last executing test programs:

26m24.721059045s ago: executing program 4 (id=293):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000013000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001500000001208000240"], 0xc4}}, 0x0)

26m24.029021985s ago: executing program 4 (id=294):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x108, 0x4)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x50d, 0x3201, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0xd8, 0x1, 0x3, 0x1, 0x0, 0x40, {0x9, 0x21, 0x9f, 0x1, 0x1, {0x22, 0x1e8}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x80, 0x80, 0x10}}}}}]}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x340, 0xb, 0x9c, 0x4, 0xff, 0x3}, 0xc2, &(0x7f00000000c0)={0x5, 0xf, 0xc2, 0x5, [@generic={0x5a, 0x10, 0xa, "c0c90e764f184b745f8f132742d1a7266d3d78a2611ff4a5baf654f81df71c4c7dd2c28783775caa64ea3d9186d8ba29a82001509da1a23688fa1dbc4bb665487ebaa83fcec62587721d9ac08ce43f0f492b5a4f173e13"}, @wireless={0xb, 0x10, 0x1, 0x4, 0xa8, 0x8, 0x0, 0xf, 0xf7}, @ptm_cap={0x3}, @generic={0x41, 0x10, 0x3, "a3ddd6eb43fe4356142b0a573f836a319e4d3e29200c2a6043bb914a85d64edb5ed308873737f720faa8413da986fd15587c80a55a8d81e95f993a25eea6"}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "6251647fb6a51d2ae57a71ad035b4682"}]}, 0x3, [{0xaf, &(0x7f00000001c0)=@string={0xaf, 0x3, "2d6d443bc8423e3c18221f027f38977e90acd726218636518081ee6fb86f0fa321af9aa583de0861762cf50a8b7be0f6c52df0bed66e1c9d85f481634fe9bb9913b2c89ba7b692090df6549f5f8a22f1a0e1be5e6ae799ff1df712641d2ddd8cc60f425542a714a2840e90fd0db83ce16670eaf5f9f87c68e47eb28807eb4bf081750484ea5c0b4c15d8939bed70fd4893e043c283953c74bda1c991229e0882e12e1a8b6b9181eefe85a2d838"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x1c0a}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x443}}]})
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000340), 0x200800, 0x0)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000380), 0x4)
sendmsg$qrtr(r1, &(0x7f00000009c0)={&(0x7f00000003c0)={0x2a, 0x4, 0xffff8001}, 0xc, &(0x7f0000000800)=[{&(0x7f0000000400)="2ff97104055242c7efcd275d5c3aeeeaa517e86d7c273117d004321be46d7713e4715a882bbb3e741fee73f228623b2d3cc97dd3922347dd82b9606956a352d8769b13f246bc82ffeda4f26cdb7d8dc6b2c865d2c7", 0x55}, {&(0x7f0000000480)="3e3cef5f27289f748957bdee2c9c947c94c5ed5774cc399da984ef5669e796424463e38b8b26e36710188f6eb4e66e5f490fcd824b57b589366959879090274f59af7428c493e295f82aa553604432d0b0e76b43bfd01757a06ce87f", 0x5c}, {&(0x7f0000000500)="7a83bbcbbf0ad27fd0bdc1f48b9faa493b0721b7f80b50f6508565b4e821b931e687f2751998d83df4411a8d9f160e78da48ea2cc5656a986d990795c901e769687b6337", 0x44}, {&(0x7f0000000580)="ded73fe2be520b46bf2f18d20500a650c0c7f80dcf5c48049699db1ad87e9de0a52088f256128e8952925b8b967ca0babb5371b879e1c063b35e6fc82fb09bae5f5186b84a232e20a5303d1cf48557fc1a1e12cb0a4ef3621fd3636c5a97890663073760ccc01949a3cd0d5e9f5a8d946cda3dcc96f9074fbb97fccc5c6be721a460be30bb40d6ead506fab47387ad3ac089eaef21f0e4e0db79ebc4efc34779477460a486f70d85118b9e426a0d3c765c7e3caebdae605698d1303a0a5c", 0xbe}, {&(0x7f0000000640)="75c18806e89d7018a997b19858851a14d41365d69610ad3b4649c05e995e7c3beb4a7de21dcc9f6bbaed723d669a0edcc2de9e26d9b4eea214c7b8e7755845ae5bf02f440a86a2b1fb8a196cba9a5ed96942d064ac5091e997685634172831b09e09c294c8014a4b79c5c95960a4530df3ca1f5f8852d6695f85bb91441cca540683e3b014b04ec00c4ec3aa39fe6b", 0x8f}, {&(0x7f0000000700)="27c58720282a0e91313647fce8524a1784d00fa0352a0fa18bcab7d278f1081f20ce48e84b6174d1407984c705a7514b9755c1b545c4da856fbf84cd234ee0293b034d641ec758bf5a1dca2aff133724fde267ad67dfc91edd31cb40d43ffa3cc5774da0e5e150c78ea29136dcebe5d6fa9dea4af5d32d961d917f291e3e39f9b1df6fcf33b35d0c7b3c247e688125eda2d38a7d7f0c84561642a9f113067255a40573aef3efc569619b01f97da3d5ec83f1861ee6bf52fc33fca746709d4fc8d9aebe10cb", 0xc5}], 0x6, &(0x7f0000000880)=[{0x70, 0x108, 0x6, "03579acdf0b8204e40681f823503beaab5823330d36c3ae3f238e1474f0d57be7597cab0b149b181f7afb437ee0e18acb2fc19b63b70867cdaf7dc434896837ad0cedf5843e09732dd98bcaf4a58e7e1181437cf052a7909689777"}, {0x78, 0x10c, 0x10, "bd1a3f83581909c579152568a433a3b5205b332d74d498735e316d094e0474b4e074c7451d26022f4cd5cacd3b43367874bad2a3dc775b0886909744b3efaf67e92f26a3b628b16cf3a539058dcff9f38979a0cd7efc69b4f2b65aa539ad117f02e95f3ef16c15"}, {0x38, 0x0, 0xe7, "39886716dc9b13f8c07f8e08d46fd87855fce083aa3252ddb7b8f08c068fe148d5e5"}], 0x120}, 0x38) (async)
sendmsg$qrtr(r1, &(0x7f00000009c0)={&(0x7f00000003c0)={0x2a, 0x4, 0xffff8001}, 0xc, &(0x7f0000000800)=[{&(0x7f0000000400)="2ff97104055242c7efcd275d5c3aeeeaa517e86d7c273117d004321be46d7713e4715a882bbb3e741fee73f228623b2d3cc97dd3922347dd82b9606956a352d8769b13f246bc82ffeda4f26cdb7d8dc6b2c865d2c7", 0x55}, {&(0x7f0000000480)="3e3cef5f27289f748957bdee2c9c947c94c5ed5774cc399da984ef5669e796424463e38b8b26e36710188f6eb4e66e5f490fcd824b57b589366959879090274f59af7428c493e295f82aa553604432d0b0e76b43bfd01757a06ce87f", 0x5c}, {&(0x7f0000000500)="7a83bbcbbf0ad27fd0bdc1f48b9faa493b0721b7f80b50f6508565b4e821b931e687f2751998d83df4411a8d9f160e78da48ea2cc5656a986d990795c901e769687b6337", 0x44}, {&(0x7f0000000580)="ded73fe2be520b46bf2f18d20500a650c0c7f80dcf5c48049699db1ad87e9de0a52088f256128e8952925b8b967ca0babb5371b879e1c063b35e6fc82fb09bae5f5186b84a232e20a5303d1cf48557fc1a1e12cb0a4ef3621fd3636c5a97890663073760ccc01949a3cd0d5e9f5a8d946cda3dcc96f9074fbb97fccc5c6be721a460be30bb40d6ead506fab47387ad3ac089eaef21f0e4e0db79ebc4efc34779477460a486f70d85118b9e426a0d3c765c7e3caebdae605698d1303a0a5c", 0xbe}, {&(0x7f0000000640)="75c18806e89d7018a997b19858851a14d41365d69610ad3b4649c05e995e7c3beb4a7de21dcc9f6bbaed723d669a0edcc2de9e26d9b4eea214c7b8e7755845ae5bf02f440a86a2b1fb8a196cba9a5ed96942d064ac5091e997685634172831b09e09c294c8014a4b79c5c95960a4530df3ca1f5f8852d6695f85bb91441cca540683e3b014b04ec00c4ec3aa39fe6b", 0x8f}, {&(0x7f0000000700)="27c58720282a0e91313647fce8524a1784d00fa0352a0fa18bcab7d278f1081f20ce48e84b6174d1407984c705a7514b9755c1b545c4da856fbf84cd234ee0293b034d641ec758bf5a1dca2aff133724fde267ad67dfc91edd31cb40d43ffa3cc5774da0e5e150c78ea29136dcebe5d6fa9dea4af5d32d961d917f291e3e39f9b1df6fcf33b35d0c7b3c247e688125eda2d38a7d7f0c84561642a9f113067255a40573aef3efc569619b01f97da3d5ec83f1861ee6bf52fc33fca746709d4fc8d9aebe10cb", 0xc5}], 0x6, &(0x7f0000000880)=[{0x70, 0x108, 0x6, "03579acdf0b8204e40681f823503beaab5823330d36c3ae3f238e1474f0d57be7597cab0b149b181f7afb437ee0e18acb2fc19b63b70867cdaf7dc434896837ad0cedf5843e09732dd98bcaf4a58e7e1181437cf052a7909689777"}, {0x78, 0x10c, 0x10, "bd1a3f83581909c579152568a433a3b5205b332d74d498735e316d094e0474b4e074c7451d26022f4cd5cacd3b43367874bad2a3dc775b0886909744b3efaf67e92f26a3b628b16cf3a539058dcff9f38979a0cd7efc69b4f2b65aa539ad117f02e95f3ef16c15"}, {0x38, 0x0, 0xe7, "39886716dc9b13f8c07f8e08d46fd87855fce083aa3252ddb7b8f08c068fe148d5e5"}], 0x120}, 0x38)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000a00)=""/174)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f0000000ac0)={{0x5, 0x5, 0xc, 0x1000, '\x00', 0x8}, 0x0, [0x4, 0x8, 0xc367, 0xf43f, 0x7ff, 0x5, 0x1, 0x100000001, 0x2, 0x5, 0x7, 0x40, 0x4, 0x6a, 0x2, 0x1, 0x4, 0x1e8, 0x9, 0xb5d, 0x5602, 0x3, 0x5, 0xfffffffffffff9b1, 0x8033db8, 0x10, 0x2, 0x0, 0x3, 0x9, 0xe, 0x3, 0x10, 0x7, 0x3, 0x0, 0x3ff, 0xa237, 0x4, 0x80000000, 0x10000, 0x3, 0x0, 0x1ff, 0x9, 0x5, 0x2, 0xfffffffffffffffd, 0x3, 0x6f2, 0x0, 0x5, 0x1000, 0x7ff, 0x428, 0x1, 0xacb, 0x2, 0x2, 0x2, 0xa, 0x4, 0x6, 0x7, 0x5, 0x87a, 0x1, 0x1, 0xf768, 0x7, 0x1, 0x1, 0x8000, 0x5, 0x7fff, 0x5, 0xa48, 0x8000, 0x200, 0x80000001, 0x5f1800000, 0x4, 0x7, 0x3, 0x7, 0x0, 0x80000001, 0x4, 0x1, 0x40, 0xc, 0x401, 0x5, 0x0, 0x5, 0x4, 0x2, 0xf1, 0x80000001, 0xffffffffffffffff, 0x10, 0x4, 0x10, 0xe1f, 0x9, 0x3, 0x7, 0x1, 0x40, 0xd, 0x8000000000000000, 0x401, 0xb8, 0x80000000, 0x0, 0x79bb, 0x4, 0x9, 0x1, 0x9, 0x7, 0x100, 0x9, 0x8, 0x7, 0x5, 0x5]})
socket$netlink(0x10, 0x3, 0x12) (async)
socket$netlink(0x10, 0x3, 0x12)
bind$inet6(r1, &(0x7f0000000fc0)={0xa, 0x4e23, 0x80, @loopback, 0x2}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000001000)={0x0, @in={{0x2, 0x4e20, @multicast2}}, 0x1, 0x5, 0xd1, 0x0, 0x6}, &(0x7f00000010c0)=0x98) (async)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000001000)={<r2=>0x0, @in={{0x2, 0x4e20, @multicast2}}, 0x1, 0x5, 0xd1, 0x0, 0x6}, &(0x7f00000010c0)=0x98)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000001100)={r2, 0x96, "5a42bb34b297c74a60f546e2cfead463b9a843c7fa8adb8e21dd46180d57ba6648c42b5b31f06692946d872bca5f8fcf5a7849ea61213667f447a9510f4b3de5549821e3f356eb907354f937fd8d33ffd5ca6b327d734d074556d7d1e7cfea9cde9b3dd45c315972092b1a11c4d4c0663a25585b0b07bdeea91da16776476dfb4bdb336725f2a51888bcc91fb14c127175a6c12b0553"}, &(0x7f00000011c0)=0x9e)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001280)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000001200), &(0x7f0000001240)=r1}, 0x20)
pwritev2(r3, &(0x7f00000023c0)=[{&(0x7f00000012c0)="9b4a283025d2f5534443575e8f2379a8995a6dfb9bfa9c78e56edf0837d3e276aae4737bc6a73d5e0c8feb58ce38d8c7b131f28c36c2864f33e512a93d3e41ceb46df01de62cc6ee9d443a358611c18a40fce8af1eab667244d97b42548305bc65e2a65f806b5cd3fbdf5b15a0a1a4c702d22089d41072e01820a7da0bd927c871f51bdff7401fddd813190a2e579dde4dc9c8a4b8cd8d7cc52dc9a34fac7e8b51b07bf389f763df0d7914e905bcf77aad2193fa7acbea299f01fe24dbb6ee2886108f88201296f9239f80ffb1f0ff40376c73ec420511eb4ddcec1d0a863aa84e5930413832fef8dc728223d7f22090ec07854cedf479f9c3888c96905a702188935fb8acac75694851414dd2f906d7d1f7a13e6cf899aef289e441776de5fe02f3d131b5255c53b9750c52f67964654c1d5a83a189401952d101c0263c868c9c1ffb7cbcbbe6f27861bb141b8ff69f13d0993ab6ac5486ad062af2d7eb90fa12c223ba659c874fd88f991f5b6b7c0d36693fc409466b87d63722a79b4478dbb3393079496578194a50925ff92fd4e001a1ef057ab14f7b1a455f0e77a608684234885f5ea500a2b0eceaaf39aaee39bf0348433ee9ecaac1dc63e94cbe643b41a8ab6e889ca83041ad59b98b247b1a83b701f51ab57f1d25eeff10ce0c69482a998ea954374dbb3d5c282a035f1e5c8b41af1cd1ab87f72fda00b623acbc8cc2697ad253334b50caab5876336ef6aef6e4c5b82ab5d8907b0c2601b40d1e5f33dcfe5e2d16153b1668d0523dc249186527e577493ee225726ac21ec46b1f25915270b8e9dfc76b74a50e2b3826c169728e5c777cfed00e521a48eae6233092ea3c01be0dab0098ca0465b91651942a5480bdbfb402156dbdb797d0f33de227f1a9e4066c46a47716c28ff1df740c290ca5c6663bcfb5acfe5dfad09d3afd884df1bfd531419fecc0547ae61f383149642be3a70bc518457b2c2f3f323f66541b6563c9ae9abde8891df2048af186670d6131807efb7cc150e9886492b3edec0f9f97f9363a9357303ef82d676beab612f33d4676e2b312e807ff78d681ea6f0d07353913358a947044c305721b276aad5564f59d3e5deb52c8d0342d22967cbe856de6cbc0affc30fb0bd7f2b34d56cca7c941643e0263170286dbd8786a977195691eaa4736bf98f58e9911e5fb0c2d169e5ead63d88bf4003c9f86a9484afdd1460823f267196093671be3edfa02898b7a6eb7a65af222ae46dc26fb4f961e26b173e41056cee2ca0a8d4a57a32e444b2d868fad60f7491782b52d6600a9490822822222c22e0dba71155f94da1158e62c768186c84df3ea4652d1b032430b88e549439214f0d5154c8aaaaf4c9dbe5b2a6c0f1921941fabc58e4803cc39a13edb7be6f715c712e34981946793ee8effa412aa86b6ad9d904d70d46fd42deb9b529cec778464ffd3b63822c5baaa73554a742300df4c70d32d0fc3d756691259c3ed91466f9e98ab825c58a83c1a34c07b889c4addd4eb2f0bdae35bfc78ef5a501d78b1f93fbf402d893af6d4f6d921b13bc9313f669998acb246cd71bd76a8e9f291f8b4a3364c776f0d7d573e2fc28a71bdfc82e32586941b28024d2edf88eaa884cde2705bf200839f6f13b4be049efab1c736c938a5e9cff9697d3481b50417655619d49d5743bbdcefcf7237a57f9e80f231144855a458389026c44d5aa53922811f925159a45ca365da87c3c847994b59ffd2a86ce63fc88cd63e46a26197b3b4913856af9ca402542dd9df67a4164a9ca314240cb3e6bc91f0e1e04dd4d6544a73760218766ca905b83958cf425d6104bd00902e12e977891ad60fd71ff90ee0e8696963d8b8014a3e64cb44da42e80d07c0882110150f45944cbaccbab2c22fa20e13e35d7245ce120e6b2da1c7ff2cc4e246bfb8030a2566e1fd0f5ac57154c5b0ab5c9d1fcd6d381f13da9d8630efe3066c0780a592a4fa16c49ca855316df8b2df315e86ce765919d5a8c94ee78630fa73e1cdd8fb0a07854a28224842e886cebfc73efab4f476aa4b1f13b17a3ee20dd5d9f6ca642439cc447eada390e80c92a8b07188453392af4fc8c85de07d7341419836cb58f2fcf8ad753c2caaa127e29cb3fa30966bbb1a8a7429f14513acda4fd865ca0b02fe76e101eac6390dcab0cf9521137b96a349c80cc3565c1c976661496a481ddc49c4c23d1886f076f59215dcb8bd98c426d8323a442e12307408142ef120bbce84dfa2a6bfc13afed519a3d1a3a47ca334234b5edf643878dc3f9e605431e21afcfda9bec98d3f8490c3b6fcf8dbc9c5cfda3748837ec650a03684d96c61f624d74a79d7c82ecda08e7cb2ee63d94dcebf2ed63f2445a00f41e3e1ea0b42e2cbef497426c64200e0c5f03aa06b08cfd000e0a6fc63eb7a824f1f666b7984c826b2ed523412a5aa2ee118594d490447bc62698fcfef6b9f12cc32193ccb9a8b9362713839714c2ac2eecf33411bd53a6ba7bafc4b70eef3e16a60878582f39a14a03cd08f8b8e485ee84932929441badb75361b61a06bb96a22130673ed5aa3a15af0a36d45e6d77cafe9bf05a60eaef7630d8d0ad764dff0489dfffc1c814a6e036d7b94d2f7e2a468cab7b1d3f475e8a8644747bd0a5ddd12f92657b85f366c8514711f3533afabefde5714cdfe379b5354cdec1c2b92fc8521f2c9e66f65e39cdfb15641925eafb90a9a5c916eab3589a28f5319b03cd560169ec203731fe21a79fb90f2e774421d55c73f5d5110f4d95b7615edc66ec5c30caff3a4762d36b2feef01c2d43f4032fa7c048b47f20045c5c8efbb43948e354d1fdaf2dba841d22605382521d898c5ab6377c39a11e4ac371a028858d25bbd61b0011a17e042f0f2e31f94b3d67ab02a27c68037e810beec5ce44105cd2a6cbe23295df965f3a8bab4c9043153c5fccac378fc338e3651aab96bcb26634bbdf081f6d0fe01aaf01182c937810607d2e450fa2cb3ec06898de2a485180b8e7eb8a31c7bdff6735e8a66310ef617288ee18f486a33f6d9b54d213575924f46125028c25deada815f1692e5720ca1878f9bfeab877e348cbbce19f58553c3d3b7ce398c7c4d3c30142b494e1453af11ef04e741668017540665d7daf52a605182bbb61c71406c0cf2821a40a32d4bff897a09a7ce6d3cfd10e946737f8825e077b6d3e966826bc94bbe9c901e88e3220be73c83b440aa6770a9662a7dc5301a7ba7966fb9a565002d215de0458939974bf8021c09eae8e02397ee460a0f3525991795a14b485d9bfe10206f89eb34ae43c50b6c2da4b5c85d3789a435a44320f715078f1287c7f0a889e42ab7f5e9511af1319dcb0b69a865ed5df2b82b637167596ad3eec6c78d425a1d6d33cd76f3d8b14b385d35ba6ba97aeb069cc7613a3b95557ca20ed451ca58bb671b4d0efe2fd256ced00be23e8eed20694a52fce9258e971a2cd2ed38f93763ecec67f82c9d6f7f0d80f235e4945b7306587131c10a155b9fa19dec9c6877850c0da4d65030dad0841aa8dbc061bf6f366b362ad0207b43ef173450d8dcc2408705de37dfea1112655712b7f46cda12b6415b5d4439a9aa3ff6d423c4e06c3a5811f2084e7042e6f4c1c9993f5ca3364ba6b34efca4faeba79237219adf1398b01b4a4f6720161b21e83d48a361c600dcb21e7a69fc63a0fe48d6e688ee626faec60d3c09cb5b8dca29246b7427c28c6d828a50a6b2cbf24cb5ab4d599a480cf2a58ea5139b8f1fea0ad6d7857a9f3e5e7300f8e2b1fbdaa831c32962265e44f037f08d5e04ff0e52b0314425fb83c4868d7e98cbefb0c826ccd1b5d25010b657eb5059cfce7688c3cd19d877c6dbdbe804f7f676e4418bfbec7766946efa8d81fd709ac0a3995dc5d39876a2e989acfb9e5debe8a0589d2d6ef4293bd6f3a5e2430cbdb96b1e26cb6d4cc00ca7f6b7c5dbc8b1efae239e8fb29342cb20b529260af06c4c4820eb10bf0d28292ab846308372438a0a265e57342ed68bc276e3da78f2b2d777ada2ba14ce34328325861839402ac61ef3ff81a353079462fe561f649641855139e6553ff23e5632558ded74f728b8b061cb46708f25989585a3d1f6bb219c9eb5e7fc379d8c71f0898f1601dab43f2a31306a326872d5969b0ec74aa7af3ba8bd67084de78c8699b00379957b1085740c8e21d97721ecafdfae7b7b76cfb3bd214d9332357a1bbfad036e824fc1c1283849768a94a71ad1e3490fb67bebce283079e931a7e2100f5a0029495eaad556f91600d4a7e940faa4f0c748ad5c1abaf7266d395133b828f65def3440f6e3480338539d5b84ba440ae2a42dd3f44f5e2d301e82e878d62793bb82983bb27762a3c08daeacaa90a0afc554d559c27365daab790010ee374b31ad4f10a2c2d353ba9cbaee65a610f4c4ad8cf6711f15d8315956935a48736e75b4977ac2da7a2ffb78dd2962b61fc26dad9fdf7c4598fa97568c100ace813cccd04a8445b8c696895c793358376b84893aaa615142d555455218a87b0cd39c9777c0e6c411ac9e49bbafde33707be9095eca87d184dbe001d7b74545eb49af3b4c3105cc1c827eaf6d033f808f1563cb9fa9fd27625d504823534d621921ba0f41bc10ae5e9cc902d8abad5b09096f544b3819d6bdafd5644bc73218cde5c4bf2b7e45e1784bcb831ef23fef2383c8df4e493f8e0fc459d1c7066c75d24a9620f3e79b234ad990ea291d95e87de7d1b415b9f232fc5511c0699325244e931a4cab64b1c04163cc02081a6e2a4bc42bf013f15cce5c2ef17a850906ae724e07ab898854a860cd3876c00bead6266929989bbe88e60f229b1b0c38eb518be1d8099d311122074fbf59ee8abbe69690f820a6493c371d307339447148688abb910aa273ea8b1760c954c7f56cb00f6ed1f2b6dc57284a62e5859efaa21d89a2d077f6d3c1b089353dab4747476ade81ce520c43ed2768bb3765aca4a0ccf1809ff3e2a184b2668c8e80b355bcbf38b0bcc8d78b64c0e9065a310b269239e2a3b973cde0b3295c31bc6385253f53057cc4733aa7f41594366c19175027ba0ae331cc4ed098014f38fda248519a1390a42ddf2fa96287f172090ad35bc478f98d41d2dd5f179d08524f27c13d3b0f6549380b13f3110ddbfc5af270416ba1e274bb89df483152b1a43129cd22648a69b658e94fb65c49f7bffb699543f462ac4dfde41a34fa3a5e72c55ba8bae495e22b919d5d728ad3966c2a6ad2ef9aa91ee1c1a56fb7ebfe0a70ea0ff332d6ee787e7f3e9699e40aa0f09122ab5b50b4237ee4858a319e31a27a5d5e62c75d593c4c0f7e16d64f074884cc9338585115ec1a4d9f9c9188a6edff4594dfe0fdd7377509d99d43f2c687bcd2e0985cd1c892d4473389be50756d885015e1e95902b5ccad183d55b138053c32931acb6a2b9db5b811a44073119712e5da1c56d0b7cf6eaed1754cf8fa5ea08120f695b3b4344ab36f9c4057c024bb75e2b581b6ce8168e18c0af736d54dddb69aeff35609f42a08648959d48a59a68078e5af308e25ab5409d21fd641170b75f82f399837d5ffd64bd0ebdaa72387a925872b2b724a7e01129d0c67f68f6f322fefcdde3329fc783c010f33cc36626f33844119e66d4ad1d596cb85482dfcea7019f9e1493d7f2909c7eb4145d8d967522e9531761d4d167f441217ae533e9569964d18e83a1455adaf27f8565608debb1ef33ee7a5e43af4e9d9c9a5d66138890527488793c880ac4c87ce0a2751109ad6050ce03764c7fe", 0x1000}, {&(0x7f00000022c0)="9ad7520dee108307e3a58543a4ebfe053b6e43e879db623649ac6c08c4559268dccccf77927fbc22c2376e619073f9ff5f87ed203476b255ec64f1128bfb000041c77eec800848bb99713adbae6dbe21920609403cc02e465c86b89d430b7d6e68c0c6bf97c90d6a3b715777a3d96b20267915adbe4aca4c28db03de06f53372cb192d927d804ba325ff8b50df71b5aa6f48de97f36d2bdc447c62078c2f131d0ec99155df74efe2fc5a29d3b01dc81e37ec5f26b7937e844bff956979bf23353804d443fc9522f8dec31a3130b43e4d7620199a3d237be3fa14cbb2b3203afb8fc38173b1aa", 0xe6}], 0x2, 0xfffffff8, 0x2, 0x0) (async)
pwritev2(r3, &(0x7f00000023c0)=[{&(0x7f00000012c0)="9b4a283025d2f5534443575e8f2379a8995a6dfb9bfa9c78e56edf0837d3e276aae4737bc6a73d5e0c8feb58ce38d8c7b131f28c36c2864f33e512a93d3e41ceb46df01de62cc6ee9d443a358611c18a40fce8af1eab667244d97b42548305bc65e2a65f806b5cd3fbdf5b15a0a1a4c702d22089d41072e01820a7da0bd927c871f51bdff7401fddd813190a2e579dde4dc9c8a4b8cd8d7cc52dc9a34fac7e8b51b07bf389f763df0d7914e905bcf77aad2193fa7acbea299f01fe24dbb6ee2886108f88201296f9239f80ffb1f0ff40376c73ec420511eb4ddcec1d0a863aa84e5930413832fef8dc728223d7f22090ec07854cedf479f9c3888c96905a702188935fb8acac75694851414dd2f906d7d1f7a13e6cf899aef289e441776de5fe02f3d131b5255c53b9750c52f67964654c1d5a83a189401952d101c0263c868c9c1ffb7cbcbbe6f27861bb141b8ff69f13d0993ab6ac5486ad062af2d7eb90fa12c223ba659c874fd88f991f5b6b7c0d36693fc409466b87d63722a79b4478dbb3393079496578194a50925ff92fd4e001a1ef057ab14f7b1a455f0e77a608684234885f5ea500a2b0eceaaf39aaee39bf0348433ee9ecaac1dc63e94cbe643b41a8ab6e889ca83041ad59b98b247b1a83b701f51ab57f1d25eeff10ce0c69482a998ea954374dbb3d5c282a035f1e5c8b41af1cd1ab87f72fda00b623acbc8cc2697ad253334b50caab5876336ef6aef6e4c5b82ab5d8907b0c2601b40d1e5f33dcfe5e2d16153b1668d0523dc249186527e577493ee225726ac21ec46b1f25915270b8e9dfc76b74a50e2b3826c169728e5c777cfed00e521a48eae6233092ea3c01be0dab0098ca0465b91651942a5480bdbfb402156dbdb797d0f33de227f1a9e4066c46a47716c28ff1df740c290ca5c6663bcfb5acfe5dfad09d3afd884df1bfd531419fecc0547ae61f383149642be3a70bc518457b2c2f3f323f66541b6563c9ae9abde8891df2048af186670d6131807efb7cc150e9886492b3edec0f9f97f9363a9357303ef82d676beab612f33d4676e2b312e807ff78d681ea6f0d07353913358a947044c305721b276aad5564f59d3e5deb52c8d0342d22967cbe856de6cbc0affc30fb0bd7f2b34d56cca7c941643e0263170286dbd8786a977195691eaa4736bf98f58e9911e5fb0c2d169e5ead63d88bf4003c9f86a9484afdd1460823f267196093671be3edfa02898b7a6eb7a65af222ae46dc26fb4f961e26b173e41056cee2ca0a8d4a57a32e444b2d868fad60f7491782b52d6600a9490822822222c22e0dba71155f94da1158e62c768186c84df3ea4652d1b032430b88e549439214f0d5154c8aaaaf4c9dbe5b2a6c0f1921941fabc58e4803cc39a13edb7be6f715c712e34981946793ee8effa412aa86b6ad9d904d70d46fd42deb9b529cec778464ffd3b63822c5baaa73554a742300df4c70d32d0fc3d756691259c3ed91466f9e98ab825c58a83c1a34c07b889c4addd4eb2f0bdae35bfc78ef5a501d78b1f93fbf402d893af6d4f6d921b13bc9313f669998acb246cd71bd76a8e9f291f8b4a3364c776f0d7d573e2fc28a71bdfc82e32586941b28024d2edf88eaa884cde2705bf200839f6f13b4be049efab1c736c938a5e9cff9697d3481b50417655619d49d5743bbdcefcf7237a57f9e80f231144855a458389026c44d5aa53922811f925159a45ca365da87c3c847994b59ffd2a86ce63fc88cd63e46a26197b3b4913856af9ca402542dd9df67a4164a9ca314240cb3e6bc91f0e1e04dd4d6544a73760218766ca905b83958cf425d6104bd00902e12e977891ad60fd71ff90ee0e8696963d8b8014a3e64cb44da42e80d07c0882110150f45944cbaccbab2c22fa20e13e35d7245ce120e6b2da1c7ff2cc4e246bfb8030a2566e1fd0f5ac57154c5b0ab5c9d1fcd6d381f13da9d8630efe3066c0780a592a4fa16c49ca855316df8b2df315e86ce765919d5a8c94ee78630fa73e1cdd8fb0a07854a28224842e886cebfc73efab4f476aa4b1f13b17a3ee20dd5d9f6ca642439cc447eada390e80c92a8b07188453392af4fc8c85de07d7341419836cb58f2fcf8ad753c2caaa127e29cb3fa30966bbb1a8a7429f14513acda4fd865ca0b02fe76e101eac6390dcab0cf9521137b96a349c80cc3565c1c976661496a481ddc49c4c23d1886f076f59215dcb8bd98c426d8323a442e12307408142ef120bbce84dfa2a6bfc13afed519a3d1a3a47ca334234b5edf643878dc3f9e605431e21afcfda9bec98d3f8490c3b6fcf8dbc9c5cfda3748837ec650a03684d96c61f624d74a79d7c82ecda08e7cb2ee63d94dcebf2ed63f2445a00f41e3e1ea0b42e2cbef497426c64200e0c5f03aa06b08cfd000e0a6fc63eb7a824f1f666b7984c826b2ed523412a5aa2ee118594d490447bc62698fcfef6b9f12cc32193ccb9a8b9362713839714c2ac2eecf33411bd53a6ba7bafc4b70eef3e16a60878582f39a14a03cd08f8b8e485ee84932929441badb75361b61a06bb96a22130673ed5aa3a15af0a36d45e6d77cafe9bf05a60eaef7630d8d0ad764dff0489dfffc1c814a6e036d7b94d2f7e2a468cab7b1d3f475e8a8644747bd0a5ddd12f92657b85f366c8514711f3533afabefde5714cdfe379b5354cdec1c2b92fc8521f2c9e66f65e39cdfb15641925eafb90a9a5c916eab3589a28f5319b03cd560169ec203731fe21a79fb90f2e774421d55c73f5d5110f4d95b7615edc66ec5c30caff3a4762d36b2feef01c2d43f4032fa7c048b47f20045c5c8efbb43948e354d1fdaf2dba841d22605382521d898c5ab6377c39a11e4ac371a028858d25bbd61b0011a17e042f0f2e31f94b3d67ab02a27c68037e810beec5ce44105cd2a6cbe23295df965f3a8bab4c9043153c5fccac378fc338e3651aab96bcb26634bbdf081f6d0fe01aaf01182c937810607d2e450fa2cb3ec06898de2a485180b8e7eb8a31c7bdff6735e8a66310ef617288ee18f486a33f6d9b54d213575924f46125028c25deada815f1692e5720ca1878f9bfeab877e348cbbce19f58553c3d3b7ce398c7c4d3c30142b494e1453af11ef04e741668017540665d7daf52a605182bbb61c71406c0cf2821a40a32d4bff897a09a7ce6d3cfd10e946737f8825e077b6d3e966826bc94bbe9c901e88e3220be73c83b440aa6770a9662a7dc5301a7ba7966fb9a565002d215de0458939974bf8021c09eae8e02397ee460a0f3525991795a14b485d9bfe10206f89eb34ae43c50b6c2da4b5c85d3789a435a44320f715078f1287c7f0a889e42ab7f5e9511af1319dcb0b69a865ed5df2b82b637167596ad3eec6c78d425a1d6d33cd76f3d8b14b385d35ba6ba97aeb069cc7613a3b95557ca20ed451ca58bb671b4d0efe2fd256ced00be23e8eed20694a52fce9258e971a2cd2ed38f93763ecec67f82c9d6f7f0d80f235e4945b7306587131c10a155b9fa19dec9c6877850c0da4d65030dad0841aa8dbc061bf6f366b362ad0207b43ef173450d8dcc2408705de37dfea1112655712b7f46cda12b6415b5d4439a9aa3ff6d423c4e06c3a5811f2084e7042e6f4c1c9993f5ca3364ba6b34efca4faeba79237219adf1398b01b4a4f6720161b21e83d48a361c600dcb21e7a69fc63a0fe48d6e688ee626faec60d3c09cb5b8dca29246b7427c28c6d828a50a6b2cbf24cb5ab4d599a480cf2a58ea5139b8f1fea0ad6d7857a9f3e5e7300f8e2b1fbdaa831c32962265e44f037f08d5e04ff0e52b0314425fb83c4868d7e98cbefb0c826ccd1b5d25010b657eb5059cfce7688c3cd19d877c6dbdbe804f7f676e4418bfbec7766946efa8d81fd709ac0a3995dc5d39876a2e989acfb9e5debe8a0589d2d6ef4293bd6f3a5e2430cbdb96b1e26cb6d4cc00ca7f6b7c5dbc8b1efae239e8fb29342cb20b529260af06c4c4820eb10bf0d28292ab846308372438a0a265e57342ed68bc276e3da78f2b2d777ada2ba14ce34328325861839402ac61ef3ff81a353079462fe561f649641855139e6553ff23e5632558ded74f728b8b061cb46708f25989585a3d1f6bb219c9eb5e7fc379d8c71f0898f1601dab43f2a31306a326872d5969b0ec74aa7af3ba8bd67084de78c8699b00379957b1085740c8e21d97721ecafdfae7b7b76cfb3bd214d9332357a1bbfad036e824fc1c1283849768a94a71ad1e3490fb67bebce283079e931a7e2100f5a0029495eaad556f91600d4a7e940faa4f0c748ad5c1abaf7266d395133b828f65def3440f6e3480338539d5b84ba440ae2a42dd3f44f5e2d301e82e878d62793bb82983bb27762a3c08daeacaa90a0afc554d559c27365daab790010ee374b31ad4f10a2c2d353ba9cbaee65a610f4c4ad8cf6711f15d8315956935a48736e75b4977ac2da7a2ffb78dd2962b61fc26dad9fdf7c4598fa97568c100ace813cccd04a8445b8c696895c793358376b84893aaa615142d555455218a87b0cd39c9777c0e6c411ac9e49bbafde33707be9095eca87d184dbe001d7b74545eb49af3b4c3105cc1c827eaf6d033f808f1563cb9fa9fd27625d504823534d621921ba0f41bc10ae5e9cc902d8abad5b09096f544b3819d6bdafd5644bc73218cde5c4bf2b7e45e1784bcb831ef23fef2383c8df4e493f8e0fc459d1c7066c75d24a9620f3e79b234ad990ea291d95e87de7d1b415b9f232fc5511c0699325244e931a4cab64b1c04163cc02081a6e2a4bc42bf013f15cce5c2ef17a850906ae724e07ab898854a860cd3876c00bead6266929989bbe88e60f229b1b0c38eb518be1d8099d311122074fbf59ee8abbe69690f820a6493c371d307339447148688abb910aa273ea8b1760c954c7f56cb00f6ed1f2b6dc57284a62e5859efaa21d89a2d077f6d3c1b089353dab4747476ade81ce520c43ed2768bb3765aca4a0ccf1809ff3e2a184b2668c8e80b355bcbf38b0bcc8d78b64c0e9065a310b269239e2a3b973cde0b3295c31bc6385253f53057cc4733aa7f41594366c19175027ba0ae331cc4ed098014f38fda248519a1390a42ddf2fa96287f172090ad35bc478f98d41d2dd5f179d08524f27c13d3b0f6549380b13f3110ddbfc5af270416ba1e274bb89df483152b1a43129cd22648a69b658e94fb65c49f7bffb699543f462ac4dfde41a34fa3a5e72c55ba8bae495e22b919d5d728ad3966c2a6ad2ef9aa91ee1c1a56fb7ebfe0a70ea0ff332d6ee787e7f3e9699e40aa0f09122ab5b50b4237ee4858a319e31a27a5d5e62c75d593c4c0f7e16d64f074884cc9338585115ec1a4d9f9c9188a6edff4594dfe0fdd7377509d99d43f2c687bcd2e0985cd1c892d4473389be50756d885015e1e95902b5ccad183d55b138053c32931acb6a2b9db5b811a44073119712e5da1c56d0b7cf6eaed1754cf8fa5ea08120f695b3b4344ab36f9c4057c024bb75e2b581b6ce8168e18c0af736d54dddb69aeff35609f42a08648959d48a59a68078e5af308e25ab5409d21fd641170b75f82f399837d5ffd64bd0ebdaa72387a925872b2b724a7e01129d0c67f68f6f322fefcdde3329fc783c010f33cc36626f33844119e66d4ad1d596cb85482dfcea7019f9e1493d7f2909c7eb4145d8d967522e9531761d4d167f441217ae533e9569964d18e83a1455adaf27f8565608debb1ef33ee7a5e43af4e9d9c9a5d66138890527488793c880ac4c87ce0a2751109ad6050ce03764c7fe", 0x1000}, {&(0x7f00000022c0)="9ad7520dee108307e3a58543a4ebfe053b6e43e879db623649ac6c08c4559268dccccf77927fbc22c2376e619073f9ff5f87ed203476b255ec64f1128bfb000041c77eec800848bb99713adbae6dbe21920609403cc02e465c86b89d430b7d6e68c0c6bf97c90d6a3b715777a3d96b20267915adbe4aca4c28db03de06f53372cb192d927d804ba325ff8b50df71b5aa6f48de97f36d2bdc447c62078c2f131d0ec99155df74efe2fc5a29d3b01dc81e37ec5f26b7937e844bff956979bf23353804d443fc9522f8dec31a3130b43e4d7620199a3d237be3fa14cbb2b3203afb8fc38173b1aa", 0xe6}], 0x2, 0xfffffff8, 0x2, 0x0)
pivot_root(&(0x7f0000002400)='./file0\x00', &(0x7f0000002440)='./file0\x00')
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x3, &(0x7f0000002480)=""/17, &(0x7f00000024c0)=0x11) (async)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x3, &(0x7f0000002480)=""/17, &(0x7f00000024c0)=0x11)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r1, 0x4068aea3, &(0x7f0000002500)) (async)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r1, 0x4068aea3, &(0x7f0000002500))
socket$inet6(0xa, 0x3, 0x0) (async)
socket$inet6(0xa, 0x3, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x40010, r1, 0x10000000)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000002580)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x6000, @fd, 0xbe, 0x5, 0xb, 0x4, 0x0, {0x3, r5}})
bind$inet6(r1, &(0x7f00000025c0)={0xa, 0x4e24, 0x2, @loopback, 0x2}, 0x1c)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000002600), 0x8101, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000002640)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000002640)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_IOVA_RANGES(r6, 0x3b84, &(0x7f00000026c0)={0x20, r7, 0x4, 0x0, &(0x7f0000002680)=[{}, {}, {}, {}]})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r6, 0x3ba0, &(0x7f0000002700)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
ioctl$IOMMU_GET_HW_INFO(r6, 0x3b8a, &(0x7f0000003780)={0x28, 0x0, r8, 0x1000, &(0x7f0000002780)=""/4096}) (async)
ioctl$IOMMU_GET_HW_INFO(r6, 0x3b8a, &(0x7f0000003780)={0x28, 0x0, r8, 0x1000, &(0x7f0000002780)=""/4096})
ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f00000037c0)=0x3) (async)
ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f00000037c0)=0x3)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000003840), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000003900)={&(0x7f0000003800)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000038c0)={&(0x7f0000003880)={0x24, r9, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}]}, 0x24}}, 0x0)

26m22.99379458s ago: executing program 4 (id=301):
r0 = getpgid(0xffffffffffffffff) (async)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) (async)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$igmp(0x2, 0x3, 0x2) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r5 = add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/80, 0x50, 0x0) (async)
sched_setattr(0x0, 0x0, 0x0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) (async)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x262)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x12, 0x4}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e21, 0x9, @loopback, 0x4}, 0xf1) (async)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4) (async)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) (async)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendmmsg$inet6(r6, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="cc", 0x1}, {&(0x7f00000000c0)="8eabd4c0c48034d70c6006aaf0e953151d41e3aa438ad0f818f3ca6e230aa5b077a897a5165d32bd5407444338d4e74dc23e09008a2002a672aaa2b99549da614d74314e1666d923815da827281bee2de6eda534b2496123977149b4e7a4868d036ec6dc798458742e9c158e0c7d81a62785b97a0cc5", 0x76}], 0x2}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c", 0x31a}], 0x1}}], 0x2, 0x4048894) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
r7 = mq_open(&(0x7f0000000000)='eth0\x00', 0x42, 0x0, 0x0)
mq_notify(r7, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, &(0x7f0000000300)) (async)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r8, &(0x7f0000003200)=[{{&(0x7f00000003c0)={0xa, 0x4e20, 0x6, @loopback, 0x8}, 0x1c, 0x0, 0x0, &(0x7f00000010c0)=[@dstopts={{0x18, 0x29, 0x37, {0x3c}}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}], 0x40}}], 0x1, 0x40004880)

26m21.365694364s ago: executing program 4 (id=312):
pipe2(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80800)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r0, 0x0, 0x0, 0x0, 0x80000})
close(0x3)
io_uring_enter(0xffffffffffffffff, 0x47f5, 0x0, 0x20, 0x0, 0x0)

26m20.773135805s ago: executing program 4 (id=315):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x84aa5000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x40001)
syz_usb_connect(0x2, 0x440, &(0x7f0000000840)=ANY=[@ANYBLOB="12010000c1b2fd40861246206fc10000000109022e040108004000090450000eff040100"], 0x0) (async)
syz_usb_connect(0x2, 0x440, &(0x7f0000000840)=ANY=[@ANYBLOB="12010000c1b2fd40861246206fc10000000109022e040108004000090450000eff040100"], 0x0)
clock_adjtime(0x17, &(0x7f0000000000)={0xea33, 0x9, 0x379ee6, 0x0, 0x9, 0x1, 0x89, 0x3, 0x6, 0x7ffffffe, 0x3, 0x800, 0x9, 0x80000000000002, 0x8001, 0xffffffffffffffff, 0x800000, 0x2, 0xc, 0x5, 0x200, 0x3, 0x11cb, 0x101, 0x40, 0x9})

26m18.99438846s ago: executing program 4 (id=322):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x58}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000000c0)={0x0, 0x20, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

26m3.72767009s ago: executing program 32 (id=322):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x58}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000000c0)={0x0, 0x20, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

22m47.659219855s ago: executing program 3 (id=1162):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000a40)={'filter\x00', 0xb001, 0x4, 0x3f0, 0x220, 0x220, 0x0, 0x330, 0x330, 0x330, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe9}, @mangle={0x0, 'mangle\x00', 0x0, {@empty, @mac=@remote, @dev={0xac, 0x14, 0x14, 0x1f}, @rand_addr=0x64010102, 0xf, 0x1}}}, {{@arp={@rand_addr=0x64010100, @local, 0xff000000, 0x0, 0x3, 0x0, {@empty, {[0xff, 0x0, 0x0, 0x0, 0xff, 0xff]}}, {@mac=@broadcast, {[0x0, 0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x3, 0x5, 0x9, 0xc6d, 0xc, 0x4, 'geneve1\x00', 'netdevsim0\x00', {0xff}, {}, 0x0, 0x4}, 0xc0, 0x110, 0x0, {0xff030000, 0x1e03}}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @multicast2, 0x2}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0xff000000, 0x0, 0x0, 0x20, {@empty, {[0xff]}}, {@mac=@random="dea143304078", {[0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x0, 0x1, 0xfff9, 0x0, 'veth0_to_batadv\x00', 'netpci0\x00'}, 0xfffffffffffffd58, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x2f}, 0x8, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0xfe88)

22m47.549219502s ago: executing program 3 (id=1164):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a0900000000000000000002000000090002000c0000002000000008000440000000000900010073797a30000000000800034000000001"], 0x90}}, 0x0)

22m47.402447462s ago: executing program 3 (id=1165):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000006c0)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x200000000340, 0x200000000370, 0x2000000003a0], 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000f9ffff00000000007082e69aac4159c10000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0x108)

22m47.182190673s ago: executing program 3 (id=1168):
r0 = getpid()
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r3 = syz_pidfd_open(r0, 0x0)
setns(r3, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x8100, &(0x7f0000000200)={0x87, 0x1, 0x80000}, 0x20)
r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
ioctl$USBDEVFS_DISCSIGNAL(r4, 0x8010550e, &(0x7f0000000040)={0x9, 0x0})

22m45.974761137s ago: executing program 3 (id=1180):
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x4, 0x81, 0xfffff034}, {0x6}]}, 0x10)
r1 = socket(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendto$inet(r1, &(0x7f00000023c0)="8ce2ad4d4f95e087a7846d3f81", 0x14, 0x0, &(0x7f0000002400)={0x2, 0x0, @multicast2}, 0x10)
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4004550c, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000fc0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000001000)='./file0\x00', 0x165)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x2, @remote}}}, 0x108)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0xf0, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x2, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}}, 0xf0}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)

22m45.33713062s ago: executing program 3 (id=1183):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000100)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c1210680320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a6080000b80000010066b87a000f00d80f300f300fc79d53bf0000c4b9e16dc30101220f01c3", 0x64}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x200000000000000)

22m44.602164115s ago: executing program 33 (id=1183):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000100)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c1210680320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a6080000b80000010066b87a000f00d80f300f300fc79d53bf0000c4b9e16dc30101220f01c3", 0x64}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x200000000000000)

21m55.789514132s ago: executing program 6 (id=1387):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000002100), 0x9, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$fuseblk(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2810e8, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x7ffffffffffffffd, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r4, 0xc0585605, &(0x7f00000005c0)={0x1, 0x0, @stop_pts=0x5})
r5 = socket(0x1d, 0x2, 0x6)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x20, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r6 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
r7 = syz_open_dev$usbfs(&(0x7f0000000140), 0x76, 0x1701)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x44, &(0x7f0000000080)={0x2, 0x3, 0x17, 0xff81}, 0x8, 0x20, 0x3, 0x0, 0x4bf, 0x404, 0x0})
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r8, &(0x7f0000000240)=[{0x0}], 0x1, 0x7000, 0x0, 0x3)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_CROP(r6, 0x4014563c, &(0x7f00000000c0)={0x1, {0x7ff, 0x4ba, 0xc48, 0x4}})
io_uring_setup(0x598, &(0x7f0000000300)={0x0, 0x77ae, 0x400, 0x8000002, 0x3d7})
r9 = syz_open_dev$vbi(0x0, 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r9, 0xc100565c, 0x0)

21m53.524511644s ago: executing program 6 (id=1394):
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x700000000000000, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x2)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520100ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e2895810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177070373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe03}}, 0xfffffdef)
sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac141411e00000010000000028000000000000002c0000000700000094040007441405"], 0x48}, 0x0)

21m53.09708721s ago: executing program 6 (id=1396):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0xffffffffffffffff, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x31079, 0x42b}, [@IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40000)

21m52.69003565s ago: executing program 6 (id=1398):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000004c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1})
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000040)={0x38, 0x3, 0x8, 0x201, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xa01}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_SCTP_COOKIE_ECHOED={0x8}]}]}, 0x38}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c0001800600060065580000100002800c00068008"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0x400c084)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002200)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
unshare(0x2c020400)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x226)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r9, 0x3ba0, &(0x7f0000000200)={0x48})
ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x3)
ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r10)

21m51.71336811s ago: executing program 6 (id=1399):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x852, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0x10000ff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x18, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x6, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x200, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab2, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x4, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x8004b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0x80000ec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0x2, 0x4, 0x2, 0x3ff, 0x3e, 0xb827, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x1, 0x3, 0x9, 0xc, 0x7, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0xe, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0x10000b, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0xfffffff7, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x4, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x4, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x9, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x520, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0xa, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x8, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r9 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0)
socket$caif_stream(0x25, 0x1, 0x3)

21m50.253613595s ago: executing program 6 (id=1403):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x20000000)
socket(0x840000000002, 0x3, 0xfa)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x40, 0x0)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x1)
setxattr$incfs_metadata(&(0x7f0000000480)='./cgroup\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$binfmt_script(r3, &(0x7f0000000100), 0xfffffd9d)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x17c}}, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x458, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc10c5541, &(0x7f0000000040))
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x191, 0x150, 0xa0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0xfffffffd, 0x0, 0x8, 0x4, 0x0, 0x0, 0xa})

21m49.240594346s ago: executing program 34 (id=1403):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x20000000)
socket(0x840000000002, 0x3, 0xfa)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x40, 0x0)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x1)
setxattr$incfs_metadata(&(0x7f0000000480)='./cgroup\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$binfmt_script(r3, &(0x7f0000000100), 0xfffffd9d)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x17c}}, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x458, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc10c5541, &(0x7f0000000040))
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x191, 0x150, 0xa0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0xfffffffd, 0x0, 0x8, 0x4, 0x0, 0x0, 0xa})

6.337948205s ago: executing program 7 (id=7093):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0xab, @loopback, 0x10001}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @loopback, 0x23}, 0x1c)
r2 = dup(r1)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[], 0x78}, 0x1, 0x0, 0x0, 0x4080}, 0x8080)
r3 = socket(0xa, 0x3, 0xff)
connect$inet6(r3, 0x0, 0x0)
syz_emit_ethernet(0x6e, &(0x7f00000001c0)={@random="cfb14e407d33", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, 'z&-', 0x38, 0x3a, 0x1, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x8001, {0x2, 0x6, "081331", 0x9, 0xff, 0x0, @loopback, @loopback, [@fragment={0x3b, 0x0, 0xe, 0x0, 0x0, 0x3, 0x65}]}}}}}}}, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f00000000c0)={0x7, 0xffffffffffffffa0, 0xfa00, {0xffffffffffffffff, 0x10c}}, 0xfffffd88)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

5.315818045s ago: executing program 7 (id=7107):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000001c0)=0xa3, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x6, 0x6, 0xf, 0x2}]}, 0x10)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

4.364146916s ago: executing program 7 (id=7115):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0xc800}, 0x0)

4.173077787s ago: executing program 7 (id=7117):
syz_emit_ethernet(0x76, &(0x7f0000000700)={@broadcast, @multicast, @val={@val={0x88a8, 0x0, 0x0, 0x2}, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "c172f5", 0x38, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @local}, @local, {[], @time_exceed={0x3, 0x1, 0x0, 0xc2, '\x00', {0x2, 0x6, "0eb13b", 0x3, 0x29, 0xff, @empty, @dev={0xfe, 0x80, '\x00', 0x18}, [], "002bb36b038ac731"}}}}}}}, 0x0)

4.051033678s ago: executing program 7 (id=7119):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r1, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0xb00, 0x2000000})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r1, 0x7, &(0x7f0000000040)={0x0, 0x4, 0x100000000000003, 0x3})
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)

3.919627656s ago: executing program 5 (id=7121):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000180)='./file1\x00', 0x2)
ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0x40000200)
r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x80000006)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3.535857947s ago: executing program 5 (id=7123):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
syz_emit_ethernet(0x3b6, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9, 0x2}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "001958", 0x380, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0x1a}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, [{0x18, 0xa, "a78ce5400659808000000003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42c60a5c15b37adac15084dbaf736b41d5af1802"}, {0x0, 0x1, "ffffffffffffff8026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x6, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x4, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743474671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68f2d2c6393a9f3becd1a9f51a948b5b303f4f025"}, {0x21, 0x7, "fcc1876d4ec1876d4e6fa3ce2dfdb43a6f021659ff5c2d6b3d9363ed09bd9281c9fe68a3000000006f0000044e43e740e077e1d16212fb"}, {0x5, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1eb91a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d96967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c000000000000000000"}, {0x5, 0x5, "090000000900000036da018dff16e70b8b1400000000e18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@private=0xa010101, @in=@loopback, 0x0, 0x20, 0x4e22, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x3, 0x0, 0xffffffffffffffff, 0x40000, 0xffffffff}, {}, 0x0, 0x6e6bb7, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0x6c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x3507, 0x0, 0x3, 0x0, 0xe, 0x4000000, 0x3}}, 0xe8)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CAP_X2APIC_API(r3, 0x4068aea3, &(0x7f0000000540)={0x81, 0x0, 0x2})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0xb, 0x0, 0x5, 0x0, 0x5, 0x7f, 0x7f, 0x6, 0x8, 0x77, 0x5, 0x2, 0x0, 0xd, 0xd1, 0x7, 0x2, 0x6, 0xcb, '\x00', 0x5, 0x8})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0xeeee0000, 0xb, 0xba1, 0x8c5f, 0x0, [{0x46, 0x8, 0x1}, {0x2, 0x29, 0x6, '\x00', 0xf8}, {0x60, 0x3, 0x0, '\x00', 0xbd}, {0x7, 0x4, 0x9, '\x00', 0xd}, {0x5, 0x4, 0x8, '\x00', 0x5}, {0x3, 0x40, 0x71, '\x00', 0x2}, {0x7, 0x7, 0xfd, '\x00', 0x34}, {0x9, 0xc5, 0x1, '\x00', 0x5}, {0x7, 0xfb, 0x3, '\x00', 0x2}, {0xfe, 0x1, 0xd, '\x00', 0x4}, {0x1, 0x4e, 0x0, '\x00', 0x2}, {0x9, 0x2, 0x5, '\x00', 0x3}, {0xfa, 0x0, 0x8, '\x00', 0x7}, {0x80, 0x2, 0x80, '\x00', 0x4}, {0x6, 0x8, 0x3, '\x00', 0x4}, {0x9, 0xf1, 0x8, '\x00', 0x4}, {0x2, 0x7, 0x8, '\x00', 0x3}, {0x4, 0x6, 0x9, '\x00', 0x48}, {0x90, 0x0, 0x81, '\x00', 0x6}, {0xb, 0xff, 0x5}, {0x0, 0x4, 0x3, '\x00', 0x6a}, {0x7, 0x35, 0x7a, '\x00', 0x8}, {0x4, 0x7, 0x5, '\x00', 0xf}, {0x8, 0x2, 0x62, '\x00', 0x1}]}})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

2.960771601s ago: executing program 2 (id=7129):
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x3e, 0x7fff0000}]})
mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')

2.745012704s ago: executing program 7 (id=7132):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = userfaultfd(0x801)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f00000003c0)=0x9)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000))
r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x6)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
ioctl$int_in(r3, 0x5452, &(0x7f0000001080)=0x3)
write(r3, &(0x7f0000000080)='g', 0x1)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000140)={0x6, 0x3, 0x6, 0x7fff, 0x1a, "ee1dd756f560f25a63b2f119c3439425ea59d8"})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x29d})
mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}, 0x1})
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x9)
mremap(&(0x7f0000ff5000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ff8000/0x1000)=nil)
open(&(0x7f0000000140)='./bus\x00', 0x143bc2, 0x1c0)

2.744477709s ago: executing program 0 (id=7133):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x8042, 0x85)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x2, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000fcffffff95"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
socket(0x1, 0x5, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x5, @empty, 0xa098}, {0xa, 0x4e21, 0x9, @mcast1, 0x9}, r2, 0x8001}}, 0x48)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

2.744274739s ago: executing program 2 (id=7134):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r0, 0x4068aea3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r4, 0x0, 0x17, &(0x7f0000000300)=0x1, 0x4)
recvmmsg(r4, &(0x7f000000e280), 0x58a, 0x42, 0x0)

2.647539482s ago: executing program 0 (id=7135):
r0 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000040)=0x7, 0x4)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c4000000000000000010000000000000000000000000000fe8000000000000000000000000000aaff"], 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000080)=0x8000, 0x4)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000180)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/51, 0x33}, 0x1}], 0x1, 0x4020, 0x0)

2.139736215s ago: executing program 1 (id=7136):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4, 0x8, 0x6, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x10}, 0xe)
dup2(r1, r0)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e23, @empty}}}, 0x90)

1.804966632s ago: executing program 1 (id=7137):
r0 = inotify_init()
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000100)=0x5e1, 0x4)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000100)=0x5e1, 0x4)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x5e20, 0xffffffff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xe}}, 0x6}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

1.666731316s ago: executing program 2 (id=7138):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x64}}, 0x4000)

1.634811849s ago: executing program 5 (id=7139):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x6, 0x80800)
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000040)={0x3ffffd, r3})
close_range(r0, 0xffffffffffffffff, 0x0)

1.55706295s ago: executing program 0 (id=7140):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@bridge_setlink={0x20, 0x13, 0xb2f, 0x70bd25, 0x0, {0x7, 0x0, 0x68, r1, 0x900, 0x62010}}, 0x20}, 0x1, 0x0, 0x0, 0xc800}, 0x0)

1.556349157s ago: executing program 1 (id=7141):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4800)
r1 = socket(0x11, 0x2, 0x0)
setsockopt(r1, 0x107, 0x1, &(0x7f0000000040)="06000000030006000300000000000000", 0x10)
r2 = socket(0x11, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='children\x00')
setsockopt(r2, 0x107, 0x1, &(0x7f0000000040)="060000000300060000071a800100613f", 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.48991399s ago: executing program 5 (id=7142):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
write$binfmt_elf32(r1, &(0x7f00000009c0)=ANY=[], 0x358)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000f00)=ANY=[], 0xc4}, 0x1, 0x0, 0x0, 0x400c040}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[], 0x248}, 0x1, 0x0, 0x0, 0x80}, 0x8044)
syz_genetlink_get_family_id$nl80211(0x0, r1)
sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x1)

1.478196552s ago: executing program 2 (id=7143):
r0 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x100000000, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x3, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r0)

1.41902991s ago: executing program 0 (id=7144):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000006004d564b"])

1.300768171s ago: executing program 1 (id=7145):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x810000, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2a00cda2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80642, 0x0)
copy_file_range(r3, &(0x7f0000000140)=0x8, r2, 0x0, 0x7, 0x0)

1.291740391s ago: executing program 2 (id=7146):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="7b87f20f", @ANYBLOB="01", @ANYBLOB="e4d20abfab"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.234079748s ago: executing program 0 (id=7147):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000080)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
sendmsg$inet_sctp(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000014c0)="87", 0x1}], 0x1, 0x0, 0x0, 0x80}, 0x4048000)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000000c0)={0x0, 0xb, 0x2, [0x2, 0x1]}, 0xc)

1.164889845s ago: executing program 1 (id=7148):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r0, 0x4068aea3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r4, 0x0, 0x17, &(0x7f0000000300)=0x1, 0x4)
recvmmsg(r4, &(0x7f000000e280), 0x58a, 0x42, 0x0)

1.135530181s ago: executing program 2 (id=7149):
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
fallocate(r0, 0x0, 0xbf5, 0x2000402)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1af)
setxattr$incfs_metadata(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)
setxattr$incfs_metadata(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080), &(0x7f0000000180)="bb3cfb61cc3d05c2e8e3cc81758e28aae95fb75a24fd691e8dc73bc7a9ca431b81276bc4c187b1232cf3286e5854db58bb2496aba872c5f039", 0x39, 0x2)
setxattr$incfs_metadata(&(0x7f0000000240)='./bus\x00', &(0x7f0000000080), &(0x7f0000000180)="bb3cfb61cc3d05c2e8e3cc81758e28aae95fb75a24fd691e8dc73bc7a9ca431b81276bc4c187b1232cf3286e5854db58bb2496aba872c5f039", 0x39, 0x1)

201.406216ms ago: executing program 0 (id=7150):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
syz_emit_ethernet(0x3b6, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9, 0x2}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "001958", 0x380, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0x1a}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, [{0x18, 0xa, "a78ce5400659808000000003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42c60a5c15b37adac15084dbaf736b41d5af1802"}, {0x0, 0x1, "ffffffffffffff8026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x6, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x4, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743474671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68f2d2c6393a9f3becd1a9f51a948b5b303f4f025"}, {0x21, 0x7, "fcc1876d4ec1876d4e6fa3ce2dfdb43a6f021659ff5c2d6b3d9363ed09bd9281c9fe68a3000000006f0000044e43e740e077e1d16212fb"}, {0x5, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1eb91a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d96967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c000000000000000000"}, {0x5, 0x5, "090000000900000036da018dff16e70b8b1400000000e18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@private=0xa010101, @in=@loopback, 0x0, 0x20, 0x4e22, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x3, 0x0, 0xffffffffffffffff, 0x40000, 0xffffffff}, {}, 0x0, 0x6e6bb7, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0x6c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x3507, 0x0, 0x3, 0x0, 0xe, 0x4000000, 0x3}}, 0xe8)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CAP_X2APIC_API(r3, 0x4068aea3, &(0x7f0000000540)={0x81, 0x0, 0x2})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0xb, 0x0, 0x5, 0x0, 0x5, 0x7f, 0x7f, 0x6, 0x8, 0x77, 0x5, 0x2, 0x0, 0xd, 0xd1, 0x7, 0x2, 0x6, 0xcb, '\x00', 0x5, 0x8})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0xeeee0000, 0xb, 0xba1, 0x8c5f, 0x0, [{0x46, 0x8, 0x1}, {0x2, 0x29, 0x6, '\x00', 0xf8}, {0x60, 0x3, 0x0, '\x00', 0xbd}, {0x7, 0x4, 0x9, '\x00', 0xd}, {0x5, 0x4, 0x8, '\x00', 0x5}, {0x3, 0x40, 0x71, '\x00', 0x2}, {0x7, 0x7, 0xfd, '\x00', 0x34}, {0x9, 0xc5, 0x1, '\x00', 0x5}, {0x7, 0xfb, 0x3, '\x00', 0x2}, {0xfe, 0x1, 0xd, '\x00', 0x4}, {0x1, 0x4e, 0x0, '\x00', 0x2}, {0x9, 0x2, 0x5, '\x00', 0x3}, {0xfa, 0x0, 0x8, '\x00', 0x7}, {0x80, 0x2, 0x80, '\x00', 0x4}, {0x6, 0x8, 0x3, '\x00', 0x4}, {0x9, 0xf1, 0x8, '\x00', 0x4}, {0x2, 0x7, 0x8, '\x00', 0x3}, {0x4, 0x6, 0x9, '\x00', 0x48}, {0x90, 0x0, 0x81, '\x00', 0x6}, {0xb, 0xff, 0x5}, {0x0, 0x4, 0x3, '\x00', 0x6a}, {0x7, 0x35, 0x7a, '\x00', 0x8}, {0x4, 0x7, 0x5, '\x00', 0xf}, {0x8, 0x2, 0x62, '\x00', 0x1}]}})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

201.196642ms ago: executing program 5 (id=7151):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x3, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89ae, &(0x7f00000000c0)="9a4878fbcc5e8a")
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

45.087881ms ago: executing program 1 (id=7152):
bind$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
syz_clone3(&(0x7f0000000340)={0x801400, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000300)={0x0, 0x5}, &(0x7f0000000340)=0x8)

0s ago: executing program 5 (id=7153):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x64}}, 0x4000)

kernel console output (not intermixed with test programs):

ber=3
[ 1435.576840][T23644] usb 1-1: Product: syz
[ 1435.581155][T23644] usb 1-1: Manufacturer: syz
[ 1435.586323][T23644] usb 1-1: SerialNumber: syz
[ 1435.607663][T23644] usb 1-1: config 0 descriptor??
[ 1435.700426][T16667] usb 2-1: device descriptor read/64, error -71
[ 1435.851439][T25416] bridge6: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[ 1435.946939][T16667] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1435.948262][T25394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1435.952903][T25394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1436.055109][T23644] appletouch 1-1:0.85: Failed to read mode from device.
[ 1436.057279][T23644] appletouch 1-1:0.85: probe with driver appletouch failed with error -5
[ 1436.072096][T23644] usb 1-1: USB disconnect, device number 84
[ 1436.096290][T16667] usb 2-1: device descriptor read/64, error -71
[ 1436.266203][T16667] usb usb2-port1: attempt power cycle
[ 1436.645335][T16667] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1436.716872][T16667] usb 2-1: device descriptor read/8, error -71
[ 1436.955709][T16667] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1436.976114][T16667] usb 2-1: device descriptor read/8, error -71
[ 1437.096007][T16667] usb usb2-port1: unable to enumerate USB device
[ 1489.939166][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1489.945797][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1507.779007][T25437] Option 'ÆÊ—�Ë€ÖÕ%N&ø' to dns_resolver key: bad/missing value
[ 1507.789094][T25439] IPVS: Error connecting to the multicast addr
[ 1508.081278][T16667] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 1508.281427][T16667] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1508.336466][T16667] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1508.403722][T16667] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1508.523057][T16667] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1508.536937][T16667] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1508.647536][T16667] usb 1-1: Product: syz
[ 1508.667771][T16667] usb 1-1: Manufacturer: syz
[ 1508.690286][T16667] usb 1-1: SerialNumber: syz
[ 1508.721031][T16667] usb 1-1: config 0 descriptor??
[ 1508.800882][T25441] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1508.816008][T25441] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1508.855429][T16667] usb 1-1: ucan: probing device on interface #0
[ 1509.643609][T25465] bridge5: entered promiscuous mode
[ 1510.257147][T16667] usb 1-1: ucan: failed to retrieve device info
[ 1510.269101][T16667] usb 1-1: ucan: probe failed; try to update the device firmware
[ 1510.324610][T25473] xt_CT: No such helper "pptp"
[ 1510.841542][T16667] usb 1-1: USB disconnect, device number 85
[ 1510.982553][T25487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1511.005941][T25487] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1511.106191][T25487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1511.128659][T25487] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1511.220260][ T5938] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[ 1511.255532][T16667] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 1511.415302][T16667] usb 1-1: Using ep0 maxpacket: 8
[ 1511.428677][T16667] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[ 1511.442750][T16667] usb 1-1: config 179 has no interface number 0
[ 1511.459640][T16667] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1511.494122][T16667] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1511.521089][T16667] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1511.535631][T16667] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1511.552095][T16667] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1511.571969][T16667] usb 1-1: config 179 interface 65 has no altsetting 0
[ 1511.583897][T16667] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1511.596924][T16667] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1511.605311][ T5938] usb 6-1: device descriptor read/64, error -71
[ 1511.614745][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1511.614758][   T30] audit: type=1326 audit(1762284138.266:4035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.658938][   T30] audit: type=1326 audit(1762284138.266:4036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.681691][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1511.704186][T16667] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input62
[ 1511.770506][   T30] audit: type=1326 audit(1762284138.296:4037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.800691][   T30] audit: type=1326 audit(1762284138.296:4038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.826473][   T30] audit: type=1326 audit(1762284138.306:4039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.849433][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1511.856561][ T5938] usb 6-1: new high-speed USB device number 107 using dummy_hcd
[ 1511.870684][   T30] audit: type=1326 audit(1762284138.306:4040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.933332][   T30] audit: type=1326 audit(1762284138.306:4041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.958131][   T30] audit: type=1326 audit(1762284138.306:4042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1511.980599][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1512.025993][   T30] audit: type=1326 audit(1762284138.306:4043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1512.049024][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1512.075141][ T5938] usb 6-1: config 0 interface 0 altsetting 251 has an invalid descriptor for endpoint zero, skipping
[ 1512.100202][ T5938] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1512.114233][   T30] audit: type=1326 audit(1762284138.306:4044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.2.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1512.144627][ T5938] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1512.163562][ T5938] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1512.183980][ T5938] usb 6-1: Product: syz
[ 1512.195241][ T5938] usb 6-1: Manufacturer: syz
[ 1512.214347][ T5938] usb 6-1: SerialNumber: syz
[ 1512.244699][ T5938] usb 6-1: config 0 descriptor??
[ 1512.373165][ T5938] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1512.491276][T25448] udevd[25448]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1512.520886][T25500] input: syz0 as /devices/virtual/input/input63
[ 1512.568213][T25507] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5201'.
[ 1512.697627][T23644] usb 6-1: USB disconnect, device number 107
[ 1512.760815][   T44] usb 1-1: USB disconnect, device number 86
[ 1513.820454][T25529] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5209'.
[ 1514.425907][ T5938] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1514.586434][T25544] FAULT_INJECTION: forcing a failure.
[ 1514.586434][T25544] name failslab, interval 1, probability 0, space 0, times 0
[ 1514.605723][T25544] CPU: 0 UID: 0 PID: 25544 Comm: syz.5.5212 Not tainted syzkaller #0 PREEMPT(full) 
[ 1514.605754][T25544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1514.605768][T25544] Call Trace:
[ 1514.605778][T25544]  <TASK>
[ 1514.605788][T25544]  dump_stack_lvl+0x189/0x250
[ 1514.605824][T25544]  ? __pfx____ratelimit+0x10/0x10
[ 1514.605852][T25544]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1514.605880][T25544]  ? __pfx__printk+0x10/0x10
[ 1514.605909][T25544]  ? __pfx___might_resched+0x10/0x10
[ 1514.605931][T25544]  ? fs_reclaim_acquire+0x7d/0x100
[ 1514.605969][T25544]  should_fail_ex+0x414/0x560
[ 1514.606008][T25544]  should_failslab+0xa8/0x100
[ 1514.606033][T25544]  __kmalloc_noprof+0xcb/0x7f0
[ 1514.606066][T25544]  ? sock_kmalloc+0xd6/0x160
[ 1514.606096][T25544]  sock_kmalloc+0xd6/0x160
[ 1514.606123][T25544]  ____sys_sendmsg+0x1b5/0x830
[ 1514.606153][T25544]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1514.606186][T25544]  ? import_iovec+0x74/0xa0
[ 1514.606217][T25544]  ___sys_sendmsg+0x21f/0x2a0
[ 1514.606250][T25544]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1514.606312][T25544]  ? __fget_files+0x2a/0x420
[ 1514.606331][T25544]  ? __fget_files+0x3a0/0x420
[ 1514.606363][T25544]  __x64_sys_sendmsg+0x19b/0x260
[ 1514.606389][T25544]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1514.606422][T25544]  ? __pfx_ksys_write+0x10/0x10
[ 1514.606456][T25544]  ? do_syscall_64+0xbe/0xfa0
[ 1514.606489][T25544]  do_syscall_64+0xfa/0xfa0
[ 1514.606516][T25544]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1514.606544][T25544]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1514.606565][T25544]  ? clear_bhb_loop+0x60/0xb0
[ 1514.606591][T25544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1514.606612][T25544] RIP: 0033:0x7f27b378f6c9
[ 1514.606631][T25544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1514.606649][T25544] RSP: 002b:00007f27b46f8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1514.606673][T25544] RAX: ffffffffffffffda RBX: 00007f27b39e5fa0 RCX: 00007f27b378f6c9
[ 1514.606690][T25544] RDX: 0000000004040010 RSI: 0000200000000880 RDI: 0000000000000003
[ 1514.606704][T25544] RBP: 00007f27b46f8090 R08: 0000000000000000 R09: 0000000000000000
[ 1514.606717][T25544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1514.606729][T25544] R13: 00007f27b39e6038 R14: 00007f27b39e5fa0 R15: 00007f27b3b0fa28
[ 1514.606763][T25544]  </TASK>
[ 1514.865939][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1514.956775][ T5938] usb 2-1: Using ep0 maxpacket: 8
[ 1515.017174][ T5938] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1515.029829][ T5938] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1515.067203][ T5938] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1515.076912][ T5938] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1515.085390][ T5938] usb 2-1: Product: syz
[ 1515.089726][ T5938] usb 2-1: Manufacturer: syz
[ 1515.094474][ T5938] usb 2-1: SerialNumber: syz
[ 1515.349659][ T5938] usb 2-1: config 0 descriptor??
[ 1515.583678][T25536] netlink: 658 bytes leftover after parsing attributes in process `syz.1.5210'.
[ 1515.625492][T16667] usb 6-1: new high-speed USB device number 108 using dummy_hcd
[ 1515.642037][T25536] tipc: Started in network mode
[ 1515.660558][T25536] tipc: Node identity e0000002, cluster identity 4711
[ 1515.780933][T25536] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1515.895483][T16667] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1515.903841][T16667] usb 6-1: config 0 has no interface number 0
[ 1515.921384][T16667] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1515.935019][T16667] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1515.945334][ T5938] rc_core: IR keymap rc-streamzap not found
[ 1515.956456][ T5938] Registered IR keymap rc-empty
[ 1515.961978][T16667] usb 6-1: Product: syz
[ 1515.967874][ T5938] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1515.979716][T16667] usb 6-1: Manufacturer: syz
[ 1515.986772][T16667] usb 6-1: SerialNumber: syz
[ 1516.002554][ T5938] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input64
[ 1516.035015][T16667] usb 6-1: config 0 descriptor??
[ 1516.298585][T16667] usb 6-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 1516.347693][   T44] usb 2-1: USB disconnect, device number 22
[ 1516.348476][T16667] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1516.381349][T16667] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 1516.495104][T25555] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5215'.
[ 1516.521998][T25555] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5215'.
[ 1516.553543][T16667] usb 6-1: media controller created
[ 1516.640972][T16667] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1517.810418][T25574] Cannot find add_set index 0 as target
[ 1517.824702][T16667] i2c i2c-1: ec100: i2c rd failed=-32 reg=33
[ 1519.094688][T16667] usb 6-1: USB disconnect, device number 108
[ 1520.885442][T16667] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1521.065360][T16667] usb 3-1: device descriptor read/64, error -71
[ 1521.315748][T16667] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[ 1521.337779][T25616] batadv_slave_1: entered promiscuous mode
[ 1521.435149][T25616] batadv_slave_1: left promiscuous mode
[ 1521.475397][T16667] usb 3-1: device descriptor read/64, error -71
[ 1521.527243][T25621] syzkaller0: entered promiscuous mode
[ 1521.533127][T25621] syzkaller0: entered allmulticast mode
[ 1521.623557][T16667] usb usb3-port1: attempt power cycle
[ 1522.005473][T16667] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1522.045979][T16667] usb 3-1: device descriptor read/8, error -71
[ 1522.315732][T16667] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1522.356028][T16667] usb 3-1: device descriptor read/8, error -71
[ 1522.477148][T16667] usb usb3-port1: unable to enumerate USB device
[ 1522.627831][T25632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1522.771816][T25637] dvmrp1: tun_chr_ioctl cmd 2147767521
[ 1524.651131][   T30] kauditd_printk_skb: 30 callbacks suppressed
[ 1524.652242][   T30] audit: type=1326 audit(1762284151.296:4075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25654 comm="syz.2.5240" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x0
[ 1524.789325][T25663] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[ 1524.858832][T25665] netlink: 'syz.5.5243': attribute type 1 has an invalid length.
[ 1525.099373][T25665] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[ 1525.228677][T25682] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1526.356423][T25678] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1526.435844][T16691] usb 2-1: new low-speed USB device number 23 using dummy_hcd
[ 1526.440548][T25678] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1526.595607][T16691] usb 2-1: Invalid ep0 maxpacket: 32
[ 1526.677208][T25678] veth0: left promiscuous mode
[ 1526.733474][   T37] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.745646][T16691] usb 2-1: new low-speed USB device number 24 using dummy_hcd
[ 1526.760865][   T37] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1526.788975][   T37] netdevsim netdevsim0 netdevsim0: unset [1, 2] type 2 family 0 port 256 - 0
[ 1526.804756][   T37] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.814912][   T37] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1526.825286][   T37] netdevsim netdevsim0 netdevsim1: unset [1, 2] type 2 family 0 port 256 - 0
[ 1526.862000][   T37] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.909911][   T37] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1526.932164][   T37] netdevsim netdevsim0 netdevsim2: unset [1, 2] type 2 family 0 port 256 - 0
[ 1526.936388][T16691] usb 2-1: Invalid ep0 maxpacket: 32
[ 1526.958591][   T37] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.962393][T16691] usb usb2-port1: attempt power cycle
[ 1526.977029][   T37] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1526.987317][   T37] netdevsim netdevsim0 netdevsim3: unset [1, 2] type 2 family 0 port 256 - 0
[ 1527.021168][T25702] netlink: 'syz.0.5253': attribute type 9 has an invalid length.
[ 1527.029353][T25702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5253'.
[ 1527.128483][   T44] usb 6-1: new high-speed USB device number 109 using dummy_hcd
[ 1527.285287][   T44] usb 6-1: Using ep0 maxpacket: 8
[ 1527.296417][   T44] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1527.307738][   T44] usb 6-1: config 8 has an invalid interface number: 79 but max is 0
[ 1527.317016][T16691] usb 2-1: new low-speed USB device number 25 using dummy_hcd
[ 1527.328606][   T44] usb 6-1: config 8 has no interface number 0
[ 1527.335386][   T44] usb 6-1: config 8 interface 79 altsetting 1 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[ 1527.349163][   T44] usb 6-1: config 8 interface 79 has no altsetting 0
[ 1527.356526][T16691] usb 2-1: Invalid ep0 maxpacket: 32
[ 1527.367925][   T44] usb 6-1: New USB device found, idVendor=0499, idProduct=5002, bcdDevice=55.05
[ 1527.378176][   T44] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1527.387347][   T44] usb 6-1: Product: syz
[ 1527.391847][   T44] usb 6-1: Manufacturer: syz
[ 1527.546694][   T44] usb 6-1: SerialNumber: syz
[ 1527.615343][T16691] usb 2-1: new low-speed USB device number 26 using dummy_hcd
[ 1527.664039][T16691] usb 2-1: Invalid ep0 maxpacket: 32
[ 1527.674223][T16691] usb usb2-port1: unable to enumerate USB device
[ 1527.765555][T25717] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 2, id = 0
[ 1527.778641][T25698] IPVS: stopping master sync thread 25717 ...
[ 1527.808388][   T44] usb 6-1: bad CDC descriptors
[ 1527.855462][T23644] usb 1-1: new full-speed USB device number 87 using dummy_hcd
[ 1527.868692][   T44] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1527.977901][   T44] snd-usb-audio 6-1:8.79: probe with driver snd-usb-audio failed with error -2
[ 1528.009189][T25719] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5259'.
[ 1528.023770][   T44] usb 6-1: USB disconnect, device number 109
[ 1528.033499][T23644] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1528.057537][T23644] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1528.076561][T23644] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1528.086767][T23644] usb 1-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 1528.089822][T25448] udevd[25448]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:8.79/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1528.118804][T23644] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1528.141759][T23644] usb 1-1: config 0 descriptor??
[ 1528.570305][T23644] hid-steam 0003:28DE:1102.0027: unknown main item tag 0x0
[ 1528.588545][T23644] hid-steam 0003:28DE:1102.0027: unknown main item tag 0x0
[ 1528.607521][T23644] hid-steam 0003:28DE:1102.0027: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[ 1528.675805][T23644] hid-steam 0003:28DE:1102.0027: Steam Controller 'XXXXXXXXXX' connected
[ 1528.696474][T23644] input: Steam Controller as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1102.0027/input/input65
[ 1528.746789][   T30] audit: type=1326 audit(1762284155.406:4076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25728 comm="syz.5.5263" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27b378f6c9 code=0x0
[ 1528.791534][T23644] hid-steam 0003:28DE:1102.0028: unknown main item tag 0x0
[ 1528.887187][T23644] hid-steam 0003:28DE:1102.0028: unknown main item tag 0x0
[ 1528.968481][T23644] hid-steam 0003:28DE:1102.0028: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[ 1529.855683][T23644] usb 1-1: reset full-speed USB device number 87 using dummy_hcd
[ 1530.848001][T16691] usb 1-1: USB disconnect, device number 87
[ 1530.903074][T16691] hid-steam 0003:28DE:1102.0027: Steam Controller 'XXXXXXXXXX' disconnected
[ 1531.387448][T25759] syzkaller1: entered promiscuous mode
[ 1531.393625][T25759] syzkaller1: entered allmulticast mode
[ 1531.404938][T25759] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1531.568562][T25769] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5272'.
[ 1532.771567][   T30] audit: type=1326 audit(1762284159.426:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1532.941114][   T30] audit: type=1326 audit(1762284159.426:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.079002][   T30] audit: type=1326 audit(1762284159.426:4079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.112791][   T30] audit: type=1326 audit(1762284159.426:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.223967][   T30] audit: type=1326 audit(1762284159.426:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.323653][   T30] audit: type=1326 audit(1762284159.426:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.405281][   T30] audit: type=1326 audit(1762284159.426:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.465273][   T30] audit: type=1326 audit(1762284159.426:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.565468][   T30] audit: type=1326 audit(1762284159.426:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1533.673341][   T30] audit: type=1326 audit(1762284159.426:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25779 comm="syz.0.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1537.395318][T25835] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5288'.
[ 1537.495553][ T5938] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1537.670198][ T5938] usb 2-1: config 252 has an invalid interface number: 254 but max is 0
[ 1537.696048][ T5938] usb 2-1: config 252 has an invalid descriptor of length 0, skipping remainder of the config
[ 1537.745547][ T5938] usb 2-1: config 252 has no interface number 0
[ 1537.752402][ T5938] usb 2-1: config 252 interface 254 has no altsetting 0
[ 1537.795674][ T5938] usb 2-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=46.29
[ 1537.809810][ T5938] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1537.823972][ T5938] usb 2-1: Product: syz
[ 1537.831350][ T5938] usb 2-1: Manufacturer: syz
[ 1537.836816][ T5938] usb 2-1: SerialNumber: syz
[ 1537.872685][ T5938] bfusb 2-1:252.254: probe with driver bfusb failed with error -5
[ 1538.052148][T25843] netlink: 'syz.0.5291': attribute type 3 has an invalid length.
[ 1538.082232][T25831] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1538.099525][T25831] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1538.121241][   T30] kauditd_printk_skb: 910 callbacks suppressed
[ 1538.121255][   T30] audit: type=1326 audit(1762284164.776:4997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25830 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ba38f6c9 code=0x7ffc0000
[ 1538.185645][ T5938] usb 2-1: USB disconnect, device number 27
[ 1538.206556][   T30] audit: type=1326 audit(1762284164.816:4998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25830 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ba38f6c9 code=0x7ffc0000
[ 1538.242654][T25847] macvtap1: entered allmulticast mode
[ 1538.250880][T25847] veth0_macvtap: entered allmulticast mode
[ 1539.815437][ T5938] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[ 1540.033829][ T5938] usb 1-1: Using ep0 maxpacket: 32
[ 1540.048160][ T5938] usb 1-1: config 0 has an invalid interface number: 150 but max is 0
[ 1540.057019][ T5938] usb 1-1: config 0 has no interface number 0
[ 1540.063748][ T5938] usb 1-1: New USB device found, idVendor=17cc, idProduct=baff, bcdDevice=e1.1f
[ 1540.078197][ T5938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1540.107231][ T5938] usb 1-1: config 0 descriptor??
[ 1540.333409][ T5938] usb 1-1: string descriptor 0 read error: -71
[ 1540.346606][ T5938] snd-usb-caiaq 1-1:0.150: can't set alt interface.
[ 1540.363689][ T5938] usb 1-1: unable to init card! (ret=-5)
[ 1540.378721][ T5938] snd-usb-caiaq 1-1:0.150: probe with driver snd-usb-caiaq failed with error -5
[ 1540.415077][ T5938] usb 1-1: USB disconnect, device number 88
[ 1540.911659][T25894] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5303'.
[ 1540.943217][T25894] vim2m vim2m.0: vidioc_s_fmt queue busy
[ 1541.687966][T25902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1541.821051][T25902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1542.046665][T25904] IPVS: stopping master sync thread 25663 ...
[ 1544.912557][T25934] FAULT_INJECTION: forcing a failure.
[ 1544.912557][T25934] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.945572][T25934] CPU: 1 UID: 0 PID: 25934 Comm: syz.2.5314 Not tainted syzkaller #0 PREEMPT(full) 
[ 1544.945600][T25934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1544.945611][T25934] Call Trace:
[ 1544.945617][T25934]  <TASK>
[ 1544.945625][T25934]  dump_stack_lvl+0x189/0x250
[ 1544.945652][T25934]  ? __pfx____ratelimit+0x10/0x10
[ 1544.945673][T25934]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1544.945694][T25934]  ? __pfx__printk+0x10/0x10
[ 1544.945725][T25934]  ? __pfx___might_resched+0x10/0x10
[ 1544.945741][T25934]  ? fs_reclaim_acquire+0x7d/0x100
[ 1544.945770][T25934]  should_fail_ex+0x414/0x560
[ 1544.945797][T25934]  should_failslab+0xa8/0x100
[ 1544.945814][T25934]  __kvmalloc_node_noprof+0x158/0x910
[ 1544.945839][T25934]  ? traverse+0xde/0x580
[ 1544.945864][T25934]  traverse+0xde/0x580
[ 1544.945883][T25934]  ? __alloc_frozen_pages_noprof+0x1d6/0x370
[ 1544.945913][T25934]  seq_read_iter+0xd08/0xe20
[ 1544.945937][T25934]  ? set_page_refcounted+0x76/0x160
[ 1544.945968][T25934]  proc_reg_read_iter+0x1b7/0x280
[ 1544.945994][T25934]  copy_splice_read+0x5d4/0xa50
[ 1544.946027][T25934]  ? __pfx_copy_splice_read+0x10/0x10
[ 1544.946048][T25934]  ? look_up_lock_class+0x74/0x170
[ 1544.946071][T25934]  ? register_lock_class+0x51/0x320
[ 1544.946095][T25934]  ? alloc_pipe_info+0x374/0x4d0
[ 1544.946119][T25934]  ? __pfx_copy_splice_read+0x10/0x10
[ 1544.946140][T25934]  splice_direct_to_actor+0x4a9/0xcc0
[ 1544.946179][T25934]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1544.946202][T25934]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1544.946234][T25934]  do_splice_direct+0x181/0x270
[ 1544.946260][T25934]  ? __pfx_do_splice_direct+0x10/0x10
[ 1544.946284][T25934]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1544.946305][T25934]  ? rw_verify_area+0x255/0x4d0
[ 1544.946329][T25934]  do_sendfile+0x4da/0x7e0
[ 1544.946352][T25934]  ? __pfx_do_sendfile+0x10/0x10
[ 1544.946378][T25934]  __se_sys_sendfile64+0xd9/0x190
[ 1544.946395][T25934]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 1544.946414][T25934]  ? do_syscall_64+0xbe/0xfa0
[ 1544.946437][T25934]  do_syscall_64+0xfa/0xfa0
[ 1544.946456][T25934]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1544.946476][T25934]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1544.946491][T25934]  ? clear_bhb_loop+0x60/0xb0
[ 1544.946509][T25934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1544.946524][T25934] RIP: 0033:0x7ff5ff38f6c9
[ 1544.946540][T25934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1544.946553][T25934] RSP: 002b:00007ff600286038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1544.946569][T25934] RAX: ffffffffffffffda RBX: 00007ff5ff5e5fa0 RCX: 00007ff5ff38f6c9
[ 1544.946581][T25934] RDX: 0000200000002080 RSI: 0000000000000003 RDI: 0000000000000004
[ 1544.946591][T25934] RBP: 00007ff600286090 R08: 0000000000000000 R09: 0000000000000000
[ 1544.946600][T25934] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[ 1544.946609][T25934] R13: 00007ff5ff5e6038 R14: 00007ff5ff5e5fa0 R15: 00007ff5ff70fa28
[ 1544.946634][T25934]  </TASK>
[ 1545.332915][T25937] input: syz1 as /devices/virtual/input/input66
[ 1546.151279][T25964] xt_hashlimit: max too large, truncated to 1048576
[ 1546.245510][T16691] usb 3-1: new full-speed USB device number 74 using dummy_hcd
[ 1546.475312][ T5938] usb 6-1: new high-speed USB device number 110 using dummy_hcd
[ 1546.498668][T16691] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1546.515303][T16691] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[ 1546.528385][T16691] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1546.796532][T16691] usb 3-1: config 0 descriptor??
[ 1546.800491][ T5938] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1546.816330][T25958] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1546.830000][ T5938] usb 6-1: unable to read config index 0 descriptor/start: -71
[ 1546.865232][ T5938] usb 6-1: can't read configurations, error -71
[ 1547.365570][T16691] cherry 0003:046A:0027.0029: item fetching failed at offset 2/5
[ 1547.379224][T16691] cherry 0003:046A:0027.0029: probe with driver cherry failed with error -22
[ 1547.723900][T25980] bond3 (unregistering): Released all slaves
[ 1548.319799][T25994] netlink: 'syz.5.5328': attribute type 3 has an invalid length.
[ 1548.964252][T26006] program syz.5.5333 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1548.974751][T26006] netlink: 'syz.5.5333': attribute type 21 has an invalid length.
[ 1549.023700][ T5938] usb 3-1: USB disconnect, device number 74
[ 1549.311710][T26008] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1549.328415][T26006] netlink: 'syz.5.5333': attribute type 6 has an invalid length.
[ 1549.425327][T26006] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5333'.
[ 1551.416096][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.422837][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1552.165394][T26049] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5342'.
[ 1552.236086][T26044] syzkaller0: entered promiscuous mode
[ 1552.241651][T26044] syzkaller0: entered allmulticast mode
[ 1552.252884][T26050] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1552.338513][T26042] bond4: option lacp_rate: invalid value (129)
[ 1552.478430][T26042] bond4 (unregistering): Released all slaves
[ 1553.173833][T26061] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5346'.
[ 1553.375450][ T5938] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[ 1553.513314][T26072] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5351'.
[ 1553.553057][ T5938] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1553.575498][T26072] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5351'.
[ 1553.614061][ T5938] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1553.634319][ T5938] usb 6-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da
[ 1553.650240][ T5938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1553.686854][ T5938] usb 6-1: config 0 descriptor??
[ 1553.939628][T26079] kvm: pic: non byte write
[ 1553.945869][T26079] kvm: vcpu 0: requested 3328 ns lapic timer period limited to 200000 ns
[ 1553.962186][T26079] kvm: pic: non byte write
[ 1555.815331][ T5938] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[ 1555.853272][T16667] usb 6-1: USB disconnect, device number 112
[ 1555.905299][T23644] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1555.975902][ T5938] usb 1-1: Using ep0 maxpacket: 8
[ 1555.989140][ T5938] usb 1-1: config 0 has an invalid interface number: 186 but max is 0
[ 1556.008462][ T5938] usb 1-1: config 0 has no interface number 0
[ 1556.017197][ T5938] usb 1-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1556.035788][ T5938] usb 1-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[ 1556.075327][ T5938] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1556.086971][T23644] usb 2-1: Using ep0 maxpacket: 32
[ 1556.093845][T23644] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1556.112636][ T5938] usb 1-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1556.120696][T23644] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1556.150522][T26108] tipc: Started in network mode
[ 1556.151539][ T5938] usb 1-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[ 1556.155696][T23644] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1556.174108][T26108] tipc: Node identity , cluster identity 4711
[ 1556.175045][ T5938] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1556.181608][T26108] tipc: Failed to obtain node identity
[ 1556.197097][T26108] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1556.205285][ T5938] usb 1-1: Product: syz
[ 1556.206310][T23644] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1556.215396][ T5938] usb 1-1: Manufacturer: syz
[ 1556.221881][T26109] syzkaller0: entered promiscuous mode
[ 1556.231536][T26109] syzkaller0: entered allmulticast mode
[ 1556.231717][ T5938] usb 1-1: SerialNumber: syz
[ 1556.238777][T23644] usb 2-1: config 0 descriptor??
[ 1556.275837][T23644] hub 2-1:0.0: USB hub found
[ 1556.283386][ T5938] usb 1-1: config 0 descriptor??
[ 1556.389402][T26111] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1556.463493][T23644] hub 2-1:0.0: 1 port detected
[ 1556.509787][ T5938] iowarrior 1-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[ 1556.520521][T26117] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5363'.
[ 1556.530801][   T44] usb 6-1: new high-speed USB device number 113 using dummy_hcd
[ 1556.540518][T26117] netlink: 44 bytes leftover after parsing attributes in process `syz.7.5363'.
[ 1556.666304][   T44] usb 6-1: device descriptor read/64, error -71
[ 1556.751907][ T5938] usb 1-1: USB disconnect, device number 89
[ 1556.758241][    C0] iowarrior 1-1:0.186: iowarrior_callback - usb_submit_urb failed with result -19
[ 1556.918313][   T44] usb 6-1: new high-speed USB device number 114 using dummy_hcd
[ 1557.065343][   T44] usb 6-1: device descriptor read/64, error -71
[ 1557.073963][T23644] hub 2-1:0.0: activate --> -90
[ 1557.178156][   T44] usb usb6-port1: attempt power cycle
[ 1557.554546][   T44] usb 6-1: new high-speed USB device number 115 using dummy_hcd
[ 1557.586453][   T44] usb 6-1: device descriptor read/8, error -71
[ 1557.745383][T16691] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[ 1557.825519][   T44] usb 6-1: new high-speed USB device number 116 using dummy_hcd
[ 1557.863862][   T44] usb 6-1: device descriptor read/8, error -71
[ 1557.895704][T16691] usb 1-1: Using ep0 maxpacket: 8
[ 1557.906533][T16691] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1557.922168][T16691] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1557.936740][T16691] usb 1-1: Product: syz
[ 1557.941848][T16691] usb 1-1: Manufacturer: syz
[ 1557.950856][T16691] usb 1-1: SerialNumber: syz
[ 1557.964816][T16691] usb 1-1: config 0 descriptor??
[ 1557.975640][   T44] usb usb6-port1: unable to enumerate USB device
[ 1558.174814][T16691] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1558.737400][T23644] hub 2-1:0.0: hub_ext_port_status failed (err = -32)
[ 1558.765570][   T44] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1558.782495][T23644] usb 2-1-port1: cannot reset (err = -32)
[ 1558.805252][T23644] usb 2-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 1558.816343][T23644] usb 2-1-port1: cannot disable (err = -32)
[ 1558.837336][T23644] usb 2-1-port1: cannot reset (err = -32)
[ 1558.853940][T23644] usb 2-1-port1: cannot reset (err = -32)
[ 1558.859938][T23644] usb 2-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 1558.870926][T23644] usb 2-1-port1: cannot disable (err = -32)
[ 1558.884035][T23644] usb 2-1-port1: attempt power cycle
[ 1558.959357][   T44] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1558.970363][   T44] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1558.981072][   T44] usb 3-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da
[ 1558.992933][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1559.006832][   T44] usb 3-1: config 0 descriptor??
[ 1559.088389][ T5938] usb 2-1: USB disconnect, device number 28
[ 1559.424533][T16691] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1559.444975][T16691] usb 1-1: USB disconnect, device number 90
[ 1560.452788][T26177] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5380'.
[ 1560.465405][T16691] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[ 1560.520298][T26177] netlink: 'syz.5.5380': attribute type 1 has an invalid length.
[ 1560.558274][T26177] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5380'.
[ 1560.627481][T16691] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1560.648458][T16691] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1560.662665][T16691] usb 1-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[ 1560.674657][T16691] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.702486][T16691] usb 1-1: config 0 descriptor??
[ 1560.951097][T26196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5382'.
[ 1561.185736][T16691] usb 1-1: string descriptor 0 read error: -71
[ 1561.216667][T26199] tipc: Started in network mode
[ 1561.238384][T16691] usb 1-1: USB disconnect, device number 91
[ 1561.254336][T26199] tipc: Node identity f6692f408cf4, cluster identity 4711
[ 1561.304985][T26199] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1561.368103][ T5938] usb 3-1: USB disconnect, device number 75
[ 1562.184943][T26200] syzkaller0: entered promiscuous mode
[ 1562.215453][T26200] syzkaller0: entered allmulticast mode
[ 1562.315573][   T44] tipc: Node number set to 2057121600
[ 1562.321947][T26197] tipc: Resetting bearer <eth:syzkaller0>
[ 1562.378707][T26197] tipc: Disabling bearer <eth:syzkaller0>
[ 1563.058803][T16667] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1563.235279][T16667] usb 2-1: device descriptor read/64, error -71
[ 1563.476009][T16667] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1563.648690][T16667] usb 2-1: device descriptor read/64, error -71
[ 1563.758489][T16667] usb usb2-port1: attempt power cycle
[ 1564.135302][T16667] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1564.186057][T16667] usb 2-1: device descriptor read/8, error -71
[ 1564.445347][T16667] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1564.497853][T16667] usb 2-1: device descriptor read/8, error -71
[ 1564.607652][T16667] usb usb2-port1: unable to enumerate USB device
[ 1565.122738][T26261] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=1963084399 (125637401536 ns) > initial count (24203414208 ns). Using initial count to start timer.
[ 1565.238433][T26265] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5404'.
[ 1569.234947][T26303] syzkaller0: entered promiscuous mode
[ 1569.327665][T26303] syzkaller0: entered allmulticast mode
[ 1569.471713][T26315] netlink: 196 bytes leftover after parsing attributes in process `syz.5.5417'.
[ 1569.762634][T16667] usb 6-1: new high-speed USB device number 117 using dummy_hcd
[ 1570.014197][T16667] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1570.048156][T16667] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1570.123359][T26331] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5421'.
[ 1570.229713][T16667] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1570.357282][T16667] usb 6-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[ 1570.389008][T16667] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1570.437518][T16667] usb 6-1: Product: syz
[ 1570.469568][T16667] usb 6-1: Manufacturer: syz
[ 1570.485569][T16667] usb 6-1: SerialNumber: syz
[ 1570.485578][   T44] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1570.535653][T16667] usb 6-1: config 0 descriptor??
[ 1570.550241][T26315] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1570.637388][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1570.650554][   T44] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1570.660519][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1570.669547][   T44] usb 2-1: Product: syz
[ 1570.689818][   T44] usb 2-1: Manufacturer: syz
[ 1570.712052][   T44] usb 2-1: SerialNumber: syz
[ 1570.757483][   T44] usb 2-1: config 0 descriptor??
[ 1570.808804][T16667] powermate: unknown product id 0240
[ 1570.814345][T16667] powermate: Expected payload of 3--6 bytes, found 1024 bytes!
[ 1570.886926][T16667] input: Griffin SoundKnob as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input67
[ 1571.235573][T26315] netlink: 64859 bytes leftover after parsing attributes in process `syz.5.5417'.
[ 1571.302096][    C0] powermate: config urb returned -71
[ 1571.307759][    C0] powermate: config urb returned -71
[ 1571.313366][    C0] powermate: config urb returned -71
[ 1571.319355][T16667] usb 6-1: USB disconnect, device number 117
[ 1571.325430][    C0] powermate 6-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[ 1573.141996][T16691] usb 2-1: USB disconnect, device number 37
[ 1575.021873][T26367] syzkaller1: entered promiscuous mode
[ 1575.030669][T26367] syzkaller1: entered allmulticast mode
[ 1575.305362][T16667] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[ 1575.465275][T16667] usb 1-1: Using ep0 maxpacket: 16
[ 1575.472729][T16667] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1575.483050][T16667] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1575.494128][T16667] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1575.504178][T16667] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1575.516389][T16667] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1575.530809][T16667] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1575.540191][T16667] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1575.548828][T16667] usb 1-1: Manufacturer: syz
[ 1575.564432][T16667] usb 1-1: config 0 descriptor??
[ 1575.837533][T16667] rc_core: IR keymap rc-hauppauge not found
[ 1575.843657][T16667] Registered IR keymap rc-empty
[ 1575.851399][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1575.876362][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1575.896831][T16667] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[ 1575.913090][T16667] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input68
[ 1575.929797][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1575.955399][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1575.975736][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1575.996594][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.025693][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.075758][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.096287][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.115436][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.135904][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.164372][T16667] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1576.226532][T16667] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1576.264410][T16667] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1576.356528][T16667] usb 1-1: USB disconnect, device number 92
[ 1576.491702][T26392] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5435'.
[ 1576.596820][T26394] input: syz1 as /devices/virtual/input/input69
[ 1577.183598][T16691] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1577.302577][T26407] netlink: 'syz.0.5440': attribute type 6 has an invalid length.
[ 1577.489761][T16691] usb 2-1: Using ep0 maxpacket: 16
[ 1577.514075][T16691] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=29.00
[ 1577.523637][T16691] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1577.534740][T26408] IPVS: length: 149 != 8
[ 1577.540855][T16691] usb 2-1: Product: syz
[ 1577.607983][T16691] usb 2-1: Manufacturer: syz
[ 1577.612662][T16691] usb 2-1: SerialNumber: syz
[ 1577.770741][T16691] usb 2-1: config 0 descriptor??
[ 1577.815047][T26392] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1577.838499][T26392] bond_slave_0: left promiscuous mode
[ 1577.856709][T16691] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1577.946727][T16691] usb 2-1: Detected FT4233HP
[ 1577.976824][T26392] bond0 (unregistering): Released all slaves
[ 1578.303089][T26397] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5437'.
[ 1579.115435][T16667] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1579.275457][T16667] usb 3-1: Using ep0 maxpacket: 16
[ 1579.284735][T16667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1579.312194][T16667] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1579.322430][T16667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1579.353903][T16667] usb 3-1: config 0 descriptor??
[ 1579.776746][T16667] usbhid 3-1:0.0: can't add hid device: -71
[ 1579.782873][T16667] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1579.825769][T16667] usb 3-1: USB disconnect, device number 76
[ 1580.503929][T16691] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1580.524380][T16691] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1580.544109][T16691] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1581.096173][T16691] usb 2-1: USB disconnect, device number 38
[ 1581.108669][T16691] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1581.149961][T26445] netlink: 25 bytes leftover after parsing attributes in process `syz.1.5452'.
[ 1581.168710][T16691] ftdi_sio 2-1:0.0: device disconnected
[ 1581.200393][T26446] netlink: 'syz.1.5452': attribute type 4 has an invalid length.
[ 1581.705313][T16667] usb 3-1: new full-speed USB device number 77 using dummy_hcd
[ 1581.928250][T16667] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[ 1582.010606][T16667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1582.359730][T16667] usb 3-1: config 0 descriptor??
[ 1582.377005][T16667] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1582.649135][T16667] gp8psk: usb in 128 operation failed.
[ 1583.516249][T26473] syzkaller0: left promiscuous mode
[ 1584.743244][T16667] gp8psk: usb in 137 operation failed.
[ 1584.752275][T16667] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[ 1584.820537][T16667] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[ 1584.879158][T16667] usb 3-1: USB disconnect, device number 77
[ 1585.894062][T26499] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5466'.
[ 1585.912899][T26499] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1586.217395][T16667] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1586.368030][T26504] netlink: 76 bytes leftover after parsing attributes in process `syz.7.5468'.
[ 1586.399052][T16667] usb 2-1: device descriptor read/64, error -71
[ 1587.104638][T16667] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1587.435623][T16667] usb 2-1: device descriptor read/64, error -71
[ 1587.545609][T16667] usb usb2-port1: attempt power cycle
[ 1588.039316][T16667] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1588.116979][T16667] usb 2-1: device descriptor read/8, error -71
[ 1588.365274][T16667] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1588.434431][T16667] usb 2-1: device descriptor read/8, error -71
[ 1588.551122][T16667] usb usb2-port1: unable to enumerate USB device
[ 1589.082145][T26544] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[ 1589.236296][   T30] audit: type=1326 audit(1762284215.886:4999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.319602][   T30] audit: type=1326 audit(1762284215.906:5000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.385729][   T30] audit: type=1326 audit(1762284215.906:5001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.395425][T23644] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 1589.428174][   T30] audit: type=1326 audit(1762284215.906:5002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.451243][   T30] audit: type=1326 audit(1762284215.906:5003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.475764][   T30] audit: type=1326 audit(1762284215.906:5004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.535292][T16691] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1589.595828][   T30] audit: type=1326 audit(1762284215.906:5005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.641662][   T30] audit: type=1326 audit(1762284215.906:5006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.665841][   T30] audit: type=1326 audit(1762284215.906:5007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.812755][T16691] usb 3-1: Using ep0 maxpacket: 16
[ 1589.842373][T23644] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1589.862972][T23644] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1589.875500][   T30] audit: type=1326 audit(1762284215.906:5008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26547 comm="syz.2.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ff38f6c9 code=0x7ffc0000
[ 1589.921122][T16691] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1589.933398][T23644] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1589.942082][T16691] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1589.953425][T16691] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1589.965010][T23644] usb 1-1: config 0 descriptor??
[ 1589.981986][T23644] pwc: Askey VC010 type 2 USB webcam detected.
[ 1590.016881][T16691] usb 3-1: config 0 descriptor??
[ 1590.394755][T23644] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1590.416988][T23644] pwc: recv_control_msg error -32 req 02 val 2700
[ 1590.436560][T23644] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1590.454290][T23644] pwc: recv_control_msg error -32 req 04 val 1000
[ 1590.461739][T23644] pwc: recv_control_msg error -32 req 04 val 1300
[ 1590.526047][T16691] mcp2221 0003:04D8:00DD.002A: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[ 1590.555461][T23644] pwc: recv_control_msg error -71 req 04 val 1400
[ 1590.586043][T23644] pwc: recv_control_msg error -71 req 02 val 2000
[ 1590.605983][T23644] pwc: recv_control_msg error -71 req 02 val 2100
[ 1590.649356][T23644] pwc: recv_control_msg error -71 req 04 val 1500
[ 1590.685710][T23644] pwc: recv_control_msg error -71 req 02 val 2500
[ 1590.696566][T23644] pwc: recv_control_msg error -71 req 02 val 2400
[ 1590.736537][T23644] pwc: recv_control_msg error -71 req 02 val 2600
[ 1590.773699][T23644] pwc: recv_control_msg error -71 req 02 val 2900
[ 1590.797363][T23644] pwc: recv_control_msg error -71 req 02 val 2800
[ 1590.810401][T23644] pwc: recv_control_msg error -71 req 04 val 1100
[ 1590.821098][T23644] pwc: recv_control_msg error -71 req 04 val 1200
[ 1590.861485][T23644] pwc: Registered as video103.
[ 1590.881543][T23644] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input70
[ 1590.933075][T23644] usb 1-1: USB disconnect, device number 93
[ 1590.972016][T16667] usb 3-1: USB disconnect, device number 78
[ 1591.585303][T23644] usb 6-1: new low-speed USB device number 118 using dummy_hcd
[ 1591.747110][T23644] usb 6-1: config 0 has an invalid interface number: 233 but max is 0
[ 1591.755886][T23644] usb 6-1: config 0 has no interface number 0
[ 1591.763214][T23644] usb 6-1: New USB device found, idVendor=0d8e, idProduct=7801, bcdDevice=ad.81
[ 1591.773115][T23644] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1591.798096][T23644] usb 6-1: config 0 descriptor??
[ 1591.808533][T23644] usb 6-1: Could not find all expected endpoints
[ 1592.011320][T26580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1592.022732][T26580] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1592.038293][T16691] usb 6-1: USB disconnect, device number 118
[ 1592.135334][T23644] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1592.305268][T23644] usb 2-1: Using ep0 maxpacket: 8
[ 1592.317285][T23644] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1592.335299][T23644] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[ 1592.365319][T23644] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 1592.397272][T23644] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1592.416361][T23644] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1592.456644][T23644] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 1592.475458][T23644] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 1592.494131][T23644] usb 2-1: Product: syz
[ 1592.498822][T23644] usb 2-1: Manufacturer: syz
[ 1592.504314][T23644] usb 2-1: SerialNumber: syz
[ 1592.524936][T23644] usb 2-1: config 0 descriptor??
[ 1592.746689][T23644] radio-si470x 2-1:0.0: DeviceID=0x0000 ChipID=0x0000
[ 1593.078454][T26609] netlink: 'syz.2.5499': attribute type 6 has an invalid length.
[ 1593.092494][T23644] radio-si470x 2-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[ 1593.137631][T23644] radio-si470x 2-1:0.0: software version 0, hardware version 0
[ 1593.145727][T23644] radio-si470x 2-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[ 1593.164043][T23644] radio-si470x 2-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[ 1593.305230][T16667] usb 6-1: new high-speed USB device number 119 using dummy_hcd
[ 1593.395611][T23644] radio-si470x 2-1:0.0: submitting int urb failed (-90)
[ 1593.425332][T16691] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1593.484488][T16667] usb 6-1: config 0 has an invalid interface number: 244 but max is 0
[ 1593.493091][T16667] usb 6-1: config 0 has no interface number 0
[ 1593.499532][T16667] usb 6-1: config 0 interface 244 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1593.518773][T16667] usb 6-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=92.c2
[ 1593.528266][T16667] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1593.536787][T16667] usb 6-1: Product: syz
[ 1593.541218][T16667] usb 6-1: Manufacturer: syz
[ 1593.548758][T16667] usb 6-1: SerialNumber: syz
[ 1593.595341][T16691] usb 3-1: Using ep0 maxpacket: 32
[ 1593.602891][T16691] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1593.606765][T16667] usb 6-1: config 0 descriptor??
[ 1593.621452][T16691] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1593.635352][T16691] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1593.656702][T16691] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1593.681984][T16691] usb 3-1: config 0 descriptor??
[ 1593.697539][T16691] hub 3-1:0.0: USB hub found
[ 1593.796443][T26606] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1593.845232][T16667] usbserial_generic 6-1:0.244: The "generic" usb-serial driver is only for testing and one-off prototypes.
[ 1593.877767][T16667] usbserial_generic 6-1:0.244: Tell linux-usb@vger.kernel.org to add your device to a proper driver.
[ 1593.889150][T16667] usbserial_generic 6-1:0.244: generic converter detected
[ 1593.900480][T16691] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1593.915820][T16667] usb 6-1: generic converter now attached to ttyUSB0
[ 1594.102964][T26606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1594.114590][T26606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1594.320058][T16691] hid-generic 0003:046D:C31C.002B: item fetching failed at offset 0/1
[ 1594.328472][   T44] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 1594.337063][T16691] hid-generic 0003:046D:C31C.002B: probe with driver hid-generic failed with error -22
[ 1594.362406][T26586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1594.371766][T26586] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1594.382321][T23644] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 1594.392064][T23644] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22
[ 1594.406644][T23644] usb 2-1: USB disconnect, device number 43
[ 1594.495279][   T44] usb 1-1: Using ep0 maxpacket: 8
[ 1594.502529][   T44] usb 1-1: config 127 has an invalid interface number: 171 but max is 1
[ 1594.511627][   T44] usb 1-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config
[ 1594.522147][   T44] usb 1-1: config 127 has 1 interface, different from the descriptor's value: 2
[ 1594.532014][   T44] usb 1-1: config 127 has no interface number 0
[ 1594.538589][   T44] usb 1-1: config 127 interface 171 has no altsetting 0
[ 1594.548236][   T44] usb 1-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9
[ 1594.557486][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1594.565788][   T44] usb 1-1: Product: syz
[ 1594.570000][   T44] usb 1-1: Manufacturer: syz
[ 1594.574742][   T44] usb 1-1: SerialNumber: syz
[ 1594.612783][T26609] bond3: invalid ARP target 0.0.0.0 specified for addition
[ 1594.620307][T26609] bond3: option arp_ip_target: invalid value (0)
[ 1594.629684][T26609] bond3 (unregistering): Released all slaves
[ 1594.797842][   T44] usb 1-1: USB disconnect, device number 94
[ 1594.815559][T16667] usb 3-1: USB disconnect, device number 79
[ 1595.014944][T26619] IPVS: Error connecting to the multicast addr
[ 1595.027797][T26619] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5503'.
[ 1595.495322][T16667] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1595.667847][T16667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1595.677815][T16667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 35, changing to 7
[ 1595.702145][T16667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 41963, setting to 1024
[ 1595.738126][T16667] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1595.758430][ T5938] usb 6-1: USB disconnect, device number 119
[ 1595.764528][T16667] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1595.789340][T16667] usb 3-1: Product: syz
[ 1595.794238][ T5938] generic ttyUSB0: generic converter now disconnected from ttyUSB0
[ 1595.803863][T16667] usb 3-1: Manufacturer: syz
[ 1595.816428][ T5938] usbserial_generic 6-1:0.244: device disconnected
[ 1595.823104][T16667] usb 3-1: SerialNumber: syz
[ 1595.851068][T16667] usb 3-1: config 0 descriptor??
[ 1595.865888][T16667] usb 3-1: 0:0 : invalid sync pipe. bmAttributes 01, bLength 9, bSynchAddress 7f
[ 1596.262271][T16667] usb 3-1: USB disconnect, device number 80
[ 1596.735872][T25445] udevd[25445]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1596.924799][T26651] IPVS: Error connecting to the multicast addr
[ 1597.195589][T16667] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1597.336464][T26658] IPVS: Error connecting to the multicast addr
[ 1597.365588][T16667] usb 3-1: Using ep0 maxpacket: 32
[ 1597.387030][T16667] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 1597.405253][T16667] usb 3-1: config 0 has no interface number 0
[ 1597.418791][T16667] usb 3-1: config 0 interface 89 has no altsetting 0
[ 1597.465306][T16667] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 1597.475684][T16667] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1597.491186][T16667] usb 3-1: Product: syz
[ 1597.507721][T16667] usb 3-1: Manufacturer: syz
[ 1597.523434][T16667] usb 3-1: SerialNumber: syz
[ 1597.543929][T16667] usb 3-1: config 0 descriptor??
[ 1597.561118][T16667] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1597.570935][T16667] em28xx 3-1:0.89: Video interface 89 found: bulk
[ 1597.725313][T23644] usb 1-1: new full-speed USB device number 95 using dummy_hcd
[ 1597.745427][   T44] usb 6-1: new high-speed USB device number 120 using dummy_hcd
[ 1597.855293][T23644] usb 1-1: device descriptor read/64, error -71
[ 1597.885629][   T44] usb 6-1: device descriptor read/64, error -71
[ 1598.115248][T23644] usb 1-1: new full-speed USB device number 96 using dummy_hcd
[ 1598.152056][T26676] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5521'.
[ 1598.162494][T16667] em28xx 3-1:0.89: chip ID is em28174
[ 1598.176954][   T44] usb 6-1: new high-speed USB device number 121 using dummy_hcd
[ 1598.255830][T23644] usb 1-1: device descriptor read/64, error -71
[ 1598.315283][   T44] usb 6-1: device descriptor read/64, error -71
[ 1598.364463][T26653] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1598.365792][T23644] usb usb1-port1: attempt power cycle
[ 1598.379714][T26653] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1598.425520][   T44] usb usb6-port1: attempt power cycle
[ 1598.650096][T16667] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1598.660751][T16667] em28xx 3-1:0.89: board has no eeprom
[ 1598.725259][T16667] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 1598.732856][T16667] em28xx 3-1:0.89: analog set to bulk mode.
[ 1598.739450][ T5938] em28xx 3-1:0.89: Registering V4L2 extension
[ 1598.745348][T23644] usb 1-1: new full-speed USB device number 97 using dummy_hcd
[ 1598.755530][T16667] usb 3-1: USB disconnect, device number 81
[ 1598.767372][   T44] usb 6-1: new high-speed USB device number 122 using dummy_hcd
[ 1598.776002][T16667] em28xx 3-1:0.89: Disconnecting em28xx
[ 1598.795993][T23644] usb 1-1: device descriptor read/8, error -71
[ 1598.803059][   T44] usb 6-1: device descriptor read/8, error -71
[ 1598.847988][ T5938] usb 3-1: Decoder not found
[ 1598.853164][ T5938] em28xx 3-1:0.89: failed to create media graph
[ 1598.860295][ T5938] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 1598.868903][ T5938] em28xx 3-1:0.89: Registering snapshot button...
[ 1598.880978][ T5938] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input71
[ 1598.893098][ T5938] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 1598.904059][T16667] em28xx 3-1:0.89: Closing input extension
[ 1598.911382][T16667] em28xx 3-1:0.89: Deregistering snapshot button
[ 1598.928871][T16667] em28xx 3-1:0.89: Freeing device
[ 1599.055715][T23644] usb 1-1: new full-speed USB device number 98 using dummy_hcd
[ 1599.064091][   T44] usb 6-1: new high-speed USB device number 123 using dummy_hcd
[ 1599.086070][T23644] usb 1-1: device descriptor read/8, error -71
[ 1599.092385][   T44] usb 6-1: device descriptor read/8, error -71
[ 1599.197694][T26682] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1599.207637][   T44] usb usb6-port1: unable to enumerate USB device
[ 1599.214686][T23644] usb usb1-port1: unable to enumerate USB device
[ 1600.315461][   T44] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1600.468096][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1600.480504][   T44] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1600.490347][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1600.500988][   T44] usb 3-1: Product: syz
[ 1600.505734][   T44] usb 3-1: Manufacturer: syz
[ 1600.511007][   T44] usb 3-1: SerialNumber: syz
[ 1600.525793][   T44] usb 3-1: config 0 descriptor??
[ 1601.107055][T26704] QAT: failed to copy from user.
[ 1601.577959][T26717] IPVS: Error connecting to the multicast addr
[ 1602.104710][   T44] hid-generic 0000:0003:0001.002C: unknown main item tag 0x0
[ 1602.116303][   T44] hid-generic 0000:0003:0001.002C: unknown main item tag 0x0
[ 1602.159279][   T44] hid-generic 0000:0003:0001.002C: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1602.434008][T26731] fido_id[26731]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1602.615369][   T44] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 1602.775285][   T44] usb 1-1: Using ep0 maxpacket: 8
[ 1602.792214][   T44] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1602.803198][   T44] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1602.814702][   T44] usb 1-1: config 1 interface 0 has no altsetting 0
[ 1602.832595][   T44] usb 1-1: New USB device found, idVendor=11c0, idProduct=5506, bcdDevice= 0.40
[ 1602.849301][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1602.863415][   T44] usb 1-1: Product: syz
[ 1602.870877][   T44] usb 1-1: Manufacturer: syz
[ 1602.880083][   T44] usb 1-1: SerialNumber: syz
[ 1603.094289][ T5938] usb 3-1: USB disconnect, device number 82
[ 1604.042686][T26744] bond3: entered allmulticast mode
[ 1604.419636][T26754] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[ 1604.466147][T26753] IPVS: stopping master sync thread 26754 ...
[ 1604.937820][T26769] netlink: 196 bytes leftover after parsing attributes in process `syz.1.5548'.
[ 1604.988313][T26769] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1605.151462][T26769] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5548'.
[ 1605.323241][   T44] usbhid 1-1:1.0: can't add hid device: -71
[ 1605.437761][   T44] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[ 1605.501579][   T44] usb 1-1: USB disconnect, device number 99
[ 1606.143464][T26791] netlink: 52 bytes leftover after parsing attributes in process `syz.5.5554'.
[ 1606.344301][T26795] syzkaller0: entered promiscuous mode
[ 1606.351579][T26795] syzkaller0: entered allmulticast mode
[ 1606.972783][   T44] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[ 1607.149632][   T44] usb 1-1: config 127 has an invalid interface number: 238 but max is 0
[ 1607.159750][   T44] usb 1-1: config 127 has no interface number 0
[ 1607.170787][   T44] usb 1-1: config 127 interface 238 has no altsetting 0
[ 1607.192400][   T44] usb 1-1: New USB device found, idVendor=413c, idProduct=8193, bcdDevice=fb.23
[ 1607.202416][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1607.225264][   T44] usb 1-1: Product: syz
[ 1607.234021][   T44] usb 1-1: Manufacturer: syz
[ 1607.244327][   T44] usb 1-1: SerialNumber: syz
[ 1608.765424][T16667] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1608.905245][T16667] usb 2-1: device descriptor read/64, error -71
[ 1609.200377][T16667] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1609.435269][T16667] usb 2-1: device descriptor read/64, error -71
[ 1609.435284][T22830] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[ 1609.566093][T16667] usb usb2-port1: attempt power cycle
[ 1609.630474][T22830] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1609.650948][T22830] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1609.675388][T22830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1609.716962][T22830] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1609.925378][T16667] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1609.928730][   T44] usb 1-1: USB disconnect, device number 100
[ 1609.933781][T26831] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1609.957025][T26831] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1609.966121][T16667] usb 2-1: device descriptor read/8, error -71
[ 1610.206585][T16667] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1610.246189][T16667] usb 2-1: device descriptor read/8, error -71
[ 1610.368093][T16667] usb usb2-port1: unable to enumerate USB device
[ 1610.412831][T26846] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5568'.
[ 1610.828921][T22830] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[ 1610.988117][T26853] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1610.997319][T26853] team0: Port device batadv1 added
[ 1611.013793][T22830] stv0680 6-1:4.0: STV(e): camera ping failed!!
[ 1611.211675][T22830] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[ 1611.220687][T22830] stv0680 6-1:4.0: last error: 0,  command = 0x0
[ 1611.484888][T22830] usb 6-1: USB disconnect, device number 124
[ 1612.505430][T16667] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1612.685344][T16667] usb 2-1: Using ep0 maxpacket: 32
[ 1612.705734][T16667] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1612.770674][T16667] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1612.780492][T16667] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1612.798754][T16667] usb 2-1: Product: syz
[ 1612.821937][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.828437][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1612.868143][T16667] usb 2-1: Manufacturer: syz
[ 1612.872914][T16667] usb 2-1: SerialNumber: syz
[ 1612.880915][T16667] usb 2-1: config 0 descriptor??
[ 1612.897911][T26875] netlink: 'syz.5.5578': attribute type 3 has an invalid length.
[ 1612.937065][T26875] netlink: 'syz.5.5578': attribute type 3 has an invalid length.
[ 1612.962671][T26875] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5578'.
[ 1613.253567][   T30] kauditd_printk_skb: 50 callbacks suppressed
[ 1613.253586][   T30] audit: type=1800 audit(1762284239.906:5059): pid=26878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5579" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[ 1613.311813][T26878] fuse: Unknown parameter 'rnotmoæ]�'
[ 1613.320251][T16667] gs_usb 2-1:0.0: Couldn't get device config: (err=-32)
[ 1613.328209][T16667] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -32
[ 1613.354787][T26866] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1613.487339][T26866] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1613.676746][T16667] usb 2-1: USB disconnect, device number 48
[ 1614.135683][T22830] usb 6-1: new high-speed USB device number 125 using dummy_hcd
[ 1614.251169][T26894] netlink: 112 bytes leftover after parsing attributes in process `syz.0.5583'.
[ 1614.302691][T22830] usb 6-1: Using ep0 maxpacket: 32
[ 1614.363576][T22830] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1614.379954][T22830] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1614.400413][T22830] usb 6-1: New USB device found, idVendor=0c72, idProduct=0011, bcdDevice= 9.75
[ 1614.420353][T22830] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1614.439150][T22830] usb 6-1: Product: syz
[ 1614.446974][T22830] usb 6-1: Manufacturer: syz
[ 1614.451752][T22830] usb 6-1: SerialNumber: syz
[ 1614.454814][T26898] bond3: option min_links: invalid value (18446744073709551608)
[ 1614.461900][T22830] usb 6-1: config 0 descriptor??
[ 1614.469839][T26898] bond3: option min_links: allowed values 0 - 2147483647
[ 1614.478678][T26898] bond3 (unregistering): Released all slaves
[ 1614.679722][T26911] PKCS7: Unknown OID: [5] (bad)
[ 1614.764703][T26911] PKCS7: Only support pkcs7_signedData type
[ 1616.759268][T22830] peak_usb 6-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[ 1616.786605][T22830] peak_usb 6-1:0.0: unable to read PCAN-USB Pro FD firmware info (err -71)
[ 1616.917277][T22830] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[ 1616.945325][T22830] usb 6-1: USB disconnect, device number 125
[ 1617.059486][T26930] bond0: Unable to set peer notification delay as MII monitoring is disabled
[ 1617.086941][T26930] bond0 (unregistering): Released all slaves
[ 1617.899669][T26941] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5596'.
[ 1618.495374][T22830] usb 3-1: new full-speed USB device number 83 using dummy_hcd
[ 1618.668514][T22830] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1618.677827][T22830] usb 3-1: not running at top speed; connect to a high speed hub
[ 1618.700933][T22830] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1618.734292][T22830] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1618.826732][T22830] usb 3-1: string descriptor 0 read error: -22
[ 1618.833488][T22830] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1618.873646][T22830] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1618.928583][T22830] usb 3-1: 0:2 : does not exist
[ 1619.280938][T26958] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5600'.
[ 1619.944676][T22830] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1619.956638][T22830] usb 3-1: Warning! Unlikely big volume range (=4294967294), cval->res is probably wrong.
[ 1619.989736][T22830] usb 3-1: [5] FU [Mic Capture Volume] ch = 1, val = -29061/-12091/-8016
[ 1620.309901][T22830] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1620.356023][T22830] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[ 1620.505523][T22830] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1620.729942][T22830] usb 3-1: USB disconnect, device number 83
[ 1620.883156][T26963] netlink: 'syz.5.5602': attribute type 1 has an invalid length.
[ 1620.925600][T26963] netlink: 56 bytes leftover after parsing attributes in process `syz.5.5602'.
[ 1621.515285][T16667] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1621.885612][T16667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1621.901467][T16667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1622.106034][T16667] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1622.120037][T16667] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1622.129330][T16667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1622.466537][T16667] usb 3-1: config 0 descriptor??
[ 1622.686590][T27001] netlink: 84 bytes leftover after parsing attributes in process `syz.7.5613'.
[ 1622.993382][T16667] plantronics 0003:047F:FFFF.002D: reserved main item tag 0xd
[ 1623.229960][T16667] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1623.745272][T16667] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 1623.865293][T22830] usb 3-1: USB disconnect, device number 84
[ 1623.949629][T16667] usb 1-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[ 1623.975412][T16667] usb 1-1: config 220 has 1 interface, different from the descriptor's value: 184
[ 1624.015103][T16667] usb 1-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[ 1624.079588][T27011] fido_id[27011]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1624.095447][T16667] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1624.119593][T16667] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[ 1624.319999][T16667] gspca_sn9c2028: read1 error -71
[ 1624.336191][T16667] gspca_sn9c2028: read1 error -71
[ 1624.380952][T16667] gspca_sn9c2028: read1 error -71
[ 1624.407824][T27024] syzkaller0: entered promiscuous mode
[ 1624.417126][T16667] sn9c2028 1-1:220.0: probe with driver sn9c2028 failed with error -71
[ 1624.427589][T27024] syzkaller0: entered allmulticast mode
[ 1624.445896][T16667] usb 1-1: USB disconnect, device number 101
[ 1625.385306][T16667] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 1625.680408][T16667] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1625.905229][T16667] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1625.914863][T16667] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1625.977747][T16667] usb 1-1: config 0 descriptor??
[ 1626.012528][T16667] pwc: Askey VC010 type 2 USB webcam detected.
[ 1626.450258][T16667] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1626.460726][T16667] pwc: recv_control_msg error -32 req 02 val 2700
[ 1626.477622][T16667] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1626.602512][T16667] pwc: recv_control_msg error -32 req 04 val 1000
[ 1626.639916][T16667] pwc: recv_control_msg error -32 req 04 val 1300
[ 1626.685849][T16667] pwc: recv_control_msg error -32 req 04 val 1400
[ 1626.693196][T16667] pwc: recv_control_msg error -32 req 02 val 2000
[ 1626.700887][T16667] pwc: recv_control_msg error -32 req 02 val 2100
[ 1626.781831][T16667] pwc: recv_control_msg error -32 req 04 val 1500
[ 1627.092210][T23644] usb 6-1: new high-speed USB device number 126 using dummy_hcd
[ 1627.148361][T27055] bond2 (unregistering): Released all slaves
[ 1627.175391][T16667] pwc: recv_control_msg error -32 req 02 val 2500
[ 1627.255259][T23644] usb 6-1: Using ep0 maxpacket: 16
[ 1627.939172][T16667] pwc: recv_control_msg error -71 req 02 val 2600
[ 1627.946843][T16667] pwc: recv_control_msg error -71 req 02 val 2900
[ 1627.959362][T16667] pwc: recv_control_msg error -71 req 02 val 2800
[ 1627.979906][T16667] pwc: recv_control_msg error -71 req 04 val 1100
[ 1628.002979][T23644] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1628.016766][T23644] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[ 1628.019108][T16667] pwc: recv_control_msg error -71 req 04 val 1200
[ 1628.029024][T23644] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[ 1628.093243][T23644] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1628.096197][T16667] pwc: Registered as video103.
[ 1628.136530][T16667] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input73
[ 1628.224510][T16667] usb 1-1: USB disconnect, device number 102
[ 1628.259933][T23644] usb 6-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[ 1628.317831][T23644] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1628.366057][T23644] usb 6-1: Product: syz
[ 1628.383882][T23644] usb 6-1: Manufacturer: syz
[ 1628.404521][T23644] usb 6-1: SerialNumber: syz
[ 1628.433168][T23644] usb 6-1: config 0 descriptor??
[ 1628.655632][T27052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1628.689300][T27069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1628.731953][T27069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1628.765762][T27052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1628.776940][T23644] rc_core: IR keymap rc-xbox-dvd not found
[ 1628.782902][T23644] Registered IR keymap rc-empty
[ 1628.818151][T23644] rc rc0: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 1628.854852][T23644] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input74
[ 1628.910626][T27071] syzkaller0: entered promiscuous mode
[ 1629.018912][T23644] usb 6-1: USB disconnect, device number 126
[ 1629.018974][    C1] xbox_remote 6-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[ 1629.245269][T16667] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1629.295249][   T44] usb 3-1: new low-speed USB device number 85 using dummy_hcd
[ 1629.395469][T16667] usb 2-1: Using ep0 maxpacket: 16
[ 1629.403899][T16667] usb 2-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1629.421539][T16667] usb 2-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[ 1629.438668][T16667] usb 2-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1629.452875][T27087] bond5 (unregistering): Released all slaves
[ 1629.465342][T16667] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1629.474501][T16667] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1629.484280][T16667] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.494171][   T44] usb 3-1: Invalid ep0 maxpacket: 64
[ 1629.500428][T16667] usb 2-1: Product: syz
[ 1629.504656][T16667] usb 2-1: Manufacturer: syz
[ 1629.509380][T16667] usb 2-1: SerialNumber: syz
[ 1629.657541][   T44] usb 3-1: new low-speed USB device number 86 using dummy_hcd
[ 1629.747426][T16667] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 49 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[ 1629.907131][   T44] usb 3-1: Invalid ep0 maxpacket: 64
[ 1629.920854][   T44] usb usb3-port1: attempt power cycle
[ 1629.986701][T27094] netlink: 'syz.7.5638': attribute type 13 has an invalid length.
[ 1630.004132][T27094] gretap0: refused to change device tx_queue_len
[ 1630.011324][T27094] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1630.132814][T27096] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1630.146900][T27096] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1630.187753][T27098] CIFS: iocharset name too long
[ 1630.265316][   T44] usb 3-1: new low-speed USB device number 87 using dummy_hcd
[ 1630.286830][   T44] usb 3-1: Invalid ep0 maxpacket: 64
[ 1630.444943][   T44] usb 3-1: new low-speed USB device number 88 using dummy_hcd
[ 1630.465891][   T44] usb 3-1: Invalid ep0 maxpacket: 64
[ 1630.471795][   T44] usb usb3-port1: unable to enumerate USB device
[ 1632.079279][T16667] usb 2-1: USB disconnect, device number 49
[ 1632.138298][T16667] usblp0: removed
[ 1632.377601][T27124] syzkaller0: entered promiscuous mode
[ 1632.383126][T27124] syzkaller0: entered allmulticast mode
[ 1632.595248][T16667] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1632.741056][T27134] xt_bpf: check failed: parse error
[ 1632.789688][T16667] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1632.828557][T16667] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1632.911165][T16667] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1632.934566][T16667] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1632.950611][T16667] usb 2-1: SerialNumber: syz
[ 1635.038497][T16667] usb 2-1: 0:2 : does not exist
[ 1635.150740][T16667] usb 2-1: USB disconnect, device number 50
[ 1635.290379][T25448] udevd[25448]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1635.424320][T27166] bond5 (unregistering): Released all slaves
[ 1635.611085][T27172] syzkaller0: entered promiscuous mode
[ 1635.626256][T27172] syzkaller0: entered allmulticast mode
[ 1640.633557][T27276] sctp: [Deprecated]: syz.5.5695 (pid 27276) Use of int in max_burst socket option.
[ 1640.633557][T27276] Use struct sctp_assoc_value instead
[ 1642.687582][   T30] audit: type=1326 audit(1762284269.346:5060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1642.770796][   T30] audit: type=1326 audit(1762284269.346:5061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1642.839267][   T30] audit: type=1326 audit(1762284269.346:5062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1642.937086][   T30] audit: type=1326 audit(1762284269.346:5063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1643.005222][   T30] audit: type=1326 audit(1762284269.396:5064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1643.095258][   T30] audit: type=1326 audit(1762284269.396:5065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1643.195397][   T30] audit: type=1326 audit(1762284269.396:5066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee1f8f6c9 code=0x7ffc0000
[ 1643.268647][   T30] audit: type=1326 audit(1762284269.396:5067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4ee1fc1f85 code=0x7ffc0000
[ 1643.313741][   T30] audit: type=1326 audit(1762284269.396:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4ee1fc1f85 code=0x7ffc0000
[ 1643.360047][   T30] audit: type=1326 audit(1762284269.396:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27349 comm="syz.0.5723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4ee1fc1f85 code=0x7ffc0000
[ 1648.523236][T27494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5781'.
[ 1652.396406][T27597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5822'.
[ 1653.000241][T27608] TCP: TCP_TX_DELAY enabled
[ 1653.036011][T23933] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1653.047330][T23933] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1653.065768][T23933] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1653.074132][T23933] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1653.082052][T23933] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1653.652656][T27616] chnl_net:caif_netlink_parms(): no params data found
[ 1653.990990][T27616] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1654.004065][T27616] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1654.012917][T27650] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5841'.
[ 1654.024375][T27616] bridge_slave_0: entered allmulticast mode
[ 1654.044037][T27616] bridge_slave_0: entered promiscuous mode
[ 1654.074321][T27616] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1654.082560][T27616] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1654.091273][T27616] bridge_slave_1: entered allmulticast mode
[ 1654.100413][T27616] bridge_slave_1: entered promiscuous mode
[ 1654.108352][T27653] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5841'.
[ 1654.202615][T27616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1654.262653][T27616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1654.370373][T27616] team0: Port device team_slave_0 added
[ 1654.392172][T27616] team0: Port device team_slave_1 added
[ 1654.570896][T27616] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1654.579829][T27661] netlink: 'syz.2.5845': attribute type 4 has an invalid length.
[ 1654.596638][T27616] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1654.646346][T27616] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1655.135805][T23583] Bluetooth: hci1: command tx timeout
[ 1655.222094][   T37] bond3 (unregistering): (slave geneve2): Releasing active interface
[ 1655.673017][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1655.684292][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1655.695581][   T37] bond0 (unregistering): Released all slaves
[ 1656.001321][   T37] bond1 (unregistering): Released all slaves
[ 1656.166415][   T30] kauditd_printk_skb: 125 callbacks suppressed
[ 1656.166434][   T30] audit: type=1326 audit(1762284282.826:5195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27690 comm="syz.7.5855" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f14c7d8f6c9 code=0x0
[ 1656.271447][   T37] bond2 (unregistering): Released all slaves
[ 1656.514227][   T37] bond3 (unregistering): Released all slaves
[ 1656.534961][   T37] bond4 (unregistering): Released all slaves
[ 1656.565548][T27616] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1656.572573][T27616] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1656.600693][T27616] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1656.865663][   T37] tipc: Left network mode
[ 1656.889885][T27616] hsr_slave_0: entered promiscuous mode
[ 1656.915193][T27616] hsr_slave_1: entered promiscuous mode
[ 1656.922005][T27616] debugfs: 'hsr0' already exists in 'hsr'
[ 1656.928235][T27616] Cannot create hsr debugfs directory
[ 1657.215713][T23583] Bluetooth: hci1: command tx timeout
[ 1657.378269][   T37] hsr_slave_0: left promiscuous mode
[ 1657.396918][   T37] hsr_slave_1: left promiscuous mode
[ 1657.407324][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1657.420119][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1658.542187][   T37] team0 (unregistering): Port device team_slave_1 removed
[ 1658.618842][   T37] team0 (unregistering): Port device team_slave_0 removed
[ 1659.297120][T23583] Bluetooth: hci1: command tx timeout
[ 1660.367059][   T37] IPVS: stop unused estimator thread 0...
[ 1660.447891][T27787] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5886'.
[ 1660.695333][T27616] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1660.721430][T27616] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1660.755890][T27616] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1660.790648][T27616] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1661.051627][T27616] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1661.117226][T27616] 8021q: adding VLAN 0 to HW filter on device team0
[ 1661.144229][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1661.151669][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1661.177730][T25675] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1661.185088][T25675] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1661.376495][T23583] Bluetooth: hci1: command tx timeout
[ 1661.447951][T27616] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1661.660032][T27616] veth0_vlan: entered promiscuous mode
[ 1661.722874][T27616] veth1_vlan: entered promiscuous mode
[ 1661.863003][T27616] veth0_macvtap: entered promiscuous mode
[ 1661.884279][T27616] veth1_macvtap: entered promiscuous mode
[ 1662.042632][T27616] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1662.094205][T27616] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1662.123861][ T1102] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.146919][ T1102] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.219320][ T1102] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.280832][ T1102] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.462148][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.496218][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1662.568722][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.580986][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1663.397352][T27921] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5925'.
[ 1665.030045][T27997] trusted_key: encrypted_key: insufficient parameters specified
[ 1665.398220][T23933] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1665.420094][T23933] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1665.442868][T23933] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1665.468543][T23933] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1665.491872][T23933] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1666.284892][T28010] chnl_net:caif_netlink_parms(): no params data found
[ 1666.643358][T25675] bridge_slave_1: left allmulticast mode
[ 1666.643387][T25675] bridge_slave_1: left promiscuous mode
[ 1666.643610][T25675] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1666.654717][T25675] bridge_slave_0: left allmulticast mode
[ 1666.654746][T25675] bridge_slave_0: left promiscuous mode
[ 1666.654971][T25675] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1666.762067][T28044] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5975'.
[ 1667.494080][T25675] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1667.506372][T25675] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1667.517277][T25675] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[ 1667.528729][T25675] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1667.539986][T25675] bond0 (unregistering): Released all slaves
[ 1667.618465][T23933] Bluetooth: hci4: command tx timeout
[ 1667.757712][T25675] bond1 (unregistering): Released all slaves
[ 1667.947693][T25675] bond2 (unregistering): Released all slaves
[ 1667.964905][T28010] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1667.972750][T28010] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1667.981359][T28010] bridge_slave_0: entered allmulticast mode
[ 1667.989533][T28010] bridge_slave_0: entered promiscuous mode
[ 1668.051023][T28010] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1668.060664][T28010] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1668.068148][T28010] bridge_slave_1: entered allmulticast mode
[ 1668.093455][T28010] bridge_slave_1: entered promiscuous mode
[ 1668.101880][T25675] tipc: Left network mode
[ 1668.328326][T28010] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1668.378879][T28010] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1668.582516][T28010] team0: Port device team_slave_0 added
[ 1668.670146][T28010] team0: Port device team_slave_1 added
[ 1668.731535][T25675] hsr_slave_0: left promiscuous mode
[ 1668.753738][T25675] hsr_slave_1: left promiscuous mode
[ 1668.769604][T25675] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1668.800159][T25675] batman_adv: batadv0: Interface deactivated: dummy0
[ 1668.807953][T25675] batman_adv: batadv0: Removing interface: dummy0
[ 1669.633664][T25675] team0 (unregistering): Port device team_slave_1 removed
[ 1669.692411][T25675] team0 (unregistering): Port device C removed
[ 1669.695398][T23933] Bluetooth: hci4: command tx timeout
[ 1670.488445][T28010] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1670.496765][T28010] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1670.524089][T28010] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1670.589231][T28010] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1670.598048][T28010] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1670.626759][T28010] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1670.783313][T28010] hsr_slave_0: entered promiscuous mode
[ 1670.791902][T28010] hsr_slave_1: entered promiscuous mode
[ 1671.282195][T25675] IPVS: stop unused estimator thread 0...
[ 1671.524307][T28124] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5997'.
[ 1671.784312][T23933] Bluetooth: hci4: command tx timeout
[ 1672.135410][T28010] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1672.152089][T28010] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1672.184785][T28010] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1672.221613][T28010] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1672.533398][T28010] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1672.621883][T28010] 8021q: adding VLAN 0 to HW filter on device team0
[ 1672.663025][T25675] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1672.670382][T25675] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1672.759702][ T1102] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1672.767582][ T1102] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1673.222910][T28010] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1673.751787][T28010] veth0_vlan: entered promiscuous mode
[ 1673.760166][T28010] veth1_vlan: entered promiscuous mode
[ 1673.855918][T23933] Bluetooth: hci4: command tx timeout
[ 1674.260686][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1674.267573][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1674.389858][T28010] veth0_macvtap: entered promiscuous mode
[ 1674.445974][T28010] veth1_macvtap: entered promiscuous mode
[ 1674.498652][T28236] "syz.5.6026" (28236) uses obsolete ecb(arc4) skcipher
[ 1674.764612][T28010] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1674.851730][T28010] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1674.923018][T28114] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1674.950004][T28114] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1674.987925][T28114] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1675.016360][T19216] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1675.261788][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1675.295770][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1675.426513][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1675.434672][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1677.355983][T23583] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1677.383067][T23583] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1677.402418][T23583] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1677.424297][T23583] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1677.443421][T23583] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1677.873300][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1678.140542][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1678.304493][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1678.595002][T28328] chnl_net:caif_netlink_parms(): no params data found
[ 1678.872975][T28328] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1678.880766][T28328] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1678.889677][T28328] bridge_slave_0: entered allmulticast mode
[ 1678.898935][T28328] bridge_slave_0: entered promiscuous mode
[ 1678.951697][T28328] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1678.969032][T28328] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1679.005497][T28328] bridge_slave_1: entered allmulticast mode
[ 1679.025695][T28328] bridge_slave_1: entered promiscuous mode
[ 1679.169899][   T13] bridge_slave_1: left allmulticast mode
[ 1679.179185][   T13] bridge_slave_1: left promiscuous mode
[ 1679.191014][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1679.214772][   T13] bridge_slave_0: left allmulticast mode
[ 1679.231480][   T13] bridge_slave_0: left promiscuous mode
[ 1679.245990][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1679.539854][T23933] Bluetooth: hci2: command tx timeout
[ 1679.655550][   T13] ip6gretap0 (unregistering): left promiscuous mode
[ 1679.686985][   T13] bond2 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1679.974439][   T13] gretap0 (unregistering): left promiscuous mode
[ 1680.918687][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1680.933852][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1680.945530][   T13] bond0 (unregistering): Released all slaves
[ 1681.329391][   T13] bond1 (unregistering): Released all slaves
[ 1681.618359][T23933] Bluetooth: hci2: command tx timeout
[ 1681.677976][   T13] bond2 (unregistering): Released all slaves
[ 1681.697837][   T13] bond3 (unregistering): Released all slaves
[ 1681.723322][T28328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1681.769513][T28328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1681.956275][T28328] team0: Port device team_slave_0 added
[ 1681.979176][T28328] team0: Port device team_slave_1 added
[ 1682.143841][T28328] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1682.157174][T28328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1682.192343][T28328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1682.238707][T28328] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1682.258454][T28328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1682.287393][T28328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1682.729762][   T13] hsr_slave_0: left promiscuous mode
[ 1682.760248][   T13] hsr_slave_1: left promiscuous mode
[ 1682.781448][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1682.816100][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1682.847799][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1682.865357][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1682.904872][   T13] veth0: left promiscuous mode
[ 1682.914673][   T13] veth1_macvtap: left allmulticast mode
[ 1682.926928][   T13] veth1_macvtap: left promiscuous mode
[ 1682.942821][   T13] veth0_macvtap: left promiscuous mode
[ 1682.953077][   T13] veth1_vlan: left promiscuous mode
[ 1682.963133][   T13] veth0_vlan: left promiscuous mode
[ 1683.226861][   T13] team0 (unregistering): Port device batadv1 removed
[ 1683.695411][T23933] Bluetooth: hci2: command tx timeout
[ 1684.382915][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1684.461074][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1685.349677][T28328] hsr_slave_0: entered promiscuous mode
[ 1685.369703][T28328] hsr_slave_1: entered promiscuous mode
[ 1685.382424][T28328] debugfs: 'hsr0' already exists in 'hsr'
[ 1685.390335][T28328] Cannot create hsr debugfs directory
[ 1685.786908][T23933] Bluetooth: hci2: command tx timeout
[ 1686.192642][   T13] IPVS: stop unused estimator thread 0...
[ 1686.878166][T28328] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1686.900200][T28328] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1686.926409][T28328] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1686.949133][T28328] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1687.198188][T28328] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1687.250917][T28328] 8021q: adding VLAN 0 to HW filter on device team0
[ 1687.313810][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1687.321153][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1687.431428][T25675] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1687.438689][T25675] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1687.594072][T28605] fuse: Bad value for 'fd'
[ 1687.747123][T28328] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1687.903575][T28328] veth0_vlan: entered promiscuous mode
[ 1687.954050][T28328] veth1_vlan: entered promiscuous mode
[ 1688.083912][T28328] veth0_macvtap: entered promiscuous mode
[ 1688.102484][T28328] veth1_macvtap: entered promiscuous mode
[ 1688.128321][T28328] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1688.163650][T28328] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1688.303708][T19216] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1688.339320][T19216] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1688.406838][T19216] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1688.437955][T19216] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1688.679669][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1688.711920][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1688.824670][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1688.839229][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1689.058766][T28647] fuse: Bad value for 'fd'
[ 1690.058094][T28680] fuse: Bad value for 'fd'
[ 1690.230442][T28686] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6169'.
[ 1690.742795][T23583] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1690.754034][T23583] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1690.776460][T23583] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1690.816848][T23583] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1690.830734][T23583] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1691.869333][T28702] chnl_net:caif_netlink_parms(): no params data found
[ 1691.980277][T28739] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6185'.
[ 1692.552074][T28702] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1692.615960][T28702] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1692.623721][T28702] bridge_slave_0: entered allmulticast mode
[ 1692.674215][T28702] bridge_slave_0: entered promiscuous mode
[ 1692.702106][T28702] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1692.736536][T28702] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1692.751648][T28702] bridge_slave_1: entered allmulticast mode
[ 1692.790078][T28702] bridge_slave_1: entered promiscuous mode
[ 1692.910100][T23933] Bluetooth: hci0: command tx timeout
[ 1693.041857][T28702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1693.078195][T28702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1693.216144][T28702] team0: Port device team_slave_0 added
[ 1693.236226][T28702] team0: Port device team_slave_1 added
[ 1693.349079][T28702] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1693.372777][T28702] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1693.399160][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1693.454640][T28702] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1693.485912][T28787] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6196'.
[ 1693.530196][T28702] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1693.560734][T28702] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1693.586913][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1693.675251][T28702] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1693.874898][T28702] hsr_slave_0: entered promiscuous mode
[ 1693.899750][T28702] hsr_slave_1: entered promiscuous mode
[ 1693.960274][T28702] debugfs: 'hsr0' already exists in 'hsr'
[ 1693.973486][T28702] Cannot create hsr debugfs directory
[ 1694.248510][T28807] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1694.282181][T28813] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6207'.
[ 1694.587247][T28702] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.803740][T28702] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.976265][T23933] Bluetooth: hci0: command tx timeout
[ 1695.008595][T28702] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1695.258566][T28702] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1695.581079][T28702] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1695.594708][T28702] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1695.609099][T28702] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1695.631852][T28702] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1695.880018][T28702] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1695.911077][T28702] 8021q: adding VLAN 0 to HW filter on device team0
[ 1695.929849][T19216] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1695.937279][T19216] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1695.979110][T19216] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1695.986597][T19216] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1696.184640][T28702] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1696.310730][T28702] veth0_vlan: entered promiscuous mode
[ 1696.327672][T28702] veth1_vlan: entered promiscuous mode
[ 1696.399969][T28702] veth0_macvtap: entered promiscuous mode
[ 1696.425959][T28702] veth1_macvtap: entered promiscuous mode
[ 1696.469395][T28702] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1696.507771][T28702] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1696.526550][ T7330] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1696.547746][ T7330] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1696.585993][ T7330] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1696.605075][ T7330] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1696.782993][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1696.806273][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1696.887908][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1696.901742][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1697.055422][T23933] Bluetooth: hci0: command tx timeout
[ 1697.512529][T28928] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6256'.
[ 1697.629820][T28934] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6257'.
[ 1699.135420][T23933] Bluetooth: hci0: command tx timeout
[ 1699.453417][T29029] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6298'.
[ 1699.683565][T29039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6302'.
[ 1702.180169][T29101] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6325'.
[ 1702.657043][T29120] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6333'.
[ 1703.036327][T29124] netlink: 'syz.7.6335': attribute type 25 has an invalid length.
[ 1703.044215][T29124] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6335'.
[ 1703.618259][T29138] netlink: 3 bytes leftover after parsing attributes in process `syz.1.6340'.
[ 1703.982285][T29154] netlink: 'syz.5.6348': attribute type 25 has an invalid length.
[ 1704.005465][T29154] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6348'.
[ 1705.420346][T29230] "syz.2.6379" (29230) uses obsolete ecb(arc4) skcipher
[ 1706.686080][T29277] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6397'.
[ 1706.780653][T29279] netlink: 'syz.2.6398': attribute type 25 has an invalid length.
[ 1706.789312][T29279] netlink: 'syz.2.6398': attribute type 8 has an invalid length.
[ 1707.654410][T29325] fuse: Unknown parameter 'grou00000000000000000000'
[ 1707.956049][T29339] netlink: 'syz.0.6423': attribute type 25 has an invalid length.
[ 1707.965594][T29339] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6423'.
[ 1708.920021][T29380] fuse: Unknown parameter 'grou00000000000000000000'
[ 1709.485623][T29388] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6441'.
[ 1709.941089][T29425] "syz.5.6452" (29425) uses obsolete ecb(arc4) skcipher
[ 1710.377986][T29439] netlink: 'syz.2.6463': attribute type 25 has an invalid length.
[ 1710.814154][T29458] "syz.0.6469" (29458) uses obsolete ecb(arc4) skcipher
[ 1711.298615][T29484] "syz.1.6483" (29484) uses obsolete ecb(arc4) skcipher
[ 1711.538785][T29498] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6488'.
[ 1711.727774][T29506] sctp: [Deprecated]: syz.0.6492 (pid 29506) Use of int in max_burst socket option.
[ 1711.727774][T29506] Use struct sctp_assoc_value instead
[ 1711.895862][T29516] fuse: Bad value for 'fd'
[ 1711.974078][T29519] "syz.7.6497" (29519) uses obsolete ecb(arc4) skcipher
[ 1712.097485][T29523] netlink: 'syz.5.6499': attribute type 25 has an invalid length.
[ 1712.545820][T29544] fuse: Bad value for 'fd'
[ 1712.839907][T29560] fuse: Bad value for 'fd'
[ 1712.978632][T29562] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1713.521117][T29588] fuse: Bad value for 'fd'
[ 1714.302497][T29620] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6542'.
[ 1714.413904][T29626] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1715.083206][T29653] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6557'.
[ 1715.104803][T29655] fuse: Bad value for 'user_id'
[ 1715.120769][T29655] fuse: Bad value for 'user_id'
[ 1716.762441][T29711] netlink: 104 bytes leftover after parsing attributes in process `syz.5.6580'.
[ 1716.997085][T29717] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6581'.
[ 1718.918826][T29779] fuse: Bad value for 'fd'
[ 1719.460320][T29801] fuse: Bad value for 'fd'
[ 1719.545367][T29808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6619'.
[ 1719.966550][T29833] netlink: 592 bytes leftover after parsing attributes in process `syz.7.6629'.
[ 1719.991566][T29836] fuse: Bad value for 'fd'
[ 1720.089303][T29839] "syz.2.6632" (29839) uses obsolete ecb(arc4) skcipher
[ 1720.165696][T29845] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6634'.
[ 1720.575624][T29866] netlink: 592 bytes leftover after parsing attributes in process `syz.7.6644'.
[ 1720.688448][T29870] "syz.2.6646" (29870) uses obsolete ecb(arc4) skcipher
[ 1720.808499][T29880] fuse: Bad value for 'fd'
[ 1721.349881][T29903] netlink: 592 bytes leftover after parsing attributes in process `syz.1.6659'.
[ 1721.614489][T29913] "syz.1.6663" (29913) uses obsolete ecb(arc4) skcipher
[ 1722.097231][T29932] fuse: Invalid rootmode
[ 1722.223935][T29935] netlink: 592 bytes leftover after parsing attributes in process `syz.1.6674'.
[ 1722.410343][T29944] "syz.5.6678" (29944) uses obsolete ecb(arc4) skcipher
[ 1723.013569][T29975] "syz.2.6691" (29975) uses obsolete ecb(arc4) skcipher
[ 1723.223793][T29983] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1723.233721][T29983] team0: Port device bond0 added
[ 1723.602439][T30010] batadv_slave_1: entered promiscuous mode
[ 1723.625352][T30009] batadv_slave_1: left promiscuous mode
[ 1723.626966][T30013] netlink: 592 bytes leftover after parsing attributes in process `syz.7.6709'.
[ 1724.895030][T30091] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[ 1727.357503][T30192] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1728.873426][T30260] "syz.7.6810" (30260) uses obsolete ecb(arc4) skcipher
[ 1729.942244][T30288] fuse: Bad value for 'group_id'
[ 1729.974022][T30288] fuse: Bad value for 'group_id'
[ 1730.581891][T30309] "syz.7.6830" (30309) uses obsolete ecb(arc4) skcipher
[ 1730.886955][T30315] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6832'.
[ 1731.094014][T30322] fuse: Bad value for 'group_id'
[ 1731.113760][T30322] fuse: Bad value for 'group_id'
[ 1731.246503][T30335] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1731.652041][T30358] fuse: Bad value for 'group_id'
[ 1731.657530][T30358] fuse: Bad value for 'group_id'
[ 1731.983073][T30367] fuse: Bad value for 'fd'
[ 1732.551609][T30390] fuse: Bad value for 'group_id'
[ 1732.563529][T30390] fuse: Bad value for 'group_id'
[ 1733.028080][T30413] fuse: Bad value for 'group_id'
[ 1733.033219][T30413] fuse: Bad value for 'group_id'
[ 1733.072919][T30417] fuse: Bad value for 'fd'
[ 1733.310746][T30427] veth0: entered promiscuous mode
[ 1733.327475][T30427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6882'.
[ 1733.505534][T30439] fuse: Bad value for 'group_id'
[ 1733.516947][T30441] fuse: Unknown parameter '0x0000000000000003'
[ 1733.530280][T30439] fuse: Bad value for 'group_id'
[ 1733.937472][T30469] fuse: Unknown parameter '0x0000000000000003'
[ 1734.639177][T30500] fuse: Unknown parameter '0x0000000000000003'
[ 1735.395152][T30537] fuse: Unknown parameter '0x0000000000000003'
[ 1735.700296][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1735.706920][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1735.749799][T30558] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6939'.
[ 1735.957705][T30566] fuse: Unknown parameter '0x0000000000000003'
[ 1736.093121][T30573] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[ 1736.407723][T30594] fuse: Unknown parameter '0x0000000000000003'
[ 1736.487221][T30597] fuse: Unknown parameter 'grou00000000000000000000'
[ 1737.031216][T30622] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1737.041185][T30622] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1737.297717][T30622] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1737.313833][T30622] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1737.507852][T30640] fuse: Unknown parameter 'grou00000000000000000000'
[ 1737.534308][   T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1737.567883][   T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1737.613751][T30641] netlink: 6 bytes leftover after parsing attributes in process `syz.5.6973'.
[ 1737.672702][   T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1737.702731][   T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1738.098915][T30665] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1738.273794][T30677] fuse: Unknown parameter 'grou00000000000000000000'
[ 1740.626958][T30708] fuse: Unknown parameter 'grou00000000000000000000'
[ 1741.635733][T30737] fuse: Unknown parameter 'grou00000000000000000000'
[ 1742.334730][T30767] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1742.424839][T30773] fuse: Bad value for 'user_id'
[ 1742.435265][T30773] fuse: Bad value for 'user_id'
[ 1742.829211][T30799] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1744.120397][T30822] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1752.656604][T31026] IPv6: addrconf: prefix option has invalid lifetime
[ 1754.147356][T31063] fuse: Invalid rootmode
[ 1755.458555][T31085] 
[ 1755.460965][T31085] =====================================================
[ 1755.467923][T31085] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 1755.475420][T31085] syzkaller #0 Not tainted
[ 1755.479857][T31085] -----------------------------------------------------
[ 1755.486793][T31085] syz.7.7132/31085 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 1755.494699][T31085] ffff88806abf96a8 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x199/0x4d0
[ 1755.503743][T31085] 
[ 1755.503743][T31085] and this task is already holding:
[ 1755.511406][T31085] ffff88805cc57468 (&tty->flow.lock){....}-{3:3}, at: start_tty+0x20/0x70
[ 1755.519986][T31085] which would create a new lock dependency:
[ 1755.525915][T31085]  (&tty->flow.lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3}
[ 1755.533782][T31085] 
[ 1755.533782][T31085] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 1755.543338][T31085]  (&dev->event_lock#2){..-.}-{3:3}
[ 1755.543378][T31085] 
[ 1755.543378][T31085] ... which became SOFTIRQ-irq-safe at:
[ 1755.556763][T31085]   lock_acquire+0x120/0x360
[ 1755.561383][T31085]   _raw_spin_lock_irqsave+0xa7/0xf0
[ 1755.566686][T31085]   input_inject_event+0xa5/0x340
[ 1755.571733][T31085]   led_trigger_event+0x138/0x210
[ 1755.576854][T31085]   kbd_bh+0x1c6/0x2e0
[ 1755.580933][T31085]   tasklet_action_common+0x36c/0x580
[ 1755.586493][T31085]   handle_softirqs+0x286/0x870
[ 1755.591445][T31085]   run_ksoftirqd+0x9b/0x100
[ 1755.596066][T31085]   smpboot_thread_fn+0x542/0xa60
[ 1755.601127][T31085]   kthread+0x711/0x8a0
[ 1755.605307][T31085]   ret_from_fork+0x4bc/0x870
[ 1755.610026][T31085]   ret_from_fork_asm+0x1a/0x30
[ 1755.614890][T31085] 
[ 1755.614890][T31085] to a SOFTIRQ-irq-unsafe lock:
[ 1755.622093][T31085]  (tasklist_lock){.+.+}-{3:3}
[ 1755.622138][T31085] 
[ 1755.622138][T31085] ... which became SOFTIRQ-irq-unsafe at:
[ 1755.635059][T31085] ...
[ 1755.635069][T31085]   lock_acquire+0x120/0x360
[ 1755.642256][T31085]   _raw_read_lock+0x36/0x50
[ 1755.646867][T31085]   __do_wait+0xde/0x740
[ 1755.651124][T31085]   do_wait+0x1f8/0x510
[ 1755.655300][T31085]   kernel_wait+0xab/0x170
[ 1755.659750][T31085]   call_usermodehelper_exec_work+0xbe/0x230
[ 1755.665870][T31085]   process_scheduled_works+0xae1/0x17b0
[ 1755.671515][T31085]   worker_thread+0x8a0/0xda0
[ 1755.676203][T31085]   kthread+0x711/0x8a0
[ 1755.680370][T31085]   ret_from_fork+0x4bc/0x870
[ 1755.685089][T31085]   ret_from_fork_asm+0x1a/0x30
[ 1755.689950][T31085] 
[ 1755.689950][T31085] other info that might help us debug this:
[ 1755.689950][T31085] 
[ 1755.700379][T31085] Chain exists of:
[ 1755.700379][T31085]   &dev->event_lock#2 --> &tty->flow.lock --> tasklist_lock
[ 1755.700379][T31085] 
[ 1755.713798][T31085]  Possible interrupt unsafe locking scenario:
[ 1755.713798][T31085] 
[ 1755.722215][T31085]        CPU0                    CPU1
[ 1755.727586][T31085]        ----                    ----
[ 1755.732956][T31085]   lock(tasklist_lock);
[ 1755.737215][T31085]                                local_irq_disable();
[ 1755.744091][T31085]                                lock(&dev->event_lock#2);
[ 1755.751403][T31085]                                lock(&tty->flow.lock);
[ 1755.758476][T31085]   <Interrupt>
[ 1755.762030][T31085]     lock(&dev->event_lock#2);
[ 1755.767012][T31085] 
[ 1755.767012][T31085]  *** DEADLOCK ***
[ 1755.767012][T31085] 
[ 1755.775359][T31085] 6 locks held by syz.7.7132/31085:
[ 1755.780732][T31085]  #0: ffff88805cc570a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1755.790516][T31085]  #1: ffff88805cc572e8 (&tty->termios_rwsem/1){++++}-{4:4}, at: tty_set_termios+0x138/0x17e0
[ 1755.800818][T31085]  #2: ffff88805cc570a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90
[ 1755.810214][T31085]  #3: ffff88805cc57468 (&tty->flow.lock){....}-{3:3}, at: start_tty+0x20/0x70
[ 1755.819245][T31085]  #4: ffff88805cc570a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90
[ 1755.828714][T31085]  #5: ffffffff8df3d620 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0
[ 1755.837810][T31085] 
[ 1755.837810][T31085] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 1755.848311][T31085]   -> (&dev->event_lock#2){..-.}-{3:3} {
[ 1755.854084][T31085]      IN-SOFTIRQ-W at:
[ 1755.858313][T31085]                         lock_acquire+0x120/0x360
[ 1755.864836][T31085]                         _raw_spin_lock_irqsave+0xa7/0xf0
[ 1755.872055][T31085]                         input_inject_event+0xa5/0x340
[ 1755.879044][T31085]                         led_trigger_event+0x138/0x210
[ 1755.886009][T31085]                         kbd_bh+0x1c6/0x2e0
[ 1755.892013][T31085]                         tasklet_action_common+0x36c/0x580
[ 1755.899327][T31085]                         handle_softirqs+0x286/0x870
[ 1755.906117][T31085]                         run_ksoftirqd+0x9b/0x100
[ 1755.912813][T31085]                         smpboot_thread_fn+0x542/0xa60
[ 1755.919759][T31085]                         kthread+0x711/0x8a0
[ 1755.925849][T31085]                         ret_from_fork+0x4bc/0x870
[ 1755.932460][T31085]                         ret_from_fork_asm+0x1a/0x30
[ 1755.939417][T31085]      INITIAL USE at:
[ 1755.943523][T31085]                        lock_acquire+0x120/0x360
[ 1755.949981][T31085]                        _raw_spin_lock_irqsave+0xa7/0xf0
[ 1755.957188][T31085]                        input_inject_event+0xa5/0x340
[ 1755.964084][T31085]                        kbd_led_trigger_activate+0xbc/0x100
[ 1755.971665][T31085]                        led_trigger_set+0x52d/0x950
[ 1755.978720][T31085]                        led_trigger_set_default+0x260/0x2a0
[ 1755.986110][T31085]                        led_classdev_register_ext+0x73d/0x930
[ 1755.994204][T31085]                        input_leds_connect+0x517/0x790
[ 1756.001195][T31085]                        input_register_device+0xd00/0x1140
[ 1756.008690][T31085]                        atkbd_connect+0x72e/0xa00
[ 1756.015215][T31085]                        serio_driver_probe+0x82/0xd0
[ 1756.022039][T31085]                        really_probe+0x26d/0x9e0
[ 1756.028572][T31085]                        __driver_probe_device+0x18c/0x2f0
[ 1756.036046][T31085]                        driver_probe_device+0x4f/0x430
[ 1756.042995][T31085]                        __driver_attach+0x452/0x700
[ 1756.049683][T31085]                        bus_for_each_dev+0x233/0x2b0
[ 1756.056543][T31085]                        serio_handle_event+0x1f9/0x8d0
[ 1756.063577][T31085]                        process_scheduled_works+0xae1/0x17b0
[ 1756.071200][T31085]                        worker_thread+0x8a0/0xda0
[ 1756.077803][T31085]                        kthread+0x711/0x8a0
[ 1756.083809][T31085]                        ret_from_fork+0x4bc/0x870
[ 1756.090410][T31085]                        ret_from_fork_asm+0x1a/0x30
[ 1756.097209][T31085]    }
[ 1756.099886][T31085]    ... key      at: [<ffffffff99b27060>] input_allocate_device.__key.5+0x0/0x20
[ 1756.109155][T31085]  -> (kbd_event_lock){....}-{3:3} {
[ 1756.114473][T31085]     INITIAL USE at:
[ 1756.118577][T31085]                      lock_acquire+0x120/0x360
[ 1756.124828][T31085]                      _raw_spin_lock_irqsave+0xa7/0xf0
[ 1756.131778][T31085]                      vt_reset_unicode+0x2b/0x160
[ 1756.138316][T31085]                      reset_vc+0x68/0x1b0
[ 1756.144567][T31085]                      vc_init+0x70/0x4a0
[ 1756.150298][T31085]                      con_init+0x385/0x9c0
[ 1756.156205][T31085]                      console_init+0x10e/0x430
[ 1756.162553][T31085]                      start_kernel+0x254/0x410
[ 1756.168921][T31085]                      x86_64_start_reservations+0x24/0x30
[ 1756.176133][T31085]                      x86_64_start_kernel+0x143/0x1c0
[ 1756.182992][T31085]                      common_startup_64+0x13e/0x147
[ 1756.189787][T31085]   }
[ 1756.192378][T31085]   ... key      at: [<ffffffff8e7595b8>] kbd_event_lock+0x18/0xa0
[ 1756.200367][T31085]   ... acquired at:
[ 1756.204259][T31085]    lock_acquire+0x120/0x360
[ 1756.209030][T31085]    _raw_spin_lock+0x2e/0x40
[ 1756.213749][T31085]    kbd_event+0xd2/0x3f70
[ 1756.218276][T31085]    input_handle_events_default+0xd4/0x1a0
[ 1756.224207][T31085]    input_pass_values+0x288/0x890
[ 1756.229344][T31085]    input_event_dispose+0x330/0x6b0
[ 1756.234646][T31085]    input_inject_event+0x1dd/0x340
[ 1756.239947][T31085]    evdev_write+0x2fc/0x480
[ 1756.244568][T31085]    vfs_write+0x27e/0xb30
[ 1756.249011][T31085]    ksys_write+0x145/0x250
[ 1756.253551][T31085]    do_syscall_64+0xfa/0xfa0
[ 1756.258252][T31085]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1756.264709][T31085] 
[ 1756.267050][T31085] -> (&tty->flow.lock){....}-{3:3} {
[ 1756.272369][T31085]    INITIAL USE at:
[ 1756.276941][T31085]                    lock_acquire+0x120/0x360
[ 1756.283228][T31085]                    _raw_spin_lock_irqsave+0xa7/0xf0
[ 1756.290005][T31085]                    start_tty+0x20/0x70
[ 1756.295648][T31085]                    n_tty_set_termios+0xa7c/0x1090
[ 1756.302423][T31085]                    tty_set_termios+0xda4/0x17e0
[ 1756.308849][T31085]                    set_termios+0x516/0x6c0
[ 1756.314842][T31085]                    tty_mode_ioctl+0x47e/0x740
[ 1756.321095][T31085]                    tty_ioctl+0x9c6/0xde0
[ 1756.326952][T31085]                    __se_sys_ioctl+0xfc/0x170
[ 1756.333256][T31085]                    do_syscall_64+0xfa/0xfa0
[ 1756.339401][T31085]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1756.346973][T31085]  }
[ 1756.349482][T31085]  ... key      at: [<ffffffff99ae7c40>] alloc_tty_struct.__key.35+0x0/0x20
[ 1756.358177][T31085]  ... acquired at:
[ 1756.362083][T31085]    lock_acquire+0x120/0x360
[ 1756.366774][T31085]    _raw_spin_lock_irqsave+0xa7/0xf0
[ 1756.372256][T31085]    stop_tty+0x2f/0x150
[ 1756.376534][T31085]    kbd_event+0x2b72/0x3f70
[ 1756.381505][T31085]    input_handle_events_default+0xd4/0x1a0
[ 1756.387427][T31085]    input_pass_values+0x288/0x890
[ 1756.392643][T31085]    input_event_dispose+0x330/0x6b0
[ 1756.398034][T31085]    input_inject_event+0x1dd/0x340
[ 1756.403255][T31085]    evdev_write+0x2fc/0x480
[ 1756.407855][T31085]    vfs_write+0x27e/0xb30
[ 1756.412288][T31085]    ksys_write+0x145/0x250
[ 1756.416805][T31085]    do_syscall_64+0xfa/0xfa0
[ 1756.421585][T31085]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1756.428067][T31085] 
[ 1756.430577][T31085] 
[ 1756.430577][T31085] the dependencies between the lock to be acquired
[ 1756.430592][T31085]  and SOFTIRQ-irq-unsafe lock:
[ 1756.444142][T31085]   -> (tasklist_lock){.+.+}-{3:3} {
[ 1756.449567][T31085]      HARDIRQ-ON-R at:
[ 1756.453730][T31085]                         lock_acquire+0x120/0x360
[ 1756.460333][T31085]                         _raw_read_lock+0x36/0x50
[ 1756.466939][T31085]                         __do_wait+0xde/0x740
[ 1756.473127][T31085]                         do_wait+0x1f8/0x510
[ 1756.479299][T31085]                         kernel_wait+0xab/0x170
[ 1756.485705][T31085]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1756.493826][T31085]                         process_scheduled_works+0xae1/0x17b0
[ 1756.501408][T31085]                         worker_thread+0x8a0/0xda0
[ 1756.508035][T31085]                         kthread+0x711/0x8a0
[ 1756.514125][T31085]                         ret_from_fork+0x4bc/0x870
[ 1756.520738][T31085]                         ret_from_fork_asm+0x1a/0x30
[ 1756.527541][T31085]      SOFTIRQ-ON-R at:
[ 1756.531741][T31085]                         lock_acquire+0x120/0x360
[ 1756.538276][T31085]                         _raw_read_lock+0x36/0x50
[ 1756.544802][T31085]                         __do_wait+0xde/0x740
[ 1756.551002][T31085]                         do_wait+0x1f8/0x510
[ 1756.557173][T31085]                         kernel_wait+0xab/0x170
[ 1756.563612][T31085]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1756.571604][T31085]                         process_scheduled_works+0xae1/0x17b0
[ 1756.579348][T31085]                         worker_thread+0x8a0/0xda0
[ 1756.585982][T31085]                         kthread+0x711/0x8a0
[ 1756.592237][T31085]                         ret_from_fork+0x4bc/0x870
[ 1756.598886][T31085]                         ret_from_fork_asm+0x1a/0x30
[ 1756.605772][T31085]      INITIAL USE at:
[ 1756.609850][T31085]                        lock_acquire+0x120/0x360
[ 1756.616273][T31085]                        _raw_write_lock_irq+0xa2/0xf0
[ 1756.624197][T31085]                        copy_process+0x224f/0x3c00
[ 1756.630924][T31085]                        kernel_clone+0x21e/0x840
[ 1756.637378][T31085]                        user_mode_thread+0xdd/0x140
[ 1756.644092][T31085]                        rest_init+0x23/0x300
[ 1756.650174][T31085]                        start_kernel+0x3ae/0x410
[ 1756.656615][T31085]                        x86_64_start_reservations+0x24/0x30
[ 1756.664087][T31085]                        x86_64_start_kernel+0x143/0x1c0
[ 1756.671118][T31085]                        common_startup_64+0x13e/0x147
[ 1756.677993][T31085]      INITIAL READ USE at:
[ 1756.682772][T31085]                             lock_acquire+0x120/0x360
[ 1756.689731][T31085]                             _raw_read_lock+0x36/0x50
[ 1756.697147][T31085]                             __do_wait+0xde/0x740
[ 1756.703872][T31085]                             do_wait+0x1f8/0x510
[ 1756.710431][T31085]                             kernel_wait+0xab/0x170
[ 1756.717354][T31085]                             call_usermodehelper_exec_work+0xbe/0x230
[ 1756.725710][T31085]                             process_scheduled_works+0xae1/0x17b0
[ 1756.733647][T31085]                             worker_thread+0x8a0/0xda0
[ 1756.740593][T31085]                             kthread+0x711/0x8a0
[ 1756.747027][T31085]                             ret_from_fork+0x4bc/0x870
[ 1756.753973][T31085]                             ret_from_fork_asm+0x1a/0x30
[ 1756.761096][T31085]    }
[ 1756.763776][T31085]    ... key      at: [<ffffffff8dc0c058>] tasklist_lock+0x18/0x40
[ 1756.771956][T31085]    ... acquired at:
[ 1756.775942][T31085]    lock_acquire+0x120/0x360
[ 1756.780630][T31085]    _raw_read_lock+0x36/0x50
[ 1756.785318][T31085]    send_sigurg+0x12b/0x420
[ 1756.789930][T31085]    sk_send_sigurg+0x6c/0x2e0
[ 1756.794740][T31085]    tcp_check_urg+0x200/0x760
[ 1756.799533][T31085]    tcp_urg+0x164/0x3f0
[ 1756.803802][T31085]    tcp_rcv_established+0x132a/0x2670
[ 1756.809396][T31085]    tcp_v4_do_rcv+0xa90/0x1430
[ 1756.814287][T31085]    __release_sock+0x265/0x3a0
[ 1756.819160][T31085]    release_sock+0x5f/0x1f0
[ 1756.823792][T31085]    tcp_sendmsg+0x39/0x50
[ 1756.828234][T31085]    __sock_sendmsg+0xe5/0x270
[ 1756.833030][T31085]    ____sys_sendmsg+0x505/0x830
[ 1756.838096][T31085]    ___sys_sendmsg+0x21f/0x2a0
[ 1756.843150][T31085]    __x64_sys_sendmsg+0x19b/0x260
[ 1756.848315][T31085]    do_syscall_64+0xfa/0xfa0
[ 1756.853091][T31085]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1756.859194][T31085] 
[ 1756.861626][T31085]  -> (&f_owner->lock){....}-{3:3} {
[ 1756.866946][T31085]     INITIAL USE at:
[ 1756.870944][T31085]                      lock_acquire+0x120/0x360
[ 1756.877202][T31085]                      _raw_write_lock_irq+0xa2/0xf0
[ 1756.883905][T31085]                      __f_setown+0x67/0x370
[ 1756.889998][T31085]                      generic_setlease+0xd60/0x1240
[ 1756.896818][T31085]                      fcntl_setlease+0x3a2/0x4c0
[ 1756.903355][T31085]                      do_fcntl+0x6a9/0x1910
[ 1756.909393][T31085]                      __se_sys_fcntl+0xc8/0x150
[ 1756.915756][T31085]                      do_syscall_64+0xfa/0xfa0
[ 1756.922082][T31085]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1756.929743][T31085]     INITIAL READ USE at:
[ 1756.934191][T31085]                           lock_acquire+0x120/0x360
[ 1756.940976][T31085]                           _raw_read_lock_irqsave+0xaf/0x100
[ 1756.948456][T31085]                           send_sigio+0x38/0x370
[ 1756.954886][T31085]                           kill_fasync+0x24d/0x4d0
[ 1756.961583][T31085]                           lease_break_callback+0x26/0x30
[ 1756.969266][T31085]                           __break_lease+0x6a5/0x1620
[ 1756.976244][T31085]                           vfs_truncate+0x428/0x520
[ 1756.982953][T31085]                           do_sys_truncate+0xdb/0x190
[ 1756.989833][T31085]                           __x64_sys_truncate+0x5b/0x70
[ 1756.996889][T31085]                           do_syscall_64+0xfa/0xfa0
[ 1757.003598][T31085]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.011671][T31085]   }
[ 1757.014265][T31085]   ... key      at: [<ffffffff9980a880>] file_f_owner_allocate.__key+0x0/0x20
[ 1757.023229][T31085]   ... acquired at:
[ 1757.027210][T31085]    lock_acquire+0x120/0x360
[ 1757.031894][T31085]    _raw_read_lock_irqsave+0xaf/0x100
[ 1757.037380][T31085]    send_sigio+0x38/0x370
[ 1757.041810][T31085]    kill_fasync+0x24d/0x4d0
[ 1757.046419][T31085]    lease_break_callback+0x26/0x30
[ 1757.051820][T31085]    __break_lease+0x6a5/0x1620
[ 1757.056691][T31085]    vfs_truncate+0x428/0x520
[ 1757.061388][T31085]    do_sys_truncate+0xdb/0x190
[ 1757.066257][T31085]    __x64_sys_truncate+0x5b/0x70
[ 1757.071293][T31085]    do_syscall_64+0xfa/0xfa0
[ 1757.075981][T31085]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.082331][T31085] 
[ 1757.084675][T31085] -> (&new->fa_lock){....}-{3:3} {
[ 1757.089815][T31085]    INITIAL USE at:
[ 1757.093726][T31085]                    lock_acquire+0x120/0x360
[ 1757.099803][T31085]                    _raw_write_lock_irq+0xa2/0xf0
[ 1757.106317][T31085]                    fasync_remove_entry+0xf1/0x1c0
[ 1757.112916][T31085]                    lease_modify+0x1ca/0x3c0
[ 1757.119000][T31085]                    locks_remove_file+0x4bf/0xea0
[ 1757.125603][T31085]                    __fput+0x3ab/0xa70
[ 1757.131158][T31085]                    task_work_run+0x1d4/0x260
[ 1757.137420][T31085]                    exit_to_user_mode_loop+0xe9/0x130
[ 1757.144285][T31085]                    do_syscall_64+0x2bd/0xfa0
[ 1757.150519][T31085]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.158176][T31085]    INITIAL READ USE at:
[ 1757.162529][T31085]                         lock_acquire+0x120/0x360
[ 1757.169064][T31085]                         _raw_read_lock_irqsave+0xaf/0x100
[ 1757.176579][T31085]                         kill_fasync+0x199/0x4d0
[ 1757.183025][T31085]                         sock_wake_async+0x137/0x160
[ 1757.190101][T31085]                         sock_def_readable+0x3bb/0x550
[ 1757.197147][T31085]                         queue_oob+0x452/0x4f0
[ 1757.203553][T31085]                         unix_stream_sendmsg+0xc3f/0xdf0
[ 1757.210711][T31085]                         __sock_sendmsg+0x21c/0x270
[ 1757.217583][T31085]                         ____sys_sendmsg+0x52d/0x830
[ 1757.225224][T31085]                         ___sys_sendmsg+0x21f/0x2a0
[ 1757.231911][T31085]                         __sys_sendmmsg+0x227/0x430
[ 1757.238598][T31085]                         __x64_sys_sendmmsg+0xa0/0xc0
[ 1757.245544][T31085]                         do_syscall_64+0xfa/0xfa0
[ 1757.252071][T31085]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.260149][T31085]  }
[ 1757.262655][T31085]  ... key      at: [<ffffffff9980a8a0>] fasync_insert_entry.__key+0x0/0x20
[ 1757.271440][T31085]  ... acquired at:
[ 1757.275335][T31085]    lock_acquire+0x120/0x360
[ 1757.280088][T31085]    _raw_read_lock_irqsave+0xaf/0x100
[ 1757.285566][T31085]    kill_fasync+0x199/0x4d0
[ 1757.290272][T31085]    __start_tty+0x18c/0x220
[ 1757.294890][T31085]    start_tty+0x2b/0x70
[ 1757.299230][T31085]    n_tty_set_termios+0xa7c/0x1090
[ 1757.304456][T31085]    tty_set_termios+0xda4/0x17e0
[ 1757.309494][T31085]    set_termios+0x516/0x6c0
[ 1757.314272][T31085]    tty_mode_ioctl+0x47e/0x740
[ 1757.319222][T31085]    tty_ioctl+0x9c6/0xde0
[ 1757.323663][T31085]    __se_sys_ioctl+0xfc/0x170
[ 1757.328438][T31085]    do_syscall_64+0xfa/0xfa0
[ 1757.333182][T31085]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.339257][T31085] 
[ 1757.341587][T31085] 
[ 1757.341587][T31085] stack backtrace:
[ 1757.347485][T31085] CPU: 1 UID: 0 PID: 31085 Comm: syz.7.7132 Not tainted syzkaller #0 PREEMPT(full) 
[ 1757.347507][T31085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1757.347520][T31085] Call Trace:
[ 1757.347528][T31085]  <TASK>
[ 1757.347536][T31085]  dump_stack_lvl+0x189/0x250
[ 1757.347564][T31085]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1757.347587][T31085]  ? __pfx__printk+0x10/0x10
[ 1757.347608][T31085]  validate_chain+0x1f05/0x2140
[ 1757.347640][T31085]  __lock_acquire+0xab9/0xd20
[ 1757.347659][T31085]  ? kill_fasync+0x199/0x4d0
[ 1757.347678][T31085]  lock_acquire+0x120/0x360
[ 1757.347693][T31085]  ? kill_fasync+0x199/0x4d0
[ 1757.347719][T31085]  _raw_read_lock_irqsave+0xaf/0x100
[ 1757.347742][T31085]  ? kill_fasync+0x199/0x4d0
[ 1757.347761][T31085]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[ 1757.347786][T31085]  kill_fasync+0x199/0x4d0
[ 1757.347806][T31085]  ? kill_fasync+0x53/0x4d0
[ 1757.347826][T31085]  ? __pfx_n_tty_write_wakeup+0x10/0x10
[ 1757.347845][T31085]  __start_tty+0x18c/0x220
[ 1757.347867][T31085]  start_tty+0x2b/0x70
[ 1757.347889][T31085]  n_tty_set_termios+0xa7c/0x1090
[ 1757.347910][T31085]  ? __pfx_n_tty_set_termios+0x10/0x10
[ 1757.347928][T31085]  tty_set_termios+0xda4/0x17e0
[ 1757.347952][T31085]  ? __pfx_tty_set_termios+0x10/0x10
[ 1757.347978][T31085]  set_termios+0x516/0x6c0
[ 1757.348000][T31085]  ? __pfx_set_termios+0x10/0x10
[ 1757.348023][T31085]  ? tty_ldisc_ref_wait+0x25/0x70
[ 1757.348047][T31085]  ? get_signal+0x1150/0x1340
[ 1757.348068][T31085]  tty_mode_ioctl+0x47e/0x740
[ 1757.348090][T31085]  ? __pfx_tty_mode_ioctl+0x10/0x10
[ 1757.348111][T31085]  ? tty_ldisc_ref_wait+0x25/0x70
[ 1757.348140][T31085]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[ 1757.348165][T31085]  ? n_tty_ioctl_helper+0x8e/0x340
[ 1757.348187][T31085]  ? __pfx_n_tty_ioctl+0x10/0x10
[ 1757.348205][T31085]  tty_ioctl+0x9c6/0xde0
[ 1757.348228][T31085]  ? __pfx_tty_ioctl+0x10/0x10
[ 1757.348252][T31085]  __se_sys_ioctl+0xfc/0x170
[ 1757.348275][T31085]  do_syscall_64+0xfa/0xfa0
[ 1757.348299][T31085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.348315][T31085]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1757.348333][T31085]  ? clear_bhb_loop+0x60/0xb0
[ 1757.348352][T31085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.348369][T31085] RIP: 0033:0x7f14c7d8f6c9
[ 1757.348388][T31085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1757.348404][T31085] RSP: 002b:00007f14c8bc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1757.348424][T31085] RAX: ffffffffffffffda RBX: 00007f14c7fe6090 RCX: 00007f14c7d8f6c9
[ 1757.348437][T31085] RDX: 0000200000000140 RSI: 0000000000005402 RDI: 0000000000000006
[ 1757.348449][T31085] RBP: 00007f14c7e11f91 R08: 0000000000000000 R09: 0000000000000000
[ 1757.348460][T31085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1757.348471][T31085] R13: 00007f14c7fe6128 R14: 00007f14c7fe6090 R15: 00007f14c810fa28
[ 1757.348490][T31085]  </TASK>