last executing test programs:

21.72585792s ago: executing program 2 (id=3393):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
r3 = add_key$user(&(0x7f0000000140), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000380)={r3}, &(0x7f0000000480)=""/82, 0x52, 0x0)
socket(0x1d, 0x2, 0x6)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000300), 0x6000, 0x0)
pipe(&(0x7f0000000600))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r8, 0x1, 0xfffffffe, 0x10000, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x9f, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x30, r5, 0x1, 0x0, 0x4000000, {{}, {}, {0x14, 0x17, {0x0, 0x401, @l2={'ib', 0x3a, 'wg1\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x24008044}, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000180), 0x100007, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r9, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_DQBUF(r9, 0xc044560f, &(0x7f0000000380)=@mmap={0x0, 0x1, 0x4, 0x2, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}})

18.342185514s ago: executing program 2 (id=3399):
socket$packet(0x11, 0x2, 0x300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$VIDIOC_S_HW_FREQ_SEEK(0xffffffffffffffff, 0x40305652, &(0x7f0000000280)={0x2000000, 0x2, 0xf, 0x0, 0x0, 0x1ff, 0xffffffff})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r2, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb10000a8880008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)

16.573166141s ago: executing program 0 (id=3403):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f00000001c0)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000000)={r5, 0xdd}, 0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000300)={r5, 0xbe3}, 0x8)
r6 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$poke(0x420f, r7, 0x0, 0x20000000000008)
fsmount(r6, 0x0, 0xa)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r8, 0x89f3, &(0x7f0000000240)={'sit0\x00', &(0x7f0000000180)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x25, 0x4, 0x0, 0x0, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @empty, {[@generic={0x0, 0xf, "78bd0dd507033f2d4a99367ae2"}, @rr={0x7, 0x7, 0x0, [@loopback]}, @rr={0x7, 0xb, 0x0, [@dev, @loopback]}, @timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@local}]}, @end, @timestamp_prespec={0x44, 0x44, 0x0, 0x3, 0x0, [{@local}, {}, {@dev}, {@broadcast}, {@multicast1}, {@empty}, {@dev}, {@dev}]}, @generic={0x0, 0xb, "2be8bc77583171dab6"}]}}}}})
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r9, 0x104, 0x1)
getdents64(r9, &(0x7f0000000080)=""/175, 0xaf)

16.245909836s ago: executing program 2 (id=3414):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x87, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffd2a9dc6da626c0e21677ffaaaaaaaaaa2b86dd6700000100513afffe880000000000000000000000000201ff02000000000000000000000000000189009078000000002001000000000000000000000001fe800000000000000000000000000038220560aeb59d3fb13258c6f29dd7eed9c5aaa04a18f74d2a89000000000000"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
mq_timedsend(r2, 0x0, 0x0, 0x5, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f00000000c0)={0x18})
creat(&(0x7f00000001c0)='./file0\x00', 0x16c)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000740)={0x11, @multicast2, 0x4e24, 0x4, 'wrr\x00', 0x39, 0x7ff, 0x22}, 0x2c)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r5, 0x1000)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
read(r1, 0x0, 0x0)
add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
close_range(r4, 0xffffffffffffffff, 0x0)
setuid(0x0)

13.81448027s ago: executing program 3 (id=3406):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
ioctl$FBIOBLANK(r3, 0x4611, 0x3)
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)
pipe2(&(0x7f00000011c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
write$FUSE_INIT(r4, &(0x7f0000000100)={0x78}, 0xfeb1)
write$UHID_INPUT(r4, &(0x7f0000000180)={0x8, {"d1347423facc5d1c40c9990badb12af40568dcf49f9a8810b8b798247df29281d071fae787e8ef6eb83481d5060be1bd1d5f4221ee4951277e25aac97f5e4b7765b0408038c6ba8f6fd9c57f3b4ffb6b2762c807cccd0d63c8b7b4e5c66e65bf436355d47d0b07e3afe376c4796d06d228507a9b36640ea5e90f393a5b251138781833fed0b6c3df77ffd6c4d0ce481977b27e84359a45d225231ce0ab05985b65c524dfaf90433e5dc08e663015d86270ce0b7b87a1d7fac3d02279d75b4928bf043317cadd8146b5e3dded47f5f74e7b0cb026dbeacb11eb7001a9e3a974e76e8ae491db04e5e060af7e956306168cb1afed82be4b2e66fc7a47117b49274747d23367c2d65f1b8d7a2b8c28e3b3115bbb90ec09f2add68bad5f9f125572d00249173c1046f043ee0aaadab9700cfc8910820cdd9ff89fbc21b37c708228104471e1b5414b87b3113d6e24d2b5b2515e4aa305cfe4aa0e30a75d682ededddcf5c5df45c1e113eeacba8104313959644fbc8c1813dac5c77314bd35981fdd95b3d46fc3f65e98b8b80c50064cd24e6d99a808cb7573755f97a4f1e771a362b41b2c1383603207c004fbf9e16db9f8fe71f9be9752c496be52bbaafd0722bb0013e33209d56557d5d3c3e76d4d3d2b4c27b0b800691291f31798fe0bf9efc57b83d5444dbcaae41f40ee4944d5b6c5b53ddf03fe6c81cf31809023765bdac31076e91864db9a73b654e7f53375a063ed3a3ca8aba998cddc9e5f9973e0ee8084388f5b8497fa33ff843dbceae13e8ef9e549252aa30d081c11951253f8d8e3b578b3ad02e2ea168c7c9e54f71a8755d7f83e0ad9a3fabb85e3c12a45f3beb48385d26d9dd22c00ead8c9b30a1959d3e345d1ba7ee049f1cba644defff7c3ba2ad549a3130103497efcf5e9c44079dcfaf4f6f55d0c488616de63d6cf659749b31dda2940923002e4395c232d376d0e8917e433e0506e96d078b9e1c050d3783b61c6ce3ba25aa745a2c97f246a0df5e4518d7e696de40b41e50dfe42935f76a4655aaf89b62df109f3ee5cced942083c2e015979e8017d0a435ccef44a6d122a7a61beb38fb0bf2cf20ff6538b343d33de81649f06b29536867760cd8fbec922f26d5373882bdf82bf7b4ce169d73cfb90e9b5366e630b1e6f86e79f935625fc84c9da002f89ed69cc902a755a0f65946466356c4d10501306c4afd04042cf9caa2ba5cdaf021549ff0f4e5329a6cf103e16be76907f038b983768c6608c29d52d5c0ecbc4d18de0d6511f976f03bf433a575680b3faa3069fb0725a46688a206cd6ac37a993fb98534c87a88517e8a8fdc1dff9243c3f328c96c5520c1549044ff729f4c1645d438afabd12f9a937c7f7eedfe11668211b595ffe174347a3a8b8c05175c8069dc44d35144a15e2cc0f4d6d2625fc2b8c89ade5d5ce723bf624694284baacefc181053d3e3cad426c832438f81177256f12e89c0cfe7647355017118a3a055e8869fa6de5ae0aba0bf0d3aa6dbc861a1ff61bbe8746d02f52c0d0d43671e153824c0db8cbbc56590b63dc87c84782ffbb6ef9ef0686501d1fdb7d7dcb1106c0c6a5fafcf82470a33009d953d64f657ddeb3a899822e41a92a089f9a9a5670c37e87c954214a05ee850e1f5387b2d8cdee9f75e8a4187053b838f7e759386bca861fa4f3a78de19c40825f77af4f316519df5a7e927b66399a6e7a6a5eb226252717fc40a1deabdff88ed50a760a3eb330038869f9b5d5b3d30c119b02e0e55fe61e1042243e912042989eae1e5ebd4e1c7b27230479e25f95eae977adb855ff10c5e6d0130d3b80c50e089c22d52943bf3a3ae6fd8f0f257ece4af2749b6c1f6b11db67c0770c6b2b86de957af81f10a06d76f9af780e805f704b823424e9782412e5788d6188d96c80c12a4e1e725e5dc6a9dbad152a688485c49b3b58f8412cad7ef04392bb8d51fe5de21dd2c49cf74c1d5bca87e339c522762cc65f7b45009e2ff57aeb067ea5bbf155d009b97ce1ee0eb0f4b5a02beb09d8fa54b63bc636ba2fa05dfe27d6e71d9f2c54a748bcdd8de453c3e7cfb039eaae05445f5146ae19eea8d1bc21364ad98439e1ee3229b1bf4e6506016ad5b526eae3d53adbcc930654a70169b895f70e64671cb5db886686ce829d6ba71c41ae6f4be6c7f2b8e770c8aecc8991ca0793abc970d2f595329d5cab231f22848415053290e33a87874a34f8f9f63847ed75bc29d48b038e3bc471da7e04bfaf14e447300a42febcd4eda28a44c45ada90acdd71a7314f7602d1f8bb46ff9d7ffdd5c246e5fb0e34df6303e7185a5897eca8bebdadb27d6754144a8aeeb9d9f0dd680fe81d22304c05f2b9020ad442ee2a98cde4e94c7a9a3c1c5db63c4b1b583e768f28c6b15d3cc8efa7d96d4a0eab8ec891a141d6b6f63530a93527ad1b47b2659a6a3d5a680f62d78adc78348affba123d8554aadd30f956b371d713654c3ee9731f9052b2b0b17a1470af0bf0f0e4d4797295ae08c96b09eef9c071bc71cdeef6bea0877f61a80a7975107f07e79fa0261f9a172c0c9841ee5a2a32c32b3882fd0a7c96f71cac2fddfd8acfff1b135a1f7b3ccf966b8b0fb32eadcfaa0c54ff11bf0abaebeaac4b0795180f240148b393668ec8911b38fb11a7042623f0c57a248b2afd30603ce8a20bc88180638d0571e51c0e3fce6f194a01762880d665369b335819d1e879307b0b01fb250577bbfe8ae03d33d0b97ceb697a1855a15f761a0108d3c59ead2194ea18c42487d900a0de473910bb0271cb54ee98b293305263ccf93a18e2a4b320ecc8e23b6d450f48b83d01f75f5b7f3354635b6e5022313f04e4cfefddcf284c2e5dde920a07303f442949ce949fbf2b08264f36dcfabdcece29d1743f839aa94cf7e747a48e6d1a4a65e9445def8c5e3d5ddf3040d24da56a7eec5edb2687eabf174b690d05bdbcdff9aec0a8dcfb94e4fff5a5b441fe3ef5b6189b2971dfb7b4976564a11bb8672d74e54251707acea501c02b66b0b7fe792e8180788b00aade3195f12b837144945e1f9263fd9894c52bea060578933702c85796c618a31243f7af6f6d4c22606fbe5ca70dadea0afa10c0ab3ae9beec09cddffa07be5b072f2dd5f3e54e3de8c232584ac76fa5dcdaeab544225c9c4786d9566eef1f0659e3ae462f9f3bef10117f77a26cf6ef3d0fa6a1d218d555f866da6e4efd5215813d28a54a98e8ef1529515f6a2bfa2cdf88797837d181965905f6878597834699995335fac5a58b5e10a4dfc8a96f2dcfd0fa122ffa0929d858a5cdf8a6347968d672e7dfea5210d2fa145c1d5731d9f8c1d37c97a8f779dc4c31ab5e7123f06c44f0efe58989bb70d4a3bfe2063360d9772653d7328f117607b5f447ea5beaf0df2408a8cb06d6d698915b8d19b9795bd411f4c129ad817bc02b563b3f92da951f952a05195f980e74d15ec221d5ccd1bf13a1bcc36d5de16b29a9465359b580230a34c2f3ed7c247ad15ffa3203d0020b5651c6b85f72c912c063b886b012b1a45c6a19d228cd8164951825de096a07d00b2e1d95d6d622682b515f1b9c72fb3f0acba749d4d4e0d8a30e3f07793d7efc567e47a90f03f01efc16fe174c8e16f84d9eff10d12175a13f064288094e9a873106c82b170858574bbcc16c5d901997b2357f750952e1155a9c2d542668cdcc31e038011b9214b7ca033aec807e07559f65879ed836be06950040fe314ff9939426ccdf47578999a517fe66a1dcadd05f6ef7659faa5cdbf0f9513677b9284dbe54497b18ac415585ef36b4a0a33972207a02c7e76960756eecff183a27be94143adf47179d8dc58c6d8834018d8169257743d77cd48a56516cfab7ce275a81e3359b72aaecf653fc52d88532adae33a1477c492aa307273252c7b61e44d7dc8e6270926560cf4abb2bdf3e821badfe807b9c69b73646e1c5d25e0d06a66c0b00b5069008c0ddaeb89d15fe63816dacd2496395e7f7c6237647dd6ebc286801ae91c05bad19a84ff8aef6628e633249ce60a5041b271ad8ceed29b75c9b9fc039854e55cb01b8bc83a89a7f69a7a6f6717c7920f030bb6617342e3418600681ced7360835323cb58d1b98c344cae84cc88fec716ba5682e786dc16e9370ada8e38e68018f770302a9e8a086b0e08f9a359d3e9c8beba655b1a247688e98650cefb822fa40c4b69221cd5e2208a76cae84fac46802887230846f74bb95da04a7bdfcaad2e9f2db404a985756a1be077e8a8c01a149818487ae896b91ff8d82bf2863712acaa564337d6e925a90b4646d06947ccf2a74d4a1a97d4cb50a53dac0a03c3e09c699a1708a0c26b7c386c97640c2a8f30d2d3bae0db2d018ce658dc3fd9802c308b00a86872fcd8d806dccc46bc763e8292f7d3d681d8cffcc95333e78ebf67bda3e90452a2e08c52957daa98ce0cf2329abda5ccac2b013bde8a4fc75b8258824e14fb87c154b7ac22f58531fcde7082aabd47cbbd0a3a112df521a5391bb047ac4fdb3ea39da1efead0860de63037253708d5e9fd63dc6ee7eacc17b6d9f5a2ea0a27059ec8ec7e696ee05727756fb31ffca4c9261cb8f72023a00d551da0bc08c21174882d5159842aa6316b4624a7d46cecc399bcfce0fca0cc5d3d307194e8bd60a76e43e0b3539ffa23a2b2a58942b1bd21f7c86cd824f4878a7e6dc946db839610f31b24d428cbd0038e314badd51f0f3dc85c3f5df1d08adacdb3553df04803700e53802c67d992e0b7ae12c660fd83cd84fe5ebd2584a5b27db59c948f9793868475b0e1b7a94b4b91555aeb2211f5518883c0f6c9662da5e9271d8e4075a92fae0c013952a947646d84e0d80ea05c6ff5a8308a32b3106e5e0299521d3facc2ab23331054429207bf895d62c949dcca014f136b99d6d42e62cb8ce740c2d10073956a66e95751d3df58e8f8be906baa58720a728ec17bcdca87f8c2e6eb458672b24105a5b4f028fc1c245b129ba99850af1688646eb8df27eb6f1c2804878b5da2280ae9f65416311709304f5e088acbd4ccca49b46ef5a5c256b1c4abd3ca07d9f8f74eefecd736b4fdf1cdfe9bdd084ed472746337afce3b6feadb9923a8b34db65b4e69c933aad7d7fd5648b2ec16c773890483dc2917ca4acd2cb4356aa6ba9769f37c550f0a3ab843d1d9b22b6b4fc6662f63b35f0f81f1b475491aa613f40ff96360ca29d07857f061fb66745caf98f7922ee920f499b56bd8a708df5cce704766ff09dcd49c952c49e1062e9b7b1ffc73982a20c71747015bcdac7fba9da1b8d9447f923b550e27a4e68f8d3b74c138e1291ead6637db271daa182cff002e3d78040378ac4b1aa3802ea70290bcd36efac75a2944ac63d0aaedca5d35f29ef168fa6c9f1f6f00a624fdee74ef2a110fe5b61e0af026b9e33a76639753b85326292a1b866b158576ae797509d6b0d1292afeed41e4d770f6b3df73140a699868ad2aa492f5f2d33447c86cbd65b02ea2fc0ac6f6741c6cb0aab6e0213ff77ad7290eb77edbcd538d7ee9d62d231382cc6e8af6d37cc37193c777faa5468023ef21ff6741905b3fd6d37476e2f2535201d9ee4b87ed35b65838757b74d7eccc00c1351fa0cf076026695c749dcdbb8ba5cc0cb17792712124b3ed779a945c5cd795ced3bb7611f26913512f34f38b946b1f06fa68c948d34ead4e162d893cae23e2389d8c22570fe9c76a0a1dc53f8a50f08872517b459d27e32ce15225c3dd27b19cdf09a2921f2d2a77b7db9c595e38d84d18cf5aac564168f", 0x1000}}, 0x1006)
set_mempolicy(0x6, &(0x7f0000000180)=0x472, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e040000000000003f000000000000005504000001ed0a002500000017ffffffcc040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00', 0x7}, 0x94)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x344, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x3a8, 0xffffffff, 0xffffffff, 0x3a8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0x0, 0xff, 0xff], [0xffffffff, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x198, 0x1b8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf4}, {0x9, 0x2, 0x24, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa4, 0xc4}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3a0)
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(r2, 0x3b8b, &(0x7f0000000040)={0x10, 0x1})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xff00)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_flowlabel\x00')
pread64(r6, &(0x7f0000001600)=""/4103, 0x1007, 0x97)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
r7 = mq_open(&(0x7f0000000000)='$\\\'\x00', 0x40, 0x188, &(0x7f0000000080)={0x3, 0x1, 0x1, 0x9})
fcntl$lock(r7, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

13.813047005s ago: executing program 0 (id=3417):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
sched_getattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
write$cgroup_subtree(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000480)=""/134, 0x86}, {&(0x7f0000000540)=""/155, 0x9b}, {&(0x7f0000000600)=""/243, 0xf3}, {&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/223, 0xdf}, {&(0x7f0000001800)=""/4096, 0x1000}], 0x6}, 0x0)
r3 = syz_open_dev$loop(&(0x7f00000002c0), 0x9d, 0x8902)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
lseek(r4, 0x1000000, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netlink\x00')
read$FUSE(r5, &(0x7f00000051c0)={0x2020}, 0x2020)
pread64(r5, &(0x7f0000000100)=""/253, 0xfd, 0xadc)
setns(r5, 0x80)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000000)={0x0, {{0x2, 0x4e23, @rand_addr=0x64010101}}}, 0x84)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440), 0x42, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x8, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000300)={0x4a, 0x2, 0x1, "444900d730fae90100000004000000060ff697b900", 0x3234564e})
sendfile(r3, r6, 0x0, 0x5)
unshare(0x24060400)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000000)=@ethtool_rxfh_indir={0x38, 0x5, [0x1ff, 0xa, 0x5, 0x7, 0x80000000]}})
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10, 0x0, 0x0)

13.811908088s ago: executing program 1 (id=3407):
pipe2(&(0x7f0000000000)={<r0=>0x0, <r1=>0x0}, 0x4080)
close(r0)
close(r1)
r2 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
clock_gettime(0x6, &(0x7f0000000180))
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000001380))
ioctl$sock_inet_SIOCDARP(r5, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0xa, 0x0}}, {0x6, @remote}, 0x4, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 'netpci0\x00'})
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
syz_emit_ethernet(0x2a, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2566e506bce1e8", 0x14}], 0x1}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x1, 0x40)
process_madvise(r8, &(0x7f00000015c0)=[{0x0, 0xb3c9de750fa141ee}, {&(0x7f0000001600)="7fe370522d6af6625215f1793293827ec1fbafd2669ec71d6ec4f18aaa71edae948611d70900e80e4116a3c114041430f19bd4f37e3c7238ed6e6d46979c2220bde96ffe55c88d2e697fd133e5733e1bbb159ba81a1e8e2fb2e51596", 0x1}, {&(0x7f0000001300)="0454c96113b0da138a30557b0c026d7c7ba28c5cf82e468ed91537d279936ddcf06ef737e0943554457a28db61aea38a154bf19b456388daf4df61c9febcd9b8a2b14929c6f097f4ff11e686a8a37381b9321ae19dd77be474863e35633dec7003568e91eab8e870a93a73b6dea475547a826b25021aecd727c201c9cea0bfba0122b00573c286b821d43d0b4e38ec90b7d08565bf81862bdf5115e75886e742c51e058d0752982da309d53a7c0d320fdbd38bfaa998ff981d15928f783b2728ecc210898685dfc72398e665b7892024c0ab0dcfe9d3fc", 0xd7}, {&(0x7f0000001400)="3e519bc4eb7b0a55b33bdb22cc7ca76aba33506ebcf89e67b16583e68404bbca008b995a73322a4cc7a3c436e94da49121c4f225ccd342612b46beb2f569a7a0423c0cf79f2d94c015b7b47bc11d5fe599214dbe7f92c8a14b6d254a8daa074ece2708f10e912eb72cb22efc14a0d0cc7cea79311ead3200c7aca0e920d83c8d7b92db", 0x83}, {&(0x7f00000017c0)="5b297eb99162bf8668778501ce5385511d7d796a0aed27798b84852b8a9e85799af33e5de7cedbf88498be3b0b5df9f8ef11583a3bc3bdb6a1e5875f7494479905ca1f1feab109950b1be9946ac49c25c786113854b30003b573910a764104358c8b5899a86d2c25b7a2886023cee43b19c199a7c14017514656dcfeca386529d78597365934ca776ce9b8ee9d9e8b6d8c0789555790eaf1c1e6d2707c80f2a1558e720cc345a467af3f378dba06074d8ad43d61a8707a864bf5b7ba049c2b5836366fac540084a1986d713c58a932892237198aef95b616eefe20457d0b28ab35b7e8beefe6990b9bbd1cbb0cda68fd1e20c91a6ccd555cfe9c51d4f7bf082301fc61db5c7afcaa0992098895487418b1e78576e7d8f0989c9f4aff953c2f76c014b559ff40416df4b460e7da2e299bc58c8f83c070a9cfd8e662bdf8e5169baa393b1f2bd2b7bdc7886c3002e81501cc20abbcf665957e1c4a514dd15634a07b5618fbf03d23a93d2829deaeec967fb8f7b05ab4944553e8b96c5700e388e55dc9c60c6948f9382583622a37b7c81dfa5cea56b8e060aac882d0117585e0508c929591a7f0be8dfa96204f7daf90ce74e1891ba5c3ddc17d42cfafc8e12ef4109b5ec4e687389e1f325a6f4325c0eb034306588050973a24d7bf0d0044243cdfd672f4acbc115e81a83170b43a03c713e61c6ba573ea54d59b49b516800d934ae5c48d51551af9ee1f6143f9c4924b842d43208d52e4a34b4ccf167f347608d9c69e3af1a9f5507e35c198be14cff8170c82daa48cea49bbc2db68d8e8bf5752f13ebd80d510799c54d0dbee1792499c71e5db084babf44a431a4728a0f6702b4ad93d1fb5ebfef6a24b1fa057a8511df4c022e818b7af2ec354b47d34653172f75498298f8dc9eca6f478b5f9dc78f7b60401cf27fe9b1eade2d6bf7f50cee7197cd507c2766cc6b2163bd511aaa8d69dcaea44a7f37401faa0979182e51c59cd7b3189d2e8956405a2f27ead1d48b5aa421f04fdd87ef4fb3125a7a84e98719a79608d4bc70424ddc55dab8cb2b144682bca8497add2445319aef1a6db595685f3e0b049da99940d2803bc1ecd976887476cfecbdc66eea6da65e0251cc881f3da972011f37d11bd8828bfb2be9940f2508dcfa8c0e34e9e7a3ea3e7bf04afffca71c03d978507d87ee84241e5dd781c0caa8ad5320f16ed28c89af73a9445fe4c425605f6b58653cbb0909cb9a857b0c0c115104e879e41a2e05ccfcd6866d24ebf622a85ab638eab2ee2a7cf2bbd017a1509d25f65af4f63ed5dcc9586b133d52fd487e4c5238adee5bed4811def93d6723a9d4093b717ffe89209b126feee98bb276851319c2bd94f8327019d130a282fc6cf26d14ed15da2d607937a117bb6ab67fe36fe01562669dd70c649f45cf13240eef58f86f5ef3ae28cdc3e43d9f9d2ba4325a76965a2975e8174503bdfa199a38e0b58db63bcf1e5eb12de33c64b2ef33669fc9949151d8ba011200c884c5be7b84c1754d1ca896ce4ee9d6fb2e6fd4ae106418c800f2f78a7aed2eacb6b70e5aa926d21508e946850d52fc33ca95d00a5ce212e7731228c2d42bfc2881fda943aa8410156694be406a5936ef6ebb26a0a60cdbd5fd960f52bc8e574e9acf24c4d73416d3ef68417a2fe221cfcbffbeb194cfcb9802a5204f01532f8970ede7b7f7b2e093ed20686b545ac67c8d0f628269b373502379f3f3a5bcf1bbf1181d3de177ff5f1e05783e959739468a351bf539913774349129cb27f8a30167d86d2659954ace32de6e92e3fad637031f8f4b75bbb419d30c44c8d35b3db0ec43e7aaeb826a20afd3419439dce1db6112b6c8c236f5d7d563b9f0233c78875e5502cccb45ef8cb6fbcc6da3882ba86e8daa6afbc70f5192e76151e9633069a7d6b94f7b44b95a62f01d554000558deac1bbac044267a4a544ab336e83db60ba9a828dd0cbdc709dd1147a9f5c4b29d1f40eb87b7bafe8a7e29fea3a0e586bf84bb5a2aeeaf6c389e7d48b52f77e53f5b6d30e4d37a19ec2739c6fc80773e29a74ad01d2862e9e249c54a3f845a3045d964e371350282d5ee63a33f5d9d5d2889e60677ad3a78d7e3936f0da3c2a26a7f74ab598a7a0da120c2fe531416750f7dac241fb94962db31a6de323931bd0645510eb72bbddf8ac9ecba6a4b2e4039e36b96354a12d34186c2cefeb434a273c9eba6cbe055527c59815b1ae0b1d845e6d7fa935d7240bb202d42327d45433f214d4e62cbb5b51f354c2d8d232ddeacb829c99c3f4366e4541003f25dda0dff6c38afba9f1eb0383d8d824aa43be4f9784fa9c5181f8a373c3a35c5151b0402399dde92d9a607dc2768b258c9014dfff807f8389f0b8bc913eb0eec400f986dbdce9c616b7b2f7c671625f6881a4350b04117c251f4cba880908a9b2c44b4e886a8f09f3f57da1b04d6f28dfe47e34f1f6d9f8cb23658ec21d36a48d2cc9348dbf4f067446b995138d9bf37f218ab4f5ccbc21f9bf8b904253764fc753113350b69c6701b72c98d2d3697f46431c9cce4c1d089e535fbb1904fa2ff17b3f611300b91316c7f150ae0c6fd2acdcff3b4f49dcabd4ad54632d3dd6ab48e75197c97a52b93a6d5b68acebddfc2bdad5bc0c5f4b2e8b77799e2051e7a6c3a869e0fa5ade0245881e196a9a09d39a638e8d13ee6e667e04128ad6c56d01f18c1f2f624e4dbcd35769de072db3d688d9d91e952666992f0d2717799ee42ebda848735da9fb6b5a99425b940290aa42046a915d952c551ac00215e7d3c6b25fce0f9ef6b6a015be9cb3f1ff234c672d9e34f5d90af85fd5d0660b82d4b7fe851b1e4028f0bf55646b0c0d7161f760a2e598c1703361edf16b0a337cf808eefafd75807bc8caf9599b5e4e13eeb34e574b45bba80dc87eed30555135278751b4f9577a330c832058c680aea14338eff9d74dc7ff736823f6be457f89d50d3a1ec6f3a7228a0f75438587667f4d1307fcb04859728bbc5e4dc08b0e731acef19f37bb3a111d4abdea5960162cfbf89c69a7ac0827a3be22a362bc26759779f516d49acb2bde5b2c6bc32bd822ec771b0d0f106d8cd1e7739407632bd0db40ebaadd0ddb237a0c83448a5f1a6c4c67b6619b930405ea33bf5f80f7979ca431c677f2d46164e890c646f5c385eecff870f61e0da713f15301a7b73027b5927f9db8ddde589fa6f425fa365e38721e0a448ea9fb0dd0988439462d27ad4c3240cb719c6c649e5a0978a5a462c0a4ef4771609f3270848d44f018a655d6571c8876029289de163717cc646ae2159e94505736332e49610d054e43ce5542bbd7f7c61cc30bcb773e79ec6aa05368fd15d88c5b998bf963eebbf934df25d9c9f59cea6b1df3a9000ee2ce057a695de1dc8a1534abc489862e25d9113a14792b271bfa079908bf08d0c6c4eaa4b35a32d56a16c2161fda15087a3fc9c0364915f997c0026ea6d9e7ef9b21d0ef700007aed76cc680990a3a6ea8980ace288f6c53e33b5ecb7c8d5ed3fc79376daa5221a687cc29f67fe85fc34f0eca6970aa4b5bc1ea0d154d7fe551be3659118537557979086791ec737ef6401323114dc7d7664cb7fcc72d48a7cc03ded28888cbafecdc92cfec2dc9f9babf1438b7ba5a947ba1a73f703e293734a2f39cdc9844f99383a604378862d91e86ed9cca7664ea5682d5724473574a206279b95fdbc6a4a3489aabb5847c0ed92c6b4774e3d0510604c379c129f7b23ee80594831d39b88d33e425b0c9aba6c87ddffe6acb9e85693e4f0e8c260786094e7eaf91d8b5cc641715c1455108227104cd8330144d3f300f88edc5bd4264148dcdb55136b596290194804ab82965943dd8e26bfdf31ad6a066a471caaa17752c82e16ad4457b64e05cd30ac3a4310d069fdbf3941ff99b9b9ea0c4c1abb6aaefbad1f6419396c266def91d82ca41dcd5423dbc3d6612a65513e5756d1fed8b8994ad822bba044f1cae538fdb2332eb7b536fca10256fd1a34485944d82a28a71060a0c4da91a8cec97c54d17421a9a365abacd045de779313c83d2901819cd348113eb02f882f49b117f6d4243ffce69a896d0fd27f8f57eca27181a12d60851c21faa3588cfa8777562ac41ae84f73ef0bbea69645630f34686bf8eefd2be84e24ad0705a32d5c064723cd587149b47924cf4e4949dc42a33d8dd10d846ac5d7f6de6a9115307bc6b1269bf2121101db29ceb2af0ab33037ca283f3c828485233435bc9dfcf94ebe51278fb40c83d5e3dcd05e40f7c876ee7e5ebc9dc74f7d1e1449f4dc6f563b26db4b09ed6b430dab97b184f579d2e92693daff76aa9dcfeb631bdbc3514ea131b947e7fa78e86138452c611980df77a6b79d00d2a072f54b2c10a1c41dbe7addd4af58c9d55f1994b6f7aa688f4dc76e9bd02bd0ca3c8d08f6c300459c7508198de70460f1e59e067a261b2da5ecfbc97e89ca5fa1ff3ad3c312f9c9d04d5883ea654d213dd951c8a89d9f4da04614fa6f590d588d337facbdd443f62f7d9e6f78e0f1257fe69ac21bcb1456ab0c5ab32a8f5842fb77704f0e218cb9947e65ec5e96d591fb16317a4e441b6fa1767db363c3c6171601925a245ba14e37def27392d6c2f9a80a628509e0efa5f490dd3fa713870814a06bbfddfa5cbb06383ad303d46e3fc4d89b5552158dc8cf704ec903371f302eb320e801aa1cde570aeb322b3f5c95cfed7b5e1222fa0c71bb550b79d5f18971cab1904ef371b9cfcee444d764d744e270dcf30a6552a15dd67865ea21ca1334845ac7b31b11e3d5b6bab70073fcd0ed9891b1e4ba9a616f01c74671e4b80239a97fe8df9de1bb7196b7e0017b3cfe8d58b570cf641450c7eb82a0dd2f3e784ae4e9b1696c7731f56e10914f40ce2f0231982a588d19216dc29166aca1e272c2532eab01cbfb9c85f5bd72a9ffb4973ee111fabd1ef30b49eb6b085ddf3802f180335375f29da76a29edd3de27deaf6789f09d19caf1e6b146125adf8ac5bf259158863211e692d250962462746cf851c9198f8e2c43a69748db7760d4e2f3a98aaf9233bca7a3f94b36fff09e2a3241308f49b7b45a26918842b65a6a7bde1a5511af94cec0f706bf79a633088afe0c46ae8d61ac33688245bd63a293019e94608ff03cff41c1f798fd54b1f30e35564130f27838108bb6bfdd4e91ffe9a76dbc83f4ccbf7eebb01032808e58de30eb9be1c51440b6619be93d6e7d014ddc7183a4e1817128310e42c9575035f914d76378a0a914d5077ebdddab617a10996b8f398eee59d3b59775dc1e4db102d358615aa9d11cf9a08980be3bfc745f559779b5d40cb6e7c459a16f556eab0175dc4349dcf0143f3dee7f245d2ceb806ce2e636ae725cc0216450b68b3bd0b044a6bf5473524767929e2d03c1b4bab7676fc21928b11ae6d825fc35390d3566dd0adb04fdd74f2c491976fe99c3b6b64133d48ab3a45802920484fcd48c1c6424e97cda1a908373b487e3fe20baba119e9e78058c87bd6739a0bc18c03711d2c67630b5e106cac711324562008bd1243de9762a319c95166896a1f1098ded95b894e91b9516c6ccefa7061cab567fe150fb9c2c30b885fa85307f2d14d35446304d4d77af46d312860887a7b3781b492d98322b2cbbbbf7aabd3974de1e5e4afe31fd401e4989bb42b75ebc4d0306b43c7cd7493a46b2d86b374160bfb63972edae4ce984392007afafdb424d85ad234b59c5f4b248674634acfe10739dfb1a829d7a118f3b8b7e2ee4f5b6622d1d43", 0x1000}, {&(0x7f00000014c0)="6b553f4de4ed875c9fadc16852f54981bcd646a5262fc3900592194638585e3d2e79f074f796720749ddc1a2661dcb2471a47d963fb4d817dfdb5f52dc8ab642030c2c771646051d08609527b36368b80794b8cb63fe817c3379951a047c5026c2e99eae6dc05c6845529fb603666d78c0e1e5f7bca8f1d8584b7409ccaf0da598af64d7bdd2ae21ac4fb4e07dee96a92a8dddecee7ccbede2d0a7d4f2da90dc3eb4ae8895091f05db58a786519f6fc924a465cc46ae6a9b8705de0705b8bab4f10cddc7756c53eadf4aa6e2379fd85e9c5e7bfc", 0xd4}], 0x6, 0x9, 0x0)
sendmsg$key(r2, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000480)={0x2, 0x3, 0x0, 0x9, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x6c, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_x_nat_t_port={0x1, 0x15, 0x4e20}, @sadb_x_nat_t_type={0x1, 0x14, 0x3}]}, 0x60}}, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x1c, 0x0, 0x7, 0x201, 0x0, 0x0, {}, [@NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}]}, 0x1c}}, 0x0)
mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8001, &(0x7f00000000c0)=0x3, 0x4, 0x1)
syz_usb_connect(0x2, 0x36, 0x0, 0x0)

12.595414724s ago: executing program 2 (id=3409):
syz_open_dev$tty1(0xc, 0x4, 0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x2, 0xfffffe0000000004, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f00007f1000/0x4000)=nil, 0x4000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = memfd_secret(0x0)
fchownat(r2, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
openat$iommufd(0xffffff9c, &(0x7f0000000180), 0x10000, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r4)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f0000000300)={0x0, 0x0, 0x0})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
socket$key(0x2d, 0x3, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ac4000/0x4000)=nil)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], 0x2c2)
r5 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getrlimit(0xa, &(0x7f0000000040))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r6, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={r6, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r6)

12.594833243s ago: executing program 4 (id=3410):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', <r5=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r3, &(0x7f00000001c0)={0x2c, 0x8, r5}, 0x10)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r6, 0x4b63, 0x3)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cubic', 0x5)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FIONCLEX(r7, 0x5450)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x40938, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
close_range(r8, 0xffffffffffffffff, 0x0)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f00000002c0)=""/166)
r9 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)

12.507154841s ago: executing program 3 (id=3411):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = socket(0x22, 0x2, 0x3)
getsockopt$packet_buf(r3, 0x107, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r4=>0xffffffffffffffff})
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x141100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f00000001c0)={"3c24139ed44aec57f2e2ad238e7b448ed886923c31d4b8affbf514fd00", r4, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r10, 0x4138ae84, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
close_range(r2, r7, 0x0)
r11 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r11, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r11, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10)
connect$inet(r11, &(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r11, 0x0, 0x48c, &(0x7f0000000180)={0x2, 'gre0\x00', 0x1}, 0x18)

11.502050894s ago: executing program 0 (id=3412):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt(r0, 0x400000000000003a, 0x1, 0x0, &(0x7f0000000040))
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f00000000c0)={0x980914, 0x1001})
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
shutdown(r4, 0x1)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x3938700}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x20040844)
syz_io_uring_setup(0x40000837, &(0x7f0000001200)={0x0, 0x679a, 0x80, 0x6, 0x1178}, 0x0, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
getpeername(r5, &(0x7f0000000180)=@in={0x2, 0x0, @broadcast}, &(0x7f0000000240)=0x80)
r7 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0)
fcntl$lock(r7, 0x5, &(0x7f0000000100)={0x2, 0x1, 0x2000000000008004, 0xffffff7f})
io_setup(0x2, &(0x7f0000002400))

10.171755823s ago: executing program 1 (id=3413):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x87, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffd2a9dc6da626c0e21677ffaaaaaaaaaa2b86dd6700000100513afffe880000000000000000000000000201ff02000000000000000000000000000189009078000000002001000000000000000000000001fe800000000000000000000000000038220560aeb59d3fb13258c6f29dd7eed9c5aaa04a18f74d2a89000000000000"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
mq_timedsend(r2, 0x0, 0x0, 0x5, 0x0)
mq_timedreceive(r2, &(0x7f0000000140)=""/154, 0x9a, 0x0, &(0x7f0000000040)={0x77359400})
creat(&(0x7f00000001c0)='./file0\x00', 0x16c)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000740)={0x11, @multicast2, 0x4e24, 0x4, 'wrr\x00', 0x39, 0x7ff, 0x22}, 0x2c)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r5, 0x1000)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
read(r1, 0x0, 0x0)
r6 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r6, &(0x7f0000000300)='asymmetric\x00', 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
setuid(0x0)

10.077771571s ago: executing program 3 (id=3415):
r0 = openat$null(0xffffff9c, &(0x7f0000000000), 0x20000, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x60600, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
pipe2(&(0x7f00000000c0)={<r7=>0xffffffffffffffff}, 0x84c00)
read$FUSE(r0, &(0x7f00000006c0)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18, 0xfffffffffffffffe, r8, {0x7}}, 0x18)
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000002c0)={"8022e64e74e6f67b82f0d8a62127912e8e0facb291d8f00126635901181631134a20c7ef49c18bc0bbece53852b95bb8302f6c2286d6b0fb5b13bbdd128c382cebf211c3853f6fb48ab335f3ac853cf7c64d4f27ece7c262cdabfa5660cde1d28dc3eab72b8cfa5b08d6129c86ca79bd9dc43c37e75246dcf04b3816fd90365c877a2c10e8ef4c444ecb4784a0afbf5e962e390bb1ad3bbce049ae51325e79f5ab8bfa80b35fff1da6833ec7fa9ebfc93da9e4b190e5e3a752eca97dc669a937e6ab654169108a38d414fb90e1b894494f314298428ef482b0ff9084c95e735b6b09ca2de115d77f6a657fb7da142c896f9dce212aa58af72879da88687ce4620501a4ba17e906a02662f902745e8ddfb50874ce099ac0fc00ed05470d176364b1f30495b4a088bdde663172734fa8107e5fc0cd4fa60869c83a6669a4ea3040dbaa38f2571543d8521e37ab5aa5be850e3ade4b9eb09e6de146aa0c8fc98fea7bb50efa589af6978ec8d970f908dc4676ea3d15b3b6ebe8ae56a6292704900e611367b278b6716b4d04279792aeb649688ac6bcb7a5e58cbab0c07c8916a7cef3bb0d6303523bad9c0ad5f3024dfbdf364792b75f0ba19d56c5b3bf645fc40061edf7e042de07fc652ec4958373d9f3af542adc030334cc63caa85c8a2628bb1d257c746b2cc57798c23e30f2799f5f392f6af7a3d0cc47299928634afd54ce987c1951989ef81b39f5c7ba4cb2a74250f15261fedf3a25396b83199151ea4b406c2e1aa3135f2a77a8d75b75ef0b25efcdb3b031d8eaed29862173e93994f8d6e6e70df79978551804744eefa635c71d4b38da513f3ea8f48853322cfe5ef1b1ee632e0fcd3eae1993d883fc91f0f2437dce252b6ce5175e7d119afcb9c3c92baf3df6716ce61b54d0dd7dda2360a4c93e26f3eaa4a1637d108966074638697f5b374cf9ae6b32dce29da73fece352c94a1bdb45d6e0fe98533562ee5e55d2f2d3ce5c301ca9c5706a1d0605414f103878eb88169e6681297616b4e1c8c1a43a33f5d99b619962066e7c5698470772696f58dbed61d8507119769e30101f229e012a08b76c0d752cdb290d46f2504177164282fbd084a4817b5ed7448586bc3de1d30af5472e6b67d2ad120e1401ebdcc5358c8eff7e68f4a48aed32f55970a5a6a7c7dcba4887bc4bb1c7fde1610ed25f4f64f25a9f79fad21b5e558fcc97c120c0977a92f5471cc391edf228ff4bf7f9fc7b92737e32b3af48780cb96f5623b5f01dcd3cea45d72ccdb7a36682fd3094542726b24790534728f2c0b2757edc7599ccb170b2db42c9460c42082081ab86d9d5fc971b4d7987ee2c70ced65e08d74474763c6d6ec671c42f6acaa4ccbd2fe981121c04571c1794450b9650b0249f2a633e880ab386510ea86298112a2f01f0ac7f81ee00"})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000161000/0xf000)=nil, &(0x7f0000908000/0x3000)=nil, 0xf000, 0x0, 0x2})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

9.672670592s ago: executing program 4 (id=3416):
socket$nl_generic(0x10, 0x3, 0x10)
flock(0xffffffffffffffff, 0x6)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x401, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000640)=0x8000)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$FS_IOC_SETFLAGS(r3, 0x40046602, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r6 = dup(r5)
syz_open_dev$loop(&(0x7f00000000c0), 0xd03b, 0x410000)
write$6lowpan_enable(r6, 0x0, 0x0)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
read$FUSE(r6, &(0x7f0000003780)={0x2020}, 0x2020)
r7 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r7, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty, 0x400005}, 0x1c)
ioctl$sock_inet6_udp_SIOCOUTQ(r7, 0x894b, &(0x7f0000000040))

6.73255817s ago: executing program 3 (id=3418):
clock_getres(0xb000000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x800020, 0x0, 0xffffffffffffffc0, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e040000000000003f000000000000005504000001ed0a002500000017ffffffcc040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x50)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, 0x0)
sched_rr_get_interval(0x0, &(0x7f0000000000))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x40, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0x14, &(0x7f0000000000), 0x4)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000008c0)=@deltaction={0x2c, 0x18, 0x1, 0x70bd29, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x18, 0x1, [{0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004ec0)=ANY=[@ANYBLOB="28000000400007012bbd700000080000017a03000400c2800c0001800800108004000f800400"], 0x28}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r8)
syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x0)

6.731966515s ago: executing program 4 (id=3419):
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x24020400)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x8000})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000001240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x2, 0x0, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x8, 0x28, 0x68, 0x0, 0x3, 0x6, 0x0, @private=0xa010100, @multicast1}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x10, 0x1, 0x0, 0x8}}}}, 0xfdef)
pread64(r0, 0x0, 0x0, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
getgid()
r3 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmat(r3, &(0x7f000072e000/0x1000)=nil, 0xe000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800008080b63428e90000000000000000", @ANYRES32, @ANYBLOB="08053e9117be8c7c3e04676fada88f9dd2ac59094bfddc77520b6fc3f72cf9aae0385d2179cd54719547f18121ff1663e4c4ba05b5844dcaa967221e073e869d2255d8000072fa831496cc39f92ec7f895f462efe0f47fd1ca7f8c86d62d5696cc8e6fb60676338278e400aedbdec26890006fe8e1cad485ed213db92550effae8f2d795b37e24007316080dd78e85f724db020899adc7616f942eade769c01bbcc2bbab42278dd62414c9008cd5bdfc02a1d609f5ee2701468f7b58d9b5882578ed343dd73ae63eb98baa29b060f2d049386e4a1acb95c8307faf93468aded7b24b2617752cc15c23246120aa00444205b9a6de0a4573e0edc04ca6877ae6fbaff300edee9f0289e046b673ef42d6c6e674f9e0eb5063f3bfacdb59a7514018e23a0000bb73cc5f65422555f4b783fb3963dfc74c4bcb24e9c5ee4b86c443cb842663b7ea1c2dfdaa2308760d060aa234a7a7e6c36f91aa5e7e94fc6c918ec10c0f770431906e76970611133ade9501781576f9349026819c79448ad80edba6701e9f1958ac7b0ca37826df1dae3694d9362c5210170c84d4763703304d38193e9b41e60b4562dcfb2aaf18559d2432eb94df0e82b4c98d934a9b6c5e1c10fa93be0cbb13b1bd320304569415305f2ece2ae2f40108f8da7cefe948aa6cd27925539914062aeca6070beea35eb1f383c8bf054072e7cb420d96004282926851c9e581784e84e8b6a44ac10c2962dad94ae9bcf9855d8fd35623d609030494f85acbe2944e47636d55f49e27a752d43487bb805fb291326e7ee858709dd5d024402f3d289dc0a24f0120ed3f663a1689f6a63def59b672"], 0x0, 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0xa, 0x410802)
close_range(r5, r4, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40015}, 0x0)
write$binfmt_misc(r6, &(0x7f0000000040), 0xe09)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
epoll_create1(0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x640, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003480)=[{{&(0x7f00000003c0)={0xa, 0x4e20, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1}, 0x1c, &(0x7f0000000740)=[{&(0x7f0000000400)="f4", 0x1}], 0x1}}], 0x1, 0x24040800)
flock(0xffffffffffffffff, 0x7ffffffe)

6.731228685s ago: executing program 0 (id=3428):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newneigh={0x28, 0x1c, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x20, 0xea, 0x8}, [@NDA_DST_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x5c0c0}, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x20000080)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x8, 0x8, 0x0, 0x3}, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x103)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180)=@v3={0x3000000, [{0x1, 0x2}, {0x5, 0xc1}]}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x11)
r2 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x280, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
close(r4)
unshare(0x20000400)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, &(0x7f0000000300)={[&(0x7f00000001c0)='/dev/kvm\x00', &(0x7f0000000340)='\x00', &(0x7f0000000440)='/d\xb1\x00\x00\x00\x00\x00\x00\x00d\xea\xf5g$R\x1a\xcd\xa1\xa9V\x1eZZ\xda\xf8\xa3\x8f\xa4\xb4\x02tY\xa5\b\x141A\xd2S[6\xbb\x1c\x83\xde\xc1%k\xa6\xd5\x05\x96\xd7\xb3\xc27\x1f\x9ez\xef\xeb\xba\xa2\x8c#U\x1a\xa9d\xd3\xc9\x92\xaf\x98\x14\x80xp\xad\x91\xc7\xa0\"\xcf<\x9a$\xca\x86f;\b\x8d\xda\xb7DW\xb21\xe3n\x05\xaf\x9c4R,\x84N\x93A\r\x81\x06\xceEb\xb0d]\xd9\xb1@w0\x92\vS\x9c\xcc\x84qK\xc6])\xce\xef\v\x19K\xf3\xc5:\xe4\x10~\x13\x94\xb0\xbe\"\xc9\x0fp6\x0f\xcd\x93Q#+\xe7X\xdc\xe5\xc0[|\x1e\x8fL\xfa\xc7u\xba\xd0\xa2\xc5\xbagpV\x85\xf8\xc5T<bt\xd3\xd0\xf9d\xc2\"oM']}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$binfmt(0xffffffffffffff9c, r3, 0x2, 0x0)
write(r5, &(0x7f0000000180)="01", 0x1)
close(r5)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f00000003c0)={@private1, @remote, @private0, 0x2, 0x9, 0x100, 0x0, 0x2, 0x930130, r6})

6.730830622s ago: executing program 1 (id=3420):
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x24020400)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
pread64(r0, 0x0, 0x0, 0x9)

6.730411431s ago: executing program 2 (id=3421):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$BLKREPORTZONE(r0, 0x1261, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x58, 0x8040)
recvmmsg(r1, &(0x7f0000002780)=[{{&(0x7f0000000140)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000240)=""/6, 0x6}, {0x0}, {&(0x7f0000000380)=""/207, 0xcf}, {&(0x7f0000001580)=""/233, 0xe9}, {0x0}, {&(0x7f0000000280)=""/53, 0x35}, {&(0x7f00000004c0)=""/36, 0x24}], 0x7, &(0x7f0000002680)=""/226, 0xe2}, 0x4217}], 0x1, 0x40000042, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/user\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00')
io_setup(0x208, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_settime(r4, 0x1, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f00000000c0))
shutdown(r2, 0x1)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000000), 0xffffff6a)
sendfile(r2, r5, 0x0, 0xffdffffe)
syz_clone(0x23802400, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r6, 0x29, 0xce, 0x0, &(0x7f0000000080))
r7 = socket(0x1e, 0x3, 0xffff)
cachestat(r7, &(0x7f0000000040)={0x0, 0x1}, &(0x7f0000000080), 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201410127c0de206a0803003ff0010203010902240001000010000904020202f3bff50009050602000202000a09058217259b"], 0x0)

6.57921758s ago: executing program 4 (id=3422):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42800)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffb}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @local}, @TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @empty}]}}]}, 0x50}}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4)
syz_emit_ethernet(0x86, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0000000000e9070045000078000000000011907800000000e000000100004e2000649078027188e05a00000000000000eea2ce15f073cfc7b867a8f1eae374992b05d96de4fee8723648ec884824c0fadad132180b5c87e3c4ce5aace7bd878fbfb382e7c4f35588608b6b77d41797815c1eec4fe3340aa2a2dfcc3569d1153d"], 0x0)
r8 = memfd_secret(0x80000)
ioctl$VIDIOC_S_DV_TIMINGS(r8, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x7d, 0xb, 0x1, 0x1, 0xd, 0xeea5, 0x0, 0x7ff, 0x6, 0x60000, 0x0, 0x4, 0x5f19, 0xffffffff, 0x0, 0x20, {0xfffffffa, 0x4}, 0x81, 0x5}})

6.431101423s ago: executing program 1 (id=3423):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x87, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffd2a9dc6da626c0e21677ffaaaaaaaaaa2b86dd6700000100513afffe880000000000000000000000000201ff02000000000000000000000000000189009078000000002001000000000000000000000001fe800000000000000000000000000038220560aeb59d3fb13258c6f29dd7eed9c5aaa04a18f74d2a89000000000000"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
mq_timedsend(r2, 0x0, 0x0, 0x5, 0x0)
mq_timedreceive(r2, &(0x7f0000000140)=""/154, 0x9a, 0x0, &(0x7f0000000040)={0x77359400})
creat(&(0x7f00000001c0)='./file0\x00', 0x16c)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000740)={0x11, @multicast2, 0x4e24, 0x4, 'wrr\x00', 0x39, 0x7ff, 0x22}, 0x2c)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r5, 0x1000)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
read(r1, 0x0, 0x0)
add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
close_range(r4, 0xffffffffffffffff, 0x0)
setuid(0x0)

3.846020681s ago: executing program 0 (id=3424):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0xfff, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x8054)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, 0x0)
r2 = socket$kcm(0x2, 0x3, 0x2)
socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8916, &(0x7f0000000040)={'veth1_macvtap\x00', @random="0200ac7f7f00"})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup(r3)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000500)={0x0, 0x2, 0x10}, 0xc)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x5}}, 0x20)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x24}}, 0x20000000)
write$tcp_mem(r5, &(0x7f00000003c0)={0xff, 0x2d, 0x0, 0x3a, 0x1, 0x2c}, 0x48)

3.605794669s ago: executing program 4 (id=3425):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42800)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffb}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @local}, @TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @empty}]}}]}, 0x50}}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4)
syz_emit_ethernet(0x86, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0000000000e9070045000078000000000011907800000000e000000100004e2000649078027188e05a00000000000000eea2ce15f073cfc7b867a8f1eae374992b05d96de4fee8723648ec884824c0fadad132180b5c87e3c4ce5aace7bd878fbfb382e7c4f35588608b6b77d41797815c1eec4fe3340aa2a2dfcc3569d1153d"], 0x0)
r8 = memfd_secret(0x80000)
ioctl$VIDIOC_S_DV_TIMINGS(r8, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x7d, 0xb, 0x1, 0x1, 0xd, 0xeea5, 0x0, 0x7ff, 0x6, 0x60000, 0x0, 0x4, 0x5f19, 0xffffffff, 0x0, 0x20, {0xfffffffa, 0x4}, 0x81, 0x5}})

3.592251497s ago: executing program 3 (id=3426):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockname(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0xc, 0x0, 0xfffffdfffffffffe, 0xfa11, 0xffffffff}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x20004, <r5=>r3, 0x80000})
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{0x14004, 0x100000, 0x10, 0x1, 0xfe}, {0x0, 0x2000, 0xf, 0xfe, 0x0, 0x0, 0x0, 0xff, 0x8, 0x0, 0x5}, {0xd000, 0x2, 0x0, 0x80, 0xf9, 0x0, 0x0, 0x2, 0x23, 0x0, 0x4}, {0x5000, 0x2, 0xf, 0x41, 0x0, 0x2, 0x1, 0xfc, 0x0, 0x3}, {0x4000, 0xeeef0000, 0xc, 0x1, 0x3, 0x10, 0xc0, 0x0, 0x1, 0x0, 0x4}, {0x0, 0x100000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0xff}, {0x8000000, 0x2000, 0xa, 0x0, 0x2, 0xfd, 0x0, 0x7, 0x3a, 0x2, 0x0, 0x1}, {0x0, 0x2, 0x0, 0x2, 0x0, 0x6, 0x7, 0x0, 0xfe, 0x0, 0xfe, 0x5}, {0x0, 0x400}, {}, 0xddf8ffdb, 0x0, 0x0, 0x100, 0x7, 0x8000, 0xffff1000, [0x400000000000000, 0x10000000020, 0x2]})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_TRANSLATE(r9, 0xc018ae85, &(0x7f0000001280)={0x0, 0xdddd0000, 0x2, 0x5, 0x50})
r10 = fsmount(0xffffffffffffffff, 0x0, 0x6)
fchdir(r10)
syz_mount_image$fuse(0x0, 0x0, 0x2a0000a, 0x0, 0x0, 0x0, 0x0)
r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81901)
move_mount(r11, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2.619150378s ago: executing program 2 (id=3427):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
r2 = socket(0x28, 0x2, 0x6)
sched_setattr(0x0, 0x0, 0x0)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xffffffff, 0xbde, 0xb, 0x10000}})
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r2, &(0x7f0000000140), 0x0, 0x10, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
syz_emit_ethernet(0x10b, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_uring_setup(0x58ce, &(0x7f0000000300)={0x0, 0x77ae, 0x10, 0x8000002, 0x3d7})
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000013c0)={0x200, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x20363159, [0x0, 0x8000000], [0x8200, 0x1]}}, 0x4})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20004000)
ioctl$VIDIOC_QBUF(r3, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x10, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "230700dd"}, 0x0, 0x2, {}, 0x58603})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r5, &(0x7f0000000580)="81", 0x1, 0xc001, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback, 0x81}, 0x1c)
getsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0x24, &(0x7f0000000180), &(0x7f00000001c0)=0xe)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000100)=0x3)

2.617873286s ago: executing program 1 (id=3438):
syz_open_dev$tty1(0xc, 0x4, 0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x2, 0xfffffe0000000004, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f00007f1000/0x4000)=nil, 0x4000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = memfd_secret(0x0)
fchownat(r2, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
openat$iommufd(0xffffff9c, &(0x7f0000000180), 0x10000, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r4)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f0000000300)={0x0, 0x0, 0x0})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
socket$key(0x2d, 0x3, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ac4000/0x4000)=nil)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], 0x2c2)
r5 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getrlimit(0xa, &(0x7f0000000040))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r6, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={r6, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r6)

1.895913371s ago: executing program 0 (id=3429):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[<r3=>0x0], 0x1})
r4 = syz_io_uring_setup(0xdaa, &(0x7f0000000340)={0x0, 0x4, 0x400, 0x1000, 0x2000}, &(0x7f00000000c0), &(0x7f0000000180))
io_uring_enter(r4, 0x1, 0xffffffff, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000003c0)={r3, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{}, {}, {}]})
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x5}, 0x1c)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001080)={0xf, {"6852ad21e0fd02661b37090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f360068090890e0878f0efcc5e7049b3b612c416b23240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d077202b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d020000001c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b4a5f3090000000000000075271b060029d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841040014f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f33491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c24ffffffffffffff7fb70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bed0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f643577590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4ed134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146784078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34a1c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e2bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9b05000bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48ca2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889bce3076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b7da2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a35595f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e205ef4a7c43b42aae501b20f7694a035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d558ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427bf6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd6700800000082ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd2ea9762639ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769777c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd133d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359deea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e150600d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b2c2fc5d5f0da42c0456ec015f08e5247d33ae2d35623ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e938ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a893664ac70297dc8d62700000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d902952b72c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dc2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec0300068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8075ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b67804cfa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000f700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044dd0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x1000}}, 0x1006)
sendmmsg$inet6(r5, &(0x7f0000003bc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c, &(0x7f0000000880)=[{&(0x7f0000000140)}, {&(0x7f0000000400)="66380aca3ab76e237a136ad78759048469bb59f2fa2ec3ff05a500cc711ecd1f5ef692116a800e7cb79e940731ef5cf1609b4348a068263adcab54a3c0dd59463520128669a334b1ae7a992f3e71429604d5543af6aad1d60e8b61906fed21053cc7242c021e826ba9ce89df4e78dfab8de60aedf7c9d280b917d1e534e41ff38e103a9626cf9b2bf1d9cd0ca4f0cccb", 0x90}, {&(0x7f0000000240)="5ab4509172326d04edb0207534f997ab421157a77b74437a14c351dcb86dba249c8c6c704da0ef214fd6ed124f", 0x2d}, {&(0x7f00000002c0)}, {&(0x7f0000000580)}, {0x0}, {&(0x7f0000000680)="6387b6ff919c76786e7869de6ae431b7c12bcd47784b70f3a5881cb1779309547cca0bf89fe26596", 0x28}, {&(0x7f00000006c0)="de8be3f8e375552c302507568aff90588e716c86781ef234e03c251c1a837c2e902d481db263799eca7e92233e28185e7bdf5e3e696e3fc728adf9945bd0dcf7c12405c60380fa84ddbff8b467b933f56033f192128a33412f51a647f93b2f98c5946fe9f0f24da7432c059d1acb97f97a385fd04b8e384e7a27c4236949fddd52dfa69782408e", 0x87}, {&(0x7f0000000780)="5bfd41d290d92dd48ca8ceae67d1540c0adde438b279c1a3c1357de9e88cf6260fd396f264c513008a4adb1ff02723a477cea1aff7324eb8dc0fcf3619bb48f1ab4693f5e902896c12b3c082cc380de9b7cc5b665175d8af448c62680523e3c4297fbd98fd57b5998b5640603fc9430f1a40e2781115915dd6eaa9af5ffbf9c00e2f6e91b42276", 0x87}], 0x9, &(0x7f0000000900)}}, {{&(0x7f0000000940)={0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x4}, 0x1c, &(0x7f0000000c40)=[{&(0x7f0000000980)="7e0d783387b54770b2b8d55cf1459787517d712a7f528f6b4385dbf4a2aa2cee1f0fe375c810f8e61f6b4255feb6978258897fdd6a484d986e11647512e29510bc3f05e4c0be968e9982bcaa960794dc2322e0beaefb962e095b5ace26b12850303b45", 0x63}, {&(0x7f0000000a00)="a1047661558d3672e34b32b137c9ae3afc045c402189832193d38c284547e3dfc5b718e9945133261237d4727e4c858e8b24762ed49ddd6d245771ad8d03a2c2b4db06c33055c8b0e94ec5199b2f1cc79fa0d599e06fbee5d23c30f7bc27d44e3527313b27f82600bd3b9ad02198d022907400c9068ac1eb376fae5d06ac87698ef178336083ef5faac4e2dd10036500e4e431cf58f9b07467", 0x99}, {&(0x7f0000000ac0)}, {&(0x7f0000000b40)="f8530739cf560e03e7454a08acd9e90daff3dd0fb473c7148b3886589d72ced8030a243b9d4438583d8f1c0260b4bda71e769f736cae89fa9cfcdb3a48a4d8b8a3346f70244d36db4b411ffc7dc0d9dc533ea3d3f6286d481df420f88cc53e471976f0d795e8f7387ce5f6966e3c77501a2542d8c309b50159767abfd2a6eac0bd92675866ca004ab5110311e13722d1d7b3b03a20e7312fbd8d753e3b8b05e86a745a6eac884ce7a3816ec49af14c0de06170847459ee82c7a1913f21271c0b8d718ae64a3a", 0xc6}], 0x4}}, {{&(0x7f0000000c80)={0xa, 0x4e21, 0x59132a5d, @mcast2, 0x38dc}, 0x1c, &(0x7f0000000e40)}}, {{0x0, 0x0, &(0x7f00000034c0)=[{&(0x7f0000000ec0)="99c63438b2d3f1fa909dd67eb6f8285ea42e2bbef19fe9dcf724634d2d3b0d5223fde0a125ddfabf00bba0b15866244ec29763057f02400920683c77cc6d31a1dafd63c6bef172b601fbcc5797c59f9a91f45fe5e946dcbc963f2d90be9003a975dbe717c2df7d3f91dc00ed4d44abbf9dcf0da4b6e5f17ff8181349bb0339", 0x7f}, {&(0x7f0000000f40)="b6bf7adf76fcffd60c8ee53ca623d172d9ddfe4b80e455f222b2ac5e49c3110fb049070ae4475e58098abb30d6e87d6181a7cdaca6fc37259decb4a6568ee113225805d5406fc94e848f69148d8fa125455a589972afcb1881875531a81ca7d4fc175e8933b56d2c3d364f225af49ff28d3909a1872157f6ff3967c30ba3b902caf0c4302de6e5519b10902a7951776f25c0baf34f22e47b50dd45d0628fbf5c9a8649b15c3662f29c1d29e35979eddc36a34b9b3904a863b05fdbf1f73701e40133a15ccfaf5d3a69eb728a0162c7d9f9464af7d7661c8749a0f674ab8c27bc975feeef6325dbc8b7d3fa", 0xeb}, {&(0x7f0000001040)="17af4946921f8bae2a81", 0xa}, {&(0x7f00000030c0)="e9afbe548479bb7766a8196ece9b2a0ace71be8ad9fdb60fe1f09dc281a185cc66e97616d93765e76accc18689c90316aff866c9b0370b2c677024e3517eb7b38f788a7e412699845b66f6a61a3c968813a80260910eaa3d9c4f7dd1dbd7c2d980f41e1796ebc5e34f9901c1408a53c695846cd430e5c6c798ba29bf0cdab16de77478d202da7bd21f", 0x89}, {&(0x7f0000003180)="8d7931c31c3eafa67c252a70aea04150d86d1904e300d4f4a2273ea0d925a42b5fa2", 0x22}, {&(0x7f00000031c0)="7482db609a855fd2773099b46e88c2fb4f9bb258c969d7f5cbb434fdda6c8c3a5d260a9b28fc12ab193cf16804f20600991fd24fba537a88fed8cb5a4a3f16e50f08a2d2ea824730f5aa09464dbf3c0690a5fbd0214cb53d56c482dbdfa220e6dc003d040732377c7b4cb3b70bae483588213b17c1c6cf5f5db5f4fc27975d80168d7379f2961029a82e769c08685d7227fd3d54839d1c406333a6929d6fb0b2a9", 0xa1}, {&(0x7f0000003340)="18f888ddfcb5228056992673df16498e9271de6204de0179827353b2", 0x1c}, {&(0x7f0000003380)="33ae63d35826bd4ec0dbd0c5df6b58d0c57a151efcaec072eec19527b792de1e3586270341f2a1b91eab0c3ab7de7f4dd35e542935534279f518ec99b16b6005934e617dc270ab55c9fd3ae798f8d57823a0fd5d3c", 0x55}, {&(0x7f0000003440)="b99b4fa3ef1e5baa0a3ad7c0506949ba90c6558a7edc5b82de425ff4de0a38fa88802feeb07360223e2a8200b995096ff488d1c2a4c91c150ef49dc364e31d3a6cf96eb4aae0a6668c174b0bce234e4ca284ecb97c798b00f1ac93", 0x5b}], 0x9}}, {{&(0x7f00000035c0)={0xa, 0x4e23, 0x1, @remote, 0x9}, 0x1c, &(0x7f00000038c0)=[{&(0x7f0000003600)="92946e66b7ad21864afcf3b7ac93a1fc1af0c3994b9113aac9a2cba10dc68522e2e42455de30cecf0dda21a0128c7dbb8bd58165a506e86fce97ef693c76d315a39ada2d60ef034ac22ded73e96892a40bc80b11786919a3c92eb47c6f33aa02f59a42bfb6945444287cea3c2cbb86380685dd0bd174cbe8c393a782de36ad38c10dcb2e895df2a7fb", 0x89}, {&(0x7f00000036c0)="163b3ac1273d44a7e872c4c8bfe9c330fe84d9bebe4cfc1d3b9f0b929024e20d0d2fbd90111b80a448680c6d1b8de2e2014686bef8f8d2182edf0d747cb6ab6116bbcaf40f176ed91c10d53ded0f99e28fb767ffe4252240fdec77e92090272fa47d684e0a708d3c1a8a043c9de8d3dd01bb8f432ed8a66eb7ad018fd1d5e21ac8005be26453693c20e580804aefe125d94c173866cfd448bb69bf4581a6a5dbdf394d452cbb6e042257668fc4e16017d072e0aa58d84a3097e007b283d791ffe54b64b0697f91964cbdb892267dda9ec5becf386a83dc8e85876581f5bf55fb03e84ec6ce23256df18c7fb094078e04", 0xf0}, {&(0x7f00000037c0)="ae007d4f", 0x4}, {&(0x7f0000003800)="b9c1dd980fe83e95b9596d86b147274b39a8e84ec1467498e78eaef1a2038b1d49679f8c81631c1db32a075636278cc1", 0x30}, {&(0x7f0000003880)="ccd07e0baa985bcc4973a08ba9622a65c9b6fd5b6b429921bce79855db7d0c12bfb256efe9c13cb9da2bca9063c7cf401e", 0x31}], 0x5, &(0x7f0000003900)=[@hoplimit={{0x10, 0x29, 0x34, 0x2}}, @hoplimit_2292={{0x10}}, @rthdr_2292={{0x64, 0x29, 0x39, {0x2f, 0xa, 0x1, 0x9, 0x0, [@remote, @empty, @private1, @mcast1, @mcast2]}}}, @rthdrdstopts={{0xcc, 0x29, 0x37, {0x0, 0x16, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0x8}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0x9c, "5fa90693823c1086d969b46cd40b953b887be8ed0bdaa3a79c1ea8f09307f9c3ab3cfd24d44c66e9611bfab7ffd2fc36b565c4977ee4abdde804062a2c3cd2d76d8d3fb8d8d0a0a6115e6eed927e13cbeadda96af72b0d177bfa9b7170047c10f09f46e1df1851c843ebcbe4f8d1b343c165e1bfac2478c7433d6f1f85c2ce04ec307242edd78a97474e67608fc0c67d0252c1f1b38c18d956ecde64"}, @ra={0x5, 0x2, 0x5}, @enc_lim={0x4, 0x1, 0x8}]}}}, @dstopts_2292={{0xdc, 0x29, 0x4, {0x84, 0x18, '\x00', [@pad1, @ra={0x5, 0x2, 0x8efc}, @calipso={0x7, 0x30, {0x2, 0xa, 0x4, 0x9, [0x3, 0xf56, 0x100000000, 0x9, 0x8]}}, @generic={0x8, 0x7f, "7c23a5944231418e76b873526536b320e16ed3488013dc4997e34af3ebe40e155ca52bac385d1c49d41e956fdad92deda21840ca4d22ab16884677813bc49fd9cb5ec0d5b6d331b14e12847949951ebaef478c41711da96aac216f8a06bbc25a3def83fe0dd4d388f4d82c9213ff6f9f4a9a72b0f9fb2d52920a9fa01f7182"}, @ra={0x5, 0x2, 0x200}, @pad1, @pad1]}}}], 0x22c}}], 0x5, 0x4001c00)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_NMI(r9, 0xae9a)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1.879660673s ago: executing program 3 (id=3430):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xa005, 0x10100}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r5, 0x3516, 0xe0ff, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x2ded, 0x4000, 0x5, 0x0, 0x0)
r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r9 = socket(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x4e64, 0x4, @remote, 0x2}, 0x18)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r11, 0xae60)
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r11, 0x4068aea3, &(0x7f0000000080)={0x79, 0x0, 0x3})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000100)={0x1, "fa02c8098000"})
r12 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r12, 0xc0285700, &(0x7f0000000040)={0x80109, "fa02946a000000001dda524f03000000000000000000003673000000002000", <r13=>0xffffffffffffffff})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x38)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r14)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r14, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r16=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r14, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r15, @ANYBLOB="310300000000fbdbdf250b00000008000300", @ANYRES32=r16], 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
ioctl$SYNC_IOC_MERGE(r13, 0xc0303e03, 0x0)
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x200}], 0x1, 0x0, 0x0, 0x0)

189.06661ms ago: executing program 4 (id=3431):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x1c)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xa1a)
r5 = syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x25b}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x2, &(0x7f0000000180), 0xfe)
syz_io_uring_setup(0x6d8c, 0x0, &(0x7f00000003c0), &(0x7f0000000400))
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
pipe(&(0x7f0000000040))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140))
fanotify_init(0x200, 0x0)
keyctl$read(0xb, 0x0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
unshare(0x68040200)
accept4(r1, 0x0, &(0x7f0000000000), 0x800)
pselect6(0x40, &(0x7f00000000c0)={0xe, 0x3, 0x5, 0x0, 0xd79, 0x9, 0x6, 0x7}, &(0x7f0000000100)={0xd7c, 0xf, 0x7fff, 0x2, 0x4, 0x1, 0x1000, 0x1ff}, 0x0, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300)={[0x10, 0x7]}, 0x8})

0s ago: executing program 1 (id=3432):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r1 = socket$inet(0x2, 0x3, 0x4)
r2 = socket$kcm(0x11, 0x20000000000000a, 0x300)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x894, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r6, {0x0, 0xfffc}, {}, {0x4, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x860, 0x2, [@TCA_BPF_POLICE={0x850, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x7, 0x4, 0xc, 0x9, {0xd, 0x2, 0x4, 0x4, 0x7, 0x401}, {0x4, 0x1, 0x5, 0x10, 0xfff7, 0x4b2}, 0x6, 0x14ff, 0x3ff}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x38, 0x1, 0x1, 0x8, 0x7f, 0x6, 0x3, 0x6, 0x1, 0x86, 0x9, 0x6, 0x5, 0x9, 0x5f, 0x0, 0x0, 0x13f, 0xfffffffe, 0x0, 0xd31, 0xf54, 0x9, 0x4, 0x4, 0x6, 0x9, 0x7fffffff, 0xfffffffd, 0x7fffffff, 0x8, 0x0, 0xfffffffe, 0x5, 0x5dbd0fd8, 0x8, 0x1887, 0x2, 0x95f, 0x7, 0x6, 0xa, 0x7f, 0xfffffffe, 0x8, 0x2, 0x6, 0x4, 0x6, 0x402f, 0xd, 0x5, 0x6f9d, 0x0, 0x800, 0x3ff, 0x8, 0xa, 0x9, 0x4, 0xd, 0x3, 0xb8f, 0x6, 0x0, 0xffffffff, 0x8000, 0xffffffff, 0x8, 0xfffffffc, 0xee, 0x4, 0x9, 0x2, 0x54eef174, 0xc, 0x9, 0x5, 0xe2, 0x20004, 0x1, 0xffff, 0x5, 0x5, 0x7, 0x5, 0x7, 0x4, 0x4, 0x7, 0x100, 0x8, 0x2, 0x9, 0x0, 0x0, 0xe32, 0x6, 0x8, 0x6, 0x66, 0x7, 0x7, 0x8, 0x5b, 0x7625, 0x51, 0x6, 0xfffffffe, 0x0, 0xa4d, 0x2, 0x10001, 0x7, 0x8, 0x3, 0x8, 0x3, 0x6, 0x6, 0xffffffff, 0x3, 0x0, 0x400000, 0xc55b, 0x8000, 0xf943, 0x4, 0x3000000, 0x2, 0x10000, 0xd, 0xffffffff, 0x9, 0xd3, 0xfffffffb, 0x4, 0x9, 0x401, 0x82baa23, 0xd, 0x0, 0x6, 0x21a, 0xe, 0x1, 0x1430, 0x8, 0x4, 0x7, 0xe, 0x7dab, 0x4, 0x5, 0x4, 0x3, 0xfffffffe, 0x7, 0x6, 0x8ef6, 0x7239, 0x80000001, 0x0, 0xd41, 0x6, 0x2, 0x4, 0x200, 0x8, 0x5, 0xc14, 0x7324, 0x4, 0x50f6, 0x5, 0x4, 0x3, 0x2, 0x7, 0x4, 0x6, 0x5, 0x3, 0x7767, 0x8, 0xe0ba, 0x4f, 0x3, 0x4, 0x7, 0x7fffffff, 0x3, 0x3, 0x5, 0x8, 0x4, 0x80, 0x401, 0x7, 0x1, 0x0, 0x8, 0x7c4, 0x3, 0x6, 0x6, 0xe8, 0x0, 0x6, 0x6, 0x3, 0x8a4, 0x1, 0x9, 0x9, 0x9, 0x200, 0x7, 0xd235, 0x9, 0x7fffffff, 0xf7d, 0x8001, 0x2, 0x7fff, 0x9f7c, 0x7, 0x4, 0xf, 0x1, 0x2, 0x6, 0x400, 0x5, 0x80, 0x400, 0x5, 0xc, 0xff, 0xffff7002, 0x63c, 0x9, 0x1ff, 0xfff, 0x8, 0x8c, 0x40, 0x8, 0xed6, 0xf6, 0x0, 0x3, 0x9, 0x10, 0x9, 0x6]}, @TCA_POLICE_RATE={0x196, 0x2, [0x8, 0x6, 0x8, 0x8000, 0x8, 0x2, 0x9, 0x5, 0xfff, 0x3, 0x101, 0xbf7, 0x8, 0xff, 0x6, 0x113, 0xffff, 0x1, 0x8, 0x7fffffff, 0x6, 0x9, 0x33, 0x5, 0x2f7, 0x100, 0x21, 0x4, 0x7, 0xff, 0x6, 0xfffffffe, 0x7, 0x8, 0x1, 0x8, 0xf33c, 0x3, 0x1, 0x80000000, 0x62e, 0x3, 0xdb2, 0x0, 0xe00, 0x4, 0x2, 0x3, 0x2, 0xfffffff6, 0x5, 0x3, 0x7, 0x8, 0x1, 0x7f, 0x8, 0x6, 0x4, 0x3, 0x0, 0x803, 0x1, 0x5, 0x0, 0x8000, 0xfffffffa, 0xb7, 0xc8b6f5a2, 0x6, 0x2f, 0x7ff, 0x9, 0x8, 0x6, 0x0, 0x8, 0x9, 0x0, 0x5, 0x8b34, 0x2, 0x7e, 0x4, 0x4, 0xfeffffff, 0x1, 0xa, 0xfffffffb, 0x3, 0xffffffff, 0x0, 0x4, 0xd6, 0x7, 0x4, 0x3, 0x8, 0x9, 0x8, 0x2de0, 0x5191, 0x6, 0x401, 0x7, 0x9, 0x7, 0x3, 0x6, 0x1, 0xfffffffb, 0xb839, 0xfffffffa, 0x4, 0x768, 0x7, 0x7f, 0x6, 0x7, 0x4, 0x8b, 0x4, 0x0, 0x5, 0xf0, 0x42490, 0xd, 0x3, 0x5c, 0x80, 0x2, 0x800, 0x8, 0x6, 0xff, 0xffff0000, 0x3, 0x10000, 0x80000001, 0x5, 0xffffffff, 0x4be24694, 0x2, 0x2, 0x100, 0x5, 0x1, 0x7, 0x4, 0xffffff95, 0x5, 0x0, 0xc, 0x6, 0x1000, 0xa, 0x7, 0x4, 0x340, 0x0, 0x0, 0x7, 0x101, 0x2, 0x7ce2352, 0x7fffffff, 0x5e, 0x8e5b, 0x3, 0x8, 0x9, 0x1, 0x80000000, 0x7, 0x301, 0x91, 0x3, 0x80000001, 0x9, 0x1, 0x3e79, 0xffffffff, 0x8, 0x525, 0x7, 0x6, 0x2470a614, 0xe, 0x8, 0x5, 0x7, 0x0, 0x5, 0x4, 0x1, 0x1, 0xfffffc1f, 0x6, 0x2, 0x1, 0x9, 0x7fff, 0xffffffff, 0x4, 0xffff2b7d, 0x4, 0xcdff, 0x9, 0x0, 0x49, 0x6, 0x0, 0x5, 0x9, 0x7, 0x8, 0x7, 0xea, 0x7, 0x7, 0x2, 0x5, 0xff, 0x6, 0xffff, 0x4cd, 0x7, 0x3, 0x3, 0x10001, 0x0, 0x6, 0x7, 0xffffffff, 0xe000000, 0x1, 0x4, 0x7, 0x8, 0xb, 0x7, 0x0, 0xcb65, 0x6, 0xe, 0x240000, 0x9, 0x8, 0x8, 0xfffffff8, 0x9, 0xf, 0x8, 0x5, 0x9, 0x100]}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x10}}]}, 0x894}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)
recvmsg(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_dev$usbmon(0x0, 0x2, 0x800)
ioctl$MON_IOCX_GET(r8, 0x400c9206, &(0x7f00000001c0)={0x0, 0x0})
ptrace(0x10, r7)
ptrace(0x8, r7)
syz_pidfd_open(r7, 0x0)
r9 = syz_io_uring_setup(0xd2, &(0x7f0000000440)={0x0, 0x4000, 0x800, 0x3}, &(0x7f0000000040)=<r10=>0x0, &(0x7f0000000080)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r9, 0x47ba, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

 relocate VQ 0x0 after dequeue, screwing up backlog
[ 1585.792084][   T30] audit: type=1326 audit(1764221206.658:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20564 comm="syz.0.2556" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1586.374539][T20588] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[ 1586.419778][T20592] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1586.428881][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1586.935659][T20600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2563'.
[ 1587.352773][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1587.361281][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1588.953127][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1589.137103][ T5906] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1589.465585][ T5906] usb 1-1: Using ep0 maxpacket: 32
[ 1589.509479][ T5906] usb 1-1: config index 0 descriptor too short (expected 44, got 36)
[ 1589.527650][ T5906] usb 1-1: config 0 has an invalid interface number: 126 but max is 0
[ 1589.553406][ T5906] usb 1-1: config 0 has no interface number 0
[ 1589.662644][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1589.993699][ T5906] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1590.062442][ T5906] usb 1-1: config 0 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1590.139763][ T5906] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 0
[ 1590.285914][ T5906] usb 1-1: config 0 interface 126 has no altsetting 0
[ 1590.383538][ T5906] usb 1-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[ 1590.412310][ T5906] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1590.420513][ T5906] usb 1-1: Product: syz
[ 1590.450984][ T5906] usb 1-1: Manufacturer: syz
[ 1590.466040][ T5906] usb 1-1: SerialNumber: syz
[ 1590.487224][ T5906] usb 1-1: config 0 descriptor??
[ 1590.504518][T20620] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1591.893831][ T5906] ir_usb 1-1:0.126: IR Dongle converter detected
[ 1591.902754][ T5906] usb 1-1: IRDA class descriptor not found, device not bound
[ 1592.213910][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1592.226156][T20640] sctp: [Deprecated]: syz.3.2572 (pid 20640) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1592.226156][T20640] Use struct sctp_sack_info instead
[ 1592.252869][ T5906] usb 1-1: USB disconnect, device number 20
[ 1592.278637][T20631] can: request_module (can-proto-3) failed.
[ 1592.704270][T20649] program syz.2.2575 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1592.714581][T20649] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1593.032207][T20658] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1593.280988][T20663] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1594.488933][T20669] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2578'.
[ 1594.714903][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1597.383323][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1598.924353][T20710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2584'.
[ 1599.102662][T20705] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2585'.
[ 1599.202568][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1600.136161][T20731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2587'.
[ 1600.169165][T20730] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1600.472789][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1601.197156][T20739] trusted_key: encrypted_key: insufficient parameters specified
[ 1602.731909][T20756] netlink: 'syz.2.2594': attribute type 1 has an invalid length.
[ 1603.111406][T20756] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1603.302676][T13755] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1603.707102][T13755] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1603.711259][T20758] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1603.747078][T13755] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1603.784706][T20758] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1603.792388][T13755] usb 3-1: Product: syz
[ 1603.819788][T13755] usb 3-1: Manufacturer: syz
[ 1603.831045][T20758] bond1: (slave vxcan3): Error -95 calling set_mac_address
[ 1603.862548][T13755] usb 3-1: SerialNumber: syz
[ 1603.910715][T13755] usb 3-1: config 0 descriptor??
[ 1603.955520][T20759] gretap1: entered promiscuous mode
[ 1604.469141][T13755] usb 3-1: USB disconnect, device number 29
[ 1606.190069][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.199505][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.218745][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.238273][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1606.283578][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.309482][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.321560][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.332717][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.341667][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.351314][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.360599][T20787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 1606.654539][T20798] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1608.800551][T20818] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1608.881606][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1609.714715][T13755] hid_parser_main: 7 callbacks suppressed
[ 1609.714741][T13755] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[ 1609.955133][T13755] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1610.453080][T20833] fido_id[20833]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1610.937723][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1610.946322][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1610.954796][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1610.963498][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1610.972140][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1610.980685][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1610.989247][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1611.067681][T20843] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1611.992849][T17340] net_ratelimit: 4 callbacks suppressed
[ 1611.992865][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1612.007163][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1612.645306][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.651787][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1613.600924][T20878] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1615.573803][T20893] __nla_validate_parse: 84 callbacks suppressed
[ 1615.573837][T20893] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2625'.
[ 1616.918787][T20908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2617'.
[ 1617.236474][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1617.687308][T20922] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2620'.
[ 1617.764698][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1618.393195][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1618.401745][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1618.410685][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1618.905005][T20922] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1618.919645][T20922] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1618.938138][T20922] bond0 (unregistering): Released all slaves
[ 1619.228573][T20932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2621'.
[ 1619.534278][T20944] random: crng reseeded on system resumption
[ 1621.374850][T20967] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1621.447284][T20971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2628'.
[ 1621.761795][T20975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2630'.
[ 1622.313015][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1622.882813][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1623.513014][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1623.521542][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1623.695012][T20978] netlink: 2020 bytes leftover after parsing attributes in process `syz.3.2627'.
[ 1623.744579][T20978] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2627'.
[ 1624.146008][T20995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2641'.
[ 1625.082859][T20997] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2631'.
[ 1628.006215][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1628.019530][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1628.633032][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1628.642768][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1628.651160][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1629.053905][T21049] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2642'.
[ 1630.134869][T21060] fuse: Bad value for 'fd'
[ 1630.818342][T21066] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2646'.
[ 1630.828155][T21066] xt_time: unknown flags 0xf4
[ 1633.035317][T21089] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2650'.
[ 1633.911438][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1634.012896][T21095] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2651'.
[ 1634.392806][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1634.401343][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1634.409991][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1634.982869][T21091] input: syz1 as /devices/virtual/input/input40
[ 1635.744997][ T5906] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[ 1635.796766][ T5906] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1636.225081][T21112] fido_id[21112]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1636.340009][T21117] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2655'.
[ 1637.425700][T21126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.434287][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.465321][T21126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.476525][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.488829][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.512571][ T5906] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1637.531495][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.842518][ T5906] usb 2-1: Using ep0 maxpacket: 8
[ 1637.943260][ T5906] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1637.954005][ T5906] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1638.073968][ T5906] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1638.083243][ T5906] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1638.091913][ T5906] usb 2-1: Product: syz
[ 1638.136458][ T5906] usb 2-1: Manufacturer: syz
[ 1638.141276][ T5906] usb 2-1: SerialNumber: syz
[ 1638.161012][ T5906] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[ 1638.174608][ T5906] usbtest 2-1:1.0: couldn't get endpoints, -22
[ 1638.197745][ T5906] usbtest 2-1:1.0: probe with driver usbtest failed with error -22
[ 1638.443580][ T5942] usb 2-1: USB disconnect, device number 42
[ 1638.769635][T21136] fuse: Bad value for 'fd'
[ 1639.513204][T17340] net_ratelimit: 16 callbacks suppressed
[ 1639.513220][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.527573][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.536147][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.544537][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1640.871199][T21158] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2664'.
[ 1640.913315][T21158] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2664'.
[ 1642.574337][T21178] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1643.620393][ T5922] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[ 1643.637189][ T5922] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1643.958900][T21187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2669'.
[ 1644.563895][T21193] fido_id[21193]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1644.633196][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1645.367156][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1645.382533][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1645.390996][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1646.122316][ T5922] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1646.160895][T21218] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2671'.
[ 1646.313715][ T5922] usb 3-1: device descriptor read/64, error -71
[ 1646.622501][ T5922] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1646.942355][ T5922] usb 3-1: device descriptor read/64, error -71
[ 1647.082392][ T5922] usb usb3-port1: attempt power cycle
[ 1647.282535][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1647.722376][ T5922] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1647.762565][ T5922] usb 3-1: device descriptor read/8, error -71
[ 1648.013503][ T5922] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1648.138610][T21235] input: syz1 as /devices/virtual/input/input41
[ 1648.348005][T21237] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2678'.
[ 1648.489876][T21237] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1649.895397][ T5922] usb 3-1: device descriptor read/8, error -71
[ 1650.006738][T21255] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2682'.
[ 1650.196663][ T5922] usb usb3-port1: unable to enumerate USB device
[ 1650.403666][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1650.891883][T19719] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[ 1650.927638][T19719] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1651.032774][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1651.041179][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1651.050173][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1652.655261][T21283] sctp: [Deprecated]: syz.3.2687 (pid 21283) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1652.655261][T21283] Use struct sctp_sack_info instead
[ 1654.132494][T21282] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2688'.
[ 1655.722601][T19719] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1655.842364][    T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1655.882406][T19719] usb 4-1: Using ep0 maxpacket: 32
[ 1655.903785][T21313] tipc: Started in network mode
[ 1655.908717][T21313] tipc: Node identity , cluster identity 4711
[ 1655.915281][T21313] tipc: Failed to obtain node identity
[ 1655.921029][T21313] tipc: Enabling of bearer <eth:ip6gre0> rejected, failed to enable media
[ 1655.988794][T19719] usb 4-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.06
[ 1656.032368][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 1656.081293][T19719] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1656.089594][T19719] usb 4-1: Product: syz
[ 1656.093879][T19719] usb 4-1: Manufacturer: syz
[ 1656.098529][T19719] usb 4-1: SerialNumber: syz
[ 1656.153142][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.161657][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.258733][T19719] usb 4-1: config 0 descriptor??
[ 1656.270122][T19719] ums_eneub6250 4-1:0.0: USB Mass Storage device detected
[ 1656.407014][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1656.432974][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1656.449206][    T9] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1656.465556][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1656.489805][    T9] usb 3-1: config 0 descriptor??
[ 1656.793969][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.802179][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.810773][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.832420][T19719] usb 4-1: USB disconnect, device number 28
[ 1659.057808][    T9] usb 3-1: string descriptor 0 read error: -71
[ 1659.119796][    T9] usbhid 3-1:0.0: can't add hid device: -71
[ 1659.133452][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1659.145607][    T9] usb 3-1: USB disconnect, device number 34
[ 1659.743587][T21346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2698'.
[ 1660.729578][T21351] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1661.931737][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1661.939948][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1661.948188][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1661.956352][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1662.611829][T21369] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2704'.
[ 1662.949138][T21381] random: crng reseeded on system resumption
[ 1664.331272][T21393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2707'.
[ 1664.551226][T21398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2709'.
[ 1664.565823][T21398] netlink: 320 bytes leftover after parsing attributes in process `syz.4.2709'.
[ 1664.866734][T21401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1664.887969][T21401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1664.902885][T21401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1664.924366][T21401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1664.949356][T21401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1665.000876][T21402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1666.504130][T21416] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2711'.
[ 1667.673524][ T1149] net_ratelimit: 3 callbacks suppressed
[ 1667.673544][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.687716][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.696584][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.704811][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.957389][T21427] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2712'.
[ 1668.489104][T21416] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1668.507163][T21416] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1668.534043][T21416] bond0 (unregistering): Released all slaves
[ 1668.837897][T21427] warning: `syz.3.2712' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1669.575358][T21443] syzkaller0: entered promiscuous mode
[ 1669.581891][T21443] syzkaller0: entered allmulticast mode
[ 1672.164290][ T5906] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[ 1672.190838][ T5906] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1672.819100][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1673.081684][T21477] fido_id[21477]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1673.434793][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1673.443777][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1673.452151][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1673.659360][T21485] blkio.reset_stats is deprecated
[ 1674.067750][T21493] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1674.095041][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1674.101855][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1674.295661][T21492] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1674.304561][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1675.992929][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1676.226544][T21513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2728'.
[ 1677.672592][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1678.552909][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1679.192556][T13755] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1679.195828][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1679.209091][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1679.217483][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1679.522327][T13755] usb 2-1: Using ep0 maxpacket: 16
[ 1679.661283][T13755] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[ 1679.672444][T13755] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1679.684702][T13755] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[ 1679.884338][T13755] usb 2-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[ 1679.974851][T13755] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1680.033941][T13755] usb 2-1: config 0 descriptor??
[ 1680.863658][T21553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1680.876144][T21553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1681.250637][T21553] pimreg: entered allmulticast mode
[ 1681.460463][T13755] samsung 0003:0419:0001.000C: hidraw0: USB HID v0.00 Device [HID 0419:0001] on usb-dummy_hcd.1-1/input0
[ 1681.686253][ T5906] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[ 1681.756449][ T5906] hid-generic 0000:0000:0000.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1682.995218][T13755] usb 2-1: USB disconnect, device number 43
[ 1683.175055][T21570] fido_id[21570]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1683.396609][T21576] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1684.326677][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1684.478950][T21594] random: crng reseeded on system resumption
[ 1684.854739][T21595] netlink: 'syz.3.2740': attribute type 5 has an invalid length.
[ 1684.905304][T21595] ip6erspan0: entered promiscuous mode
[ 1684.953475][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1684.961868][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1684.972472][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1685.622356][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1686.113106][T21602] kernel profiling enabled (shift: 63)
[ 1686.120364][T21602] profiling shift: 63 too large
[ 1686.588861][T21606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2744'.
[ 1689.442709][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1690.720159][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1690.728562][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1690.737301][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1690.864425][T21655] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2751'.
[ 1691.054748][ T5906] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1691.493719][ T5906] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1692.391615][T21663] fido_id[21663]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1693.082548][T21675] kvm: user requested TSC rate below hardware speed
[ 1693.453600][T13755] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1693.860861][T13755] usb 2-1: Using ep0 maxpacket: 8
[ 1694.020907][T13755] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1694.041072][T13755] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1694.285020][T13755] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1694.366904][T13755] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1694.405017][T13755] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1694.434045][T13755] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1694.707505][T21675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1694.719254][T21675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1694.917742][T21688] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2758'.
[ 1695.202859][T21545] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1695.211710][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1696.473348][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1696.481780][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1697.238448][T13755] usb 2-1: usb_control_msg returned -71
[ 1697.244541][T13755] usbtmc 2-1:16.0: can't read capabilities
[ 1697.304931][T13755] usb 2-1: USB disconnect, device number 44
[ 1697.466129][T21688] bond0 (unregistering): Released all slaves
[ 1697.665932][T21708] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1697.752884][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1698.377859][ T5906] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1698.538196][ T5906] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1698.549860][ T5906] usb 3-1: config 0 has no interfaces?
[ 1698.559745][ T5906] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1698.863271][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1698.943028][ T5906] usb 3-1: config 0 descriptor??
[ 1700.156366][T13755] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1700.246705][T21739] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2766'.
[ 1700.963326][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1701.098944][T13755] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1701.196339][T13755] usb 3-1: USB disconnect, device number 35
[ 1701.544765][T21742] fido_id[21742]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1702.233192][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1702.241637][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1702.875106][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1704.175219][T21767] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2773'.
[ 1704.283244][T21769] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1704.805374][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1704.904542][T21778] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2777'.
[ 1706.712734][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1707.938526][T21799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2780'.
[ 1707.992855][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1708.001252][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1708.638307][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1709.185796][ T5942] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[ 1709.220120][ T5942] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1709.665032][T21828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2784'.
[ 1711.488316][T21837] sctp: [Deprecated]: syz.4.2786 (pid 21837) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1711.488316][T21837] Use struct sctp_sack_info instead
[ 1712.075642][ T5906] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[ 1712.102678][ T5906] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1712.549768][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1714.330946][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1714.339372][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1714.392575][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1714.405574][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1714.778714][T21858] fido_id[21858]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1715.497288][T21872] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1716.566494][T21877] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2790'.
[ 1717.970850][T21877] bond0 (unregistering): Released all slaves
[ 1718.250230][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1719.109485][T21897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2794'.
[ 1719.452844][T21901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2796'.
[ 1719.525010][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1720.152940][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1720.161314][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1721.931379][T21917] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2799'.
[ 1723.247794][ T5942] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[ 1723.323765][ T5942] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1723.764529][T21934] fido_id[21934]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1723.995680][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1724.098938][T21935] sctp: [Deprecated]: syz.2.2804 (pid 21935) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1724.098938][T21935] Use struct sctp_sack_info instead
[ 1724.632728][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1724.757605][T21943] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2807'.
[ 1724.794635][T21943] netlink: 277 bytes leftover after parsing attributes in process `syz.4.2807'.
[ 1724.815961][T21943] netlink: 277 bytes leftover after parsing attributes in process `syz.4.2807'.
[ 1725.919583][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1725.928012][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1726.790407][T21964] netlink: 'syz.3.2809': attribute type 2 has an invalid length.
[ 1729.199842][T21991] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1730.393870][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1731.050379][T13755] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[ 1731.108376][T13755] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1731.133350][T22012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2818'.
[ 1731.201957][T22012] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2818'.
[ 1732.111240][T22019] netlink: 2020 bytes leftover after parsing attributes in process `syz.1.2813'.
[ 1732.131195][T22019] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2813'.
[ 1732.485380][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1733.592494][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1735.633010][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1735.639507][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1735.639534][T22042] netlink: 'syz.1.2823': attribute type 2 has an invalid length.
[ 1736.145618][T22048] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2835'.
[ 1736.155238][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1736.649769][T22048] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1736.658306][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1737.456840][T22058] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2826'.
[ 1738.136313][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1738.208136][T22061] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1738.403872][T22067] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1740.031333][T19719] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1740.086136][T19719] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1740.537910][T22093] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1740.871719][T22093] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1740.880509][T13755] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1740.889258][T22093] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1740.935225][T22093] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1740.945069][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1740.955334][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.166459][T22099] net_ratelimit: 182 callbacks suppressed
[ 1741.166484][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.182295][T13755] usb 3-1: Using ep0 maxpacket: 8
[ 1741.195304][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.231448][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.259356][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.286649][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.310899][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.336974][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.348135][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.363135][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.377700][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.519872][T13755] usb 3-1: config 1 has an invalid descriptor of length 207, skipping remainder of the config
[ 1741.541009][T13755] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 51200, setting to 64
[ 1741.641182][T22094] fido_id[22094]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1741.660901][T13755] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1741.710844][T13755] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1741.720232][T13755] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1741.736854][T13755] usb 3-1: Product: syz
[ 1741.962286][T13755] usb 3-1: Manufacturer: syz
[ 1741.967178][T13755] usb 3-1: SerialNumber: syz
[ 1741.998644][T13755] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[ 1742.007898][T13755] usbtest 3-1:1.0: couldn't get endpoints, -22
[ 1742.014187][T13755] usbtest 3-1:1.0: probe with driver usbtest failed with error -22
[ 1742.342569][T13755] usb 3-1: USB disconnect, device number 36
[ 1744.346490][T22125] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1744.911376][T22127] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1745.401150][T22132] input: syz1 as /devices/virtual/input/input42
[ 1745.587739][T22133] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1745.804515][T22138] overlayfs: missing 'lowerdir'
[ 1747.155239][T22160] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1747.673220][   T36] net_ratelimit: 412 callbacks suppressed
[ 1747.673244][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1748.065794][T22165] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1749.641370][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1749.658069][T22179] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2849'.
[ 1751.085214][T22196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2853'.
[ 1752.402942][T22207] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1752.507330][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1752.521650][   T30] audit: type=1326 audit(1764221374.918:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1752.612383][   T30] audit: type=1326 audit(1764221374.918:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1752.675159][   T30] audit: type=1326 audit(1764221374.918:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1752.830965][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1753.032082][   T30] audit: type=1326 audit(1764221374.918:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1753.432688][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1753.453134][   T30] audit: type=1326 audit(1764221374.918:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1753.574216][   T30] audit: type=1326 audit(1764221374.918:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=330 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1753.600183][   T30] audit: type=1326 audit(1764221374.918:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1753.626368][   T30] audit: type=1326 audit(1764221374.918:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=50 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1753.679620][   T30] audit: type=1326 audit(1764221374.918:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1753.704019][   T30] audit: type=1326 audit(1764221374.918:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22203 comm="syz.0.2855" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffd558 code=0x7ffc0000
[ 1753.726117][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1754.985326][T22244] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1755.224247][T22248] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1755.352724][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1758.102824][T22262] 8021q: adding VLAN 0 to HW filter on device team0
[ 1758.207338][T22262] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1758.552898][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1758.561235][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1758.642808][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1758.979032][T22279] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2865'.
[ 1760.254867][T22288] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2867'.
[ 1761.113011][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1762.083233][T22302] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2869'.
[ 1762.442029][T13755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1762.508570][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1762.518691][T19719] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1762.534543][T21545] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1762.542841][   T30] kauditd_printk_skb: 45 callbacks suppressed
[ 1762.542860][   T30] audit: type=1326 audit(1764221384.978:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22297 comm="syz.1.2870" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d539 code=0x0
[ 1764.058670][T22324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2873'.
[ 1764.344422][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1764.352702][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1764.361225][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1764.402565][T22326] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1765.024533][T22331] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1766.232757][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1766.942384][T22350] kernel profiling enabled (shift: 63)
[ 1766.948137][T22350] profiling shift: 63 too large
[ 1767.821961][T22361] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2880'.
[ 1768.152978][ T6209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1768.168530][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1768.178026][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1768.554318][T22371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2882'.
[ 1770.073081][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1770.081580][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1770.090205][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1770.621169][T22391] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2886'.
[ 1771.273115][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1772.799150][T22412] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1775.107429][T22434] vivid-006: disconnect
[ 1775.192889][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1775.720525][T19719] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1775.735462][T19719] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1775.833145][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1775.841709][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1776.035413][T22434] vivid-006: reconnect
[ 1776.560754][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1776.765141][T22448] fido_id[22448]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1777.571888][T22456] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1777.606414][T22458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2897'.
[ 1777.780909][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1778.851243][T22472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2901'.
[ 1779.822331][    T9] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1779.985152][    T9] usb 3-1: config 0 has no interfaces?
[ 1779.995227][    T9] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1780.012281][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1780.051158][    T9] usb 3-1: Product: syz
[ 1780.061095][    T9] usb 3-1: Manufacturer: syz
[ 1780.091695][    T9] usb 3-1: SerialNumber: syz
[ 1780.123487][    T9] usb 3-1: config 0 descriptor??
[ 1780.321590][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1780.537845][T22474] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1780.547387][T22474] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1780.722427][T22485] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1781.167292][T22483] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1781.592792][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1781.601197][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1782.168120][T19719] usb 3-1: USB disconnect, device number 37
[ 1782.232558][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1784.877215][T22519] input: syz1 as /devices/virtual/input/input44
[ 1785.014124][T19719] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[ 1785.063885][T19719] hid-generic 0000:0000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1785.908409][T22528] fido_id[22528]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1786.072652][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1786.515341][T22538] syzkaller0: entered promiscuous mode
[ 1786.521033][T22538] syzkaller0: entered allmulticast mode
[ 1786.768891][T22546] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2915'.
[ 1787.362710][T10692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1787.371423][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1787.379858][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1787.422781][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1787.841441][T22548] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1788.846103][T22561] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2917'.
[ 1790.555226][T22595] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1791.192720][T22583] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1792.141761][T22621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2923'.
[ 1792.472892][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1793.113364][T22583] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1793.121750][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1794.139690][T22639] vivid-000: disconnect
[ 1794.978863][T22650] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1795.142693][T22639] vivid-000: reconnect
[ 1796.286391][T22674] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[ 1796.955837][T22583] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1796.964060][T22583] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1796.982812][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1796.992437][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1798.232586][T22580] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1798.835446][T22695] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1798.873228][ T6044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1798.881583][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1798.963727][T22702] 8021q: adding VLAN 0 to HW filter on device team0
[ 1799.155038][T22701] QAT: failed to copy from user.
[ 1799.183341][T22702] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1800.995080][   T30] audit: type=1326 audit(1764221423.438:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22710 comm="syz.0.2939" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffd539 code=0x0
[ 1801.021753][T22724] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2938'.
[ 1801.188466][T22721] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1801.437291][T22719] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1801.446087][T22719] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1802.469380][T22740] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1802.717491][T22580] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1803.090535][T22759] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1803.099927][T22759] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1803.100804][T22759] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1804.749646][T22583] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1804.774973][T22583] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1804.812412][T22583] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1804.853544][T22583] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1804.879033][T22583] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1804.936847][T22583] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1805.182480][T22583] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1805.711541][T22583] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1805.962993][T22782] sctp: [Deprecated]: syz.0.2951 (pid 22782) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1805.962993][T22782] Use struct sctp_sack_info instead
[ 1806.080439][T22784] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1806.150510][   T30] audit: type=1326 audit(1764221428.588:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22779 comm="syz.4.2954" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d539 code=0x0
[ 1806.172134][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1806.201943][T22792] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 1806.308761][T22792] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1806.746583][T22793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2953'.
[ 1807.396132][T22809] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1809.284109][T22823] fuse: Unknown parameter '0x0000000000000009'
[ 1809.294649][T22823] fuse: Unknown parameter '0x0000000000000008���	�g��%wA��˘�v���'
[ 1809.542409][T22339] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1809.652392][   T30] audit: type=1326 audit(1764221432.078:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22828 comm="syz.0.2960" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1809.762383][   T30] audit: type=1326 audit(1764221432.078:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22828 comm="syz.0.2960" exe="/root/syz-executor" sig=0 arch=40000003 syscall=103 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1809.762493][T22339] usb 2-1: Using ep0 maxpacket: 16
[ 1809.793730][T22339] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1809.814005][T22339] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1809.830616][T22339] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1809.842303][T22339] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[ 1809.954805][T22339] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[ 1810.030859][   T30] audit: type=1326 audit(1764221432.458:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22828 comm="syz.0.2960" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1810.080884][   T30] audit: type=1326 audit(1764221432.468:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22828 comm="syz.0.2960" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000
[ 1810.151975][T22339] usb 2-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40
[ 1810.164079][T22834] xfrm0: entered promiscuous mode
[ 1810.192773][T22339] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1810.241928][T22339] usb 2-1: SerialNumber: syz
[ 1810.294267][T22823] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1810.308718][T22834] xfrm0: entered allmulticast mode
[ 1810.327158][T22339] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[ 1810.360858][T22339] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -12
[ 1810.825723][T22844] syz.3.2963: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 1810.861816][T22844] CPU: 1 UID: 0 PID: 22844 Comm: syz.3.2963 Not tainted syzkaller #0 PREEMPT(full) 
[ 1810.861840][T22844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1810.861852][T22844] Call Trace:
[ 1810.861860][T22844]  <TASK>
[ 1810.861867][T22844]  dump_stack_lvl+0x189/0x250
[ 1810.861899][T22844]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1810.861922][T22844]  ? __pfx__printk+0x10/0x10
[ 1810.861938][T22844]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1810.861959][T22844]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1810.861982][T22844]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1810.862006][T22844]  warn_alloc+0x214/0x310
[ 1810.862030][T22844]  ? stack_depot_save_flags+0x40/0x860
[ 1810.862058][T22844]  ? __pfx_warn_alloc+0x10/0x10
[ 1810.862083][T22844]  ? kasan_save_track+0x3e/0x80
[ 1810.862105][T22844]  ? __kasan_kmalloc+0x93/0xb0
[ 1810.862134][T22844]  ? xsk_setsockopt+0x4dc/0x8d0
[ 1810.862162][T22844]  ? do_sock_setsockopt+0x17c/0x1b0
[ 1810.862183][T22844]  ? __ia32_sys_setsockopt+0x13f/0x1b0
[ 1810.862203][T22844]  ? __do_fast_syscall_32+0xb6/0x2b0
[ 1810.862216][T22844]  ? do_fast_syscall_32+0x34/0x80
[ 1810.862228][T22844]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1810.862254][T22844]  __vmalloc_node_range_noprof+0x125/0x12d0
[ 1810.862298][T22844]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1810.862323][T22844]  ? __kasan_kmalloc+0x93/0xb0
[ 1810.862349][T22844]  vmalloc_user_noprof+0xad/0xf0
[ 1810.862370][T22844]  ? xskq_create+0xbf/0x170
[ 1810.862391][T22844]  xskq_create+0xbf/0x170
[ 1810.862413][T22844]  xsk_init_queue+0xb0/0x110
[ 1810.862434][T22844]  xsk_setsockopt+0x4dc/0x8d0
[ 1810.862456][T22844]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1810.862474][T22844]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1810.862498][T22844]  ? aa_sock_opt_perm+0xff/0x1b0
[ 1810.862522][T22844]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1810.862537][T22844]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1810.862557][T22844]  do_sock_setsockopt+0x17c/0x1b0
[ 1810.862584][T22844]  __ia32_sys_setsockopt+0x13f/0x1b0
[ 1810.862605][T22844]  __do_fast_syscall_32+0xb6/0x2b0
[ 1810.862625][T22844]  do_fast_syscall_32+0x34/0x80
[ 1810.862639][T22844]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1810.862661][T22844] RIP: 0023:0xf7f02539
[ 1810.862679][T22844] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1810.862692][T22844] RSP: 002b:00000000f53f655c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1810.862708][T22844] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000000011b
[ 1810.862719][T22844] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000052
[ 1810.862728][T22844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1810.862737][T22844] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1810.862746][T22844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1810.862768][T22844]  </TASK>
[ 1811.145827][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1811.475762][T22844] Mem-Info:
[ 1811.479263][T22844] active_anon:11458 inactive_anon:310 isolated_anon:0
[ 1811.479263][T22844]  active_file:22925 inactive_file:5777 isolated_file:0
[ 1811.479263][T22844]  unevictable:768 dirty:291 writeback:0
[ 1811.479263][T22844]  slab_reclaimable:10203 slab_unreclaimable:128566
[ 1811.479263][T22844]  mapped:38516 shmem:3864 pagetables:1506
[ 1811.479263][T22844]  sec_pagetables:0 bounce:0
[ 1811.479263][T22844]  kernel_misc_reclaimable:0
[ 1811.479263][T22844]  free:1305669 free_pcp:9477 free_cma:0
[ 1811.524808][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1811.622680][T22844] Node 0 active_anon:46132kB inactive_anon:1240kB active_file:91572kB inactive_file:22972kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:152036kB dirty:1164kB writeback:0kB shmem:13920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12920kB pagetables:5872kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1811.766233][T22844] Node 1 active_anon:0kB inactive_anon:0kB active_file:128kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:128kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1811.837729][T22844] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1811.967366][T22844] lowmem_reserve[]: 0 2505 2505 2505 2505
[ 1811.993946][T22844] Node 0 DMA32 free:1314548kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41436kB inactive_anon:40kB active_file:91572kB inactive_file:22972kB unevictable:1536kB writepending:1176kB zspages:0kB present:3129332kB managed:2565140kB mlocked:0kB bounce:0kB free_pcp:29332kB local_pcp:16308kB free_cma:0kB
[ 1812.030151][T22844] lowmem_reserve[]: 0 0 0 0 0
[ 1812.036423][T22844] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1812.066348][T22844] lowmem_reserve[]: 0 0 0 0 0
[ 1812.073564][T22844] Node 1 Normal free:3903356kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:128kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4288kB local_pcp:4288kB free_cma:0kB
[ 1812.182494][T22844] lowmem_reserve[]: 0 0 0 0 0
[ 1812.187311][T22844] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1812.262281][T22844] Node 0 DMA32: 1647*4kB (UME) 1032*8kB (UME) 986*16kB (UM) 936*32kB (UME) 543*64kB (UME) 577*128kB (UM) 486*256kB (UME) 268*512kB (UME) 139*1024kB (UME) 2*2048kB (UE) 180*4096kB (UM) = 1314524kB
[ 1812.339844][T22844] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1812.386381][T22844] Node 1 Normal: 251*4kB (UME) 70*8kB (UME) 52*16kB (UME) 261*32kB (UME) 124*64kB (UME) 31*128kB (UME) 15*256kB (UME) 6*512kB (UM) 3*1024kB (UME) 4*2048kB (UME) 943*4096kB (UM) = 3903356kB
[ 1812.430434][T22844] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1812.443638][T22844] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1812.458827][T22844] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1812.470118][T22844] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1812.480432][T22844] 30777 total pagecache pages
[ 1812.486602][T22844] 0 pages in swap cache
[ 1812.491299][T22844] Free swap  = 124996kB
[ 1812.499225][T22844] Total swap = 124996kB
[ 1812.505141][T22844] 2097051 pages RAM
[ 1812.535941][T22844] 0 pages HighMem/MovableOnly
[ 1812.548106][T22844] 424124 pages reserved
[ 1812.557977][T22856] sctp: [Deprecated]: syz.0.2966 (pid 22856) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1812.557977][T22856] Use struct sctp_sack_info instead
[ 1812.659222][T22858] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1813.012292][T22844] 0 pages cma reserved
[ 1813.231943][T22339] usb 2-1: USB disconnect, device number 45
[ 1813.638965][T22868] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2967'.
[ 1813.824207][T22867] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1814.573164][T22339] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1814.883423][T22339] usb 3-1: Using ep0 maxpacket: 16
[ 1814.900718][T22339] usb 3-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[ 1814.910451][T22339] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1814.920407][T22339] usb 3-1: Product: syz
[ 1814.925256][T22339] usb 3-1: Manufacturer: syz
[ 1814.929980][T22339] usb 3-1: SerialNumber: syz
[ 1814.991537][T22339] usb 3-1: config 0 descriptor??
[ 1815.229240][T22889] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1815.278579][T22339] usb 3-1: ignoring: not an USB2CAN converter
[ 1816.994065][T22911] ptrace attach of "./syz-executor exec"[5852] was attempted by "./syz-executor exec"[22911]
[ 1817.042677][T22912] macsec0: entered promiscuous mode
[ 1817.056472][T22912] macsec0: left promiscuous mode
[ 1817.269661][T19719] usb 3-1: USB disconnect, device number 38
[ 1817.787193][T22911] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2973'.
[ 1818.294313][T22923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2976'.
[ 1818.653562][T22926] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1819.071023][T22933] misc userio: No port type given on /dev/userio
[ 1819.599144][T22938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2979'.
[ 1823.020853][T22964] netlink: 'syz.3.2984': attribute type 4 has an invalid length.
[ 1823.028878][T22964] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2984'.
[ 1823.066371][   T30] audit: type=1326 audit(1764221445.508:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22946 comm="syz.2.2981" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f83539 code=0x0
[ 1823.118448][T22967] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1823.317140][T22967] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1823.442355][ T5942] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1823.693401][ T5942] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1823.709954][ T5942] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1823.721149][ T5942] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1823.746148][ T5942] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1823.755849][ T5942] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1823.915875][ T5942] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1823.998979][ T5942] usb 4-1: invalid MIDI out EP 0
[ 1824.203195][T20771] udevd[20771]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1824.239306][ T5942] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1825.672277][T22987] ucma_write: process 3091 (syz.0.2987) changed security contexts after opening file descriptor, this is not allowed.
[ 1826.300538][T19719] usb 4-1: USB disconnect, device number 29
[ 1826.368683][T22963] delete_channel: no stack
[ 1828.912697][T23013] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2991'.
[ 1830.189313][T23028] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2992'.
[ 1831.953957][T23048] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2998'.
[ 1836.103066][T23097] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3007'.
[ 1838.802416][T19719] IPVS: starting estimator thread 0...
[ 1838.959004][T23122] IPVS: using max 36 ests per chain, 86400 per kthread
[ 1839.147197][T10438] Bluetooth: unknown link type 41
[ 1839.152527][T10438] Bluetooth: hci3: connection err: -111
[ 1839.158539][T10438] Bluetooth: hci3: unexpected Set CIG Parameters response data
[ 1839.239329][T10438] Bluetooth: hci3: unexpected event for opcode 0x2062
[ 1840.099822][T23148] QAT: failed to copy from user.
[ 1840.269235][T23150] netlink: 'syz.0.3016': attribute type 4 has an invalid length.
[ 1840.277559][T23150] netlink: 17 bytes leftover after parsing attributes in process `syz.0.3016'.
[ 1840.425099][T23152] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3014'.
[ 1840.632583][ T5942] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1840.801211][ T5942] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1840.926971][ T5942] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1840.942309][ T5942] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1840.955398][ T5942] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1840.964526][ T5942] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1841.066110][ T5942] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1841.074309][ T5942] usb 1-1: invalid MIDI out EP 0
[ 1841.559561][ T5942] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1841.661471][T23156] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1842.493243][T23165] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1842.727609][T23173] binder: 23164:23173 ioctl c018620c 800002c0 returned -1
[ 1842.851091][T23175] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1842.890098][T23179] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3022'.
[ 1843.281536][T10438] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1843.291482][T10438] Bluetooth: hci3: Injecting HCI hardware error event
[ 1843.299494][T10438] Bluetooth: hci3: hardware error 0x00
[ 1844.107878][ T5942] usb 1-1: USB disconnect, device number 21
[ 1844.289659][T23145] delete_channel: no stack
[ 1845.381594][T10438] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1849.172597][T23232] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1849.240579][T23237] netlink: 'syz.4.3035': attribute type 27 has an invalid length.
[ 1850.173108][T23247] binder: 23244:23247 ioctl c018620c 800002c0 returned -1
[ 1853.145381][   T30] audit: type=1326 audit(1764221475.578:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1853.372220][   T30] audit: type=1326 audit(1764221475.578:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1853.780063][   T30] audit: type=1326 audit(1764221475.578:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1853.993570][T23275] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1853.999897][T23275] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1854.002405][   T30] audit: type=1326 audit(1764221475.578:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.030168][   T30] audit: type=1326 audit(1764221475.578:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.052439][   T30] audit: type=1326 audit(1764221475.648:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.074789][   T30] audit: type=1326 audit(1764221475.648:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.102295][   T30] audit: type=1326 audit(1764221475.648:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23283 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.124563][   T30] audit: type=1326 audit(1764221475.768:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23276 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.211471][T23290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3046'.
[ 1854.300027][T23275] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1854.316429][T23275] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1854.325021][   T30] audit: type=1326 audit(1764221476.148:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23283 comm="syz.3.3045" exe="/root/syz-executor" sig=0 arch=40000003 syscall=1 compat=1 ip=0xf7f02539 code=0x7ffc0000
[ 1854.353594][T23275] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1854.593236][ T5942] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1854.912452][T23275] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1854.930549][T23275] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1854.939371][T23275] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1855.928354][T23302] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1857.949219][ T5942] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1858.005186][ T5942] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1858.429474][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1858.436303][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1859.054074][T23334] fido_id[23334]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1860.298797][T23350] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3057'.
[ 1861.498050][T23361] usb usb8: usbfs: process 23361 (syz.0.3061) did not claim interface 0 before use
[ 1862.143404][T23373] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1863.013507][T23376] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1863.191687][T23381] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1863.677665][T23391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3066'.
[ 1863.686828][T23391] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3066'.
[ 1864.905383][ T5942] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[ 1865.082710][ T5942] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1865.361095][T23406] fido_id[23406]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1865.554847][T23410] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1867.136388][T23431] sctp: [Deprecated]: syz.3.3075 (pid 23431) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1867.136388][T23431] Use struct sctp_sack_info instead
[ 1867.554116][T23434] tap0: tun_chr_ioctl cmd 1074025677
[ 1867.560251][T23434] tap0: linktype set to 270
[ 1869.063565][T23441] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1869.332076][T23450] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1869.500055][T23454] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1870.331744][T23459] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1870.696012][ T5942] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[ 1871.075049][ T5942] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1871.487122][T23468] fido_id[23468]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1872.714007][T23494] binder: 23489:23494 ioctl c018620c 800002c0 returned -1
[ 1873.192505][T23501] sctp: [Deprecated]: syz.4.3089 (pid 23501) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1873.192505][T23501] Use struct sctp_sack_info instead
[ 1874.702627][T23509] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1875.141029][T23519] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1880.805683][T23575] binder: 23571:23575 ioctl c018620c 800002c0 returned -1
[ 1880.892444][T23577] sctp: [Deprecated]: syz.1.3104 (pid 23577) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1880.892444][T23577] Use struct sctp_sack_info instead
[ 1882.252014][T23585] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1883.594456][T23599] sctp: [Deprecated]: syz.1.3117 (pid 23599) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1883.594456][T23599] Use struct sctp_sack_info instead
[ 1883.749504][T23601] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1889.801900][T23666] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1889.948084][T23666] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3123'.
[ 1890.456512][T23676] sctp: [Deprecated]: syz.2.3124 (pid 23676) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1890.456512][T23676] Use struct sctp_sack_info instead
[ 1891.825673][T23694] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1892.591750][T23706] sctp: [Deprecated]: syz.0.3140 (pid 23706) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1892.591750][T23706] Use struct sctp_sack_info instead
[ 1894.666648][T23722] fuse: Unknown parameter 'fd0xffffffffffffffff'
[ 1897.402252][T23753] usb usb8: usbfs: process 23753 (syz.4.3138) did not claim interface 0 before use
[ 1897.428978][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1897.429319][   T30] audit: type=1400 audit(1764221519.838:1466): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=23737 comm="syz.4.3138"
[ 1898.055814][T23763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3141'.
[ 1898.605301][T23768] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3142'.
[ 1900.409740][T22339] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1900.735000][T22339] hid-generic 0000:0000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1901.640430][T23796] sctp: [Deprecated]: syz.1.3147 (pid 23796) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1901.640430][T23796] Use struct sctp_sack_info instead
[ 1901.864434][T23797] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3148'.
[ 1901.868024][T23792] fido_id[23792]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1902.303292][ T5942] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1902.344602][T23799] vhci_hcd vhci_hcd.0: port 0 already used
[ 1902.393087][T23804] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(14)
[ 1902.399725][T23804] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1902.434262][T23804] vhci_hcd vhci_hcd.0: Device attached
[ 1902.475442][ T5942] usb 4-1: Using ep0 maxpacket: 32
[ 1902.491939][T23799] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[ 1902.493274][ T5942] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1902.498581][T23799] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1902.516054][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1902.542240][ T5942] usb 4-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[ 1902.598663][T23799] vhci_hcd vhci_hcd.0: Device attached
[ 1902.619474][ T5942] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1902.667647][ T5942] usb 4-1: config 0 descriptor??
[ 1902.705519][T23804] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(20)
[ 1902.712200][T23804] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1902.738018][T23799] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(17)
[ 1902.744693][T23799] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1902.799531][T23804] vhci_hcd vhci_hcd.0: Device attached
[ 1902.826041][T23799] vhci_hcd vhci_hcd.0: Device attached
[ 1902.957285][T23804] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1902.977467][T23815] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(23)
[ 1902.984147][T23815] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1903.028391][T23815] vhci_hcd vhci_hcd.0: Device attached
[ 1903.099154][ T5942] magicmouse 0003:05AC:0265.001B: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.3-1/input0
[ 1903.111626][T23804] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1903.145515][T23799] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1903.572295][T23799] vhci_hcd vhci_hcd.0: pdev(0) rhport(7) sockfd(25)
[ 1903.578948][T23799] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1903.590973][T23832] netlink: 'syz.3.3148': attribute type 2 has an invalid length.
[ 1903.599246][T23799] vhci_hcd vhci_hcd.0: Device attached
[ 1903.610847][T23816] vhci_hcd: connection closed
[ 1903.613030][T22578] vhci_hcd: stop threads
[ 1903.627407][T22578] vhci_hcd: release socket
[ 1903.663703][T23832] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3148'.
[ 1903.673244][T23807] vhci_hcd: connection closed
[ 1903.674134][T23805] vhci_hcd: connection closed
[ 1903.679121][T23831] vhci_hcd: connection closed
[ 1903.684331][T23811] vhci_hcd: connection closed
[ 1903.695402][T23812] vhci_hcd: connection closed
[ 1903.783719][T22578] vhci_hcd: disconnect device
[ 1903.792528][ T5942] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1903.814662][T22578] vhci_hcd: stop threads
[ 1903.819545][T22578] vhci_hcd: release socket
[ 1903.824863][T22578] vhci_hcd: disconnect device
[ 1903.830364][T22578] vhci_hcd: stop threads
[ 1903.835635][T22578] vhci_hcd: release socket
[ 1903.840426][T22578] vhci_hcd: disconnect device
[ 1903.848347][T22578] vhci_hcd: stop threads
[ 1903.853848][T22578] vhci_hcd: release socket
[ 1903.858613][T22578] vhci_hcd: disconnect device
[ 1903.865746][T22578] vhci_hcd: stop threads
[ 1903.870248][T22578] vhci_hcd: release socket
[ 1903.878810][T22578] vhci_hcd: disconnect device
[ 1903.939671][T22578] vhci_hcd: stop threads
[ 1903.976846][T22578] vhci_hcd: release socket
[ 1903.991688][T22578] vhci_hcd: disconnect device
[ 1904.072211][ T5942] usb 2-1: Using ep0 maxpacket: 32
[ 1904.108951][ T5942] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1904.118194][ T5942] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1904.501583][ T5942] usb 2-1: config 0 descriptor??
[ 1904.951301][ T5942] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1905.304760][ T5942] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1905.318166][T22339] usb 4-1: USB disconnect, device number 31
[ 1905.536135][ T5942] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1905.766939][ T5942] usb 2-1: media controller created
[ 1905.791510][ T5942] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1906.260363][T23856] ip6gretap1: entered promiscuous mode
[ 1906.402820][T23856] ip6gretap1: entered allmulticast mode
[ 1907.023411][T23865] binder: 23862:23865 ioctl c018620c 800002c0 returned -1
[ 1907.901692][ T5942] az6027: usb out operation failed. (-71)
[ 1907.941577][ T5942] az6027: usb out operation failed. (-71)
[ 1907.950820][ T5942] stb0899_attach: Driver disabled by Kconfig
[ 1907.972158][ T5942] az6027: no front-end attached
[ 1907.972158][ T5942] 
[ 1908.202370][ T5942] az6027: usb out operation failed. (-71)
[ 1908.248124][ T5942] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1908.286763][ T5942] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input45
[ 1908.376311][ T5942] dvb-usb: schedule remote query interval to 400 msecs.
[ 1908.423117][ T5942] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1908.487092][ T5942] usb 2-1: USB disconnect, device number 46
[ 1908.771023][ T5942] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1909.329670][T17421] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[ 1909.349488][T17421] hid-generic 0000:0000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1909.755334][T23894] loop2: detected capacity change from 0 to 7
[ 1909.788356][T23894] Dev loop2: unable to read RDB block 7
[ 1909.794126][T23894]  loop2: unable to read partition table
[ 1909.800302][T23894] loop2: partition table beyond EOD, truncated
[ 1909.806644][T23894] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1909.901841][T23895] sctp: [Deprecated]: syz.4.3162 (pid 23895) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1909.901841][T23895] Use struct sctp_sack_info instead
[ 1911.071677][T23906] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1912.684139][T23928] xt_bpf: check failed: parse error
[ 1913.112463][T22339] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1913.272297][T22339] usb 2-1: Using ep0 maxpacket: 16
[ 1913.305970][T22339] usb 2-1: New USB device found, idVendor=04dd, idProduct=8002, bcdDevice=fc.b6
[ 1913.315814][T22339] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1913.324731][T22339] usb 2-1: Product: syz
[ 1913.329099][T22339] usb 2-1: Manufacturer: syz
[ 1913.334122][T22339] usb 2-1: SerialNumber: syz
[ 1913.343295][T22339] usb 2-1: config 0 descriptor??
[ 1913.364531][T22339] safe_serial 2-1:0.0: safe_serial converter detected
[ 1913.481742][T22339] usb 2-1: safe_serial converter now attached to ttyUSB0
[ 1914.116968][T23942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3171'.
[ 1914.337698][T23943] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1915.393246][T23947] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1915.978828][T22339] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[ 1916.040992][T22339] hid-generic 0000:0000:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1916.737733][T17421] usb 2-1: USB disconnect, device number 47
[ 1916.756462][T17421] safe_serial ttyUSB0: safe_serial converter now disconnected from ttyUSB0
[ 1916.783001][T17421] safe_serial 2-1:0.0: device disconnected
[ 1916.957196][T23965] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3176'.
[ 1917.005762][T23966] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[ 1917.119050][T23964] misc userio: The device must be registered before sending interrupts
[ 1919.649210][T23995] Option '    %���JC�O���:D?R����%5���|$>������ܲ�L&��z�jy!?&�SP�Zq*)�ޑ�N8<�.����~�@����.g�u��Yr���B�K�' to dns_resolver key: bad/missing value
[ 1919.872760][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1919.879171][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1920.748611][T24000] tap0: tun_chr_ioctl cmd 1074025677
[ 1920.764464][T24000] tap0: linktype set to 270
[ 1921.331425][T24009] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1921.794790][T24019] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3188'.
[ 1921.910574][T24018] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1923.565908][T22339] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[ 1923.602569][T22339] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1924.003542][T24047] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(17)
[ 1924.010302][T24047] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1924.096494][T24043] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(14)
[ 1924.103170][T24043] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1924.187583][T24047] vhci_hcd vhci_hcd.0: Device attached
[ 1924.612293][T22339] usb 38-1: SetAddress Request (2) to port 0
[ 1924.628890][T22339] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1924.692303][T24039] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[ 1924.698960][T24039] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1924.765069][T24043] vhci_hcd vhci_hcd.0: Device attached
[ 1924.956732][T24039] vhci_hcd vhci_hcd.0: Device attached
[ 1925.053229][T24058] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(16)
[ 1925.059904][T24058] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1925.064557][T24054] fido_id[24054]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1925.132715][T24058] vhci_hcd vhci_hcd.0: Device attached
[ 1925.163709][T24043] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(19)
[ 1925.170381][T24043] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1925.322999][T24043] vhci_hcd vhci_hcd.0: Device attached
[ 1925.338932][T24039] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13)
[ 1925.345610][T24039] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1925.391318][T24039] vhci_hcd vhci_hcd.0: Device attached
[ 1925.426666][T24043] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1925.493026][T24039] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1925.563024][T24039] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1925.608092][T24043] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(32)
[ 1925.614739][T24043] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1925.642495][T24043] vhci_hcd vhci_hcd.0: Device attached
[ 1925.828711][T24060] vhci_hcd: connection closed
[ 1925.829400][T24045] vhci_hcd: connection closed
[ 1925.831076][T24059] vhci_hcd: connection closed
[ 1925.835762][T24044] vhci_hcd: connection closed
[ 1925.839705][T22580] vhci_hcd: stop threads
[ 1925.853862][T24048] vhci_hcd: connection reset by peer
[ 1925.867407][T24066] vhci_hcd: connection closed
[ 1925.872272][T22580] vhci_hcd: release socket
[ 1925.895174][T22580] vhci_hcd: disconnect device
[ 1925.900674][T22580] vhci_hcd: stop threads
[ 1925.912592][T22580] vhci_hcd: release socket
[ 1925.917247][T22580] vhci_hcd: disconnect device
[ 1925.932590][T22580] vhci_hcd: stop threads
[ 1925.936985][T22580] vhci_hcd: release socket
[ 1925.942270][ T5942] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1925.955349][T22580] vhci_hcd: disconnect device
[ 1925.984770][T22580] vhci_hcd: stop threads
[ 1925.989507][T22580] vhci_hcd: release socket
[ 1926.019150][T22580] vhci_hcd: disconnect device
[ 1926.031674][T22580] vhci_hcd: stop threads
[ 1926.052868][T22580] vhci_hcd: release socket
[ 1926.080092][T22580] vhci_hcd: disconnect device
[ 1926.102354][T22580] vhci_hcd: stop threads
[ 1926.156713][ T5942] usb 4-1: Using ep0 maxpacket: 8
[ 1926.310751][ T5942] usb 4-1: config 1 has an invalid descriptor of length 251, skipping remainder of the config
[ 1926.322146][T22580] vhci_hcd: release socket
[ 1926.327116][T22580] vhci_hcd: disconnect device
[ 1926.332481][ T5942] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 64256, setting to 64
[ 1926.344815][ T5942] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1926.569044][T24070] vhci_hcd: connection closed
[ 1926.586679][ T5942] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1926.619464][ T5942] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1926.639596][T22580] vhci_hcd: stop threads
[ 1926.644246][T22580] vhci_hcd: release socket
[ 1926.662740][T22580] vhci_hcd: disconnect device
[ 1926.720674][ T5942] usb 4-1: Product: syz
[ 1926.725575][ T5942] usb 4-1: Manufacturer: syz
[ 1926.730421][ T5942] usb 4-1: SerialNumber: syz
[ 1926.969730][ T5942] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[ 1927.156694][ T5942] usbtest 4-1:1.0: couldn't get endpoints, -22
[ 1927.224117][ T5942] usbtest 4-1:1.0: probe with driver usbtest failed with error -22
[ 1927.367940][T24089] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3198'.
[ 1927.473882][ T5942] usb 4-1: USB disconnect, device number 32
[ 1928.854033][T24093] tun1: tun_chr_ioctl cmd 1074025675
[ 1928.869033][T24093] tun1: persist enabled
[ 1929.044749][T24096] tun1: tun_chr_ioctl cmd 1074025675
[ 1929.056866][T24096] tun1: persist disabled
[ 1929.632786][ T5942] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1929.674082][T22339] usb 38-1: device descriptor read/8, error -110
[ 1929.888278][ T5942] usb 3-1: config 86 has an invalid interface number: 125 but max is 1
[ 1929.896986][ T5942] usb 3-1: config 86 has an invalid interface descriptor of length 5, skipping
[ 1929.912245][ T5942] usb 3-1: config 86 has 1 interface, different from the descriptor's value: 2
[ 1929.931666][ T5942] usb 3-1: config 86 has no interface number 0
[ 1929.944076][ T5942] usb 3-1: config 86 interface 125 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 13
[ 1929.963711][ T5942] usb 3-1: config 86 interface 125 has no altsetting 0
[ 1929.977544][ T5942] usb 3-1: New USB device found, idVendor=0bb4, idProduct=0a44, bcdDevice= a.45
[ 1929.987134][ T5942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1930.000014][ T5942] usb 3-1: Product: 쟣蝖驢趫噑놵秷묮年⧲凉섢肁晒籨膿Ꭵ熡穆밒⬫ର⸣鏗襥ᛤ⛡璺墫攘Ɯ䊝箰쇊㵒
[ 1930.013270][T17421] vhci_hcd: vhci_device speed not set
[ 1930.030877][T24107] tap0: tun_chr_ioctl cmd 1074025677
[ 1930.042452][ T5942] usb 3-1: Manufacturer: 笌↏밠面㐉贩㨟⧨Ꭳ녢錙텋꫎뵸﹈鎠렊│₷骑㦤㹘뎩⪲ﺊꞄ靴ꍿ㼘랾
[ 1930.122304][T24107] tap0: linktype set to 270
[ 1930.170258][ T5942] usb 3-1: SerialNumber: 뇩䭕넞붙벻輭Ȃ䓊蜎샄灈엂Ꮅ錅暑웟쓅㌢陋훇鰴谻⾭꧉琔棝굒㮑匷績둴ᨽ═㮺ﾊ
[ 1931.023850][ T5942] usb 3-1: USB disconnect, device number 39
[ 1931.163658][T22339] usb usb38-port1: attempt power cycle
[ 1931.723591][T22339] usb usb38-port1: unable to enumerate USB device
[ 1932.132677][T24130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3203'.
[ 1932.529010][T24131] 8021q: adding VLAN 0 to HW filter on device team0
[ 1932.567157][T24131] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1932.702016][T24131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.711857][T24131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.721721][T24131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.765425][T24134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.775241][T24134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.785902][T24134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.797451][T24134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.808394][T24134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1933.075445][T24133] netlink: 'syz.4.3205': attribute type 1 has an invalid length.
[ 1933.124452][T24134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1934.625275][T24143] fuse: Unknown parameter 'fd0xffffffffffffffff'
[ 1934.724842][T24145] syz_tun: entered allmulticast mode
[ 1935.430437][T24150] netlink: 'syz.2.3207': attribute type 16 has an invalid length.
[ 1935.692236][T22339] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1935.885260][T24137] syz_tun: left allmulticast mode
[ 1936.054161][T22339] usb 3-1: Using ep0 maxpacket: 32
[ 1936.084680][T24156] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3208'.
[ 1936.272378][ T5942] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 1936.315367][ T5942] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1936.327677][T22339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1936.377902][T22339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1936.510598][T24159] fido_id[24159]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1936.531472][T22339] usb 3-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[ 1936.562215][T22339] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1936.709870][T22339] usb 3-1: config 0 descriptor??
[ 1936.882968][T24167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3210'.
[ 1937.286448][T22339] glorious 0003:258A:0033.0020: item fetching failed at offset 0/3
[ 1937.363792][T22339] glorious 0003:258A:0033.0020: probe with driver glorious failed with error -22
[ 1937.858443][T24149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1937.964079][T24149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1938.221604][T24148] net_ratelimit: 594 callbacks suppressed
[ 1938.221699][T24148] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1938.937211][T24185] tap0: tun_chr_ioctl cmd 1074025677
[ 1938.937688][T24185] tap0: linktype set to 270
[ 1939.460663][T24193] netlink: 'syz.4.3217': attribute type 10 has an invalid length.
[ 1939.658809][T24193] team0: Port device netdevsim0 removed
[ 1939.904430][T24194] IPVS: stopping backup sync thread 23966 ...
[ 1940.009413][T22339] usb 3-1: USB disconnect, device number 40
[ 1942.451126][T24214] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1942.766234][T24222] sctp: [Deprecated]: syz.2.3223 (pid 24222) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1942.766234][T24222] Use struct sctp_sack_info instead
[ 1943.024152][ T5942] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1943.302231][ T5942] usb 1-1: Using ep0 maxpacket: 16
[ 1943.325286][ T5942] usb 1-1: config 0 has an invalid interface number: 7 but max is 0
[ 1943.333973][ T5942] usb 1-1: config 0 has no interface number 0
[ 1943.400606][ T5942] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1943.416251][ T5942] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1943.432289][ T5942] usb 1-1: Product: syz
[ 1943.436736][ T5942] usb 1-1: Manufacturer: syz
[ 1943.441369][ T5942] usb 1-1: SerialNumber: syz
[ 1943.457975][ T5942] usb 1-1: config 0 descriptor??
[ 1944.042943][T24231] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3226'.
[ 1945.467944][ T5942] usb 1-1: USB disconnect, device number 22
[ 1949.507169][T24292] xt_bpf: check failed: parse error
[ 1951.408136][T24307] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1954.357518][T24350] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3247'.
[ 1955.419322][T24367] ip6gretap1: entered promiscuous mode
[ 1955.425153][T24367] ip6gretap1: entered allmulticast mode
[ 1956.115318][T24352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3248'.
[ 1957.160126][T17421] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1957.485836][T17421] usb 2-1: Using ep0 maxpacket: 8
[ 1957.520027][T17421] usb 2-1: config 1 has an invalid descriptor of length 232, skipping remainder of the config
[ 1957.603650][T17421] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 65024, setting to 64
[ 1957.634165][T17421] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1957.693135][T17421] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1957.693172][T17421] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1958.109702][T17421] usb 2-1: Product: syz
[ 1958.123082][T17421] usb 2-1: Manufacturer: syz
[ 1958.132452][T17421] usb 2-1: SerialNumber: syz
[ 1958.296649][T17421] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[ 1958.313710][T17421] usbtest 2-1:1.0: couldn't get endpoints, -22
[ 1958.325844][T17421] usbtest 2-1:1.0: probe with driver usbtest failed with error -22
[ 1958.820659][T22339] usb 2-1: USB disconnect, device number 48
[ 1960.417244][T24402] tap0: tun_chr_ioctl cmd 1074025677
[ 1960.423668][T24402] tap0: linktype set to 270
[ 1961.725087][T24413] loop2: detected capacity change from 0 to 7
[ 1961.783561][T24413] Dev loop2: unable to read RDB block 7
[ 1961.789302][T24413]  loop2: unable to read partition table
[ 1961.807717][T24413] loop2: partition table beyond EOD, truncated
[ 1961.852988][T24413] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1962.582012][ T5198] Dev loop2: unable to read RDB block 7
[ 1962.592254][ T5198]  loop2: unable to read partition table
[ 1962.661827][ T5198] loop2: partition table beyond EOD, truncated
[ 1963.386980][T24440] 8021q: adding VLAN 0 to HW filter on device team0
[ 1963.427362][T24440] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1964.010337][T24450] ip6gretap1: entered promiscuous mode
[ 1964.015981][T24450] ip6gretap1: entered allmulticast mode
[ 1967.782400][ T5942] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1968.012213][ T5942] usb 3-1: Using ep0 maxpacket: 8
[ 1968.029729][ T5942] usb 3-1: config 1 has an invalid descriptor of length 23, skipping remainder of the config
[ 1968.052262][ T5942] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1968.097120][ T5942] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1968.636387][ T5942] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1968.654372][ T5942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1968.670933][ T5942] usb 3-1: Product: syz
[ 1968.675630][ T5942] usb 3-1: Manufacturer: syz
[ 1968.680254][ T5942] usb 3-1: SerialNumber: syz
[ 1968.711777][ T5942] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[ 1968.786180][ T5942] usbtest 3-1:1.0: couldn't get endpoints, -22
[ 1968.813018][ T5942] usbtest 3-1:1.0: probe with driver usbtest failed with error -22
[ 1969.137054][T22339] usb 3-1: USB disconnect, device number 41
[ 1969.595868][T24492] sctp: [Deprecated]: syz.1.3284 (pid 24492) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1969.595868][T24492] Use struct sctp_sack_info instead
[ 1971.557042][T24505] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3276'.
[ 1971.697138][T24505] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1971.991175][   T30] audit: type=1326 audit(1764221594.428:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1972.026558][T24511] syz.4.3279(24511): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[ 1972.099611][   T30] audit: type=1326 audit(1764221594.458:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1972.231904][T24518] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[ 1972.340508][   T30] audit: type=1326 audit(1764221594.458:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1972.442054][T24522] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1972.515125][   T30] audit: type=1326 audit(1764221594.458:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1972.540515][   T30] audit: type=1326 audit(1764221594.458:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1972.598560][   T30] audit: type=1326 audit(1764221594.458:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1972.771588][   T30] audit: type=1326 audit(1764221594.458:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1973.227640][   T30] audit: type=1326 audit(1764221594.458:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=397 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1973.364515][   T30] audit: type=1800 audit(1764221594.458:1475): pid=24511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3279" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[ 1973.477077][   T30] audit: type=1326 audit(1764221594.458:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24510 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 1974.005644][T24534] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1976.307111][T24560] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1977.442989][T24579] sctp: [Deprecated]: syz.1.3293 (pid 24579) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1977.442989][T24579] Use struct sctp_sack_info instead
[ 1978.812198][ T5942] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1978.958142][T24594] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1979.180162][ T5942] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1979.212608][ T5942] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1979.282880][T24601] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3297'.
[ 1979.350185][ T5942] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1979.546857][ T5942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1979.598127][T24588] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1979.616347][ T5942] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1980.882825][T24589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1980.891833][T24589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1981.276866][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1981.283621][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1982.583447][T19719] usb 3-1: USB disconnect, device number 42
[ 1982.617807][T24588] delete_channel: no stack
[ 1982.919692][T24626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3302'.
[ 1983.223144][T24625] kvm: Disabled LAPIC found during irq injection
[ 1983.370867][T24645] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1984.463425][T24654] pim6reg: left allmulticast mode
[ 1985.471965][T24654] trusted_key: encrypted_key: master key parameter 'defau}t' is invalid
[ 1985.783268][ T5942] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1986.183589][ T5942] usb 4-1: Using ep0 maxpacket: 32
[ 1986.196903][ T5942] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 52, changing to 9
[ 1986.209884][ T5942] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 8241, setting to 1024
[ 1986.238282][ T5942] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[ 1986.256576][ T5942] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1986.275125][ T5942] usb 4-1: Product: syz
[ 1986.309537][ T5942] usb 4-1: Manufacturer: syz
[ 1986.325786][ T5942] usb 4-1: SerialNumber: syz
[ 1986.353645][ T5942] usb 4-1: config 0 descriptor??
[ 1986.662867][ T5942] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1986.799892][   T12] usb 4-1: Failed to submit usb control message: -71
[ 1986.802533][T19719] usb 4-1: USB disconnect, device number 33
[ 1986.808460][   T12] usb 4-1: unable to send the bmi data to the device: -71
[ 1986.946740][   T12] usb 4-1: unable to get target info from device
[ 1986.964355][   T12] usb 4-1: could not get target info (-71)
[ 1986.984366][   T12] usb 4-1: could not probe fw (-71)
[ 1988.173259][T24702] No buffer was provided with the request
[ 1988.702177][ T5942] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1988.884051][T24701] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3315'.
[ 1988.909644][T24701] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1988.921943][T24701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1988.934033][T24701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1990.131076][T24714] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1990.890518][ T5942] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1990.898450][ T5942] usb 4-1: no configurations
[ 1990.903430][ T5942] usb 4-1: can't read configurations, error -22
[ 1991.096516][T24712] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3317'.
[ 1991.219716][T24712] kvm: Disabled LAPIC found during irq injection
[ 1993.352270][T19719] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1993.582212][T19719] usb 4-1: Using ep0 maxpacket: 8
[ 1993.604843][T19719] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[ 1993.621233][T19719] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[ 1993.886443][T19719] usb 4-1: config 0 has no interface number 0
[ 1993.942273][T19719] usb 4-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1993.959782][T19719] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1993.984476][T19719] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1994.014346][T19719] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 1994.422449][T24760] loop8: detected capacity change from 0 to 7
[ 1994.435681][T24760] Dev loop8: unable to read RDB block 7
[ 1994.442502][T24760]  loop8: AHDI p1 p2 p3
[ 1994.452212][T24760] loop8: partition table partially beyond EOD, truncated
[ 1994.470423][T24760] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 1994.492406][T19719] usb 4-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[ 1994.500582][T19719] usb 4-1: Product: syz
[ 1994.521898][T24760] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 1994.693165][T19719] usb 4-1: config 0 descriptor??
[ 1994.699883][T24737] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1994.887913][T24757] Dev loop8: unable to read RDB block 7
[ 1994.893849][T24757]  loop8: AHDI p1 p2 p3
[ 1994.898315][T24757] loop8: partition table partially beyond EOD, truncated
[ 1994.906701][T24757] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 1995.173460][T24757] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 1995.480922][T19719] usb 4-1: USB disconnect, device number 36
[ 1996.684233][T24776] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1997.109651][T24785] netlink: 552 bytes leftover after parsing attributes in process `syz.2.3330'.
[ 2003.458405][T24842] 8021q: adding VLAN 0 to HW filter on device team0
[ 2003.578239][T24842] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 2004.357560][T24852] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3341'.
[ 2005.075818][T24858] nvme_fabrics: missing parameter 'transport=%s'
[ 2005.142414][T24858] nvme_fabrics: missing parameter 'nqn=%s'
[ 2009.145994][T24907] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2010.709061][T24911] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2011.764742][T24922] netlink: 'syz.4.3355': attribute type 5 has an invalid length.
[ 2011.876414][T24923] kernel profiling enabled (shift: 63)
[ 2011.882101][T24923] profiling shift: 63 too large
[ 2012.205992][T24925] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2012.641282][T24932] netlink: 'syz.2.3357': attribute type 10 has an invalid length.
[ 2012.649474][T24932] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[ 2012.893588][T24933] netlink: 'syz.2.3357': attribute type 10 has an invalid length.
[ 2012.908030][T24932] team0: Port device netdevsim0 added
[ 2012.924990][T24933] team0: Port device netdevsim0 removed
[ 2015.289425][T24960] 8021q: adding VLAN 0 to HW filter on device team0
[ 2015.417582][T24960] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 2018.601246][T24999] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2018.745111][T19719] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0
[ 2019.162370][T19719] hid-generic 0000:0000:0000.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2021.178700][T25017] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2021.558002][T25026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 2021.567293][T25026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 2021.602336][T25026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 2021.868221][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 2021.868246][   T30] audit: type=1800 audit(1764221644.288:1506): pid=25028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3374" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2022.623864][   T30] audit: type=1326 audit(1764221645.068:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2022.701698][   T30] audit: type=1326 audit(1764221645.108:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2022.867337][   T30] audit: type=1326 audit(1764221645.128:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2022.935818][   T30] audit: type=1326 audit(1764221645.128:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2023.023703][   T30] audit: type=1326 audit(1764221645.128:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2023.622748][   T30] audit: type=1326 audit(1764221645.128:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2023.784508][   T30] audit: type=1326 audit(1764221645.128:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2024.118708][   T30] audit: type=1326 audit(1764221645.128:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2024.190518][   T30] audit: type=1326 audit(1764221645.138:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25030 comm="syz.2.3376" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000
[ 2024.212686][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2026.424443][T25074] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3382'.
[ 2027.088902][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 2027.088927][   T30] audit: type=1800 audit(1764221649.518:1545): pid=25086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3387" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2030.355461][T25115] tipc: Started in network mode
[ 2030.360371][T25115] tipc: Node identity ac1414aa, cluster identity 4711
[ 2030.379395][T25115] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2030.398137][T25115] tipc: Enabled bearer <ib:wg1>, priority 0
[ 2030.806582][T25111] loop8: detected capacity change from 0 to 7
[ 2030.816427][T20771] Dev loop8: unable to read RDB block 7
[ 2030.822380][T20771]  loop8: AHDI p1 p2 p3
[ 2030.826721][T20771] loop8: partition table partially beyond EOD, truncated
[ 2030.838386][T20771] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2030.857830][T20771] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2031.305313][T25111] Dev loop8: unable to read RDB block 7
[ 2031.412665][T25111]  loop8: AHDI p1 p2 p3
[ 2031.416914][T25111] loop8: partition table partially beyond EOD, truncated
[ 2031.431194][T25111] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2031.438625][T25111] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2031.492163][T17421] tipc: Node number set to 2886997162
[ 2031.705771][T25129] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2035.535195][T19719] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[ 2035.580281][T19719] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2039.307307][T25213] loop8: detected capacity change from 0 to 7
[ 2039.352351][T25213] Dev loop8: unable to read RDB block 7
[ 2039.387848][T25213]  loop8: AHDI p1 p2 p3
[ 2039.543310][T25213] loop8: partition table partially beyond EOD, truncated
[ 2039.595643][T25213] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2039.888335][T25213] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2040.853077][T20771] Dev loop8: unable to read RDB block 7
[ 2040.858706][T20771]  loop8: AHDI p1 p2 p3
[ 2040.863281][T20771] loop8: partition table partially beyond EOD, truncated
[ 2040.870569][T20771] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2041.007277][T20771] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2041.969150][T19719] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[ 2042.032405][T19719] hid-generic 0000:0000:0000.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2042.727273][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 2042.733690][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 2043.341032][T25238] fido_id[25238]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 2044.433331][   T30] audit: type=1326 audit(1764221666.878:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.496347][   T30] audit: type=1326 audit(1764221666.908:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.520240][   T30] audit: type=1326 audit(1764221666.908:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.572691][   T30] audit: type=1326 audit(1764221666.908:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.727004][   T30] audit: type=1326 audit(1764221666.908:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.894967][   T30] audit: type=1326 audit(1764221666.908:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.925691][   T30] audit: type=1326 audit(1764221666.908:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2044.995512][T25269] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2045.205644][   T30] audit: type=1326 audit(1764221666.908:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=397 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2045.330301][   T30] audit: type=1326 audit(1764221666.908:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2045.395865][T22339] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[ 2045.444178][T22339] hid-generic 0000:0000:0000.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2045.454559][   T30] audit: type=1326 audit(1764221666.908:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25253 comm="syz.4.3419" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000
[ 2045.476863][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2045.768803][T19719] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 2046.501984][T25282] fido_id[25282]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 2046.623063][T19719] usb 3-1: Using ep0 maxpacket: 32
[ 2046.652154][T19719] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[ 2046.715644][T19719] usb 3-1: config 0 has no interface number 0
[ 2046.758831][T19719] usb 3-1: config 0 interface 2 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2046.788621][T19719] usb 3-1: config 0 interface 2 altsetting 2 endpoint 0x82 has invalid maxpacket 33573, setting to 1024
[ 2046.829519][T19719] usb 3-1: config 0 interface 2 has no altsetting 0
[ 2046.909046][T19719] usb 3-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[ 2046.971547][T19719] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2047.032495][T19719] usb 3-1: Product: syz
[ 2047.042311][T19719] usb 3-1: Manufacturer: syz
[ 2047.062900][T19719] usb 3-1: SerialNumber: syz
[ 2047.122240][T19719] usb 3-1: config 0 descriptor??
[ 2047.575723][T25288] kernel profiling enabled (shift: 63)
[ 2047.581402][T25288] profiling shift: 63 too large
[ 2047.601055][T19719] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 2047.856789][T19719] usb 3-1: USB disconnect, device number 43
[ 2048.100700][T25297] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2048.141044][T20698] udevd[20698]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2049.024144][T25302] loop8: detected capacity change from 0 to 7
[ 2049.055499][T25302] Dev loop8: unable to read RDB block 7
[ 2049.061550][T25302]  loop8: AHDI p1 p2 p3
[ 2049.065910][T25302] loop8: partition table partially beyond EOD, truncated
[ 2049.073917][T25302] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2049.080833][T25302] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2049.151431][T20771] Dev loop8: unable to read RDB block 7
[ 2049.157211][T20771]  loop8: AHDI p1 p2 p3
[ 2049.161535][T20771] loop8: partition table partially beyond EOD, truncated
[ 2049.169194][T20771] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2049.176804][T20771] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2049.222879][T25303] Dev loop8: unable to read RDB block 7
[ 2049.302003][T25303]  loop8: AHDI p1 p2 p3
[ 2049.310444][T25303] loop8: partition table partially beyond EOD, truncated
[ 2049.342329][T25303] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 2049.349223][T25303] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 2051.041220][   T31] INFO: task kworker/0:0:9 blocked for more than 143 seconds.
[ 2051.066724][   T31]       Not tainted syzkaller #0
[ 2051.098942][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2051.384597][   T31] task:kworker/0:0     state:D stack:20792 pid:9     tgid:9     ppid:2      task_flags:0x4208060 flags:0x00080000
[ 2051.397139][   T31] Workqueue: usb_hub_wq hub_event
[ 2051.424062][   T31] Call Trace:
[ 2051.435806][   T31]  <TASK>
[ 2051.454160][   T31]  __schedule+0x1798/0x4cc0
[ 2051.473765][   T31]  ? __pfx___schedule+0x10/0x10
[ 2051.478689][   T31]  ? schedule+0x91/0x360
[ 2051.497239][   T31]  schedule+0x165/0x360
[ 2051.505317][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2051.514254][   T31]  __mutex_lock+0x7e6/0x1350
[ 2051.520621][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 2051.528483][   T31]  ? hub_event+0x21e5/0x4a20
[ 2051.644903][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2051.660487][   T31]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2051.812911][   T31]  hub_event+0x21e5/0x4a20
[ 2051.838047][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 2051.844166][   T31]  ? __pfx_hub_event+0x10/0x10
[ 2051.851481][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2051.865040][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2051.890380][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2051.896685][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2051.905238][   T31]  process_scheduled_works+0xae1/0x17b0
[ 2051.911089][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2051.917713][   T31]  worker_thread+0x8a0/0xda0
[ 2051.922867][   T31]  kthread+0x711/0x8a0
[ 2051.927197][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 2051.933017][   T31]  ? __pfx_kthread+0x10/0x10
[ 2051.937918][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2051.943663][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2051.949171][   T31]  ? __pfx_kthread+0x10/0x10
[ 2051.954309][   T31]  ret_from_fork+0x4bc/0x870
[ 2051.959292][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2051.965114][   T31]  ? __switch_to_asm+0x39/0x70
[ 2051.970322][   T31]  ? __switch_to_asm+0x33/0x70
[ 2051.975621][   T31]  ? __pfx_kthread+0x10/0x10
[ 2051.980493][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2051.985847][   T31]  </TASK>
[ 2052.010252][   T31] 
[ 2052.010252][   T31] Showing all locks held in the system:
[ 2052.178480][   T31] 5 locks held by kworker/0:0/9:
[ 2052.183697][   T31]  #0: ffff88814042bd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2052.196962][   T31]  #1: ffffc900000e7ba0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2052.211092][   T31]  #2: ffff888146301198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[ 2052.367810][   T31]  #3: ffff8880284ed518 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21b8/0x4a20
[ 2052.412552][   T31]  #4: ffff888027d69268 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21e5/0x4a20
[ 2052.422675][   T31] 2 locks held by kworker/u8:0/12:
[ 2052.427857][   T31]  #0: ffff88801c375948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2052.439693][   T31]  #1: ffffc90000117ba0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2052.452274][   T31] 1 lock held by khungtaskd/31:
[ 2052.457158][   T31]  #0: ffffffff8df3d6e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2052.467292][   T31] 1 lock held by syslogd/5180:
[ 2052.472722][   T31] 2 locks held by getty/5588:
[ 2052.477436][   T31]  #0: ffff88802fa3d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2052.494380][   T31]  #1: ffffc900036be2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 2052.538138][   T31] 1 lock held by syz-executor/5815:
[ 2052.591893][   T31] 5 locks held by kworker/1:5/5921:
[ 2052.671217][   T31]  #0: ffff88814042bd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2052.683666][   T31]  #1: ffffc900049b7ba0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2052.698313][   T31]  #2: ffff888028460198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[ 2052.707768][   T31]  #3: ffff888028464518 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21b8/0x4a20
[ 2052.718748][   T31]  #4: ffff888027d69268 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21e5/0x4a20
[ 2052.729046][   T31] 1 lock held by syz.2.3427/25304:
[ 2052.735835][   T31]  #0: ffffffff8df43040 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2052.747119][   T31] 2 locks held by syz.2.3427/25315:
[ 2052.753621][   T31] 1 lock held by syz.3.3430/25308:
[ 2052.758949][   T31]  #0: ffffffff8df43040 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2052.769122][   T31] 1 lock held by syz.4.3431/25324:
[ 2052.774726][   T31] 2 locks held by syz.4.3431/25328:
[ 2052.780127][   T31]  #0: ffffffff8f2bef70 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[ 2052.789706][   T31]  #1: ffffffff8f2cbe08 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[ 2052.800356][   T31] 2 locks held by syz.1.3432/25326:
[ 2052.805940][   T31]  #0: ffffffff8f2cbe08 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[ 2052.816197][   T31]  #1: ffffffff8df43178 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[ 2052.827508][   T31] 
[ 2052.831065][   T31] =============================================
[ 2052.831065][   T31] 
[ 2052.843007][   T31] NMI backtrace for cpu 1
[ 2052.843032][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 2052.843055][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2052.843069][   T31] Call Trace:
[ 2052.843078][   T31]  <TASK>
[ 2052.843089][   T31]  dump_stack_lvl+0x189/0x250
[ 2052.843124][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2052.843152][   T31]  ? __pfx__printk+0x10/0x10
[ 2052.843184][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 2052.843207][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2052.843229][   T31]  ? __pfx__printk+0x10/0x10
[ 2052.843250][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2052.843281][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2052.843304][   T31]  watchdog+0xf60/0xfa0
[ 2052.843325][   T31]  ? watchdog+0x1e2/0xfa0
[ 2052.843347][   T31]  kthread+0x711/0x8a0
[ 2052.843373][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2052.843390][   T31]  ? __pfx_kthread+0x10/0x10
[ 2052.843414][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2052.843439][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2052.843463][   T31]  ? __pfx_kthread+0x10/0x10
[ 2052.843489][   T31]  ret_from_fork+0x4bc/0x870
[ 2052.843511][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2052.843534][   T31]  ? __switch_to_asm+0x39/0x70
[ 2052.843548][   T31]  ? __switch_to_asm+0x33/0x70
[ 2052.843560][   T31]  ? __pfx_kthread+0x10/0x10
[ 2052.843586][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2052.843618][   T31]  </TASK>
[ 2052.843628][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 2052.991895][    C0] NMI backtrace for cpu 0
[ 2052.991928][    C0] CPU: 0 UID: 0 PID: 5815 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 2052.991949][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2052.991961][    C0] RIP: 0010:0xffffffffa00000bc
[ 2052.991987][    C0] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc <41> ff e3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
[ 2052.992003][    C0] RSP: 0018:ffffc90003f5f978 EFLAGS: 00000086
[ 2052.992021][    C0] RAX: 1ffffffff1b23d2c RBX: ffff88807c1aa40c RCX: dffffc0000000000
[ 2052.992040][    C0] RDX: 0000000000000009 RSI: ffff88807c1a9e40 RDI: ffff8880b883a040
[ 2052.992053][    C0] RBP: ffffc90003f5fb98 R08: ffff88807c1a9e47 R09: 1ffff1100f8353c8
[ 2052.992066][    C0] R10: dffffc0000000000 R11: ffffffff81941e50 R12: 0000000000000000
[ 2052.992078][    C0] R13: 0000000000002001 R14: 1ffff1100f835481 R15: 1ffff11017107568
[ 2052.992090][    C0] FS:  0000000000000000(0000) GS:ffff88812613b000(0063) knlGS:00000000577c5440
[ 2052.992104][    C0] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 2052.992116][    C0] CR2: 00000000579c699c CR3: 0000000077174000 CR4: 00000000003526f0
[ 2052.992131][    C0] Call Trace:
[ 2052.992139][    C0]  <TASK>
[ 2052.992146][    C0]  ? __schedule+0x5f1/0x4cc0
[ 2052.992175][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2052.992204][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2052.992221][    C0]  ? __pfx___schedule+0x10/0x10
[ 2052.992250][    C0]  ? schedule+0x91/0x360
[ 2052.992273][    C0]  schedule+0x165/0x360
[ 2052.992296][    C0]  do_nanosleep+0x1c5/0x610
[ 2052.992318][    C0]  ? do_nanosleep+0x7f/0x610
[ 2052.992337][    C0]  ? __pfx_do_nanosleep+0x10/0x10
[ 2052.992357][    C0]  ? __hrtimer_setup+0x187/0x210
[ 2052.992375][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 2052.992395][    C0]  hrtimer_nanosleep+0x169/0x360
[ 2052.992415][    C0]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 2052.992435][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 2052.992454][    C0]  ? __pfx_get_old_timespec32+0x10/0x10
[ 2052.992476][    C0]  __se_sys_clock_nanosleep_time32+0x33b/0x390
[ 2052.992496][    C0]  ? __pfx___se_sys_clock_nanosleep_time32+0x10/0x10
[ 2052.992516][    C0]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 2052.992543][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2052.992568][    C0]  __do_fast_syscall_32+0xb6/0x2b0
[ 2052.992587][    C0]  do_fast_syscall_32+0x34/0x80
[ 2052.992601][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2052.992622][    C0] RIP: 0023:0xf709d539
[ 2052.992634][    C0] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2052.992648][    C0] RSP: 002b:00000000ffa8a930 EFLAGS: 00000206 ORIG_RAX: 000000000000010b
[ 2052.992664][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[ 2052.992675][    C0] RDX: 00000000ffa8a964 RSI: 00000000ffa8a95c RDI: 00000000ffa8a964
[ 2052.992686][    C0] RBP: 00000000ffa8a9ac R08: 0000000000000000 R09: 0000000000000000
[ 2052.992697][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2052.992706][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2052.992726][    C0]  </TASK>