last executing test programs:

13.416253998s ago: executing program 0 (id=139):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240), &(0x7f0000000200), 0x0, r1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x51}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000140)=[0x7], &(0x7f0000000440)=[0x0], &(0x7f0000000040), 0x0, 0xc6})

12.80250874s ago: executing program 0 (id=141):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000000)={0x0, 0x32, 0x0, 0x0, 0x0, 0x89a62ba7e92db8bf}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r3, 0x4068aea3, &(0x7f0000000280)={0xc0, 0x0, 0x2000})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0xc0010004, 0xec000000, 0xcd}]})
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9770080000000000000f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a78faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410ae300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf811005001bca1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c479df1d198c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5cf792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5bf446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffabb199b541013c0aadc36486da57511896c147f6a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078ad694d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162dd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a3304bbc29c0035650f9b2b04fe5e981d5be5ee123e431fd793ea179a0fc77aaee66d87307716cb32008026b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266c0cf0639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d8377b0d6ae9b97034f9400"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0xc})
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=@delqdisc={0x138, 0x25, 0x400, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x8}, {0x0, 0x7}, {0xe, 0x5}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x108, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "a074a8402cd0a96a67d3d94bed80112dbb68728373f9631ad7f7ff922f3547efa3c0c66f3c63b4aa7e76604e5fd009276193164c3cec11aec15a0ecb293e33b3f9f689e7c65548ba1f5b69f2b96721c694f999c5731678ccb381b3d1d5a3919d6a054c21634891f8641a9996598f14f2f929dd81c2ec4ccc588c2f20978b22d265b0a3432a7531bc1f025d805d2a70a7fc73ec63eda28c9ce8bc8fd92be977dac4abbed56b99247b6ef1b56ed1280fa70e6d80cd40eb5483f9e2fe134054423e9c501dcba3716e6eb9cf7acb6be3dd19305b2e3c16160e9686cb0b8c1fb7890813b6b469dffd6004982463a3aca90cfc9a9e8daf9dd5a7881b500ee888a5f5ea"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4000}, 0xc050)

10.533064812s ago: executing program 3 (id=146):
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
io_uring_setup(0x3b2f, &(0x7f0000000000)={0x0, 0x603b, 0x0, 0x1, 0x1c2})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0d00020004000000010000b000ff000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

10.532407915s ago: executing program 1 (id=147):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0xdfffffff, 0x5e490420, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)
write$FUSE_WRITE(r3, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1002}]})
pipe2$watch_queue(&(0x7f0000000300), 0x80)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = shmget$private(0x0, 0x800000, 0x1db0, &(0x7f0000173000/0x800000)=nil)
shmctl$IPC_RMID(r4, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r5 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x0, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r5, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
syz_open_procfs(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/arp\x00')
lseek(r6, 0xa3d2, 0x0)

9.78851474s ago: executing program 3 (id=149):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
syz_usb_connect(0x3, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
read$char_usb(r1, &(0x7f00000002c0)=""/151, 0x97)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

8.007916058s ago: executing program 1 (id=150):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000b5b30a40450c056055b50102030109021200"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000440)={0x1c, &(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
fanotify_init(0xf00, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000040)={'\x00\f\x00', 0x0, 0x5, 0x2, 0x0, 0x9, "0097683d856f1ea0e8ae7a8600", "00004702", "0300", "97ad3700", ["fdffffff84a438dfc5d5c010", "d78cb8b0ff00", "0000efffffffffffbfff00"]})
ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000000)={0x63, 0x8bea, 0x1, 0x3, 0x2, 0x6, "0b0909d70c5a4ece54e76d48f944c89a", 0x7, 0x80, 0x0, 0x99, 0xe, 0x40, 0x4})

7.481751122s ago: executing program 2 (id=152):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0)

6.991885665s ago: executing program 3 (id=154):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x4, 0x4, 0x800006})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x6, 0x1fb, 0xc38})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

6.860237915s ago: executing program 2 (id=155):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0, 0xf4}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000804003001c0012800b00010067726574617000000c00028008000700ac14142808000a00", @ANYRES32=r3], 0x44}}, 0x804)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010003f6fdd140"], 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x5)
sendto$packet(r4, &(0x7f0000000040)="2717a90af1a30d71286f47000000", 0xe, 0x40000, &(0x7f0000000180)={0x11, 0x18, r6, 0x1, 0x0, 0x6, @link_local}, 0x14)

6.196111373s ago: executing program 4 (id=156):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, <r2=>0x0], &(0x7f0000000200), 0x4, r1})
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000280)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r4], &(0x7f0000000140)=[0x7], &(0x7f0000000440)=[r2], &(0x7f0000000040), 0x0, 0xc6})

6.111135119s ago: executing program 3 (id=157):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="e0000000000101040000000000000000020000001c00188008000140a080000008000240000000020820034000000002240001801400018008000100e000000108000200e00000010c0002800500010000000000040016404400108008000140fffff800080002400000000108000140ffff1fc508000140000006870800014000000004080003"], 0xe0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000, 0x0)

5.739870744s ago: executing program 4 (id=158):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x2)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xd)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x43)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000400)=0x7)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x3)

5.473581907s ago: executing program 3 (id=159):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x34, r1, 0x101, 0x70bd28, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random='j'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x4}]}, 0x34}}, 0x20004800)

5.031453502s ago: executing program 2 (id=160):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0xdfffffff, 0x5e490420, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)
write$FUSE_WRITE(r3, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1002}]})
pipe2$watch_queue(&(0x7f0000000300), 0x80)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = shmget$private(0x0, 0x800000, 0x1db0, &(0x7f0000173000/0x800000)=nil)
shmctl$IPC_RMID(r4, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r5 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x0, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r5, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
syz_open_procfs(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/arp\x00')
lseek(r6, 0xa3d2, 0x0)

4.999704182s ago: executing program 4 (id=161):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x850}, 0x40)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, 0x0, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1}}], 0x1, 0x20000014)

4.936307315s ago: executing program 3 (id=162):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2, 0x8, 0x0, 0x3}, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
pread64(r2, &(0x7f0000001600)=""/4098, 0x1002, 0x97)

4.698051068s ago: executing program 0 (id=163):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240), &(0x7f0000000200), 0x0, r1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x51}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000140)=[0x7], &(0x7f0000000440)=[0x0], &(0x7f0000000040), 0x0, 0xc6})

4.317935546s ago: executing program 1 (id=164):
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, 0x0, &(0x7f00000000c0))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x100000000, 0x7, 0x2, 0x180, 0x6, 0xf, 0xf1, 0x50, 0x12, 0x1, 0x0, 0x29, 0x0, 0x6, 0x200000000000004, 0xbdb], 0xffff1001, 0xc7451})
write(0xffffffffffffffff, &(0x7f0000000000)="d5", 0xfffffedf)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0xd, 0x1000000000, 0xb, 0x43, 0x9, 0x0, 0x2004cb, 0x0, 0x1000000, 0x7fffffff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x10000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x4, 0x2e, 0x80, 0x8}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x1, 0x45, 0x7d, 0x3, 0x4, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x2, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x4, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xd}, {0xeeee0000, 0xd000, 0xf, 0x3, 0xf6, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x25000, 0xb, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x6000, 0x3000, 0x10, 0x5, 0x7, 0x5, 0x7, 0x3, 0x48, 0x1, 0x48, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0x1, 0x7, 0x1, 0x9, 0x5, 0xd, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x80a0000, 0x4}, 0x80000021, 0x0, 0x0, 0x12024, 0x2, 0x0, 0x5000, [0x6808000000000000, 0x4, 0x3, 0x6]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.705059699s ago: executing program 0 (id=165):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0)

3.289703892s ago: executing program 4 (id=166):
write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)="e1afcb51d0a8efee5db9c49210ac47520bf777cdc8ce8b0945561123e8eac920cf6c9e3c50a58f339dc06697e71240e069c4e7631d750dc4a75b87eb4d00f59d9fbf656e7788aae1efa1ec1f309d77c6e4", 0x51)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
io_uring_setup(0x41d9, &(0x7f0000000100)={0x0, 0xcfcd, 0x2, 0x3, 0x44})
io_uring_setup(0x5f2b, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000000, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = dup(0xffffffffffffffff)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@x86={0x3, 0x1, 0xfb, 0x0, 0x10005, 0x5, 0x3, 0xd4, 0x7, 0x2, 0x4, 0x1, 0x0, 0x7, 0x3, 0xd6, 0x2, 0x9, 0x7, '\x00', 0x8, 0x1})

2.862755755s ago: executing program 1 (id=167):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x4, 0x4, 0x800006})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x6, 0x1fb, 0xc38})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.862253641s ago: executing program 0 (id=168):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x20, 0x3f, 0x107, 0xfffffffe, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x145}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

2.771790208s ago: executing program 2 (id=169):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x184)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000780)={@val={0x0, 0x86dd}, @val={0x2, 0x3, 0x5, 0x9, 0xa, 0x40}, @mpls={[], @ipv6=@generic={0x8, 0x6, "3739ed", 0x28, 0x89, 0xff, @local, @mcast2, {[], "59c0ac5a142dbdbec6b7f2b65327cfd00f8bd3acba38414fcc35f63d64902ea8bb580250f9fdb4ec"}}}}, 0xfdef)

2.276592606s ago: executing program 4 (id=170):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0, 0xf4}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000804003001c0012800b00010067726574617000000c00028008000700ac14142808000a00", @ANYRES32=r3], 0x44}}, 0x804)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010003f6fdd140"], 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x5)
sendto$packet(r4, &(0x7f0000000040)="2717a90af1a30d71286f47000000", 0xe, 0x40000, &(0x7f0000000180)={0x11, 0x18, r6, 0x1, 0x0, 0x6, @link_local}, 0x14)

1.883974187s ago: executing program 1 (id=171):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x2)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xd)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x43)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000400)=0x7)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x3)

1.491974881s ago: executing program 2 (id=172):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x34, r1, 0x101, 0x70bd28, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random='j'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x4}]}, 0x34}}, 0x20004800)

1.160743812s ago: executing program 1 (id=173):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000000)={0x0, 0x32, 0x0, 0x0, 0x0, 0x89a62ba7e92db8bf}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r3, 0x4068aea3, &(0x7f0000000280)={0xc0, 0x0, 0x2000})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0xc0010004, 0xec000000, 0xcd}]})
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9770080000000000000f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a78faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410ae300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf811005001bca1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c479df1d198c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5cf792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5bf446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffabb199b541013c0aadc36486da57511896c147f6a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078ad694d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162dd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a3304bbc29c0035650f9b2b04fe5e981d5be5ee123e431fd793ea179a0fc77aaee66d87307716cb32008026b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266c0cf0639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d8377b0d6ae9b97034f9400"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0xc})
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=@delqdisc={0x138, 0x25, 0x400, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x8}, {0x0, 0x7}, {0xe, 0x5}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x108, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "a074a8402cd0a96a67d3d94bed80112dbb68728373f9631ad7f7ff922f3547efa3c0c66f3c63b4aa7e76604e5fd009276193164c3cec11aec15a0ecb293e33b3f9f689e7c65548ba1f5b69f2b96721c694f999c5731678ccb381b3d1d5a3919d6a054c21634891f8641a9996598f14f2f929dd81c2ec4ccc588c2f20978b22d265b0a3432a7531bc1f025d805d2a70a7fc73ec63eda28c9ce8bc8fd92be977dac4abbed56b99247b6ef1b56ed1280fa70e6d80cd40eb5483f9e2fe134054423e9c501dcba3716e6eb9cf7acb6be3dd19305b2e3c16160e9686cb0b8c1fb7890813b6b469dffd6004982463a3aca90cfc9a9e8daf9dd5a7881b500ee888a5f5ea"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4000}, 0xc050)

887.06806ms ago: executing program 2 (id=174):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd634936f2})
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x66)

198.913123ms ago: executing program 0 (id=175):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3, r1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x51}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000140)=[0x7], &(0x7f0000000440)=[0x0], &(0x7f0000000040), 0x0, 0xc6})

0s ago: executing program 4 (id=176):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x850}, 0x40)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, 0x0, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1}}], 0x1, 0x20000014)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.32' (ED25519) to the list of known hosts.
[  156.568491][ T5757] cgroup: Unknown subsys name 'net'
[  156.712314][ T5757] cgroup: Unknown subsys name 'cpuset'
[  156.728978][ T5757] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  162.358099][ T5757] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  167.819701][ T5781] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  167.850153][   T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  167.860483][   T49] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  167.870666][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  167.878898][   T49] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  167.885847][ T5788] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  167.889425][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  167.894310][ T5788] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  167.905735][   T49] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  167.911426][ T5788] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  167.919902][   T49] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  167.925099][ T5788] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  167.932144][   T49] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  167.972711][ T5785] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  167.975077][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  167.992094][ T5072] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  168.013972][ T5781] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  168.022734][ T5781] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  168.039298][ T5781] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  168.047969][ T5072] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  168.054999][ T5785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  168.056926][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  168.068139][ T5072] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  168.088538][ T5785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  168.121905][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  169.348112][ T5777] chnl_net:caif_netlink_parms(): no params data found
[  169.510941][ T5786] chnl_net:caif_netlink_parms(): no params data found
[  169.664147][ T5779] chnl_net:caif_netlink_parms(): no params data found
[  169.964581][ T5775] chnl_net:caif_netlink_parms(): no params data found
[  169.983057][ T5788] Bluetooth: hci2: command tx timeout
[  170.022902][ T5783] chnl_net:caif_netlink_parms(): no params data found
[  170.063662][ T5788] Bluetooth: hci0: command tx timeout
[  170.143310][ T5785] Bluetooth: hci1: command tx timeout
[  170.149237][ T5788] Bluetooth: hci4: command tx timeout
[  170.226333][ T5788] Bluetooth: hci3: command tx timeout
[  170.275324][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.293275][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.300887][ T5777] bridge_slave_0: entered allmulticast mode
[  170.316785][ T5777] bridge_slave_0: entered promiscuous mode
[  170.372457][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.380809][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.390409][ T5777] bridge_slave_1: entered allmulticast mode
[  170.400624][ T5777] bridge_slave_1: entered promiscuous mode
[  170.707595][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.725663][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.743481][ T5786] bridge_slave_0: entered allmulticast mode
[  170.753981][ T5786] bridge_slave_0: entered promiscuous mode
[  170.775441][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.786120][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.794202][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.801588][ T5779] bridge_slave_0: entered allmulticast mode
[  170.810387][ T5779] bridge_slave_0: entered promiscuous mode
[  170.854732][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.862195][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.870504][ T5786] bridge_slave_1: entered allmulticast mode
[  170.880343][ T5786] bridge_slave_1: entered promiscuous mode
[  170.902279][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.913046][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.920797][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.928573][ T5779] bridge_slave_1: entered allmulticast mode
[  170.937444][ T5779] bridge_slave_1: entered promiscuous mode
[  171.058163][ T5775] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.065965][ T5775] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.073615][ T5775] bridge_slave_0: entered allmulticast mode
[  171.081782][ T5775] bridge_slave_0: entered promiscuous mode
[  171.185232][ T5775] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.193057][ T5775] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.200506][ T5775] bridge_slave_1: entered allmulticast mode
[  171.209185][ T5775] bridge_slave_1: entered promiscuous mode
[  171.226428][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.244872][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.260142][ T5777] team0: Port device team_slave_0 added
[  171.266586][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.274260][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.281651][ T5783] bridge_slave_0: entered allmulticast mode
[  171.290571][ T5783] bridge_slave_0: entered promiscuous mode
[  171.309151][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.372256][ T5777] team0: Port device team_slave_1 added
[  171.379294][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.386823][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.394415][ T5783] bridge_slave_1: entered allmulticast mode
[  171.402569][ T5783] bridge_slave_1: entered promiscuous mode
[  171.418191][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.501248][ T5775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.634056][ T5775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.650585][ T5786] team0: Port device team_slave_0 added
[  171.753705][ T5786] team0: Port device team_slave_1 added
[  171.761670][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.769060][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  171.795318][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.815523][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.833935][ T5779] team0: Port device team_slave_0 added
[  171.887267][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.894952][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  171.921447][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.941671][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.958146][ T5779] team0: Port device team_slave_1 added
[  171.971581][ T5775] team0: Port device team_slave_0 added
[  172.063100][ T5788] Bluetooth: hci2: command tx timeout
[  172.067755][ T5775] team0: Port device team_slave_1 added
[  172.076190][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.083461][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.109687][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.126719][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.133888][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.143351][ T5788] Bluetooth: hci0: command tx timeout
[  172.160295][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.223268][ T5785] Bluetooth: hci1: command tx timeout
[  172.229189][ T5788] Bluetooth: hci4: command tx timeout
[  172.291017][ T5783] team0: Port device team_slave_0 added
[  172.303224][ T5788] Bluetooth: hci3: command tx timeout
[  172.304896][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.316256][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.342572][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.379077][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.386323][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.412966][ T5775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.430898][ T5783] team0: Port device team_slave_1 added
[  172.441499][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.448763][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.474981][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.510791][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.518094][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.545041][ T5775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.631768][ T5777] hsr_slave_0: entered promiscuous mode
[  172.641368][ T5777] hsr_slave_1: entered promiscuous mode
[  172.731941][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.740455][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.766899][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.790484][ T5786] hsr_slave_0: entered promiscuous mode
[  172.798861][ T5786] hsr_slave_1: entered promiscuous mode
[  172.806786][ T5786] debugfs: 'hsr0' already exists in 'hsr'
[  172.812618][ T5786] Cannot create hsr debugfs directory
[  172.870606][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.877944][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  172.904321][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.107177][ T5779] hsr_slave_0: entered promiscuous mode
[  173.115987][ T5779] hsr_slave_1: entered promiscuous mode
[  173.123917][ T5779] debugfs: 'hsr0' already exists in 'hsr'
[  173.129777][ T5779] Cannot create hsr debugfs directory
[  173.163742][ T5775] hsr_slave_0: entered promiscuous mode
[  173.172281][ T5775] hsr_slave_1: entered promiscuous mode
[  173.180337][ T5775] debugfs: 'hsr0' already exists in 'hsr'
[  173.186735][ T5775] Cannot create hsr debugfs directory
[  173.394746][ T5783] hsr_slave_0: entered promiscuous mode
[  173.403443][ T5783] hsr_slave_1: entered promiscuous mode
[  173.410931][ T5783] debugfs: 'hsr0' already exists in 'hsr'
[  173.416932][ T5783] Cannot create hsr debugfs directory
[  174.143027][ T5788] Bluetooth: hci2: command tx timeout
[  174.223117][ T5788] Bluetooth: hci0: command tx timeout
[  174.303148][ T5785] Bluetooth: hci1: command tx timeout
[  174.309145][ T5788] Bluetooth: hci4: command tx timeout
[  174.391004][ T5788] Bluetooth: hci3: command tx timeout
[  174.399389][ T5777] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  174.433000][ T5777] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  174.466654][ T5777] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  174.498336][ T5777] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  174.577356][ T5786] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  174.647212][ T5786] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  174.677763][ T5786] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  174.698552][ T5786] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  174.910230][ T5779] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  174.936818][ T5779] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  174.958290][ T5779] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  174.998725][ T5779] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  175.219834][ T5775] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  175.239694][ T5775] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  175.285224][ T5775] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  175.307576][ T5775] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  175.519556][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.619652][ T5783] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  175.667454][ T5783] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  175.709779][ T5783] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  175.759152][ T5777] 8021q: adding VLAN 0 to HW filter on device team0
[  175.767265][ T5783] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  175.916892][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.932433][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.939936][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.999784][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.007164][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.212418][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[  176.223085][ T5788] Bluetooth: hci2: command tx timeout
[  176.264698][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.272158][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.304050][ T5788] Bluetooth: hci0: command tx timeout
[  176.361390][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0
[  176.384199][ T5788] Bluetooth: hci4: command tx timeout
[  176.391434][ T5785] Bluetooth: hci1: command tx timeout
[  176.424903][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.432229][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.463214][ T5785] Bluetooth: hci3: command tx timeout
[  176.499375][ T5779] 8021q: adding VLAN 0 to HW filter on device team0
[  176.567139][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.574492][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.609536][ T5775] 8021q: adding VLAN 0 to HW filter on device bond0
[  176.688974][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.696506][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.822604][ T5775] 8021q: adding VLAN 0 to HW filter on device team0
[  176.872223][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.879775][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.119919][  T253] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.127445][  T253] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.377476][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.514181][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.566545][ T5783] 8021q: adding VLAN 0 to HW filter on device team0
[  177.687604][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.695334][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.768732][   T77] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.776245][   T77] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.358457][ T5777] veth0_vlan: entered promiscuous mode
[  178.489167][ T5777] veth1_vlan: entered promiscuous mode
[  178.654647][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.816685][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.015896][ T5777] veth0_macvtap: entered promiscuous mode
[  179.111068][ T5775] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.141104][ T5777] veth1_macvtap: entered promiscuous mode
[  179.402523][ T5786] veth0_vlan: entered promiscuous mode
[  179.449879][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.502254][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.622278][ T5786] veth1_vlan: entered promiscuous mode
[  179.649627][   T57] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.659324][   T57] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.681127][   T57] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.710519][   T77] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.768878][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.880070][ T5775] veth0_vlan: entered promiscuous mode
[  180.073603][ T5775] veth1_vlan: entered promiscuous mode
[  180.287583][ T5786] veth0_macvtap: entered promiscuous mode
[  180.367337][ T5783] veth0_vlan: entered promiscuous mode
[  180.397058][ T5786] veth1_macvtap: entered promiscuous mode
[  180.562346][ T5779] veth0_vlan: entered promiscuous mode
[  180.580265][ T5783] veth1_vlan: entered promiscuous mode
[  180.619108][ T5775] veth0_macvtap: entered promiscuous mode
[  180.697987][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.732504][ T5779] veth1_vlan: entered promiscuous mode
[  180.747610][ T5775] veth1_macvtap: entered promiscuous mode
[  180.850161][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.980590][   T77] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.999770][   T77] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.010277][   T77] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.090521][ T5783] veth0_macvtap: entered promiscuous mode
[  181.105817][   T77] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.196225][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.277480][ T5783] veth1_macvtap: entered promiscuous mode
[  181.334782][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.434867][ T5779] veth0_macvtap: entered promiscuous mode
[  181.507061][ T5779] veth1_macvtap: entered promiscuous mode
[  181.549827][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.578259][   T53] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.603958][   T53] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.633699][   T57] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.679712][   T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.777559][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.881647][  T253] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.914343][   T77] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.990916][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.026310][   T77] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.057137][ T3453] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.140480][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.287928][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.338245][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.387240][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.422248][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.217406][ T3453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.279498][ T3453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.473423][  T253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.481428][  T253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.960923][ T5777] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  184.844987][ T5929] faux_driver vgem: [drm] Unknown color mode 727; guessing buffer size.
[  186.398830][ T5953] netlink: 'syz.3.7': attribute type 1 has an invalid length.
[  186.431442][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.472927][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.817175][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  186.824308][  T253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.848178][  T253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.043186][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[  187.076195][   T10] usb 4-1: no configurations
[  187.081001][   T10] usb 4-1: can't read configurations, error -22
[  187.499682][  T534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.545537][  T534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.704953][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.768213][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.103222][  T534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.111224][  T534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.126260][ T5976] binder: BINDER_SET_CONTEXT_MGR already set
[  188.132410][ T5976] binder: 5975:5976 ioctl 4018620d 80004a80 returned -16
[  188.447250][ T3453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.475093][ T3453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.730694][ T3453] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.742676][ T3453] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.781685][ T5984] fuse: Unknown parameter 'grou00000000000000000000'
[  188.783192][ T5978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9'.
[  188.852295][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.882345][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.933646][   T10] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  189.168839][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  189.193000][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.233194][   T10] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  189.242519][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.366750][   T10] usb 1-1: config 0 descriptor??
[  190.000951][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.045841][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.063925][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.082375][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.137581][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.180414][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.191493][ T5991] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  190.232087][   T10] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  190.285624][ T5988] loop1: detected capacity change from 0 to 4096
[  190.299455][   T10] isku 0003:1E7D:319C.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.0-1/input0
[  190.360276][   T10] isku 0003:1E7D:319C.0001: couldn't init struct isku_device
[  190.398347][   T10] isku 0003:1E7D:319C.0001: couldn't install keyboard
[  190.424769][ T6000] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  190.445485][   T10] isku 0003:1E7D:319C.0001: probe with driver isku failed with error -71
[  190.542571][   T10] usb 1-1: USB disconnect, device number 2
[  191.315111][ T6003] fido_id[6003]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  191.649966][ T6007] netlink: 'syz.4.15': attribute type 1 has an invalid length.
[  191.865297][ T6012] loop3: detected capacity change from 0 to 512
[  191.907917][ T6012] =======================================================
[  191.907917][ T6012] WARNING: The mand mount option has been deprecated and
[  191.907917][ T6012]          and is ignored by this kernel. Remove the mand
[  191.907917][ T6012]          option from the mount to silence this warning.
[  191.907917][ T6012] =======================================================
[  192.079308][ T6012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.133630][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  192.196549][ T6012] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.453318][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  192.461346][   T10] usb 5-1: no configurations
[  192.513129][   T10] usb 5-1: can't read configurations, error -22
[  192.552423][ T6018] binder: BINDER_SET_CONTEXT_MGR already set
[  192.559520][ T6018] binder: 6017:6018 ioctl 4018620d 80004a80 returned -16
[  192.673929][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.884570][ T6022] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20'.
[  192.912487][ T6020] fuse: Unknown parameter 'group_i00000000000000000000'
[  193.235741][ T6024] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.574822][ T6024] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.610841][ T6032] binder: BINDER_SET_CONTEXT_MGR already set
[  193.657671][ T6032] binder: 6031:6032 ioctl 4018620d 80004a80 returned -16
[  193.711302][ T6032] binder: 6031:6032 ioctl c0306201 0 returned -14
[  193.950582][ T6024] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.969010][ T6035] loop4: detected capacity change from 0 to 4096
[  194.153102][ T6038] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  194.259703][ T6024] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.623201][   T30] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  194.728193][   T13] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.800732][   T13] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.849989][   T30] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  194.879718][   T13] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.906844][   T30] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.934986][   T30] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  194.983136][   T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.998698][   T13] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.028057][   T30] usb 2-1: config 0 descriptor??
[  195.591105][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.634086][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.676665][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.733367][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.740451][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.814219][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.821278][   T30] isku 0003:1E7D:319C.0002: unknown main item tag 0x0
[  195.919484][   T30] isku 0003:1E7D:319C.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[  195.931770][ T6059] binder: BINDER_SET_CONTEXT_MGR already set
[  195.972432][ T6059] binder: 6058:6059 ioctl 4018620d 80004a80 returned -16
[  195.998172][   T30] isku 0003:1E7D:319C.0002: couldn't init struct isku_device
[  196.033173][   T30] isku 0003:1E7D:319C.0002: couldn't install keyboard
[  196.057379][   T30] isku 0003:1E7D:319C.0002: probe with driver isku failed with error -71
[  196.130957][   T30] usb 2-1: USB disconnect, device number 2
[  196.166989][ T6056] loop0: detected capacity change from 0 to 4096
[  196.360196][ T6063] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  196.475383][ T6064] fuse: Unknown parameter 'group_i00000000000000000000'
[  196.524503][ T6061] fido_id[6061]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  196.825065][ T6066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.34'.
[  197.256116][ T6069] netlink: 'syz.0.35': attribute type 1 has an invalid length.
[  197.723868][ T5832] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  197.967552][ T5832] usb 1-1: unable to get BOS descriptor or descriptor too short
[  198.007700][ T5832] usb 1-1: no configurations
[  198.013947][ T5832] usb 1-1: can't read configurations, error -22
[  198.459346][ T6079] loop2: detected capacity change from 0 to 4096
[  198.623152][ T6088] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  199.340618][ T6097] binder: 6095:6097 ioctl c0306201 0 returned -14
[  199.675214][ T6096] loop3: detected capacity change from 0 to 4096
[  199.776224][ T6101] fuse: Unknown parameter 'group_i00000000000000000000'
[  199.783526][ T6099] kvm: requested 134933 ns i8254 timer period limited to 200000 ns
[  199.844916][ T6104] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  199.867577][ T6099] kvm: requested 186057 ns i8254 timer period limited to 200000 ns
[  199.936726][ T6099] kvm: requested 80457 ns i8254 timer period limited to 200000 ns
[  200.076216][ T6108] netlink: 8 bytes leftover after parsing attributes in process `syz.0.48'.
[  200.746835][   T30] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  200.928685][ T6121] netlink: 'syz.2.54': attribute type 1 has an invalid length.
[  200.946344][   T30] usb 2-1: Using ep0 maxpacket: 16
[  200.974375][   T30] usb 2-1: config index 0 descriptor too short (expected 51443, got 18)
[  201.085374][   T30] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  201.113180][   T30] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.122117][   T30] usb 2-1: Product: syz
[  201.159117][   T30] usb 2-1: Manufacturer: syz
[  201.178014][   T30] usb 2-1: SerialNumber: syz
[  201.223832][   T30] r8152-cfgselector 2-1: Unknown version 0x0000
[  201.245910][   T30] r8152-cfgselector 2-1: config 0 descriptor??
[  201.479889][ T5836] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  201.519638][   T30] r8152-cfgselector 2-1: Needed 1 retries to read version
[  201.539631][   T30] r8152-cfgselector 2-1: Unknown version 0x1440
[  201.560477][   T30] r8152-cfgselector 2-1: bad CDC descriptors
[  201.734451][   T30] r8152-cfgselector 2-1: USB disconnect, device number 3
[  201.763228][ T5836] usb 3-1: unable to get BOS descriptor or descriptor too short
[  201.808305][ T5836] usb 3-1: no configurations
[  201.840997][ T5836] usb 3-1: can't read configurations, error -22
[  202.061202][ T6134] loop0: detected capacity change from 0 to 4096
[  202.195995][ T6135] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  202.338913][ T6138] binder: 6136:6138 ioctl c0306201 0 returned -14
[  202.457909][ T6139] loop4: detected capacity change from 0 to 2048
[  202.709421][ T5980]  loop4: p2 p3 p7
[  203.046876][ T6144] fuse: Unknown parameter 'group_id00000000000000000000'
[  203.073797][ T6139]  loop4: p2 p3 p7
[  203.131981][ T6149] netlink: 8 bytes leftover after parsing attributes in process `syz.3.63'.
[  203.606496][ T6147] loop1: detected capacity change from 0 to 4096
[  203.743243][ T6159] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  203.975596][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  204.028884][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  204.035899][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  204.062362][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  204.126199][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  204.460390][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  204.503747][ T5906] udevd[5906]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  204.529820][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  205.423588][ T6180] binder: 6178:6180 ioctl c0306201 0 returned -14
[  205.585511][ T6172] loop2: detected capacity change from 0 to 4096
[  205.613250][ T5832] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  205.727775][ T6181] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  205.900603][ T5832] usb 4-1: unable to get BOS descriptor or descriptor too short
[  205.963082][ T5832] usb 4-1: no configurations
[  205.967877][ T5832] usb 4-1: can't read configurations, error -22
[  206.127023][ T6183] loop1: detected capacity change from 0 to 2048
[  206.416478][ T5906]  loop1: p2 p3 p7
[  206.574221][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'.
[  206.917320][ T6192] random: crng reseeded on system resumption
[  207.839895][ T5785] Bluetooth: hci3: Invalid handle: 0x8e5a > 0x0eff
[  207.890559][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  207.905673][ T5906] udevd[5906]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[  207.925101][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  209.543641][ T6216] loop0: detected capacity change from 0 to 4096
[  209.675201][ T6226] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  209.754681][ T5832] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  209.854778][   T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  209.858765][ T6228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.92'.
[  210.030494][ T5832] usb 2-1: unable to get BOS descriptor or descriptor too short
[  210.052983][   T10] usb 3-1: Using ep0 maxpacket: 32
[  210.076936][ T5832] usb 2-1: no configurations
[  210.081847][ T5832] usb 2-1: can't read configurations, error -22
[  210.137600][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  210.173031][   T10] usb 3-1: unable to read config index 0 descriptor/start: -71
[  210.180900][   T10] usb 3-1: can't read configurations, error -71
[  210.593373][ T6235] random: crng reseeded on system resumption
[  211.413382][ T6234] loop3: detected capacity change from 0 to 2048
[  211.686918][ T6133]  loop3: p2 p3 p7
[  211.861278][ T6234]  loop3: unable to read partition table
[  211.911989][ T6234] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  212.322350][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[  212.410320][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  212.426924][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  213.253129][ T5836] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  213.294191][ T6260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[  213.315300][   T13] Bluetooth: (null): Invalid header checksum
[  213.379885][ T6260] Bluetooth: (null): Invalid header checksum
[  213.414412][  T253] Bluetooth: (null): Invalid header checksum
[  213.436131][ T5836] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.460856][ T5836] usb 1-1: config 0 has no interfaces?
[  213.483545][ T5836] usb 1-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  213.522939][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.545249][ T5836] usb 1-1: Product: syz
[  213.549621][ T5836] usb 1-1: Manufacturer: syz
[  213.563129][ T5836] usb 1-1: SerialNumber: syz
[  213.617850][ T5836] usb 1-1: config 0 descriptor??
[  213.697239][   T30] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  213.763097][ T5096] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  213.903783][   T30] usb 2-1: unable to get BOS descriptor or descriptor too short
[  213.911732][   T30] usb 2-1: no configurations
[  213.937178][   T30] usb 2-1: can't read configurations, error -22
[  213.944831][ T6270] random: crng reseeded on system resumption
[  213.967976][ T5096] usb 3-1: Using ep0 maxpacket: 32
[  214.014761][ T5096] usb 3-1: unable to get BOS descriptor or descriptor too short
[  214.041159][ T5096] usb 3-1: unable to read config index 0 descriptor/start: -71
[  214.071394][ T5096] usb 3-1: can't read configurations, error -71
[  214.814344][ T6282] loop4: detected capacity change from 0 to 2048
[  215.068258][ T6282]  loop4: p2 p3 p7
[  215.516744][ T6295] fuse: Unknown parameter 'user_id00000000000000000000'
[  215.908193][   T29] audit: type=1326 audit(1775315579.245:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  215.961933][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  216.033237][   T29] audit: type=1326 audit(1775315579.265:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.064390][   T10] usb 1-1: USB disconnect, device number 5
[  216.095384][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  216.177475][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  216.200210][   T29] audit: type=1326 audit(1775315579.315:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7125cab code=0x7ffc0000
[  216.223558][   T29] audit: type=1326 audit(1775315579.315:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7125cab code=0x7ffc0000
[  216.263627][   T29] audit: type=1326 audit(1775315579.315:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.334732][   T29] audit: type=1326 audit(1775315579.315:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.402785][    C1] hrtimer: interrupt took 291808 ns
[  216.419613][   T29] audit: type=1326 audit(1775315579.315:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.529234][   T29] audit: type=1326 audit(1775315579.325:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.542534][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  216.556847][ T5096] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  216.612270][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  216.667192][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  216.736688][   T29] audit: type=1326 audit(1775315579.325:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.829372][   T29] audit: type=1326 audit(1775315579.325:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.3.116" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23f6c code=0x7ffc0000
[  216.880107][ T5096] usb 5-1: Using ep0 maxpacket: 16
[  216.947233][  T253] Bluetooth: (null): Invalid header checksum
[  216.954918][ T5096] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  216.976392][ T6310] netlink: 8 bytes leftover after parsing attributes in process `syz.2.120'.
[  217.009342][ T5096] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  217.041226][ T5096] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.049943][ T6310] Bluetooth: (null): Invalid header checksum
[  217.064488][  T534] Bluetooth: (null): Invalid header checksum
[  217.076447][ T5096] usb 5-1: Product: syz
[  217.101930][ T5096] usb 5-1: Manufacturer: syz
[  217.128069][ T5096] usb 5-1: SerialNumber: syz
[  217.149726][ T5096] usb 5-1: config 0 descriptor??
[  217.226568][ T5096] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  217.260668][ T5096] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  217.841075][ T5096] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  218.318533][ T5096] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  218.343014][ T5096] em28xx 5-1:0.0: board has no eeprom
[  218.543162][   T30] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  218.571096][   T10] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  218.623303][ T5096] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  218.641927][ T5096] em28xx 5-1:0.0: dvb set to bulk mode.
[  218.648079][ T6327] loop2: detected capacity change from 0 to 256
[  218.651382][ T5836] em28xx 5-1:0.0: Binding DVB extension
[  218.667906][ T6327] FAT-fs (loop2): Directory bread(block 1285) failed
[  218.687702][ T6327] FAT-fs (loop2): Directory bread(block 1286) failed
[  218.737482][ T6327] FAT-fs (loop2): Directory bread(block 1287) failed
[  218.740051][ T5096] usb 5-1: USB disconnect, device number 4
[  218.766124][   T10] usb 1-1: Using ep0 maxpacket: 32
[  218.793778][ T6327] FAT-fs (loop2): Directory bread(block 1288) failed
[  218.803266][   T30] usb 2-1: unable to get BOS descriptor or descriptor too short
[  218.824745][ T5096] em28xx 5-1:0.0: Disconnecting em28xx
[  218.831044][   T30] usb 2-1: no configurations
[  218.840404][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  218.851726][   T30] usb 2-1: can't read configurations, error -22
[  218.885331][   T10] usb 1-1: unable to read config index 0 descriptor/start: -71
[  218.910237][ T6327] FAT-fs (loop2): Directory bread(block 1285) failed
[  218.929842][   T10] usb 1-1: can't read configurations, error -71
[  218.949519][ T6327] FAT-fs (loop2): Directory bread(block 1286) failed
[  218.973597][ T6327] FAT-fs (loop2): Directory bread(block 1287) failed
[  218.985425][ T6327] FAT-fs (loop2): Directory bread(block 1288) failed
[  219.041513][ T6329] FAT-fs (loop2): Directory bread(block 1285) failed
[  219.083567][ T5836] em28xx 5-1:0.0: Registering input extension
[  219.106886][ T5096] em28xx 5-1:0.0: Closing input extension
[  219.112386][ T6329] FAT-fs (loop2): Directory bread(block 1286) failed
[  219.210783][ T5096] em28xx 5-1:0.0: Freeing device
[  219.465039][ T5836] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  219.663039][ T5836] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  219.712198][ T5836] usb 4-1: config 0 has no interfaces?
[  219.754640][ T5836] usb 4-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  219.779318][ T5836] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.801033][ T5836] usb 4-1: Product: syz
[  219.816069][ T5836] usb 4-1: Manufacturer: syz
[  219.820874][ T5836] usb 4-1: SerialNumber: syz
[  219.874187][ T5836] usb 4-1: config 0 descriptor??
[  220.060514][ T6339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.133'.
[  220.276220][ T6345] fuse: Bad value for 'fd'
[  220.994416][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  220.994486][   T29] audit: type=1326 audit(1775315584.315:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  221.110361][   T29] audit: type=1326 audit(1775315584.335:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  222.164814][   T10] usb 4-1: USB disconnect, device number 6
[  223.248917][ T5832] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  223.438638][ T5832] usb 5-1: unable to get BOS descriptor or descriptor too short
[  223.456264][ T5836] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  223.477329][ T5832] usb 5-1: no configurations
[  223.497631][ T5832] usb 5-1: can't read configurations, error -22
[  223.577386][ T6375] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  223.693258][ T5836] usb 2-1: Using ep0 maxpacket: 32
[  223.717751][ T5836] usb 2-1: unable to get BOS descriptor or descriptor too short
[  223.783162][ T5836] usb 2-1: unable to read config index 0 descriptor/start: -71
[  223.790978][ T5836] usb 2-1: can't read configurations, error -71
[  225.453215][ T6391] fuse: Bad value for 'fd'
[  225.790698][   T29] audit: type=1326 audit(1775315589.125:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  225.914716][   T29] audit: type=1326 audit(1775315589.175:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.019543][   T29] audit: type=1326 audit(1775315589.235:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.105736][   T29] audit: type=1326 audit(1775315589.235:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.203021][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  226.225413][   T29] audit: type=1326 audit(1775315589.235:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.323393][   T29] audit: type=1326 audit(1775315589.245:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.373764][   T10] usb 4-1: Using ep0 maxpacket: 8
[  226.388094][   T10] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  226.403356][   T10] usb 4-1: config 0 has no interface number 0
[  226.415650][   T29] audit: type=1326 audit(1775315589.245:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.446087][   T10] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  226.470667][   T10] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  226.495291][   T29] audit: type=1326 audit(1775315589.255:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.541455][   T10] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  226.564559][   T10] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  226.616997][   T10] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  226.617984][   T29] audit: type=1326 audit(1775315589.325:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.725981][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.756617][   T29] audit: type=1326 audit(1775315589.335:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  226.758035][   T10] usb 4-1: config 0 descriptor??
[  226.937042][   T29] audit: type=1326 audit(1775315589.335:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  227.049304][   T29] audit: type=1326 audit(1775315589.355:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.1.147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  227.082415][   T10] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  227.402605][   T10] usb 4-1: USB disconnect, device number 7
[  227.460164][   T10] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  227.783049][ T5836] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  227.959505][ T5836] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  228.007483][ T5836] usb 2-1: config 0 has no interfaces?
[  228.058830][ T5836] usb 2-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  228.104380][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.149059][ T5836] usb 2-1: Product: syz
[  228.153719][ T5836] usb 2-1: Manufacturer: syz
[  228.158484][ T5836] usb 2-1: SerialNumber: syz
[  228.187709][ T5836] usb 2-1: config 0 descriptor??
[  229.163126][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  229.309349][ T6418] netlink: 68 bytes leftover after parsing attributes in process `syz.3.157'.
[  229.336123][ T6418] netlink: 16 bytes leftover after parsing attributes in process `syz.3.157'.
[  229.372324][ T6418] netlink: 8 bytes leftover after parsing attributes in process `syz.3.157'.
[  229.405361][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  229.436224][   T10] usb 3-1: no configurations
[  229.471432][   T10] usb 3-1: can't read configurations, error -22
[  229.806913][  T534] Bluetooth: (null): Invalid header checksum
[  229.840137][ T6421] Bluetooth: (null): Invalid header checksum
[  230.652019][ T6431] fuse: Bad value for 'fd'
[  230.762534][ T5832] usb 2-1: USB disconnect, device number 12
[  231.286657][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  231.286729][   T29] audit: type=1326 audit(1775315594.615:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.375547][   T29] audit: type=1326 audit(1775315594.615:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.436604][   T29] audit: type=1326 audit(1775315594.685:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.461092][ T6438] kvm: requested 134933 ns i8254 timer period limited to 200000 ns
[  231.501203][ T6438] kvm: requested 186057 ns i8254 timer period limited to 200000 ns
[  231.570195][   T29] audit: type=1326 audit(1775315594.685:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.618273][ T6438] kvm: requested 80457 ns i8254 timer period limited to 200000 ns
[  231.701503][   T29] audit: type=1326 audit(1775315594.685:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.763682][   T29] audit: type=1326 audit(1775315594.775:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.925137][   T29] audit: type=1326 audit(1775315594.775:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  231.982361][   T29] audit: type=1326 audit(1775315594.775:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  232.066085][   T29] audit: type=1326 audit(1775315594.825:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=19 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  232.151440][   T29] audit: type=1326 audit(1775315594.825:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37f6c code=0x7ffc0000
[  232.716387][ T6455] openvswitch: netlink: IP tunnel dst address not specified
[  232.754089][ T6452] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.955728][ T6457] syz.2.169 uses obsolete (PF_INET,SOCK_PACKET)
[  233.018211][ T6452] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.180900][ T6452] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.420002][ T6452] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.676666][   T35] Bluetooth: (null): Invalid header checksum
[  233.724857][ T6462] Bluetooth: (null): Invalid header checksum
[  233.753289][ T5836] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  233.934517][   T35] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.997448][ T5836] usb 5-1: unable to get BOS descriptor or descriptor too short
[  234.022375][ T5836] usb 5-1: no configurations
[  234.053366][ T5836] usb 5-1: can't read configurations, error -22
[  234.106095][  T253] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.344904][   T35] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.367899][   T35] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.248496][    C1] =====================================================
[  235.255733][    C1] BUG: KMSAN: uninit-value in __flush_smp_call_function_queue+0x362/0x18e0
[  235.264488][    C1]  __flush_smp_call_function_queue+0x362/0x18e0
[  235.270891][    C1]  generic_smp_call_function_single_interrupt+0x1c/0x30
[  235.277980][    C1]  __sysvec_call_function_single+0x4b/0x3e0
[  235.284026][    C1]  sysvec_call_function_single+0x7c/0x90
[  235.289810][    C1]  asm_sysvec_call_function_single+0x1f/0x30
[  235.295930][    C1]  virt_to_page_or_null+0x27/0x170
[  235.301172][    C1]  kmsan_get_shadow_origin_ptr+0x35/0xb0
[  235.306947][    C1]  __msan_metadata_ptr_for_load_8+0x24/0x40
[  235.313013][    C1]  filter_irq_stacks+0x49/0x190
[  235.318016][    C1]  stack_depot_save_flags+0x35/0x790
[  235.323450][    C1]  stack_depot_save+0x12/0x20
[  235.328265][    C1]  __msan_poison_alloca+0x100/0x1a0
[  235.333627][    C1]  find_vma+0x3d/0x110
[  235.337821][    C1]  lock_mm_and_find_vma+0xc7/0xa60
[  235.343136][    C1]  do_user_addr_fault+0x91e/0x2510
[  235.348412][    C1]  exc_page_fault+0x70/0xb0
[  235.353060][    C1]  asm_exc_page_fault+0x2b/0x30
[  235.358035][    C1]  __put_user_nocheck_4+0x3/0x10
[  235.363218][    C1]  ___sys_recvmsg+0x20b/0x850
[  235.368049][    C1]  do_recvmmsg+0x50b/0xdf0
[  235.372635][    C1]  __sys_recvmmsg+0xf3/0x450
[  235.377370][    C1]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[  235.383862][    C1]  ia32_sys_call+0x3ec3/0x4360
[  235.388739][    C1]  __do_fast_syscall_32+0x17f/0x3f0
[  235.394125][    C1]  do_fast_syscall_32+0x37/0x80
[  235.399135][    C1]  do_SYSENTER_32+0x1f/0x30
[  235.403796][    C1]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.410370][    C1] 
[  235.412746][    C1] Local variable reuse.i created at:
[  235.418090][    C1]  mas_wr_store_entry+0x14bd/0x96d0
[  235.423437][    C1]  mas_store_prealloc+0x1834/0x1e60
[  235.428787][    C1] 
[  235.431208][    C1] CPU: 1 UID: 0 PID: 6467 Comm: syz.1.173 Not tainted syzkaller #0 PREEMPT(full) 
[  235.440539][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  235.450690][    C1] =====================================================
[  235.457693][    C1] Disabling lock debugging due to kernel taint
[  235.463929][    C1] Kernel panic - not syncing: kmsan.panic set ...
[  235.470480][    C1] CPU: 1 UID: 0 PID: 6467 Comm: syz.1.173 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  235.481398][    C1] Tainted: [B]=BAD_PAGE
[  235.485616][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  235.495776][    C1] Call Trace:
[  235.499126][    C1]  <IRQ>
[  235.502043][    C1]  __dump_stack+0x26/0x30
[  235.506521][    C1]  dump_stack_lvl+0x50/0x1c0
[  235.511255][    C1]  ? dump_stack+0x12/0x25
[  235.515735][    C1]  dump_stack+0x1e/0x25
[  235.520038][    C1]  vpanic+0x7b4/0x1430
[  235.524282][    C1]  panic+0x15d/0x160
[  235.528385][    C1]  kmsan_report+0x31a/0x320
[  235.533072][    C1]  ? __msan_warning+0x1b/0x30
[  235.537904][    C1]  ? __flush_smp_call_function_queue+0x362/0x18e0
[  235.544474][    C1]  ? generic_smp_call_function_single_interrupt+0x1c/0x30
[  235.551743][    C1]  ? __sysvec_call_function_single+0x4b/0x3e0
[  235.557963][    C1]  ? sysvec_call_function_single+0x7c/0x90
[  235.563929][    C1]  ? asm_sysvec_call_function_single+0x1f/0x30
[  235.570228][    C1]  ? virt_to_page_or_null+0x27/0x170
[  235.575646][    C1]  ? kmsan_get_shadow_origin_ptr+0x35/0xb0
[  235.581582][    C1]  ? __msan_metadata_ptr_for_load_8+0x24/0x40
[  235.587821][    C1]  ? filter_irq_stacks+0x49/0x190
[  235.593004][    C1]  ? stack_depot_save_flags+0x35/0x790
[  235.598626][    C1]  ? stack_depot_save+0x12/0x20
[  235.603625][    C1]  ? __msan_poison_alloca+0x100/0x1a0
[  235.609157][    C1]  ? find_vma+0x3d/0x110
[  235.613558][    C1]  ? lock_mm_and_find_vma+0xc7/0xa60
[  235.618977][    C1]  ? do_user_addr_fault+0x91e/0x2510
[  235.624432][    C1]  ? exc_page_fault+0x70/0xb0
[  235.629264][    C1]  ? asm_exc_page_fault+0x2b/0x30
[  235.634609][    C1]  ? __put_user_nocheck_4+0x3/0x10
[  235.639890][    C1]  ? ___sys_recvmsg+0x20b/0x850
[  235.644902][    C1]  ? do_recvmmsg+0x50b/0xdf0
[  235.649643][    C1]  ? __sys_recvmmsg+0xf3/0x450
[  235.654560][    C1]  ? __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[  235.661237][    C1]  ? ia32_sys_call+0x3ec3/0x4360
[  235.666304][    C1]  ? __do_fast_syscall_32+0x17f/0x3f0
[  235.671849][    C1]  ? do_fast_syscall_32+0x37/0x80
[  235.677046][    C1]  ? do_SYSENTER_32+0x1f/0x30
[  235.681887][    C1]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.688548][    C1]  ? __pfx_lapic_next_event+0x10/0x10
[  235.694102][    C1]  ? clockevents_program_event+0x58d/0xcb0
[  235.700095][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.705367][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.710615][    C1]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  235.717116][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.722368][    C1]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  235.728313][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.733562][    C1]  __msan_warning+0x1b/0x30
[  235.738234][    C1]  __flush_smp_call_function_queue+0x362/0x18e0
[  235.744672][    C1]  generic_smp_call_function_single_interrupt+0x1c/0x30
[  235.751762][    C1]  __sysvec_call_function_single+0x4b/0x3e0
[  235.757819][    C1]  sysvec_call_function_single+0x7c/0x90
[  235.763608][    C1]  </IRQ>
[  235.766606][    C1]  <TASK>
[  235.769609][    C1]  asm_sysvec_call_function_single+0x1f/0x30
[  235.775745][    C1] RIP: 0010:virt_to_page_or_null+0x27/0x170
[  235.781775][    C1] Code: 90 90 90 48 89 f8 48 2d 00 00 00 80 73 29 48 89 fa 48 2b 15 63 d2 ab 0f 48 39 c2 77 12 0f b6 0d 18 60 45 10 48 89 d6 48 d3 ee <48> 85 f6 74 1a 31 c0 e9 cd 4a 60 0e cc 48 3d ff ff ff 1f 77 f0 48
[  235.801529][    C1] RSP: 0018:ffff888053df7530 EFLAGS: 00000246
[  235.807739][    C1] RAX: ffff8880d3df76a8 RBX: ffff888053df76a8 RCX: 000000000000002e
[  235.815818][    C1] RDX: 0000000053df76a8 RSI: 0000000000000000 RDI: ffff888053df76a8
[  235.823917][    C1] RBP: ffff888053df7550 R08: ffffea000000000f R09: 0000000000000000
[  235.831992][    C1] R10: ffff888237c90028 R11: 0000000000000000 R12: ffffffff827b09d7
[  235.840067][    C1] R13: ffffffff828366dd R14: 0000000000000000 R15: ffff888053df7600
[  235.848153][    C1]  ? find_vma+0x3d/0x110
[  235.852553][    C1]  ? lock_mm_and_find_vma+0xc7/0xa60
[  235.858004][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.863267][    C1]  kmsan_get_shadow_origin_ptr+0x35/0xb0
[  235.869054][    C1]  __msan_metadata_ptr_for_load_8+0x24/0x40
[  235.875133][    C1]  ? mm_get_unmapped_area+0xb1/0x140
[  235.880578][    C1]  filter_irq_stacks+0x49/0x190
[  235.885609][    C1]  stack_depot_save_flags+0x35/0x790
[  235.891055][    C1]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  235.896995][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.902237][    C1]  stack_depot_save+0x12/0x20
[  235.907075][    C1]  __msan_poison_alloca+0x100/0x1a0
[  235.912455][    C1]  ? find_vma+0x3d/0x110
[  235.916835][    C1]  ? lock_mm_and_find_vma+0xc7/0xa60
[  235.922268][    C1]  find_vma+0x3d/0x110
[  235.926482][    C1]  ? lock_mm_and_find_vma+0xb0/0xa60
[  235.931901][    C1]  lock_mm_and_find_vma+0xc7/0xa60
[  235.937407][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.942645][    C1]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  235.948594][    C1]  do_user_addr_fault+0x91e/0x2510
[  235.953876][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.959112][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  235.964352][    C1]  ? __pfx_kmsan_save_stack_with_flags+0x1/0x10
[  235.970786][    C1]  exc_page_fault+0x70/0xb0
[  235.975442][    C1]  asm_exc_page_fault+0x2b/0x30
[  235.980430][    C1] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[  235.986361][    C1] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 11 5c 04 00 90 90 90 90 90 90 90 90 90 90
[  236.006112][    C1] RSP: 0018:ffff888053df79a0 EFLAGS: 00050246
[  236.012309][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080041018
[  236.020391][    C1] RDX: ffff88805788a140 RSI: 0000000080000002 RDI: 00000000ffffffff
[  236.028569][    C1] RBP: ffff888053df7ac0 R08: ffffea000000000f R09: 0000000000000000
[  236.036664][    C1] R10: ffff8880535f7a90 R11: ffffffff8ef42e60 R12: 0000000080000002
[  236.044760][    C1] R13: 0000000080041018 R14: ffff88805788ad08 R15: 0000000000000000
[  236.052895][    C1]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  236.058653][    C1]  ? ____sys_recvmsg+0x324/0x620
[  236.063756][    C1]  ? import_iovec+0xaf/0xe0
[  236.068523][    C1]  ? get_compat_msghdr+0x673/0x740
[  236.073822][    C1]  ___sys_recvmsg+0x20b/0x850
[  236.078706][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  236.083958][    C1]  ? kmsan_internal_check_memory+0x9f/0x240
[  236.090324][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  236.095580][    C1]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  236.101546][    C1]  do_recvmmsg+0x50b/0xdf0
[  236.106142][    C1]  ? stack_depot_save_flags+0x35/0x790
[  236.111768][    C1]  ? kmsan_get_metadata+0xf1/0x160
[  236.117041][    C1]  __sys_recvmmsg+0xf3/0x450
[  236.121797][    C1]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  236.127752][    C1]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[  236.134282][    C1]  ia32_sys_call+0x3ec3/0x4360
[  236.139262][    C1]  __do_fast_syscall_32+0x17f/0x3f0
[  236.144650][    C1]  do_fast_syscall_32+0x37/0x80
[  236.149676][    C1]  do_SYSENTER_32+0x1f/0x30
[  236.154342][    C1]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.160838][    C1] RIP: 0023:0xf7fd2f6c
[  236.165012][    C1] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  236.184758][    C1] RSP: 002b:00000000f547550c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[  236.193312][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  236.201387][    C1] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  236.209466][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.217551][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  236.225619][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.233722][    C1]  </TASK>
[  236.237274][    C1] Kernel Offset: disabled
[  236.241641][    C1] Rebooting in 86400 seconds..