991078][ T5883] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.021392][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.030523][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.033486][ T5868] Bluetooth: hci4: command tx timeout
[   78.056848][ T5871] Bluetooth: hci2: command tx timeout
[   78.066074][ T5885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.097652][ T5883] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.113656][ T5871] Bluetooth: hci3: command tx timeout
[   78.138960][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.146177][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.172246][ T5882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.190143][ T5888] team0: Port device team_slave_0 added
[   78.199129][ T5888] team0: Port device team_slave_1 added
[   78.218549][ T5883] team0: Port device team_slave_0 added
[   78.225788][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.232709][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.258667][ T5882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.294490][ T5883] team0: Port device team_slave_1 added
[   78.335984][ T5884] hsr_slave_0: entered promiscuous mode
[   78.342589][ T5884] hsr_slave_1: entered promiscuous mode
[   78.385531][ T5888] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.392485][ T5888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.418937][ T5888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.451447][ T5883] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.458891][ T5883] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.485799][ T5883] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.502665][ T5885] hsr_slave_0: entered promiscuous mode
[   78.508963][ T5885] hsr_slave_1: entered promiscuous mode
[   78.515270][ T5885] debugfs: 'hsr0' already exists in 'hsr'
[   78.521400][ T5885] Cannot create hsr debugfs directory
[   78.527539][ T5888] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.534569][ T5888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.561047][ T5888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.591999][ T5883] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.599333][ T5883] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.625526][ T5883] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.715248][ T5882] hsr_slave_0: entered promiscuous mode
[   78.721428][ T5882] hsr_slave_1: entered promiscuous mode
[   78.729496][ T5882] debugfs: 'hsr0' already exists in 'hsr'
[   78.735263][ T5882] Cannot create hsr debugfs directory
[   78.809145][ T5883] hsr_slave_0: entered promiscuous mode
[   78.815873][ T5883] hsr_slave_1: entered promiscuous mode
[   78.821855][ T5883] debugfs: 'hsr0' already exists in 'hsr'
[   78.828234][ T5883] Cannot create hsr debugfs directory
[   78.866997][ T5888] hsr_slave_0: entered promiscuous mode
[   78.873184][ T5888] hsr_slave_1: entered promiscuous mode
[   78.879395][ T5888] debugfs: 'hsr0' already exists in 'hsr'
[   78.885821][ T5888] Cannot create hsr debugfs directory
[   79.349984][ T5884] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.361786][ T5884] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.392178][ T5884] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.408533][ T5884] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.465299][ T5885] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.478798][ T5885] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.490704][ T5885] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.515903][ T5885] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.584741][ T5883] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.595633][ T5883] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.608934][ T5883] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.626084][ T5883] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.725655][ T5882] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.751104][ T5882] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.762188][ T5882] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.777020][ T5882] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.859685][ T5884] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.950504][ T5888] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   79.962129][ T5888] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   79.979887][ T5884] 8021q: adding VLAN 0 to HW filter on device team0
[   79.988208][ T5888] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   80.001254][ T5888] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   80.033613][ T5871] Bluetooth: hci0: command tx timeout
[   80.040111][ T5885] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.047112][ T5871] Bluetooth: hci1: command tx timeout
[   80.059267][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.066639][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.082954][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.090097][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.114998][ T5871] Bluetooth: hci2: command tx timeout
[   80.120407][ T5868] Bluetooth: hci4: command tx timeout
[   80.161122][ T5885] 8021q: adding VLAN 0 to HW filter on device team0
[   80.193670][ T5871] Bluetooth: hci3: command tx timeout
[   80.198919][ T5883] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.211371][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.218509][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.249737][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.256930][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.285895][ T5882] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.327861][ T5883] 8021q: adding VLAN 0 to HW filter on device team0
[   80.361734][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.368838][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.394730][ T5882] 8021q: adding VLAN 0 to HW filter on device team0
[   80.436708][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.443863][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.456180][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.463337][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.474643][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.481717][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.542291][ T5884] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.609848][ T5885] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.677416][ T5888] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.701947][ T5888] 8021q: adding VLAN 0 to HW filter on device team0
[   80.739376][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.746483][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.772845][ T5882] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.790369][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.797498][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.818772][ T5884] veth0_vlan: entered promiscuous mode
[   80.848019][ T5885] veth0_vlan: entered promiscuous mode
[   80.859427][ T5884] veth1_vlan: entered promiscuous mode
[   80.898594][ T5883] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.910803][ T5885] veth1_vlan: entered promiscuous mode
[   81.013846][ T5882] veth0_vlan: entered promiscuous mode
[   81.022752][ T5884] veth0_macvtap: entered promiscuous mode
[   81.049175][ T5885] veth0_macvtap: entered promiscuous mode
[   81.061393][ T5884] veth1_macvtap: entered promiscuous mode
[   81.089213][ T5885] veth1_macvtap: entered promiscuous mode
[   81.107424][ T5882] veth1_vlan: entered promiscuous mode
[   81.128513][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.140795][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.161651][   T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.181387][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.192161][   T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.202791][   T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.212328][   T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.226502][ T5883] veth0_vlan: entered promiscuous mode
[   81.238015][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.287142][ T5883] veth1_vlan: entered promiscuous mode
[   81.299811][  T779] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.312102][  T779] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.328825][ T5888] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.352065][  T779] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.361048][  T779] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.445934][ T5882] veth0_macvtap: entered promiscuous mode
[   81.468097][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.477944][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.482180][ T5882] veth1_macvtap: entered promiscuous mode
[   81.518909][ T5888] veth0_vlan: entered promiscuous mode
[   81.567071][ T5883] veth0_macvtap: entered promiscuous mode
[   81.607433][ T5888] veth1_vlan: entered promiscuous mode
[   81.648769][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.664158][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.671981][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.720147][ T5883] veth1_macvtap: entered promiscuous mode
[   81.740132][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.770531][ T2983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.782822][ T2983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.839808][ T5888] veth0_macvtap: entered promiscuous mode
[   81.875174][ T2983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.884249][ T2983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.886209][   T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.901833][   T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.927844][ T5888] veth1_macvtap: entered promiscuous mode
[   81.943015][ T5884] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   81.983659][   T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.012012][ T5888] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.066025][ T5883] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.094152][   T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.115254][ T5871] Bluetooth: hci1: command tx timeout
[   82.120718][ T5871] Bluetooth: hci0: command tx timeout
[   82.142667][ T5883] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.193624][ T5871] Bluetooth: hci2: command tx timeout
[   82.199030][ T5868] Bluetooth: hci4: command tx timeout
[   82.214377][ T5888] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.274138][ T5871] Bluetooth: hci3: command tx timeout
[   82.280021][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.288821][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.308021][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.420240][ T2983] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.425409][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.479625][ T2983] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.563083][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   82.672034][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.724329][  T779] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.734849][  T779] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.870586][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   82.900786][  T779] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.939615][ T2983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.947536][ T2983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.996460][  T779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.009636][  T779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.033243][    T9] usb 4-1: Using ep0 maxpacket: 8
[   83.093620][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   83.112549][    T9] usb 4-1: config 2 has an invalid interface number: 31 but max is 0
[   83.144403][    T9] usb 4-1: config 2 has no interface number 0
[   83.150524][    T9] usb 4-1: config 2 interface 31 has no altsetting 0
[   83.174700][    T9] usb 4-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[   83.185753][ T2953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.203209][ T2953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.379658][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.398410][    T9] usb 4-1: Product: syz
[   83.403521][    T9] usb 4-1: Manufacturer: syz
[   83.408125][    T9] usb 4-1: SerialNumber: syz
[   83.436029][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.439261][    T9] ch9200 4-1:2.31: probe with driver ch9200 failed with error -22
[   83.494683][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.550572][  T779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.581005][ T5977] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   83.677480][  T779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.823747][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.312607][ T5871] Bluetooth: hci0: command tx timeout
[   84.318119][ T5871] Bluetooth: hci1: command tx timeout
[   84.323571][ T5871] Bluetooth: hci2: command tx timeout
[   84.328974][ T5871] Bluetooth: hci4: command tx timeout
[   84.353644][ T5868] Bluetooth: hci3: command tx timeout
[   84.423671][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.431973][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.441105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.449688][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.458324][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.467045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.680055][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   85.178100][ T5974] [U] 
[   85.435466][ T5876] usb 4-1: USB disconnect, device number 2
[   86.115976][ T5962] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   86.413971][ T5962] usb 5-1: Using ep0 maxpacket: 32
[   86.553054][ T6008] 
: renamed from bridge_slave_0 (while UP)
[   86.572691][ T5962] usb 5-1: unable to get BOS descriptor or descriptor too short
[   86.615908][ T5962] usb 5-1: config 4 has an invalid interface number: 239 but max is 0
[   86.669487][ T5962] usb 5-1: config 4 has no interface number 0
[   86.679199][   T24] cfg80211: failed to load regulatory.db
[   86.739980][ T5962] usb 5-1: New USB device found, idVendor=8dba, idProduct=5000, bcdDevice=48.59
[   86.751493][ T5962] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.762233][ T5962] usb 5-1: Product: syz
[   86.824929][ T5962] usb 5-1: Manufacturer: syz
[   86.871345][ T5962] usb 5-1: SerialNumber: syz
[   87.056871][ T6016] tipc: Failed to remove unknown binding: 66,1,1/0:1821217061/1821217063
[   87.065533][ T5941] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   87.074193][ T6016] tipc: Failed to remove unknown binding: 66,1,1/0:1821217061/1821217063
[   87.234344][ T5941] usb 2-1: Using ep0 maxpacket: 16
[   87.248455][ T5941] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   87.257489][ T5941] usb 2-1: config 0 has no interface number 0
[   87.269608][ T5941] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[   87.279240][ T5941] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.290676][ T5941] usb 2-1: Product: syz
[   87.295207][ T5941] usb 2-1: Manufacturer: syz
[   87.300025][ T5941] usb 2-1: SerialNumber: syz
[   87.363732][ T5941] usb 2-1: config 0 descriptor??
[   87.491910][ T5941] gspca_main: spca1528-2.14.0 probing 04fc:1528
[   88.035594][ T6013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.048894][ T6013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.081140][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8'.
[   88.164116][ T6017] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   88.171562][ T6017] IPv6: NLM_F_CREATE should be set when creating new route
[   88.301680][ T6013] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   88.308975][ T6013] IPv6: NLM_F_CREATE should be set when creating new route
[   88.334500][ T5941] gspca_spca1528: reg_w err -110
[   88.353326][ T5941] spca1528 2-1:0.1: probe with driver spca1528 failed with error -110
[   88.818543][ T6022] netlink: 44 bytes leftover after parsing attributes in process `syz.3.10'.
[   88.868645][ T6013] IPv6: addrconf: prefix option has invalid lifetime
[   89.001321][ T6023] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10'.
[   89.079956][ T6022] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   89.329900][ T5962] usb 5-1: USB disconnect, device number 2
[   90.124772][   T43] usb 2-1: USB disconnect, device number 2
[   90.780367][ T6045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14'.
[   91.509003][   T43] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   91.693397][   T43] usb 4-1: Using ep0 maxpacket: 16
[   91.751991][   T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   91.774312][   T43] usb 4-1: config 0 has no interfaces?
[   91.788308][   T43] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   91.907440][   T43] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   91.927775][   T43] usb 4-1: Manufacturer: syz
[   92.442746][   T43] usb 4-1: config 0 descriptor??
[   92.694600][ T6062] netlink: 4388 bytes leftover after parsing attributes in process `syz.2.17'.
[   93.913990][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   94.211165][ T6074] netlink: 32 bytes leftover after parsing attributes in process `syz.1.19'.
[   94.406982][   T24] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   94.430917][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   94.485242][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   94.549838][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.835135][   T24] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   94.861742][   T24] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   94.902334][   T24] usb 5-1: Product: syz
[   94.912617][   T24] usb 5-1: Manufacturer: syz
[   94.945033][   T24] cdc_wdm 5-1:1.0: skipping garbage
[   94.950250][   T24] cdc_wdm 5-1:1.0: skipping garbage
[   94.965047][   T24] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   94.983168][   T24] cdc_wdm 5-1:1.0: Unknown control protocol
[   95.239241][   T43] usb 4-1: USB disconnect, device number 3
[   96.412191][ T6094] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   97.215374][   T43] usb 5-1: USB disconnect, device number 3
[   97.645024][ T6100] program syz.4.24 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   97.893526][    C1] sd 0:0:1:0: [sda] tag#1994 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[   97.903946][    C1] sd 0:0:1:0: [sda] tag#1994 CDB: Write(6) 0a 00 00 00 73 d0
[   99.286977][ T6123] warning: `syz.4.28' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   99.340733][ T6123] syzkaller1: entered promiscuous mode
[   99.466961][ T6123] syzkaller1: entered allmulticast mode
[  102.268595][ T6145] fuse: Unknown parameter 'gro00000000000000000000'
[  102.398357][ T5941] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  102.633210][ T5941] usb 2-1: Using ep0 maxpacket: 16
[  103.043277][ T5962] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  103.193525][ T6162] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  103.296509][ T5962] usb 1-1: config 0 has no interfaces?
[  103.307622][ T5962] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  103.327231][ T5962] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.428282][ T5941] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.442727][ T5962] usb 1-1: Product: syz
[  103.451998][ T5962] usb 1-1: Manufacturer: syz
[  103.498183][ T5941] usb 2-1: config 0 has no interfaces?
[  103.530991][ T5941] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  103.551469][ T5941] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  103.571328][ T5941] usb 2-1: Manufacturer: syz
[  103.596173][ T5962] usb 1-1: SerialNumber: syz
[  103.602945][ T5941] usb 2-1: config 0 descriptor??
[  103.637454][ T5962] usb 1-1: config 0 descriptor??
[  104.009811][    T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  104.215918][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  104.228887][    T9] usb 4-1: config 0 has no interfaces?
[  104.394540][    T9] usb 4-1: New USB device found, idVendor=045e, idProduct=02bf, bcdDevice=9e.06
[  104.416432][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.462966][    T9] usb 4-1: config 0 descriptor??
[  104.797510][ T6162] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.36'.
[  105.274205][ T6169] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  105.294311][ T6169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.37'.
[  106.232335][ T5934] usb 4-1: USB disconnect, device number 4
[  106.395052][ T6174] tipc: Started in network mode
[  106.418186][ T6174] tipc: Node identity ca3a79c9d74f, cluster identity 4711
[  106.468490][ T6174] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.470727][ T5941] usb 2-1: USB disconnect, device number 3
[  106.726883][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  106.734882][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  106.742271][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  106.760861][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.217223][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.245228][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.267561][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.303200][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.455213][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.462613][    T9] hid-generic 00A0:0008:0003.0001: unknown main item tag 0x0
[  107.542032][ T6178] syzkaller0: entered promiscuous mode
[  107.602851][ T5962] tipc: Node number set to 494238153
[  107.628165][ T6178] syzkaller0: entered allmulticast mode
[  107.656339][    T9] hid-generic 00A0:0008:0003.0001: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  107.706103][ T6190] netlink: 84 bytes leftover after parsing attributes in process `syz.4.40'.
[  107.723459][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.763062][ T6173] tipc: Resetting bearer <eth:syzkaller0>
[  107.836165][ T5962] usb 1-1: USB disconnect, device number 2
[  107.843889][ T6173] tipc: Disabling bearer <eth:syzkaller0>
[  108.469337][ T6192] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  108.637238][ T6205] netlink: 12 bytes leftover after parsing attributes in process `syz.1.44'.
[  110.530982][ T6205] netlink: 12 bytes leftover after parsing attributes in process `syz.1.44'.
[  110.955417][ T6223] lo: entered promiscuous mode
[  110.961928][ T6223] tunl0: entered promiscuous mode
[  110.968530][ T6223] gre0: entered promiscuous mode
[  110.975397][ T6223] gretap0: entered promiscuous mode
[  110.981874][ T6223] erspan0: entered promiscuous mode
[  110.988355][ T6223] ip_vti0: entered promiscuous mode
[  110.999504][ T6223] ip6_vti0: entered promiscuous mode
[  111.005803][ T6223] sit0: entered promiscuous mode
[  111.065099][ T6223] ip6tnl0: entered promiscuous mode
[  111.071704][ T6223] ip6gre0: entered promiscuous mode
[  111.078472][ T6223] syz_tun: entered promiscuous mode
[  111.085126][ T6223] ip6gretap0: entered promiscuous mode
[  111.093131][ T6223] bridge0: entered promiscuous mode
[  111.099602][ T6223] vcan0: entered promiscuous mode
[  111.105522][ T6223] bond0: entered promiscuous mode
[  111.110632][ T6223] bond_slave_0: entered promiscuous mode
[  111.328383][ T6223] bond_slave_1: entered promiscuous mode
[  111.975260][ T6231] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  112.124267][ T6223] team0: entered promiscuous mode
[  112.129724][ T6223] team_slave_0: entered promiscuous mode
[  112.141354][ T6223] team_slave_1: entered promiscuous mode
[  112.155933][ T6223] dummy0: entered promiscuous mode
[  112.165386][ T6223] nlmon0: entered promiscuous mode
[  112.205293][ T6223] caif0: entered promiscuous mode
[  112.210880][ T6223] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  112.575480][ T6234] input: syz0 as /devices/virtual/input/input5
[  112.608575][   T30] audit: type=1326 audit(1757842256.905:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  112.706942][   T30] audit: type=1326 audit(1757842256.905:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  112.872352][   T30] audit: type=1326 audit(1757842256.905:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.025483][   T30] audit: type=1326 audit(1757842256.905:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.128524][   T30] audit: type=1326 audit(1757842256.905:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.150432][    C0] vkms_vblank_simulate: vblank timer overrun
[  113.371138][   T30] audit: type=1326 audit(1757842256.905:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.385535][ T6249] netlink: 'syz.3.51': attribute type 4 has an invalid length.
[  113.575422][   T30] audit: type=1326 audit(1757842256.915:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.598998][   T30] audit: type=1326 audit(1757842256.915:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.620885][    C0] vkms_vblank_simulate: vblank timer overrun
[  113.647179][ T6245] netlink: 'syz.3.51': attribute type 4 has an invalid length.
[  113.731975][   T30] audit: type=1326 audit(1757842256.915:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  113.753963][    C0] vkms_vblank_simulate: vblank timer overrun
[  113.943432][   T30] audit: type=1326 audit(1757842256.915:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz.0.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f012438eba9 code=0x7ffc0000
[  114.002988][ T6237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  114.355198][ T6260] tipc: Started in network mode
[  114.360069][ T6260] tipc: Node identity 268693a5ea91, cluster identity 4711
[  114.429007][ T6260] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  114.524688][ T6264] syzkaller0: entered promiscuous mode
[  114.555750][ T6264] syzkaller0: entered allmulticast mode
[  114.844124][ T6264] tipc: Resetting bearer <eth:syzkaller0>
[  114.862554][ T6270] netlink: 'syz.4.55': attribute type 4 has an invalid length.
[  114.892004][ T6259] tipc: Resetting bearer <eth:syzkaller0>
[  115.050214][ T6259] tipc: Disabling bearer <eth:syzkaller0>
[  115.263934][ T6266] vlan0: entered promiscuous mode
[  115.294312][ T6276] netlink: 44 bytes leftover after parsing attributes in process `syz.4.55'.
[  116.217037][ T6291] netlink: 'syz.4.58': attribute type 10 has an invalid length.
[  116.261589][ T6291] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  116.287724][ T6291] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  116.310837][ T6292] wg1: entered promiscuous mode
[  116.316600][ T6292] wg1: entered allmulticast mode
[  116.703215][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  116.923175][    T9] usb 5-1: Using ep0 maxpacket: 32
[  117.023003][    T9] usb 5-1: config 0 has an invalid interface number: 217 but max is 0
[  117.050445][    T9] usb 5-1: config 0 has no interface number 0
[  117.148845][    T9] usb 5-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice= 0.02
[  117.211506][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.272618][    T9] usb 5-1: Product: syz
[  117.288418][    T9] usb 5-1: Manufacturer: syz
[  117.307716][    T9] usb 5-1: SerialNumber: syz
[  117.334938][    T9] usb 5-1: config 0 descriptor??
[  117.421746][    T9] ftdi_sio 5-1:0.217: FTDI USB Serial Device converter detected
[  117.513561][    T9] usb 5-1: Detected SIO
[  117.659181][    T9] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  119.073297][ T5934] usb 5-1: USB disconnect, device number 4
[  119.157972][ T5934] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  119.179190][ T5934] ftdi_sio 5-1:0.217: device disconnected
[  119.749307][ T6325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.64'.
[  119.772733][ T6325] input: syz0 as /devices/virtual/input/input6
[  120.985228][ T6336] syzkaller0: entered promiscuous mode
[  120.990826][ T6336] syzkaller0: entered allmulticast mode
[  121.205857][ T6339] tipc: Started in network mode
[  121.211705][ T6339] tipc: Node identity e2a32c8ee1fc, cluster identity 4711
[  121.221918][ T6339] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  121.237548][ T6339] syzkaller0: entered promiscuous mode
[  121.263208][ T6339] syzkaller0: entered allmulticast mode
[  121.263218][ T5927] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  121.313197][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  121.333846][ T6339] tipc: Resetting bearer <eth:syzkaller0>
[  121.398461][ T6338] tipc: Resetting bearer <eth:syzkaller0>
[  121.462757][ T6338] tipc: Disabling bearer <eth:syzkaller0>
[  121.473395][    T9] usb 2-1: Using ep0 maxpacket: 8
[  121.480611][    T9] usb 2-1: config 0 has no interfaces?
[  121.513209][ T5927] usb 5-1: Using ep0 maxpacket: 8
[  121.519921][ T5927] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  121.530652][ T5927] usb 5-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  121.599380][ T5927] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  121.628102][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.661583][ T5927] usb 5-1: Product: syz
[  121.669965][ T5927] usb 5-1: Manufacturer: syz
[  121.678722][ T5927] usb 5-1: SerialNumber: syz
[  121.936046][ T5927] usb 5-1: USB disconnect, device number 5
[  122.070487][ T6344] netlink: 4 bytes leftover after parsing attributes in process `syz.0.69'.
[  123.023710][ T6357] netlink: 20 bytes leftover after parsing attributes in process `syz.4.71'.
[  123.098288][ T6349] wireguard0: entered promiscuous mode
[  123.105220][ T6349] wireguard0: entered allmulticast mode
[  123.123497][ T6353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.70'.
[  124.406781][ T6364] netlink: 5 bytes leftover after parsing attributes in process `syz.3.72'.
[  124.416792][ T6364] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  124.468079][ T6364] 0ªî{X¹¦: entered allmulticast mode
[  124.481953][ T6364] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  124.702747][    T9] usb 2-1: string descriptor 0 read error: -71
[  124.836310][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.939526][ T6375] netlink: 'syz.2.73': attribute type 12 has an invalid length.
[  124.947450][ T6375] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.73'.
[  124.977247][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.358130][    T9] usb 2-1: config 0 descriptor??
[  125.391903][    T9] usb 2-1: can't set config #0, error -71
[  125.473428][    T9] usb 2-1: USB disconnect, device number 4
[  125.873254][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  126.241079][    T9] usb 2-1: Using ep0 maxpacket: 16
[  126.303233][    T9] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  126.453353][    T9] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  126.547870][    T9] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  126.568822][    T9] usb 2-1: Product: syz
[  126.573013][    T9] usb 2-1: Manufacturer: syz
[  126.599918][    T9] usb 2-1: SerialNumber: syz
[  126.642593][    T9] usb 2-1: config 0 descriptor??
[  126.967456][ T6392] fuse: Unknown parameter '0000000000000000000001500000000000000000000'
[  127.212496][ T6379] netlink: 8 bytes leftover after parsing attributes in process `syz.1.74'.
[  127.816879][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.79'.
[  127.833327][ T6397] bridge_slave_1: left allmulticast mode
[  127.839076][ T6397] bridge_slave_1: left promiscuous mode
[  127.860216][ T6397] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.969863][ T6397] bridge_slave_0: left allmulticast mode
[  128.022918][ T6397] bridge_slave_0: left promiscuous mode
[  128.039299][ T6397] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.113922][ T6402] netlink: 'syz.3.80': attribute type 4 has an invalid length.
[  128.175782][ T6403] netlink: 'syz.3.80': attribute type 4 has an invalid length.
[  128.481161][ T6406] syzkaller0: entered promiscuous mode
[  128.486779][ T6406] syzkaller0: entered allmulticast mode
[  128.751323][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  128.825739][ T6416] netlink: 28 bytes leftover after parsing attributes in process `syz.0.84'.
[  128.873688][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  128.933221][    T9] usb 5-1: device descriptor read/64, error -71
[  129.196024][   T43] usb 2-1: USB disconnect, device number 5
[  129.288324][   T10] usb 3-1: Using ep0 maxpacket: 8
[  129.308578][   T10] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  129.319173][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  129.365856][   T10] usb 3-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  129.641415][   T10] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  129.684933][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.704754][    T9] usb 5-1: device descriptor read/64, error -71
[  129.712778][   T10] usb 3-1: Product: syz
[  129.729333][   T10] usb 3-1: Manufacturer: syz
[  129.749567][   T10] usb 3-1: SerialNumber: syz
[  129.955008][    T9] usb usb5-port1: attempt power cycle
[  130.954141][    T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  130.974115][    T9] usb 5-1: device descriptor read/8, error -71
[  131.124327][   T10] usb 3-1: USB disconnect, device number 2
[  131.215378][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  131.244028][    T9] usb 5-1: device descriptor read/8, error -71
[  131.354372][    T9] usb usb5-port1: unable to enumerate USB device
[  131.758379][ T6429] 
: left allmulticast mode
[  131.763668][ T6429] 
: left promiscuous mode
[  131.769019][ T6429] bridge0: port 1(
) entered disabled state
[  131.848508][ T6429] bridge_slave_1: left allmulticast mode
[  131.854422][ T6429] bridge_slave_1: left promiscuous mode
[  131.860387][ T6429] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.016156][ T6439] process 'syz.4.87' launched './file0' with NULL argv: empty string added
[  132.348570][ T6429] bond0: (slave bond_slave_0): Releasing backup interface
[  132.758355][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.766969][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  132.910553][ T6429] bond0: (slave bond_slave_1): Releasing backup interface
[  133.012611][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  133.231277][ T6429] team0: Port device team_slave_0 removed
[  133.313734][    T9] usb 1-1: Using ep0 maxpacket: 8
[  133.325706][ T6429] team0: Port device team_slave_1 removed
[  133.341912][    T9] usb 1-1: config 0 has an invalid interface number: 31 but max is 0
[  133.362795][ T6429] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.370305][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  133.392943][ T6429] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.395558][    T9] usb 1-1: config 0 has no interface number 0
[  133.419412][    T9] usb 1-1: config 0 interface 31 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  133.485119][    T9] usb 1-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=be.68
[  133.503140][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.511135][    T9] usb 1-1: Product: syz
[  133.524641][    T9] usb 1-1: Manufacturer: syz
[  133.529272][    T9] usb 1-1: SerialNumber: syz
[  133.535859][ T6429] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.555980][ T6429] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.577952][    T9] usb 1-1: config 0 descriptor??
[  133.951892][    T9] redrat3 1-1:0.31: Couldn't find all endpoints
[  133.974658][    T9] usb 1-1: USB disconnect, device number 3
[  134.426261][ T6462] netlink: 'syz.4.93': attribute type 4 has an invalid length.
[  134.454561][ T6462] netlink: 'syz.4.93': attribute type 4 has an invalid length.
[  134.584104][ T6466] IPv6: NLM_F_CREATE should be specified when creating new route
[  134.593031][ T6466] Zero length message leads to an empty skb
[  135.417819][ T6475] syz.4.96 uses obsolete (PF_INET,SOCK_PACKET)
[  136.087141][ T6472] delete_channel: no stack
[  136.428584][ T6485] syzkaller0: entered promiscuous mode
[  136.437582][ T6486] netlink: 24 bytes leftover after parsing attributes in process `syz.1.98'.
[  136.453400][ T6485] syzkaller0: entered allmulticast mode
[  136.608078][ T6486] netlink: 24 bytes leftover after parsing attributes in process `syz.1.98'.
[  136.840585][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  136.973222][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  137.021895][   T24] usb 1-1: Using ep0 maxpacket: 8
[  137.188342][    T9] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  137.188549][   T24] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  137.256464][    T9] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  137.299084][   T24] usb 1-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  137.326475][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  137.332667][   T24] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  137.351618][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.400849][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.408840][   T24] usb 1-1: Product: syz
[  137.408859][   T24] usb 1-1: Manufacturer: syz
[  137.408873][   T24] usb 1-1: SerialNumber: syz
[  137.629440][   T24] usb 1-1: USB disconnect, device number 4
[  138.098214][ T6492] kAFS: unable to lookup cell '.,'
[  138.129912][   T24] usb 3-1: USB disconnect, device number 3
[  143.274044][ T6541] mmap: syz.1.110 (6541) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  143.443197][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  143.443239][   T30] audit: type=1800 audit(1757842287.695:22): pid=6555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.112" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  143.663269][ T5957] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  144.570011][ T5957] usb 1-1: Using ep0 maxpacket: 8
[  144.613183][ T6561] syzkaller0: entered promiscuous mode
[  144.659950][ T5957] usb 1-1: config 1 has an invalid descriptor of length 158, skipping remainder of the config
[  144.695575][ T5957] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  144.716175][ T6561] syzkaller0: entered allmulticast mode
[  144.743836][ T5957] usb 1-1: config 1 has no interface number 1
[  144.838390][ T5957] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  144.916517][ T5957] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  144.929307][ T5957] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.941433][ T5957] usb 1-1: Product: syz
[  144.952967][ T5957] usb 1-1: Manufacturer: syz
[  144.968668][ T5957] usb 1-1: SerialNumber: syz
[  145.117615][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  145.366185][    T9] usb 5-1: Using ep0 maxpacket: 8
[  145.380549][    T9] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  145.391737][    T9] usb 5-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  145.407513][    T9] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  145.422080][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.442419][    T9] usb 5-1: Product: syz
[  145.470079][    T9] usb 5-1: Manufacturer: syz
[  145.497015][    T9] usb 5-1: SerialNumber: syz
[  145.765751][    T9] usb 5-1: USB disconnect, device number 10
[  146.864757][ T5957] usb 1-1: cannot find UAC_HEADER
[  146.934288][ T5957] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  146.962877][ T5957] usb 1-1: USB disconnect, device number 5
[  147.117757][ T5886] udevd[5886]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  148.482751][ T6600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.117'.
[  148.567476][ T6600] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  148.599479][ T6600] : entered promiscuous mode
[  150.121416][ T6616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.123'.
[  150.444004][ T6620] netlink: 4 bytes leftover after parsing attributes in process `syz.1.124'.
[  150.465578][ T6620] netlink: 4 bytes leftover after parsing attributes in process `syz.1.124'.
[  151.406600][ T6636] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  152.455138][ T6642] syzkaller0: entered promiscuous mode
[  152.460851][ T6642] syzkaller0: entered allmulticast mode
[  152.793254][ T5941] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  152.953978][ T5941] usb 4-1: Using ep0 maxpacket: 8
[  152.962994][ T5941] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  152.978024][ T5941] usb 4-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  153.030588][ T5941] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  153.043182][ T5941] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.090569][ T5941] usb 4-1: Product: syz
[  153.099415][ T5941] usb 4-1: Manufacturer: syz
[  153.114130][ T5941] usb 4-1: SerialNumber: syz
[  153.363445][ T5934] usb 4-1: USB disconnect, device number 5
[  153.415819][ T6656] netlink: 5 bytes leftover after parsing attributes in process `syz.0.131'.
[  153.424919][ T6656] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  153.461608][ T6656] 0ªî{X¹¦: entered allmulticast mode
[  153.462491][ T6656] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  155.433187][ T6674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.134'.
[  155.618286][ T6679] netlink: 4 bytes leftover after parsing attributes in process `syz.3.134'.
[  156.753296][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  157.224262][    T9] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  157.355154][    T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  157.393467][    T9] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  157.426697][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  157.451847][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.616514][ T6701] ptrace attach of "./syz-executor exec"[5883] was attempted by "./syz-executor exec"[6701]
[  157.645552][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  157.680032][ T6701] netlink: 'syz.0.137': attribute type 6 has an invalid length.
[  158.321579][    T9] usb 3-1: invalid MIDI out EP 0
[  158.645686][    T9] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  159.158285][    T9] usb 3-1: USB disconnect, device number 4
[  159.951594][ T6713] netlink: 16 bytes leftover after parsing attributes in process `syz.3.141'.
[  161.997153][ T6741] netlink: 8 bytes leftover after parsing attributes in process `syz.2.146'.
[  163.789466][ T6751] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  163.795673][ T6751] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  163.921247][ T6751] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  163.943942][ T6751] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  164.295345][ T6751] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  164.301331][ T6751] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  164.515133][ T6751] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  164.530134][ T6751] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  165.312839][ T6751] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  165.323560][ T6751] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  166.536206][ T6797] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  166.886131][    T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  167.383811][    T9] usb 1-1: Using ep0 maxpacket: 8
[  167.394299][    T9] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  167.416006][    T9] usb 1-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  167.456684][    T9] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  167.501520][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.585791][    T9] usb 1-1: Product: syz
[  167.620207][    T9] usb 1-1: Manufacturer: syz
[  167.652602][    T9] usb 1-1: SerialNumber: syz
[  167.657471][   T10] tipc: Node number set to 56568974
[  167.950892][ T6794] tipc: Resetting bearer <eth:syzkaller0>
[  168.005346][   T10] usb 1-1: USB disconnect, device number 6
[  168.349960][ T6793] tipc: Disabling bearer <eth:syzkaller0>
[  168.784508][ T6830] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  168.784508][ T6830] The task syz.4.160 (6830) triggered the difference, watch for misbehavior.
[  169.988763][ T6845] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[  170.830298][ T6857] netlink: 28 bytes leftover after parsing attributes in process `syz.4.164'.
[  171.092323][ T6864] netlink: 'syz.2.165': attribute type 4 has an invalid length.
[  171.116820][ T6864] netlink: 'syz.2.165': attribute type 4 has an invalid length.
[  171.374193][ T6865] netlink: 44 bytes leftover after parsing attributes in process `syz.2.165'.
[  175.777854][ T6928] pimreg: entered allmulticast mode
[  175.906707][ T6930] pimreg: left allmulticast mode
[  176.043323][ T6931] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  176.852165][ T6943] netlink: 20 bytes leftover after parsing attributes in process `syz.3.175'.
[  179.330049][ T6970] vivid-007: disconnect
[  180.196383][   T30] audit: type=1326 audit(1757842324.545:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  180.271226][ T6985] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  181.181234][   T30] audit: type=1326 audit(1757842324.545:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  181.321550][   T30] audit: type=1326 audit(1757842324.545:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  181.803514][   T30] audit: type=1326 audit(1757842324.545:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  182.032140][ T6965] vivid-007: reconnect
[  182.040297][   T30] audit: type=1326 audit(1757842324.545:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  182.063659][   T30] audit: type=1326 audit(1757842324.545:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  182.132754][   T30] audit: type=1326 audit(1757842324.545:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  182.143622][ T6997] netlink: 'syz.1.183': attribute type 4 has an invalid length.
[  182.288158][ T6997] netlink: 'syz.1.183': attribute type 4 has an invalid length.
[  182.303222][   T30] audit: type=1326 audit(1757842324.545:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  182.413234][   T30] audit: type=1326 audit(1757842324.545:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  182.503392][ T6997] netlink: 44 bytes leftover after parsing attributes in process `syz.1.183'.
[  182.520014][   T30] audit: type=1326 audit(1757842324.545:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.2.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  183.172059][ T7023] netlink: 'syz.3.185': attribute type 10 has an invalid length.
[  183.180029][ T7023] netlink: 40 bytes leftover after parsing attributes in process `syz.3.185'.
[  183.198835][ T7023] team0: entered promiscuous mode
[  183.203976][ T7023] team0: entered allmulticast mode
[  183.210926][ T7023] bridge0: port 1(team0) entered blocking state
[  183.217483][ T7023] bridge0: port 1(team0) entered disabled state
[  183.408087][ T7019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.184'.
[  185.662940][ T7057] tipc: Can't bind to reserved service type 2
[  187.837540][ T7076] vim2m vim2m.0: vidioc_s_fmt queue busy
[  189.213727][ T7090] netlink: 'syz.4.196': attribute type 4 has an invalid length.
[  189.618083][ T7094] block nbd0: Attempted send on invalid socket
[  189.633682][ T7094] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  191.533715][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  191.533733][   T30] audit: type=1326 audit(1757842335.865:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  191.759138][   T30] audit: type=1326 audit(1757842335.885:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  191.860729][   T30] audit: type=1326 audit(1757842336.095:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  192.033928][   T30] audit: type=1326 audit(1757842336.095:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  192.139473][   T30] audit: type=1326 audit(1757842336.095:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  192.244159][   T30] audit: type=1326 audit(1757842336.115:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd4f38d510 code=0x7ffc0000
[  192.336535][   T30] audit: type=1326 audit(1757842336.115:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  192.481760][   T30] audit: type=1326 audit(1757842336.115:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  192.769985][ T7119] pim6reg: entered allmulticast mode
[  192.833161][   T30] audit: type=1326 audit(1757842336.115:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  193.082112][   T30] audit: type=1326 audit(1757842336.115:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7079 comm="syz.3.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  193.741824][ T7136] ptrace attach of "./syz-executor exec"[5883] was attempted by "./syz-executor exec"[7136]
[  193.884121][ T7136] dns_resolver: Unsupported server list version (0)
[  193.903196][ T5957] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  194.181542][ T5957] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  194.210557][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.218156][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  194.228740][ T5957] usb 2-1: config 0 interface 0 has no altsetting 0
[  194.238428][ T5957] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  194.249153][ T5957] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  194.259673][ T5957] usb 2-1: Product: syz
[  194.267299][ T5957] usb 2-1: Manufacturer: syz
[  194.277389][ T5957] usb 2-1: SerialNumber: syz
[  194.290881][ T5957] usb 2-1: config 0 descriptor??
[  194.310469][ T5957] usb 2-1: selecting invalid altsetting 0
[  194.957339][ T7144] netlink: 'syz.2.206': attribute type 2 has an invalid length.
[  195.608918][ T5957] usb 2-1: USB disconnect, device number 6
[  196.537162][ T7154] sctp: failed to load transform for md5: -2
[  196.743813][ T7170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.210'.
[  197.040051][ T7170] pim6reg: entered allmulticast mode
[  197.420437][ T7173] sctp: failed to load transform for md5: -2
[  197.766106][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  197.766123][   T30] audit: type=1326 audit(1757842342.085:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  197.803019][ T7181] netlink: 'syz.0.212': attribute type 4 has an invalid length.
[  197.821016][ T7181] netlink: 'syz.0.212': attribute type 4 has an invalid length.
[  197.878979][   T30] audit: type=1326 audit(1757842342.085:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  198.030023][   T30] audit: type=1326 audit(1757842342.085:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  198.132193][   T30] audit: type=1326 audit(1757842342.085:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  198.196900][   T30] audit: type=1326 audit(1757842342.085:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  198.254673][   T30] audit: type=1326 audit(1757842342.095:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  198.340369][   T30] audit: type=1326 audit(1757842342.095:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  199.306343][   T30] audit: type=1326 audit(1757842342.095:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  199.513136][   T30] audit: type=1326 audit(1757842342.095:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  200.831614][   T30] audit: type=1326 audit(1757842342.095:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7177 comm="syz.3.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fcd4f38eba9 code=0x7ffc0000
[  202.573661][   T24] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  202.793809][   T24] usb 4-1: Using ep0 maxpacket: 16
[  202.908253][ T7225] syz.4.219 (7225): drop_caches: 2
[  202.919543][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  202.930324][   T24] usb 4-1: config 0 has no interfaces?
[  202.951773][   T24] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  202.991605][   T24] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  203.109983][   T24] usb 4-1: Manufacturer: syz
[  203.131307][   T24] usb 4-1: config 0 descriptor??
[  204.574958][ T7238] tipc: Started in network mode
[  204.579901][ T7238] tipc: Node identity aa6e726aeec5, cluster identity 4711
[  204.599865][ T7238] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  204.648588][ T7239] syzkaller0: entered promiscuous mode
[  204.662939][ T7239] syzkaller0: entered allmulticast mode
[  204.870658][   T24] usb 4-1: USB disconnect, device number 6
[  205.048064][ T7246] netlink: 'syz.2.224': attribute type 4 has an invalid length.
[  205.070533][ T7241] tipc: Resetting bearer <eth:syzkaller0>
[  205.092505][ T7237] tipc: Resetting bearer <eth:syzkaller0>
[  205.165203][ T7249] netlink: 'syz.2.224': attribute type 4 has an invalid length.
[  205.226400][ T7237] tipc: Disabling bearer <eth:syzkaller0>
[  207.965946][ T7290] hsr0: entered promiscuous mode
[  208.182469][ T7292] netlink: 'syz.3.234': attribute type 4 has an invalid length.
[  208.198148][ T7292] netlink: 'syz.3.234': attribute type 4 has an invalid length.
[  208.298750][ T7293] netlink: 44 bytes leftover after parsing attributes in process `syz.3.234'.
[  210.103218][ T5934] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  210.294238][ T5934] usb 4-1: Using ep0 maxpacket: 16
[  210.445255][ T7302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.456095][ T7302] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.708899][ T7310] sctp: failed to load transform for md5: -2
[  211.194228][ T7320] netlink: 'syz.0.238': attribute type 4 has an invalid length.
[  211.384830][ T7320] netlink: 'syz.0.238': attribute type 4 has an invalid length.
[  212.004767][ T7289] hsr0: left promiscuous mode
[  212.052186][ T5934] usb 4-1: unable to get BOS descriptor or descriptor too short
[  212.294444][ T5934] usb 4-1: unable to read config index 0 descriptor/start: -71
[  212.317352][ T5934] usb 4-1: can't read configurations, error -71
[  212.930584][ T5934] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  213.238870][ T7350] netlink: 20 bytes leftover after parsing attributes in process `syz.0.244'.
[  213.566007][ T5934] usb 4-1: Using ep0 maxpacket: 8
[  213.601448][ T5934] usb 4-1: config 0 has no interfaces?
[  216.146631][ T5934] usb 4-1: string descriptor 0 read error: -71
[  216.153038][ T5934] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  216.162546][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.204129][ T5934] usb 4-1: config 0 descriptor??
[  216.222075][ T5934] usb 4-1: can't set config #0, error -71
[  216.270270][ T5934] usb 4-1: USB disconnect, device number 8
[  216.983224][ T5934] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  217.055846][ T7375] ptrace attach of "./syz-executor exec"[5883] was attempted by "./syz-executor exec"[7375]
[  217.244053][ T7376] netlink: 212364 bytes leftover after parsing attributes in process `syz.4.251'.
[  217.299640][ T5934] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  217.311015][ T5934] usb 4-1: config 0 interface 0 has no altsetting 0
[  217.458484][ T5934] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  217.564017][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  217.592630][ T5934] usb 4-1: Product: syz
[  217.711027][ T5934] usb 4-1: Manufacturer: syz
[  217.735206][ T5934] usb 4-1: SerialNumber: syz
[  217.824201][ T5934] usb 4-1: config 0 descriptor??
[  217.850175][ T5934] usb 4-1: selecting invalid altsetting 0
[  218.009501][ T7387] netlink: 'syz.2.252': attribute type 75 has an invalid length.
[  218.553227][ T5934] usb 4-1: USB disconnect, device number 9
[  219.146757][ T7399] netlink: 4 bytes leftover after parsing attributes in process `syz.4.254'.
[  219.593146][ T5941] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  219.803351][ T5941] usb 5-1: Using ep0 maxpacket: 32
[  219.813359][ T5941] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  219.882068][ T5941] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3
[  219.996110][ T5941] usb 5-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01
[  220.011996][ T5941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.093621][ T5941] usb 5-1: Product: syz
[  220.163140][ T5941] usb 5-1: Manufacturer: syz
[  220.217378][ T7409] tipc: New replicast peer: 0.0.0.0
[  220.223607][ T7409] tipc: Enabled bearer <udp:syz2>, priority 10
[  220.236347][ T7409] ptrace attach of "./syz-executor exec"[5884] was attempted by "./syz-executor exec"[7409]
[  220.307106][ T5941] usb 5-1: SerialNumber: syz
[  220.321501][ T5941] usb 5-1: config 0 descriptor??
[  220.390271][ T5941] go7007 5-1:0.0: probe with driver go7007 failed with error -12
[  221.333224][ T5934] tipc: Node number set to 3424097189
[  222.738626][ T7422] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  223.200799][ T5941] usb 5-1: USB disconnect, device number 11
[  223.941650][ T7436] netlink: 'syz.0.262': attribute type 4 has an invalid length.
[  226.514555][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  226.514572][   T30] audit: type=1800 audit(1757842370.285:140): pid=7461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.267" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  226.643333][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  226.805393][    T9] usb 5-1: Using ep0 maxpacket: 8
[  226.940777][    T9] usb 5-1: config 1 has an invalid descriptor of length 158, skipping remainder of the config
[  227.026229][    T9] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  227.311066][    T9] usb 5-1: config 1 has no interface number 1
[  227.321981][    T9] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  227.372639][    T9] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  227.386318][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.413314][    T9] usb 5-1: Product: syz
[  227.425197][    T9] usb 5-1: Manufacturer: syz
[  227.442390][    T9] usb 5-1: SerialNumber: syz
[  227.902276][ T7475] netlink: 4 bytes leftover after parsing attributes in process `syz.2.270'.
[  227.911338][   T30] audit: type=1326 audit(1757842372.255:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  228.066836][   T30] audit: type=1326 audit(1757842372.255:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2119d90ac7 code=0x7ffc0000
[  228.123152][   T30] audit: type=1326 audit(1757842372.255:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2119d90a3c code=0x7ffc0000
[  228.169206][   T30] audit: type=1326 audit(1757842372.255:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f2119d90974 code=0x7ffc0000
[  228.394193][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.268'.
[  228.566785][ T7480] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  228.609520][ T7480] : entered promiscuous mode
[  228.644607][   T30] audit: type=1326 audit(1757842372.255:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f2119d90974 code=0x7ffc0000
[  229.020373][   T30] audit: type=1326 audit(1757842372.255:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2119d8d80a code=0x7ffc0000
[  229.420543][   T30] audit: type=1326 audit(1757842372.255:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  229.487646][    T9] usb 5-1: cannot find UAC_HEADER
[  229.565950][ T7490] netlink: 24 bytes leftover after parsing attributes in process `syz.2.271'.
[  229.593911][   T30] audit: type=1326 audit(1757842372.255:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  229.677712][ T7491] netlink: 24 bytes leftover after parsing attributes in process `syz.2.271'.
[  229.690585][    T9] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  229.722312][    T9] usb 5-1: USB disconnect, device number 12
[  229.755543][ T7142] udevd[7142]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  229.823835][   T30] audit: type=1326 audit(1757842372.255:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.2.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2119d8eba9 code=0x7ffc0000
[  230.504548][ T7498] netlink: 'syz.0.273': attribute type 4 has an invalid length.
[  231.003416][   T43] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  231.214293][   T43] usb 1-1: Using ep0 maxpacket: 16
[  231.226734][   T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  231.240942][   T43] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  231.256055][   T43] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  231.265759][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.311584][   T43] usb 1-1: Product: syz
[  231.318725][   T43] usb 1-1: Manufacturer: syz
[  231.331511][   T43] usb 1-1: SerialNumber: syz
[  231.352204][   T43] usb 1-1: config 0 descriptor??
[  231.679849][ T7518] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  232.086781][ T7522] random: crng reseeded on system resumption
[  233.083153][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  233.785260][   T43] usb 1-1: USB disconnect, device number 7
[  233.940392][    T9] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  233.967739][    T9] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  234.128076][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  234.191521][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.379881][ T7552] block device autoloading is deprecated and will be removed.
[  234.393561][ T7552] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  234.549436][ T7540] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  234.605264][    T9] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  234.869259][ T7540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.881723][ T7540] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.208151][   T43] usb 4-1: USB disconnect, device number 10
[  236.392369][ T7572] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  236.399700][ T7572] IPv6: NLM_F_CREATE should be set when creating new route
[  237.508231][ T7580] netlink: 24 bytes leftover after parsing attributes in process `syz.2.289'.
[  237.550945][ T7580] netlink: 24 bytes leftover after parsing attributes in process `syz.2.289'.
[  238.234075][ T7589] netlink: 'syz.1.292': attribute type 10 has an invalid length.
[  238.247383][ T7589] 8021q: adding VLAN 0 to HW filter on device team0
[  238.298525][ T7589] bond0: (slave team0): Enslaving as an active interface with an up link
[  238.326020][ T7594] binder: BINDER_SET_CONTEXT_MGR already set
[  238.334965][ T7594] binder: 7583:7594 ioctl 4018620d 200000000040 returned -16
[  238.503138][ T7594] binder: 7583:7594 ioctl c0306201 200000000240 returned -11
[  238.734517][ T7592] sctp: failed to load transform for md5: -2
[  239.001746][ T7601] ptrace attach of "./syz-executor exec"[5888] was attempted by "./syz-executor exec"[7601]
[  239.012032][ T5934] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  239.041943][ T7601] netlink: 'syz.4.290': attribute type 6 has an invalid length.
[  239.343220][ T5934] usb 4-1: Using ep0 maxpacket: 16
[  239.360989][ T5934] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  239.393092][ T5934] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  239.481986][ T5934] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  239.492611][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.500701][ T5934] usb 4-1: Product: syz
[  239.510695][ T5934] usb 4-1: Manufacturer: syz
[  239.515505][ T5934] usb 4-1: SerialNumber: syz
[  239.558839][ T5934] usb 4-1: config 0 descriptor??
[  240.315056][ T7622] fuse: Bad value for 'fd'
[  240.403577][ T7621] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  240.619406][ T7625] netlink: 20 bytes leftover after parsing attributes in process `syz.2.296'.
[  241.663908][    T9] usb 4-1: USB disconnect, device number 11
[  241.960644][ T7644] netlink: 68 bytes leftover after parsing attributes in process `syz.2.298'.
[  242.670148][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  242.977347][    T9] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  243.019662][    T9] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  243.050852][    T9] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  243.111160][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  243.120671][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.329795][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  243.634488][    T9] usb 2-1: invalid MIDI out EP 0
[  243.708765][ T7145] udevd[7145]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  243.743586][    T9] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[  243.789996][    T9] usb 2-1: USB disconnect, device number 7
[  244.804711][ T7663] netlink: 8 bytes leftover after parsing attributes in process `syz.2.303'.
[  244.821363][ T7663] trusted_key: encrypted_key: key user:syz not found
[  245.779982][ T7676] netlink: 24 bytes leftover after parsing attributes in process `syz.1.306'.
[  245.834700][ T7677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.306'.
[  248.484911][ T7665] geneve2: entered promiscuous mode
[  248.750814][ T7665] geneve2: entered allmulticast mode
[  248.864936][   T49] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  248.933944][   T49] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 19999 - 0
[  248.952994][   T49] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.013286][   T49] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 19999 - 0
[  249.105639][   T49] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.146060][   T49] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 19999 - 0
[  249.232274][ T7715] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  249.242543][ T7711] syzkaller0: entered promiscuous mode
[  249.303465][ T7711] syzkaller0: entered allmulticast mode
[  249.328720][ T2983] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.449502][ T2983] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 19999 - 0
[  249.663254][   T43] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  249.963154][    T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  249.991620][   T43] usb 5-1: Using ep0 maxpacket: 8
[  250.127130][   T43] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  250.153178][   T43] usb 5-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  250.189623][   T43] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  250.210813][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.242105][   T43] usb 5-1: Product: syz
[  250.265317][   T43] usb 5-1: Manufacturer: syz
[  250.318570][   T43] usb 5-1: SerialNumber: syz
[  250.323520][    T9] usb 4-1: Using ep0 maxpacket: 8
[  250.325165][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  250.353393][ T5934] tipc: Node number set to 1152086634
[  250.386211][    T9] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  250.430319][    T9] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  250.469193][    T9] usb 4-1: Product: syz
[  250.491422][    T9] usb 4-1: Manufacturer: syz
[  250.526819][    T9] usb 4-1: SerialNumber: syz
[  250.588949][ T7711] tipc: Resetting bearer <eth:syzkaller0>
[  250.637501][   T10] usb 5-1: USB disconnect, device number 13
[  250.668220][ T7707] tipc: Resetting bearer <eth:syzkaller0>
[  250.694098][ T7707] tipc: Disabling bearer <eth:syzkaller0>
[  250.874049][    T9] usb 4-1: palm_os_3_probe - error -110 getting connection information
[  250.896993][    T9] visor 4-1:1.0: probe with driver visor failed with error -110
[  250.922617][ T7737] bridge0: port 1(team0) entered disabled state
[  251.816446][ T7746] netlink: 24 bytes leftover after parsing attributes in process `syz.1.318'.
[  252.704640][   T43] usb 4-1: USB disconnect, device number 12
[  253.270656][ T7762] netlink: 24 bytes leftover after parsing attributes in process `syz.3.322'.
[  253.311276][ T7762] netlink: 24 bytes leftover after parsing attributes in process `syz.3.322'.
[  253.656822][ T7766] block device autoloading is deprecated and will be removed.
[  253.706542][ T7769] netlink: 'syz.2.323': attribute type 12 has an invalid length.
[  254.501313][ T7777] netlink: 'syz.4.324': attribute type 1 has an invalid length.
[  254.557885][ T7777] bond1: entered promiscuous mode
[  254.571051][ T7777] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.631852][ T7779] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.639689][ T7779] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  254.650266][ T7779] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  254.663262][ T7779] bond1: (slave ip6gre1): making interface the new active one
[  254.670738][ T7779] ip6gre1: entered promiscuous mode
[  254.677983][ T7779] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  255.641857][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.648528][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  256.121747][ T7789] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  256.141483][ T7789] netlink: 4 bytes leftover after parsing attributes in process `syz.4.326'.
[  257.853210][ T5934] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  258.053175][ T5934] usb 1-1: Using ep0 maxpacket: 8
[  258.064411][ T5934] usb 1-1: config index 0 descriptor too short (expected 28277, got 36)
[  258.072748][ T5934] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  258.087942][ T5934] usb 1-1: config 0 has no interfaces?
[  258.156437][ T5934] usb 1-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  258.212654][ T7823] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  258.273679][ T5934] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.304766][ T5934] usb 1-1: config 0 descriptor??
[  258.848898][ T7811] libceph: resolve '4.' (ret=-3): failed
[  258.857341][ T7811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.331'.
[  260.683316][ T7837] fuse: Unknown parameter '017777777777777777777770x0000000000000005ÿÿÿÿÿÿÿÿ18446744073709551615ÿ'
[  261.134530][   T43] usb 1-1: USB disconnect, device number 8
[  268.113238][ T7899] netlink: 'syz.3.346': attribute type 2 has an invalid length.
[  269.381013][ T7917] netlink: 24 bytes leftover after parsing attributes in process `syz.2.353'.
[  269.395942][ T7917] netlink: 24 bytes leftover after parsing attributes in process `syz.2.353'.
[  269.545424][ T7918] trusted_key: syz.0.352 sent an empty control message without MSG_MORE.
[  271.613901][ T7935] syzkaller1: entered promiscuous mode
[  271.619614][ T7935] syzkaller1: entered allmulticast mode
[  271.796383][ T7940] netlink: 'syz.1.358': attribute type 4 has an invalid length.
[  271.846344][ T7938] netlink: 'syz.1.358': attribute type 4 has an invalid length.
[  272.552777][ T7949] netlink: 24 bytes leftover after parsing attributes in process `syz.2.360'.
[  272.613563][ T7950] netlink: 24 bytes leftover after parsing attributes in process `syz.2.360'.
[  273.294349][ T7948] geneve2: entered allmulticast mode
[  275.438309][ T7980] program syz.0.366 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  275.583237][ T7984] netlink: 12 bytes leftover after parsing attributes in process `syz.0.366'.
[  276.863174][   T43] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  277.107028][   T43] usb 5-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  277.120500][   T43] usb 5-1: config 0 interface 0 has no altsetting 0
[  277.151296][   T43] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  277.160678][   T43] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  277.171689][   T43] usb 5-1: Product: syz
[  277.178631][   T43] usb 5-1: Manufacturer: syz
[  277.185383][   T43] usb 5-1: SerialNumber: syz
[  277.201434][   T43] usb 5-1: config 0 descriptor??
[  277.251626][   T43] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[  277.269702][ T7142] udevd[7142]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  277.650565][   T43] usb 5-1: USB disconnect, device number 14
[  278.162407][ T8016] netlink: 24 bytes leftover after parsing attributes in process `syz.3.373'.
[  278.181328][ T8016] netlink: 24 bytes leftover after parsing attributes in process `syz.3.373'.
[  279.123422][ T8021] tipc: Started in network mode
[  279.147282][ T8021] tipc: Node identity 42de2d921a28, cluster identity 4711
[  279.181051][ T8021] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  279.218934][ T8023] syzkaller0: entered promiscuous mode
[  279.277399][ T8023] syzkaller0: entered allmulticast mode
[  279.743170][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  280.087616][    T9] usb 3-1: Using ep0 maxpacket: 8
[  280.143386][    T9] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  280.160155][    T9] usb 3-1: config 135 has 0 interfaces, different from the descriptor's value: 1
[  280.212872][    T9] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  280.225082][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.234013][    T9] usb 3-1: Product: syz
[  280.238214][    T9] usb 3-1: Manufacturer: syz
[  280.242954][    T9] usb 3-1: SerialNumber: syz
[  280.293185][    T9] tipc: Node number set to 1492528530
[  280.456427][ T8021] tipc: Resetting bearer <eth:syzkaller0>
[  280.472653][ T5927] usb 3-1: USB disconnect, device number 5
[  280.644676][ T8020] tipc: Resetting bearer <eth:syzkaller0>
[  280.698142][ T8020] tipc: Disabling bearer <eth:syzkaller0>
[  281.483130][   T43] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  282.031677][   T43] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  282.070774][   T43] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  282.085133][ T8050] netlink: 24 bytes leftover after parsing attributes in process `syz.2.380'.
[  282.099276][ T8050] netlink: 24 bytes leftover after parsing attributes in process `syz.2.380'.
[  282.178762][   T43] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  282.382242][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  282.437481][   T43] usb 4-1: SerialNumber: syz
[  282.755023][ T8061] netlink: 68 bytes leftover after parsing attributes in process `syz.0.381'.
[  283.539515][ T8064] netlink: 'syz.1.383': attribute type 4 has an invalid length.
[  283.692501][ T8068] netlink: 'syz.1.383': attribute type 4 has an invalid length.
[  283.911404][ T7690] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  284.075983][ T7690] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  284.089689][ T8073] netlink: 44 bytes leftover after parsing attributes in process `syz.1.383'.
[  284.203188][ T7690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  284.325800][   T43] usb 4-1: cannot find UAC_HEADER
[  284.372086][ T7690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  284.443429][ T7690] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  284.476868][   T43] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  284.498104][ T8082] netlink: 40 bytes leftover after parsing attributes in process `syz.0.385'.
[  284.547425][ T7690] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  284.559205][ T7690] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.572291][   T43] usb 4-1: USB disconnect, device number 13
[  284.608466][ T7690] usb 5-1: config 0 descriptor??
[  284.699449][ T8084] netlink: 24 bytes leftover after parsing attributes in process `syz.1.387'.
[  284.713355][ T8084] netlink: 24 bytes leftover after parsing attributes in process `syz.1.387'.
[  284.950860][   T43] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  284.967194][ T7142] udevd[7142]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  285.081990][ T7690] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  285.113946][   T43] usb 4-1: Using ep0 maxpacket: 16
[  285.121666][   T43] usb 4-1: config 4 has an invalid interface number: 51 but max is 0
[  285.148670][   T43] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  285.186676][   T43] usb 4-1: config 4 has no interface number 0
[  285.202477][   T43] usb 4-1: config 4 interface 51 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  285.258411][   T43] usb 4-1: config 4 interface 51 has no altsetting 0
[  285.275442][   T43] usb 4-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  285.286655][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.314035][   T43] usb 4-1: Product: syz
[  285.371449][   T43] usb 4-1: Manufacturer: syz
[  285.403624][   T43] usb 4-1: SerialNumber: syz
[  285.435113][   T43] cdc_eem 4-1:4.51: probe with driver cdc_eem failed with error -22
[  286.783610][    T9] usb 5-1: reset high-speed USB device number 15 using dummy_hcd
[  287.213565][ T8099] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  287.322828][ T8102] syzkaller0: entered promiscuous mode
[  287.330694][ T8102] syzkaller0: entered allmulticast mode
[  287.371096][ T8099] tipc: Resetting bearer <eth:syzkaller0>
[  287.378398][ T8098] tipc: Resetting bearer <eth:syzkaller0>
[  287.390937][ T8098] tipc: Disabling bearer <eth:syzkaller0>
[  287.850070][    T9] usb 5-1: device descriptor read/64, error -71
[  287.929451][ T5995] usb 4-1: USB disconnect, device number 14
[  288.443210][    T9] usb 5-1: reset high-speed USB device number 15 using dummy_hcd
[  290.563757][    T9] usb 5-1: device not accepting address 15, error -71
[  290.636934][ T8129] netlink: 'syz.4.396': attribute type 4 has an invalid length.
[  290.689904][ T8130] netlink: 'syz.4.396': attribute type 4 has an invalid length.
[  291.036171][ T8129] netlink: 44 bytes leftover after parsing attributes in process `syz.4.396'.
[  291.461009][   T10] usb 5-1: USB disconnect, device number 15
[  291.649881][ T5995] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  292.423397][ T5995] usb 1-1: Using ep0 maxpacket: 8
[  292.985994][ T5995] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  293.044090][ T5995] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.052181][ T5995] usb 1-1: Product: syz
[  293.056954][ T5995] usb 1-1: Manufacturer: syz
[  293.071960][ T5995] usb 1-1: SerialNumber: syz
[  293.080671][ T5995] usb 1-1: config 0 descriptor??
[  293.091345][ T5995] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  293.505670][ T5995] gspca_sonixj: reg_r err -32
[  293.510430][ T5995] sonixj 1-1:0.0: probe with driver sonixj failed with error -32
[  293.628741][ T8158] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  293.669264][ T8158] syzkaller0: entered promiscuous mode
[  293.693223][ T8158] syzkaller0: entered allmulticast mode
[  293.847813][ T8158] tipc: Resetting bearer <eth:syzkaller0>
[  293.910881][ T8163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.920725][ T8163] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.998315][ T8157] tipc: Resetting bearer <eth:syzkaller0>
[  294.068119][ T8157] tipc: Disabling bearer <eth:syzkaller0>
[  294.413158][ T5995] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  294.888576][ T8175] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  295.064872][ T5995] usb 2-1: config 0 has no interfaces?
[  295.084815][ T5995] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  295.116490][ T5995] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.155974][ T5995] usb 2-1: Product: syz
[  295.173831][ T5995] usb 2-1: Manufacturer: syz
[  295.193754][ T5995] usb 2-1: SerialNumber: syz
[  295.386779][ T5995] usb 2-1: config 0 descriptor??
[  295.737292][ T5995] usb 1-1: USB disconnect, device number 9
[  295.931519][ T8180] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  296.017205][ T8184] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  296.030012][ T8184] netlink: 8 bytes leftover after parsing attributes in process `syz.4.407'.
[  296.473138][   T43] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  296.670735][   T43] usb 4-1: config 0 has no interfaces?
[  296.683897][   T43] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  296.694632][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.712268][   T43] usb 4-1: Product: syz
[  296.724729][   T43] usb 4-1: Manufacturer: syz
[  296.735009][   T43] usb 4-1: SerialNumber: syz
[  296.749023][   T43] usb 4-1: config 0 descriptor??
[  296.954924][   T10] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  297.162262][ T5941] usb 2-1: USB disconnect, device number 8
[  297.233121][ T8190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.245926][ T8190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.362576][ T8201] netlink: 'syz.2.411': attribute type 4 has an invalid length.
[  297.379086][ T8201] netlink: 'syz.2.411': attribute type 4 has an invalid length.
[  297.476139][   T10] usb 1-1: config 0 has an invalid interface number: 29 but max is 0
[  297.488051][   T10] usb 1-1: config 0 has no interface number 0
[  297.506981][ T8204] netlink: 24 bytes leftover after parsing attributes in process `syz.1.412'.
[  297.519138][ T8204] netlink: 24 bytes leftover after parsing attributes in process `syz.1.412'.
[  297.578223][   T10] usb 1-1: config 0 interface 29 has no altsetting 0
[  297.633625][ T8202] netlink: 44 bytes leftover after parsing attributes in process `syz.2.411'.
[  297.850830][   T10] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  297.880584][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.953286][   T10] usb 1-1: Product: syz
[  297.973427][   T10] usb 1-1: Manufacturer: syz
[  297.989293][   T10] usb 1-1: SerialNumber: syz
[  298.180871][   T10] usb 1-1: config 0 descriptor??
[  298.409951][   T10] peak_usb 1-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  298.635538][ T8209] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6tnl0, syncid = 3, id = 0
[  299.271392][ T8216] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  299.333954][ T8216] syzkaller0: entered promiscuous mode
[  299.343136][ T8216] syzkaller0: entered allmulticast mode
[  299.386797][ T8217] netlink: 24 bytes leftover after parsing attributes in process `syz.1.415'.
[  299.422227][ T8216] tipc: Resetting bearer <eth:syzkaller0>
[  299.465902][ T8217] netlink: 24 bytes leftover after parsing attributes in process `syz.1.415'.
[  299.531190][ T8215] tipc: Resetting bearer <eth:syzkaller0>
[  299.579794][ T8215] tipc: Disabling bearer <eth:syzkaller0>
[  300.423364][   T43] usb 4-1: USB disconnect, device number 15
[  300.756963][ T8235] netlink: 24 bytes leftover after parsing attributes in process `syz.2.418'.
[  300.769429][ T8235] netlink: 24 bytes leftover after parsing attributes in process `syz.2.418'.
[  301.266725][   T10] peak_usb 1-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[  301.286680][   T10] peak_usb 1-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[  301.670532][ T8244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.421'.
[  301.774720][   T10] peak_usb 1-1:0.29: probe with driver peak_usb failed with error -71
[  302.125283][   T10] usb 1-1: USB disconnect, device number 10
[  302.891186][ T8253] netlink: 'syz.4.423': attribute type 4 has an invalid length.
[  303.014319][ T8256] netlink: 'syz.4.423': attribute type 4 has an invalid length.
[  303.347198][ T8253] netlink: 44 bytes leftover after parsing attributes in process `syz.4.423'.
[  303.425063][ T8267] 
: renamed from bridge_slave_0 (while UP)
[  305.210956][   T43] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  305.613276][   T43] usb 4-1: device descriptor read/64, error -71
[  306.333283][   T43] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  306.622158][   T43] usb 4-1: device descriptor read/64, error -71
[  306.826687][   T43] usb usb4-port1: attempt power cycle
[  306.926297][ T8300] bond1: entered promiscuous mode
[  307.057097][ T8300] 8021q: adding VLAN 0 to HW filter on device bond1
[  307.564079][   T43] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  308.401495][   T43] usb 4-1: device descriptor read/8, error -71
[  308.603590][ T8317] netlink: 84 bytes leftover after parsing attributes in process `syz.4.434'.
[  312.899421][ T8373] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  312.945908][ T8377] netlink: 'syz.0.445': attribute type 4 has an invalid length.
[  313.235363][ T8380] netlink: 'syz.0.445': attribute type 4 has an invalid length.
[  313.891359][ T5995] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  314.130359][ T5995] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  314.173449][ T5995] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  314.273647][ T5995] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  314.323094][ T5995] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.376043][ T8386] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  314.387411][ T5995] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  314.689162][ T8386] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.852905][ T8386] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  315.853983][ T8399] netlink: 12 bytes leftover after parsing attributes in process `syz.4.447'.
[  316.162583][ T8397] page: refcount:515 mapcount:0 mapping:ffff888054d0f9d0 index:0x0 pfn:0x50a00
[  316.172167][ T8397] head: order:9 mapcount:1 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  316.180688][ T8397] aops:hugetlbfs_aops ino:4f53 dentry name(?):"anon_hugepage"
[  316.188165][ T8397] flags: 0xfff00000000041(locked|head|node=0|zone=1|lastcpupid=0x7ff)
[  316.196339][ T8397] page_type: f4(hugetlb)
[  316.200590][ T8397] raw: 00fff00000000041 ffffc9000396fe10 ffffc9000396fe10 ffff888054d0f9d0
[  316.209184][ T8397] raw: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[  316.217775][ T8397] head: 00fff00000000041 ffffc9000396fe10 ffffc9000396fe10 ffff888054d0f9d0
[  316.226457][ T8397] head: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[  316.235135][ T8397] head: 00fff00000000009 ffffea0001428001 0000000000000000 0000000000000000
[  316.243801][ T8397] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000200
[  316.252477][ T8397] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[  316.259772][ T8397] page_owner tracks the page as allocated
[  316.266145][ T8397] page last allocated via order 9, migratetype Movable, gfp_mask 0x146cca(GFP_HIGHUSER_MOVABLE|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP), pid 7611, tgid 7604 (syz.1.294), ts 240254578399, free_ts 237762866751
[  316.286633][ T8397]  post_alloc_hook+0x240/0x2a0
[  316.291403][ T8397]  get_page_from_freelist+0x21e4/0x22c0
[  316.296961][ T8397]  __alloc_frozen_pages_noprof+0x181/0x370
[  316.302756][ T8397]  alloc_buddy_hugetlb_folio+0xdf/0x1c0
[  316.308294][ T8397]  only_alloc_fresh_hugetlb_folio+0x8c/0x280
[  316.314265][ T8397]  alloc_surplus_hugetlb_folio+0x103/0x430
[  316.320058][ T8397]  alloc_hugetlb_folio+0xb1a/0x16a0
[  316.325248][ T8397]  hugetlb_fault+0x1dc2/0x2970
[  316.330016][ T8397]  handle_mm_fault+0x740/0x8e0
[  316.334777][ T8397]  __get_user_pages+0x1699/0x2ce0
[  316.339794][ T8397]  populate_vma_page_range+0x29f/0x3a0
[  316.345265][ T8397]  __mm_populate+0x24c/0x380
[  316.349845][ T8397]  vm_mmap_pgoff+0x387/0x4d0
[  316.354435][ T8397]  ksys_mmap_pgoff+0x587/0x760
[  316.359194][ T8397]  do_syscall_64+0xfa/0x3b0
[  316.363691][ T8397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.369571][ T8397] page last free pid 7564 tgid 7560 stack trace:
[  316.375890][ T8397]  free_unref_folios+0xdbd/0x1520
[  316.380909][ T8397]  folios_put_refs+0x559/0x640
[  316.385659][ T8397]  free_pages_and_swap_cache+0x4be/0x520
[  316.391284][ T8397]  tlb_flush_mmu+0x3a0/0x680
[  316.395858][ T8397]  unmap_page_range+0x3b31/0x4370
[  316.400871][ T8397]  unmap_vmas+0x399/0x580
[  316.405195][ T8397]  exit_mmap+0x248/0xb50
[  316.409435][ T8397]  __mmput+0x118/0x430
[  316.413518][ T8397]  exit_mm+0x1da/0x2c0
[  316.417579][ T8397]  do_exit+0x648/0x2300
[  316.421724][ T8397]  do_group_exit+0x21c/0x2d0
[  316.426311][ T8397]  get_signal+0x1286/0x1340
[  316.430802][ T8397]  arch_do_signal_or_restart+0x9a/0x750
[  316.436341][ T8397]  exit_to_user_mode_loop+0x75/0x110
[  316.441622][ T8397]  do_syscall_64+0x2bd/0x3b0
[  316.446199][ T8397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.452228][ T8397] ------------[ cut here ]------------
[  316.457673][ T8397] kernel BUG at mm/filemap.c:154!
[  316.462713][ T8397] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  316.468959][ T8397] CPU: 1 UID: 0 PID: 8397 Comm: syz.4.447 Not tainted syzkaller #0 PREEMPT(full) 
[  316.478136][ T8397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  316.488193][ T8397] RIP: 0010:filemap_unaccount_folio+0x715/0x790
[  316.494431][ T8397] Code: a3 c9 ff 48 89 df 48 c7 c6 20 3e 94 8b e8 73 e0 31 ff 90 0f 0b e8 5b a3 c9 ff 48 89 df 48 c7 c6 00 3d 94 8b e8 5c e0 31 ff 90 <0f> 0b e8 44 a3 c9 ff 48 89 df 48 c7 c6 20 3e 94 8b e8 45 e0 31 ff
[  316.514026][ T8397] RSP: 0018:ffffc90003b6ee20 EFLAGS: 00010046
[  316.520098][ T8397] RAX: a6662fd43844da00 RBX: ffffea0001428000 RCX: a6662fd43844da00
[  316.528055][ T8397] RDX: 0000000000000005 RSI: ffffffff8dba9392 RDI: ffff888024629e00
[  316.536013][ T8397] RBP: 0000000000000001 R08: ffff8880b8724253 R09: 1ffff110170e484a
[  316.543974][ T8397] R10: dffffc0000000000 R11: ffffed10170e484b R12: 0000000000000040
[  316.551944][ T8397] R13: 1ffffd4000285000 R14: 1ffffd4000285001 R15: ffffea0001428008
[  316.559904][ T8397] FS:  00007f80fa9cf6c0(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000
[  316.568822][ T8397] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.575389][ T8397] CR2: 00002000000bd038 CR3: 000000007e4f4000 CR4: 00000000003526f0
[  316.583348][ T8397] Call Trace:
[  316.586612][ T8397]  <TASK>
[  316.589538][ T8397]  __filemap_remove_folio+0xc3/0x500
[  316.594819][ T8397]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  316.600183][ T8397]  ? __pfx___filemap_remove_folio+0x10/0x10
[  316.606067][ T8397]  ? _raw_spin_lock_irq+0xae/0xf0
[  316.611086][ T8397]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  316.616628][ T8397]  filemap_remove_folio+0xe6/0x1f0
[  316.621739][ T8397]  remove_inode_hugepages+0x594/0x1100
[  316.627194][ T8397]  ? folio_try_get+0x1c/0x340
[  316.631858][ T8397]  ? __pfx_remove_inode_hugepages+0x10/0x10
[  316.637753][ T8397]  ? hugetlbfs_fallocate+0xbaf/0x1100
[  316.643120][ T8397]  ? up_write+0x1c4/0x420
[  316.647438][ T8397]  hugetlbfs_fallocate+0xbc7/0x1100
[  316.652631][ T8397]  ? aa_file_perm+0x13a/0x1550
[  316.657388][ T8397]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[  316.663032][ T8397]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  316.668923][ T8397]  vfs_fallocate+0x669/0x7e0
[  316.673508][ T8397]  ? __pfx_vfs_fallocate+0x10/0x10
[  316.678612][ T8397]  madvise_vma_behavior+0x3254/0x3af0
[  316.683978][ T8397]  ? __lock_acquire+0xab9/0xd20
[  316.688832][ T8397]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  316.694546][ T8397]  ? finish_task_switch+0x266/0x950
[  316.699732][ T8397]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.704928][ T8397]  ? finish_task_switch+0x266/0x950
[  316.710118][ T8397]  ? rcu_is_watching+0x15/0xb0
[  316.714876][ T8397]  ? trace_sched_exit_tp+0x36/0x110
[  316.720066][ T8397]  ? __schedule+0x17ae/0x4cc0
[  316.724749][ T8397]  ? mas_prev_slot+0xb31/0xbb0
[  316.729510][ T8397]  ? find_vma_prev+0xfc/0x170
[  316.734178][ T8397]  ? __pfx_find_vma_prev+0x10/0x10
[  316.739286][ T8397]  ? futex_unqueue+0x22/0x240
[  316.743953][ T8397]  ? __futex_wait+0x34f/0x3e0
[  316.748627][ T8397]  madvise_walk_vmas+0x51c/0xa30
[  316.753564][ T8397]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  316.759045][ T8397]  ? blk_start_plug+0x6f/0x1b0
[  316.763797][ T8397]  madvise_do_behavior+0x38e/0x550
[  316.768901][ T8397]  ? __pfx_madvise_do_behavior+0x10/0x10
[  316.774527][ T8397]  ? down_read+0x1ad/0x2e0
[  316.778930][ T8397]  do_madvise+0x1bc/0x270
[  316.783251][ T8397]  ? __pfx_do_madvise+0x10/0x10
[  316.788094][ T8397]  ? __se_sys_futex+0x36f/0x400
[  316.792953][ T8397]  ? rcu_is_watching+0x15/0xb0
[  316.797702][ T8397]  __x64_sys_madvise+0xa7/0xc0
[  316.802462][ T8397]  do_syscall_64+0xfa/0x3b0
[  316.806969][ T8397]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.812152][ T8397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.818204][ T8397]  ? clear_bhb_loop+0x60/0xb0
[  316.822888][ T8397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.828774][ T8397] RIP: 0033:0x7f80f9b8eba9
[  316.833194][ T8397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.852803][ T8397] RSP: 002b:00007f80fa9cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  316.861213][ T8397] RAX: ffffffffffffffda RBX: 00007f80f9dd6270 RCX: 00007f80f9b8eba9
[  316.869175][ T8397] RDX: 0000000000000009 RSI: 0000000000600002 RDI: 0000200000000000
[  316.877136][ T8397] RBP: 00007f80f9c11e19 R08: 0000000000000000 R09: 0000000000000000
[  316.885122][ T8397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.893091][ T8397] R13: 00007f80f9dd6308 R14: 00007f80f9dd6270 R15: 00007f80f9effa28
[  316.901058][ T8397]  </TASK>
[  316.904066][ T8397] Modules linked in:
[  316.907971][ T8397] ---[ end trace 0000000000000000 ]---
[  316.913412][ T8397] RIP: 0010:filemap_unaccount_folio+0x715/0x790
[  316.919661][ T8397] Code: a3 c9 ff 48 89 df 48 c7 c6 20 3e 94 8b e8 73 e0 31 ff 90 0f 0b e8 5b a3 c9 ff 48 89 df 48 c7 c6 00 3d 94 8b e8 5c e0 31 ff 90 <0f> 0b e8 44 a3 c9 ff 48 89 df 48 c7 c6 20 3e 94 8b e8 45 e0 31 ff
[  316.939253][ T8397] RSP: 0018:ffffc90003b6ee20 EFLAGS: 00010046
[  316.945309][ T8397] RAX: a6662fd43844da00 RBX: ffffea0001428000 RCX: a6662fd43844da00
[  316.953268][ T8397] RDX: 0000000000000005 RSI: ffffffff8dba9392 RDI: ffff888024629e00
[  316.961235][ T8397] RBP: 0000000000000001 R08: ffff8880b8724253 R09: 1ffff110170e484a
[  316.969193][ T8397] R10: dffffc0000000000 R11: ffffed10170e484b R12: 0000000000000040
[  316.977147][ T8397] R13: 1ffffd4000285000 R14: 1ffffd4000285001 R15: ffffea0001428008
[  316.985103][ T8397] FS:  00007f80fa9cf6c0(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000
[  316.994027][ T8397] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  317.000595][ T8397] CR2: 00002000000bd038 CR3: 000000007e4f4000 CR4: 00000000003526f0
[  317.008559][ T8397] Kernel panic - not syncing: Fatal exception
[  317.014870][ T8397] Kernel Offset: disabled
[  317.019180][ T8397] Rebooting in 86400 seconds..