last executing test programs:

9m8.782709956s ago: executing program 1 (id=157):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x2})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x4009, &(0x7f0000000540)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r2, &(0x7f0000008340)={0x2020}, 0x2020)

9m6.804279537s ago: executing program 1 (id=163):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

9m5.442125022s ago: executing program 1 (id=166):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

9m5.307941776s ago: executing program 1 (id=167):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r3, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r3, 0x2)

9m4.322760312s ago: executing program 1 (id=169):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0xc0049364, &(0x7f0000000180))
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)

9m4.050921406s ago: executing program 1 (id=170):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x7d})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "2e2b5aa4"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000c00)={0x84, &(0x7f0000000800)={0x0, 0x0, 0x1, "9d"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
readv(r2, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x1)
ioctl$HIDIOCSFLAG(r2, 0x4004480f, &(0x7f0000000000)=0x3)
ioctl$HIDIOCGUSAGE(r2, 0xc018480b, 0x0)

8m49.033803544s ago: executing program 32 (id=170):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x7d})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "2e2b5aa4"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000c00)={0x84, &(0x7f0000000800)={0x0, 0x0, 0x1, "9d"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
readv(r2, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x1)
ioctl$HIDIOCSFLAG(r2, 0x4004480f, &(0x7f0000000000)=0x3)
ioctl$HIDIOCGUSAGE(r2, 0xc018480b, 0x0)

7m27.475382373s ago: executing program 5 (id=415):
socket(0x28, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x3, 0x3c)
r1 = syz_open_procfs(0x0, &(0x7f0000019140)='net/udp\x00')
socket$inet(0x2, 0x2, 0x0)
socket$inet(0x2, 0x2, 0x0)
pread64(r1, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)

7m26.318240039s ago: executing program 5 (id=417):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
recvmmsg(r3, &(0x7f00000021c0), 0x5b, 0x40, 0x0)

7m25.219985608s ago: executing program 5 (id=420):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_GET_IO_FLUSHER(0x4)
syz_clone(0x25000, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)

7m23.300992794s ago: executing program 5 (id=423):
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3, 0x0, 0x8}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f00000001c0)=0x3, 0x4)

7m22.129599991s ago: executing program 5 (id=427):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
setpgid(0x0, r0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10)
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)

7m19.882535034s ago: executing program 5 (id=432):
socket$kcm(0x10, 0x0, 0x4)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000004700)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r3, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)

7m4.311836147s ago: executing program 33 (id=432):
socket$kcm(0x10, 0x0, 0x4)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000004700)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r3, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)

6m56.875505594s ago: executing program 2 (id=485):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r2, 0x6, 0x0, 0x0, 0x12})
io_uring_enter(r2, 0x627, 0xc1040000, 0x43, 0x0, 0x0)

6m54.34330891s ago: executing program 2 (id=491):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder0\x00', 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000200000000000000004000000000000001000ff00000000002000000000000000b0acf9d8eb675146b719a096ac36f5388d35a669f635c5e4ea3036c32b63a3a27fe39727ede7b84c27f154de0dd1a02e29944d1a8138fa5ccc7b84356fe03a654a5016ac6f50d540a35289b0b4e32c32fb2549ad45908730b261be762e56ba08d28c07f5d0c7126f6478442a3e179d0592b1017e03c92d523670ddc3ee7b1e1ecb181c0033b92ae85434d76d323c4e9e6f3da7"], 0x24, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)

6m51.948274018s ago: executing program 2 (id=494):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

6m50.84008196s ago: executing program 2 (id=497):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)

6m49.08069393s ago: executing program 2 (id=503):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce070200000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090"], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e", 0xb, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000504"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x20048000)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

6m47.666772153s ago: executing program 2 (id=510):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
syz_clone(0x410e6080, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000d0000000000000000000000850000000500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f00000001c0)="581f9239658ea95ed371ea3dd361", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

6m32.424919416s ago: executing program 34 (id=510):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
syz_clone(0x410e6080, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000d0000000000000000000000850000000500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f00000001c0)="581f9239658ea95ed371ea3dd361", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

17.846880517s ago: executing program 4 (id=1389):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x1d, &(0x7f00000001c0), 0x4)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, 0x0, 0x0)

16.555093144s ago: executing program 4 (id=1393):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x1a8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x88200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setresuid(0xee01, 0xee01, 0x0)
socket(0x2, 0x2, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x81f, 0x0, 0x0, &(0x7f0000000540))
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r3, 0x400448e7, &(0x7f0000000080))

14.484818985s ago: executing program 7 (id=1398):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x0, 0x0, 0xffbfffff}, 0x10)
sendmsg$nl_route(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
mknodat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x8000, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000803200000000000000000000000000000000000001000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff0000000000000000000000000000000000000000000000000000000002000100af00000000000000"], 0x170}}, 0x0)
landlock_create_ruleset(0x0, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000000202010f0000000000000000020000092c000280060003400004000014000180"], 0x40}, 0x1, 0x0, 0x0, 0x4c800}, 0x40000)

14.190460103s ago: executing program 0 (id=1399):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x400000000010, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000005000500010000000800040000000000050006000000000008000300010000002be7f6"], 0x34}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)

14.180715245s ago: executing program 4 (id=1400):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000001200), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)

13.110224157s ago: executing program 6 (id=1401):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200488c0}, 0xc000)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000300)='gfs2\x00', 0x5, 0x0)

11.91757625s ago: executing program 0 (id=1403):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@remote, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x1c, 0x67, 0x0, 0x18, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @address_reply={0x12, 0x0, 0x0, 0x8}}}}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

9.822962269s ago: executing program 7 (id=1405):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{}, 0x0, &(0x7f0000000700)}, 0x20)
r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x6, 0x0, 0x2, "57d4915b52cdfd4e8ea56ed6c1ca719a"})

9.592645723s ago: executing program 6 (id=1406):
socket$netlink(0x10, 0x3, 0x10)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ipv6_route\x00')
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000001e40)={0x0, 0x0, &(0x7f0000001e00)={&(0x7f0000001d80)={0x30, 0x2, 0x3, 0x401, 0x0, 0x0, {0xa, 0x0, 0x8}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1a}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x2, 0x1}}]}, 0x30}, 0x1, 0x0, 0x0, 0x58}, 0x4)
getsockname$packet(r0, 0x0, &(0x7f0000000100))
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)=ANY=[])
read$FUSE(r2, &(0x7f0000002400)={0x2020, 0x0, <r3=>0x0}, 0xfffffeef)
write$FUSE_INIT(r2, &(0x7f0000002300)={0x50, 0x0, r3, {0x7, 0x9, 0x0, 0x8695c3813a9bd78d}}, 0x50)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f00000000c0)=0x81)
r5 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0xffffffff, 0x5, 0x0, 0xfffffefc, 'syz0\x00'}, 0x2, 0x2, 0x1, r5, 0x0, 0xff, 'syz0\x00', 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

9.459395285s ago: executing program 3 (id=1407):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000940)=@dellinkprop={0x28, 0x12, 0x201, 0x0, 0x0, {}, [@IFLA_NET_NS_PID={0x8, 0x1d, 0xffffffffffffffff}]}, 0x28}}, 0x0)

9.118916863s ago: executing program 0 (id=1408):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)

8.39914639s ago: executing program 3 (id=1409):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
ioctl$SIOCAX25OPTRT(r4, 0x89e7, &(0x7f0000000040)={@default, @bcast, 0x2, 0x20})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRESOCT, @ANYRESOCT], 0x7c}}, 0x10)

8.351196336s ago: executing program 7 (id=1410):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce070200"/61, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068", 0x9, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ebffffffffffffff28"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

8.350859667s ago: executing program 4 (id=1411):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

8.299767253s ago: executing program 6 (id=1412):
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(0xffffffffffffffff, 0xc034564b, &(0x7f0000000040)={0x0, 0x50424752, 0x500, 0x5, 0x0, @stepwise={{0x3be1, 0x5}, {0x6, 0xc}, {0x1, 0x8}}})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x40, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0xc, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '+f'}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x0)
lsm_set_self_attr(0x64, &(0x7f0000000000)={0x64, 0x5b48, 0xc1, 0xa1, "9728893404e3b36b05ab61f15c50a35d300199f9b7c766ff7900bd9c4d6894d84f0058308e1f2ff0c732dbeace554aaee81ef89b306a93978b9e1f415a82689b490f1f4586626436f049c7ec7356901ed0f1d05aa8b254d758a21bd0969f73db982ed360e0be5b06c050d6272cbdb258e942a82820c49040a698f7015cfdf3b28847a5b35d32338dabda9c3f93b18316b7e4292c2823a723ed408488b503cdc805"}, 0xc1, 0x0)

7.269053436s ago: executing program 4 (id=1413):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0xc0)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, 0x0, 0xc0042, 0x1fe)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = gettid()
socket$nl_netfilter(0x10, 0x3, 0xc)
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)

7.267366879s ago: executing program 0 (id=1414):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000440)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f0000000000)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)

7.261017818s ago: executing program 3 (id=1415):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@empty, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, 0x0, 0x0, 0x1}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x32}, 0x0, @in6=@loopback, 0x1, 0x3, 0x0, 0xb7, 0x1fb, 0xffffffff}}, 0xe8)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r4, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400000000000077, 0x7600)

5.112568126s ago: executing program 3 (id=1416):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1fff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e65772064656661756c742074723fc1811ba50073797a203030303030303030303030303030303033b0ea3400"], 0x2d, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

4.909994444s ago: executing program 0 (id=1417):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fe5000/0x1000)=nil, r6, 0x1, 0x11, r5, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4.798830895s ago: executing program 7 (id=1418):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000002480)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x97a46000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

4.633059513s ago: executing program 6 (id=1419):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SNDCTL_DSP_SUBDIVIDE(0xffffffffffffffff, 0xc0045009, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
set_mempolicy(0x6005, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

2.634329377s ago: executing program 7 (id=1420):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0)
ioctl$SNDCTL_SEQ_THRESHOLD(0xffffffffffffffff, 0x4004510d, 0xffffffffffffffff)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)

2.350107631s ago: executing program 3 (id=1421):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x40003})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
dup(r2)
close_range(r0, 0xffffffffffffffff, 0x0)

2.283822045s ago: executing program 4 (id=1422):
socket$inet6(0xa, 0x3, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
r2 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040))
write$FUSE_INIT(r1, &(0x7f0000000140)={0x50}, 0xffd3)
write$fb(r1, &(0x7f00000006c0)="33c2aaa88c843884e1889402645c0915d89de3d16af1f8bb653db9bbfe953bf5e331630b38f362cc8dd4a58de197", 0x2e)
read$FUSE(r1, &(0x7f0000000700)={0x2020}, 0x2020)
setuid(0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff000000003e040000000000001f000000000000000404000001ed0a002500000017ffffffae040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184a0b139d8d4209c8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6b8306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004"], &(0x7f00000001c0)='GPL\x00'}, 0x94)

1.974742855s ago: executing program 0 (id=1423):
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000600), 0x4)
r2 = openat$vcs(0xffffff9c, &(0x7f0000001100), 0x6a201, 0x0)
write$UHID_INPUT(r2, &(0x7f0000002c40)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad94bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd8456a18f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3a532f000000000000880ef33ca51d4bf5f0fb55baa10cf56606001253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368cef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a7a881a1d617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb475dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df00", 0xffffffc2}}, 0x1006)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000700)=0xdf0000)

1.152726257s ago: executing program 7 (id=1424):
syz_usb_connect$uac1(0x5, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x40, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r9}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x4c}}, 0x0)

1.111987949s ago: executing program 6 (id=1425):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r4)

1.078677345s ago: executing program 3 (id=1426):
syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e03200009800707"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = syz_open_dev$video4linux(0x0, 0x3f, 0x0)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = memfd_create(&(0x7f0000000140)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6#\r\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?$^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xce\xe5\x19THP\xf4O\xe2\x9f\xd9\xae\xcf>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0\xb04\xb7T5\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\x03\x8a\xc40\xbe\xe3\x93A\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\xcbC\x15\xfcp\x11\xdai\f{\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\x82t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6^r\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9w\xd2\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x00\x00\x00\x00\x00\x00\x00', 0x4)
fallocate(r4, 0x0, 0x0, 0x2400001)
socketpair(0x28, 0x1, 0xd, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
getsockname$packet(r5, &(0x7f0000000200), 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r6, 0xffffffffffffffff, 0x0)

0s ago: executing program 6 (id=1427):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000340)={@random="d803f32e4445", @broadcast, @val={@void, {0x8100, 0x7, 0x1, 0x4}}, {@canfd={0xd, {{0x2, 0x0, 0x0, 0x1}, 0x35, 0x2, 0x0, 0x0, "fa626a5a1a5ede3b512453729ca4fa7fabc7d57ca50df4c4c4325d809a22848207ee42dee687e007c56604ea233439405a84a7336808c56b9be7538386b8a698"}}}}, &(0x7f0000000040)={0x0, 0x3, [0xd4e, 0xe19, 0x5d9, 0x611]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r5 = socket$kcm(0x10, 0x2, 0x4)
recvmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2002)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.718442][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.070130][ T5847] hsr_slave_0: entered promiscuous mode
[   82.077549][ T5847] hsr_slave_1: entered promiscuous mode
[   82.083954][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.091709][ T5847] Cannot create hsr debugfs directory
[   82.259267][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   82.272294][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   82.290214][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   82.316366][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   82.428064][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.445208][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.469292][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.504544][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.547761][ T5156] Bluetooth: hci0: command tx timeout
[   82.564863][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   82.599052][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   82.630120][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   82.640934][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   82.708105][ T5156] Bluetooth: hci1: command tx timeout
[   82.738562][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.750658][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.782712][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.822144][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.868101][ T5156] Bluetooth: hci2: command tx timeout
[   82.873257][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.901736][ T5847] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   82.911631][ T5847] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   82.930321][ T5847] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   82.942036][ T5847] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   82.983072][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.021319][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   83.028630][ T5156] Bluetooth: hci3: command tx timeout
[   83.065319][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   83.094784][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.102146][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.112341][ T5156] Bluetooth: hci4: command tx timeout
[   83.120686][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.127907][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.159095][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.166288][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.175567][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.182714][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.211781][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.315839][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   83.335387][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.342560][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.384625][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.391834][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.432110][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.473268][ T5845] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   83.486792][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   83.552572][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   83.611604][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.618828][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.669669][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.676909][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.704548][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.839629][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   83.865222][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   83.915748][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.922968][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.001874][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.009096][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.071943][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.086090][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.135111][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.284571][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.304680][ T5837] veth0_vlan: entered promiscuous mode
[   84.327341][ T5845] veth0_vlan: entered promiscuous mode
[   84.365519][ T5837] veth1_vlan: entered promiscuous mode
[   84.388977][ T5845] veth1_vlan: entered promiscuous mode
[   84.451237][ T5839] veth0_vlan: entered promiscuous mode
[   84.509852][ T5833] veth0_vlan: entered promiscuous mode
[   84.520245][ T5839] veth1_vlan: entered promiscuous mode
[   84.563715][ T5833] veth1_vlan: entered promiscuous mode
[   84.579548][ T5845] veth0_macvtap: entered promiscuous mode
[   84.600495][ T5837] veth0_macvtap: entered promiscuous mode
[   84.623404][ T5837] veth1_macvtap: entered promiscuous mode
[   84.629228][ T5156] Bluetooth: hci0: command tx timeout
[   84.638292][ T5845] veth1_macvtap: entered promiscuous mode
[   84.663745][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.740447][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.765169][ T5833] veth0_macvtap: entered promiscuous mode
[   84.778606][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.789687][ T5156] Bluetooth: hci1: command tx timeout
[   84.808763][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.833218][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.843560][ T5839] veth0_macvtap: entered promiscuous mode
[   84.858538][ T5833] veth1_macvtap: entered promiscuous mode
[   84.876389][ T5845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.889955][ T5845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.900022][ T5845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.910016][ T5845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.923755][ T5837] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.933477][ T5837] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.942516][ T5837] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.951647][ T5156] Bluetooth: hci2: command tx timeout
[   84.958028][ T5837] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.972011][ T5839] veth1_macvtap: entered promiscuous mode
[   85.033881][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.073944][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.108515][ T5156] Bluetooth: hci3: command tx timeout
[   85.128566][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.168967][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.183547][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.187753][ T5156] Bluetooth: hci4: command tx timeout
[   85.194161][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.207120][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.222404][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.239159][ T5847] veth0_vlan: entered promiscuous mode
[   85.271860][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.280773][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.290079][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.298841][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.334951][ T1040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.351839][ T4071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.358426][ T1040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.364098][ T5847] veth1_vlan: entered promiscuous mode
[   85.375212][ T4071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.476748][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.490534][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.552598][ T3527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.566636][ T3527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.584079][ T5847] veth0_macvtap: entered promiscuous mode
[   85.648637][ T1040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.649459][ T5847] veth1_macvtap: entered promiscuous mode
[   85.656572][ T1040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.688140][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   85.737771][ T1040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.762338][ T1040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.796783][ T3527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.805309][ T3527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.830075][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.922833][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.987282][   T30] audit: type=1800 audit(1752149694.996:2): pid=5951 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.3" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0
[   86.015535][ T5847] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.017600][ T4071] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.044295][ T5847] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.049271][ T4071] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.061586][ T5847] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.078996][ T5847] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.509780][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.526133][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.537000][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   86.577420][ T5969] Bluetooth: MGMT ver 1.23
[   86.677631][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.707950][ T5156] Bluetooth: hci0: command tx timeout
[   86.732001][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.757408][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.776230][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.798710][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.829377][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.871046][ T5156] Bluetooth: hci1: command tx timeout
[   86.892604][  T977] cfg80211: failed to load regulatory.db
[   87.028237][ T5156] Bluetooth: hci2: command tx timeout
[   87.188933][ T5156] Bluetooth: hci3: command tx timeout
[   87.227083][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.267664][ T5156] Bluetooth: hci4: command tx timeout
[   87.273178][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   87.387479][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.586564][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   87.596265][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   97.033553][ T6071] ptrace attach of "./syz-executor exec"[6072] was attempted by "./syz-executor exec"[6071]
[   97.810722][ T6079] tipc: Started in network mode
[   97.815826][ T6079] tipc: Node identity 7f000001, cluster identity 4711
[   97.824908][ T6079] tipc: Enabled bearer <udp:syz2>, priority 10
[   98.938460][ T3088] tipc: Node number set to 2130706433
[  100.565460][ T6103] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.424839][ T5156] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  102.437036][ T5156] CPU: 0 UID: 0 PID: 5156 Comm: kworker/u9:1 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  102.437053][ T5156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.437078][ T5156] Workqueue: hci4 hci_rx_work
[  102.437109][ T5156] Call Trace:
[  102.437119][ T5156]  <TASK>
[  102.437125][ T5156]  dump_stack_lvl+0x189/0x250
[  102.437139][ T5156]  ? kernfs_path_from_node+0x2c/0x260
[  102.437150][ T5156]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.437160][ T5156]  ? __pfx__printk+0x10/0x10
[  102.437174][ T5156]  ? kernfs_path_from_node+0x2c/0x260
[  102.437182][ T5156]  ? kernfs_path_from_node+0x2c/0x260
[  102.437193][ T5156]  ? kernfs_path_from_node+0x22c/0x260
[  102.437201][ T5156]  ? kernfs_path_from_node+0x2c/0x260
[  102.437212][ T5156]  sysfs_create_dir_ns+0x259/0x280
[  102.437228][ T5156]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  102.437243][ T5156]  ? do_raw_spin_unlock+0x122/0x240
[  102.437258][ T5156]  kobject_add_internal+0x59f/0xb40
[  102.437273][ T5156]  kobject_add+0x155/0x220
[  102.437285][ T5156]  ? __pfx_kobject_add+0x10/0x10
[  102.437295][ T5156]  ? _raw_spin_unlock+0x28/0x50
[  102.437310][ T5156]  ? get_device_parent+0x366/0x3a0
[  102.437324][ T5156]  device_add+0x408/0xb50
[  102.437337][ T5156]  hci_conn_add_sysfs+0xd5/0x1e0
[  102.437352][ T5156]  le_conn_complete_evt+0xc3a/0x1220
[  102.437372][ T5156]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  102.437383][ T5156]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  102.437390][ T5156]  ? __asan_memcpy+0x40/0x70
[  102.437403][ T5156]  ? __pfx___mutex_lock+0x10/0x10
[  102.437411][ T5156]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  102.437419][ T5156]  ? skb_pull_data+0xfb/0x200
[  102.437435][ T5156]  hci_le_conn_complete_evt+0x187/0x450
[  102.437450][ T5156]  hci_event_packet+0x78c/0x1200
[  102.437465][ T5156]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  102.437477][ T5156]  ? __pfx_hci_event_packet+0x10/0x10
[  102.437491][ T5156]  ? kcov_remote_start+0x4d3/0x7f0
[  102.437504][ T5156]  ? __pfx_warn_bogus_irq_restore+0x10/0x10
[  102.437519][ T5156]  ? hci_send_to_monitor+0xe2/0x570
[  102.437531][ T5156]  hci_rx_work+0x46a/0xe80
[  102.437549][ T5156]  ? process_scheduled_works+0x9ef/0x17b0
[  102.437561][ T5156]  process_scheduled_works+0xade/0x17b0
[  102.437587][ T5156]  ? __pfx_process_scheduled_works+0x10/0x10
[  102.437606][ T5156]  worker_thread+0x8a0/0xda0
[  102.437624][ T5156]  ? __kthread_parkme+0x7b/0x200
[  102.437640][ T5156]  kthread+0x711/0x8a0
[  102.437654][ T5156]  ? __pfx_worker_thread+0x10/0x10
[  102.437663][ T5156]  ? __pfx_kthread+0x10/0x10
[  102.437676][ T5156]  ? _raw_spin_unlock_irq+0x23/0x50
[  102.437688][ T5156]  ? lockdep_hardirqs_on+0x9c/0x150
[  102.437699][ T5156]  ? __pfx_kthread+0x10/0x10
[  102.437711][ T5156]  ret_from_fork+0x3f9/0x770
[  102.437723][ T5156]  ? __pfx_ret_from_fork+0x10/0x10
[  102.437735][ T5156]  ? __switch_to_asm+0x39/0x70
[  102.437745][ T5156]  ? __switch_to_asm+0x33/0x70
[  102.437755][ T5156]  ? __pfx_kthread+0x10/0x10
[  102.437767][ T5156]  ret_from_fork_asm+0x1a/0x30
[  102.437787][ T5156]  </TASK>
[  102.437805][ T5156] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  102.745813][ T5156] Bluetooth: hci4: failed to register connection device
[  105.282809][ T6138] syz.1.42 (6138) used greatest stack depth: 16552 bytes left
[  105.350958][ T6146] netlink: 'syz.1.45': attribute type 1 has an invalid length.
[  105.525553][ T6146] vlan2: entered allmulticast mode
[  105.637887][ T6146] team_slave_1: entered allmulticast mode
[  107.276352][ T6172] netlink: 44 bytes leftover after parsing attributes in process `syz.3.53'.
[  108.547352][ T6185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.58'.
[  108.920733][ T6188] mmap: syz.3.56 (6188) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  108.974390][ T5156] Bluetooth: hci4: command 0x0406 tx timeout
[  109.314476][ T6184] overlayfs: statfs failed on './file0'
[  113.661117][ T6226] syz_tun: entered allmulticast mode
[  116.393004][ T6265] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.284602][ T6286] netlink: 'syz.1.86': attribute type 1 has an invalid length.
[  117.293706][ T6286] netlink: 'syz.1.86': attribute type 2 has an invalid length.
[  117.302484][ T6286] netlink: 'syz.1.86': attribute type 2 has an invalid length.
[  120.293599][ T6324] netlink: set zone limit has 4 unknown bytes
[  122.754996][ T6342] 9pnet: Found fid 0 not clunked
[  124.669802][ T6353] bridge0: port 3(vxlan0) entered blocking state
[  124.716735][ T6353] bridge0: port 3(vxlan0) entered disabled state
[  124.723804][ T6353] vxlan0: entered allmulticast mode
[  124.738567][ T6353] vxlan0: entered promiscuous mode
[  124.993470][ T6345] syz.4.102 (6345): drop_caches: 2
[  125.187708][ T6364] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  125.869057][ T6374] kvm: pic: single mode not supported
[  125.869149][ T6374] kvm: pic: level sensitive irq not supported
[  127.772506][ T6374] kvm: pic: single mode not supported
[  131.133166][ T5947] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  131.364177][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.372386][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.379717][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.387235][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.394459][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.401982][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.411544][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.422191][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.433280][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.506521][ T6417] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  131.530865][ T5947] usb 2-1: Using ep0 maxpacket: 32
[  131.628550][ T5947] usb 2-1: New USB device found, idVendor=050d, idProduct=0121, bcdDevice= 6.59
[  131.641182][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.649608][ T5947] usb 2-1: Product: syz
[  131.653767][ T5947] usb 2-1: Manufacturer: syz
[  131.662234][ T5947] usb 2-1: SerialNumber: syz
[  131.680911][ T5947] usb 2-1: config 0 descriptor??
[  131.862047][ T6423] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  131.927312][ T6423] tipc: Enabled bearer <eth:team0>, priority 0
[  131.941895][ T5947] pegasus 2-1:0.0: probe with driver pegasus failed with error -71
[  131.971271][ T5947] usb 2-1: USB disconnect, device number 2
[  133.467341][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  136.407523][ T6458] binder: BINDER_SET_CONTEXT_MGR already set
[  136.414934][ T6458] binder: 6457:6458 ioctl 4018620d 200000000040 returned -16
[  137.076222][ T6467] ptrace attach of "./syz-executor exec"[6468] was attempted by "./syz-executor exec"[6467]
[  139.096542][ T5895] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  139.534044][ T5895] usb 5-1: Using ep0 maxpacket: 8
[  139.579537][ T5895] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  139.588883][ T5895] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  139.599023][ T5895] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  139.610138][ T5895] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  139.620281][ T5895] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  139.633485][ T5895] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  139.642642][ T5895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.042725][ T5895] usb 5-1: usb_control_msg returned -32
[  140.164716][ T5895] usbtmc 5-1:16.0: can't read capabilities
[  141.859181][ T5895] usb 5-1: USB disconnect, device number 2
[  142.239675][ T6491] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[  147.100611][ T6576] netlink: 'syz.2.181': attribute type 1 has an invalid length.
[  147.153654][ T6576] 8021q: adding VLAN 0 to HW filter on device bond1
[  147.373559][ T6576] bond1: (slave ip6erspan0): making interface the new active one
[  147.408966][ T6576] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  150.739761][ T6604] xt_nat: multiple ranges no longer supported
[  151.044180][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  151.341854][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  151.634802][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  151.860601][    T9] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  151.881865][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  151.947022][    T9] usb 4-1: SerialNumber: syz
[  152.068668][ T6617] Zero length message leads to an empty skb
[  152.117906][ T5918] usb 3-1: new low-speed USB device number 2 using dummy_hcd
[  152.237454][    T9] usb 4-1: 0:2 : does not exist
[  152.345952][ T5918] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  152.365362][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.585392][    T9] usb 4-1: USB disconnect, device number 2
[  152.602984][ T5918] usb 3-1: config 0 descriptor??
[  152.784019][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  156.337244][ T5918] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  157.309140][ T5918] asix 3-1:0.0: probe with driver asix failed with error -71
[  157.431231][ T5918] usb 3-1: USB disconnect, device number 2
[  160.070911][ T6679] tipc: Failed to remove unknown binding: 66,1,1/0:707105650/707105652
[  160.121669][ T6679] tipc: Failed to remove unknown binding: 66,1,1/0:707105650/707105652
[  160.147802][ T6679] tipc: Failed to remove unknown binding: 66,1,1/0:707105650/707105652
[  162.128890][ T6704] netlink: 550 bytes leftover after parsing attributes in process `syz.3.209'.
[  162.687306][ T5156] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  162.696955][ T5156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  162.717121][ T5156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  162.731781][ T5156] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  162.743290][ T5156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  163.094776][ T6720] syz.2.213: attempt to access beyond end of device
[  163.094776][ T6720] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  163.799529][ T6019] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.818755][ T5156] Bluetooth: hci5: command tx timeout
[  167.268346][ T5156] Bluetooth: hci5: command tx timeout
[  167.711818][ T6754] netlink: 8 bytes leftover after parsing attributes in process `syz.4.221'.
[  168.331611][ T6765] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  168.357905][ T6765] CIFS mount error: No usable UNC path provided in device string!
[  168.357905][ T6765] 
[  168.368240][ T6765] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  169.352595][ T5156] Bluetooth: hci5: command tx timeout
[  171.427111][ T5156] Bluetooth: hci5: command tx timeout
[  173.656258][ T6019] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.816742][ T6019] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.510815][ T6019] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.714181][ T6715] chnl_net:caif_netlink_parms(): no params data found
[  177.247277][ T5940] libceph: connect (1)[c::]:6789 error -101
[  177.254430][ T5940] libceph: mon0 (1)[c::]:6789 connect error
[  178.062953][ T6821] ceph: No mds server is up or the cluster is laggy
[  179.878501][ T3088] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  180.445998][ T6019] bridge_slave_1: left allmulticast mode
[  180.657073][ T6019] bridge_slave_1: left promiscuous mode
[  180.664435][ T6019] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.717453][ T3088] usb 1-1: Using ep0 maxpacket: 32
[  180.719324][ T6019] bridge_slave_0: left allmulticast mode
[  180.728742][ T3088] usb 1-1: config 0 has no interfaces?
[  180.730654][ T3088] usb 1-1: New USB device found, idVendor=0856, idProduct=bc00, bcdDevice=b2.7f
[  180.753259][ T6019] bridge_slave_0: left promiscuous mode
[  181.489688][ T3088] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.497946][ T3088] usb 1-1: Product: syz
[  181.502572][ T3088] usb 1-1: Manufacturer: syz
[  181.514503][ T3088] usb 1-1: SerialNumber: syz
[  181.519457][ T6019] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.530102][ T3088] usb 1-1: config 0 descriptor??
[  182.409807][ T6866] capability: warning: `syz.2.247' uses deprecated v2 capabilities in a way that may be insecure
[  183.248095][ T3088] usb 1-1: USB disconnect, device number 2
[  183.370890][ T6019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.446092][ T6019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.486347][ T6019] bond0 (unregistering): Released all slaves
[  183.553426][ T6715] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.585082][ T6715] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.618612][ T6715] bridge_slave_0: entered allmulticast mode
[  183.626491][ T6715] bridge_slave_0: entered promiscuous mode
[  183.693468][ T6715] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.712587][ T6715] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.866047][ T6715] bridge_slave_1: entered allmulticast mode
[  183.874637][ T6715] bridge_slave_1: entered promiscuous mode
[  184.511205][ T6869] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.520285][ T6869] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.537646][ T6869] bridge0: entered allmulticast mode
[  184.647376][ T6871] vxlan0: left allmulticast mode
[  184.695653][ T6871] vxlan0: left promiscuous mode
[  184.900596][ T6871] bridge0: port 3(vxlan0) entered disabled state
[  185.194256][ T6871] bridge_slave_1: left allmulticast mode
[  185.201719][ T6871] bridge_slave_1: left promiscuous mode
[  185.227295][ T6871] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.263933][ T6871] bridge_slave_0: left allmulticast mode
[  185.289572][ T6871] bridge_slave_0: left promiscuous mode
[  185.304811][ T6871] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.925788][ T6715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.141287][ T6715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.206422][ T6715] team0: Port device team_slave_0 added
[  189.264678][ T6715] team0: Port device team_slave_1 added
[  190.109334][ T6948] netlink: 'syz.0.269': attribute type 83 has an invalid length.
[  190.317584][ T6019] hsr_slave_0: left promiscuous mode
[  190.955501][ T6019] hsr_slave_1: left promiscuous mode
[  190.961767][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.993245][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.140954][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.145711][ T6960] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  191.157360][ T6960] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  191.170577][ T6960] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  191.178457][ T6960] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  191.496781][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.692173][ T6019] veth1_macvtap: left promiscuous mode
[  191.710892][ T6019] veth0_macvtap: left promiscuous mode
[  191.741493][ T6019] veth1_vlan: left promiscuous mode
[  191.884796][ T6019] veth0_vlan: left promiscuous mode
[  191.917083][ T5918] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  192.628457][ T5918] usb 3-1: config 0 has an invalid interface number: 20 but max is 0
[  192.660845][ T5918] usb 3-1: config 0 has no interface number 0
[  192.683818][ T5918] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  192.707896][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.797669][ T5918] usb 3-1: Product: syz
[  192.801888][ T5918] usb 3-1: Manufacturer: syz
[  192.806505][ T5918] usb 3-1: SerialNumber: syz
[  192.862894][ T5918] usb 3-1: config 0 descriptor??
[  192.889509][ T5918] usb-storage 3-1:0.20: USB Mass Storage device detected
[  192.936619][ T5918] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  194.381010][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  194.397747][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  196.062979][ T6019] team0 (unregistering): Port device team_slave_1 removed
[  196.144097][ T6019] team0 (unregistering): Port device team_slave_0 removed
[  196.551044][ T6715] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.558475][ T6715] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.584760][ T6715] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.630898][ T5918] usb 3-1: USB disconnect, device number 3
[  196.727744][ T6715] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.767155][ T6715] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.907446][ T6715] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  197.849798][ T7007] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  198.057709][ T7015] bpq0: entered promiscuous mode
[  198.069352][ T7015] bpq0: entered allmulticast mode
[  198.688665][ T6715] hsr_slave_0: entered promiscuous mode
[  198.697928][ T6715] hsr_slave_1: entered promiscuous mode
[  198.704381][ T6715] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  198.712121][ T6715] Cannot create hsr debugfs directory
[  198.903253][ T7028] netlink: 12 bytes leftover after parsing attributes in process `syz.2.290'.
[  199.165297][ T7028] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  199.356166][ T7038] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface
[  199.410551][ T7038] bond2 (unregistering): Released all slaves
[  201.112792][ T6715] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  201.146057][ T6715] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  201.182802][ T6715] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  201.232055][ T6715] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  201.677150][ T5843] Bluetooth: hci2: command 0x0406 tx timeout
[  201.697944][ T5836] Bluetooth: hci4: command 0x0406 tx timeout
[  201.697968][ T5843] Bluetooth: hci3: command 0x0406 tx timeout
[  201.704125][ T5156] Bluetooth: hci1: command 0x0406 tx timeout
[  201.767104][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.295'.
[  201.776970][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.295'.
[  202.257397][ T6715] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.332801][ T6715] 8021q: adding VLAN 0 to HW filter on device team0
[  202.404657][ T6027] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.411883][ T6027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.551375][ T6027] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.558642][ T6027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.231805][ T6715] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  203.717421][ T5918] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  203.941155][ T5918] usb 1-1: config 0 has no interfaces?
[  203.949992][ T5918] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  203.970057][ T5918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.003424][ T5918] usb 1-1: Product: syz
[  204.030775][ T6715] 8021q: adding VLAN 0 to HW filter on device batadv0
[  204.048590][ T5918] usb 1-1: Manufacturer: syz
[  204.060636][ T5918] usb 1-1: SerialNumber: syz
[  204.091257][ T5918] usb 1-1: config 0 descriptor??
[  204.598194][ T7123] xt_NFQUEUE: number of total queues is 0
[  206.619872][ T7138] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  206.976803][ T5895] usb 1-1: USB disconnect, device number 3
[  209.127684][ T6715] veth0_vlan: entered promiscuous mode
[  209.232757][ T7173] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  209.649216][ T6715] veth1_vlan: entered promiscuous mode
[  209.716211][ T6715] veth0_macvtap: entered promiscuous mode
[  209.734745][ T6715] veth1_macvtap: entered promiscuous mode
[  210.061006][ T6715] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.139062][ T6715] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.201259][ T6715] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.218251][ T6715] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.240342][ T6715] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.266497][ T6715] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.437510][ T5895] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  210.563575][ T6019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.616685][ T6019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.635226][ T5895] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  210.647160][ T7192] binder: 7191:7192 ioctl c0306201 200000000640 returned -22
[  210.684221][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.733798][ T6012] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.746641][ T6012] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.786180][ T5895] usb 3-1: config 0 descriptor??
[  210.885103][ T5895] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  211.807094][ T7202] befs: (nullb0): invalid magic header
[  212.739850][ T7221] warning: `syz.4.325' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  213.033525][ T7227] netlink: 'syz.5.328': attribute type 10 has an invalid length.
[  213.041616][ T7227] netlink: 40 bytes leftover after parsing attributes in process `syz.5.328'.
[  213.074544][ T7227] team0: Port device geneve0 added
[  213.076974][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  213.292177][ T5940] usb 3-1: USB disconnect, device number 4
[  213.311054][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.445248][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  213.609909][    T9] usb 5-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  213.627060][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.777306][    T9] usb 5-1: Product: syz
[  213.847008][    T9] usb 5-1: Manufacturer: syz
[  213.851671][    T9] usb 5-1: SerialNumber: syz
[  213.878766][    T9] usb 5-1: config 0 descriptor??
[  214.168084][ T7221] netlink: 'syz.4.325': attribute type 10 has an invalid length.
[  215.102715][ T7221] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  215.197148][    T9] usb 5-1: USB disconnect, device number 3
[  215.343785][ T7257] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  215.350567][ T7257] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  215.391486][ T7257] vhci_hcd vhci_hcd.0: Device attached
[  215.425022][ T7260] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(11)
[  215.431902][ T7260] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  215.490184][ T7260] vhci_hcd vhci_hcd.0: Device attached
[  215.567546][ T3088] vhci_hcd: vhci_device speed not set
[  215.714524][ T7260] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(15)
[  215.721192][ T7260] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  215.737525][   T51] Bluetooth: Wrong link type (-71)
[  215.743854][ T3088] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  216.329470][ T7261] vhci_hcd: connection closed
[  216.367117][ T7257] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(10)
[  216.378453][ T7257] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  216.387805][ T7267] vhci_hcd: connection closed
[  216.389914][ T7257] vhci_hcd vhci_hcd.0: Device attached
[  216.432410][ T6018] vhci_hcd: stop threads
[  216.466336][ T7258] vhci_hcd: connection reset by peer
[  216.474779][ T7260] vhci_hcd vhci_hcd.0: Device attached
[  216.480618][ T7268] vhci_hcd: connection closed
[  216.480950][ T6018] vhci_hcd: release socket
[  216.550073][ T6018] vhci_hcd: disconnect device
[  216.567631][ T6018] vhci_hcd: stop threads
[  216.572127][ T6018] vhci_hcd: release socket
[  216.621551][ T6018] vhci_hcd: disconnect device
[  216.656899][ T6018] vhci_hcd: stop threads
[  216.661221][ T6018] vhci_hcd: release socket
[  216.676953][ T6018] vhci_hcd: disconnect device
[  216.680140][ T6018] vhci_hcd: stop threads
[  216.680155][ T6018] vhci_hcd: release socket
[  216.680203][ T6018] vhci_hcd: disconnect device
[  216.887380][ T5975] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  216.917090][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  217.076968][    T9] usb 3-1: Using ep0 maxpacket: 32
[  217.099527][ T5975] usb 5-1: Using ep0 maxpacket: 8
[  217.104595][    T9] usb 3-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  217.104625][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  217.104655][    T9] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  217.104675][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.115198][    T9] usb 3-1: config 0 descriptor??
[  217.189802][ T5975] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  217.219069][ T5975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.245877][ T5975] usb 5-1: Product: syz
[  217.258141][ T5975] usb 5-1: Manufacturer: syz
[  217.267488][ T5975] usb 5-1: SerialNumber: syz
[  217.329090][ T5975] usb 5-1: config 0 descriptor??
[  217.571478][ T7297] netlink: 68 bytes leftover after parsing attributes in process `syz.3.341'.
[  218.102456][    T9] uclogic 0003:5543:0781.0001: unbalanced delimiter at end of report description
[  218.220299][    T9] uclogic 0003:5543:0781.0001: parse failed
[  218.237054][    T9] uclogic 0003:5543:0781.0001: probe with driver uclogic failed with error -22
[  218.298743][ T5975] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  218.319468][ T5975] gspca_sunplus: reg_w_riv err -71
[  218.321880][    T9] usb 3-1: USB disconnect, device number 5
[  218.324699][ T5975] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  218.400923][ T5975] usb 5-1: USB disconnect, device number 4
[  221.546999][ T3088] vhci_hcd: vhci_device speed not set
[  224.438609][ T7378] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  224.484208][ T7378] kvm: pic: single mode not supported
[  224.484475][ T7378] kvm: pic: non byte read
[  224.522635][ T7378] kvm: pic: level sensitive irq not supported
[  224.522704][ T7378] kvm: pic: non byte read
[  224.560173][ T7378] kvm: pic: level sensitive irq not supported
[  224.560273][ T7378] kvm: pic: non byte read
[  224.605492][ T7378] kvm: pic: level sensitive irq not supported
[  224.605546][ T7378] kvm: pic: non byte read
[  224.890513][ T7397] netlink: 'syz.2.360': attribute type 1 has an invalid length.
[  224.930542][ T7397] netlink: 216 bytes leftover after parsing attributes in process `syz.2.360'.
[  225.606941][ T5918] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  225.816139][ T5918] usb 4-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  225.850900][ T5918] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 204
[  225.902104][ T5918] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.923961][ T7414] bridge_slave_0: left allmulticast mode
[  225.931390][ T5918] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  225.967018][ T7414] bridge_slave_0: left promiscuous mode
[  225.979029][ T7417] syz.0.368(7417): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  226.009545][ T5918] usb 4-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  226.020128][ T7414] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.038703][ T5918] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.090255][ T5918] usb 4-1: config 0 descriptor??
[  226.124107][ T7414] bridge_slave_1: left allmulticast mode
[  226.149185][ T7414] bridge_slave_1: left promiscuous mode
[  226.187343][ T7414] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.234739][ T7414] bond0: (slave bond_slave_0): Releasing backup interface
[  226.312557][ T7414] bond0: (slave bond_slave_1): Releasing backup interface
[  226.605918][ T7414] team0: Port device team_slave_0 removed
[  226.810602][ T7414] team0: Port device team_slave_1 removed
[  226.876469][ T7414] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.003386][ T7414] batman_adv: batadv0: Removing interface: batadv_slave_0
[  227.217856][ T7414] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  227.225359][ T7414] batman_adv: batadv0: Removing interface: batadv_slave_1
[  227.308314][ T5918] input: HID 28bd:0909 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28BD:0909.0002/input/input5
[  227.384029][ T5918] uclogic 0003:28BD:0909.0002: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.3-1/input0
[  227.397578][ T7414] bond1: (slave ip6erspan0): Releasing active interface
[  227.599561][ T5918] usb 4-1: USB disconnect, device number 3
[  227.618061][ T7436] syz.0.372: attempt to access beyond end of device
[  227.618061][ T7436] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  228.498496][ T7437] fido_id[7437]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  231.166806][ T7477] netlink: 4 bytes leftover after parsing attributes in process `syz.0.383'.
[  231.546829][ T7492] process 'syz.5.386' launched './file0' with NULL argv: empty string added
[  233.765450][ T7511] netlink: 'syz.4.389': attribute type 2 has an invalid length.
[  233.821548][ T7508] netlink: 24 bytes leftover after parsing attributes in process `syz.0.390'.
[  235.131209][ T7547] syz_tun (unregistering): left allmulticast mode
[  236.488180][ T7564] Set syz0 is full, maxelem 0 reached
[  238.158832][ T7580] genirq: Flags mismatch irq 9. 00200000 (pcmmio) vs. 00002080 (acpi)
[  240.574944][ T7590] trusted_key: syz.2.400 sent an empty control message without MSG_MORE.
[  244.865137][ T7643] xt_TPROXY: Can be used only with -p tcp or -p udp
[  246.431074][   T30] audit: type=1800 audit(1752149855.436:3): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.418" name="bus" dev="ramfs" ino=15849 res=0 errno=0
[  250.357307][ T7706] netlink: 24 bytes leftover after parsing attributes in process `syz.0.430'.
[  253.929670][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.438'.
[  255.087164][   T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  255.477014][   T24] usb 3-1: Using ep0 maxpacket: 16
[  255.491654][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  255.514314][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  255.560208][   T24] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  255.575645][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.596996][   T24] usb 3-1: Product: syz
[  255.601217][   T24] usb 3-1: Manufacturer: syz
[  255.609622][   T24] usb 3-1: SerialNumber: syz
[  255.850426][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  256.368170][   T24] usb 3-1: 0:2 : does not exist
[  256.413259][   T24] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  257.232010][   T24] usb 3-1: USB disconnect, device number 6
[  257.390934][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  258.348212][ T7795] o2cb: This node has not been configured.
[  258.354285][ T7795] o2cb: Cluster check failed. Fix errors before retrying.
[  258.361713][ T7795] (syz.2.447,7795,0):user_dlm_register:674 ERROR: status = -22
[  258.369548][ T7795] (syz.2.447,7795,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[  263.614727][ T7830] netlink: 'syz.4.454': attribute type 13 has an invalid length.
[  264.031375][ T7842] binder: 7840:7842 ioctl c0306201 0 returned -14
[  265.251032][ T7852] binder: 7851:7852 ioctl c0306201 200000000280 returned -14
[  270.179484][ T5156] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  270.202022][ T5156] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  270.270332][ T5156] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  270.284872][ T5156] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  270.297070][ T5156] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  270.672574][ T6019] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.977530][ T6019] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.036622][ T7922] netfs: Couldn't get user pages (rc=-14)
[  271.048522][ T7924] gfs2: gfs2 mount does not exist
[  271.234065][ T6019] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.414856][ T7930] netlink: 'syz.3.476': attribute type 8 has an invalid length.
[  272.597078][   T51] Bluetooth: hci0: command tx timeout
[  272.729998][ T6019] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.779136][ T7940] netlink: 4 bytes leftover after parsing attributes in process `syz.3.480'.
[  274.239407][ T6019] bridge_slave_1: left allmulticast mode
[  274.255690][ T6019] bridge_slave_1: left promiscuous mode
[  274.301154][ T6019] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.444518][ T6019] bridge_slave_0: left allmulticast mode
[  274.450770][ T6019] bridge_slave_0: left promiscuous mode
[  274.457531][ T6019] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.631159][ T5156] Bluetooth: hci0: command tx timeout
[  276.433987][ T6019] team0: Port device geneve0 removed
[  276.707351][ T5156] Bluetooth: hci0: command tx timeout
[  277.721696][ T8005] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  278.811265][ T5156] Bluetooth: hci0: command tx timeout
[  278.835458][ T6019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.847754][ T6019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.910332][ T6019] bond0 (unregistering): Released all slaves
[  279.046735][ T7908] chnl_net:caif_netlink_parms(): no params data found
[  281.584515][ T7908] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.903349][ T7908] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.917424][ T7908] bridge_slave_0: entered allmulticast mode
[  281.925249][ T7908] bridge_slave_0: entered promiscuous mode
[  281.937804][ T7908] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.952148][ T7908] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.959455][ T7908] bridge_slave_1: entered allmulticast mode
[  281.977649][ T7908] bridge_slave_1: entered promiscuous mode
[  282.279681][   T30] audit: type=1326 audit(1752149891.296:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.312846][ T7908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.331090][   T30] audit: type=1326 audit(1752149891.316:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.441546][   T30] audit: type=1326 audit(1752149891.316:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.475327][   T30] audit: type=1326 audit(1752149891.326:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.504200][   T30] audit: type=1326 audit(1752149891.326:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.590822][   T30] audit: type=1326 audit(1752149891.326:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.649914][   T30] audit: type=1326 audit(1752149891.326:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  282.729705][ T7908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.746958][   T30] audit: type=1326 audit(1752149891.346:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  283.266011][   T30] audit: type=1326 audit(1752149891.346:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  283.560691][   T30] audit: type=1326 audit(1752149891.346:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8061 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  284.463999][ T7908] team0: Port device team_slave_0 added
[  284.478459][ T8090] Illegal XDP return value 32768 on prog  (id 132) dev N/A, expect packet loss!
[  284.494218][ T7908] team0: Port device team_slave_1 added
[  285.393495][ T7908] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.408010][ T7908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.453235][ T7908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.467389][ T5895] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  285.511715][ T6019] hsr_slave_0: left promiscuous mode
[  285.519496][ T6019] hsr_slave_1: left promiscuous mode
[  285.533098][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.541831][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.551970][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.566528][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.636986][ T5895] usb 1-1: Using ep0 maxpacket: 16
[  285.648680][ T5895] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  285.667481][ T5895] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  285.682251][ T5895] usb 1-1: config 0 has no interface number 0
[  285.700584][ T5895] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  285.716986][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.735389][ T5895] usb 1-1: Product: syz
[  285.745552][ T5895] usb 1-1: Manufacturer: syz
[  285.755715][ T5895] usb 1-1: SerialNumber: syz
[  285.778325][ T5895] usb 1-1: config 0 descriptor??
[  285.813612][ T5895] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  285.820333][ T5895] usb 1-1: No valid video chain found.
[  286.021276][ T5895] usb 1-1: USB disconnect, device number 4
[  287.018922][ T6019] veth1_macvtap: left promiscuous mode
[  287.024927][ T6019] veth0_macvtap: left promiscuous mode
[  287.561283][ T6019] veth1_vlan: left promiscuous mode
[  287.566684][ T6019] veth0_vlan: left promiscuous mode
[  296.451663][ T6019] team0 (unregistering): Port device team_slave_1 removed
[  297.454617][ T6019] team0 (unregistering): Port device team_slave_0 removed
[  301.111630][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  301.121646][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  301.130672][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  301.139015][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  301.147110][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  302.235591][ T7908] batman_adv: batadv0: Adding interface: batadv_slave_1
[  302.242966][ T7908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  302.277895][ T7908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.188778][ T5156] Bluetooth: hci5: command tx timeout
[  303.327529][ T7908] hsr_slave_0: entered promiscuous mode
[  303.400578][ T7908] hsr_slave_1: entered promiscuous mode
[  303.432118][ T7908] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  303.455453][ T7908] Cannot create hsr debugfs directory
[  305.267235][ T5156] Bluetooth: hci5: command tx timeout
[  305.419813][ T8226] PKCS7: Unknown OID: [4] 0.38.107.217331280.32(bad)
[  305.426662][ T8226] PKCS7: Only support pkcs7_signedData type
[  306.969419][ T7908] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  307.716952][ T5156] Bluetooth: hci5: command tx timeout
[  307.827254][ T7908] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  308.159761][ T7908] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  308.740489][ T7908] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  308.881634][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  308.881652][   T30] audit: type=1326 audit(1752149917.896:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.007663][   T30] audit: type=1326 audit(1752149917.896:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.058264][   T30] audit: type=1326 audit(1752149917.956:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.119329][   T30] audit: type=1326 audit(1752149917.956:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.171737][   T30] audit: type=1326 audit(1752149917.956:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.197795][   T30] audit: type=1326 audit(1752149917.966:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.232354][ T8186] chnl_net:caif_netlink_parms(): no params data found
[  309.317009][   T30] audit: type=1326 audit(1752149917.966:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.357002][   T30] audit: type=1326 audit(1752149917.966:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  309.758854][ T5156] Bluetooth: hci5: command tx timeout
[  310.292661][   T30] audit: type=1326 audit(1752149917.966:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  310.330999][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.446989][   T30] audit: type=1326 audit(1752149917.966:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8258 comm="syz.3.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  311.381802][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.3.555'.
[  311.439656][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.3.555'.
[  311.452858][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.711863][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.889036][ T8186] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.909212][ T8186] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.936574][ T8186] bridge_slave_0: entered allmulticast mode
[  311.970182][ T8186] bridge_slave_0: entered promiscuous mode
[  312.019265][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.083376][ T8186] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.094097][ T8186] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.104550][ T8186] bridge_slave_1: entered allmulticast mode
[  312.120615][ T8186] bridge_slave_1: entered promiscuous mode
[  312.368303][ T8186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.967021][ T8186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.243751][ T8186] team0: Port device team_slave_0 added
[  313.332028][ T8186] team0: Port device team_slave_1 added
[  313.712948][ T8308] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  314.553629][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  314.553646][   T30] audit: type=1326 audit(1752149923.566:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.3.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  314.666469][   T30] audit: type=1326 audit(1752149923.566:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.3.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  316.306435][ T8186] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.619593][ T8186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.081225][ T8186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.281694][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  318.783215][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  318.848382][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  320.419555][   T13] bond0 (unregistering): Released all slaves
[  320.688580][   T13] bond1 (unregistering): Released all slaves
[  320.721531][ T7908] 8021q: adding VLAN 0 to HW filter on device bond0
[  320.729298][ T8186] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.736273][ T8186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.764522][ T8186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  320.771044][ T8376] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  320.843365][ T8376] kvm: pic: non byte read
[  320.854926][ T8376] kvm: pic: level sensitive irq not supported
[  320.855009][ T8376] kvm: pic: non byte read
[  320.870959][ T8376] kvm: pic: level sensitive irq not supported
[  320.871026][ T8376] kvm: pic: non byte read
[  320.885243][ T8376] kvm: pic: level sensitive irq not supported
[  320.885309][ T8376] kvm: pic: non byte read
[  321.894583][ T8186] hsr_slave_0: entered promiscuous mode
[  321.906696][ T8186] hsr_slave_1: entered promiscuous mode
[  321.991961][ T8186] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  322.084200][ T8186] Cannot create hsr debugfs directory
[  322.244042][ T8400] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  323.029077][ T7908] 8021q: adding VLAN 0 to HW filter on device team0
[  323.089409][ T6026] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.096603][ T6026] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.110342][ T6026] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.117616][ T6026] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.395455][   T13] hsr_slave_0: left promiscuous mode
[  324.418517][   T13] hsr_slave_1: left promiscuous mode
[  324.488555][   T13] veth1_macvtap: left promiscuous mode
[  324.506594][   T13] veth0_macvtap: left promiscuous mode
[  324.522660][   T13] veth1_vlan: left promiscuous mode
[  324.539110][   T13] veth0_vlan: left promiscuous mode
[  324.590554][ T8417] netlink: 4 bytes leftover after parsing attributes in process `syz.0.581'.
[  325.857106][ T5975] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  326.047496][ T5975] usb 4-1: Using ep0 maxpacket: 32
[  326.113867][ T5975] usb 4-1: config index 0 descriptor too short (expected 43835, got 36)
[  326.131577][ T5975] usb 4-1: config 13 has too many interfaces: 87, using maximum allowed: 32
[  326.162176][ T5975] usb 4-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  326.190612][ T5975] usb 4-1: config 13 has 1 interface, different from the descriptor's value: 87
[  326.200269][ T5975] usb 4-1: config 13 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  326.221858][ T5975] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  326.241448][ T5975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.552225][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  327.566983][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  327.576611][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  327.586414][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  327.610858][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  328.807574][ T5947] usb 4-1: USB disconnect, device number 4
[  328.932139][ T8451] sch_tbf: burst 3936 is lower than device lo mtu (65550) !
[  330.486971][ T5156] Bluetooth: hci3: command tx timeout
[  331.920506][ T8186] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  332.548976][ T5156] Bluetooth: hci3: command tx timeout
[  332.781163][ T8186] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  333.131120][ T8186] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  333.248703][ T8186] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  334.036238][ T8508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.599'.
[  334.534109][ T8508] bridge_slave_1: left allmulticast mode
[  334.549872][ T8508] bridge_slave_1: left promiscuous mode
[  334.561864][ T8508] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.579039][ T8508] bridge_slave_0: left allmulticast mode
[  334.587945][ T8508] bridge_slave_0: left promiscuous mode
[  334.594050][ T8508] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.640289][ T5156] Bluetooth: hci3: command tx timeout
[  334.761820][ T8444] chnl_net:caif_netlink_parms(): no params data found
[  334.809296][ T8524] netlink: 'syz.0.601': attribute type 1 has an invalid length.
[  334.845015][ T8524] 8021q: adding VLAN 0 to HW filter on device bond1
[  334.912632][ T8524] bond1: (slave veth7): Enslaving as an active interface with a down link
[  334.991735][ T8527] vlan0: entered allmulticast mode
[  335.001753][ T8527] veth1: entered allmulticast mode
[  335.020630][ T8527] veth1: entered promiscuous mode
[  335.030585][ T8527] veth1: left promiscuous mode
[  335.042541][ T8527] bond1: (slave vlan0): making interface the new active one
[  335.053655][ T8527] veth1: entered promiscuous mode
[  335.062299][ T8527] vlan0: entered promiscuous mode
[  335.070682][ T8527] bond1: (slave vlan0): Enslaving as an active interface with an up link
[  335.296349][ T8535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.602'.
[  335.312193][ T8535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.602'.
[  336.803921][ T5156] Bluetooth: hci3: command tx timeout
[  337.189156][ T8444] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.199316][ T8444] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.215061][ T8444] bridge_slave_0: entered allmulticast mode
[  337.252079][ T8444] bridge_slave_0: entered promiscuous mode
[  337.273484][ T8444] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.381050][ T8444] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.432100][ T8444] bridge_slave_1: entered allmulticast mode
[  337.439950][ T8444] bridge_slave_1: entered promiscuous mode
[  338.724150][ T8444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.408765][ T8444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.662295][ T8444] team0: Port device team_slave_0 added
[  339.784775][ T8444] team0: Port device team_slave_1 added
[  339.959594][ T8444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.982755][ T8444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.570040][ T8444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  340.609176][ T8444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  341.187140][ T8444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.213379][ T8444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  341.512981][ T8444] hsr_slave_0: entered promiscuous mode
[  341.558316][ T8444] hsr_slave_1: entered promiscuous mode
[  341.579642][ T8444] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  341.606224][ T8444] Cannot create hsr debugfs directory
[  342.619120][ T8599] netfs: Couldn't get user pages (rc=-14)
[  343.595232][ T8186] 8021q: adding VLAN 0 to HW filter on device bond0
[  343.782044][   T13] bridge_slave_1: left allmulticast mode
[  343.794014][   T13] bridge_slave_1: left promiscuous mode
[  343.804207][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.826602][   T13] bridge_slave_0: left allmulticast mode
[  343.868312][   T13] bridge_slave_0: left promiscuous mode
[  343.874173][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.496041][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  345.554456][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  345.565083][   T13] bond0 (unregistering): Released all slaves
[  346.328059][   T13] hsr_slave_0: left promiscuous mode
[  346.334363][   T13] hsr_slave_1: left promiscuous mode
[  346.358746][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  346.374706][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  346.997394][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  347.174838][    T9] usb 4-1: Using ep0 maxpacket: 16
[  347.200805][    T9] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[  347.209727][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  347.220049][    T9] usb 4-1: config 0 has no interface number 0
[  347.232836][    T9] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  347.252474][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.270892][    T9] usb 4-1: Product: syz
[  347.287430][    T9] usb 4-1: Manufacturer: syz
[  347.292075][    T9] usb 4-1: SerialNumber: syz
[  347.307915][    T9] usb 4-1: config 0 descriptor??
[  347.315483][    T9] asix 4-1:0.251: probe with driver asix failed with error -22
[  347.328175][   T13] team0 (unregistering): Port device team_slave_1 removed
[  347.410954][   T13] team0 (unregistering): Port device team_slave_0 removed
[  347.879510][ T5975] usb 4-1: USB disconnect, device number 5
[  347.980102][ T8186] 8021q: adding VLAN 0 to HW filter on device team0
[  348.010541][ T6013] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.017787][ T6013] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.059723][ T6027] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.066989][ T6027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  349.630499][ T8444] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  349.659967][ T8444] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  349.684555][ T8444] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  349.729167][ T8444] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  350.359557][ T8444] 8021q: adding VLAN 0 to HW filter on device bond0
[  351.176811][ T8444] 8021q: adding VLAN 0 to HW filter on device team0
[  352.143168][ T8680] syzkaller0: entered promiscuous mode
[  352.165778][ T8680] syzkaller0: entered allmulticast mode
[  352.192815][ T6027] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.199989][ T6027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  352.341140][ T6027] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.348365][ T6027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  352.772664][ T8704] netlink: 'syz.0.637': attribute type 1 has an invalid length.
[  352.780450][ T8704] netlink: 224 bytes leftover after parsing attributes in process `syz.0.637'.
[  355.501432][   T30] audit: type=1326 audit(1752149964.522:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8719 comm="syz.0.641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x0
[  357.178028][   T24] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  357.356377][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.441063][   T24] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a
[  357.475502][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.557461][   T24] usb 1-1: Product: syz
[  357.593918][   T24] usb 1-1: Manufacturer: syz
[  357.626208][   T24] usb 1-1: SerialNumber: syz
[  357.717241][   T24] usb 1-1: config 0 descriptor??
[  357.729480][   T24] pegasus_notetaker 1-1:0.0: Invalid number of endpoints
[  357.736669][   T24] pegasus_notetaker 1-1:0.0: probe with driver pegasus_notetaker failed with error -22
[  358.904995][  T977] usb 1-1: USB disconnect, device number 5
[  359.273877][ T8444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  359.332521][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  359.342571][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  359.352614][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  359.367966][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  359.375951][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  359.488943][ T8754] x_tables: unsorted entry at hook 1
[  359.562452][ T6017] vlan0: left promiscuous mode
[  359.854660][   T24] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  360.150635][   T24] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  361.300663][ T8773] netlink: 12 bytes leftover after parsing attributes in process `syz.0.653'.
[  361.429545][ T5156] Bluetooth: hci0: command tx timeout
[  361.598602][ T5975] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  361.932166][ T5975] usb 1-1: Using ep0 maxpacket: 16
[  361.970169][ T8444] 8021q: adding VLAN 0 to HW filter on device batadv0
[  362.107563][ T5975] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 32, changing to 9
[  362.142472][ T5975] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.208473][ T5975] usb 1-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  362.313288][ T5975] usb 1-1: config 0 interface 0 has no altsetting 0
[  362.370106][ T5975] usb 1-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00
[  362.413788][ T5975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.441013][ T5975] usb 1-1: config 0 descriptor??
[  362.603922][ T8748] chnl_net:caif_netlink_parms(): no params data found
[  362.673319][ T5975] usbhid 1-1:0.0: can't add hid device: -71
[  362.679596][ T5975] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  362.694722][ T5975] usb 1-1: USB disconnect, device number 6
[  362.854460][ T8748] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.863812][ T8748] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.873673][ T8748] bridge_slave_0: entered allmulticast mode
[  362.882733][ T8748] bridge_slave_0: entered promiscuous mode
[  362.891455][ T8748] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.898892][ T8748] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.906117][ T8748] bridge_slave_1: entered allmulticast mode
[  362.913690][ T8748] bridge_slave_1: entered promiscuous mode
[  362.986017][ T8748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.101575][ T8748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.183787][ T8444] veth0_vlan: entered promiscuous mode
[  363.237849][ T8748] team0: Port device team_slave_0 added
[  363.252736][ T8748] team0: Port device team_slave_1 added
[  363.510211][ T5156] Bluetooth: hci0: command tx timeout
[  365.031551][ T8444] veth1_vlan: entered promiscuous mode
[  365.202671][ T8748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.215714][ T8748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.242758][ T8748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.267915][ T8748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.285062][ T8748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.313459][ T8748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.715412][ T8830] syz.3.662: attempt to access beyond end of device
[  365.715412][ T8830] loop7: rw=0, sector=0, nr_sectors = 1 limit=0
[  365.728590][ T8830] FAT-fs (loop7): unable to read boot sector
[  366.289697][ T5156] Bluetooth: hci0: command tx timeout
[  366.814013][   T13] bridge_slave_1: left allmulticast mode
[  366.822453][   T13] bridge_slave_1: left promiscuous mode
[  366.877234][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.904680][   T13] bridge_slave_0: left allmulticast mode
[  366.918813][   T13] bridge_slave_0: left promiscuous mode
[  366.945699][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.310340][ T5156] Bluetooth: hci0: command tx timeout
[  370.375090][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  370.411619][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  370.502055][   T13] bond0 (unregistering): Released all slaves
[  371.311561][ T8748] hsr_slave_0: entered promiscuous mode
[  371.317882][ T8748] hsr_slave_1: entered promiscuous mode
[  371.328829][ T8748] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  371.336729][ T8748] Cannot create hsr debugfs directory
[  371.447949][   T13] hsr_slave_0: left promiscuous mode
[  371.522779][   T13] hsr_slave_1: left promiscuous mode
[  371.528877][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  371.567545][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  371.630206][ T8893] netlink: 'syz.4.675': attribute type 10 has an invalid length.
[  372.319837][  T977] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  372.576302][  T977] usb 4-1: unable to get BOS descriptor or descriptor too short
[  372.594950][  T977] usb 4-1: not running at top speed; connect to a high speed hub
[  372.616357][  T977] usb 4-1: config 3 has an invalid interface number: 1 but max is 0
[  372.658066][  T977] usb 4-1: config 3 has no interface number 0
[  372.676440][  T977] usb 4-1: config 3 interface 1 has no altsetting 0
[  372.714579][  T977] usb 4-1: New USB device found, idVendor=1b80, idProduct=e421, bcdDevice=35.5d
[  372.729649][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.737706][  T977] usb 4-1: Product: syz
[  372.767368][  T977] usb 4-1: Manufacturer: syz
[  372.779478][  T977] usb 4-1: SerialNumber: syz
[  372.824376][   T13] team0 (unregistering): Port device team_slave_1 removed
[  372.898360][   T13] team0 (unregistering): Port device team_slave_0 removed
[  373.448411][ T8893] team0: Device hsr_slave_0 failed to register rx_handler
[  373.476290][ T8894] lo: entered allmulticast mode
[  373.504890][ T8896] netlink: 32 bytes leftover after parsing attributes in process `syz.0.674'.
[  373.524248][ T8896] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  373.569131][ T8886] lo: left allmulticast mode
[  373.573636][  T977] cx231xx 4-1:3.1: New device syz syz @ 12 Mbps (1b80:e421) with 1 interfaces
[  373.600764][  T977] cx231xx 4-1:3.1: Not found matching IAD interface
[  373.640344][  T977] usb 4-1: USB disconnect, device number 6
[  373.703637][ T8444] veth0_macvtap: entered promiscuous mode
[  373.728128][ T8444] veth1_macvtap: entered promiscuous mode
[  375.381210][ T8928] netlink: 16 bytes leftover after parsing attributes in process `syz.0.678'.
[  376.144562][ T8444] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.883893][ T8444] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.958279][ T8444] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.000759][ T8444] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.023593][ T8444] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.160164][ T8444] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.707195][ T6027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  378.722904][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  378.733796][   T30] audit: type=1326 audit(1752149987.719:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  378.765348][ T6027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  378.779549][ T8961] netlink: 9 bytes leftover after parsing attributes in process `syz.0.685'.
[  378.792080][   T30] audit: type=1326 audit(1752149987.719:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  378.850557][   T30] audit: type=1326 audit(1752149987.719:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  378.852806][ T8961] gretap0: entered promiscuous mode
[  378.915582][   T30] audit: type=1326 audit(1752149987.719:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  378.953135][   T30] audit: type=1326 audit(1752149987.719:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  378.981959][ T6027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.008866][ T6027] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.033019][   T30] audit: type=1326 audit(1752149987.739:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  379.082864][   T30] audit: type=1326 audit(1752149987.739:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  379.093160][ T8748] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  379.117728][   T30] audit: type=1326 audit(1752149987.739:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  379.147446][   T30] audit: type=1326 audit(1752149987.739:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  379.613519][   T30] audit: type=1326 audit(1752149987.739:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.0.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7ffc0000
[  379.653583][ T8748] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  379.715923][ T8748] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  379.762300][ T8748] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  380.830067][ T8748] 8021q: adding VLAN 0 to HW filter on device bond0
[  380.955731][ T8748] 8021q: adding VLAN 0 to HW filter on device team0
[  381.220863][ T6027] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.228155][ T6027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  381.283635][ T8996] overlay: filesystem on ./file1 not supported
[  381.355677][ T6027] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.362946][ T6027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.113931][   T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  383.175461][ T8748] 8021q: adding VLAN 0 to HW filter on device batadv0
[  383.304240][   T10] usb 1-1: Using ep0 maxpacket: 32
[  383.353491][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  383.376655][   T10] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  383.429285][   T10] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  383.460963][   T10] usb 1-1: Product: syz
[  383.465187][   T10] usb 1-1: Manufacturer: syz
[  383.549000][   T10] usb 1-1: SerialNumber: syz
[  383.568601][   T10] usb 1-1: config 0 descriptor??
[  383.647567][ T9011] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  383.942661][ T9025] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  384.176821][ T3088] usb 1-1: USB disconnect, device number 7
[  384.335344][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  384.335361][   T30] audit: type=1326 audit(1752149993.348:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.373578][   T30] audit: type=1326 audit(1752149993.378:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.446448][   T30] audit: type=1326 audit(1752149993.378:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.506913][   T30] audit: type=1326 audit(1752149993.378:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.559424][   T30] audit: type=1326 audit(1752149993.378:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.629103][   T30] audit: type=1326 audit(1752149993.378:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.666066][   T30] audit: type=1326 audit(1752149993.378:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.715046][   T30] audit: type=1326 audit(1752149993.378:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.743067][   T30] audit: type=1326 audit(1752149993.408:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9033 comm="syz.3.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b0d8e929 code=0x7ffc0000
[  384.816699][ T3088] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  384.866483][ T8748] veth0_vlan: entered promiscuous mode
[  385.501036][ T3088] usb 1-1: device descriptor read/64, error -71
[  385.557547][ T8748] veth1_vlan: entered promiscuous mode
[  385.626524][ T8748] veth0_macvtap: entered promiscuous mode
[  385.684689][ T8748] veth1_macvtap: entered promiscuous mode
[  385.744287][ T8748] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.768772][ T8748] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.813734][ T8748] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.945886][ T8748] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.968563][ T8748] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.401301][ T8748] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  389.839070][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.909241][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.711'.
[  389.971515][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  390.126414][ T9084] bridge1: port 1(ip6gretap1) entered blocking state
[  390.165069][ T9084] bridge1: port 1(ip6gretap1) entered disabled state
[  390.184849][ T9084] ip6gretap1: entered allmulticast mode
[  390.211162][ T9084] ip6gretap1: entered promiscuous mode
[  390.397790][ T9085] veth3: entered promiscuous mode
[  390.420666][ T9085] bridge1: port 2(veth3) entered blocking state
[  390.427565][ T9085] bridge1: port 2(veth3) entered disabled state
[  390.447138][ T9085] veth3: entered allmulticast mode
[  390.473943][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  390.487789][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.307643][ T9153] netlink: 8 bytes leftover after parsing attributes in process `syz.6.728'.
[  400.825938][ T9176] xt_nfacct: accounting object `syz1' does not exists
[  405.372454][ T9223] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  405.823624][ T5156] Bluetooth: hci0: command tx timeout
[  409.475721][ T9250] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  409.704427][   T10] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  410.184385][   T10] usb 8-1: Using ep0 maxpacket: 8
[  410.203816][   T10] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  410.232579][   T10] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  410.253102][   T10] usb 8-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  410.277025][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.300743][   T10] usb 8-1: config 0 descriptor??
[  411.756495][ T5975] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  412.050502][ T3088] usb 8-1: USB disconnect, device number 2
[  412.924322][ T5975] usb 7-1: Using ep0 maxpacket: 32
[  413.049191][ T5975] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.c0
[  413.068887][ T5975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.220038][ T5975] usb 7-1: config 0 descriptor??
[  413.928914][ T5975] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[  413.931202][ T5975] usb 7-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[  413.931228][ T5975] usb 7-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[  414.069912][ T9305] binder: 9304:9305 ioctl c0306201 0 returned -14
[  416.170879][ T9305] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  416.240351][ T9333] tipc: Started in network mode
[  416.249193][ T9333] tipc: Node identity ac1414aa, cluster identity 4711
[  416.298482][ T9333] tipc: Enabled bearer <udp:syz2>, priority 10
[  417.405450][   T10] tipc: Node number set to 2886997162
[  420.157167][ T9367] netlink: 28 bytes leftover after parsing attributes in process `syz.7.779'.
[  420.182022][ T9362] sch_tbf: burst 4393 is lower than device lo mtu (65550) !
[  420.987725][ T9370] bpq0: left promiscuous mode
[  420.992504][ T9370] bpq0: left allmulticast mode
[  421.045355][ T9374] netlink: 8 bytes leftover after parsing attributes in process `syz.4.783'.
[  421.099184][ T9370] 8021q: adding VLAN 0 to HW filter on device bond0
[  421.264851][ T9370] bond0: (slave rose0): Enslaving as an active interface with an up link
[  421.291252][ T9374] netlink: 8 bytes leftover after parsing attributes in process `syz.4.783'.
[  422.921666][ T9395] netlink: 24 bytes leftover after parsing attributes in process `syz.7.788'.
[  423.272332][ T9412] netlink: 12 bytes leftover after parsing attributes in process `syz.4.790'.
[  424.705751][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  425.000012][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.048221][   T10] usb 5-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice=66.d6
[  425.083385][   T10] usb 5-1: New USB device strings: Mfr=205, Product=21, SerialNumber=0
[  425.154461][   T10] usb 5-1: Product: syz
[  425.173669][   T10] usb 5-1: Manufacturer: syz
[  425.185337][   T10] usb 5-1: config 0 descriptor??
[  425.928358][ T9412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.957945][ T9455] vlan1: entered promiscuous mode
[  425.964472][ T9455] vlan1: entered allmulticast mode
[  425.979136][ T9412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.989384][ T9455] hsr_slave_1: entered allmulticast mode
[  426.033798][ T9457] netlink: 20 bytes leftover after parsing attributes in process `syz.7.799'.
[  426.045436][ T9455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.798'.
[  426.061258][ T9457] netlink: 20 bytes leftover after parsing attributes in process `syz.7.799'.
[  426.076413][ T9457] netlink: 36 bytes leftover after parsing attributes in process `syz.7.799'.
[  426.328247][ T5947] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  426.420963][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  426.444348][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  426.465036][   T10] usb 5-1: USB disconnect, device number 5
[  426.686017][ T5947] usb 8-1: Using ep0 maxpacket: 16
[  426.699470][ T5947] usb 8-1: config index 0 descriptor too short (expected 16456, got 72)
[  426.708292][ T5947] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  426.717393][ T5947] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  426.725793][ T5947] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  426.737940][ T5947] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  426.750158][ T5947] usb 8-1: config 0 has no interface number 0
[  426.756757][ T5947] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  426.772506][ T5947] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  426.818657][ T5947] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  426.831554][ T5947] usb 8-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  426.847355][ T5947] usb 8-1: config 0 interface 125 has no altsetting 0
[  426.854497][ T5947] usb 8-1: config 0 interface 125 has no altsetting 2
[  426.886188][ T5947] usb 8-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  426.897045][ T5947] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.905353][ T5947] usb 8-1: Product: syz
[  426.914044][ T5947] usb 8-1: Manufacturer: syz
[  426.921647][ T5947] usb 8-1: SerialNumber: syz
[  426.954794][ T5947] usb 8-1: config 0 descriptor??
[  427.206618][ T5947] usb 8-1: selecting invalid altsetting 2
[  427.918219][ T9457] bond0: (slave ip6tnl0): Error: Device type is different from other slaves
[  427.955613][    C0] usb 8-1: async_complete: urb error -71
[  427.961489][    C0] usb 8-1: async_complete: urb error -71
[  427.999620][ T5947] get_1284_register: usb error -71
[  428.036293][ T5947] uss720 8-1:0.125: probe with driver uss720 failed with error -71
[  428.087818][ T5947] usb 8-1: USB disconnect, device number 3
[  430.242426][ T9524] xt_NFQUEUE: number of total queues is 0
[  436.306582][ T9571] syz.6.825 uses obsolete (PF_INET,SOCK_PACKET)
[  437.065433][ T9580] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  437.083512][ T9571] kvm: pic: non byte read
[  437.089778][ T9571] kvm: pic: level sensitive irq not supported
[  437.090335][ T9571] kvm: pic: non byte read
[  437.102744][ T9571] kvm: pic: level sensitive irq not supported
[  437.102854][ T9571] kvm: pic: non byte read
[  440.169115][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  441.100265][ T9619] kernel read not supported for file / 
�7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 9619 comm: syz.4.839)
[  441.155948][   T30] audit: type=1800 audit(1752150050.132:125): pid=9619 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.839" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=25041 res=0 errno=0
[  442.358694][  T977] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  442.566023][  T977] usb 5-1: config 0 has an invalid interface number: 156 but max is 0
[  442.642344][  T977] usb 5-1: config 0 has no interface number 0
[  442.749239][  T977] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  442.885940][  T977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.067143][  T977] usb 5-1: config 0 descriptor??
[  443.074686][  T977] gspca_main: spca561-2.14.0 probing abcd:cdee
[  443.563131][ T9623] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  443.572321][ T9623] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  443.581116][ T9623] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  443.589855][ T9623] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  445.219214][  T977] spca561 5-1:0.156: probe with driver spca561 failed with error -22
[  445.658309][  T977] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  445.658390][  T977] usb 5-1: MIDIStreaming interface descriptor not found
[  445.692302][ T9623] team0: Port device vxlan0 added
[  445.812747][ T3088] usb 5-1: USB disconnect, device number 6
[  448.316917][ T9671] netfs: Couldn't get user pages (rc=-14)
[  449.357458][ T5947] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0
[  449.409996][ T5947] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0
[  449.447610][ T5947] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0
[  449.556198][ T5947] hid-generic 0003:0004:0000.0005: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  449.839467][ T5947] libceph: connect (1)[c::]:6789 error -101
[  450.034554][ T5947] libceph: mon0 (1)[c::]:6789 connect error
[  450.048295][ T9689] ceph: No mds server is up or the cluster is laggy
[  450.280398][ T9703] netlink: 12 bytes leftover after parsing attributes in process `syz.0.861'.
[  450.290780][ T9703] netlink: 56 bytes leftover after parsing attributes in process `syz.0.861'.
[  451.175122][ T9707] overlayfs: metacopy with no lower data found - abort lookup (/bus)
[  451.740708][ T9713] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  452.491646][ T5156] Bluetooth: hci3: command 0x0406 tx timeout
[  458.545093][ T9762] binder: 9759:9762 ioctl 400c620e 200000000600 returned -22
[  458.587511][ T9762] binder: 9759:9762 ioctl c0306201 2000000003c0 returned -14
[  461.430522][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  462.949560][    T9] usb 1-1: Using ep0 maxpacket: 32
[  463.769369][    T9] usb 1-1: device descriptor read/all, error -71
[  465.452352][ T9801] Set syz1 is full, maxelem 65536 reached
[  466.268778][    T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  466.461090][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.473834][    T9] usb 1-1: config 0 has no interfaces?
[  466.511672][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  466.545069][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.581247][    T9] usb 1-1: config 0 descriptor??
[  466.615076][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x360
[  466.673150][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x5cdd
[  466.690980][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xdad4
[  466.723406][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x5583
[  466.733171][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x2cfe
[  466.745536][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x9f30
[  466.758473][ T9819] kvm: kvm [9818]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xd72c
[  467.019775][ T9828] macvtap1: entered allmulticast mode
[  467.026286][ T9828] veth0_macvtap: entered allmulticast mode
[  467.390827][ T9835] xt_TCPMSS: Only works on TCP SYN packets
[  469.364170][  T977] usb 1-1: USB disconnect, device number 11
[  471.610208][ T9872] netlink: 'syz.3.908': attribute type 14 has an invalid length.
[  476.283936][ T5975] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  476.316787][ T9902] loop6: detected capacity change from 0 to 2560
[  476.350033][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  476.367602][ T5975] dvb_usb_az6027 7-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[  476.382884][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  476.393521][ T5975] usb 7-1: USB disconnect, device number 2
[  476.408015][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  476.470488][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  476.484493][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  476.492655][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  476.609881][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  477.154777][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  477.163711][ T9902] ldm_validate_partition_table(): Disk read failed.
[  477.170524][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  477.185434][ T9902] Buffer I/O error on dev loop6, logical block 0, async page read
[  477.257788][ T9902] Dev loop6: unable to read RDB block 0
[  477.279285][ T9902]  loop6: unable to read partition table
[  477.412803][ T9902] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  478.626209][ T9926] netlink: 'syz.4.924': attribute type 1 has an invalid length.
[  478.760862][ T9929] netlink: 28 bytes leftover after parsing attributes in process `syz.4.924'.
[  478.968718][ T5947] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  479.598889][ T5947] usb 1-1: Using ep0 maxpacket: 16
[  479.614055][ T5947] usb 1-1: config 0 has no interfaces?
[  479.649170][ T5947] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  479.667977][ T9927] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  479.714955][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  479.811352][ T9927] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  479.827354][ T5947] usb 1-1: Product: syz
[  479.835108][ T5947] usb 1-1: Manufacturer: syz
[  479.857145][ T9927] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  479.873171][ T5947] usb 1-1: SerialNumber: syz
[  479.939930][ T9927] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  479.951434][ T5947] usb 1-1: config 0 descriptor??
[  480.077078][ T9927] bond1: (slave geneve2): making interface the new active one
[  480.128514][ T9927] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  480.241834][ T9929] 8021q: adding VLAN 0 to HW filter on device bond1
[  480.299067][ T9923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.922'.
[  480.350714][ T9923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.922'.
[  480.441861][ T9923] team0: entered promiscuous mode
[  480.578887][ T9923] team_slave_0: entered promiscuous mode
[  480.611502][ T9923] team_slave_1: entered promiscuous mode
[  480.623820][ T9923] batadv_slave_1: entered promiscuous mode
[  480.647336][ T5947] usb 1-1: USB disconnect, device number 12
[  485.105300][   T30] audit: type=1326 audit(1752150094.109:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7fc00000
[  485.160044][   T30] audit: type=1326 audit(1752150094.139:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f788f78e929 code=0x7fc00000
[  485.378663][   T30] audit: type=1326 audit(1752150094.139:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788f78e929 code=0x7fc00000
[  487.455652][T10021] macsec0: entered promiscuous mode
[  487.481597][T10021] macsec0: entered allmulticast mode
[  487.526615][T10021] veth1_macvtap: entered allmulticast mode
[  491.029578][T10054] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  491.043016][T10054] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  491.957416][T10055] ubi31: attaching mtd0
[  492.009878][T10055] ubi31 error: ubi_attach_mtd_dev: bad VID header (12288) or data offsets (12352)
[  496.467112][T10111] Bluetooth: MGMT ver 1.23
[  498.420127][T10134] sch_tbf: burst 19872 is lower than device lo mtu (39799) !
[  499.039669][T10145] smc: net device bond0 applied user defined pnetid SYZ2
[  499.054638][T10145] smc: net device bond0 erased user defined pnetid SYZ2
[  499.718161][T10148] =======================================================
[  499.718161][T10148] WARNING: The mand mount option has been deprecated and
[  499.718161][T10148]          and is ignored by this kernel. Remove the mand
[  499.718161][T10148]          option from the mount to silence this warning.
[  499.718161][T10148] =======================================================
[  499.840849][T10149] netlink: 20 bytes leftover after parsing attributes in process `syz.6.982'.
[  499.880502][T10149] geneve2: entered allmulticast mode
[  501.720537][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  504.932800][T10200] (syz.7.994,10200,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  504.941981][T10200] (syz.7.994,10200,1):ocfs2_fill_super:1177 ERROR: status = -22
[  505.529717][T10207] netlink: 168 bytes leftover after parsing attributes in process `syz.6.995'.
[  506.473076][T10215] netlink: 28 bytes leftover after parsing attributes in process `syz.3.999'.
[  506.482140][T10215] netlink: 28 bytes leftover after parsing attributes in process `syz.3.999'.
[  511.684957][T10256] overlayfs: failed to resolve './file0': -2
[  517.540515][T10295] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1021'.
[  518.753656][T10295] bridge1: port 1(veth9) entered blocking state
[  518.790018][T10295] bridge1: port 1(veth9) entered disabled state
[  518.812638][T10295] veth9: entered allmulticast mode
[  518.819072][T10295] veth9: entered promiscuous mode
[  519.469261][T10317] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1028'.
[  520.295885][T10328] syz.4.1032 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  520.497910][T10335] netlink: 'syz.3.1035': attribute type 10 has an invalid length.
[  520.516612][T10335] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1035'.
[  523.312514][T10372] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  524.862300][T10384] openvswitch: netlink: Key 0 has unexpected len 20 expected 0
[  526.311373][T10399] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  526.734763][T10401] syz.6.1048: attempt to access beyond end of device
[  526.734763][T10401] nbd6: rw=0, sector=16, nr_sectors = 1 limit=0
[  526.748486][T10401] qnx6: unable to read the first superblock
[  526.755938][T10401] syz.6.1048: attempt to access beyond end of device
[  526.755938][T10401] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  526.769176][T10401] qnx6: unable to read the first superblock
[  526.775133][T10401] qnx6: unable to read the first superblock
[  533.117753][T10446] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  535.517249][T10414] syz.6.1054 (10414): drop_caches: 2
[  537.120839][T10489] xt_hashlimit: size too large, truncated to 1048576
[  537.182140][T10492] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1077'.
[  537.993585][T10499] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  540.105630][T10522] netlink: 'syz.7.1085': attribute type 1 has an invalid length.
[  540.477230][T10528] sp0: Synchronizing with TNC
[  540.488139][T10528] sp0: Found TNC
[  541.084551][T10522] veth3: entered promiscuous mode
[  545.354206][T10567] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1099'.
[  546.036195][T10571] netlink: 'syz.3.1099': attribute type 13 has an invalid length.
[  546.498019][T10571] gretap0: refused to change device tx_queue_len
[  546.529310][T10571] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  547.697194][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1105'.
[  548.730131][T10605] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  548.744020][T10605] Error validating options; rc = [-22]
[  555.227592][T10668] tipc: Started in network mode
[  555.232636][T10668] tipc: Node identity 080211000001, cluster identity 4711
[  555.249670][T10668] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  555.269327][T10668] mac80211_hwsim hwsim11 syzkaller0: entered promiscuous mode
[  555.279307][T10668] mac80211_hwsim hwsim11 syzkaller0: entered allmulticast mode
[  555.379021][T10668] tipc: Resetting bearer <eth:syzkaller0>
[  556.380820][  T977] tipc: Node number set to 134418688
[  558.824523][T10700] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  561.340996][T10723] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  563.537676][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  565.639629][   T30] audit: type=1326 audit(1752150173.658:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbc98e929 code=0x7ffc0000
[  565.735459][   T30] audit: type=1326 audit(1752150173.678:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbc98e929 code=0x7ffc0000
[  565.757040][    C0] vkms_vblank_simulate: vblank timer overrun
[  565.839910][   T30] audit: type=1326 audit(1752150173.678:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffbbc98d290 code=0x7ffc0000
[  565.888777][   T30] audit: type=1326 audit(1752150173.678:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ffbbc990157 code=0x7ffc0000
[  566.001676][   T30] audit: type=1326 audit(1752150173.678:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffbbc98e929 code=0x7ffc0000
[  566.023316][    C0] vkms_vblank_simulate: vblank timer overrun
[  566.056580][T10754] Process accounting resumed
[  566.131188][   T30] audit: type=1326 audit(1752150173.678:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ffbbc990157 code=0x7ffc0000
[  567.069938][   T30] audit: type=1326 audit(1752150173.678:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ffbbc98d58a code=0x7ffc0000
[  567.092155][   T30] audit: type=1326 audit(1752150173.678:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbc98e929 code=0x7ffc0000
[  567.116790][   T30] audit: type=1326 audit(1752150173.678:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbc98e929 code=0x7ffc0000
[  567.139979][   T30] audit: type=1326 audit(1752150173.678:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10756 comm="syz.4.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ffbbc98e929 code=0x7ffc0000
[  579.359307][T10870] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  579.374590][T10870] syzkaller0: entered promiscuous mode
[  579.406833][T10870] syzkaller0: entered allmulticast mode
[  579.882127][T10878] tipc: Resetting bearer <eth:syzkaller0>
[  579.895433][T10868] tipc: Resetting bearer <eth:syzkaller0>
[  580.166298][T10868] tipc: Disabling bearer <eth:syzkaller0>
[  581.692367][T10893] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1192'.
[  582.392828][T10897] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  582.406401][T10897] ref_ctr increment failed for inode: 0x55a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880270ae400
[  582.575530][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  582.575548][   T30] audit: type=1804 audit(1752150190.388:165): pid=10897 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1191" name="/newroot/259/file0" dev="tmpfs" ino=1370 res=1 errno=0
[  582.713181][T10895] vlan2: entered allmulticast mode
[  582.798797][T10895] veth1: entered allmulticast mode
[  582.826956][T10895] bridge1: port 1(vlan2) entered blocking state
[  583.414463][T10895] bridge1: port 1(vlan2) entered disabled state
[  583.432698][T10895] vlan2: entered promiscuous mode
[  583.438257][T10895] veth1: entered promiscuous mode
[  583.581103][T10904] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  583.640725][T10905] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  583.688503][T10905] syzkaller0: entered promiscuous mode
[  583.689788][T10904] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  583.694750][T10905] syzkaller0: entered allmulticast mode
[  583.774030][T10906] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  583.895477][T10905] tipc: Resetting bearer <eth:syzkaller0>
[  583.995654][T10902] tipc: Resetting bearer <eth:syzkaller0>
[  584.077445][T10902] tipc: Disabling bearer <eth:syzkaller0>
[  587.804277][T10952] fanotify_encode_fh: 716 callbacks suppressed
[  587.804297][T10952] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  587.804304][T10949] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  590.774053][T10973] input: syz1 as /devices/virtual/input/input7
[  594.492787][T10991] 9pnet: p9_errstr2errno: server reported unknown error 184467440737095
[  599.992692][T11043] ptrace attach of "./syz-executor exec"[11049] was attempted by "./syz-executor exec"[11043]
[  602.484359][T11078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1237'.
[  605.022783][ T5940] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  605.399984][ T5940] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  605.431428][ T5940] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  605.459690][ T5940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  605.478362][ T5940] usb 1-1: Product: syz
[  605.493271][ T5940] usb 1-1: Manufacturer: syz
[  605.503446][ T5940] usb 1-1: SerialNumber: syz
[  606.117296][ T5940] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  607.167836][    T9] usb 1-1: USB disconnect, device number 13
[  607.185231][    T9] usblp0: removed
[  612.639318][T11160] netlink: 'syz.0.1258': attribute type 1 has an invalid length.
[  612.813719][T11160] 8021q: adding VLAN 0 to HW filter on device bond2
[  613.399006][T11161] bond2: (slave geneve2): making interface the new active one
[  613.408243][T11161] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  613.470210][T11172] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1262'.
[  613.491490][T11172] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1262'.
[  613.536010][T11172] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1262'.
[  613.552186][T11172] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1262'.
[  614.473550][T11186] xt_CT: You must specify a L4 protocol and not use inversions on it
[  616.176247][T11199] netlink: 'syz.3.1267': attribute type 1 has an invalid length.
[  617.859484][T11216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1271'.
[  622.086704][T11221] batman_adv: batadv0: Adding interface: dummy0
[  622.597791][T11221] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  622.627970][T11221] batman_adv: batadv0: Interface activated: dummy0
[  623.851852][T11222] batadv0: mtu less than device minimum
[  623.881238][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.893251][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.904417][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.915837][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.927037][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.938410][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.950563][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.962228][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  623.974188][T11222] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  624.364013][ T5975] kernel write not supported for file /snd/seq (pid: 5975 comm: kworker/1:6)
[  624.510092][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  624.654192][   T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  629.219636][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[  629.248666][   T10] usb 7-1: unable to read config index 0 descriptor/start: -71
[  629.256299][   T10] usb 7-1: can't read configurations, error -71
[  629.264902][T11278] vlan0: entered promiscuous mode
[  629.314168][T11278] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1287'.
[  632.567676][T11295] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  637.209965][T11349] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  638.049794][T11363] netlink: 'syz.3.1309': attribute type 10 has an invalid length.
[  638.072423][T11363] team0: Device ipvlan1 failed to register rx_handler
[  640.220479][T11378] veth1_macvtap: left promiscuous mode
[  640.226054][T11378] macsec0: entered allmulticast mode
[  640.245839][T11378] veth1_macvtap: entered promiscuous mode
[  640.252473][T11378] veth1_macvtap: entered allmulticast mode
[  640.259272][T11378] macsec0: left allmulticast mode
[  640.559297][T11378] veth1_macvtap: left allmulticast mode
[  640.714184][T11376] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  644.613858][T11414] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  644.623934][T11414] VFS: Can't find a romfs filesystem on dev nullb0.
[  644.623934][T11414] 
[  647.072300][T11428] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1325'.
[  647.289465][T11439] netlink: 'syz.0.1330': attribute type 1 has an invalid length.
[  648.022330][T11445] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  648.074613][T11439] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1330'.
[  648.979032][T11445] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  648.987894][T11445] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  649.047914][T11445] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  650.009671][T11445] bond3: (slave geneve3): making interface the new active one
[  650.017914][T11445] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  650.273293][T11448] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  650.298663][T11439] 8021q: adding VLAN 0 to HW filter on device bond3
[  651.580189][T11484] netlink: 'syz.0.1346': attribute type 1 has an invalid length.
[  651.708023][   T30] audit: type=1800 audit(1752150259.598:166): pid=11479 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1338" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=32782 res=0 errno=0
[  652.921482][   T51] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[  656.728232][T11525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1349'.
[  662.673718][T11561] overlayfs: failed to resolve './file1': -2
[  663.484726][T11576] overlayfs: missing 'lowerdir'
[  664.496750][T11592] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1365'.
[  667.251952][T11614] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  667.355270][   T24] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  667.948143][T11620] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  668.202752][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  668.216033][T11619] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  668.223300][T11619] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  668.231767][   T24] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  668.231797][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.247066][   T24] usb 7-1: config 0 descriptor??
[  668.263956][T11606] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  669.161220][T11619] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  669.167440][T11619] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  669.184872][T11619] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  669.422688][T11619] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  669.449919][   T24] elan 0003:04F3:0755.0006: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.6-1/input0
[  669.488230][T11619] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  669.497037][T11636] netlink: 'syz.3.1379': attribute type 1 has an invalid length.
[  669.505113][T11619] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  669.513597][T11636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  669.521441][T11636] IPv6: NLM_F_CREATE should be set when creating new route
[  669.528752][T11636] IPv6: NLM_F_CREATE should be set when creating new route
[  669.545164][T11636] netlink: 'syz.3.1379': attribute type 1 has an invalid length.
[  669.556452][T11636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  669.678364][   T10] usb 7-1: USB disconnect, device number 5
[  674.537797][T11678] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1391'.
[  676.332502][T11693] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  676.345833][T11693] VFS: Can't find a romfs filesystem on dev nullb0.
[  676.345833][T11693] 
[  677.720418][T11702] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1398'.
[  677.734319][T11702] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1398'.
[  679.149202][T11718] --map-set only usable from mangle table
[  680.407762][T11724] gfs2: not a GFS2 filesystem
[  686.010738][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  687.545777][T11788] trusted_key: encrypted_key: master key parameter 'tr?���' is invalid
[  689.907517][T11803] netlink: 'syz.7.1424': attribute type 1 has an invalid length.
[  690.123964][T11803] 8021q: adding VLAN 0 to HW filter on device bond2
[  690.973631][T11803] gretap1: entered promiscuous mode
[  691.036948][T11803] bond2: (slave gretap1): making interface the new active one
[  691.044869][    C1] ==================================================================
[  691.044900][    C1] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x471/0x4b0
[  691.044932][    C1] Read of size 2 at addr ffff888021b2b82a by task syz.7.1424/11803
[  691.044949][    C1] 
[  691.044974][    C1] CPU: 1 UID: 0 PID: 11803 Comm: syz.7.1424 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  691.044996][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  691.045016][    C1] Call Trace:
[  691.045029][    C1]  <IRQ>
[  691.045037][    C1]  dump_stack_lvl+0x189/0x250
[  691.045059][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  691.045081][    C1]  ? rcu_is_watching+0x15/0xb0
[  691.045101][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  691.045121][    C1]  ? rcu_is_watching+0x15/0xb0
[  691.045138][    C1]  ? lock_release+0x4b/0x3e0
[  691.045157][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  691.045178][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  691.045201][    C1]  print_report+0xd2/0x2b0
[  691.045228][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  691.045245][    C1]  kasan_report+0x118/0x150
[  691.045273][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  691.045295][    C1]  rose_timer_expiry+0x471/0x4b0
[  691.045315][    C1]  call_timer_fn+0x17e/0x5f0
[  691.045332][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  691.045350][    C1]  ? call_timer_fn+0xbe/0x5f0
[  691.045365][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  691.045385][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  691.045410][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.045435][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  691.045453][    C1]  __run_timer_base+0x61a/0x860
[  691.045477][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  691.045511][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  691.045546][    C1]  run_timer_softirq+0xb7/0x180
[  691.045573][    C1]  handle_softirqs+0x283/0x870
[  691.045595][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  691.045617][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  691.045639][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  691.045666][    C1]  __irq_exit_rcu+0xca/0x1f0
[  691.045685][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  691.045709][    C1]  irq_exit_rcu+0x9/0x30
[  691.045727][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  691.045755][    C1]  </IRQ>
[  691.045761][    C1]  <TASK>
[  691.045769][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  691.045790][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  691.045817][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 95 f1 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 86 f1 1e 00 eb 06 e8 7f f1 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 5a 49 80 00 48 8b 1b 48 8b 44 24
[  691.045834][    C1] RSP: 0018:ffffc9000fe7e340 EFLAGS: 00000287
[  691.045861][    C1] RAX: 1ffffffff1d3462f RBX: ffffffff8e9a3178 RCX: 0000000000080000
[  691.045882][    C1] RDX: ffffc9000c789000 RSI: 0000000000020d77 RDI: 0000000000020d78
[  691.045897][    C1] RBP: ffffc9000fe7e490 R08: ffffffff8fa0c5f7 R09: 1ffffffff1f418be
[  691.045911][    C1] R10: dffffc0000000000 R11: fffffbfff1f418bf R12: dffffc0000000000
[  691.045923][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9a3120
[  691.045942][    C1]  ? console_flush_all+0x13a/0xc40
[  691.045964][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  691.045987][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  691.046009][    C1]  console_unlock+0xc4/0x270
[  691.046029][    C1]  ? __pfx_console_unlock+0x10/0x10
[  691.046052][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  691.046080][    C1]  vprintk_emit+0x5b7/0x7a0
[  691.046103][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  691.046127][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  691.046153][    C1]  ? sched_clock_cpu+0x74/0x430
[  691.046176][    C1]  _printk+0xcf/0x120
[  691.046202][    C1]  ? __pfx__printk+0x10/0x10
[  691.046224][    C1]  ? update_curr_se+0x8d/0x230
[  691.046246][    C1]  ? __netdev_printk+0x365/0x4d0
[  691.046276][    C1]  netdev_info+0x10a/0x160
[  691.046306][    C1]  ? __pfx_netdev_info+0x10/0x10
[  691.046340][    C1]  bond_change_active_slave+0xb4a/0x3770
[  691.046370][    C1]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  691.046397][    C1]  ? __pfx_bond_change_active_slave+0x10/0x10
[  691.046420][    C1]  ? __queue_work+0x103/0xfe0
[  691.046442][    C1]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  691.046471][    C1]  ? mod_delayed_work_on+0x128/0x200
[  691.046492][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.046518][    C1]  ? mod_delayed_work_on+0x1ac/0x200
[  691.046540][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  691.046565][    C1]  ? netdev_change_features+0x8d/0xd0
[  691.046595][    C1]  bond_select_active_slave+0x8e2/0xd00
[  691.046624][    C1]  ? __pfx_bond_select_active_slave+0x10/0x10
[  691.046649][    C1]  ? __pfx_bond_set_carrier+0x10/0x10
[  691.046673][    C1]  ? netdev_is_rx_handler_busy+0x6e/0x140
[  691.046698][    C1]  ? __pfx_bond_handle_frame+0x10/0x10
[  691.046725][    C1]  bond_enslave+0x229c/0x3a20
[  691.046763][    C1]  ? __pfx_bond_enslave+0x10/0x10
[  691.046794][    C1]  ? __pfx___dev_notify_flags+0x10/0x10
[  691.046814][    C1]  ? __dev_change_flags+0x4cc/0x6d0
[  691.046833][    C1]  ? mutex_is_locked+0x17/0x50
[  691.046852][    C1]  do_set_master+0x530/0x6d0
[  691.046873][    C1]  rtnl_newlink_create+0x677/0xb00
[  691.046906][    C1]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  691.046925][    C1]  ? rtnl_newlink+0x8db/0x1c70
[  691.046940][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  691.046958][    C1]  ? ns_capable+0x8a/0xf0
[  691.046978][    C1]  rtnl_newlink+0x16d6/0x1c70
[  691.046998][    C1]  ? netlink_sendmsg+0x805/0xb30
[  691.047020][    C1]  ? __pfx_rtnl_newlink+0x10/0x10
[  691.047045][    C1]  ? kasan_quarantine_put+0xdd/0x220
[  691.047065][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.047090][    C1]  ? nlmon_xmit+0xb0/0x100
[  691.047108][    C1]  ? kmem_cache_free+0x18f/0x400
[  691.047134][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  691.047149][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.047170][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  691.047184][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  691.047201][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  691.047222][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  691.047242][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  691.047264][    C1]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  691.047287][    C1]  ? __lock_acquire+0xab9/0xd20
[  691.047314][    C1]  ? __pfx_rtnl_newlink+0x10/0x10
[  691.047331][    C1]  rtnetlink_rcv_msg+0x7cc/0xb70
[  691.047347][    C1]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  691.047362][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  691.047379][    C1]  ? ref_tracker_free+0x63a/0x7d0
[  691.047402][    C1]  ? __copy_skb_header+0xa7/0x550
[  691.047425][    C1]  ? __pfx_ref_tracker_free+0x10/0x10
[  691.047453][    C1]  netlink_rcv_skb+0x205/0x470
[  691.047475][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  691.047495][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  691.047517][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  691.047535][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  691.047555][    C1]  netlink_unicast+0x758/0x8d0
[  691.047576][    C1]  netlink_sendmsg+0x805/0xb30
[  691.047599][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  691.047623][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  691.047646][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  691.047665][    C1]  __sock_sendmsg+0x219/0x270
[  691.047690][    C1]  ____sys_sendmsg+0x505/0x830
[  691.047714][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  691.047739][    C1]  ? import_iovec+0x74/0xa0
[  691.047760][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  691.047781][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  691.047817][    C1]  ? __fget_files+0x2a/0x420
[  691.047833][    C1]  ? __fget_files+0x3a0/0x420
[  691.047852][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  691.047883][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  691.047909][    C1]  ? rcu_is_watching+0x15/0xb0
[  691.047929][    C1]  ? do_syscall_64+0xbe/0x3b0
[  691.047947][    C1]  do_syscall_64+0xfa/0x3b0
[  691.047961][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.047976][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  691.047992][    C1]  ? clear_bhb_loop+0x60/0xb0
[  691.048012][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.048029][    C1] RIP: 0033:0x7fdb7a78e929
[  691.048055][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.048072][    C1] RSP: 002b:00007fdb7b54a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  691.048093][    C1] RAX: ffffffffffffffda RBX: 00007fdb7a9b5fa0 RCX: 00007fdb7a78e929
[  691.048107][    C1] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000005
[  691.048117][    C1] RBP: 00007fdb7a810b39 R08: 0000000000000000 R09: 0000000000000000
[  691.048127][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  691.048138][    C1] R13: 0000000000000000 R14: 00007fdb7a9b5fa0 R15: 00007ffe633d2718
[  691.048154][    C1]  </TASK>
[  691.048161][    C1] 
[  691.048167][    C1] Allocated by task 11652:
[  691.048177][    C1]  kasan_save_track+0x3e/0x80
[  691.048199][    C1]  __kasan_kmalloc+0x93/0xb0
[  691.048219][    C1]  __kmalloc_noprof+0x27a/0x4f0
[  691.048240][    C1]  io_cache_alloc_new+0x40/0x100
[  691.048255][    C1]  io_msg_alloc_async+0x1b2/0x2d0
[  691.048278][    C1]  io_sendmsg_prep+0x390/0xa40
[  691.048302][    C1]  io_submit_sqes+0x90c/0x1c50
[  691.048322][    C1]  __se_sys_io_uring_enter+0x2df/0x2b20
[  691.048345][    C1]  do_syscall_64+0xfa/0x3b0
[  691.048360][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.048377][    C1] 
[  691.048382][    C1] Freed by task 11652:
[  691.048392][    C1]  kasan_save_track+0x3e/0x80
[  691.048412][    C1]  kasan_save_free_info+0x46/0x50
[  691.048429][    C1]  __kasan_slab_free+0x62/0x70
[  691.048452][    C1]  kfree+0x18e/0x440
[  691.048472][    C1]  io_clean_op+0x386/0x400
[  691.048495][    C1]  __io_submit_flush_completions+0xc20/0xe40
[  691.048516][    C1]  io_submit_sqes+0x181b/0x1c50
[  691.048539][    C1]  __se_sys_io_uring_enter+0x2df/0x2b20
[  691.048559][    C1]  do_syscall_64+0xfa/0x3b0
[  691.048571][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.048587][    C1] 
[  691.048592][    C1] The buggy address belongs to the object at ffff888021b2b800
[  691.048592][    C1]  which belongs to the cache kmalloc-512 of size 512
[  691.048608][    C1] The buggy address is located 42 bytes inside of
[  691.048608][    C1]  freed 512-byte region [ffff888021b2b800, ffff888021b2ba00)
[  691.048628][    C1] 
[  691.048633][    C1] The buggy address belongs to the physical page:
[  691.048648][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21b28
[  691.048665][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  691.048680][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  691.048702][    C1] page_type: f5(slab)
[  691.048719][    C1] raw: 00fff00000000040 ffff88801a441c80 ffffea000176dc00 dead000000000002
[  691.048735][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  691.048750][    C1] head: 00fff00000000040 ffff88801a441c80 ffffea000176dc00 dead000000000002
[  691.048764][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  691.048781][    C1] head: 00fff00000000002 ffffea000086ca01 00000000ffffffff 00000000ffffffff
[  691.048797][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  691.048808][    C1] page dumped because: kasan: bad access detected
[  691.048818][    C1] page_owner tracks the page as allocated
[  691.048829][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5212, tgid 5212 (udevd), ts 45036602370, free_ts 42197859793
[  691.048856][    C1]  post_alloc_hook+0x240/0x2a0
[  691.048886][    C1]  get_page_from_freelist+0x21d5/0x22b0
[  691.048904][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  691.048918][    C1]  alloc_pages_mpol+0x232/0x4a0
[  691.048942][    C1]  allocate_slab+0x8a/0x3b0
[  691.048959][    C1]  ___slab_alloc+0xbfc/0x1480
[  691.048974][    C1]  __kmalloc_cache_noprof+0x296/0x3d0
[  691.048998][    C1]  kernfs_fop_open+0x397/0xca0
[  691.049017][    C1]  do_dentry_open+0xdf0/0x1970
[  691.049035][    C1]  vfs_open+0x3b/0x340
[  691.049050][    C1]  path_openat+0x2ee5/0x3830
[  691.049067][    C1]  do_filp_open+0x1fa/0x410
[  691.049084][    C1]  do_sys_openat2+0x121/0x1c0
[  691.049099][    C1]  __x64_sys_openat+0x138/0x170
[  691.049114][    C1]  do_syscall_64+0xfa/0x3b0
[  691.049128][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.049143][    C1] page last free pid 5212 tgid 5212 stack trace:
[  691.049154][    C1]  __free_frozen_pages+0xc65/0xe60
[  691.049180][    C1]  __slab_free+0x326/0x400
[  691.049195][    C1]  qlist_free_all+0x97/0x140
[  691.049216][    C1]  kasan_quarantine_reduce+0x148/0x160
[  691.049237][    C1]  __kasan_slab_alloc+0x22/0x80
[  691.049260][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  691.049282][    C1]  getname_flags+0xb8/0x540
[  691.049298][    C1]  vfs_fstatat+0x43/0x170
[  691.049314][    C1]  __x64_sys_newfstatat+0x116/0x190
[  691.049332][    C1]  do_syscall_64+0xfa/0x3b0
[  691.049346][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.049361][    C1] 
[  691.049365][    C1] Memory state around the buggy address:
[  691.049375][    C1]  ffff888021b2b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  691.049387][    C1]  ffff888021b2b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  691.049398][    C1] >ffff888021b2b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  691.049408][    C1]                                   ^
[  691.049417][    C1]  ffff888021b2b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  691.049427][    C1]  ffff888021b2b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  691.049436][    C1] ==================================================================
[  691.049497][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  691.049514][    C1] CPU: 1 UID: 0 PID: 11803 Comm: syz.7.1424 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  691.049537][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  691.049547][    C1] Call Trace:
[  691.049556][    C1]  <IRQ>
[  691.049564][    C1]  dump_stack_lvl+0x99/0x250
[  691.049590][    C1]  ? __asan_memcpy+0x40/0x70
[  691.049612][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  691.049634][    C1]  ? __pfx__printk+0x10/0x10
[  691.049664][    C1]  panic+0x2db/0x790
[  691.049684][    C1]  ? __pfx_panic+0x10/0x10
[  691.049699][    C1]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  691.049722][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  691.049745][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  691.049766][    C1]  ? print_memory_metadata+0x314/0x400
[  691.049795][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  691.049813][    C1]  check_panic_on_warn+0x89/0xb0
[  691.049838][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  691.049856][    C1]  end_report+0x78/0x160
[  691.049891][    C1]  kasan_report+0x129/0x150
[  691.049917][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  691.049940][    C1]  rose_timer_expiry+0x471/0x4b0
[  691.049960][    C1]  call_timer_fn+0x17e/0x5f0
[  691.049977][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  691.049995][    C1]  ? call_timer_fn+0xbe/0x5f0
[  691.050012][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  691.050032][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  691.050057][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.050082][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  691.050101][    C1]  __run_timer_base+0x61a/0x860
[  691.050125][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  691.050157][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  691.050188][    C1]  run_timer_softirq+0xb7/0x180
[  691.050212][    C1]  handle_softirqs+0x283/0x870
[  691.050232][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  691.050249][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  691.050270][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  691.050297][    C1]  __irq_exit_rcu+0xca/0x1f0
[  691.050316][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  691.050339][    C1]  irq_exit_rcu+0x9/0x30
[  691.050357][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  691.050384][    C1]  </IRQ>
[  691.050390][    C1]  <TASK>
[  691.050398][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  691.050418][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  691.050445][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 95 f1 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 86 f1 1e 00 eb 06 e8 7f f1 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 5a 49 80 00 48 8b 1b 48 8b 44 24
[  691.050461][    C1] RSP: 0018:ffffc9000fe7e340 EFLAGS: 00000287
[  691.050480][    C1] RAX: 1ffffffff1d3462f RBX: ffffffff8e9a3178 RCX: 0000000000080000
[  691.050495][    C1] RDX: ffffc9000c789000 RSI: 0000000000020d77 RDI: 0000000000020d78
[  691.050508][    C1] RBP: ffffc9000fe7e490 R08: ffffffff8fa0c5f7 R09: 1ffffffff1f418be
[  691.050523][    C1] R10: dffffc0000000000 R11: fffffbfff1f418bf R12: dffffc0000000000
[  691.050536][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9a3120
[  691.050560][    C1]  ? console_flush_all+0x13a/0xc40
[  691.050586][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  691.050613][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  691.050641][    C1]  console_unlock+0xc4/0x270
[  691.050663][    C1]  ? __pfx_console_unlock+0x10/0x10
[  691.050686][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  691.050712][    C1]  vprintk_emit+0x5b7/0x7a0
[  691.050735][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  691.050760][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  691.050786][    C1]  ? sched_clock_cpu+0x74/0x430
[  691.050809][    C1]  _printk+0xcf/0x120
[  691.050853][    C1]  ? __pfx__printk+0x10/0x10
[  691.050882][    C1]  ? update_curr_se+0x8d/0x230
[  691.050903][    C1]  ? __netdev_printk+0x365/0x4d0
[  691.050932][    C1]  netdev_info+0x10a/0x160
[  691.050960][    C1]  ? __pfx_netdev_info+0x10/0x10
[  691.050993][    C1]  bond_change_active_slave+0xb4a/0x3770
[  691.051026][    C1]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  691.051052][    C1]  ? __pfx_bond_change_active_slave+0x10/0x10
[  691.051077][    C1]  ? __queue_work+0x103/0xfe0
[  691.051099][    C1]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  691.051129][    C1]  ? mod_delayed_work_on+0x128/0x200
[  691.051150][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.051177][    C1]  ? mod_delayed_work_on+0x1ac/0x200
[  691.051199][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  691.051223][    C1]  ? netdev_change_features+0x8d/0xd0
[  691.051252][    C1]  bond_select_active_slave+0x8e2/0xd00
[  691.051281][    C1]  ? __pfx_bond_select_active_slave+0x10/0x10
[  691.051306][    C1]  ? __pfx_bond_set_carrier+0x10/0x10
[  691.051332][    C1]  ? netdev_is_rx_handler_busy+0x6e/0x140
[  691.051357][    C1]  ? __pfx_bond_handle_frame+0x10/0x10
[  691.051384][    C1]  bond_enslave+0x229c/0x3a20
[  691.051422][    C1]  ? __pfx_bond_enslave+0x10/0x10
[  691.051454][    C1]  ? __pfx___dev_notify_flags+0x10/0x10
[  691.051475][    C1]  ? __dev_change_flags+0x4cc/0x6d0
[  691.051498][    C1]  ? mutex_is_locked+0x17/0x50
[  691.051520][    C1]  do_set_master+0x530/0x6d0
[  691.051546][    C1]  rtnl_newlink_create+0x677/0xb00
[  691.051574][    C1]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  691.051594][    C1]  ? rtnl_newlink+0x8db/0x1c70
[  691.051614][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  691.051635][    C1]  ? ns_capable+0x8a/0xf0
[  691.051655][    C1]  rtnl_newlink+0x16d6/0x1c70
[  691.051674][    C1]  ? netlink_sendmsg+0x805/0xb30
[  691.051702][    C1]  ? __pfx_rtnl_newlink+0x10/0x10
[  691.051731][    C1]  ? kasan_quarantine_put+0xdd/0x220
[  691.051754][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.051783][    C1]  ? nlmon_xmit+0xb0/0x100
[  691.051800][    C1]  ? kmem_cache_free+0x18f/0x400
[  691.051829][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  691.051849][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.051881][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  691.051900][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  691.051921][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  691.051947][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  691.051972][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  691.051997][    C1]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  691.052025][    C1]  ? __lock_acquire+0xab9/0xd20
[  691.052053][    C1]  ? __pfx_rtnl_newlink+0x10/0x10
[  691.052072][    C1]  rtnetlink_rcv_msg+0x7cc/0xb70
[  691.052093][    C1]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  691.052111][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  691.052129][    C1]  ? ref_tracker_free+0x63a/0x7d0
[  691.052155][    C1]  ? __copy_skb_header+0xa7/0x550
[  691.052179][    C1]  ? __pfx_ref_tracker_free+0x10/0x10
[  691.052210][    C1]  netlink_rcv_skb+0x205/0x470
[  691.052231][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  691.052251][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  691.052276][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  691.052298][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  691.052320][    C1]  netlink_unicast+0x758/0x8d0
[  691.052344][    C1]  netlink_sendmsg+0x805/0xb30
[  691.052370][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  691.052395][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  691.052421][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  691.052442][    C1]  __sock_sendmsg+0x219/0x270
[  691.052470][    C1]  ____sys_sendmsg+0x505/0x830
[  691.052495][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  691.052522][    C1]  ? import_iovec+0x74/0xa0
[  691.052544][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  691.052567][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  691.052606][    C1]  ? __fget_files+0x2a/0x420
[  691.052623][    C1]  ? __fget_files+0x3a0/0x420
[  691.052644][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  691.052668][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  691.052696][    C1]  ? rcu_is_watching+0x15/0xb0
[  691.052719][    C1]  ? do_syscall_64+0xbe/0x3b0
[  691.052737][    C1]  do_syscall_64+0xfa/0x3b0
[  691.052755][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.052773][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  691.052792][    C1]  ? clear_bhb_loop+0x60/0xb0
[  691.052812][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.052830][    C1] RIP: 0033:0x7fdb7a78e929
[  691.052848][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.052864][    C1] RSP: 002b:00007fdb7b54a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  691.052891][    C1] RAX: ffffffffffffffda RBX: 00007fdb7a9b5fa0 RCX: 00007fdb7a78e929
[  691.052905][    C1] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000005
[  691.052917][    C1] RBP: 00007fdb7a810b39 R08: 0000000000000000 R09: 0000000000000000
[  691.052930][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  691.052941][    C1] R13: 0000000000000000 R14: 00007fdb7a9b5fa0 R15: 00007ffe633d2718
[  691.052962][    C1]  </TASK>
[  691.053217][    C1] Kernel Offset: disabled