last executing test programs:

9.150349537s ago: executing program 2 (id=767):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000540)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000240)='\x94ockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='\xd1S{O', &(0x7f0000000280)='\x1e\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000780)='\xb9T\xb9\xf5\x9d\xee/\xc9\xa8\xaa\xe6\xad\xb4s\x002tT5j<\xd4\xfc\x03\x12~\x8d\xf7\xe0\xfc\x96M\x82\xf3\xf5I\xbc*[\x1eX1\xb6\x15\x1a/\x83\x99\x88\xe9\x00\xf3\xefO2\xac\xfe\n\xf4\xed>M\x84D\xf9O!Ywe\x7f\x8b\xd1C\xf3\x7fr\xe8\x1cy\xb4\x00BO\r\x86f^U\xae\x9d\x9e\x15\xa9Oon\xbf\x88vv\xea\xd9\xb6\x11F\xdfq\xa2\x9a\xa0\xfb\xadBT\xf5Q\xd2\xd4\xb7\xa3\xe7\xea\xb1\xc2\xcd\xb4\xe4\x8e\xdc.!Z\x9b\xf3\x92_\xf9$\xba\t\xc3\x8a\x1bO\r\xdeo\xd54\x83\xe2?-\xa4-\xa2\x19\x14\x80[\xa5\x94\xcd\x85\x83\xf6_C\xfe\x89\x88\t\xf2\xa6\xdb\xc1q\xce\x123Y\xdb)\xdc\xd8\x19\x87\x84P\xd9', &(0x7f00000003c0)='dU|\xcb\t\'_\x05\xe0<`\x8a(\xa0G7\xe1\x89\xd5U\xe1L\xa5\xa3\xcb4D\xbe\x02\xefZ%\xdbb{\xccw\x9b\x00'/61, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000a00)='wsync', &(0x7f0000000b40)="b2", 0x1)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000840)='\x00\x9b~\xd7\xde\x91d\r\xa3e\xec=Z\xce\xb0\xdfr\xbfQ\x85n4\xf5T\xc2\x86;\x03K\x80pF\xeaK\xb4t\xef\'\n\x05\xc9\xcfc\x92\bE\xf9\xf9\xcf\x96\x99\xde\x1e3\xcdA\xf9\x1bj\xc3\x8b\xbe\xee\xb3e\xd8Mk\xf1+\xbf\xd5\x98\x8c\x13\xdc\x85\x17\xcd\xf8\xf5\a\xde9\xd1\x8b\xf0&P\x92\x99u8\xb6,#\x0f\x89\xd9ic\xb5\xba\xe7\x03\x8d-\v\xd3S\x98\x89@\x8aWLU\xb1\xc4i6\xa5\xb7\x1d\xf3s\xaf\x7f\xb16\xa2\xbe\xfa\xfa~2\x1d\xeb\xd0G\xdc\a\xa3\x93n\x82\xa7h\xd7\x83N\x8aW\xaa\xc1\xc7\xec\xea\x13\xbe\xf3fQ\xfa\x8cP\xa7\xc1O,\x83\xec\xa9\xeb\xb2 u\x15A\xde\f8T\x81\xccces\xfa\xef\xf4 =z\xfc\xef]~tY \xef8\r,x~\xa0,\xc7@\xc0\xef\xc1`\xec}\xa2\x8d\x95\xff0c\xcd\x02~\xf7\x1a\x93\xff\xcd\xadB7\x13\x84BPC\xa4\xa2O\xf0\xdd\xde\xc5H.y\xfc\xe9$\xf6\xa6t\xa3\xdbr\x00+\x01{\xfb-\x1f\x1b\xeb\xd9b\xf0\n\x99\x0fM\xfa_\x10\xd0%\xe7o\xc9\bO\xfe\xfb\xca\xf8\x9d]\xa1\x98(Nw\x87\xd15', &(0x7f0000000100)="d2", 0x1)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r6})
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r7, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x384, 0x1000, 0x0, 0x0, 0x0, {0x0, 0x0, 0x2}, {0x3}, {0xf4ef, 0x1000}, {0x0, 0x0, 0xffe}, 0x0, 0x100, 0x0, 0xd613, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)

7.88716093s ago: executing program 4 (id=770):
unshare(0x2040400)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, 0x0, &(0x7f0000000140)=<r3=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r1, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0)

7.64013386s ago: executing program 0 (id=771):
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, 0x0, 0x4000080)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xa, 0xc1f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x7ff, 0x1000, 0x1, 0xfffffffc, 0x5, 0xffff, 0x200400, 0x31e})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f00000000c0)=[0x0, 0x0, <r5=>0x0], &(0x7f0000000180), 0x3, r3, 0xeeeeeeee})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r2, 0xc01864ba, &(0x7f0000000300)={0x2, r5, r3})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000580)={0x0, &(0x7f0000000940)=[{}, {}], &(0x7f0000000500), &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000440)={&(0x7f0000000600)=[0x0], &(0x7f0000000640)=[{}, {}], &(0x7f00000004c0)=[0x0, 0x0], 0x0, 0x2, 0x2, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000880)={0x0, 0x0, 0x0, &(0x7f00000003c0)=[0x2, 0x1ff, 0x1, 0x1200, 0xc398], &(0x7f0000000800)=[r5, 0x0, 0x0, 0x0], &(0x7f0000000840)=[0x5, 0x8, 0x6, 0x4, 0x1, 0xffffffffffffffff, 0x4], 0x0, 0xffffffffffff9cf5})
setgroups(0x700, &(0x7f0000000280))
fcntl$getown(r1, 0x9)

6.783267803s ago: executing program 4 (id=772):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000009c0)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000500, 0x0, 0x0, 0x200000000590, 0x200000000560], 0x0, 0x0, &(0x7f0000000500)=ANY=[]}, 0x78)

6.741508414s ago: executing program 0 (id=773):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbe, &(0x7f00000006c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0xfe, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x24, 0x4, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x7, @loopback, @rand_addr=0x640100fe, {[@cipso={0x86, 0x75, 0x0, [{0x0, 0xa, "e256b28c59030000"}, {0x0, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "84759b6705a0dc91e5c600000000"}, {0x0, 0xa, "0000000000800000"}, {0x0, 0x12, "73bc23f9ffffffa30900a301c8460000"}, {0x0, 0x12, "c8f46976e79ea788f03d9d3205927e3d"}]}, @cipso={0x86, 0x6, 0x20}]}}, '\x00\x00\x00\x00'}}}}}, 0x0)

6.575221465s ago: executing program 4 (id=774):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$FICLONE(r1, 0x40049409, r1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.574831705s ago: executing program 0 (id=775):
socket(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x141800, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000340)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, @in={0x2, 0x4e23, @rand_addr=0x64010101}, @in6={0xa, 0x4e23, 0x32, @private1, 0x6}], 0x48)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xe, 0xfff3}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x3}}}}]}, 0x40}}, 0x4000000)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000000180)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x8000000, @loopback, 0xffffffff}, 0x1c)
ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
getpid()

5.792136818s ago: executing program 3 (id=779):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2d158bf4e283444f207b1af8ff00000000bfa1000000000000070a0000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="5fd63edbfd8a4a6077fd87686f9a", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

5.599645125s ago: executing program 0 (id=780):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000000))
ioctl$SNDCTL_DSP_GETIPTR(r4, 0x800c5011, &(0x7f0000000040))
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x20000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
prctl$PR_SET_THP_DISABLE(0x44, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x4000000000)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = io_uring_setup(0x3ca9, &(0x7f00000000c0)={0x0, 0xd4ea, 0x10000, 0x0, 0x10000001})
io_uring_enter(r6, 0x0, 0xffefffff, 0x21, 0x0, 0x0)

5.485078382s ago: executing program 3 (id=782):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x600000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f022})
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = syz_io_uring_setup(0x112, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mount$9p_rdma(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', &(0x7f0000000280), 0x10000, &(0x7f0000000600)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[], [{@uid_lt}]}})
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000007d00), 0x0, 0x44842)
io_uring_enter(r2, 0x47f6, 0xb277, 0x0, 0x0, 0x0)

5.465035827s ago: executing program 2 (id=783):
unshare(0x2040400)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, 0x0, &(0x7f0000000140)=<r3=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r1, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0)

4.353414213s ago: executing program 3 (id=784):
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x14, 0x0, &(0x7f0000000080))
syz_init_net_socket$rose(0xb, 0x5, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000417000/0x2000)=nil, 0x2000, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x6c}}, 0x24000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.609345682s ago: executing program 0 (id=787):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000540)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60c70b28000c2f00fe800000000700000000000000100002fe8000000000000000000000000000aa242088be", @ANYRESOCT], 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000bc0)={{@my=0x0}, {@my=0x0, 0x4000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b8317ad07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7d9ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162f3abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c900"}, 0x418})
r4 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mknodat$null(r4, &(0x7f0000000000)='./file1\x00', 0x20, 0x103)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)

3.605199336s ago: executing program 3 (id=788):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
eventfd2(0x8004, 0x801)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, 0x0}}, 0x40)
writev(r3, &(0x7f0000000840)=[{0x0}], 0x1)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000000000)=<r6=>0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r7=>0x0, <r8=>0x0})
clock_gettime(0x0, &(0x7f0000000480))
clock_gettime(0x0, &(0x7f0000000280))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000068000000060a410400000000000000000100000708000b4000000000400004803c00018008000100636d7000300002801c00038005000100f41c295a5a6a65593d89a9057aa772a7000000000800014000000500080002"], 0xdc}, 0x1, 0x0, 0x0, 0x80}, 0x0)
timer_settime(r6, 0x1, &(0x7f0000000400)={{r7, r8+60000000}}, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(0x0, 0x0, &(0x7f00000005c0))
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000001040104000000000000000005000000050001000300000089e1dab22290f395afe04ba808717612701fc5745b0ef8215e68feec835b6231ff6ba75105b9"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8080)

3.551086145s ago: executing program 1 (id=789):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file3\x00', 0x105042, 0x0)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000000)='./file3\x00', 0x0, 0x0, &(0x7f0000000300)='acl')

3.333391538s ago: executing program 3 (id=790):
socket(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x141800, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000340)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, @in={0x2, 0x4e23, @rand_addr=0x64010101}, @in6={0xa, 0x4e23, 0x32, @private1, 0x6}], 0x48)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xe, 0xfff3}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x3}}}}]}, 0x40}}, 0x4000000)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000000180)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x8000000, @loopback, 0xffffffff}, 0x1c)
ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
getpid()

3.23384916s ago: executing program 1 (id=791):
r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
r1 = epoll_create(0x3ff)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x20000008})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})

2.999012284s ago: executing program 2 (id=792):
io_setup(0x30, &(0x7f0000000600)=<r0=>0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x81, r1, &(0x7f0000000380)="86e430aa4bd1f570b6780e806221", 0xe}])

2.998710194s ago: executing program 1 (id=793):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2d158bf4e283444f207b1af8ff00000000bfa1000000000000070a0000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="5fd63edbfd8a4a6077fd87686f9a", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

2.801713771s ago: executing program 4 (id=794):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="7f454c4600040000ff7f08000000000003003e00ecffffff9a030000000000004000000000000000560000000000000000000000000038000100020002000000030000000500000004000000000000000d20000000400000c801000000000000e20000000000000004000000000000000200000000000000097ae9620e7dd5fa29a74a6ad4afaa24ddb85b0fed4351a419a4c43700000000e65900000000aa235733806147fdbb5a23345e64"], 0x12f)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0x10, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x25, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0xffffffff, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r5, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0x0})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000300)="a4eac90f8e3ae7580e2e693731ef6b447fc2057d9a84e61f40c79e10218d131f865d68b23cd7c3f2b681e2205f67f140252abcc3b8015e176881d81a9e61b6a2c92a9d8e1f51861b64e7b61bf9a131e197f5a6c6d4d887d86c79836e81c69e211d2bf4c595b01c94de464ff9aa72b6058fe774c81142bbce9bd0d83f6239362c3347e3daadb292cf3fee4766a2d43cf006a476ce0e4dd221acdcdefcf67733ed2978c2cd564772844077920cf54543db03688079168e36709dbbf84933a2415a32617f7de4336d89967c2cbcd76a973d88a3c440862bc11e51df6f1cd25f1aa711b721c33703645bcf93b775f1eb28c7640d1b7cbe44b9fc0e55d1a4d8f83b8fd537a231fe75ebb7255387d089ae7924c86b36f11d4c09d27626fd8cd62dbee1662558322e3dffdb4c4816e8ee2501b8e73eda5a8caf70487ea6edede6b8337d5ff348bd874de5b9a5058b85c0659031d237abfcdc40bd6b45d4845b08adc7bdaefa8099bef8d5f6cae07abc605dc651a21b04ae53f6d89d9fac3ec696ca9508a681ca65a4524242fae4d79e40840ce54330107125a916b03459f58e4e6c3215a97e391c069926a24d9486909ef1f0c210514e2cd81cbaa6352a2de4f5829eb670a6500c83eb8c8bd5edbe4005bfb524fce3d4796d028acf27fb9df67851db5d59b2f88d97aa591d607d602dbb9bb4211abbc8641610aae237e8d47f8381dced80019a4e9b3d0e6e2a978ffeec19fe0a6077eb48d3d4d478801eb1902bb3f8552d402dd8de49cb6bb7c78600c75e3bcf53bf58e391d6484423cbfe17cf95f3b30a41b849af63ffd6a7b5aaab0ce5ac6d78519430c27415fd46f150671ee860341b9c473937c498cc9aae0cb64a73f24780b4771b1ea51816bd68f19c49747c4caf0acd418517e88e1f82cd9d2d870abb33624483670269aac3d2fe75fff726d60fe1be2fc2abc47b98eb75ef2f7f4eca0b50450ef48d71921cd10307563d120eed0416e3dcf4b198ec8424d857ab872d9de56e614e3fba275bae2c21793bebe86cdfbe822bffd2c9be6e623fcbb441e202cf8107da69cb06f93f7956a4ee88de99dc881fac8894ea5acaf4cac4c65de055017ab0dcd1adab2a22e1c2a12e73316be0f4d07b405d6bf4adda88fac3f081f8f180b403a0671d4b26e35860e1064d87748390e6f63217d7db40f002f85c57c125be768d68600e2c795a83a3477481a41b8392a6ae2c3a51cec2da15980c299f528e658641960ef2983ae3e30955586dd9e6a6591d81645ed451dfc14b2c648a89655af1f66067350c6fb356610469ae7b20ccd14cbb0fb04f58bfda8f28f90ebade9b6f8017094f1d467d9df73dfcc48cea0307ca833b72978e64651c8eb429f2b36adab59251452b4abaa2ecb42eaf674b12b49081b40c324d6da586212f187c51e32c42b00622b3fcb1acfecaeb603cec87a0010c199a80cf184894b0992fe709613c672ec91587afe94c637cce86a50dfe9c695c8398e963e68156537014405962d20610846691a352dad6204a33f07f175e5dbdc89aab549ef4150320084fd999a090d86affac5ac371dfe5dd595b7459b39bd78ba5bb77469da251d4f9906356667a27ac58025eed8d0ded3a69cd2a6cae52ac4dd5799802421fd8a818c5bc787da162a42f5dec2175b4ff37a543d214bdf0cc071de0b77c9902ce7dbb42ace340e64a020100b677a73bc4449655f4165f074cb1b85cd491f18f3fbeb03ca708a91fe041a46433d8d8e1693dbff6333981c243b1d412c87741aca8e790f3ebb3151e3b44870ba74c64cc5c3011d7ac138ef0bd48f197a32c31fac8d53ba54ae114119328eb9e8825555ba29e9d45cbe656eeff1b4e39600695d3911ab4f5075c3d5691b731c50adc226d3ebf50d3c38561a5d0cef2c9d16e071bb8221ab4f85a802a63b7071402f88c7cf39cfc916f8622357b3234f3761f89cfbf3aded40c512a614702ae867e197510d3bdb4ee60df96c4e51b5a338b58b07e8ee62be9822e0d166ff874b8d1f9e4486c601d9b56a26eb0b83a80704dee19d10cc05c63b95f7d1efef88177645bc30d8473983ed552926d219bd0c3dbcb0fb464649624ba7a57f5163f49f33fb79a46e7ac9797e300262a843f15f644f5230546f3c62450242fe12a79bd44c61fd946165662b0bfbcffd12deb93e0cb82dc8cc66bebf0721b94a5fa0d66381540246ff78c6225a952ab984c06c07902ed42e40fcc9151b0a59be83f454698f302f349014082ff08bcecbf0b9dea7e32b063449d573ca1b6efc812acf382ef7b7e6cd206185e063c985b8c44fe38d62d4a8d3d15228406f3abed51fe90bae3ddc283069d46e0ebd3a8bb87e4e0eb116dff6fc881e8fd0e5032e6a6494cadfd85652ed1c9c2d7aa00e18ccbde0aa3c857c50ee86975aff735f633471ab8e6db33bfcefeae661bd1bd6dfb55a9a4b4f9be01fd15e27e03fc943ccdb91a799d2eb168d9fdeecd32c19169cc0443ebb8e2f681d773efff72530f61a288cfb49c0217b9a9223ceb3798390e15fbe9475975c05f22a7c4d1990f9400a249d32eec4a5773bea0d15cc0df06d223e057b3693ac906cf632da8c9092e52718bd9f16af452dacfab22cfc2c58a3168de9914570f1035ae9b3092346db21dda270393a992cb967dc074ae2fe8b545df855b9e8b251cac7935a842bda9e850a9efb5309cc0fb83a630dcb3684fec4999ed6c4cc91aea72961420523be74711ff4c3f16a5f6ee906dae87d2bbc194b2d8b7743c157f6c8d80e6f4e377cf05810bef82e51fa5c1e442018466071f7d572cae794fab5cfbbd8e8d398c3a2823e8ce4357572a32123312d0d3976d63dc2a00b2d474ad288762e768e31ab7b4f09e7f3cfcb7a48adbdbca43d30c9bc8f67d115bc34f24eaf0318bb5e2994ff0f8b62c13f46abebdd0846da71a5d106e62266ec3e5a3f2c7166628220568807b595dc73920a0a7a9f2644db70fc53fac0a547cf6cbefe7aee975e0159fe8f413eab912925757581d2fe97cc5f19343f329b2ef081397737414a822432b5f9fa2044aebda92c1d6a065401b70c20a6867fb93e8f6f575aa9fae3e67b6fc6e0418f58731d932b3e5bd1dddbb9854a25144a334d00bea2995d7a751d40a06c37372b05cc584aaf62b90fdd95f87ff53eab367600d50eebbbb4cf04f225824086cfaca6aa82b3e3433881f7ec32cd419780ed0de6fb2234368983282fb93b9d1a6bd96c3d14aff8272328db634b02bbbc5b8957c695e469f80fc50eac333b88303d0bf29c42c13a92a58a9bf30391cfe6a0c5df40cd5b7a8637cbece9a4f251e5aa4aa2fdf883d82d2a430f06416f0372911e426620b25d8839d2ac9d73cb782194f0daddd4caa68f1ff6892981c00d6812d21ffb5fcd9b1cd187d519040968aa2d7f4ccfcc236ffe2cae8d349f39feb3fa574272a428dfbfba0a735a349188b1396b96d1fc2e86069fc797de98985bf338e495d66cbed89c2f5f2cc78ec2b880f04627e5cd49e93bb606d241149b936ab29b790e22022361c483d760e07cabdfdd204114fc3808b7bb7cf977ffe0b8c58584364571578084f1dfbb592e47e0f01c020d02aafc8c83a56299f31836574923a706e7a46861502dfbf0e9d2893a38aca39a16cec44664541e092ec489abfa28128ebd73e7bbe062515384c69c656268ef42c37632ce2db76afd09e6de7928136cfaae1b4fdeaab590617584831a7eb19af64625ec2ca635f79f50caa48524b0fcd1e08a09bcf52e231f3487ab54fc77ae44e13a966976e9e9deaf8ab9da7f804fe6290e16629c6f83110f54e5c206798033c614be334a5ee04f4ecb30f58371eeb3664eab1d00f52725992897279d21d475cefbe2345a7f1df6e916a806e7c39b651866f6c1108d00990673ca858d8af73a26a74e1f8d7818859e7d0123224f866ed0745382b2a29f5374d7c6c0fa54ddf743d89c85dc56cfab74ee786d054a5f4f1db15d85e9fe1a7fdaa3746d9e7429735f2253cb2a600b81f969c7c7e56f22b47f15aa700b3369102ea105106b96cebd1161673ae4725a4d96421833f65f76c64de5aa7957b0df8ab64583e8d5018faa1f4e0376f1d38103ac78403f65f809619c3a9fe43c6b3493d29c52d4c230a39914b1b49c627fba1612c6479205c256ef023cb52ca142c6c37391ec9f74ba334ddebce6438cdf6e99527e68585324cbf6547872366d2d0b7db30a33528a745cbc8820e52a3cf77e50a76935ff4a7f41dfc58c86ff05e24436faf28f423467105b314bd6e4edbf1a352840728e8fe4dd79ee5f770dd987eb62ba3ff5c26c9de6685afefa5a227a4a6dfc1d23ba09eefab45402b138b53b83873a3797096d4b62450c579a894be0c05b947646ef2039ed37955155b58fae377c727605979505b037a0a72e622b883cd1001f69da95ffdd143e68e1fc2cc42db37bde33184ff85c89713a722e1eba4ad292ec9ccd1c8c18674e77bf6394edd47ad635b278ec09921020507104485a6453585c385d0cd4cf611d0c6da50ec3d34eecaf3bba0ae5051a55450ae2e40c4fd0ba420b04b2e1b4d1592e8b80f92d40d42de588e719fe2b022c30a5187c64cc5c48679f680387464d3681edea585006a2e852be2266e8c4230a6bf60dd8efb0e3c1b4dcfed2844d495957ae734470d0199a0e0278f80018a39e9c82c15cb9c73a3deb2579444b414ca7061bfb4f599fe3968334c0ebde54b9a046370bb7d3227c9dd23e8edcf8b07aabf328bb164c79c6df5f0bd46a276413dee370e32da823d5e9839937e72b6480ac0439d104cadba1a8d6d0542f73f720ecdafece52fc6fa291e44b3852af376a3aceb05c2c293a2576175a3b4135ff6799a232d9c3907fcdd49e0d97e80ece0135dac08c37a16a93046d7ca3f3db91d0c28447522759017980f4d3321981ab53000fbe5293b396f6163e3ae016329bc42f6c958d648a30ed5c6e14eeef235fb74cbc24e183a0f89ee89b3c51a8b7106afefb2e406a026619793fe4c3f4bdc7d66fbf98a740afb32485ae5451b905c22bf63f9b3b42b30a3287f266559db4067d1c00d2ffee58378a44614dafed9107d97d9c3048f2bdba374ccc827f302dae2a4637354cedfc0a2d7f2d2462f5ed43f1b682e8167a2081a20741ed8bb94791526355e14a6b191aee05ef45f5d5cd83cf8fa66e5c5b4f38d7bedc90da431a285b239e13a3f9e68399da38eda883b4e443c1d557fc4cec84ce9bccf67a652e7d94c8ff57c277fb0ce233ea35929d98467ea8643cfc0464827aa26e381293c0efc049b4707416551c7d57c40d232a660b2c8d722dcd1cde8629e2b30b476c2ea9da3beec02a6b38f507230ee700f871338007cdb06d3be80450fb20f8493668183d776c902d044d4152c8a4e9ffa909d82d1b6aa27ca390706d7690b307436de72b4a81c094688397281810e98053b8c622bdc1194f54aab47fe1d3d9512733ee3e6b5b7688a90960929a0afee9580440b8964c450e3caeefcbe24c1bf6e74336ad4954f62c874a4a1ba019cae59bd1eb2ffee6174e04324348d92b588a31271a3ac59b91adb5eb22cf5af39d7cb8a7d3d8916aa9cb772c53217c18c7caa1442f9046ea806e48c6b3542d97916091d9424c7839d2757aabd0f675cd221cce0228e272e23531b6e0163b4182c267868ae1ccab3872d36085f7be61930c5fd261d045eb3dde49f646f40c313cf", 0xfce}], 0x1)

2.60767769s ago: executing program 1 (id=795):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x101]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b40000000017e63646f1b0721b000000060000"], 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0}, 0x94)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x4}, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0xe, &(0x7f0000000380)={0x0, 0xffffff22}, 0x1, 0x0, 0x0, 0x20004001}, 0x4000004)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRESOCT=r0, @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x4004000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100))
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r8], 0x54}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f00000016c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb080046810060006400000611907800000000e0000001940401004e234e23004890780300000004000100af3741495c2d489bb44aa0626ca7895e9409a659b4ef94e60e510dd776982e11562021340b296972dfd04230653f5cb2eeb0bcdefce2b91c"], 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r11], 0x20}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))

2.607436467s ago: executing program 2 (id=796):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000009c0)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000500, 0x0, 0x0, 0x200000000590, 0x200000000560], 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB]}, 0x78)

1.667194538s ago: executing program 3 (id=797):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000000))
ioctl$SNDCTL_DSP_GETIPTR(r4, 0x800c5011, &(0x7f0000000040))
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x20000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
prctl$PR_SET_THP_DISABLE(0x44, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x4000000000)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = io_uring_setup(0x3ca9, &(0x7f00000000c0)={0x0, 0xd4ea, 0x10000, 0x0, 0x10000001})
io_uring_enter(r6, 0x0, 0xffefffff, 0x21, 0x0, 0x0)

1.666739536s ago: executing program 4 (id=798):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r2}, @IFLA_HSR_SLAVE2={0x8}]}}}]}, 0x40}, 0x1, 0xba01, 0x0, 0x4000044}, 0x10)

1.294099231s ago: executing program 1 (id=799):
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x14, 0x0, &(0x7f0000000080))
syz_init_net_socket$rose(0xb, 0x5, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000417000/0x2000)=nil, 0x2000, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x6c}}, 0x24000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.227101s ago: executing program 2 (id=800):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
eventfd2(0x8004, 0x801)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, 0x0}}, 0x40)
writev(r3, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000000000)=<r6=>0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r7=>0x0, <r8=>0x0})
clock_gettime(0x0, &(0x7f0000000480))
clock_gettime(0x0, &(0x7f0000000280))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000068000000060a410400000000000000000100000708000b4000000000400004803c00018008000100636d7000300002801c00038005000100f41c295a5a6a65593d89a9057aa772a7000000000800014000000500080002"], 0xdc}, 0x1, 0x0, 0x0, 0x80}, 0x0)
timer_settime(r6, 0x1, &(0x7f0000000400)={{r7, r8+60000000}}, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(0x0, 0x0, &(0x7f00000005c0))
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000001040104000000000000000005000000050001000300000089e1dab22290f395afe04ba808717612701fc5745b0ef8215e68feec835b6231ff6ba75105b9"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8080)

976.571092ms ago: executing program 4 (id=801):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x5, [@enum={0x3, 0x1, 0x0, 0xf, 0x4, [{0xa, 0x1}]}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x77, 0x0, 0x2e, 0x1}]}, {0x0, [0x0, 0x0, 0x61]}}, 0x0, 0x41, 0x0, 0x1}, 0x28)
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, 0x0, 0x1)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/protocols\x00')
read$FUSE(r2, &(0x7f0000032680)={0x2020}, 0x2020)
pread64(r2, &(0x7f0000001240)=""/102400, 0x19000, 0x2000000000)
io_uring_enter(0xffffffffffffffff, 0x26c3, 0xdffffffb, 0x4c, 0x0, 0x0)

803.140794ms ago: executing program 2 (id=802):
unshare(0x2040400)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r3=>0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r1, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0)

307.281409ms ago: executing program 1 (id=803):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file3\x00', 0x105042, 0x0)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000000)='./file3\x00', &(0x7f00000003c0)='ocfs2\x00', 0x0, 0x0)

0s ago: executing program 0 (id=804):
socket$netlink(0x10, 0x3, 0x15)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x18000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix={0x86, 0x1d7, 0x42474752, 0x6, 0xf5, 0xffffffff, 0x3, 0xe2, 0x0, 0x7, 0x2, 0x7}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
getdents(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)=<r5=>0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000002c0)={'\x00', 0x5e87, 0x3, 0x0, 0x8, 0x7, r5})
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r6, 0xc0105500, &(0x7f0000000000)={0x80, 0xa, 0xf, 0xd, 0x0, 0xb021, 0x0})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.134' (ED25519) to the list of known hosts.
[   66.565362][ T5822] cgroup: Unknown subsys name 'net'
[   66.698020][ T5822] cgroup: Unknown subsys name 'cpuset'
[   66.706661][ T5822] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   68.078035][ T5822] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   70.469341][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.485278][ T5835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.493265][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.501238][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.509251][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.622189][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   70.630128][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   70.638080][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   70.646507][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   70.654257][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   70.668615][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   70.676734][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   70.694782][ T5835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   70.709701][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   70.717307][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   70.726484][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   70.735727][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   70.743396][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   70.751760][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   70.759422][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   70.824876][ T5156] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   70.835423][ T5156] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   70.843303][ T5156] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   70.851541][ T5156] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   70.859787][ T5156] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.292013][ T5832] chnl_net:caif_netlink_parms(): no params data found
[   71.364155][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[   71.370700][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[   71.381158][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   71.502854][ T5839] chnl_net:caif_netlink_parms(): no params data found
[   71.670437][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.679443][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.687360][ T5832] bridge_slave_0: entered allmulticast mode
[   71.696877][ T5832] bridge_slave_0: entered promiscuous mode
[   71.717077][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   71.730831][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.738064][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.746998][ T5837] bridge_slave_0: entered allmulticast mode
[   71.753960][ T5837] bridge_slave_0: entered promiscuous mode
[   71.772514][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.779809][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.787348][ T5832] bridge_slave_1: entered allmulticast mode
[   71.794269][ T5832] bridge_slave_1: entered promiscuous mode
[   71.808470][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.815771][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.822916][ T5837] bridge_slave_1: entered allmulticast mode
[   71.830198][ T5837] bridge_slave_1: entered promiscuous mode
[   71.882826][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.890100][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.898181][ T5839] bridge_slave_0: entered allmulticast mode
[   71.905369][ T5839] bridge_slave_0: entered promiscuous mode
[   71.923093][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   71.963249][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.970901][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.978130][ T5839] bridge_slave_1: entered allmulticast mode
[   71.985848][ T5839] bridge_slave_1: entered promiscuous mode
[   71.996197][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.008568][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.038312][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.090602][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.127708][ T5832] team0: Port device team_slave_0 added
[   72.164889][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.176006][ T5832] team0: Port device team_slave_1 added
[   72.220945][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.259669][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.266916][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.274053][ T5842] bridge_slave_0: entered allmulticast mode
[   72.282984][ T5842] bridge_slave_0: entered promiscuous mode
[   72.292811][ T5837] team0: Port device team_slave_0 added
[   72.312395][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.321579][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.348347][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.388839][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.396045][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.403216][ T5842] bridge_slave_1: entered allmulticast mode
[   72.411091][ T5842] bridge_slave_1: entered promiscuous mode
[   72.420012][ T5837] team0: Port device team_slave_1 added
[   72.440451][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.447769][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.474534][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.489405][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.496758][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.503922][ T5846] bridge_slave_0: entered allmulticast mode
[   72.510989][ T5846] bridge_slave_0: entered promiscuous mode
[   72.546458][ T5839] team0: Port device team_slave_0 added
[   72.555357][ T5835] Bluetooth: hci0: command tx timeout
[   72.562885][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.570919][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.578749][ T5846] bridge_slave_1: entered allmulticast mode
[   72.586572][ T5846] bridge_slave_1: entered promiscuous mode
[   72.616482][ T5839] team0: Port device team_slave_1 added
[   72.622985][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.630526][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.656730][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.696155][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.719660][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.727098][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.753143][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.792562][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.795414][ T5156] Bluetooth: hci1: command tx timeout
[   72.807283][ T5835] Bluetooth: hci2: command tx timeout
[   72.840730][ T5832] hsr_slave_0: entered promiscuous mode
[   72.847184][ T5832] hsr_slave_1: entered promiscuous mode
[   72.856783][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.870087][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.885132][ T5156] Bluetooth: hci3: command tx timeout
[   72.899684][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.906705][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.932671][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.945354][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.952321][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.978402][ T5156] Bluetooth: hci4: command tx timeout
[   72.979048][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.026212][ T5842] team0: Port device team_slave_0 added
[   73.082447][ T5842] team0: Port device team_slave_1 added
[   73.103896][ T5837] hsr_slave_0: entered promiscuous mode
[   73.110782][ T5837] hsr_slave_1: entered promiscuous mode
[   73.117304][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.125579][ T5837] Cannot create hsr debugfs directory
[   73.134210][ T5846] team0: Port device team_slave_0 added
[   73.143312][ T5846] team0: Port device team_slave_1 added
[   73.251879][ T5839] hsr_slave_0: entered promiscuous mode
[   73.258474][ T5839] hsr_slave_1: entered promiscuous mode
[   73.264496][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.272866][ T5839] Cannot create hsr debugfs directory
[   73.312814][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.320194][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.346620][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.358733][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.365990][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.392089][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.430196][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.437277][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.463447][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.508924][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.517774][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.544031][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.693017][ T5842] hsr_slave_0: entered promiscuous mode
[   73.699719][ T5842] hsr_slave_1: entered promiscuous mode
[   73.706490][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.714083][ T5842] Cannot create hsr debugfs directory
[   73.817792][ T5846] hsr_slave_0: entered promiscuous mode
[   73.826183][ T5846] hsr_slave_1: entered promiscuous mode
[   73.832235][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.840285][ T5846] Cannot create hsr debugfs directory
[   74.056891][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   74.070914][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   74.122146][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   74.160027][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   74.249488][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   74.262888][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   74.274189][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   74.285947][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   74.407638][ T5837] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   74.427173][ T5837] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   74.440652][ T5837] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   74.470132][ T5837] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   74.560942][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.568107][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   74.582374][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   74.607416][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   74.622390][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   74.645003][ T5156] Bluetooth: hci0: command tx timeout
[   74.660864][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[   74.713711][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.721085][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.754165][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.791850][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.798988][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.819347][ T5846] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   74.830121][ T5846] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   74.843452][ T5846] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   74.855645][ T5846] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.875446][ T5156] Bluetooth: hci1: command tx timeout
[   74.880875][ T5156] Bluetooth: hci2: command tx timeout
[   74.915822][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   74.960252][ T4856] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.967448][ T4856] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.975223][ T5156] Bluetooth: hci3: command tx timeout
[   75.005490][ T5832] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   75.016717][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   75.035006][ T5156] Bluetooth: hci4: command tx timeout
[   75.080798][ T4856] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.088028][ T4856] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.171788][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.244238][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.283565][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   75.299116][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   75.319843][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.327034][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.337360][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.344475][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.389729][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.396910][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.441736][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.461982][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.469216][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.489201][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.573354][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   75.616205][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.623391][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.691287][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.698485][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.725281][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.878527][ T5832] veth0_vlan: entered promiscuous mode
[   75.939535][ T5832] veth1_vlan: entered promiscuous mode
[   75.970255][ T5839] veth0_vlan: entered promiscuous mode
[   75.998099][ T5839] veth1_vlan: entered promiscuous mode
[   76.120789][ T5832] veth0_macvtap: entered promiscuous mode
[   76.143928][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.161246][ T5832] veth1_macvtap: entered promiscuous mode
[   76.177174][ T5839] veth0_macvtap: entered promiscuous mode
[   76.211308][ T5839] veth1_macvtap: entered promiscuous mode
[   76.230982][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.291183][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.339122][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.354545][ T5842] veth0_vlan: entered promiscuous mode
[   76.376116][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.405973][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.416871][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.439315][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.448347][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.457883][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.480604][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.512327][ T5842] veth1_vlan: entered promiscuous mode
[   76.524526][ T5832] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.534685][ T5832] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.543383][ T5832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.552379][ T5832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.716712][ T5156] Bluetooth: hci0: command tx timeout
[   76.751983][ T5846] veth0_vlan: entered promiscuous mode
[   76.752438][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.765930][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.770787][ T5842] veth0_macvtap: entered promiscuous mode
[   76.819291][ T5842] veth1_macvtap: entered promiscuous mode
[   76.841504][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.841635][ T5846] veth1_vlan: entered promiscuous mode
[   76.851184][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.902701][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.911944][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.954892][ T5156] Bluetooth: hci2: command tx timeout
[   76.956330][ T5835] Bluetooth: hci1: command tx timeout
[   76.976011][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.987040][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.001724][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.012206][ T5837] veth0_vlan: entered promiscuous mode
[   77.029231][ T5837] veth1_vlan: entered promiscuous mode
[   77.044165][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.051648][ T5835] Bluetooth: hci3: command tx timeout
[   77.086770][ T5842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.092425][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   77.102587][ T5842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.119857][ T5835] Bluetooth: hci4: command tx timeout
[   77.130178][ T5842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.138995][ T5842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.198541][ T5846] veth0_macvtap: entered promiscuous mode
[   77.236672][ T5837] veth0_macvtap: entered promiscuous mode
[   77.261952][ T5837] veth1_macvtap: entered promiscuous mode
[   77.275090][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.294951][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.303554][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.312159][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.320692][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.329588][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.522145][ T5846] veth1_macvtap: entered promiscuous mode
[   78.131692][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.188064][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   78.227907][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.262555][ T5846] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.298255][ T5846] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.315148][ T5846] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.316571][ T5948] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6'.
[   78.333582][ T5846] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.479098][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.520539][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.546510][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.564577][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.611904][ T5837] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.622269][ T5837] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.640915][ T5837] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.649815][ T5837] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.702578][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.714907][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.795227][ T5835] Bluetooth: hci0: command tx timeout
[   78.821494][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.845307][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.034908][ T5835] Bluetooth: hci1: command tx timeout
[   79.040369][ T5835] Bluetooth: hci2: command tx timeout
[   79.058728][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.079166][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.097512][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.108315][ T5957] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   79.115606][ T5835] Bluetooth: hci3: command tx timeout
[   79.194881][ T5835] Bluetooth: hci4: command tx timeout
[   79.320994][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.867786][ T5965] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.962301][ T5965] netlink: 36 bytes leftover after parsing attributes in process `syz.1.10'.
[   80.022061][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.061301][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.335298][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   80.344729][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   80.604336][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   80.754231][ T5981] syz.3.13: attempt to access beyond end of device
[   80.754231][ T5981] nbd3: rw=0, sector=64, nr_sectors = 1 limit=0
[   80.795201][ T5981] syz.3.13: attempt to access beyond end of device
[   80.795201][ T5981] nbd3: rw=0, sector=256, nr_sectors = 1 limit=0
[   80.868283][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   82.050337][ T5983] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   82.320091][ T5981] syz.3.13: attempt to access beyond end of device
[   82.320091][ T5981] nbd3: rw=0, sector=512, nr_sectors = 1 limit=0
[   82.684618][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   82.869057][ T5981] syz.3.13: attempt to access beyond end of device
[   82.869057][ T5981] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0
[   82.997173][ T5981] syz.3.13: attempt to access beyond end of device
[   82.997173][ T5981] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0
[   83.145579][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   83.234992][ T5981] syz.3.13: attempt to access beyond end of device
[   83.234992][ T5981] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0
[   83.271130][ T6001] vivid-003: disconnect
[   83.313334][ T6000] vivid-003: reconnect
[   83.375298][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   83.435148][ T5981] syz.3.13: attempt to access beyond end of device
[   83.435148][ T5981] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0
[   83.553258][ T5981] syz.3.13: attempt to access beyond end of device
[   83.553258][ T5981] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0
[   83.680364][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   84.095645][ T5981] syz.3.13: attempt to access beyond end of device
[   84.095645][ T5981] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0
[   84.172890][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   84.268155][ T5981] syz.3.13: attempt to access beyond end of device
[   84.268155][ T5981] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[   84.288182][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   84.328238][ T5981] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   84.360290][ T5981] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[   85.009603][   T30] audit: type=1800 audit(1751960810.722:2): pid=6022 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.25" name="bus" dev="overlay" ino=42 res=0 errno=0
[   87.132266][  T978] cfg80211: failed to load regulatory.db
[   87.379168][ T6032] capability: warning: `syz.1.27' uses deprecated v2 capabilities in a way that may be insecure
[   87.642630][ T6033] netlink: 256 bytes leftover after parsing attributes in process `syz.2.18'.
[   87.651860][ T6033] netlink: 72 bytes leftover after parsing attributes in process `syz.2.18'.
[   89.333109][ T6049] netlink: 'syz.1.31': attribute type 1 has an invalid length.
[   92.968021][ T6083] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   93.153035][ T6083] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   93.250388][ T6083] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   93.567180][ T6083] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[   93.799680][ T6089] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   93.906233][ T6089] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   94.036392][ T6089] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   94.044180][ T6089] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[   97.585259][  T981] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   97.773496][  T981] usb 4-1: config 0 has an invalid interface number: 238 but max is 0
[   97.882793][  T981] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   98.247573][  T981] usb 4-1: config 0 has no interface number 0
[   98.284954][  T981] usb 4-1: config 0 interface 238 altsetting 2 endpoint 0x3 has invalid maxpacket 512, setting to 64
[   98.320841][  T981] usb 4-1: config 0 interface 238 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   98.475894][  T981] usb 4-1: config 0 interface 238 has no altsetting 0
[   98.497904][  T981] usb 4-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=44.ca
[   98.513198][  T981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.075257][  T981] usb 4-1: Product: syz
[   99.079461][  T981] usb 4-1: Manufacturer: syz
[   99.085412][  T981] usb 4-1: SerialNumber: syz
[   99.129915][  T981] usb 4-1: config 0 descriptor??
[   99.361937][  T981] usb 4-1: can't set config #0, error -71
[   99.640584][  T981] usb 4-1: USB disconnect, device number 2
[  101.382877][ T6173] netlink: 12 bytes leftover after parsing attributes in process `syz.3.69'.
[  101.935659][ T6174] evm: overlay not supported
[  102.072082][ T6177] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  104.881004][ T6207] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  106.340720][ T6213] ALSA: mixer_oss: invalid OSS volume ''
[  107.786372][ T6247] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  108.435922][   T30] audit: type=1800 audit(1751960834.622:3): pid=6249 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.96" name="bus" dev="tmpfs" ino=124 res=0 errno=0
[  108.605153][ T6256] syzkaller0: tun_chr_ioctl cmd 1074025672
[  108.611221][ T6256] syzkaller0: ignored: set checksum disabled
[  108.913138][ T6263] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  109.211961][   T43] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  109.530828][   T43] usb 4-1: config 8 has an invalid interface number: 139 but max is 1
[  109.541678][   T43] usb 4-1: config 8 has no interface number 1
[  109.550186][   T43] usb 4-1: config 8 interface 139 has no altsetting 0
[  109.561934][   T43] usb 4-1: config 8 interface 0 has no altsetting 0
[  109.689236][   T43] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0004, bcdDevice=1b.34
[  109.800040][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.830471][   T43] usb 4-1: Product: syz
[  109.876668][   T43] usb 4-1: Manufacturer: syz
[  109.894797][   T43] usb 4-1: SerialNumber: syz
[  110.226944][   T43] ati_remote 4-1:8.139: ati_remote_probe: Unexpected endpoint_in
[  110.346776][   T43] ati_remote 4-1:8.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  110.457482][   T43] usb 4-1: USB disconnect, device number 3
[  113.548325][ T6301] ubi31: attaching mtd0
[  113.564047][ T6301] ubi31: scanning is finished
[  113.568912][ T6301] ubi31: empty MTD device detected
[  114.142628][ T6301] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  114.465423][ T6309] syzkaller0: tun_chr_ioctl cmd 1074025672
[  114.471276][ T6309] syzkaller0: ignored: set checksum disabled
[  114.515206][   T43] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  114.701625][   T43] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  114.718938][   T43] usb 3-1: config 0 has no interface number 0
[  114.738330][   T43] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  114.753439][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.763585][   T43] usb 3-1: Product: syz
[  114.767987][   T43] usb 3-1: Manufacturer: syz
[  114.772757][   T43] usb 3-1: SerialNumber: syz
[  114.791538][   T43] usb 3-1: config 0 descriptor??
[  115.144200][ T5906] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  115.190501][   T43] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  115.249350][   T43] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  115.308487][   T43] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  115.328955][ T5906] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  115.789704][   T43] usb 3-1: media controller created
[  115.818576][ T5906] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.890267][ T5906] usb 2-1: config 0 descriptor??
[  116.052226][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  116.404451][   T43] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  116.504710][ T6326] warning: `syz.1.116' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  117.203502][   T43] usb 3-1: USB disconnect, device number 2
[  117.304929][ T6331] Illegal XDP return value 4294967262 on prog  (id 17) dev N/A, expect packet loss!
[  118.349539][ T5906] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  118.376110][ T5906] [drm:udl_init] *ERROR* Selecting channel failed
[  118.405487][ T5906] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  118.412231][ T5906] [drm] Initialized udl on minor 2
[  118.804915][  T981] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  118.851413][ T5906] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  118.969009][ T5906] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  118.992631][ T5840] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  119.001341][ T5906] usb 2-1: USB disconnect, device number 2
[  119.024194][ T5840] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  119.266396][ T6349] usb usb8: usbfs: process 6349 (syz.1.125) did not claim interface 0 before use
[  119.776705][  T981] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  119.910346][  T981] usb 1-1: config 0 has no interface number 0
[  119.921031][  T981] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  119.948592][  T981] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.958230][  T981] usb 1-1: Product: syz
[  119.962508][  T981] usb 1-1: Manufacturer: syz
[  119.967621][  T981] usb 1-1: SerialNumber: syz
[  119.975506][  T981] usb 1-1: config 0 descriptor??
[  120.874883][  T981] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  121.082167][  T981] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  121.107927][  T981] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  121.116913][  T981] usb 1-1: media controller created
[  121.134907][  T981] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  121.242264][    T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  121.254935][ T5906] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  121.277965][  T981] i2c i2c-1: ec100: i2c rd failed=-32 reg=33
[  121.385965][  T981] usb 1-1: USB disconnect, device number 2
[  121.428934][    T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  121.442748][    T9] usb 4-1: config 0 has no interface number 0
[  121.454152][    T9] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  121.498614][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.557377][    T9] usb 4-1: Product: syz
[  121.561870][    T9] usb 4-1: Manufacturer: syz
[  121.567144][ T5906] usb 2-1: Using ep0 maxpacket: 16
[  121.568621][    T9] usb 4-1: SerialNumber: syz
[  121.584007][    T9] usb 4-1: config 0 descriptor??
[  121.653959][ T6377] Cannot find add_set index 0 as target
[  121.703323][ T5906] usb 2-1: unable to get BOS descriptor or descriptor too short
[  121.837922][ T5906] usb 2-1: config 8 has an invalid interface number: 48 but max is 0
[  122.007554][ T5906] usb 2-1: config 8 has no interface number 0
[  122.098622][ T5906] usb 2-1: too many endpoints for config 8 interface 48 altsetting 120: 102, using maximum allowed: 30
[  122.136835][ T5906] usb 2-1: config 8 interface 48 altsetting 120 has 0 endpoint descriptors, different from the interface descriptor's value: 102
[  122.150799][ T5906] usb 2-1: config 8 interface 48 has no altsetting 0
[  122.161350][ T5906] usb 2-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice=ab.34
[  122.171116][ T5906] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.254839][ T5840] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  122.325398][ T6379] netlink: 12 bytes leftover after parsing attributes in process `syz.2.135'.
[  122.362702][    T9] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  122.456950][    T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  122.503159][    T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  122.530084][    T9] usb 4-1: media controller created
[  122.858213][ T5906] usb 2-1: Product: syz
[  122.988837][ T5906] usb 2-1: Manufacturer: syz
[  122.994086][ T5906] usb 2-1: SerialNumber: syz
[  123.010242][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  123.114939][ T5840] usb 5-1: device descriptor read/64, error -71
[  123.278352][ T5906] usb 2-1: can't set config #8, error -71
[  123.603546][ T5906] usb 2-1: USB disconnect, device number 3
[  123.763065][ T5840] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  123.945160][    T9] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  124.061244][    T9] usb 4-1: USB disconnect, device number 4
[  124.095634][ T5840] usb 5-1: device descriptor read/64, error -71
[  124.253956][ T5840] usb usb5-port1: attempt power cycle
[  124.415352][ T6404] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  124.442688][ T6404] CIFS mount error: No usable UNC path provided in device string!
[  124.442688][ T6404] 
[  124.453795][ T6404] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  125.969806][ T6421] syz.3.148 uses obsolete (PF_INET,SOCK_PACKET)
[  127.314750][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  127.516858][    T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  127.933548][    T9] usb 4-1: config 0 has no interface number 0
[  127.954904][ T6440] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  127.982796][    T9] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  128.015572][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.023702][    T9] usb 4-1: Product: syz
[  128.051616][    T9] usb 4-1: Manufacturer: syz
[  128.202148][    T9] usb 4-1: SerialNumber: syz
[  128.208956][    T9] usb 4-1: config 0 descriptor??
[  128.789080][    T9] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  128.984489][    T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  128.994881][ T6427] usb 4-1: dvb_usb_ec168: I2C read not implemented
[  129.006803][    T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  129.017246][    T9] usb 4-1: media controller created
[  129.393690][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  130.147341][    T9] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  132.716303][    T9] usb 4-1: USB disconnect, device number 5
[  132.798152][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  132.818617][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  133.632759][ T6463] syzkaller0: entered promiscuous mode
[  133.638402][ T6463] syzkaller0: entered allmulticast mode
[  134.345967][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  134.512339][ T6488] 9pnet_fd: Insufficient options for proto=fd
[  134.533985][ T6489] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  134.704911][    T9] usb 4-1: Using ep0 maxpacket: 8
[  134.722968][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  134.732928][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  134.743923][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  134.757996][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.844721][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.862496][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.058133][ T6498] comedi comedi0: Minor 14 could not be opened
[  135.196581][    T9] usb 4-1: GET_CAPABILITIES returned 0
[  135.207270][    T9] usbtmc 4-1:16.0: can't read capabilities
[  135.445586][    T9] usb 4-1: USB disconnect, device number 6
[  136.838120][ T5906] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  136.868191][ T6511] netlink: 'syz.1.174': attribute type 10 has an invalid length.
[  137.083843][ T5906] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  137.123134][ T5906] usb 4-1: config 0 has no interface number 0
[  137.197809][ T5906] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  137.247051][ T5906] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.295485][ T5906] usb 4-1: Product: syz
[  137.328385][ T5906] usb 4-1: Manufacturer: syz
[  137.354524][ T5906] usb 4-1: SerialNumber: syz
[  137.459637][ T5906] usb 4-1: config 0 descriptor??
[  137.751213][ T5906] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  137.767569][ T5906] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  137.778139][ T5906] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  137.787487][ T5906] usb 4-1: media controller created
[  137.810604][ T5906] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  138.388691][ T6511] team0: Device hsr_slave_0 failed to register rx_handler
[  138.927665][ T5906] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  138.963472][   T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  139.820934][ T5906] usb 4-1: USB disconnect, device number 7
[  139.846352][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.865980][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  139.872756][   T10] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  139.883574][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.939390][   T10] usb 1-1: config 0 descriptor??
[  140.443756][ T6537] bio_check_eod: 2 callbacks suppressed
[  140.443794][ T6537] syz.4.181: attempt to access beyond end of device
[  140.443794][ T6537] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0
[  140.463073][ T6537] gfs2: error -5 reading superblock
[  140.888054][   T10] input: HID 054c:03d5 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:054C:03D5.0001/input/input5
[  141.063085][   T10] sony 0003:054C:03D5.0001: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.0-1/input0
[  141.073491][ T6536] input: syz1 as /devices/virtual/input/input6
[  141.146447][   T10] usb 1-1: USB disconnect, device number 3
[  141.478672][ T6544] fido_id[6544]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  142.269466][ T6552] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  142.323063][ T6559] netlink: 'syz.0.187': attribute type 10 has an invalid length.
[  142.674935][ T6559] team0: Device hsr_slave_0 failed to register rx_handler
[  142.688513][ T6552] kvm: requested 163428 ns i8254 timer period limited to 200000 ns
[  142.697002][ T6552] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  142.722540][ T6552] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  142.733090][ T6552] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  142.745353][ T6552] kvm: requested 93028 ns i8254 timer period limited to 200000 ns
[  142.755440][ T6552] kvm: requested 7542 ns i8254 timer period limited to 200000 ns
[  142.768292][ T6552] kvm: requested 10057 ns i8254 timer period limited to 200000 ns
[  142.779711][ T6552] kvm: requested 155047 ns i8254 timer period limited to 200000 ns
[  142.789349][ T6552] kvm: requested 160914 ns i8254 timer period limited to 200000 ns
[  144.687010][ T6580] hub 6-0:1.0: USB hub found
[  144.694690][ T6580] hub 6-0:1.0: 1 port detected
[  145.213289][  T981] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  146.236991][  T981] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  146.326107][ T6594] process 'syz.4.196' launched '/dev/fd/6' with NULL argv: empty string added
[  146.372670][  T981] usb 4-1: config 0 has no interface number 0
[  146.837023][  T981] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  146.869914][  T981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.904592][  T981] usb 4-1: config 0 descriptor??
[  146.913494][    T9] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  146.924450][  T981] usb 4-1: can't set config #0, error -71
[  147.034770][  T981] usb 4-1: USB disconnect, device number 8
[  147.880036][ T6608] netlink: 'syz.0.201': attribute type 10 has an invalid length.
[  147.910003][ T6608] team0: Device hsr_slave_0 failed to register rx_handler
[  149.642650][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  149.650760][ T6604] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  149.658084][    T9] usb 5-1: no configurations
[  149.662928][    T9] usb 5-1: can't read configurations, error -22
[  149.675166][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[  149.705828][ T6604] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  149.906282][ T6604] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  149.946191][ T6604] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  149.966405][ T6604] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  149.998880][ T6604] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  150.017098][ T6604] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  150.023374][ T6604] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  150.040984][ T6604] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  150.200964][ T6604] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  150.208111][ T6604] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  150.218993][ T6604] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  150.243696][ T6604] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  150.335674][ T6629] hub 9-0:1.0: USB hub found
[  150.342905][ T6629] hub 9-0:1.0: 1 port detected
[  150.384767][ T6629] x_tables: ip_tables: osf match: only valid for protocol 6
[  151.254588][ T6604] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  151.388832][ T6604] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  151.735900][ T6638] x_tables: duplicate underflow at hook 3
[  151.766909][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[  151.895014][ T5840] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  151.977407][   T10] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  152.024818][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[  152.075636][ T5156] Bluetooth: hci2: command 0x0c1a tx timeout
[  152.234736][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout
[  152.236329][   T10] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  152.251029][   T10] usb 4-1: config 0 has no interface number 0
[  152.265503][   T10] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  152.274834][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.354891][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout
[  152.404476][ T5840] usb 1-1: Using ep0 maxpacket: 8
[  152.414886][   T10] usb 4-1: Product: syz
[  152.423376][   T10] usb 4-1: Manufacturer: syz
[  152.433397][   T10] usb 4-1: SerialNumber: syz
[  152.446423][   T10] usb 4-1: config 0 descriptor??
[  152.677974][ T5840] usb 1-1: config index 0 descriptor too short (expected 28277, got 36)
[  153.015646][ T5840] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  153.029168][ T5840] usb 1-1: config 0 has no interfaces?
[  153.035706][ T5840] usb 1-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  153.047896][ T5840] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.065447][ T5840] usb 1-1: config 0 descriptor??
[  153.123765][   T10] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  153.138775][   T10] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  153.250982][  T981] usb 1-1: USB disconnect, device number 4
[  153.290635][   T10] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  153.310921][   T10] usb 4-1: media controller created
[  153.398163][ T6655] netlink: 'syz.2.213': attribute type 10 has an invalid length.
[  153.424915][ T6655] team0: Device hsr_slave_0 failed to register rx_handler
[  153.442141][ T6650] syz.4.212: attempt to access beyond end of device
[  153.442141][ T6650] nbd4: rw=0, sector=64, nr_sectors = 1 limit=0
[  153.459968][ T6650] syz.4.212: attempt to access beyond end of device
[  153.459968][ T6650] nbd4: rw=0, sector=256, nr_sectors = 1 limit=0
[  153.524064][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  153.834762][ T5156] Bluetooth: hci0: command 0x0c1a tx timeout
[  153.859127][ T6650] syz.4.212: attempt to access beyond end of device
[  153.859127][ T6650] nbd4: rw=0, sector=512, nr_sectors = 1 limit=0
[  154.032899][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  154.165280][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[  154.171382][ T5156] Bluetooth: hci1: command 0x0c1a tx timeout
[  154.193947][ T6655] syz.2.213 (6655) used greatest stack depth: 20008 bytes left
[  154.218124][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  154.240046][ T6650] syz.4.212: attempt to access beyond end of device
[  154.240046][ T6650] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0
[  154.280195][ T6650] syz.4.212: attempt to access beyond end of device
[  154.280195][ T6650] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0
[  154.293578][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  154.305260][ T6650] syz.4.212: attempt to access beyond end of device
[  154.305260][ T6650] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  154.394472][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.395410][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout
[  154.991789][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  155.008631][   T10] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  155.043631][ T6650] syz.4.212: attempt to access beyond end of device
[  155.043631][ T6650] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0
[  155.124916][ T6650] syz.4.212: attempt to access beyond end of device
[  155.124916][ T6650] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  155.141313][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  155.155362][ T6650] syz.4.212: attempt to access beyond end of device
[  155.155362][ T6650] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  155.275052][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  155.303725][ T6650] syz.4.212: attempt to access beyond end of device
[  155.303725][ T6650] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  155.317985][   T10] usb 4-1: USB disconnect, device number 9
[  156.301005][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[  156.307132][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[  156.325377][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  156.982737][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout
[  156.989454][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout
[  157.037298][ T6650] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  157.137492][ T5835] Bluetooth: hci0: unexpected event for opcode 0x0413
[  157.185098][ T6650] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  157.870825][ T6700] Device name cannot be null; rc = [-22]
[  158.773840][ T6691] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.795123][  T981] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  158.970842][ T6710] netlink: 'syz.0.229': attribute type 10 has an invalid length.
[  159.004323][ T6691] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.018700][ T6710] team0: Device hsr_slave_0 failed to register rx_handler
[  159.067983][  T981] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[  159.147019][ T6691] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.668738][  T981] usb 2-1: config 0 has no interface number 0
[  159.675208][  T981] usb 2-1: config 0 interface 29 has no altsetting 0
[  159.686549][  T981] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=79.ac
[  159.695820][  T981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.703825][  T981] usb 2-1: Product: syz
[  159.708126][  T981] usb 2-1: Manufacturer: syz
[  159.712728][  T981] usb 2-1: SerialNumber: syz
[  159.756610][  T981] usb 2-1: config 0 descriptor??
[  159.884419][ T6691] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.976832][  T981] peak_usb 2-1:0.29 can0: unable to request usb[type=0 value=1] err=-32
[  159.999044][ T6714] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6tnl0, syncid = 3, id = 0
[  160.028076][ T6691] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.043116][ T6691] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.057341][ T6691] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.072499][ T6691] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.123605][  T981] peak_usb 2-1:0.29: unable to read PCAN-USB X6 firmware info (err -32)
[  161.431155][ T6723] block device autoloading is deprecated and will be removed.
[  161.501416][ T5156] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  161.509903][ T5156] Bluetooth: hci0: Injecting HCI hardware error event
[  161.517883][ T5156] Bluetooth: hci0: hardware error 0x00
[  161.566518][  T981] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -32
[  161.598984][ T6727] netlink: 12 bytes leftover after parsing attributes in process `syz.0.234'.
[  162.945356][  T978] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  163.114499][ T5986] usb 2-1: USB disconnect, device number 4
[  163.124939][  T978] usb 3-1: Using ep0 maxpacket: 32
[  163.160090][  T978] usb 3-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[  163.181399][  T978] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.241925][  T978] usb 3-1: config 0 descriptor??
[  163.345646][ T6750] netlink: 'syz.1.242': attribute type 10 has an invalid length.
[  163.362991][ T6750] team0: Device hsr_slave_0 failed to register rx_handler
[  163.605037][ T5156] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  164.253080][  T978] lenovo 0003:17EF:6067.0002: unknown main item tag 0x0
[  164.450210][  T978] lenovo 0003:17EF:6067.0002: item fetching failed at offset 3/5
[  164.517640][  T978] lenovo 0003:17EF:6067.0002: hid_parse failed
[  164.561870][  T978] lenovo 0003:17EF:6067.0002: probe with driver lenovo failed with error -22
[  164.626481][  T978] usb 3-1: USB disconnect, device number 3
[  165.374518][ T6763] netlink: 12 bytes leftover after parsing attributes in process `syz.3.247'.
[  165.564305][ T6767] 9pnet_fd: Insufficient options for proto=fd
[  166.167788][ T6783] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  166.672438][ T6785] hub 9-0:1.0: USB hub found
[  166.681946][ T6785] hub 9-0:1.0: 1 port detected
[  168.090493][ T6809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.260'.
[  168.992251][ T6816] 9pnet_fd: Insufficient options for proto=fd
[  170.091097][ T6833] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  171.063056][ T5986] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  171.564707][ T5986] usb 5-1: Using ep0 maxpacket: 32
[  171.572559][ T5986] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  171.582841][ T5986] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  171.603420][ T5986] usb 5-1: config 1 has no interface number 1
[  171.610295][ T5986] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  171.622711][ T5986] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  171.639269][ T5986] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.669922][ T5986] usb 5-1: Product: syz
[  171.674217][ T5986] usb 5-1: Manufacturer: syz
[  171.684806][ T5986] usb 5-1: SerialNumber: syz
[  173.441728][ T6860] netlink: 'syz.0.279': attribute type 4 has an invalid length.
[  173.970089][ T5986] usb 5-1: USB disconnect, device number 7
[  174.271240][ T5833] udevd[5833]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  176.113992][ T6895] netlink: zone id is out of range
[  176.119721][ T6895] netlink: zone id is out of range
[  176.129521][ T6895] netlink: del zone limit has 4 unknown bytes
[  178.354869][  T978] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  178.614785][  T978] usb 5-1: Using ep0 maxpacket: 16
[  178.639761][  T978] usb 5-1: config 0 has an invalid interface number: 107 but max is 0
[  178.676061][  T978] usb 5-1: config 0 has no interface number 0
[  178.682243][  T978] usb 5-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  178.712714][  T978] usb 5-1: config 0 interface 107 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  178.730682][  T978] usb 5-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  178.740862][  T978] usb 5-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  178.781745][  T978] usb 5-1: Product: syz
[  178.788377][  T978] usb 5-1: Manufacturer: syz
[  178.803255][  T978] usb 5-1: SerialNumber: syz
[  178.829240][  T978] usb 5-1: config 0 descriptor??
[  179.322710][ T6927] dummy0: entered promiscuous mode
[  179.384519][ T6927] bond0: entered promiscuous mode
[  179.433376][ T6927] bond_slave_0: entered promiscuous mode
[  179.743152][ T6927] bond_slave_1: entered promiscuous mode
[  179.756660][ T6927] hsr1: entered allmulticast mode
[  179.761742][ T6927] dummy0: entered allmulticast mode
[  179.770329][ T6927] bond0: entered allmulticast mode
[  179.776500][ T6927] bond_slave_0: entered allmulticast mode
[  179.782338][ T6927] bond_slave_1: entered allmulticast mode
[  179.864102][  T978] keyspan 5-1:0.107: Keyspan 4 port adapter converter detected
[  179.874902][  T978] keyspan 5-1:0.107: found no endpoint descriptor for endpoint 81
[  179.885171][  T978] keyspan 5-1:0.107: found no endpoint descriptor for endpoint 1
[  180.007993][  T978] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  180.233549][  T978] keyspan 5-1:0.107: found no endpoint descriptor for endpoint 2
[  180.518411][  T978] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  180.749921][  T978] keyspan 5-1:0.107: found no endpoint descriptor for endpoint 4
[  181.052894][  T978] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  181.578818][  T978] keyspan 5-1:0.107: found no endpoint descriptor for endpoint 6
[  181.605025][  T978] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  181.630004][  T978] usb 5-1: USB disconnect, device number 8
[  181.670302][  T978] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  182.170718][  T978] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  182.186582][  T978] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  182.205076][  T978] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  182.218743][  T978] keyspan 5-1:0.107: device disconnected
[  183.344721][  T978] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  184.044716][  T978] usb 5-1: Using ep0 maxpacket: 32
[  184.055579][  T978] usb 5-1: config 56 has an invalid interface number: 238 but max is 0
[  184.064921][  T978] usb 5-1: config 56 has no interface number 0
[  184.072227][  T978] usb 5-1: config 56 interface 238 altsetting 6 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  184.085105][  T978] usb 5-1: config 56 interface 238 has no altsetting 0
[  184.489996][  T978] usb 5-1: New USB device found, idVendor=1630, idProduct=0042, bcdDevice=55.75
[  184.581137][  T978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.665959][  T978] usb 5-1: Product: syz
[  184.711177][  T978] usb 5-1: Manufacturer: syz
[  184.761370][  T978] usb 5-1: SerialNumber: syz
[  185.194987][ T5847] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  185.271825][  T978] rndis_host 5-1:56.238: invalid descriptor buffer length
[  185.282253][  T978] usb 5-1: bad CDC descriptors
[  185.319607][  T978] usb 5-1: USB disconnect, device number 9
[  185.378115][ T5847] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  185.410641][ T5847] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  185.449196][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.473927][ T5847] usb 2-1: config 0 descriptor??
[  185.489385][ T5847] pwc: Askey VC010 type 2 USB webcam detected.
[  185.648622][ T6996] Zero length message leads to an empty skb
[  186.105963][ T5847] pwc: recv_control_msg error -32 req 02 val 2b00
[  186.378180][ T5847] pwc: recv_control_msg error -71 req 02 val 2c00
[  186.452370][ T5847] pwc: recv_control_msg error -71 req 04 val 1000
[  186.506220][ T5847] pwc: recv_control_msg error -71 req 04 val 1300
[  186.546112][ T5847] pwc: recv_control_msg error -71 req 04 val 1400
[  186.614905][ T5847] pwc: recv_control_msg error -71 req 02 val 2000
[  187.443682][ T5847] pwc: recv_control_msg error -71 req 02 val 2100
[  187.505343][ T5847] pwc: recv_control_msg error -71 req 04 val 1500
[  187.798593][ T5847] pwc: recv_control_msg error -71 req 02 val 2500
[  187.912144][ T5847] pwc: recv_control_msg error -71 req 02 val 2400
[  188.084723][ T5847] pwc: recv_control_msg error -71 req 02 val 2600
[  188.341750][ T5847] pwc: recv_control_msg error -71 req 02 val 2900
[  188.376535][ T5847] pwc: recv_control_msg error -71 req 02 val 2800
[  189.544732][ T5847] pwc: recv_control_msg error -71 req 04 val 1100
[  189.600979][ T5847] pwc: recv_control_msg error -71 req 04 val 1200
[  189.684121][ T5847] pwc: Registered as video103.
[  189.746278][ T5847] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7
[  189.959503][ T5847] usb 2-1: USB disconnect, device number 5
[  190.380446][ T7024] pim6reg1: entered allmulticast mode
[  191.364028][ T7036] netlink: 'syz.3.334': attribute type 4 has an invalid length.
[  193.775802][ T5986] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  194.040506][ T7060] netlink: 'syz.2.343': attribute type 10 has an invalid length.
[  194.054335][ T7060] team0: Device hsr_slave_0 failed to register rx_handler
[  194.237913][ T5986] usb 2-1: Using ep0 maxpacket: 8
[  194.306091][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  194.478152][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.757028][ T5986] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.768104][ T5986] usb 2-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  194.785080][ T5986] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.802507][ T5986] usb 2-1: config 0 descriptor??
[  195.271126][ T5986] megaworld 0003:07B5:0312.0003: item fetching failed at offset 10/11
[  195.291089][ T5986] megaworld 0003:07B5:0312.0003: parse failed
[  195.300319][ T5986] megaworld 0003:07B5:0312.0003: probe with driver megaworld failed with error -22
[  195.965057][ T5847] usb 2-1: USB disconnect, device number 6
[  197.434211][ T7096] dummy0: entered promiscuous mode
[  197.538815][ T7096] bond0: entered promiscuous mode
[  197.554885][ T7096] bond_slave_0: entered promiscuous mode
[  197.560876][ T7096] bond_slave_1: entered promiscuous mode
[  197.570056][ T7096] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  198.162238][ T7096] Cannot create hsr debugfs directory
[  198.294967][ T7096] hsr1: entered allmulticast mode
[  198.300087][ T7096] dummy0: entered allmulticast mode
[  198.350609][ T7096] bond0: entered allmulticast mode
[  198.384927][ T7096] bond_slave_0: entered allmulticast mode
[  198.595682][ T7096] bond_slave_1: entered allmulticast mode
[  198.609024][ T7103] create_pit_timer: 18 callbacks suppressed
[  198.609036][ T7103] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  198.688108][ T7103] kvm: requested 163428 ns i8254 timer period limited to 200000 ns
[  198.696327][ T7103] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  198.923571][ T7103] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  198.955621][ T7115] 9pnet_fd: Insufficient options for proto=fd
[  198.964862][ T7103] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  199.002602][ T7103] kvm: requested 93028 ns i8254 timer period limited to 200000 ns
[  200.898908][ T7136] netlink: 'syz.3.365': attribute type 2 has an invalid length.
[  200.939854][ T7136] netlink: 4 bytes leftover after parsing attributes in process `syz.3.365'.
[  201.814966][ T7142] bio_check_eod: 2 callbacks suppressed
[  201.814985][ T7142] syz.1.367: attempt to access beyond end of device
[  201.814985][ T7142] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[  201.834960][ T7142] (syz.1.367,7142,1):ocfs2_get_sector:1714 ERROR: status = -5
[  201.862895][ T7142] (syz.1.367,7142,1):ocfs2_sb_probe:753 ERROR: status = -5
[  201.962630][ T7142] (syz.1.367,7142,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  202.045087][ T7142] (syz.1.367,7142,1):ocfs2_fill_super:1177 ERROR: status = -5
[  202.487894][ T7149] pim6reg1: entered allmulticast mode
[  203.558983][ T7151] 9pnet_fd: Insufficient options for proto=fd
[  205.407610][ T7174] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  205.487522][ T7178] netlink: 'syz.3.377': attribute type 10 has an invalid length.
[  206.300559][ T7178] team0: Device hsr_slave_0 failed to register rx_handler
[  206.604194][ T7183] CIFS: Unable to determine destination address
[  208.518483][ T7192] 9pnet_fd: Insufficient options for proto=fd
[  208.721538][ T7201] capability: warning: `syz.1.385' uses 32-bit capabilities (legacy support in use)
[  209.977467][ T7211] netlink: 'syz.3.387': attribute type 10 has an invalid length.
[  210.920191][ T7224] netlink: 'syz.0.391': attribute type 10 has an invalid length.
[  211.296551][ T7211] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  211.608606][ T7224] team0: Device hsr_slave_0 failed to register rx_handler
[  211.894520][ T7236] netlink: 4 bytes leftover after parsing attributes in process `syz.4.395'.
[  213.609639][ T7244] 8021q: adding VLAN 0 to HW filter on device batadv1
[  213.622754][ T7244] team0: Port device batadv1 added
[  214.389289][ T7271] netlink: 8 bytes leftover after parsing attributes in process `syz.0.398'.
[  215.762405][ T7280] netlink: 'syz.3.403': attribute type 10 has an invalid length.
[  216.070895][ T7280] team0: Device hsr_slave_0 failed to register rx_handler
[  218.401069][ T7299] ip6tnl1: entered promiscuous mode
[  218.494780][ T7299] ip6tnl1: entered allmulticast mode
[  218.510043][ T7299] team0: Device ip6tnl1 is of different type
[  219.025221][  T981] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  219.194829][ T5986] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  219.221133][  T981] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  219.244202][  T981] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  219.266100][  T981] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  219.291910][  T981] usb 1-1: Product: syz
[  219.345236][ T7333] syz.2.413: attempt to access beyond end of device
[  219.345236][ T7333] loop2: rw=4096, sector=2, nr_sectors = 2 limit=0
[  219.360948][ T7333] EXT4-fs (loop2): unable to read superblock
[  219.390718][  T981] usb 1-1: Manufacturer: syz
[  219.406742][ T5986] usb 4-1: Using ep0 maxpacket: 16
[  219.441976][  T981] usb 1-1: SerialNumber: syz
[  219.475199][ T5986] usb 4-1: no configurations
[  219.525803][ T5986] usb 4-1: can't read configurations, error -22
[  219.599815][  T981] usb 1-1: config 0 descriptor??
[  219.804827][ T5986] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  220.086376][ T5986] usb 4-1: Using ep0 maxpacket: 16
[  220.264370][ T5986] usb 4-1: no configurations
[  220.456928][ T5986] usb 4-1: can't read configurations, error -22
[  220.524684][ T5986] usb usb4-port1: attempt power cycle
[  220.913207][ T7350] veth1_macvtap: left promiscuous mode
[  220.987311][ T5986] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  221.000860][ T7351] veth0_vlan: entered allmulticast mode
[  221.047903][ T7351] veth0_vlan: left promiscuous mode
[  221.059844][ T7351] veth0_vlan: entered promiscuous mode
[  221.544575][ T7349] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  221.551690][ T7349] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  221.558714][ T7349] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  221.564897][ T7349] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  221.571245][ T5986] usb 4-1: Using ep0 maxpacket: 16
[  221.589728][ T5986] usb 4-1: no configurations
[  221.594367][ T5986] usb 4-1: can't read configurations, error -22
[  221.624692][  T981] usb 1-1: USB disconnect, device number 5
[  221.769324][ T5986] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  221.818445][ T5986] usb 4-1: Using ep0 maxpacket: 16
[  221.839218][ T5986] usb 4-1: no configurations
[  221.843866][ T5986] usb 4-1: can't read configurations, error -22
[  221.881537][ T5986] usb usb4-port1: unable to enumerate USB device
[  221.980534][ T7355] netdevsim netdevsim1: Direct firmware load for  failed with error -2
[  221.990207][ T7355] netdevsim netdevsim1: Falling back to sysfs fallback for: 
[  224.049605][ T5156] Bluetooth: hci1: command 0x0c1a tx timeout
[  224.057710][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout
[  224.067849][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout
[  224.078538][ T5156] Bluetooth: hci2: command 0x0c1a tx timeout
[  225.912332][ T5892] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  226.061457][ T5892] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  226.267406][ T7411] loop8: detected capacity change from 0 to 79
[  227.442890][   T30] audit: type=1326 audit(1751960953.622:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7419 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff50db8e929 code=0x7fc00000
[  227.656551][ T7435] pim6reg1: entered allmulticast mode
[  231.065701][   T30] audit: type=1326 audit(1751960957.252:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7419 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff50db2ab19 code=0x7fc00000
[  231.314838][ T7439] vlan2: entered allmulticast mode
[  236.056898][ T7486] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  239.288542][ T7493] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.079164][ T7493] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.135488][ T7508] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.451'.
[  240.329908][ T7489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.454990][ T7516] tmpfs: Bad value for 'mpol'
[  240.645250][ T7523] No control pipe specified
[  241.406063][ T7525] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  242.383484][ T7550] netlink: 'syz.0.462': attribute type 1 has an invalid length.
[  242.419132][ T7550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.462'.
[  242.587526][ T7560] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_batadv, syncid = 4, id = 0
[  242.761430][ T7565] autofs: Bad value for 'fd'
[  244.632608][ T5156] Bluetooth: hci1: ISO packet for unknown connection handle 201
[  246.999982][ T7618] autofs: Bad value for 'fd'
[  250.677029][ T7659] netlink: 12 bytes leftover after parsing attributes in process `syz.0.493'.
[  251.918532][ T7663] netlink: 'syz.0.495': attribute type 3 has an invalid length.
[  251.957841][ T7663] netlink: 185280 bytes leftover after parsing attributes in process `syz.0.495'.
[  252.638360][ T7668] input: syz1 as /devices/virtual/input/input8
[  253.695078][ T5986] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  254.127024][ T5986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  254.155075][ T5986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.271476][ T5986] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  254.294666][ T5986] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.339739][ T5986] usb 3-1: config 0 descriptor??
[  254.947728][ T5986] lua 0003:1E7D:2C2E.0005: item fetching failed at offset 4/5
[  255.085373][ T5986] lua 0003:1E7D:2C2E.0005: parse failed
[  255.173772][ T5986] lua 0003:1E7D:2C2E.0005: probe with driver lua failed with error -22
[  255.467448][ T5986] usb 3-1: USB disconnect, device number 4
[  255.679761][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  255.689206][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  257.184250][ T7707] netlink: 12 bytes leftover after parsing attributes in process `syz.1.505'.
[  257.365796][ T5906] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  257.636438][ T5906] usb 5-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice= 0.02
[  257.685487][ T5906] usb 5-1: New USB device strings: Mfr=0, Product=232, SerialNumber=255
[  257.704147][ T5906] usb 5-1: Product: syz
[  257.718199][ T5906] usb 5-1: SerialNumber: syz
[  257.740464][ T5906] usb 5-1: config 0 descriptor??
[  258.048101][ T5906] ldusb 5-1:0.0: Interrupt in endpoint not found
[  258.105396][ T5906] usb 5-1: USB disconnect, device number 10
[  260.394877][ T5156] Bluetooth: hci1: command 0x0c1a tx timeout
[  260.402474][ T7721] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  260.810830][ T7721] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  260.934684][ T7721] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  260.935339][ T7721] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  261.343858][ T7750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.517'.
[  262.170968][ T5156] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  262.484960][ T5156] Bluetooth: hci2: command 0x0c1a tx timeout
[  262.754702][ T5986] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  262.925012][ T5986] usb 3-1: Using ep0 maxpacket: 16
[  262.942579][ T5986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.963906][   T30] audit: type=1326 audit(1751960989.112:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f220ab8e929 code=0x7ffc0000
[  263.003667][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout
[  263.009905][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout
[  263.027291][ T5986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.061645][   T30] audit: type=1326 audit(1751960989.112:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f220ab8e929 code=0x7ffc0000
[  263.083500][   T30] audit: type=1326 audit(1751960989.112:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f220ab8d290 code=0x7ffc0000
[  263.085822][   T10] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  263.105196][   T30] audit: type=1326 audit(1751960989.112:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f220ab90157 code=0x7ffc0000
[  263.139018][ T5986] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  263.168428][ T5986] usb 3-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  263.318767][ T5986] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.388301][   T10] usb 2-1: config 0 has an invalid interface number: 46 but max is 0
[  263.461111][   T10] usb 2-1: config 0 has no interface number 0
[  263.562867][ T5986] usb 3-1: config 0 descriptor??
[  263.610316][   T10] usb 2-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  263.617952][   T30] audit: type=1326 audit(1751960989.112:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f220ab8e929 code=0x7ffc0000
[  263.647649][   T30] audit: type=1326 audit(1751960989.112:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f220ab90157 code=0x7ffc0000
[  263.669139][   T30] audit: type=1326 audit(1751960989.112:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f220ab8d58a code=0x7ffc0000
[  263.687026][ T5986] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9
[  263.696382][   T30] audit: type=1326 audit(1751960989.112:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f220ab8e929 code=0x7ffc0000
[  263.844656][   T30] audit: type=1326 audit(1751960989.122:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f220ab8e929 code=0x7ffc0000
[  263.916058][   T10] usb 2-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01
[  263.929221][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.954794][   T30] audit: type=1326 audit(1751960989.122:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7772 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f220ab8e929 code=0x7ffc0000
[  263.957643][ T5190] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  263.991651][   T10] usb 2-1: Product: syz
[  264.015338][ T5190] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  264.015652][   T10] usb 2-1: Manufacturer: syz
[  264.032402][ T5190] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  264.052427][ T5190] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  264.188654][ T6359] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  264.213699][ T5986] usb 3-1: USB disconnect, device number 5
[  264.626031][ T5190] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -19
[  264.895905][   T10] usb 2-1: SerialNumber: syz
[  264.921012][   T10] usb 2-1: config 0 descriptor??
[  264.932181][ T7767] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  264.967732][   T10] ums-karma 2-1:0.46: USB Mass Storage device detected
[  264.972198][ T5190] pxrc 3-1:0.0: pxrc_open - usb_submit_urb failed, error: -19
[  265.267259][   T10] ums-karma 2-1:0.46: probe with driver ums-karma failed with error -5
[  265.414422][ T7798] netlink: 52 bytes leftover after parsing attributes in process `syz.0.530'.
[  265.813712][   T10] usb 2-1: USB disconnect, device number 7
[  266.459738][ T7811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.532'.
[  268.215596][ T7830] netlink: 'syz.0.536': attribute type 10 has an invalid length.
[  268.223789][ T7830] team0: Device hsr_slave_0 failed to register rx_handler
[  269.854906][ T5906] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  270.134862][ T5906] usb 4-1: Using ep0 maxpacket: 16
[  270.168018][ T5906] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  270.257505][ T5906] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  270.274789][ T5906] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.289114][ T5906] usb 4-1: Product: syz
[  270.297840][ T5906] usb 4-1: Manufacturer: syz
[  270.344399][ T5906] usb 4-1: SerialNumber: syz
[  270.391100][ T5906] usb 4-1: config 0 descriptor??
[  270.433954][ T5906] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  271.204228][ T7866] netlink: 12 bytes leftover after parsing attributes in process `syz.2.545'.
[  271.890757][ T5906] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  272.090579][ T5906] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  274.061507][ T5906] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  274.164626][ T5906] em28xx 4-1:0.0: board has no eeprom
[  274.264783][ T5906] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  274.283485][ T5906] em28xx 4-1:0.0: dvb set to bulk mode.
[  274.298645][ T5840] em28xx 4-1:0.0: Binding DVB extension
[  274.362079][ T5906] usb 4-1: USB disconnect, device number 14
[  274.463162][ T5906] em28xx 4-1:0.0: Disconnecting em28xx
[  275.075726][ T5840] em28xx 4-1:0.0: Registering input extension
[  275.106165][ T5906] em28xx 4-1:0.0: Closing input extension
[  275.274048][ T5906] em28xx 4-1:0.0: Freeing device
[  275.889297][ T7914] veth1_macvtap: left promiscuous mode
[  275.969712][ T7914] macsec0: entered promiscuous mode
[  276.787939][ T7923] 9pnet_virtio: no channels available for device 127.0.0.1
[  277.826395][ T5847] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  278.005432][   T10] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  278.014708][ T5847] usb 4-1: Using ep0 maxpacket: 8
[  278.027459][ T5847] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  278.039849][ T5847] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  278.062637][ T5847] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  278.083173][ T5847] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  278.111169][ T5847] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  278.121169][ T5847] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.187130][   T10] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  278.203225][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.223323][ T7958] netlink: 'syz.1.568': attribute type 10 has an invalid length.
[  278.231775][ T7958] team0: Device hsr_slave_0 failed to register rx_handler
[  278.267737][   T10] usb 1-1: config 0 descriptor??
[  278.345882][ T5847] usb 4-1: GET_CAPABILITIES returned 0
[  278.351558][ T5847] usbtmc 4-1:16.0: can't read capabilities
[  278.805280][ T5847] usb 4-1: USB disconnect, device number 15
[  278.945400][   T10] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  278.953156][   T10] [drm:udl_init] *ERROR* Selecting channel failed
[  278.973760][   T10] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  279.000979][   T10] [drm] Initialized udl on minor 2
[  279.019185][   T10] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  279.066092][   T10] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  279.075587][    T9] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  279.125830][    T9] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  279.133854][    T9] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  279.145240][   T10] usb 1-1: USB disconnect, device number 6
[  281.633614][ T7991] netlink: 32 bytes leftover after parsing attributes in process `syz.2.575'.
[  282.079921][ T5986] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  282.604681][ T7999] netlink: 32 bytes leftover after parsing attributes in process `syz.2.575'.
[  282.758441][ T8014] ptrace attach of "./syz-executor exec"[5842] was attempted by "./syz-executor exec"[8014]
[  282.815010][ T5986] usb 4-1: Using ep0 maxpacket: 8
[  283.131121][ T5986] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  283.151131][ T5986] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  283.191527][ T5986] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  283.222163][ T5986] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  283.245005][ T5986] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  283.254173][ T5986] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.492825][ T5986] usb 4-1: GET_CAPABILITIES returned 0
[  284.283146][ T5986] usbtmc 4-1:16.0: can't read capabilities
[  284.369736][ T5986] usb 4-1: USB disconnect, device number 16
[  284.554817][ T8027] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  284.715448][   T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  284.928892][   T10] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  285.001138][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.145782][   T10] usb 3-1: config 0 descriptor??
[  287.609461][   T10] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  287.625598][   T10] [drm:udl_init] *ERROR* Selecting channel failed
[  288.191817][ T8053] netlink: 'syz.4.595': attribute type 27 has an invalid length.
[  288.489348][   T10] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  288.509521][   T10] [drm] Initialized udl on minor 2
[  288.529373][   T10] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  288.687991][   T10] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  288.695947][ T5892] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  288.716218][ T5892] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  288.724237][ T5892] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  288.749033][   T10] usb 3-1: USB disconnect, device number 6
[  288.971521][ T8065] overlay: filesystem on ./bus not supported as upperdir
[  290.028258][ T8072] xt_limit: Overflow, try lower: 0/0
[  290.101985][ T8053] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.110701][ T8053] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.192045][ T5892] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  290.588674][ T5892] usb 2-1: Using ep0 maxpacket: 8
[  290.658791][ T5892] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  290.678543][ T5892] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  290.713933][ T5892] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  290.735241][ T5892] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  290.779495][ T5892] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  290.794540][ T5892] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.852894][ T8053] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.902925][ T8053] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  291.014513][ T5892] usb 2-1: GET_CAPABILITIES returned 0
[  291.020231][ T5892] usbtmc 2-1:16.0: can't read capabilities
[  291.287942][ T8053] macsec0: left promiscuous mode
[  291.330484][ T5892] usb 2-1: USB disconnect, device number 8
[  291.577980][ T8053] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.601529][ T8053] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.610824][ T8053] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.619909][ T8053] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.667880][ T8053] hsr1: left allmulticast mode
[  291.672703][ T8053] dummy0: left allmulticast mode
[  291.682613][ T8053] vlan2: left allmulticast mode
[  291.726656][ T8053] bond0: left allmulticast mode
[  291.731567][ T8053] bond_slave_0: left allmulticast mode
[  291.739579][ T8053] bond_slave_1: left allmulticast mode
[  291.978706][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  291.978724][   T30] audit: type=1804 audit(1751961018.172:38): pid=8090 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="iou-wrk-8087" name="file0" dev="ramfs" ino=15093 res=1 errno=0
[  293.734697][ T5906] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  294.087060][ T5906] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  294.104685][ T5906] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.214665][ T5906] usb 1-1: Product: syz
[  294.229114][ T5906] usb 1-1: Manufacturer: syz
[  294.233754][ T5906] usb 1-1: SerialNumber: syz
[  294.331286][ T5906] r8152-cfgselector 1-1: Unknown version 0x0000
[  294.374947][ T5906] r8152-cfgselector 1-1: config 0 descriptor??
[  295.648785][ T5906] r8152-cfgselector 1-1: USB disconnect, device number 7
[  295.935151][ T5892] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  295.980390][ T8140] netlink: 12 bytes leftover after parsing attributes in process `syz.1.622'.
[  296.048436][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  296.074875][ T5892] usb 3-1: device descriptor read/64, error -71
[  296.214758][    T9] usb 5-1: Using ep0 maxpacket: 8
[  296.284186][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  296.329507][ T5892] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  296.362932][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  296.392052][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  296.402316][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  296.415783][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  296.424917][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.514697][ T5892] usb 3-1: device descriptor read/64, error -71
[  296.565293][ T5906] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  296.791111][    T9] usb 5-1: GET_CAPABILITIES returned 0
[  296.799910][ T5892] usb usb3-port1: attempt power cycle
[  296.814685][    T9] usbtmc 5-1:16.0: can't read capabilities
[  296.894804][ T5906] usb 1-1: Using ep0 maxpacket: 32
[  296.901584][ T5906] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  296.912110][    T9] usb 5-1: USB disconnect, device number 11
[  296.914685][ T5906] usb 1-1: config 0 has no interface number 0
[  296.924167][ T5906] usb 1-1: config 0 interface 12 has no altsetting 0
[  297.165431][ T5892] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  297.360297][ T5892] usb 3-1: device descriptor read/8, error -71
[  297.403987][ T5906] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  297.445904][ T5906] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.453953][ T5906] usb 1-1: Product: syz
[  297.508777][ T5906] usb 1-1: Manufacturer: syz
[  297.513432][ T5906] usb 1-1: SerialNumber: syz
[  297.668707][ T5906] usb 1-1: config 0 descriptor??
[  297.950436][ T5892] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  297.985476][ T5892] usb 3-1: device descriptor read/8, error -71
[  298.778577][ T5892] usb usb3-port1: unable to enumerate USB device
[  299.184758][ T5906] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  299.199777][ T5906] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  299.283176][ T5906] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  299.325063][ T5906] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  299.641339][ T5906] usb 1-1: USB disconnect, device number 8
[  300.065909][ T8191] netlink: 'syz.0.639': attribute type 4 has an invalid length.
[  300.355994][ T8188] netlink: 12 bytes leftover after parsing attributes in process `syz.1.637'.
[  300.369915][ T8192] netlink: 'syz.1.637': attribute type 3 has an invalid length.
[  300.370478][ T8188] netlink: 12 bytes leftover after parsing attributes in process `syz.1.637'.
[  300.456107][ T8192] netlink: 20 bytes leftover after parsing attributes in process `syz.1.637'.
[  300.745915][ T5892] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  301.118690][ T5892] usb 4-1: Using ep0 maxpacket: 8
[  301.189069][ T5892] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  301.219678][ T5892] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  302.050712][   T10] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  302.074114][ T5892] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  302.244957][ T5892] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  302.259868][ T5892] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  302.269292][ T5892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.294677][   T10] usb 1-1: device descriptor read/64, error -71
[  302.484271][ T8216] netlink: 2052 bytes leftover after parsing attributes in process `syz.4.646'.
[  302.495984][ T5892] usb 4-1: GET_CAPABILITIES returned 0
[  302.501508][ T5892] usbtmc 4-1:16.0: can't read capabilities
[  302.508757][ T8216] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  302.580374][   T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  302.647155][ T5906] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  302.706143][ T5892] usb 4-1: USB disconnect, device number 17
[  302.777306][   T10] usb 1-1: device descriptor read/64, error -71
[  302.816506][ T5906] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  302.827901][ T5906] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  302.843493][ T5906] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  302.852960][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.865115][ T8213] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  302.891714][ T5906] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  302.895446][   T10] usb usb1-port1: attempt power cycle
[  303.704942][   T10] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  303.794643][   T10] usb 1-1: device descriptor read/8, error -71
[  304.505202][   T10] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  304.586754][   T10] usb 1-1: device descriptor read/8, error -71
[  304.707915][   T10] usb usb1-port1: unable to enumerate USB device
[  305.098966][    T9] usb 3-1: USB disconnect, device number 11
[  307.451313][ T8269] netlink: 256 bytes leftover after parsing attributes in process `syz.0.663'.
[  307.494661][ T8269] netlink: 24 bytes leftover after parsing attributes in process `syz.0.663'.
[  308.055053][   T43] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  308.354952][   T43] usb 5-1: device descriptor read/64, error -71
[  308.674860][   T43] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  308.868936][   T43] usb 5-1: device descriptor read/64, error -71
[  309.008539][   T43] usb usb5-port1: attempt power cycle
[  309.711239][ T8291] netlink: 'syz.2.668': attribute type 4 has an invalid length.
[  310.092819][   T43] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  311.495537][   T43] usb 5-1: device descriptor read/8, error -71
[  312.331123][ T8312] netlink: 32 bytes leftover after parsing attributes in process `syz.0.675'.
[  314.044755][   T43] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  314.987743][   T43] usb 5-1: device descriptor read/64, error -71
[  315.048274][ T8338] netlink: 'syz.1.684': attribute type 4 has an invalid length.
[  315.280559][   T43] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  315.391411][ T8346] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  315.514802][   T43] usb 5-1: device descriptor read/64, error -71
[  316.945158][   T43] usb usb5-port1: attempt power cycle
[  317.148209][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  317.154831][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  318.525156][ T8380] netlink: 'syz.4.698': attribute type 4 has an invalid length.
[  320.064661][   T43] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  320.219983][   T43] usb 5-1: device descriptor read/64, error -71
[  320.604780][   T43] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  320.855834][   T43] usb 5-1: device descriptor read/64, error -71
[  320.986314][   T43] usb usb5-port1: attempt power cycle
[  321.386383][   T43] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  321.581546][   T43] usb 5-1: device descriptor read/8, error -71
[  321.994654][   T43] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  322.030518][   T43] usb 5-1: device descriptor read/8, error -71
[  322.153463][   T43] usb usb5-port1: unable to enumerate USB device
[  325.202693][ T8454] netlink: 32 bytes leftover after parsing attributes in process `syz.0.722'.
[  325.789764][ T8468] x_tables: ip_tables: osf match: only valid for protocol 6
[  326.123686][ T8467] hub 9-0:1.0: USB hub found
[  326.128999][ T8467] hub 9-0:1.0: 1 port detected
[  326.439495][    T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  326.704723][    T9] usb 5-1: Using ep0 maxpacket: 8
[  326.840196][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  326.899385][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  326.921844][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  326.948083][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  327.075226][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  327.084340][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.301200][ T8484] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  327.329241][    T9] usb 5-1: GET_CAPABILITIES returned 0
[  327.329301][    T9] usbtmc 5-1:16.0: can't read capabilities
[  327.334390][ T5906] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  327.489867][ T5906] usb 1-1: no configurations
[  327.494524][ T5906] usb 1-1: can't read configurations, error -22
[  327.548119][    T9] usb 5-1: USB disconnect, device number 23
[  327.597439][ T8488] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  327.647209][ T5906] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  327.824770][ T5906] usb 1-1: no configurations
[  327.829413][ T5906] usb 1-1: can't read configurations, error -22
[  327.843128][ T5906] usb usb1-port1: attempt power cycle
[  328.205113][ T5906] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  328.368536][ T5906] usb 1-1: no configurations
[  328.954635][ T5906] usb 1-1: can't read configurations, error -22
[  329.119540][ T5906] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  330.395382][ T5906] usb 1-1: device descriptor read/8, error -71
[  330.554714][ T5906] usb usb1-port1: unable to enumerate USB device
[  334.214663][   T43] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  334.385552][   T43] usb 3-1: no configurations
[  334.390416][   T43] usb 3-1: can't read configurations, error -22
[  334.520298][ T8564] netlink: 32 bytes leftover after parsing attributes in process `syz.3.754'.
[  334.567196][   T43] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  334.765660][   T43] usb 3-1: no configurations
[  334.781128][   T43] usb 3-1: can't read configurations, error -22
[  334.793352][   T43] usb usb3-port1: attempt power cycle
[  334.885351][ T8579] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  335.273615][   T43] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  335.320132][   T43] usb 3-1: no configurations
[  335.333607][   T43] usb 3-1: can't read configurations, error -22
[  335.566218][   T43] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  335.830825][   T43] usb 3-1: no configurations
[  335.870600][   T43] usb 3-1: can't read configurations, error -22
[  336.005010][   T43] usb usb3-port1: unable to enumerate USB device
[  337.576308][ T8604] pim6reg1: entered allmulticast mode
[  338.719162][ T8624] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  341.506771][ T8655] netlink: 12 bytes leftover after parsing attributes in process `syz.1.777'.
[  343.940181][ T8686] netlink: 12 bytes leftover after parsing attributes in process `syz.3.788'.
[  346.427185][ T8716] netlink: 12 bytes leftover after parsing attributes in process `syz.2.800'.
[  347.447780][ T8731] syz.1.803: attempt to access beyond end of device
[  347.447780][ T8731] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[  347.837220][    C0] ==================================================================
[  347.845336][    C0] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x471/0x4b0
[  347.853245][    C0] Read of size 2 at addr ffff88805c04602a by task swapper/0/0
[  347.860706][    C0] 
[  347.863058][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  347.863081][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  347.863100][    C0] Call Trace:
[  347.863112][    C0]  <IRQ>
[  347.863122][    C0]  dump_stack_lvl+0x189/0x250
[  347.863145][    C0]  ? __virt_addr_valid+0x1c8/0x5c0
[  347.863167][    C0]  ? rcu_is_watching+0x15/0xb0
[  347.863187][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.863205][    C0]  ? rcu_is_watching+0x15/0xb0
[  347.863224][    C0]  ? lock_release+0x4b/0x3e0
[  347.863243][    C0]  ? __virt_addr_valid+0x1c8/0x5c0
[  347.863264][    C0]  ? __virt_addr_valid+0x4a5/0x5c0
[  347.863285][    C0]  print_report+0xd2/0x2b0
[  347.863311][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  347.863329][    C0]  kasan_report+0x118/0x150
[  347.863355][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  347.863376][    C0]  rose_timer_expiry+0x471/0x4b0
[  347.863396][    C0]  call_timer_fn+0x17e/0x5f0
[  347.863412][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  347.863429][    C0]  ? call_timer_fn+0xbe/0x5f0
[  347.863445][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  347.863465][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  347.863489][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.863513][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  347.863531][    C0]  __run_timer_base+0x61a/0x860
[  347.863555][    C0]  ? ktime_get+0x3e/0x1f0
[  347.863581][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  347.863610][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  347.863640][    C0]  run_timer_softirq+0xb7/0x180
[  347.863665][    C0]  handle_softirqs+0x283/0x870
[  347.863686][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  347.863707][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  347.863727][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  347.863753][    C0]  __irq_exit_rcu+0xca/0x1f0
[  347.863771][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  347.863794][    C0]  irq_exit_rcu+0x9/0x30
[  347.863811][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  347.863835][    C0]  </IRQ>
[  347.863842][    C0]  <TASK>
[  347.863850][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  347.863871][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  347.863898][    C0] Code: c3 dd 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 03 36 20 00 f3 0f 1e fa fb f4 <e9> 98 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  347.863915][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[  347.863937][    C0] RAX: 9ea9825b3ced4800 RBX: ffffffff81975b68 RCX: 9ea9825b3ced4800
[  347.863952][    C0] RDX: 0000000000000001 RSI: ffffffff8d983ce5 RDI: ffffffff8be1c200
[  347.863966][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[  347.863981][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0bbf0
[  347.863995][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[  347.864011][    C0]  ? do_idle+0x1e8/0x510
[  347.864036][    C0]  default_idle+0x13/0x20
[  347.864054][    C0]  default_idle_call+0x74/0xb0
[  347.864073][    C0]  do_idle+0x1e8/0x510
[  347.864095][    C0]  ? __pfx_do_idle+0x10/0x10
[  347.864122][    C0]  cpu_startup_entry+0x44/0x60
[  347.864142][    C0]  rest_init+0x2de/0x300
[  347.864161][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  347.864186][    C0]  start_kernel+0x47d/0x500
[  347.864206][    C0]  x86_64_start_reservations+0x24/0x30
[  347.864229][    C0]  x86_64_start_kernel+0x143/0x1c0
[  347.864251][    C0]  common_startup_64+0x13e/0x147
[  347.864282][    C0]  </TASK>
[  347.864289][    C0] 
[  348.198547][    C0] Allocated by task 8252:
[  348.202851][    C0]  kasan_save_track+0x3e/0x80
[  348.207512][    C0]  __kasan_kmalloc+0x93/0xb0
[  348.212082][    C0]  __kmalloc_cache_noprof+0x230/0x3d0
[  348.217431][    C0]  create_io_worker+0xac/0x5d0
[  348.222172][    C0]  io_wq_enqueue+0x62c/0x850
[  348.226738][    C0]  io_submit_sqes+0x1035/0x1c50
[  348.231566][    C0]  __se_sys_io_uring_enter+0x2df/0x2b20
[  348.237089][    C0]  do_syscall_64+0xfa/0x3b0
[  348.241566][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.247435][    C0] 
[  348.249738][    C0] Freed by task 8252:
[  348.253690][    C0]  kasan_save_track+0x3e/0x80
[  348.258346][    C0]  kasan_save_free_info+0x46/0x50
[  348.263353][    C0]  __kasan_slab_free+0x62/0x70
[  348.268096][    C0]  kfree+0x18e/0x440
[  348.271967][    C0]  create_io_worker+0x30f/0x5d0
[  348.276813][    C0]  io_wq_enqueue+0x62c/0x850
[  348.281396][    C0]  io_submit_sqes+0x1035/0x1c50
[  348.286239][    C0]  __se_sys_io_uring_enter+0x2df/0x2b20
[  348.291771][    C0]  do_syscall_64+0xfa/0x3b0
[  348.296252][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.302123][    C0] 
[  348.304424][    C0] The buggy address belongs to the object at ffff88805c046000
[  348.304424][    C0]  which belongs to the cache kmalloc-512 of size 512
[  348.318455][    C0] The buggy address is located 42 bytes inside of
[  348.318455][    C0]  freed 512-byte region [ffff88805c046000, ffff88805c046200)
[  348.332143][    C0] 
[  348.334448][    C0] The buggy address belongs to the physical page:
[  348.340846][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805c046000 pfn:0x5c044
[  348.350884][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  348.359360][    C0] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  348.367845][    C0] page_type: f5(slab)
[  348.371804][    C0] raw: 00fff00000000240 ffff88801a441c80 ffffea00016e7810 ffffea0000ca8e10
[  348.380366][    C0] raw: ffff88805c046000 0000000000100009 00000000f5000000 0000000000000000
[  348.388927][    C0] head: 00fff00000000240 ffff88801a441c80 ffffea00016e7810 ffffea0000ca8e10
[  348.397575][    C0] head: ffff88805c046000 0000000000100009 00000000f5000000 0000000000000000
[  348.406220][    C0] head: 00fff00000000002 ffffea0001701101 00000000ffffffff 00000000ffffffff
[  348.414865][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  348.423507][    C0] page dumped because: kasan: bad access detected
[  348.429904][    C0] page_owner tracks the page as allocated
[  348.435603][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5846, tgid 5846 (syz-executor), ts 76404235254, free_ts 20895300089
[  348.454870][    C0]  post_alloc_hook+0x240/0x2a0
[  348.459707][    C0]  get_page_from_freelist+0x21d5/0x22b0
[  348.465235][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  348.471019][    C0]  alloc_pages_mpol+0x232/0x4a0
[  348.475858][    C0]  allocate_slab+0x8a/0x3b0
[  348.480335][    C0]  ___slab_alloc+0xbfc/0x1480
[  348.485003][    C0]  __kmalloc_noprof+0x305/0x4f0
[  348.489851][    C0]  fib6_info_alloc+0x30/0xf0
[  348.494419][    C0]  ip6_route_info_create+0x142/0x860
[  348.499683][    C0]  ip6_route_add+0x49/0x1b0
[  348.504160][    C0]  addrconf_permanent_addr+0x67f/0x9d0
[  348.509598][    C0]  addrconf_notify+0x887/0x1010
[  348.514431][    C0]  notifier_call_chain+0x1b6/0x3e0
[  348.519523][    C0]  __dev_notify_flags+0x18d/0x2e0
[  348.524538][    C0]  netif_change_flags+0xe8/0x1a0
[  348.529478][    C0]  do_setlink+0xc55/0x41c0
[  348.533885][    C0] page last free pid 1 tgid 1 stack trace:
[  348.539671][    C0]  __free_frozen_pages+0xc65/0xe60
[  348.544779][    C0]  free_contig_range+0x1bd/0x4a0
[  348.549795][    C0]  destroy_args+0x7e/0x5d0
[  348.554210][    C0]  debug_vm_pgtable+0x412/0x450
[  348.559051][    C0]  do_one_initcall+0x233/0x820
[  348.563818][    C0]  do_initcall_level+0x137/0x1f0
[  348.568740][    C0]  do_initcalls+0x69/0xd0
[  348.573045][    C0]  kernel_init_freeable+0x3d9/0x570
[  348.578219][    C0]  kernel_init+0x1d/0x1d0
[  348.582527][    C0]  ret_from_fork+0x3fc/0x770
[  348.587096][    C0]  ret_from_fork_asm+0x1a/0x30
[  348.591840][    C0] 
[  348.594142][    C0] Memory state around the buggy address:
[  348.599746][    C0]  ffff88805c045f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  348.607785][    C0]  ffff88805c045f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  348.615822][    C0] >ffff88805c046000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.623856][    C0]                                   ^
[  348.629201][    C0]  ffff88805c046080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.637242][    C0]  ffff88805c046100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.645284][    C0] ==================================================================
[  348.653485][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  348.660676][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  348.670542][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.680575][    C0] Call Trace:
[  348.683836][    C0]  <IRQ>
[  348.686661][    C0]  dump_stack_lvl+0x99/0x250
[  348.691231][    C0]  ? __asan_memcpy+0x40/0x70
[  348.695799][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.700973][    C0]  ? __pfx__printk+0x10/0x10
[  348.705546][    C0]  panic+0x2db/0x790
[  348.709420][    C0]  ? __pfx_panic+0x10/0x10
[  348.713811][    C0]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  348.719685][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  348.725560][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  348.731868][    C0]  ? print_memory_metadata+0x314/0x400
[  348.737314][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  348.742401][    C0]  check_panic_on_warn+0x89/0xb0
[  348.747322][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  348.752408][    C0]  end_report+0x78/0x160
[  348.756635][    C0]  kasan_report+0x129/0x150
[  348.761120][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  348.766210][    C0]  rose_timer_expiry+0x471/0x4b0
[  348.771134][    C0]  call_timer_fn+0x17e/0x5f0
[  348.775705][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  348.781141][    C0]  ? call_timer_fn+0xbe/0x5f0
[  348.785792][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  348.790881][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  348.796059][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  348.801238][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  348.806679][    C0]  __run_timer_base+0x61a/0x860
[  348.811513][    C0]  ? ktime_get+0x3e/0x1f0
[  348.815825][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  348.821174][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  348.827402][    C0]  run_timer_softirq+0xb7/0x180
[  348.832231][    C0]  handle_softirqs+0x283/0x870
[  348.836977][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  348.841715][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  348.846975][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  348.852154][    C0]  __irq_exit_rcu+0xca/0x1f0
[  348.856721][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  348.861896][    C0]  irq_exit_rcu+0x9/0x30
[  348.866113][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  348.871729][    C0]  </IRQ>
[  348.874641][    C0]  <TASK>
[  348.877553][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  348.883512][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  348.889213][    C0] Code: c3 dd 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 03 36 20 00 f3 0f 1e fa fb f4 <e9> 98 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  348.908797][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[  348.914845][    C0] RAX: 9ea9825b3ced4800 RBX: ffffffff81975b68 RCX: 9ea9825b3ced4800
[  348.922795][    C0] RDX: 0000000000000001 RSI: ffffffff8d983ce5 RDI: ffffffff8be1c200
[  348.930743][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[  348.938695][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0bbf0
[  348.946642][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[  348.954607][    C0]  ? do_idle+0x1e8/0x510
[  348.958847][    C0]  default_idle+0x13/0x20
[  348.963150][    C0]  default_idle_call+0x74/0xb0
[  348.967891][    C0]  do_idle+0x1e8/0x510
[  348.971938][    C0]  ? __pfx_do_idle+0x10/0x10
[  348.976506][    C0]  cpu_startup_entry+0x44/0x60
[  348.981263][    C0]  rest_init+0x2de/0x300
[  348.985505][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  348.991037][    C0]  start_kernel+0x47d/0x500
[  348.995522][    C0]  x86_64_start_reservations+0x24/0x30
[  349.000969][    C0]  x86_64_start_kernel+0x143/0x1c0
[  349.006063][    C0]  common_startup_64+0x13e/0x147
[  349.010983][    C0]  </TASK>
[  349.014259][    C0] Kernel Offset: disabled
[  349.018567][    C0] Rebooting in 86400 seconds..