last executing test programs:

21m17.508857526s ago: executing program 32 (id=1017):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r2, 0x7fffffff, 0x5f9, 0xa, 0xb, 0x1})

15m57.382525355s ago: executing program 33 (id=5640):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0e00000004000000080000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='contention_end\x00', r1}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'macsec0\x00'})

14m42.91206615s ago: executing program 4 (id=6657):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r0)
tkill(r0, 0x12)
tkill(r0, 0x12)
ptrace(0x4208, r0)

14m39.609175154s ago: executing program 4 (id=6688):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
mmap$KVM_VCPU(&(0x7f0000034000/0x3000)=nil, 0x0, 0x3000000, 0x110, r1, 0x0)

14m39.092174702s ago: executing program 4 (id=6695):
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
chroot(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x200000, 0xd)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2001, r1}, 0x0)
landlock_restrict_self(r0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)

14m38.831826958s ago: executing program 4 (id=6701):
r0 = getpgid(0x0)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_getfd(r1, r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

14m38.698254665s ago: executing program 4 (id=6703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r0}, &(0x7f0000000200), &(0x7f0000000500)=r1}, 0x20)
r3 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0xf)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)

14m37.88336129s ago: executing program 4 (id=6718):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x41624800ab113288, 0x4})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

14m37.33434948s ago: executing program 34 (id=6718):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x41624800ab113288, 0x4})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

13m53.989689071s ago: executing program 7 (id=7211):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
getsockopt$inet_int(r0, 0x0, 0x2, 0x0, 0x0)
writev(r0, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, 0x0, 0x4000001)
r1 = syz_open_procfs(0x0, 0x0)
readv(r1, 0x0, 0x0)
getsockname$inet(r0, 0x0, &(0x7f0000000340))

13m52.775223289s ago: executing program 7 (id=7219):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0xb6, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r0, 0x0, 0x0, 0x32, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000380)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x40, 0x100, @void}}}}}}}, 0x0)

13m51.256294675s ago: executing program 7 (id=7228):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x18, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0x40}, 0x1, 0x0, 0x0, 0x24040841}, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)

13m50.351073248s ago: executing program 7 (id=7232):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff)
fcntl$setlease(r2, 0x400, 0x1)
open$dir(&(0x7f0000000100)='./file0\x00', 0x4000, 0xc)
creat(&(0x7f0000000240)='./file0\x00', 0x160)

13m48.333178216s ago: executing program 7 (id=7251):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)

13m47.875467483s ago: executing program 7 (id=7256):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x2)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={0x0, 0x7}, 0x8)

13m32.655092551s ago: executing program 35 (id=7256):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x2)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={0x0, 0x7}, 0x8)

13m11.454543658s ago: executing program 6 (id=7594):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x25, 0x1, 0x0)
recvmsg(r3, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x10160)

13m9.851190176s ago: executing program 6 (id=7598):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)

13m8.407285403s ago: executing program 6 (id=7601):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000005c0)={0x14, 0x7, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x40)

13m6.856333654s ago: executing program 6 (id=7604):
r0 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
mknodat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x8910, 0x4)
getdents64(r2, &(0x7f0000000000)=""/49, 0x31)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x400, 0x0)
renameat2(r4, &(0x7f0000000440)='./file0\x00', r2, &(0x7f0000000200)='./file7\x00', 0x0)
getdents64(r2, 0x0, 0x0)

13m6.478173248s ago: executing program 6 (id=7607):
syz_emit_ethernet(0x46, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setresgid(0xee00, 0xee01, 0x0)
r0 = syz_usb_connect(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x80201)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

13m3.798138017s ago: executing program 6 (id=7614):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_delroute={0x24, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfe}, [@RTA_DST={0x8, 0x1, @dev}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

12m48.672450372s ago: executing program 36 (id=7614):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_delroute={0x24, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfe}, [@RTA_DST={0x8, 0x1, @dev}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

2m6.410956851s ago: executing program 0 (id=13297):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000000000000002"])
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0xc, 0x32, 0x0, 0xffffd000)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000000c0)={0x0, 0x9})

2m6.04259929s ago: executing program 0 (id=13308):
landlock_create_ruleset(0x0, 0x0, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x40000020, 0x0, 0x0)

2m5.8590766s ago: executing program 0 (id=13312):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x3d, "1a004e0078768000", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x40081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000900)=0x2)

2m4.721643709s ago: executing program 0 (id=13325):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2020d7, 0x0)

2m4.565677205s ago: executing program 0 (id=13326):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x4, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x40, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000280)='|', 0x1, 0xc010, 0x0, 0x0)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x34000}], 0x1)

2m0.159089855s ago: executing program 0 (id=13366):
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

1m59.836378916s ago: executing program 37 (id=13366):
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

1m24.407853366s ago: executing program 9 (id=13804):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'netpci0\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x280a01, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

1m23.571164969s ago: executing program 9 (id=13815):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x6b, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
listen(r0, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

1m23.167243404s ago: executing program 9 (id=13819):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000940)=0x1000008, 0x4)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvfrom$packet(r1, 0x0, 0x0, 0x40, 0x0, 0x0)
close(r1)

1m21.660650034s ago: executing program 9 (id=13833):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f0000000280)='./file0/../file0/file0\x00', 0x0, 0x12c5008, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000380)='\x00', 0x89901)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r0, 0xffffffffffffffff, 0x100000000000000)

1m21.414848573s ago: executing program 9 (id=13839):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x55}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3", 0x17}], 0x1}}], 0x1, 0x0)

1m20.657798112s ago: executing program 9 (id=13853):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0x0, 0xd7, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x8080000, 0xdddd1000, 0xb, 0x1, 0x2, 0x0, 0x4, 0x1, 0xe, 0x0, 0xc4, 0x5}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x3, 0x8, 0x8}, {0x100000, 0x4000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x4, 0x2e, 0x4b}, {0x6000, 0x6000, 0xb, 0x0, 0x3, 0x1, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x6000, 0x4000, 0xf, 0xff, 0x3, 0xff, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0xff, 0x7}, {0xeeef0000, 0x9}, {0x1000, 0x9}, 0x40010000, 0x0, 0xffff1000, 0x300, 0x4, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x8000000, 0xffff1000, 0x1, 0x1, 0x999})

1m20.330263389s ago: executing program 38 (id=13853):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0x0, 0xd7, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x8080000, 0xdddd1000, 0xb, 0x1, 0x2, 0x0, 0x4, 0x1, 0xe, 0x0, 0xc4, 0x5}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x3, 0x8, 0x8}, {0x100000, 0x4000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x4, 0x2e, 0x4b}, {0x6000, 0x6000, 0xb, 0x0, 0x3, 0x1, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x6000, 0x4000, 0xf, 0xff, 0x3, 0xff, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0xff, 0x7}, {0xeeef0000, 0x9}, {0x1000, 0x9}, 0x40010000, 0x0, 0xffff1000, 0x300, 0x4, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x8000000, 0xffff1000, 0x1, 0x1, 0x999})

15.855433384s ago: executing program 8 (id=14340):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6d)
connect$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e24}, 0x6d)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)

14.770341139s ago: executing program 8 (id=14345):
close(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
r3 = landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d)
landlock_restrict_self(r3, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x20})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)
close_range(r0, 0xffffffffffffffff, 0x0)

12.891289165s ago: executing program 8 (id=14349):
r0 = fsopen(&(0x7f0000000600)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
timer_create(0x1, &(0x7f0000000240)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d036ae269b2, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x2, 0x0)
write(r4, &(0x7f0000000000)='\x00', 0x1)

11.319310268s ago: executing program 8 (id=14355):
r0 = syz_usb_connect$lan78xx(0x5, 0x3f, &(0x7f0000000dc0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000001140)={0x34, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000940)={0x34, &(0x7f0000000680)={0x0, 0x30}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000003f00)={0x84, &(0x7f0000003b00)={0x40, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000880)={0x34, &(0x7f00000006c0)={0x40, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000e80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000300)={0x34, &(0x7f0000000100)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f00000004c0)={0x34, &(0x7f0000000080)={0x20, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

10.391794273s ago: executing program 5 (id=14356):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r3=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000000040)={0x80000003, 0x1, 0xffffffc0, 0xffff, 0x2, "83843c556dec3a9a90800124b904cfc27929a3", 0xf57, 0x1c680})

10.167337229s ago: executing program 3 (id=14358):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0xb49, 0x5, 0x8, 0x0, 0xb}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x51a9497)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1})
readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0x20}], 0x1000000000000108)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x82002, 0x0)

9.594262194s ago: executing program 5 (id=14361):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000040), 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
connect$tipc(r2, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)

8.458446775s ago: executing program 2 (id=14367):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)="2e00000011008188040f46ecdb4cb9cca7480ef42b000081e3bd6efb01e5", 0x1e}], 0x1, 0x0, 0x0, 0xc9e}, 0x400c0c0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x1, 0x0, 0x7, 0x8000060000000001})
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.623473763s ago: executing program 2 (id=14371):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x90, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0x9}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
close(0x3)
socket$kcm(0x29, 0x5, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000040)=""/68, 0x44}, {&(0x7f0000000280)=""/103, 0x67}], 0x2, 0x0, 0x0)

7.115389563s ago: executing program 8 (id=14374):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e23, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001180)={0x0, 0x0, 0x0}, 0x0)

5.406878357s ago: executing program 3 (id=14378):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711807000000000095", @ANYRESHEX=0x0], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e24, 0x3, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x3}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}, 0x3fff8000}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000001980)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x40000000, @dev={0xfe, 0x80, '\x00', 0x64}, 0x10}, 0x1c, 0x0}}], 0x1, 0x20002040)
r3 = timerfd_create(0x8, 0x800)
timerfd_settime(r3, 0x3, &(0x7f0000000340)={{}, {0x0, 0x3938700}}, 0x0)
timerfd_settime(r3, 0x2, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
ioctl$RTC_UIE_OFF(r2, 0x7004)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x6, 0x8000000000000001, 0x4})
ioctl$KDSETLED(r0, 0x4b32, 0xe)

5.363077185s ago: executing program 2 (id=14379):
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x28, 0x5, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000040)={"e6891a6b3d40616e96c2c1897fa141a9", 0x0, 0x0, {0x7fffffffffffffff, 0x6}, {0xff800000, 0x2}, 0xd4c, [0xa, 0x10000, 0x81, 0x6, 0x2, 0x0, 0x3, 0x1, 0x6c68, 0x100, 0x708, 0x9, 0xd06, 0xa6b, 0x4, 0x54e0]})
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000280)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x40000012})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x300, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000040), &(0x7f0000000200), &(0x7f00000000c0), 0x0, 0x7f})

5.121220336s ago: executing program 3 (id=14381):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000300)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000100)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f0000000880)=""/99, &(0x7f0000000800)=""/90, 0x3000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0xfffffffe)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001bc0)={0x5, 0x0, [{0x2000, 0x1a, &(0x7f0000001740)=""/26}, {0x6000, 0x4d, &(0x7f0000001800)=""/77}, {0x0, 0xaf, &(0x7f0000001880)=""/175}, {0x6000, 0xe8, &(0x7f0000001940)=""/232}, {0x2000, 0x8d, &(0x7f0000001a40)=""/141}]})

5.011251263s ago: executing program 2 (id=14382):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

4.939384259s ago: executing program 1 (id=14383):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, 0x0, &(0x7f0000000100))

4.812463954s ago: executing program 3 (id=14384):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
write$tun(0xffffffffffffffff, 0x0, 0x177)
ptrace$setopts(0x4200, 0x0, 0x6, 0x17)
sendmsg$IPSET_CMD_PROTOCOL(r3, 0x0, 0x800)
syz_clone3(&(0x7f0000000200)={0x4001000, 0x0, 0x0, 0x0, {0x33}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000003c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000008f04"])

4.725882053s ago: executing program 1 (id=14385):
r0 = socket$pptp(0x18, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$pptp(r0, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e)
connect$pptp(r0, &(0x7f00000004c0)={0x18, 0x2, {0x0, @broadcast}}, 0x1e)

4.636593562s ago: executing program 5 (id=14386):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet(0x2, 0x1, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)

4.439409619s ago: executing program 1 (id=14387):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0)
getdents64(r3, &(0x7f0000001f00)=""/4093, 0xffd)

4.260503954s ago: executing program 2 (id=14388):
fsopen(&(0x7f0000000200)='overlay\x00', 0x1)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
memfd_create(&(0x7f0000000f40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89*`\xf3\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9m\xe94 \f-\xebNv\x04\xa2Z\x0f\x0e^\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00 \x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x84\xa8\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0&\x8a\x18\xdfH\x80\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x05\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\b\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15>\x8fQ\xc2\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x9b 1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x00p+sh\xf5\xd3\x86i\x01>U\x9d\bT\xcd\xa2\xea\x9c\xec\xea\xf2\'\x8a\x89\x10=\x8eklgW\x8fEOr\xa1\xee\xec\xed1\xa6\xfev\r\x16\x0e\xae\xe6[\xf7p\xd8\xc2\xa5\xa0\xed\x8e\xcc\xfd\xf2*\xc1\x9eD\x8b3Q\xd15\x9f\xf8/ \xa5\x05\xf486A\xc6\xc0Pq;\xeb\xa5\a+\x8d\xed\xb2\xf7\xd4Kd\x0f\x1d_\x96\x80\xfd\xf1i\"\x13\xf1\x19\xf0\xc8\xa6\xd5d&\rx\x90\xa8_\x15g`\xf6\xa0\x85\xa6\xeb\a7\xd8]l\x0f[4]&(b\x12;Y\x04\xa7\xb2E\t[\xf7\xe1\x04\xed\xbd\xa4\xbc\x9a\x8a\xb9q\x86\x88\xaf\xaeK6\xa5\xbb\xd6\x81\x04p\x10\xe8\x80\xeb\x0fM\xae\xed\\L\xf8\xb0/\x0e;\x97\xff\xff\xff\xff\xff\xff\xff\x7f\xf2.\xef\xa8\xfd\r\x84\x80\xf8Yv\xc4\xcb\x00Rb\x0e(\xa3\xcf$\xd8\xd3vqG>\x05Z\xb2\xd0\xf6\x8c\xf77\xf8\x1f\x99\x18wZ\x1e\n\xbd\xb9\xa1\xe4H\xea\xab\x15\x1f\xec\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8e\xe5U\x87H\xc7~\x952 \x1b\xeb\xd8\xff\x17C\xd4/I\x82N\xea\x99k\x9e\x91G\x01\x01\xe7NX\x15%>\xdc\xd6\x85\r\xf2\xc6\x0f\x18wk\xd9\x83\"\x1f\x0f\t\xd0D\x9e\xdf\'\xea#\xcc$V\xfa\xb8%\x0f\x8b\xa2\xa16l\xf626u\xc4\xf7y\xec5\xce\xd9\xe5\xba\x1e\xfb\xc3\xbe\xb0`\x87\x99z\x1b\xcc&\x8d\xf3\x81\x8d\xab\xd7\xa0+\xb1\xd5\xa8c\x8a/1\xc0\xach\xd04se!k\xed\xae\xe0\xa3\x1by\"b\"c\xa25CA\x17\xedc7\x80\xad(S;\x8f2\x00\fS\xc7\xf5eS\xc0\xddc7\x86\x9a\x90nvI\x04g\xab\x88\xf3\xb5\xfaVZ\x02\xf6\x1b\xf2\x9d\b\xe5m*\xe5\x87\xfe\xb7o\x19j\xf5\xd9\x9f~\xe6)\x92h\xfd\xb4\x0e\xea\xfd\x0e\xfc\x02\xce=\xcc\xfc3j\x81\xbb\xfc*h\xf7\xd1\xb1`,x\xb3\x13F\x18\xbb\xa1I\b\xc8\xa5M\x14+_\x8f\xe3\xa3=\x8b}\x85\xf0\x9djE\x99\xfd\x1e\xa0\xc8\xcc\x94\x00\x02\xb9\xbaB\xd1rq\xf7\xe4\xee\x9a\xa1\x88\xa8g\xd0\xf5R\xae\xffne\x87\x1b\x1e\xea\x94\xf8\x98\xbf\xef\x8b\xaby\x8d\xe1\xf7\xb8E~Ou\xc7\xae\x96j\xff\xd3\xe1\xa9\x13\xa2\x061R<1]\xb75\x91\xfa\xc2\a\xc1\xf18\xc3\x977\xaf\x01vzl\xc3\xefex\xc8r\aE\x1d\x11Ld\xa6\xf0\x03\xb2.\xa1;\x05U\xab&\x1bo\x1b\n\x96\x93FO%H\x1fr\xe8\xde&\x95\xd7d\x8d\xde\xa8\xaa\xf3\xc8\x99M\x90V,f\xc1\x9d\x95y\x12\x84\xddw\x87y\x80\x9f/', 0x2)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20040040}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

4.159449645s ago: executing program 1 (id=14389):
socket$inet_sctp(0x2, 0x1, 0x84)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000480)='ns/uts\x00')
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x5, 0x3032, 0xffffffffffffffff, 0x74953000)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4000000)
r4 = syz_open_procfs$namespace(0x0, &(0x7f00000002c0)='ns/net\x00')
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x2c, r1, 0xd66771a5e8224ded, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x59}, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r4}]}, 0x2c}}, 0x40080)

3.123113173s ago: executing program 3 (id=14390):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
io_setup(0x7fff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0x2, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x0]}}, 0x0, 0x27}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0xc, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

3.012588641s ago: executing program 5 (id=14391):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = fsopen(&(0x7f0000000280)='cifs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)

3.007124162s ago: executing program 8 (id=14392):
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r3, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)={0x20, 0x1, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc}]}, 0x20}}, 0x0)

2.961133518s ago: executing program 1 (id=14393):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000001240), 0x111, 0xc}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x2, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0xe93, @empty, 0x8}, {0xa, 0x4e23, 0x7f, @mcast2, 0x9}, r1, 0x2}}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
close(0x3)

1.479677565s ago: executing program 3 (id=14394):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0xb, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000a00))
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

893.030687ms ago: executing program 1 (id=14395):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

878.993783ms ago: executing program 2 (id=14396):
r0 = syz_io_uring_setup(0x49d, &(0x7f0000000300)={0x0, 0x671e, 0x100, 0x3, 0x33f}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080))
r2 = eventfd(0xfffffff9)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004845)
r3 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x0, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xffff}, {0xe, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f0000000000)=0x6, 0x2c)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000000c0)=r2, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000140)=0xffc, 0x0, 0x4)
io_uring_enter(r0, 0x627, 0x1764, 0x9, 0x0, 0x0)

157.346158ms ago: executing program 5 (id=14397):
r0 = syz_io_uring_setup(0x3a65, &(0x7f0000000700)={0x0, 0xb1b1, 0x10100, 0x0, 0xfffffffe}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpu.stat\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB=';'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2a, 0x0, r3, 0x0, 0x0, 0x0, 0x12001, 0x1})
io_uring_enter(r0, 0x5d62, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=14398):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = dup(r0)
io_setup(0x19, &(0x7f00000009c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}])
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000040)=0x5)
socket$inet_smc(0x2b, 0x1, 0x0)
pipe2(&(0x7f0000000200), 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
read$FUSE(r1, &(0x7f0000005380)={0x2020}, 0x2020)

kernel console output (not intermixed with test programs):

hport(0) sockfd(4)
[ 1217.872207][T32224] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1217.872308][T32224] vhci_hcd vhci_hcd.0: Device attached
[ 1218.027074][T32264] vhci_hcd: connection closed
[ 1218.037316][   T13] vhci_hcd: stop threads
[ 1218.037339][   T13] vhci_hcd: release socket
[ 1218.037375][   T13] vhci_hcd: disconnect device
[ 1218.328215][T32260] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1218.328259][T32260] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1218.393341][ T5862] usb 9-1: new full-speed USB device number 12 using dummy_hcd
[ 1218.546545][ T5862] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 983, setting to 64
[ 1218.546601][ T5862] usb 9-1: New USB device found, idVendor=1b1c, idProduct=1c05, bcdDevice= 0.00
[ 1218.546627][ T5862] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1218.598753][ T5862] usb 9-1: config 0 descriptor??
[ 1218.601121][T32272] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1219.073321][ T5862] hid (null): bogus close delimiter
[ 1219.080224][ T5862] corsair-psu 0003:1B1C:1C05.0035: bogus close delimiter
[ 1219.080247][ T5862] corsair-psu 0003:1B1C:1C05.0035: item 0 1 2 10 parsing failed
[ 1219.081204][ T5862] corsair-psu 0003:1B1C:1C05.0035: probe with driver corsair-psu failed with error -22
[ 1219.095412][T32260] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1219.095462][T32260] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1219.288198][ T5940] usb 9-1: USB disconnect, device number 12
[ 1219.529566][T32260] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1219.529611][T32260] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1219.572803][T32313] netlink: 'syz.9.11395': attribute type 3 has an invalid length.
[ 1219.572833][T32313] netlink: 'syz.9.11395': attribute type 3 has an invalid length.
[ 1219.573755][T32313] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11395'.
[ 1219.615422][T32303] tipc: Started in network mode
[ 1219.615460][T32303] tipc: Node identity 2d00000000000000faffffffffffffff, cluster identity 4711
[ 1219.946075][T32260] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1219.946118][T32260] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1220.183012][T32337] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11406'.
[ 1220.506349][T32352] netlink: 39 bytes leftover after parsing attributes in process `syz.8.11413'.
[ 1220.545125][T32352] netlink: 1 bytes leftover after parsing attributes in process `syz.8.11413'.
[ 1220.546173][ T6867] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1220.546209][ T6867] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.622085][ T6867] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1220.622121][ T6867] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.666255][ T6830] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1220.666291][ T6830] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.727168][ T6830] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1220.727207][ T6830] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1221.222607][ T5181] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1221.383665][ T5181] usb 10-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1221.383702][ T5181] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.414359][ T5181] usb 10-1: config 0 descriptor??
[ 1221.445977][ T5181] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1222.057151][ T5181] gspca_cpia1: usb_control_msg 01, error -71
[ 1222.057172][ T5181] cpia1 10-1:0.0: only firmware version 1 is supported (got: 0)
[ 1222.086080][ T5181] usb 10-1: USB disconnect, device number 10
[ 1222.111980][ T5855] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 1222.267055][ T5855] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1222.267093][ T5855] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1222.267134][ T5855] usb 1-1: New USB device found, idVendor=846d, idProduct=c626, bcdDevice= 0.00
[ 1222.267159][ T5855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1222.277372][ T5855] usb 1-1: config 0 descriptor??
[ 1222.719193][ T5855] hid-generic 0003:846D:C626.0036: unknown main item tag 0x0
[ 1222.739417][ T5855] hid-generic 0003:846D:C626.0036: hidraw0: USB HID v0.00 Device [HID 846d:c626] on usb-dummy_hcd.0-1/input0
[ 1222.939047][ T5862] usb 1-1: USB disconnect, device number 58
[ 1223.014644][T32453] 9pnet_fd: Insufficient options for proto=fd
[ 1223.864704][ T5862] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[ 1224.485837][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1224.543912][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1224.666478][ T5862] usb 10-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1224.666513][ T5862] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1224.666535][ T5862] usb 10-1: Product: syz
[ 1224.666551][ T5862] usb 10-1: Manufacturer: syz
[ 1224.666566][ T5862] usb 10-1: SerialNumber: syz
[ 1224.691668][ T5862] usb 10-1: config 0 descriptor??
[ 1224.699233][ T5862] i2c-tiny-usb 10-1:0.0: version 6d.cc found at bus 010 address 011
[ 1224.745772][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1225.346818][ T5862] i2c i2c-1: failure reading functionality
[ 1225.354100][ T5862] i2c i2c-1: connected i2c-tiny-usb device
[ 1225.364776][ T5862] usb 10-1: USB disconnect, device number 11
[ 1225.512167][ T5181] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1225.675053][ T5181] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1225.675092][ T5181] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1225.675118][ T5181] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1225.675148][ T5181] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1225.730184][ T5181] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1225.730331][ T5181] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.730357][ T5181] usb 9-1: Product: syz
[ 1225.730373][ T5181] usb 9-1: Manufacturer: syz
[ 1225.730391][ T5181] usb 9-1: SerialNumber: syz
[ 1225.815315][ T5181] usb 9-1: config 0 descriptor??
[ 1227.057591][ T5181] adutux 9-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[ 1227.222020][T28084] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1227.274600][ T5181] usb 9-1: USB disconnect, device number 13
[ 1227.381524][T28084] usb 1-1: Using ep0 maxpacket: 16
[ 1227.384067][T28084] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[ 1227.384098][T28084] usb 1-1: config 1 has an invalid interface number: 157 but max is 0
[ 1227.384121][T28084] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 1
[ 1227.384144][T28084] usb 1-1: config 1 has no interface number 0
[ 1227.384163][T28084] usb 1-1: config 1 has no interface number 1
[ 1227.384228][T28084] usb 1-1: config 1 interface 105 altsetting 2 has an endpoint descriptor with address 0x24, changing to 0x4
[ 1227.384259][T28084] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1227.384293][T28084] usb 1-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1227.384324][T28084] usb 1-1: config 1 interface 105 has no altsetting 0
[ 1227.387417][T28084] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1227.387449][T28084] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1227.387473][T28084] usb 1-1: Product: syz
[ 1227.387490][T28084] usb 1-1: Manufacturer: syz
[ 1227.387506][T28084] usb 1-1: SerialNumber: syz
[ 1227.513693][T32524] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1227.963537][T28084] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22
[ 1229.051998][T32564] netlink: 32 bytes leftover after parsing attributes in process `syz.8.11515'.
[ 1229.850592][T32603] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11534'.
[ 1229.850620][T32603] netlink: 12 bytes leftover after parsing attributes in process `syz.8.11534'.
[ 1229.850649][T32603] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11534'.
[ 1229.912131][ T5940] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1229.996341][   T38] audit: type=1326 audit(1896727905.394:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1229.997015][   T38] audit: type=1326 audit(1896727905.394:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.013404][   T38] audit: type=1326 audit(1896727905.414:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.013475][   T38] audit: type=1326 audit(1896727905.414:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.013529][   T38] audit: type=1326 audit(1896727905.414:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.018849][   T38] audit: type=1326 audit(1896727905.414:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.019205][   T38] audit: type=1326 audit(1896727905.414:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.019611][   T38] audit: type=1326 audit(1896727905.414:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32606 comm="syz.5.11536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1230.069517][ T5181] usb 1-1: USB disconnect, device number 59
[ 1230.074288][ T5940] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1230.074331][ T5940] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1230.074380][ T5940] usb 10-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[ 1230.074409][ T5940] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1230.158611][ T5940] usb 10-1: config 0 descriptor??
[ 1230.810873][ T5940] hid-led 0003:1D34:000A.0037: probe with driver hid-led failed with error -71
[ 1230.832266][ T5940] usb 10-1: USB disconnect, device number 12
[ 1231.639313][T32679] input: syz0 as /devices/virtual/input/input55
[ 1232.556246][T32721] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1232.772944][T32732] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11594'.
[ 1232.825550][T32732] bond0: entered promiscuous mode
[ 1232.825576][T32732] bond_slave_0: entered promiscuous mode
[ 1232.825835][T32732] bond_slave_1: entered promiscuous mode
[ 1232.886308][T32732] bond0: left promiscuous mode
[ 1232.886332][T32732] bond_slave_0: left promiscuous mode
[ 1232.886618][T32732] bond_slave_1: left promiscuous mode
[ 1233.705703][  T307] x_tables: ip_tables: udp match: only valid for protocol 17
[ 1235.559746][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1235.743661][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1235.778239][  T334] IPv6: sit1: Disabled Multicast RS
[ 1237.344523][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1237.359789][   T38] audit: type=1326 audit(1896727912.754:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=348 comm="syz.9.11633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1237.359851][   T38] audit: type=1326 audit(1896727912.754:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=348 comm="syz.9.11633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1237.359900][   T38] audit: type=1326 audit(1896727912.754:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=348 comm="syz.9.11633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1237.359950][   T38] audit: type=1326 audit(1896727912.754:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=348 comm="syz.9.11633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1237.360003][   T38] audit: type=1326 audit(1896727912.754:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=348 comm="syz.9.11633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1237.383740][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1237.749671][  T365] netlink: 96 bytes leftover after parsing attributes in process `syz.9.11641'.
[ 1237.807910][  T368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11642'.
[ 1238.755407][  T415] netlink: 12 bytes leftover after parsing attributes in process `syz.9.11665'.
[ 1238.755437][  T415] netlink: 12 bytes leftover after parsing attributes in process `syz.9.11665'.
[ 1238.908433][  T421] program syz.8.11670 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1239.035547][  T427] netlink: 'syz.9.11671': attribute type 27 has an invalid length.
[ 1239.035571][  T427] netlink: 'syz.9.11671': attribute type 1 has an invalid length.
[ 1239.035697][  T427] bridge0: port 1(bridge_slave_0) entered learning state
[ 1240.091557][T27845] usb 9-1: new full-speed USB device number 14 using dummy_hcd
[ 1240.245586][T27845] usb 9-1: config 0 has an invalid interface number: 168 but max is 0
[ 1240.245618][T27845] usb 9-1: config 0 has no interface number 0
[ 1240.245671][T27845] usb 9-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[ 1240.245697][T27845] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1240.286761][T27845] usb 9-1: config 0 descriptor??
[ 1240.286887][  T490] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[ 1240.308604][  T492] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[ 1240.514886][T27845] usb 9-1: string descriptor 0 read error: -71
[ 1240.518344][T27845] usb-storage 9-1:0.168: USB Mass Storage device detected
[ 1240.538194][T27845] usb-storage 9-1:0.168: Quirks match for vid 05ab pid 0060: 2
[ 1240.554526][ T5115] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 1241.439706][T24707] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1241.821229][T27845] usb 9-1: USB disconnect, device number 14
[ 1242.114724][  T526] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11719'.
[ 1242.291532][ T5862] kernel read not supported for file /rfkill (pid: 5862 comm: kworker/1:4)
[ 1242.603323][  T551] netlink: 16 bytes leftover after parsing attributes in process `syz.8.11732'.
[ 1243.250837][  T580] batadv_slave_0: entered promiscuous mode
[ 1243.270593][  T580] batman_adv: batadv0: Adding interface: macsec1
[ 1243.270615][  T580] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.270649][  T580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1243.270668][  T580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1243.270689][  T580] batman_adv: batadv0: Interface activated: macsec1
[ 1243.900795][  T597] netlink: 164 bytes leftover after parsing attributes in process `syz.8.11752'.
[ 1243.951925][T28084] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1244.101954][T28084] usb 10-1: Using ep0 maxpacket: 8
[ 1244.135854][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1244.166629][T28084] usb 10-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1244.166664][T28084] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1244.166686][T28084] usb 10-1: Product: syz
[ 1244.166702][T28084] usb 10-1: Manufacturer: syz
[ 1244.166718][T28084] usb 10-1: SerialNumber: syz
[ 1244.212175][T28084] usb 10-1: config 0 descriptor??
[ 1244.235934][T28084] gspca_main: se401-2.14.0 probing 047d:5003
[ 1244.653139][T28084] gspca_se401: ExtraFeatures: 255
[ 1244.653158][T28084] gspca_se401: Too many frame sizes
[ 1244.692876][  T618] 9pnet_fd: Insufficient options for proto=fd
[ 1244.856155][  T624] netlink: 64 bytes leftover after parsing attributes in process `syz.5.11764'.
[ 1244.868472][ T5181] usb 10-1: USB disconnect, device number 13
[ 1245.667215][T27845] kernel write not supported for file /snd/seq (pid: 27845 comm: kworker/0:0)
[ 1245.877430][  T672] ptrace attach of "./syz-executor exec"[27571] was attempted by "\x09   
                   ��      ��      ��      ��              ��      ��      ��                 ����                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
[ 1247.193650][  T719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11809'.
[ 1247.897041][  T750] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11824'.
[ 1248.022149][ T5181] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1248.180060][ T5181] usb 9-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1248.180127][ T5181] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1248.193052][ T5181] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1248.193090][ T5181] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1248.193114][ T5181] usb 9-1: Manufacturer: syz
[ 1248.219071][ T5181] usb 9-1: config 0 descriptor??
[ 1248.478826][T27845] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1248.485404][ T5181] rc_core: IR keymap rc-hauppauge not found
[ 1248.485430][ T5181] Registered IR keymap rc-empty
[ 1248.503384][ T5181] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0
[ 1248.506879][ T5181] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input56
[ 1248.537347][    C0] igorplugusb 9-1:0.0: Error: urb status = -32
[ 1248.677123][ T5181] usb 9-1: USB disconnect, device number 15
[ 1248.691330][T27845] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1248.692575][T27845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1248.692607][T27845] usb 1-1: Product: syz
[ 1248.692625][T27845] usb 1-1: Manufacturer: syz
[ 1248.692643][T27845] usb 1-1: SerialNumber: syz
[ 1248.765045][T27845] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1248.815719][ T1231] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1249.105544][   T44] usb 1-1: USB disconnect, device number 60
[ 1249.322186][T27845] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[ 1249.489081][T27845] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1249.489110][T27845] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1249.490686][T27845] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1249.490717][T27845] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1249.490740][T27845] usb 10-1: SerialNumber: syz
[ 1249.740228][T27845] usb 10-1: 0:2 : does not exist
[ 1249.823765][T27845] usb 10-1: USB disconnect, device number 14
[ 1249.972213][ T1231] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1249.972415][ T1231] ath9k_htc: Failed to initialize the device
[ 1249.975263][   T44] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1250.206646][  T830] netlink: 'syz.8.11858': attribute type 1 has an invalid length.
[ 1251.207304][  T882] netlink: 12 bytes leftover after parsing attributes in process `syz.8.11884'.
[ 1251.267087][  T884] netlink: 16390 bytes leftover after parsing attributes in process `syz.9.11885'.
[ 1251.531607][ T5855] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[ 1251.683914][ T5855] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1251.683979][ T5855] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1251.684007][ T5855] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1251.722718][ T5855] usb 9-1: config 0 descriptor??
[ 1251.798489][  T913] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11900'.
[ 1251.798529][  T913] netlink: 'syz.9.11900': attribute type 18 has an invalid length.
[ 1251.798546][  T913] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11900'.
[ 1251.945291][ T5862] usb 9-1: USB disconnect, device number 16
[ 1252.092521][  T934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11907'.
[ 1252.093710][  T934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11907'.
[ 1252.405495][ T5862] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1252.551934][ T5862] usb 9-1: Using ep0 maxpacket: 32
[ 1252.554353][ T5862] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1252.554621][ T5862] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1252.554651][ T5862] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1252.560406][ T5862] usb 9-1: config 0 descriptor??
[ 1252.626484][ T5862] ldusb 9-1:0.0: Interrupt in endpoint not found
[ 1252.887331][   T44] usb 9-1: USB disconnect, device number 17
[ 1253.132234][ T1231] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[ 1253.282123][ T1231] usb 10-1: Using ep0 maxpacket: 8
[ 1253.285126][ T1231] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1253.288844][ T1231] usb 10-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[ 1253.288876][ T1231] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1253.288899][ T1231] usb 10-1: Product: syz
[ 1253.288916][ T1231] usb 10-1: Manufacturer: syz
[ 1253.288940][ T1231] usb 10-1: SerialNumber: syz
[ 1253.314256][ T1231] usb 10-1: config 0 descriptor??
[ 1253.610433][ T1231] imon_raw 10-1:0.0: IR endpoint missing
[ 1253.626526][ T1231] usb 10-1: USB disconnect, device number 15
[ 1253.854702][ T1002] netlink: 24 bytes leftover after parsing attributes in process `syz.5.11935'.
[ 1254.304708][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1254.483174][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1254.666299][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1254.965846][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1255.362608][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1255.587826][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1255.750256][ T1042] netlink: 72 bytes leftover after parsing attributes in process `syz.0.11950'.
[ 1256.331593][ T1231] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[ 1256.485018][ T1231] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1256.485054][ T1231] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1256.485083][ T1231] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1256.488754][ T1231] usb 10-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1256.488787][ T1231] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1256.488810][ T1231] usb 10-1: Product: syz
[ 1256.488825][ T1231] usb 10-1: Manufacturer: syz
[ 1256.488841][ T1231] usb 10-1: SerialNumber: syz
[ 1256.571022][ T1231] usb 10-1: config 0 descriptor??
[ 1256.573526][ T1055] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1256.573809][ T1055] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1256.597661][ T1231] usb 10-1: ucan: probing device on interface #0
[ 1257.250684][ T1231] ucan 10-1:0.0 can0: registered device
[ 1257.420933][ T1231] ucan 10-1:0.0 can0: firmware string: unknown
[ 1257.442464][ T1231] usb 10-1: USB disconnect, device number 16
[ 1258.852152][T27845] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1259.002211][T27845] usb 1-1: Using ep0 maxpacket: 32
[ 1259.004620][T27845] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1259.004650][T27845] usb 1-1: config 0 has no interface number 0
[ 1259.004699][T27845] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1259.004728][T27845] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1259.008045][T27845] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1259.008077][T27845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1259.008100][T27845] usb 1-1: Product: syz
[ 1259.008116][T27845] usb 1-1: Manufacturer: syz
[ 1259.008132][T27845] usb 1-1: SerialNumber: syz
[ 1259.089224][T27845] usb 1-1: config 0 descriptor??
[ 1259.713170][T27845] appletouch 1-1:0.85: Geyser mode initialized.
[ 1259.716230][T27845] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input57
[ 1259.942574][T27845] usb 1-1: USB disconnect, device number 61
[ 1259.942742][    C1] appletouch 1-1:0.85: atp_complete: usb_submit_urb failed with result -19
[ 1260.052449][T27845] appletouch 1-1:0.85: input: appletouch disconnected
[ 1260.226827][   T38] audit: type=1326 audit(1896727935.624:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.234067][   T38] audit: type=1326 audit(1896727935.624:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.234129][   T38] audit: type=1326 audit(1896727935.624:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.300885][   T38] audit: type=1326 audit(1896727935.694:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.300945][   T38] audit: type=1326 audit(1896727935.694:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.347994][   T38] audit: type=1326 audit(1896727935.744:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.375781][   T38] audit: type=1326 audit(1896727935.774:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.377328][   T38] audit: type=1326 audit(1896727935.774:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.377757][   T38] audit: type=1326 audit(1896727935.774:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1205 comm="syz.8.12021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1260.522075][ T5855] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[ 1260.559476][ T1218] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1260.671515][ T5855] usb 10-1: Using ep0 maxpacket: 32
[ 1260.673886][ T5855] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1260.673951][ T5855] usb 10-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1260.673983][ T5855] usb 10-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1260.674009][ T5855] usb 10-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1260.674039][ T5855] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1260.674075][ T5855] usb 10-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[ 1260.674100][ T5855] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1260.698236][ T5855] usb 10-1: config 0 descriptor??
[ 1260.885219][ T1229] netlink: 24 bytes leftover after parsing attributes in process `syz.0.12031'.
[ 1260.885243][ T1229] netlink: 64 bytes leftover after parsing attributes in process `syz.0.12031'.
[ 1260.885266][ T1229] netlink: 24 bytes leftover after parsing attributes in process `syz.0.12031'.
[ 1260.996074][ T1234] netlink: 'syz.0.12033': attribute type 6 has an invalid length.
[ 1261.193638][ T5855] hid-thrustmaster 0003:044F:B65D.0038: unknown main item tag 0x0
[ 1261.193674][ T5855] hid-thrustmaster 0003:044F:B65D.0038: unknown main item tag 0x0
[ 1261.193698][ T5855] hid-thrustmaster 0003:044F:B65D.0038: item fetching failed at offset 2/5
[ 1261.194411][ T5855] hid-thrustmaster 0003:044F:B65D.0038: parse failed with error -22
[ 1261.194492][ T5855] hid-thrustmaster 0003:044F:B65D.0038: probe with driver hid-thrustmaster failed with error -22
[ 1261.388964][ T5855] usb 10-1: USB disconnect, device number 17
[ 1262.800578][ T1306] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12065'.
[ 1265.370380][ T1370] sch_tbf: burst 0 is lower than device wg0 mtu (1420) !
[ 1266.069468][ T1405] netlink: 'syz.5.12108': attribute type 3 has an invalid length.
[ 1268.156576][ T1402] Bluetooth: hci5: command 0x1003 tx timeout
[ 1268.251521][T24707] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1268.534465][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1268.541538][ T1480] netlink: 104 bytes leftover after parsing attributes in process `syz.8.12143'.
[ 1268.706729][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1268.855379][   T38] audit: type=1326 audit(1896727944.154:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855447][   T38] audit: type=1326 audit(1896727944.154:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855505][   T38] audit: type=1326 audit(1896727944.154:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855556][   T38] audit: type=1326 audit(1896727944.154:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855606][   T38] audit: type=1326 audit(1896727944.154:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc19a38b779 code=0x7ffc0000
[ 1268.855655][   T38] audit: type=1326 audit(1896727944.154:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855705][   T38] audit: type=1326 audit(1896727944.154:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855754][   T38] audit: type=1326 audit(1896727944.154:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855803][   T38] audit: type=1326 audit(1896727944.154:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1268.855848][   T38] audit: type=1326 audit(1896727944.154:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1485 comm="syz.9.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1270.512773][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1271.051980][ T5855] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1271.229792][ T5855] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1271.229828][ T5855] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1271.229851][ T5855] usb 9-1: Product: syz
[ 1271.229867][ T5855] usb 9-1: Manufacturer: syz
[ 1271.229884][ T5855] usb 9-1: SerialNumber: syz
[ 1271.281356][ T5855] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1271.374420][ T5862] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1272.014960][ T1231] usb 9-1: USB disconnect, device number 18
[ 1272.122725][ T1559] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(4)
[ 1272.122755][ T1559] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1272.122865][ T1559] vhci_hcd vhci_hcd.0: Device attached
[ 1272.392315][T27845] usb 52-1: SetAddress Request (6) to port 0
[ 1272.392407][T27845] usb 52-1: new SuperSpeed USB device number 6 using vhci_hcd
[ 1272.621896][ T5862] usb 9-1: Service connection timeout for: 256
[ 1272.621932][ T5862] ath9k_htc 9-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1272.626117][ T5862] ath9k_htc: Failed to initialize the device
[ 1272.628471][ T1231] usb 9-1: ath9k_htc: USB layer deinitialized
[ 1272.832588][ T1579] openvswitch: netlink: Message has 4 unknown bytes.
[ 1273.392155][ T1562] vhci_hcd: connection reset by peer
[ 1273.399061][ T6867] vhci_hcd: stop threads
[ 1273.399082][ T6867] vhci_hcd: release socket
[ 1273.419365][ T6867] vhci_hcd: disconnect device
[ 1274.425501][ T1620] kvm: kvm [1619]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000006f)
[ 1276.922121][ T1231] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[ 1277.081658][ T1231] usb 9-1: Using ep0 maxpacket: 8
[ 1277.096669][ T1231] usb 9-1: config 0 has an invalid interface number: 186 but max is 0
[ 1277.096705][ T1231] usb 9-1: config 0 has no interface number 0
[ 1277.096774][ T1231] usb 9-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1277.096807][ T1231] usb 9-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[ 1277.096840][ T1231] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1277.096873][ T1231] usb 9-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1277.106312][ T1231] usb 9-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[ 1277.106351][ T1231] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1277.106376][ T1231] usb 9-1: Product: syz
[ 1277.106394][ T1231] usb 9-1: Manufacturer: syz
[ 1277.106412][ T1231] usb 9-1: SerialNumber: syz
[ 1277.133235][ T1231] usb 9-1: config 0 descriptor??
[ 1277.429974][ T1231] iowarrior 9-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[ 1277.482411][T27845] usb 52-1: device descriptor read/8, error -110
[ 1277.634982][ T5855] usb 9-1: USB disconnect, device number 19
[ 1277.934184][T27845] usb usb52-port1: attempt power cycle
[ 1278.361281][ T1722] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12251'.
[ 1278.385634][ T1720] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12250'.
[ 1278.385699][ T1720] netlink: 312 bytes leftover after parsing attributes in process `syz.5.12250'.
[ 1278.385724][ T1720] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12250'.
[ 1278.494563][T27845] usb usb52-port1: unable to enumerate USB device
[ 1278.808286][ T1733] netlink: 236 bytes leftover after parsing attributes in process `syz.0.12257'.
[ 1279.018751][ T1739] netlink: 60 bytes leftover after parsing attributes in process `syz.5.12260'.
[ 1279.032478][ T1739] netlink: 60 bytes leftover after parsing attributes in process `syz.5.12260'.
[ 1279.035895][ T1739] netlink: 60 bytes leftover after parsing attributes in process `syz.5.12260'.
[ 1279.394442][ T1759] netlink: 176 bytes leftover after parsing attributes in process `syz.0.12270'.
[ 1280.019262][ T1789] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12285'.
[ 1281.328072][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1281.465813][ T1844] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1281.697919][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1281.988958][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.401106][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.902237][   T38] kauditd_printk_skb: 101 callbacks suppressed
[ 1282.902259][   T38] audit: type=1326 audit(1896727958.294:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.902564][   T38] audit: type=1326 audit(1896727958.304:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.905045][   T38] audit: type=1326 audit(1896727958.304:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.905361][   T38] audit: type=1326 audit(1896727958.304:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.908695][   T38] audit: type=1326 audit(1896727958.304:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.909405][   T38] audit: type=1326 audit(1896727958.304:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.913293][   T38] audit: type=1326 audit(1896727958.304:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1282.913580][   T38] audit: type=1326 audit(1896727958.314:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1867 comm="syz.9.12321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1284.275318][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1284.680162][ T1882] __nla_validate_parse: 3 callbacks suppressed
[ 1284.680183][ T1882] netlink: 12 bytes leftover after parsing attributes in process `syz.9.12326'.
[ 1284.680206][ T1882] netlink: 12 bytes leftover after parsing attributes in process `syz.9.12326'.
[ 1286.378774][ T1912] netlink: 'syz.9.12338': attribute type 1 has an invalid length.
[ 1287.123613][ T1953] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12357'.
[ 1287.123643][ T1953] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12357'.
[ 1287.204269][ T1957] binder: 1956:1957 ioctl c0306201 0 returned -14
[ 1287.208957][ T1962] sctp: [Deprecated]: syz.0.12355 (pid 1962) Use of int in maxseg socket option.
[ 1287.208957][ T1962] Use struct sctp_assoc_value instead
[ 1287.399861][ T1969] 9pnet_fd: Insufficient options for proto=fd
[ 1287.701906][ T1984] batadv_slave_1: entered promiscuous mode
[ 1287.702931][ T1983] batadv_slave_1: left promiscuous mode
[ 1288.202706][ T2005] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1288.238281][ T2005] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1288.302745][ T2005] overlayfs: inode number too big (/, ino=4611686018427387905, xinobits=3)
[ 1288.709127][ T2029] netem: incorrect gi model size
[ 1288.718055][ T2029] netem: change failed
[ 1288.879606][ T2037] netlink: 12 bytes leftover after parsing attributes in process `syz.9.12395'.
[ 1288.879641][ T2037] netlink: 12 bytes leftover after parsing attributes in process `syz.9.12395'.
[ 1290.591651][ T2115] netlink: 'syz.9.12432': attribute type 12 has an invalid length.
[ 1290.591676][ T2115] netlink: 'syz.9.12432': attribute type 29 has an invalid length.
[ 1290.591692][ T2115] netlink: 148 bytes leftover after parsing attributes in process `syz.9.12432'.
[ 1290.591733][ T2115] netlink: 'syz.9.12432': attribute type 1 has an invalid length.
[ 1290.836536][ T1231] Process accounting resumed
[ 1290.862440][ T2127] Process accounting resumed
[ 1293.038805][ T2175] netlink: 16 bytes leftover after parsing attributes in process `syz.9.12455'.
[ 1294.382025][ T5855] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1294.561562][ T5855] usb 9-1: Using ep0 maxpacket: 32
[ 1294.585634][ T5855] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1294.585674][ T5855] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1294.585718][ T5855] usb 9-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1294.585745][ T5855] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1294.609261][ T5855] usb 9-1: config 0 descriptor??
[ 1295.088225][ T5855] ft260 0003:0403:6030.0039: unknown main item tag 0x7
[ 1295.288477][ T5855] ft260 0003:0403:6030.0039: chip code: 6424 8183
[ 1295.418680][ T5181] kernel read not supported for file /dsp (pid: 5181 comm: kworker/0:3)
[ 1295.498010][ T5855] ft260 0003:0403:6030.0039: failed to retrieve system status
[ 1295.498427][ T5855] ft260 0003:0403:6030.0039: probe with driver ft260 failed with error -71
[ 1295.521639][ T5855] usb 9-1: USB disconnect, device number 20
[ 1296.120126][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120166][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120194][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120222][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120249][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120277][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120305][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120332][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.120360][T27845] hid-generic 0006:0004:0009.003A: unknown main item tag 0x0
[ 1296.199764][T27845] hid-generic 0006:0004:0009.003A: hidraw0: VIRTUAL HID v0.04 Device [syz0] on syz1
[ 1296.253353][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1296.882149][ T5181] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1297.039660][ T5181] usb 1-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[ 1297.039695][ T5181] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1297.039719][ T5181] usb 1-1: Product: syz
[ 1297.039736][ T5181] usb 1-1: Manufacturer: syz
[ 1297.039754][ T5181] usb 1-1: SerialNumber: syz
[ 1297.116730][ T5181] usb 1-1: config 0 descriptor??
[ 1297.136632][ T5181] hub 1-1:0.0: bad descriptor, ignoring hub
[ 1297.136677][ T5181] hub 1-1:0.0: probe with driver hub failed with error -5
[ 1297.336365][ T5181] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[ 1297.369002][ T5181] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1297.382843][ T5181] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[ 1297.382918][ T5181] usb 1-1: media controller created
[ 1297.446683][ T5181] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1297.588182][ T2352] overlayfs: failed to clone upperpath
[ 1297.612648][ T5181] DVB: Unable to find symbol dib7000p_attach()
[ 1297.612667][ T5181] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[ 1297.822234][ T5181] rc_core: IR keymap rc-dib0700-rc5 not found
[ 1297.822259][ T5181] Registered IR keymap rc-empty
[ 1297.822600][ T5181] dvb-usb: could not initialize remote control.
[ 1297.822611][ T5181] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[ 1298.371572][ T5862] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[ 1298.575837][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1298.588690][ T5862] usb 10-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1298.588725][ T5862] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1298.588749][ T5862] usb 10-1: Product: syz
[ 1298.588768][ T5862] usb 10-1: Manufacturer: syz
[ 1298.588787][ T5862] usb 10-1: SerialNumber: syz
[ 1298.614503][ T5862] usb 10-1: config 0 descriptor??
[ 1298.711241][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1299.233255][ T5862] usb 10-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0)
[ 1299.233289][ T5862] usb 10-1: Firmware version (0.0) predates our first public release.
[ 1299.233311][ T5862] usb 10-1: Please update to version 0.2 or newer
[ 1299.527972][ T5862] usb 10-1: USB disconnect, device number 18
[ 1299.987464][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1301.635893][ T2467] macvlan0: entered promiscuous mode
[ 1301.657574][ T2467] batadv0: entered promiscuous mode
[ 1301.684935][ T2467] hsr1: Slave A (macvlan0) is not up; please bring it up to get a fully working HSR network
[ 1303.023629][T28084] usb 1-1: USB disconnect, device number 62
[ 1303.201239][T28084] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[ 1303.720223][ T2562] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12622'.
[ 1303.746309][ T2562] gretap0: entered promiscuous mode
[ 1303.746621][ T2562] macsec2: entered promiscuous mode
[ 1303.746820][ T2562] macsec2: entered allmulticast mode
[ 1303.746838][ T2562] gretap0: entered allmulticast mode
[ 1303.800318][ T2562] gretap0: left allmulticast mode
[ 1303.800658][ T2562] gretap0: left promiscuous mode
[ 1305.420827][ T2653] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1305.569715][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1307.424192][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1307.492569][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1307.652794][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1309.792142][ T2810] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12711'.
[ 1309.792246][ T2810] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1312.112109][T27845] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1312.263608][ T2881] netlink: 80 bytes leftover after parsing attributes in process `syz.5.12741'.
[ 1312.264364][ T2881] netlink: 80 bytes leftover after parsing attributes in process `syz.5.12741'.
[ 1312.284846][T27845] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1312.284888][T27845] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1312.284923][T27845] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1312.284951][T27845] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1312.285005][T27845] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1312.285035][T27845] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1312.322556][T27845] usb 1-1: config 0 descriptor??
[ 1312.796486][T27845] hid_parser_main: 10 callbacks suppressed
[ 1312.796514][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796567][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796598][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796628][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796657][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796688][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796717][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796747][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796777][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.796807][T27845] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1312.843797][T27845] plantronics 0003:047F:FFFF.003B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1313.115151][   T44] usb 1-1: USB disconnect, device number 63
[ 1313.250212][ T2907] erspan0: entered promiscuous mode
[ 1313.292350][ T2907] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12750'.
[ 1313.511543][ T2918] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12753'.
[ 1313.511570][ T2918] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1314.258136][ T2911] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12750'.
[ 1315.000775][ T2948] cifs: Unknown parameter '�'
[ 1315.021713][   T44] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1315.204913][   T44] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1315.204971][   T44] usb 10-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[ 1315.205007][   T44] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1315.249748][   T44] usb 10-1: config 0 descriptor??
[ 1315.281309][ T2955] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1315.542950][ T2933] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4)
[ 1315.542988][ T2933] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1315.544606][ T2933] vhci_hcd vhci_hcd.0: Device attached
[ 1315.623296][ T2960] vhci_hcd: connection closed
[ 1315.637121][T24139] vhci_hcd: stop threads
[ 1315.637147][T24139] vhci_hcd: release socket
[ 1315.637202][T24139] vhci_hcd: disconnect device
[ 1315.780947][   T44] razer 0003:1532:010D.003C: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.9-1/input0
[ 1316.003591][   T44] usb 10-1: USB disconnect, device number 19
[ 1316.492389][ T2985] netlink: 104 bytes leftover after parsing attributes in process `syz.5.12785'.
[ 1316.733784][ T2995] veth1_to_team: entered promiscuous mode
[ 1316.749264][ T2995] bridge0: entered promiscuous mode
[ 1316.750675][ T2995] debugfs: 'hsr0' already exists in 'hsr'
[ 1316.750704][ T2995] Cannot create hsr debugfs directory
[ 1316.751254][ T2995] hsr0: entered allmulticast mode
[ 1316.751272][ T2995] veth1_to_team: entered allmulticast mode
[ 1316.751292][ T2995] bridge0: entered allmulticast mode
[ 1317.828127][ T3030] netlink: 104 bytes leftover after parsing attributes in process `syz.5.12806'.
[ 1318.051910][   T44] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 1318.201909][   T44] usb 1-1: Using ep0 maxpacket: 32
[ 1318.204363][   T44] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1318.204392][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1318.214678][   T44] usb 1-1: config 0 descriptor??
[ 1318.373104][ T5862] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 1318.490535][   T44] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1318.506094][   T44] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1318.534213][   T44] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1318.534279][   T44] usb 1-1: media controller created
[ 1318.583481][ T5862] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1318.583513][ T5862] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1318.587048][ T5862] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1318.587080][ T5862] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1318.587104][ T5862] usb 10-1: SerialNumber: syz
[ 1318.830816][ T5862] usb 10-1: 0:2 : does not exist
[ 1318.858558][   T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1318.953999][ T5862] usb 10-1: USB disconnect, device number 20
[ 1318.957243][   T44] az6027: usb out operation failed. (-71)
[ 1318.957686][   T44] az6027: usb out operation failed. (-71)
[ 1318.957701][   T44] stb0899_attach: Driver disabled by Kconfig
[ 1318.957713][   T44] az6027: no front-end attached
[ 1318.957713][   T44] 
[ 1318.962802][   T44] az6027: usb out operation failed. (-71)
[ 1318.962825][   T44] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1318.996575][   T44] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input59
[ 1319.032414][   T44] dvb-usb: schedule remote query interval to 400 msecs.
[ 1319.032439][   T44] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1319.066044][   T44] usb 1-1: USB disconnect, device number 64
[ 1319.316503][   T44] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1321.148013][ T5940] kernel write not supported for file bpf-prog (pid: 5940 comm: kworker/0:7)
[ 1322.426677][ T3115] loop6: detected capacity change from 0 to 7
[ 1322.432362][ T3115] Dev loop6: unable to read RDB block 7
[ 1322.432398][ T3115]  loop6: AHDI p1 p2
[ 1322.432433][ T3115] loop6: partition table partially beyond EOD, truncated
[ 1322.432560][ T3115] loop6: p1 start 926365495 is beyond EOD, truncated
[ 1323.359568][ T3145] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12860'.
[ 1323.383944][   T38] audit: type=1326 audit(1896727998.784:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc19a3e6567 code=0x7ffc0000
[ 1323.384245][   T38] audit: type=1326 audit(1896727998.784:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc19a38b779 code=0x7ffc0000
[ 1323.384536][   T38] audit: type=1326 audit(1896727998.784:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1323.385480][   T38] audit: type=1326 audit(1896727998.784:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1323.386130][   T38] audit: type=1326 audit(1896727998.784:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1323.390865][   T38] audit: type=1326 audit(1896727998.784:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1323.391094][   T38] audit: type=1326 audit(1896727998.784:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1323.394507][   T38] audit: type=1326 audit(1896727998.794:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc19a3e6567 code=0x7ffc0000
[ 1323.395993][   T38] audit: type=1326 audit(1896727998.794:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc19a38b779 code=0x7ffc0000
[ 1323.396387][   T38] audit: type=1326 audit(1896727998.794:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3146 comm="syz.9.12861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7fc19a3ef6c9 code=0x7ffc0000
[ 1323.625028][ T3145] hsr_slave_0: left promiscuous mode
[ 1323.676239][ T3145] hsr_slave_1: left promiscuous mode
[ 1325.533660][ T5940] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 1325.651493][ T5855] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1325.726521][ T5940] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1325.726577][ T5940] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1325.726604][ T5940] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1325.778568][ T5940] usb 10-1: config 0 descriptor??
[ 1325.810304][ T5855] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[ 1325.810341][ T5855] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1325.844950][ T5855] usb 9-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1325.845017][ T5855] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1325.845050][ T5855] usb 9-1: Product: syz
[ 1325.845068][ T5855] usb 9-1: Manufacturer: syz
[ 1325.845084][ T5855] usb 9-1: SerialNumber: syz
[ 1325.856757][ T5855] usb 9-1: config 0 descriptor??
[ 1325.864795][ T3194] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1325.866096][ T3194] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1326.007243][ T5940] usbhid 10-1:0.0: can't add hid device: -71
[ 1326.007397][ T5940] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1326.036406][ T5940] usb 10-1: USB disconnect, device number 21
[ 1326.091168][ T3194] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1326.093909][ T3194] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1326.492142][ T5181] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[ 1326.508054][ T5855] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[ 1326.642153][ T5181] usb 10-1: Using ep0 maxpacket: 32
[ 1326.648341][ T5181] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1326.648400][ T5181] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1326.648428][ T5181] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.696334][ T5181] usb 10-1: config 0 descriptor??
[ 1326.728596][ T5181] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1326.766335][ T5181] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1326.911606][ T5855] dm9601 9-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[ 1326.947622][ T5855] usb 9-1: USB disconnect, device number 21
[ 1326.951317][ T5870] usb 10-1: USB disconnect, device number 22
[ 1326.999961][ T5870] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1327.819795][ T3232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12895'.
[ 1327.819825][ T3232] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1329.236500][ T3211] kexec: Could not allocate control_code_buffer
[ 1330.036006][ T3261] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12909'.
[ 1330.036033][ T3261] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1331.589361][ T3279] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1332.850199][ T3333] netlink: 'syz.0.12938': attribute type 1 has an invalid length.
[ 1333.068101][ T3333] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1333.344547][ T3336] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1333.345149][ T3336] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1333.346721][ T3336] bond2: (slave vxcan3): Error -95 calling set_mac_address
[ 1335.006929][ T3376] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(4)
[ 1335.006953][ T3376] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1335.007055][ T3376] vhci_hcd vhci_hcd.0: Device attached
[ 1335.114293][ T3405] vhci_hcd: connection closed
[ 1335.132608][T26356] vhci_hcd: stop threads
[ 1335.132631][T26356] vhci_hcd: release socket
[ 1335.132668][T26356] vhci_hcd: disconnect device
[ 1336.808246][ T3472] netlink: 104 bytes leftover after parsing attributes in process `syz.0.12999'.
[ 1339.184377][ T3520] input: syz0 as /devices/virtual/input/input60
[ 1339.697781][ T3537] binder: 3536:3537 ioctl c0306201 2000000001c0 returned -14
[ 1340.523142][ T3539] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[ 1340.526298][ T3539] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1340.570283][ T3539] vhci_hcd vhci_hcd.0: Device attached
[ 1340.627251][ T3566] vhci_hcd: connection closed
[ 1340.635608][   T12] vhci_hcd: stop threads
[ 1340.635632][   T12] vhci_hcd: release socket
[ 1340.635671][   T12] vhci_hcd: disconnect device
[ 1340.880210][   T38] kauditd_printk_skb: 13 callbacks suppressed
[ 1340.880233][   T38] audit: type=1326 audit(1896728016.264:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3568 comm="syz.8.13040" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x0
[ 1342.713550][ T3624] netlink: 96 bytes leftover after parsing attributes in process `syz.5.13062'.
[ 1342.977586][ T3633] overlayfs: failed to clone lowerpath
[ 1343.050984][ T3633] overlayfs: failed to clone lowerpath
[ 1344.149009][ T3671] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13080'.
[ 1344.149042][ T3671] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13080'.
[ 1344.916792][ T5870] usb 10-1: new full-speed USB device number 23 using dummy_hcd
[ 1345.115793][ T5870] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1345.115826][ T5870] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1345.118348][ T5870] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1345.118381][ T5870] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1345.118404][ T5870] usb 10-1: Product: syz
[ 1345.118422][ T5870] usb 10-1: Manufacturer: syz
[ 1345.118440][ T5870] usb 10-1: SerialNumber: syz
[ 1345.366764][ T5870] usb 10-1: 0:2 : does not exist
[ 1345.378320][ T5870] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[ 1345.445890][ T5870] usb 10-1: USB disconnect, device number 23
[ 1345.717570][ T5940] libceph: connect (1)[c::]:6789 error -101
[ 1345.717806][ T5940] libceph: mon0 (1)[c::]:6789 connect error
[ 1345.740509][ T5940] libceph: connect (1)[c::]:6789 error -101
[ 1345.740736][ T5940] libceph: mon0 (1)[c::]:6789 connect error
[ 1345.786558][ T5940] libceph: connect (1)[b::]:6789 error -101
[ 1345.786781][ T5940] libceph: mon0 (1)[b::]:6789 connect error
[ 1345.787696][ T5940] libceph: connect (1)[b::]:6789 error -101
[ 1345.787898][ T5940] libceph: mon0 (1)[b::]:6789 connect error
[ 1346.814450][ T3723] ceph: No mds server is up or the cluster is laggy
[ 1346.814641][ T3726] ceph: No mds server is up or the cluster is laggy
[ 1346.842597][ T5940] libceph: connect (1)[c::]:6789 error -101
[ 1346.842826][ T5940] libceph: mon0 (1)[c::]:6789 connect error
[ 1346.844340][ T5940] libceph: connect (1)[b::]:6789 error -101
[ 1346.844544][ T5940] libceph: mon0 (1)[b::]:6789 connect error
[ 1347.642831][   T38] audit: type=1326 audit(1896728023.044:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.646923][   T38] audit: type=1326 audit(1896728023.044:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.646962][   T38] audit: type=1326 audit(1896728023.044:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.646996][   T38] audit: type=1326 audit(1896728023.044:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.647030][   T38] audit: type=1326 audit(1896728023.044:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.647064][   T38] audit: type=1326 audit(1896728023.044:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.647097][   T38] audit: type=1326 audit(1896728023.044:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.647138][   T38] audit: type=1326 audit(1896728023.044:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.647172][   T38] audit: type=1326 audit(1896728023.044:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1347.647206][   T38] audit: type=1326 audit(1896728023.044:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3750 comm="syz.0.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcddd3f6c9 code=0x7ffc0000
[ 1348.570183][ T3767] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1350.337199][ T3741] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(4)
[ 1350.337221][ T3741] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1350.337319][ T3741] vhci_hcd vhci_hcd.0: Device attached
[ 1350.462876][ T3786] vhci_hcd: connection closed
[ 1350.467153][T24139] vhci_hcd: stop threads
[ 1350.467174][T24139] vhci_hcd: release socket
[ 1350.467210][T24139] vhci_hcd: disconnect device
[ 1351.232154][T27845] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 1351.382188][T27845] usb 1-1: Using ep0 maxpacket: 16
[ 1351.384648][T27845] usb 1-1: config index 0 descriptor too short (expected 17170, got 18)
[ 1351.384677][T27845] usb 1-1: config 0 has too many interfaces: 63, using maximum allowed: 32
[ 1351.384701][T27845] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 63
[ 1351.388337][T27845] usb 1-1: New USB device found, idVendor=07ab, idProduct=fc01, bcdDevice=8d.90
[ 1351.388365][T27845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1351.388388][T27845] usb 1-1: Product: syz
[ 1351.388404][T27845] usb 1-1: Manufacturer: syz
[ 1351.388420][T27845] usb 1-1: SerialNumber: syz
[ 1351.463456][T27845] usb 1-1: config 0 descriptor??
[ 1351.480424][T27845] ums-freecom 1-1:0.0: USB Mass Storage device detected
[ 1352.816104][T27845] usb 1-1: USB disconnect, device number 65
[ 1353.102643][   T38] kauditd_printk_skb: 5 callbacks suppressed
[ 1353.102663][   T38] audit: type=1804 audit(1896728028.454:1279): pid=3853 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.13157" name="file0" dev="tmpfs" ino=10216 res=1 errno=0
[ 1353.231705][ T5862] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 1353.381652][ T5862] usb 10-1: Using ep0 maxpacket: 8
[ 1353.384050][ T5862] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[ 1353.384079][ T5862] usb 10-1: config 179 has no interface number 0
[ 1353.384131][ T5862] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1353.384161][ T5862] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1353.384192][ T5862] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1353.384221][ T5862] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1353.384252][ T5862] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1353.384299][ T5862] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1353.384325][ T5862] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1353.391038][ T3850] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1354.046644][ T5870] input: Generic X-Box pad as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:179.65/input/input61
[ 1354.084461][ T5940] usb 10-1: USB disconnect, device number 24
[ 1354.084478][    C1] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1354.084618][    C1] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1354.829675][   T38] audit: type=1326 audit(1896728030.224:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.837719][   T38] audit: type=1326 audit(1896728030.224:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.840202][   T38] audit: type=1326 audit(1896728030.234:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.840267][   T38] audit: type=1326 audit(1896728030.234:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.840318][   T38] audit: type=1326 audit(1896728030.234:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.841063][   T38] audit: type=1326 audit(1896728030.234:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.843117][   T38] audit: type=1326 audit(1896728030.244:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.849902][   T38] audit: type=1326 audit(1896728030.244:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1354.849968][   T38] audit: type=1326 audit(1896728030.244:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3914 comm="syz.5.13189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1356.710890][ T3952] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[ 1357.591196][ T3980] netlink: 'syz.9.13218': attribute type 1 has an invalid length.
[ 1357.659724][ T3980] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1358.065681][ T3991] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13220'.
[ 1358.065794][ T3991] openvswitch: netlink: Flow key attr not present in new flow.
[ 1358.926712][ T3985] bond1: (slave ip6gretap1): making interface the new active one
[ 1358.928664][ T3985] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1359.549716][ T5870] kernel write not supported for file bpf-prog (pid: 5870 comm: kworker/1:5)
[ 1361.481984][ T3733] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[ 1361.512219][T27845] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1361.512517][ T5870] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1361.645317][ T3733] usb 10-1: Using ep0 maxpacket: 32
[ 1361.648531][ T3733] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1361.648570][ T3733] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1361.648615][ T3733] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1361.648643][ T3733] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.661229][ T3733] usb 10-1: config 0 descriptor??
[ 1361.664483][T27845] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1361.664520][T27845] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1361.664562][T27845] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 1361.664587][T27845] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.684406][ T5870] usb 9-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1361.684445][ T5870] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1361.684472][ T5870] usb 9-1: Product: syz
[ 1361.684491][ T5870] usb 9-1: Manufacturer: syz
[ 1361.684512][ T5870] usb 9-1: SerialNumber: syz
[ 1361.799710][ T3733] hub 10-1:0.0: USB hub found
[ 1361.809541][T27845] usb 1-1: config 0 descriptor??
[ 1361.943521][ T3733] hub 10-1:0.0: 1 port detected
[ 1362.248908][T27845] hid_parser_main: 7 callbacks suppressed
[ 1362.248935][T27845] cm6533_jd 0003:0D8C:0022.003D: unknown main item tag 0x0
[ 1362.249084][T27845] cm6533_jd 0003:0D8C:0022.003D: unknown main item tag 0x0
[ 1362.277948][T27845] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.003D/input/input62
[ 1362.319750][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1362.319820][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1362.375795][T27845] cm6533_jd 0003:0D8C:0022.003D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[ 1362.495806][T27845] usb 1-1: USB disconnect, device number 66
[ 1362.539425][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO
[ 1362.539568][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1362.558078][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1362.582738][ T3733] hub 10-1:0.0: activate --> -90
[ 1362.626609][ T5870] lan78xx 9-1:1.0: probe with driver lan78xx failed with error -71
[ 1362.680353][ T5870] usb 9-1: USB disconnect, device number 22
[ 1362.995348][ T3733] hub 10-1:0.0: hub_ext_port_status failed (err = -71)
[ 1362.995379][ T3733] hub_port_connect: 6 callbacks suppressed
[ 1362.996274][ T3733] usb 10-1-port1: connect-debounce failed
[ 1362.999779][ T5870] usb 10-1: USB disconnect, device number 25
[ 1363.877152][ T4150] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13294'.
[ 1363.877231][ T4150] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1367.027007][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1367.937625][ T4238] input: syz0 as /devices/virtual/input/input63
[ 1369.512483][ T4266] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13344'.
[ 1369.512564][ T4266] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1372.232559][ T4335] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13374'.
[ 1372.232639][ T4335] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1373.536498][ T1402] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1373.567091][ T1402] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1373.597296][ T1402] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1373.598582][ T1402] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1373.599419][ T1402] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1373.729110][ T4353] netlink: 165 bytes leftover after parsing attributes in process `syz.5.13386'.
[ 1373.729683][ T4353] netlink: 277 bytes leftover after parsing attributes in process `syz.5.13386'.
[ 1373.930287][T24139] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1374.639719][T24139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1375.233122][T24139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1375.690457][T24139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1375.722145][T24707] Bluetooth: hci2: command tx timeout
[ 1376.566424][ T4345] chnl_net:caif_netlink_parms(): no params data found
[ 1376.814860][T24139] bond1: left allmulticast mode
[ 1376.814900][T24139] bond1: left promiscuous mode
[ 1376.815265][T24139] bridge0: port 3(bond1) entered disabled state
[ 1376.910296][T24139] bridge_slave_1: left allmulticast mode
[ 1376.910330][T24139] bridge_slave_1: left promiscuous mode
[ 1376.910630][T24139] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1376.993282][T24139] bridge_slave_0: left allmulticast mode
[ 1376.993564][T24139] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1377.802405][T24707] Bluetooth: hci2: command tx timeout
[ 1379.881535][T24707] Bluetooth: hci2: command tx timeout
[ 1380.043843][T24139] bridge0 (unregistering): left allmulticast mode
[ 1380.844353][ T4567] 9pnet_fd: Insufficient options for proto=fd
[ 1381.463329][T24139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1381.544525][T24139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1381.596413][T24139] bond0 (unregistering): Released all slaves
[ 1381.962254][T24707] Bluetooth: hci2: command tx timeout
[ 1382.847229][T24139] bond1 (unregistering): Released all slaves
[ 1384.068705][T24139] bond2 (unregistering): Released all slaves
[ 1384.636860][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1384.717575][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1384.792937][T24139] tipc: Left network mode
[ 1384.931296][ T4675] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[ 1384.945792][ T4684] netlink: 'syz.8.13534': attribute type 12 has an invalid length.
[ 1385.010949][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1385.299020][T24139] IPVS: stopping backup sync thread 23397 ...
[ 1385.382356][ T4345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1385.382508][ T4345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.382776][ T4345] bridge_slave_0: entered allmulticast mode
[ 1385.396318][ T4345] bridge_slave_0: entered promiscuous mode
[ 1385.444438][ T4345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1385.445992][ T4345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.446258][ T4345] bridge_slave_1: entered allmulticast mode
[ 1385.469764][ T4345] bridge_slave_1: entered promiscuous mode
[ 1385.753351][ T4722] openvswitch: netlink: Missing valid actions attribute.
[ 1385.753387][ T4722] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1386.133811][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1386.178147][ T4345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1386.203048][ T4345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1386.645271][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1387.033005][ T4765] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13567'.
[ 1387.144221][ T4748] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[ 1387.166509][ T4748] batman_adv: batadv0: Adding interface: ip6gretap2
[ 1387.166532][ T4748] batman_adv: batadv0: The MTU of interface ip6gretap2 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1387.166573][ T4748] batman_adv: batadv0: Interface activated: ip6gretap2
[ 1387.364540][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1387.371170][ T4345] team0: Port device team_slave_0 added
[ 1387.402870][ T4345] team0: Port device team_slave_1 added
[ 1387.605226][T24707] Bluetooth: hci4: unexpected event 0x03 length: 1 < 11
[ 1387.917690][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1389.797629][ T4811] Bluetooth: hci0: unsupported parameter 28022
[ 1389.797656][ T4811] Bluetooth: hci0: unsupported parameter 29793
[ 1389.797677][ T4811] Bluetooth: hci0: unsupported parameter 28022
[ 1389.797692][ T4811] Bluetooth: hci0: unsupported parameter 29793
[ 1390.116142][ T4345] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1390.116162][ T4345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1390.116203][ T4345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1390.202665][ T4345] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1390.202685][ T4345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1390.202718][ T4345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1390.792963][T24139] hsr_slave_0: left promiscuous mode
[ 1390.824054][T24139] hsr_slave_1: left promiscuous mode
[ 1390.827296][T24139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1390.827331][T24139] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1390.979838][T24139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1390.979871][T24139] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1391.066668][T24139] batman_adv: batadv0: Interface deactivated: macvlan2
[ 1391.066699][T24139] batman_adv: batadv0: Removing interface: macvlan2
[ 1391.237093][T24139] batman_adv: batadv0: Interface deactivated: macsec1
[ 1391.237122][T24139] batman_adv: batadv0: Removing interface: macsec1
[ 1391.565731][T24139] batadv_slave_0: left promiscuous mode
[ 1391.580295][T24139] batadv_slave_1: left promiscuous mode
[ 1391.580451][T24139] veth1_macvtap: left promiscuous mode
[ 1391.580555][T24139] veth0_macvtap: left promiscuous mode
[ 1391.580808][T24139] veth1_vlan: left allmulticast mode
[ 1391.580850][T24139] veth1_vlan: left promiscuous mode
[ 1391.581058][T24139] veth0_vlan: left promiscuous mode
[ 1393.033809][ T4901] overlayfs: failed to clone upperpath
[ 1394.572795][ T4946] overlayfs: failed to clone upperpath
[ 1395.780841][ T4986] binder: 4982:4986 ioctl c0306201 200000000640 returned -22
[ 1396.203428][T24139] team0 (unregistering): Port device team_slave_1 removed
[ 1396.573405][T24139] team0 (unregistering): Port device team_slave_0 removed
[ 1397.559339][T27845] usb 9-1: new full-speed USB device number 23 using dummy_hcd
[ 1397.729687][T27845] usb 9-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1397.729723][T27845] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1397.729748][T27845] usb 9-1: Product: syz
[ 1397.729765][T27845] usb 9-1: Manufacturer: syz
[ 1397.729782][T27845] usb 9-1: SerialNumber: syz
[ 1397.766733][T27845] usb 9-1: config 0 descriptor??
[ 1398.216289][T27845] airspy 9-1:0.0: Board ID: 00
[ 1398.216315][T27845] airspy 9-1:0.0: Firmware version: 
[ 1399.380702][T27845] airspy 9-1:0.0: Registered as swradio24
[ 1399.380729][T27845] airspy 9-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[ 1399.516942][ T5870] usb 9-1: USB disconnect, device number 23
[ 1401.211566][ T4910] syzkaller1: entered promiscuous mode
[ 1401.211596][ T4910] syzkaller1: entered allmulticast mode
[ 1401.214024][ T4959] syz_tun: entered allmulticast mode
[ 1401.631934][ T4959] syz_tun: left allmulticast mode
[ 1401.826134][ T4345] hsr_slave_0: entered promiscuous mode
[ 1401.844165][ T4345] hsr_slave_1: entered promiscuous mode
[ 1401.846706][ T4345] debugfs: 'hsr0' already exists in 'hsr'
[ 1401.846735][ T4345] Cannot create hsr debugfs directory
[ 1404.098294][T24139] IPVS: stop unused estimator thread 0...
[ 1405.890316][ T4345] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1405.949531][ T4345] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1406.011064][ T4345] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1406.115427][ T5256] netlink: 'syz.8.13790': attribute type 12 has an invalid length.
[ 1406.141168][ T4345] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1406.220525][ T5268] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13793'.
[ 1406.278464][ T5268] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13793'.
[ 1406.751194][ T4345] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1406.795474][ T4345] 8021q: adding VLAN 0 to HW filter on device team0
[ 1406.830993][T24139] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1406.831144][T24139] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1406.893127][ T6830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1406.893423][ T6830] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1407.629972][ T4345] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1408.009280][ T4345] veth0_vlan: entered promiscuous mode
[ 1408.057594][ T4345] veth1_vlan: entered promiscuous mode
[ 1408.262502][ T4345] veth0_macvtap: entered promiscuous mode
[ 1408.281679][ T4345] veth1_macvtap: entered promiscuous mode
[ 1408.370636][ T4345] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1408.403927][ T4345] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1408.428966][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1408.429233][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1408.429778][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1408.460468][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1408.998667][ T3197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1408.998694][ T3197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1409.126820][ T3197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1409.126844][ T3197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1409.744167][ T5356] netlink: 'syz.5.13829': attribute type 2 has an invalid length.
[ 1410.430609][ T5395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13846'.
[ 1411.367608][   T38] audit: type=1326 audit(1896728086.764:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.394560][   T38] audit: type=1326 audit(1896728086.794:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.399934][   T38] audit: type=1326 audit(1896728086.794:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.400240][   T38] audit: type=1326 audit(1896728086.794:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.472405][   T38] audit: type=1326 audit(1896728086.794:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.473530][   T38] audit: type=1326 audit(1896728086.874:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.525783][   T38] audit: type=1326 audit(1896728086.874:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5418 comm="syz.8.13860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ea32ff6c9 code=0x7ffc0000
[ 1411.719927][   T38] audit: type=1326 audit(1896728087.114:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5425 comm="syz.5.13863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1411.719990][   T38] audit: type=1326 audit(1896728087.114:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5425 comm="syz.5.13863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1411.720167][   T38] audit: type=1326 audit(1896728087.114:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5425 comm="syz.5.13863" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0x200000000006 code=0x7ffc0000
[ 1411.829712][ T1402] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1411.853049][ T1402] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1411.869287][ T1402] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1411.890181][ T1402] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1411.901032][ T1402] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1412.403041][ T5430] chnl_net:caif_netlink_parms(): no params data found
[ 1412.879805][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13875'.
[ 1412.879888][ T5464] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1414.041538][ T1402] Bluetooth: hci4: command tx timeout
[ 1414.670911][ T5499] netlink: 'syz.5.13891': attribute type 1 has an invalid length.
[ 1414.736048][ T5430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1414.736273][ T5430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1414.736509][ T5430] bridge_slave_0: entered allmulticast mode
[ 1414.739421][ T5430] bridge_slave_0: entered promiscuous mode
[ 1414.817548][ T5501] bond3: (slave bridge1): making interface the new active one
[ 1414.818920][ T5501] bond3: (slave bridge1): Enslaving as an active interface with an up link
[ 1414.819426][ T5430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1414.819570][ T5430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1414.819789][ T5430] bridge_slave_1: entered allmulticast mode
[ 1414.866434][ T5430] bridge_slave_1: entered promiscuous mode
[ 1415.133908][ T5430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1415.146519][ T5430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1415.418352][ T5430] team0: Port device team_slave_0 added
[ 1415.449280][ T5430] team0: Port device team_slave_1 added
[ 1415.729389][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1415.729409][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1415.729440][ T5430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1415.746120][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1415.746153][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1415.746191][ T5430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1416.095428][ T5430] hsr_slave_0: entered promiscuous mode
[ 1416.097005][ T5430] hsr_slave_1: entered promiscuous mode
[ 1416.098041][ T5430] debugfs: 'hsr0' already exists in 'hsr'
[ 1416.098070][ T5430] Cannot create hsr debugfs directory
[ 1416.131964][ T1402] Bluetooth: hci4: command tx timeout
[ 1416.225190][ T5551] overlayfs: failed to clone upperpath
[ 1418.206400][ T1402] Bluetooth: hci4: command tx timeout
[ 1418.896212][ T5430] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1418.940124][ T5430] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1418.985048][ T5430] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1419.014578][ T5430] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1419.084884][   T38] kauditd_printk_skb: 1 callbacks suppressed
[ 1419.084904][   T38] audit: type=1326 audit(1896728094.484:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.086262][   T38] audit: type=1326 audit(1896728094.484:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.123400][   T38] audit: type=1326 audit(1896728094.524:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.123471][   T38] audit: type=1326 audit(1896728094.524:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.123528][   T38] audit: type=1326 audit(1896728094.524:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.123582][   T38] audit: type=1326 audit(1896728094.524:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.134070][   T38] audit: type=1326 audit(1896728094.524:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.134141][   T38] audit: type=1326 audit(1896728094.524:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.134199][   T38] audit: type=1326 audit(1896728094.534:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.134254][   T38] audit: type=1326 audit(1896728094.534:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5625 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1419.670915][ T5430] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1419.769248][ T5430] 8021q: adding VLAN 0 to HW filter on device team0
[ 1419.807521][ T6835] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1419.807681][ T6835] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1419.819207][ T6835] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1419.878501][ T6835] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1420.172764][ T5666] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1420.281594][ T1402] Bluetooth: hci4: command tx timeout
[ 1420.531821][  T992] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1420.638709][ T5430] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1420.701495][  T992] usb 4-1: Using ep0 maxpacket: 16
[ 1420.704210][  T992] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1420.704291][  T992] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1420.704318][  T992] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1420.710328][  T992] usb 4-1: config 0 descriptor??
[ 1420.778433][  T992] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input64
[ 1420.970278][ T5430] veth0_vlan: entered promiscuous mode
[ 1420.993139][ T5674] input: syz0 as /devices/virtual/input/input65
[ 1421.026844][ T5430] veth1_vlan: entered promiscuous mode
[ 1421.292493][ T5430] veth0_macvtap: entered promiscuous mode
[ 1421.315955][ T5430] veth1_macvtap: entered promiscuous mode
[ 1421.504696][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1421.607882][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1421.655303][ T3197] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.655353][ T3197] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.655386][ T3197] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.655417][ T3197] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1422.528160][ T6837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1422.528186][ T6837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1422.794998][ T3197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1422.795019][ T3197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1423.016364][ T5728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13982'.
[ 1423.392623][ T5151] bcm5974 4-1:0.0: could not read from device
[ 1423.418845][ T5733] kvm: pic: non byte read
[ 1423.419433][ T5733] kvm: pic: single mode not supported
[ 1423.419512][ T5733] kvm: pic: non byte read
[ 1423.419866][ T5733] kvm: pic: non byte read
[ 1423.420214][ T5733] kvm: pic: non byte read
[ 1423.420563][ T5733] kvm: pic: non byte read
[ 1423.420946][ T5733] kvm: pic: non byte read
[ 1423.421302][ T5733] kvm: pic: non byte read
[ 1423.458806][ T5733] kvm: pic: non byte read
[ 1423.459168][ T5733] kvm: pic: non byte read
[ 1423.501093][  T992] usb 4-1: USB disconnect, device number 10
[ 1425.419080][ T5782] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1425.419114][ T5782] overlayfs: failed to set xattr on upper
[ 1425.419125][ T5782] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1425.419135][ T5782] overlayfs: ...falling back to index=off.
[ 1425.419144][ T5782] overlayfs: ...falling back to uuid=null.
[ 1425.475724][ T5785] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1426.642710][ T5814] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1427.547313][ T5833] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1427.877243][ T5843] overlayfs: failed to clone upperpath
[ 1428.448667][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1429.009456][ T5869] syz.3.14040 (5869) used greatest stack depth: 15448 bytes left
[ 1430.696223][ T5942] overlayfs: failed to clone upperpath
[ 1431.627521][ T5969] create_pit_timer: 5 callbacks suppressed
[ 1431.627547][ T5969] kvm: requested 80457 ns i8254 timer period limited to 200000 ns
[ 1431.631147][ T5969] kvm: requested 75428 ns i8254 timer period limited to 200000 ns
[ 1431.670335][ T5969] kvm: requested 82133 ns i8254 timer period limited to 200000 ns
[ 1431.699902][ T5969] kvm: requested 79619 ns i8254 timer period limited to 200000 ns
[ 1431.718510][ T5969] kvm: requested 17600 ns i8254 timer period limited to 200000 ns
[ 1431.719693][ T5969] kvm: requested 196952 ns i8254 timer period limited to 200000 ns
[ 1431.720436][ T5969] kvm: requested 181028 ns i8254 timer period limited to 200000 ns
[ 1431.722997][ T5969] kvm: requested 62857 ns i8254 timer period limited to 200000 ns
[ 1431.724266][ T5969] kvm: requested 118171 ns i8254 timer period limited to 200000 ns
[ 1431.725229][ T5969] kvm: requested 178514 ns i8254 timer period limited to 200000 ns
[ 1431.795862][T28039] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1431.930405][ T5988] overlayfs: failed to clone upperpath
[ 1431.953082][T28039] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1431.953144][T28039] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1431.953170][T28039] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1431.994225][T28039] usb 4-1: config 0 descriptor??
[ 1432.028267][T28039] pwc: Askey VC010 type 2 USB webcam detected.
[ 1432.453313][T28039] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1432.454149][T28039] pwc: recv_control_msg error -32 req 02 val 2700
[ 1432.454926][T28039] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1432.455694][T28039] pwc: recv_control_msg error -32 req 04 val 1000
[ 1432.463163][T28039] pwc: recv_control_msg error -32 req 04 val 1300
[ 1432.464158][T28039] pwc: recv_control_msg error -32 req 04 val 1400
[ 1432.465086][T28039] pwc: recv_control_msg error -32 req 02 val 2000
[ 1432.465969][T28039] pwc: recv_control_msg error -32 req 02 val 2100
[ 1432.672177][T28039] pwc: recv_control_msg error -71 req 02 val 2500
[ 1432.672695][T28039] pwc: recv_control_msg error -71 req 02 val 2400
[ 1432.673215][T28039] pwc: recv_control_msg error -71 req 02 val 2600
[ 1432.673746][T28039] pwc: recv_control_msg error -71 req 02 val 2900
[ 1432.674249][T28039] pwc: recv_control_msg error -71 req 02 val 2800
[ 1432.674955][T28039] pwc: recv_control_msg error -71 req 04 val 1100
[ 1432.675542][T28039] pwc: recv_control_msg error -71 req 04 val 1200
[ 1432.703348][T28039] pwc: Registered as video103.
[ 1432.707061][T28039] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input66
[ 1432.777096][T28039] usb 4-1: USB disconnect, device number 11
[ 1434.075861][  T992] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[ 1434.226073][  T992] usb 3-1: config 0 has no interfaces?
[ 1434.226115][  T992] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[ 1434.226144][  T992] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1434.255493][  T992] usb 3-1: config 0 descriptor??
[ 1434.501809][  T992] usb 3-1: USB disconnect, device number 35
[ 1434.640589][ T6050] vivid-000: disconnect
[ 1434.645109][ T6049] vivid-000: reconnect
[ 1435.090687][   T38] kauditd_printk_skb: 15 callbacks suppressed
[ 1435.090709][   T38] audit: type=1326 audit(1896728110.484:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.091061][   T38] audit: type=1326 audit(1896728110.484:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.150344][   T38] audit: type=1326 audit(1896728110.544:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.150411][   T38] audit: type=1326 audit(1896728110.544:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.205392][   T38] audit: type=1326 audit(1896728110.604:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.205462][   T38] audit: type=1326 audit(1896728110.604:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.205513][   T38] audit: type=1326 audit(1896728110.604:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.206185][   T38] audit: type=1326 audit(1896728110.604:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.206238][   T38] audit: type=1326 audit(1896728110.604:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=109 compat=1 ip=0x200000000006 code=0x7ffc0000
[ 1435.206288][   T38] audit: type=1326 audit(1896728110.604:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6057 comm="syz.5.14106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1435.293046][ T5940] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1435.444295][ T5940] usb 4-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64
[ 1435.444331][ T5940] usb 4-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32
[ 1435.444359][ T5940] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1435.447750][ T5940] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[ 1435.447783][ T5940] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1435.447807][ T5940] usb 4-1: Product: syz
[ 1435.447824][ T5940] usb 4-1: Manufacturer: syz
[ 1435.447840][ T5940] usb 4-1: SerialNumber: syz
[ 1435.520167][ T6055] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1435.520325][ T6055] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1436.185330][ T6070] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1436.446908][ T6055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1436.522216][ T6055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1436.885717][ T5940] rtl8150 4-1:1.0: couldn't reset the device
[ 1436.885992][ T5940] rtl8150 4-1:1.0: probe with driver rtl8150 failed with error -5
[ 1436.932129][ T5940] usb 4-1: USB disconnect, device number 12
[ 1437.089006][ T6077] binder: 6076:6077 ioctl c0306201 200000000080 returned -14
[ 1441.087095][ T6134] netlink: 28 bytes leftover after parsing attributes in process `syz.8.14130'.
[ 1441.087151][ T6134] netlink: 28 bytes leftover after parsing attributes in process `syz.8.14130'.
[ 1441.117990][ T6134] ip6gretap0: entered promiscuous mode
[ 1441.133561][ T6134] syz_tun: entered promiscuous mode
[ 1441.162649][ T6134] debugfs: 'hsr0' already exists in 'hsr'
[ 1441.162682][ T6134] Cannot create hsr debugfs directory
[ 1442.772540][ T6161] netlink: 276 bytes leftover after parsing attributes in process `syz.8.14142'.
[ 1446.632785][ T6274] netlink: 4 bytes leftover after parsing attributes in process `syz.8.14191'.
[ 1447.813449][ T6300] binder: BINDER_SET_CONTEXT_MGR already set
[ 1447.813466][ T6300] binder: 6298:6300 ioctl 4018620d 200000004a80 returned -16
[ 1448.491173][   T38] audit: type=1326 audit(1896728123.884:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6303 comm="syz.3.14203" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5761b6f6c9 code=0x0
[ 1448.802138][ T5340] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1450.018975][ T5340] usb 4-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[ 1450.019011][ T5340] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1450.019034][ T5340] usb 4-1: Product: syz
[ 1450.019050][ T5340] usb 4-1: Manufacturer: syz
[ 1450.019068][ T5340] usb 4-1: SerialNumber: syz
[ 1450.026067][ T5340] usb 4-1: config 0 descriptor??
[ 1450.240122][ T5340] mos7840 4-1:0.0: required endpoints missing
[ 1450.316838][ T6337] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[ 1450.473048][ T6342] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1450.701943][ T6307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1450.702424][ T6307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1450.766910][ T6342] cramfs: wrong magic
[ 1451.749054][ T5340] usb 4-1: USB disconnect, device number 13
[ 1452.849733][ T6374] loop5: detected capacity change from 0 to 8
[ 1453.365060][ T6374] Dev loop5: unable to read RDB block 8
[ 1453.365105][ T6374]  loop5: unable to read partition table
[ 1453.365311][ T6374] loop5: partition table beyond EOD, truncated
[ 1453.365329][ T6374] loop_reread_partitions: partition scan of loop5 (���������S�j̖�P=ý?�}X���	���%��`��ր����5) failed (rc=-5)
[ 1454.219959][ T6389] syz.8.14234: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1454.220020][ T6389] CPU: 1 UID: 0 PID: 6389 Comm: syz.8.14234 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1454.220040][ T6389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1454.220051][ T6389] Call Trace:
[ 1454.220058][ T6389]  <TASK>
[ 1454.220066][ T6389]  dump_stack_lvl+0x189/0x250
[ 1454.220099][ T6389]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1454.220126][ T6389]  ? __pfx__printk+0x10/0x10
[ 1454.220147][ T6389]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1454.220167][ T6389]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1454.220188][ T6389]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1454.220210][ T6389]  warn_alloc+0x22e/0x3b0
[ 1454.220237][ T6389]  ? stack_depot_save_flags+0x40/0x860
[ 1454.220263][ T6389]  ? __pfx_warn_alloc+0x10/0x10
[ 1454.220289][ T6389]  ? kasan_save_track+0x3e/0x80
[ 1454.220308][ T6389]  ? __kasan_kmalloc+0x93/0xb0
[ 1454.220331][ T6389]  ? xsk_setsockopt+0x4dc/0x8d0
[ 1454.220350][ T6389]  ? do_sock_setsockopt+0x17c/0x1b0
[ 1454.220368][ T6389]  ? __x64_sys_setsockopt+0x145/0x1b0
[ 1454.220385][ T6389]  ? do_syscall_64+0xfa/0xfa0
[ 1454.220416][ T6389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1454.220441][ T6389]  __vmalloc_node_range_noprof+0x125/0x12d0
[ 1454.220490][ T6389]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1454.220516][ T6389]  ? __kasan_kmalloc+0x93/0xb0
[ 1454.220542][ T6389]  vmalloc_user_noprof+0xad/0xf0
[ 1454.220566][ T6389]  ? xskq_create+0xbf/0x170
[ 1454.220589][ T6389]  xskq_create+0xbf/0x170
[ 1454.220613][ T6389]  xsk_init_queue+0xb0/0x110
[ 1454.220636][ T6389]  xsk_setsockopt+0x4dc/0x8d0
[ 1454.220661][ T6389]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1454.220688][ T6389]  ? __fget_files+0x2a/0x420
[ 1454.220713][ T6389]  ? __fget_files+0x2a/0x420
[ 1454.220735][ T6389]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1454.220758][ T6389]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1454.220779][ T6389]  do_sock_setsockopt+0x17c/0x1b0
[ 1454.220802][ T6389]  __x64_sys_setsockopt+0x145/0x1b0
[ 1454.220825][ T6389]  do_syscall_64+0xfa/0xfa0
[ 1454.220846][ T6389]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1454.220869][ T6389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1454.220885][ T6389]  ? clear_bhb_loop+0x60/0xb0
[ 1454.220905][ T6389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1454.220921][ T6389] RIP: 0033:0x7f9ea32ff6c9
[ 1454.220936][ T6389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1454.220950][ T6389] RSP: 002b:00007f9ea1566038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1454.220966][ T6389] RAX: ffffffffffffffda RBX: 00007f9ea3555fa0 RCX: 00007f9ea32ff6c9
[ 1454.220979][ T6389] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[ 1454.220989][ T6389] RBP: 00007f9ea3381f91 R08: 0000000000000004 R09: 0000000000000000
[ 1454.220999][ T6389] R10: 0000200000000500 R11: 0000000000000246 R12: 0000000000000000
[ 1454.221009][ T6389] R13: 00007f9ea3556038 R14: 00007f9ea3555fa0 R15: 00007ffe30c29228
[ 1454.221036][ T6389]  </TASK>
[ 1454.221043][ T6389] Mem-Info:
[ 1454.221051][ T6389] active_anon:34 inactive_anon:5320 isolated_anon:0
[ 1454.221051][ T6389]  active_file:17164 inactive_file:5903 isolated_file:0
[ 1454.221051][ T6389]  unevictable:17672 dirty:295 writeback:0
[ 1454.221051][ T6389]  slab_reclaimable:11828 slab_unreclaimable:112646
[ 1454.221051][ T6389]  mapped:32327 shmem:1376 pagetables:1108
[ 1454.221051][ T6389]  sec_pagetables:0 bounce:0
[ 1454.221051][ T6389]  kernel_misc_reclaimable:0
[ 1454.221051][ T6389]  free:1324862 free_pcp:2299 free_cma:0
[ 1454.221094][ T6389] Node 0 active_anon:136kB inactive_anon:21280kB active_file:68636kB inactive_file:23480kB unevictable:69152kB isolated(anon):0kB isolated(file):0kB mapped:129288kB dirty:1180kB writeback:0kB shmem:3968kB kernel_stack:13136kB pagetables:4272kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1454.221131][ T6389] Node 1 active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1454.221166][ T6389] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1454.221227][ T6389] lowmem_reserve[]: 0 2515 2517 2517 2517
[ 1454.221254][ T6389] Node 0 DMA32 free:1373708kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:136kB inactive_anon:21280kB active_file:68636kB inactive_file:23480kB unevictable:69152kB writepending:1180kB zspages:0kB present:3129332kB managed:2576080kB mlocked:0kB bounce:0kB free_pcp:9196kB local_pcp:5924kB free_cma:0kB
[ 1454.221382][ T6389] lowmem_reserve[]: 0 0 1 1 1
[ 1454.221425][ T6389] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1454.221471][ T6389] lowmem_reserve[]: 0 0 0 0 0
[ 1454.221496][ T6389] Node 1 Normal free:3910380kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1454.221545][ T6389] lowmem_reserve[]: 0 0 0 0 0
[ 1454.221571][ T6389] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1454.221664][ T6389] Node 0 DMA32: 849*4kB (UME) 780*8kB (UME) 561*16kB (UME) 288*32kB (UME) 286*64kB (UME) 124*128kB (UME) 110*256kB (UME) 79*512kB (UME) 28*1024kB (UM) 15*2048kB (UME) 289*4096kB (UM) = 1373748kB
[ 1454.221790][ T6389] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1454.221866][ T6389] Node 1 Normal: 203*4kB (U) 54*8kB (UME) 31*16kB (UE) 195*32kB (UME) 89*64kB (UME) 29*128kB (UME) 13*256kB (UME) 9*512kB (UME) 2*1024kB (UM) 2*2048kB (ME) 947*4096kB (M) = 3910380kB
[ 1454.221986][ T6389] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1454.222000][ T6389] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1454.222013][ T6389] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1454.222027][ T6389] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1454.222040][ T6389] 41343 total pagecache pages
[ 1454.222046][ T6389] 0 pages in swap cache
[ 1454.222052][ T6389] Free swap  = 124996kB
[ 1454.222059][ T6389] Total swap = 124996kB
[ 1454.222065][ T6389] 2097051 pages RAM
[ 1454.222072][ T6389] 0 pages HighMem/MovableOnly
[ 1454.222077][ T6389] 421005 pages reserved
[ 1454.222083][ T6389] 0 pages cma reserved
[ 1456.317957][ T6404] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1456.317981][ T6404] overlayfs: failed to set xattr on upper
[ 1456.317987][ T6404] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1456.317994][ T6404] overlayfs: ...falling back to index=off.
[ 1456.318000][ T6404] overlayfs: ...falling back to uuid=null.
[ 1456.419473][ T6407] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[ 1457.612081][  T992] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1458.242502][  T992] usb 3-1: Using ep0 maxpacket: 16
[ 1458.247445][  T992] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1458.247474][  T992] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1458.280521][  T992] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1458.281209][  T992] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1458.281235][  T992] usb 3-1: Product: syz
[ 1458.281254][  T992] usb 3-1: Manufacturer: syz
[ 1458.281271][  T992] usb 3-1: SerialNumber: syz
[ 1458.584313][  T992] usb 3-1: 0:2 : does not exist
[ 1458.590726][  T992] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1458.634758][  T992] usb 3-1: USB disconnect, device number 36
[ 1461.305796][ T6483] kvm_intel: kvm [6482]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x1
[ 1464.410545][   T38] audit: type=1326 audit(1896728139.804:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.410692][   T38] audit: type=1326 audit(1896728139.804:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.439818][   T38] audit: type=1326 audit(1896728139.834:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.439903][   T38] audit: type=1326 audit(1896728139.834:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.439960][   T38] audit: type=1326 audit(1896728139.834:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.448006][   T38] audit: type=1326 audit(1896728139.844:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.448082][   T38] audit: type=1326 audit(1896728139.844:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.448601][   T38] audit: type=1326 audit(1896728139.844:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.449293][   T38] audit: type=1326 audit(1896728139.844:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1464.449938][   T38] audit: type=1326 audit(1896728139.844:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6512 comm="syz.5.14283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3cf38f6c9 code=0x7ffc0000
[ 1466.144943][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1466.221984][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1466.340305][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1469.481906][ T6593] netlink: 'syz.2.14313': attribute type 1 has an invalid length.
[ 1469.821180][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1470.030967][ T6593] bond1: entered promiscuous mode
[ 1470.032080][ T6593] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1470.219454][ T6597] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1470.219900][ T6597] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[ 1470.219916][ T6597] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[ 1470.254489][ T6597] bond1: (slave gre1): making interface the new active one
[ 1470.257466][ T6597] gre1: entered promiscuous mode
[ 1470.260511][ T6597] bond1: (slave gre1): Enslaving as an active interface with an up link
[ 1470.762254][   T38] kauditd_printk_skb: 34 callbacks suppressed
[ 1470.762271][   T38] audit: type=1326 audit(1896728146.154:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.813722][   T38] audit: type=1326 audit(1896728146.164:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.813782][   T38] audit: type=1326 audit(1896728146.214:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.813834][   T38] audit: type=1326 audit(1896728146.214:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.817251][   T38] audit: type=1326 audit(1896728146.214:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.817310][   T38] audit: type=1326 audit(1896728146.214:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.839367][   T38] audit: type=1326 audit(1896728146.234:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1470.839453][   T38] audit: type=1326 audit(1896728146.234:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1471.031849][   T38] audit: type=1326 audit(1896728146.424:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1471.031927][   T38] audit: type=1326 audit(1896728146.424:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6606 comm="syz.2.14320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e74cf6c9 code=0x7ffc0000
[ 1480.811651][ T5870] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1481.033489][ T5870] usb 9-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1481.033523][ T5870] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1481.033546][ T5870] usb 9-1: Product: syz
[ 1481.033563][ T5870] usb 9-1: Manufacturer: syz
[ 1481.033580][ T5870] usb 9-1: SerialNumber: syz
[ 1481.520751][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1481.520820][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1482.761867][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[ 1483.391616][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -EPROTO
[ 1483.420806][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[ 1483.420871][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1483.470330][ T5870] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1483.534342][ T5870] lan78xx 9-1:1.0: probe with driver lan78xx failed with error -71
[ 1483.559271][ T5870] usb 9-1: USB disconnect, device number 24
[ 1487.195264][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1487.869753][ T6789] Bluetooth: hci0: invalid length 0, exp 2 for type 9
[ 1488.093462][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1488.746971][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.065177][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.098111][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.951194][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1491.473576][    C1] ------------[ cut here ]------------
[ 1491.473593][    C1] refcount_t: addition on 0; use-after-free.
[ 1491.474325][    C1] WARNING: CPU: 1 PID: 29 at lib/refcount.c:25 refcount_warn_saturate+0xfa/0x1d0
[ 1491.474375][    C1] Modules linked in:
[ 1491.474399][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1491.474428][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1491.474444][    C1] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 1491.474474][    C1] Code: 00 00 e8 f9 5d 45 fd 5b 41 5e c3 cc cc cc cc cc e8 eb 5d 45 fd c6 05 80 10 47 0a 01 90 48 c7 c7 80 2e 3d 8b e8 f7 a2 09 fd 90 <0f> 0b 90 90 eb d7 e8 cb 5d 45 fd c6 05 61 10 47 0a 01 90 48 c7 c7
[ 1491.474497][    C1] RSP: 0018:ffffc90000a3f830 EFLAGS: 00010246
[ 1491.474518][    C1] RAX: 73e2915e408f2600 RBX: 0000000000000002 RCX: ffff88801beb1e00
[ 1491.474536][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[ 1491.474552][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[ 1491.474566][    C1] R10: dffffc0000000000 R11: ffffed101712487b R12: 1ffff92000147f18
[ 1491.474585][    C1] R13: ffff8880286dc260 R14: ffff8880286dbe80 R15: dffffc0000000000
[ 1491.474604][    C1] FS:  0000000000000000(0000) GS:ffff888126ef9000(0000) knlGS:0000000000000000
[ 1491.474624][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1491.474641][    C1] CR2: 00005555844d2808 CR3: 000000005b816000 CR4: 00000000003526f0
[ 1491.474663][    C1] Call Trace:
[ 1491.474673][    C1]  <TASK>
[ 1491.474686][    C1]  mptcp_schedule_work+0x164/0x1a0
[ 1491.474720][    C1]  mptcp_tout_timer+0x21/0xa0
[ 1491.474756][    C1]  call_timer_fn+0x17e/0x5f0
[ 1491.474790][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1491.474822][    C1]  ? call_timer_fn+0xbe/0x5f0
[ 1491.474855][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1491.474900][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1491.474934][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1491.474967][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1491.475002][    C1]  __run_timer_base+0x648/0x970
[ 1491.475052][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1491.475105][    C1]  run_timer_softirq+0xb7/0x180
[ 1491.475137][    C1]  handle_softirqs+0x22f/0x710
[ 1491.475180][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1491.475231][    C1]  run_ktimerd+0xcf/0x190
[ 1491.475272][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[ 1491.475302][    C1]  ? schedule+0x91/0x360
[ 1491.475345][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1491.475376][    C1]  smpboot_thread_fn+0x542/0xa60
[ 1491.475410][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1491.475453][    C1]  kthread+0x711/0x8a0
[ 1491.475497][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1491.475528][    C1]  ? __pfx_kthread+0x10/0x10
[ 1491.475562][    C1]  ? rt_spin_unlock+0x150/0x200
[ 1491.475595][    C1]  ? rt_spin_unlock+0x161/0x200
[ 1491.475621][    C1]  ? __pfx_kthread+0x10/0x10
[ 1491.475660][    C1]  ret_from_fork+0x4bc/0x870
[ 1491.475694][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1491.475732][    C1]  ? __switch_to_asm+0x39/0x70
[ 1491.475755][    C1]  ? __switch_to_asm+0x33/0x70
[ 1491.475778][    C1]  ? __pfx_kthread+0x10/0x10
[ 1491.475817][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1491.475865][    C1]  </TASK>
[ 1491.475884][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1491.475901][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1491.475927][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1491.475942][    C1] Call Trace:
[ 1491.475951][    C1]  <TASK>
[ 1491.475962][    C1]  dump_stack_lvl+0x99/0x250
[ 1491.475999][    C1]  ? __asan_memcpy+0x40/0x70
[ 1491.476028][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1491.476066][    C1]  ? __pfx__printk+0x10/0x10
[ 1491.476113][    C1]  vpanic+0x237/0x6d0
[ 1491.476137][    C1]  ? __pfx_vpanic+0x10/0x10
[ 1491.476175][    C1]  panic+0xb9/0xc0
[ 1491.476203][    C1]  ? __pfx_panic+0x10/0x10
[ 1491.476249][    C1]  __warn+0x31b/0x4b0
[ 1491.476271][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1491.476301][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1491.476329][    C1]  report_bug+0x2be/0x4f0
[ 1491.476362][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1491.476390][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1491.476418][    C1]  ? refcount_warn_saturate+0xfc/0x1d0
[ 1491.476446][    C1]  handle_bug+0x84/0x160
[ 1491.476470][    C1]  exc_invalid_op+0x1a/0x50
[ 1491.476494][    C1]  asm_exc_invalid_op+0x1a/0x20
[ 1491.476518][    C1] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 1491.476545][    C1] Code: 00 00 e8 f9 5d 45 fd 5b 41 5e c3 cc cc cc cc cc e8 eb 5d 45 fd c6 05 80 10 47 0a 01 90 48 c7 c7 80 2e 3d 8b e8 f7 a2 09 fd 90 <0f> 0b 90 90 eb d7 e8 cb 5d 45 fd c6 05 61 10 47 0a 01 90 48 c7 c7
[ 1491.476567][    C1] RSP: 0018:ffffc90000a3f830 EFLAGS: 00010246
[ 1491.476588][    C1] RAX: 73e2915e408f2600 RBX: 0000000000000002 RCX: ffff88801beb1e00
[ 1491.476606][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[ 1491.476622][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[ 1491.476637][    C1] R10: dffffc0000000000 R11: ffffed101712487b R12: 1ffff92000147f18
[ 1491.476656][    C1] R13: ffff8880286dc260 R14: ffff8880286dbe80 R15: dffffc0000000000
[ 1491.476698][    C1]  mptcp_schedule_work+0x164/0x1a0
[ 1491.476728][    C1]  mptcp_tout_timer+0x21/0xa0
[ 1491.476763][    C1]  call_timer_fn+0x17e/0x5f0
[ 1491.476796][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1491.476829][    C1]  ? call_timer_fn+0xbe/0x5f0
[ 1491.476862][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1491.476908][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1491.476943][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1491.476975][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1491.477011][    C1]  __run_timer_base+0x648/0x970
[ 1491.477062][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1491.477115][    C1]  run_timer_softirq+0xb7/0x180
[ 1491.477147][    C1]  handle_softirqs+0x22f/0x710
[ 1491.477190][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1491.477240][    C1]  run_ktimerd+0xcf/0x190
[ 1491.477274][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[ 1491.477306][    C1]  ? schedule+0x91/0x360
[ 1491.477348][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1491.477378][    C1]  smpboot_thread_fn+0x542/0xa60
[ 1491.477431][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1491.477476][    C1]  kthread+0x711/0x8a0
[ 1491.477519][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1491.477552][    C1]  ? __pfx_kthread+0x10/0x10
[ 1491.477587][    C1]  ? rt_spin_unlock+0x150/0x200
[ 1491.477623][    C1]  ? rt_spin_unlock+0x161/0x200
[ 1491.477649][    C1]  ? __pfx_kthread+0x10/0x10
[ 1491.477690][    C1]  ret_from_fork+0x4bc/0x870
[ 1491.477724][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1491.477764][    C1]  ? __switch_to_asm+0x39/0x70
[ 1491.477811][    C1]  ? __switch_to_asm+0x33/0x70
[ 1491.477836][    C1]  ? __pfx_kthread+0x10/0x10
[ 1491.477877][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1491.477927][    C1]  </TASK>
[ 1491.478337][    C1] Kernel Offset: disabled