last executing test programs:

21.187703173s ago: executing program 2 (id=6340):
sendmsg(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket(0x80000000000000a, 0x2, 0x0)
socket$inet6(0xa, 0x4, 0x8010000000000084)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000940), 0x101402)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000980)={0x3, 0x0, 0x800008c9, 0x2, 0xfffffffd})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, 0x0, &(0x7f00000000c0))
ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000cc0)={'batadv_slave_1\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000540)={@mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x7, 0x0, 0x200, 0x12, 0x4400046, r5})
setuid(0xee01)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0xfeffffff, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800efe000000000000000000a0000000000000b000000000c00090008000000", @ANYRES32=0x0, @ANYBLOB="1400050000000000000000000000000000000002"], 0x3c}, 0x1, 0x11}, 0x0)

18.94385398s ago: executing program 2 (id=6344):
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7fff, 0x48b03)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x80085665, &(0x7f00000000c0)={0x3, 0x1ff, 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_dev$video4linux(0x0, 0xffffffffffffffff, 0x787203)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, &(0x7f0000000300)={0xffffffffffffff5e, 0x0, 0x0})
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r3 = getpid()
sched_setattr(r3, &(0x7f0000000340)={0x38, 0x0, 0x1000002d, 0x12000, 0x299c0, 0x7, 0x395400000000000, 0xfc5, 0x3, 0x5507}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_80211_join_ibss(&(0x7f0000000200)='wlan0\x00', &(0x7f00000002c0)=@default_ap_ssid, 0x6, 0x1)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r1, 0xc02864c3, &(0x7f00000003c0)={&(0x7f0000000380), 0x7, 0x0, 0x4})
r6 = syz_usb_connect(0x0, 0x2d, &(0x7f00000005c0)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xd, &(0x7f00000000c0)=0x1, 0x4)
syz_usb_control_io$hid(r6, 0x0, 0x0)

16.972036851s ago: executing program 2 (id=6355):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_dev$usbfs(&(0x7f00000002c0), 0x0, 0x200)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x60, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setitimer(0x2, &(0x7f0000000580)={{0x77359400}, {0x0, 0xea60}}, 0x0)
setrlimit(0x0, &(0x7f00000000c0)={0x0, 0x1})
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="91109d007f0000"], &(0x7f00000003c0)='syzkaller\x00'}, 0x94)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x3})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000007b6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94)
syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000000240)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0xff, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x1, 0xb0, 0x8, [{{0x9, 0x4, 0x0, 0x7, 0x1, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0xac, 0x6, 0xfe}}}}}]}}]}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xa}}}, 0x24}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000840)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r6, &(0x7f0000000280)={0x10, 0x0, r7}, 0x10)
syz_emit_ethernet(0x2ce, 0x0, 0x0)

12.9481533s ago: executing program 2 (id=6364):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f0000000200))

10.988119189s ago: executing program 3 (id=6375):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0xffffffff, 0x2}, {0x8009, 0x56}], 0xee01}, 0x18, 0x0)

10.919652361s ago: executing program 3 (id=6377):
r0 = syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000020000082505a5a4400000000101090244000101000000090400000302060000052406000005240000000d240f0100000000000000000009058103200000000009058202080000000009050302"], 0x0) (async)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x24c403, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x2, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4000) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r1)
syz_usb_control_io(r0, 0x0, 0x0)

9.581871201s ago: executing program 3 (id=6380):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000002440)='./file0\x00', 0x8000, 0x103)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002240), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
r3 = memfd_create(&(0x7f0000000400)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\xe3l\x87\\\x15Hd~\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92\x00\x96W}\xd9U\x9f\x83\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bI\xd8\x1c\xe8\x9bYS%\x1d\x10\x86\xa0\v\xea\xd9\x89\xda\xa7Wd\xa4Eu\x8csm\xa1\x06h\av\xa8\xd8\xceY\xc0\xe6v\xb5\xf5\x9d\xbe\xa58\xb42\xd8V$\xe6\xc8\x1c\xaf\x8e\xa1\xefa\xb1/\xee1=\xbfM\xeaw\f\xa2\x87\x1c(\x1a-\xeb\xfbV\xeb4\xd4C]\xc7{t\xf9\xd5`IZ\x03H\xd9\x86\xe12N\x1f\xd8{\xf5z@\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe4z\x1d/\x8c\"\x16\x12f\xd9\xfd\xfa\n\xc4\f\x16\xd6\b^\xc1x4\xd5sn\x05\xec\x1c!#p/\xdb`\xba\xa8o}\xed\n=\x89\x98\x9f\x989\xdc\xdc\xee\xb5*', 0x2)
mmap(&(0x7f00001d1000/0x3000)=nil, 0x3000, 0x1800006, 0x11, r3, 0xc931000)
read$FUSE(r2, &(0x7f0000000640)={0x2020}, 0x2020)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, &(0x7f0000000000)=""/74, 0x4a)
ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0)
syz_usb_ep_write$ath9k_ep1(r4, 0x82, 0x1380, &(0x7f0000003700)=ANY=[])
read$FUSE(0xffffffffffffffff, &(0x7f0000004740)={0x2020, 0x0, <r6=>0x0}, 0x1c1a)
syz_fuse_handle_req(r1, &(0x7f0000002580)="5536182daefa2fc6ee10a1b2d4e27cff3c3e628d4656f7b27979e371b15b420c01ae674ddb8fff7b2bc41e7c5927065cd32f2ff7908ef7dd74cdc82f3799ab12edbbfd0b8f6d2194d7f72aec3a136e25c7bf733436bf6cbfc94431ad053a2ec4ccac5aaada8a41ac38c0e1849e599dce84e431ac501db105b4484146b338c0ae9124877ccb8273c7fbb32603251e2d66c71398a7a715bcbe5c9d87e41af55f837e2931c4c1b6b7bbc30dfedfe6e61a39e28f66bbe56496745fbe03f6035183257edac4b0fe3087e7f3e79c2152a07341f3ae9ec68e78875b6e12b5a2a1abbcca4d7963be818a7a31290cad5a025ccd05b609c7ac49ea85d49f354c1e76091a917966665e77471005a46a195b290c01bb7ddf4709e94543471d87a0a5047d3631b00862e1e9a00c60b83371cc16ba087463122a892a1b21786fe3d450c7ba97799d88126f09a698a421242e9c67c981ebc576f57ba3df22e0071db74fa22e97b0fbe589894931a4c4e0eda8bb9533c4ce503fba218d0ae43ab4b4d0c705e04442d093ca5299ae8499c6db904bda6c68105bc2a1cd8e16067215476e573745d1e99daa73400567a9978dd7bffb21429479ace30c95afdfaebd7faf74343cd58e14ce6d2fada5a1c665049eeaa717ee681666c8b63c6d54e66df86144f85d80dcaa3ae7a13b58d5f2b607029efbbf8593afc75e0ce0a875a5fbedecb425a22624a0bb8e2fd06212a1fdafb92430d309f8f68504484fb1246f3d7b0893d3dc9d0b6c8d7476b6aea871eb4f32c283e22435fccb221484409cc28a6609dd869b99547fc81b2e517809a5b77783f9fc11b5fe584b9f64c0fec35d3db21ae30d0b8b88d722dea4a376d2a610f0a9d08b311e2ed3ef5d72d0e040e41d3dc45e5a17d740c67db88d95b18c8610fed3302aef0c3c1871ff8a5ae1908bf9668f0bc8e5867f56cc59cd303bafabde6a4034a96ba66b98a910dfaaff712673dcbf84c5354f066126068de620f08be67e6034138dd9a312f9ff197fca56a77bad46e59edfd79dfa3aee4582bfe01ce2201f6569178be7a4bdd28e495114944e538ee7b8f11e0812d9f822cd9760316809eccb9b0bbc5f0630224a1534f88600bbb2af2882562e76d149b44780380b62241829e5734fdfff1a2b3a052f3504dffe04d4632e9fef82762fe1950fbaceeb961464dfe2699f0a898fc8783cfdde45ecc3a16f052c4777beb1fddb080fc802a8cc760d1a0d4606b669e78ee9ba1ac398914ed5096850dedc513e5c71eca19d51af9075151f4ca3d8a841b7b1d205f5f3d223f7e48685daa0836f93017935ad1d942c7392667145ccc1d4700f5d8fb2fc218fd6d70357667d339a28dba3360761857b19f9f91e56a0e0281af1042a409a4e2839f3d21b73a5c352b22e4ff06e563e92c00b48e7f8bcdbbbd398c65331298f779dafe875854e301394b0faac2126138908fa8598b4f5e58ed1ac451eb0187e20077099d12d745fcff0b7fb5e8b9fa65ac617ea6c953e8786229b67a604c46810876650f919e6bc6792db22ec0be29cff94e9c24eb6e1830f890bb4b6bcd74b39060506095b99b95f2a8addfb8dfe11f47479fd23cc7c0701ae00774c430b3b9f52ab2579d47a2c2095365aa569f55a1431f93e651c01f0d67ff9337708a72e352c0e699f14bf07f9b9c056897c78edcf34ade3dfd17a04446d565fb6e7c701a237fe1a3d932371654a43b56e7f5ccdadc0f506d746c3f0047b69c0c174cbbfe092f139c09c0e2e76d9a777142813cb78174630ea8d73301e3343b94856fe610777468a9fb4518a0cf68243a4bd715e38e3431a811f962edb1306d76d89e0aad9be5800e7bebb82ccaec2382c9c114c91aee013acca2d8ddf99465e760bd185453a9eb4e5a78383094603b749c6242ad227124ef4b7ec7506b8a76f714099c954f0b2f2d427af0451a7ea3d1dbfa8a3e644c3640d397de3ce942311deb73fad3a76cba773f416314e81e70bda715b342113a18a249300b43250cb3b3aa46ecabe42d0e8c1dc4be286e539c71f0d1c0b0e1795ae7428a3887f36b79e9c76401a5dd460f45b9d8277e04c7c1e615fb33d0fbc444421f3fd0bff4e045d790610aaa2b62945e4b398024c75680b5e12235c35f5b23ddd99454fe527acad6d08fb37c35d9ecc0a8b10e2c31fac786666eb2ad499ddb7d06c7526fb1c5412f6a0df003410e69b81fe523057b6b73cdecf0e5bc4d3b87757889fe49dbdb3ec79c7eb3a868480fc87528e80400de837cccd4a6345508386ada1833f57a20c56e973569bc7821088d343e80009b7b35390975323d24e764aa6c90d3dd5fdec08ed363dc9ab57de949282994cd3858f829c7e5e9a745261383db27c9c53e9e98e109fda6cbb88649ba40b5067470d73b7471d406e5ea8041f9fa25f5b6c919aef84f7595511141e9f090ee103b20a13b22c9a88348ed6d284c0d7a58326e0c4c9626d9a5390bae2be199b201ea136a9aac76e6125db9bf58f61e6a46f8145a9df1305415989435f51529da03f09a67e3629e6f6cb6b70407d9d848f554f1a7e63602e678e62d3b41b4bf4ddda713ed2c291536d8cc12a16bde144ef56acc17778b1aa8eeeeeb60c781365b615be4435c7158d926351cdb46b89fa82acb384c7318dcb2e51db8bdb223aff2c8f36d9e6b1135ad18f7e0b9d91a76972c3140f8e21dc71422de12a4f5d08624bdaeb983619a5ff82cf788c6b8a5fbf0f78e61ae4058d6e03a3d5130646dfc13686e356a1325434caac94ced659529181561fee7ce4f7e1e7945f119ad8474ea6b00257ceb7af2d9b3f9ad5782cd986f1b097d61bf26a6c48c3ab597e4678d609f3050eec9f3bbea1bc67314407521950526e6d71e34e35392067ac84b66badc82a54bb0dc8ed2f1050711ef2d47af5252075c0441aad6900539fcc649c1b1ffc70a1cc39e0c2136c764ba718d50f4800dc29769c4bc9a2fd0f43eb6ffb717a473ccb14ccd58bd506c4e4a0f4ea1158b59b3d6bf1a2d010c456c1f099bff69add46cc60fd2d9779f603ebb943ab8eb02627ac8aebdd52f25b069f64a61e90fa9ac979cb4c6cf0ebcd070099a1a6e6a747e8989e84afe090390953f988f2dcee405086ce51b1d2d8d249f45899b4e862008d28efad8aa5abd0912fa456aa9d3a918a0dd3420d7c4b04b9e3d65c41a1548b7caeef5fbcededf64697786a0bae73d2c5352658b871c806bd150c91bbf8f4735dddee9cfd3e152b5d44cbcce912a2809760e225b9018fa498c86ccb2359cb0834bcefab92c0468522648fbefbe25cf8d82b897371b5369e8f2972502574c0a3235066969c4d5d67fc312d6631702f66a113d22063ba2ac7d9ab387ad1e115e9c98275f3e0dacd2e8f0843f24687b297bf42bca11b89c6db2fc7026d364486ef2d614bc45d5cff0758d69fd48ea06b8a97667e4d7d30bf7f1c30b62287637f50468bf144fd177fdabcbd0d12b50c9cbd052dcd66993c72f48bd6086412ed5f9af3d44dffdf7c012aadd5cf7bd3b314f236660fa1c0e4773a4e9ccc36fd130ffda59a9bf41f7fbf79e5e3333365a3ed2e7714e50805bc70bc6fd20203cacbbeecb8e01a2ce626756cdbd01c53717c2e7b56b47e21f13209c2bf2b1b251e7a93f8a085dcc61d9ae82303a962441372ff7c0b8b8ba75bbf5b861ff7ddbc9781d40c90ae467bdeddfdf949e9a8b8c9fb7db3a9323d05d15bef19ce2e7634b84ac082d50e84b66f99f34b2f852fefe67faa403e848f3de110eb1d9faefa176c3cacd20c7f87d74e858a1a7bfc2c9e895541f691f99a2b8771c8755300ee74e3d6a048b30d02ca16202ecfc207a0b29302aabc1c5b57c7d0d31d43be5cb1f7230dc238fb701e7037aa00c9b57c6fc85baccaa56754d27b975872051566187b0983d93b9ec052edf3b33f7ddab343eac6f7aed97771e708e40a4cc6797f85d91a0debd5c6169895e895f67a10685af5e0b80b0e728731cbffbff8be603469d03bd47dbca4456108c79c029af16482c5c2590c1e0673c7e943699ea107d906a3e667fe7b2afaeb489548b6a11d9862e86a0b549a42b607ffeda6e3ba0f567b63b0be6edb9098cf3a44e6864c5e99fa5f475acb57e2b7343eb7fe3e8c139b515348b188defd2d3021fd27950d822f6df5f9c93584fd95f3f88c85231943ed4d511249f96447f7903779e4d8c4a680661fe5133d415b862e668441e8077bfb827293a9eb733e914f37a19e01ad4b014ef87ed5a5817ab8123af9fd863090b8e9a50ce29cf706b2182fd79660cbdbb53ba71b750e71a21d0ed01db3335cad91d5cb4d4648f46468b6e51f63e4088386913ae6b6cbf103947c32d25a8a825118cd6ce23f53ffe3c087114700e9a5932faf3d844fc6b323b3e722ed3ed75037bd9a7fd9d256b2b9a168e66802e284853a0d6b47d39675900f02f005050425731f9c2cb329f70d7a5ce2ee256212bf8b2ba9ece0df39c58f0fbac06c4da946787abf19dadb536bddbf7e51d89f22413575e064c6482d936a89d48be159aeb5055feb0577ced6c5334411d1d58a7e6d02eca6164d90fda39685fd619269fea7f21db51f6aa6961250e03c9e00788c178dabeb68f13dea29f8cdcf30478dbca15c4519bb342ba8b201019061bf8317022dbc5673fb4ed92ef1a1dea0a1a00cb3cbca291f7ebcbec27ea5e824f04b82f5644d4368cdf8026550bc2f86b83da6a265357eb548a9eec6622204b3dcd22440fec0e12819ade4ba53b53b1e6ab906fe0cacabb9c15e8b657475a0dad62dbcb1037aa8617787abce24a0aa4cf1b5c85c030a14277832a95d8b29a4ea86fb80148ece147ce4bf386995ac28e1ad1e2072f3f4fce5c05d9bdd0af118815d6ee89aabfa3f8173e6fa59dfa4a8c1ba7641291b3c18c6ccc4c3588d56d169d397facb4e67485610cc68197b3a43fe78b9458dc47e5057d5bc6b8e3b65bf414818b65d41ed7cfd7a35fe79c9851ef39c3e059fb3dffe331a791ce75728efcd58dd9b3ed1c93b128469afa648f4f91de6e39d5bef7a0e69bdf5b2202682d857847a64b33432ea0f33bbfd1948ad0b6c66d853fef1e6c0d712b86c40f79ff4d125baebf2a4b32dfc8bed2a697f745cfeb16303b4f8e866ee0bb6a5eb6c6ce513b5cb84e2b44854c72ed0cf2e838245be8d098a6943d845f5a8c07c1036da86cab0d5be4ce29545fade4323acf2085b7645107dd12d5b3af7bb37be1b291cbd6fe297c4b4a2a23280358711be91f21305c035bf1f57467a1853c999b3fb478b11c49cfac66429a76099633a54689047d66fd8bd6eebea94fc8007d9e2765e2969608a78d0b96d6b30360e81fb9df5262c8ff15f2fd7000756d8cda1db3847d6f793bf803b159344c57b480c87702cb3d1260692a19ebdceb2e05a2fe2eb5ac5cfa76551a04795915bfaba9849a623e46ac1832157d0ea5255b5cacd4efa844b0ce5f2f0e1a9dc4fb115fce2640ec6d03c5fe15b4837bd6e6127349f2b6b0fd61c82c96531714f5b623ce4e4978c4a0c86b3c17f50acdd67d283ec934ed36ba7360a10ffeeb7864113eeaa25cccc66613e0757782381614b8da3cd0a85cef7bc384969517c920e8454a5a0f112d1653b2828e895d0614e5bf4dec0ec863432cce9337ce7c29affa7f29fff97bd54a6947cc68df8fed17850209242c1c67d0d7aced2efec4b3c006678bcb8716e8e9e40d78781fd6cc5b5522b8ed2ec8cecb677849b778c0a2a17817a3dd2278080e109906dd4e99b772d5911893fa09ade4296876921d1e009e714df7e4973ab1d2e593d88ecf2151e97ec66176549d3af66652c8377e162454ce7cc8ab34397d31978e84aea92a3c0a8106a2a31e33a8dfe942819fa1f2c1272d0f3cbd7dae820642cbc00202455ab7fb81857ef050a1965a291001874b38397ed9a8e8106dcfcdfd80d0f5d0ef0d5775e53cc5aeb1d6bc13886f8f3491cd6af5dd77ace3689fa2bf56e9b4d1e4964f8fd8f0a4a8b5d7fb678f0f3adcb4a19b5168ac5aeee6f087af15af3bde52a9be0f550b21b10ce98da70445284d9db9416732e63b6efb3ced984c0df50c11aa677f822af7ad39b8b4c0d236e4b36a00ff73587b39f917d7effbb37b95a96e350a430d544d68623c80bf2cd2d689b4dc41e8ef374c393092a2619055f268fbdcb9de494e6582be90a4798bac801bcac8389c823759860e7c9d692f41ee2a6b9624da3c09a2c8e7cdeaa100ba8ca25a737046d8bb237b9546641cfbb2eac9bbee9e125b14dfabac642e634d32151c06ceb3ddbb3d3f038ab2efdd063152270449ed5eca2655cd0016147ebbd00003eb8cd25297350afbffae43cfd9867543b81da4510850b1afaa199d0477837017e9098bf5b3973efe218a88b3d2bb172fe77278088997758fdc1dbb0b1fb6af2ab9db1ddf3e3fbd8e8dd35f918779ccba75b3cdfa317fc6e3cbeaa8b11ce2a30cc53292bcb9dc2a18ca400c674360c041c97ee6aec1448a025c6b04ae9efb3a01d31e3f897cfd5dc94dac95c88b95a26676cc6153e203535891116a5f4ebf54c71cbbe3215a04c57c7ba874a1e203bc66d8161d5b556f661244d9d405a2e6baaedd0d0e4c7e093c2ac0e5ee83b7ddf91669dd59016f7cb53d19896fcc838dc008da4a5fdc0a4fac1a6d7f49b24bcc01467df04d8a3f3181cc4e811942a53daf784b59186a17756a8f3a41ad93035a893a4ff60dd8f54a533e94cf87864169287804df3aa38dc5ce6021a06c58d48985c562a0f51d8b32879f9fb7d4a1d3d442626810f151b161b7e35f9a0b3bec05979e381140f31c03ee6f5549e6e7f116be5e87e0a9ab71ee632f837e9a0f9ad1b4979304c26bad6e84eff0b5b79b667e3d74e354d04f5b2c237102e41a1a4dcac99cbb911d9484aebe6ab2cb539a1db3e3302fb833a44a2d725e858ea9a65d43bb7661842b655c51a1ff25207956e8c6c71667c79975d69f688dfa34c59771488028e3d7500ba0cb71ae5751a51b568e67bdf2abb63838aba5e5cfbbeaf02285f6cbe58428a92a6fc25abb01f8d55ecbd7cc0ea69cdfb188b79048dbea488493681b0e70234463ca3e425d24e2ae4d800ce3adb04ce69428b5f884f8dc83392c22e456a2e195b86d717ac45003a99ae9a59c94167eb04aba3612528f94dad3360b46bc456fbb78072eb7f96418c71bec09831b0a63e83816ffde0d9909c06e765a666c2c41b20c339e0d39107311830ae9ad912f0a85f2ec5ca66a79798a568dae14f76b6d59e6c0bc0f9ebdff29c0fce58367c9705bd4323d3c3e125cdb13da6e58f3fdb2751401014e393e3fc688f04080a90430e531767a7c4f3187ccb7b90880955e766aba6091c4e8fed36482bb5a63372350dd08fe84bf5afd1a30a0f8f4de7a640fa84b9c0447073a0b39bf875d0377c8a572adefec3e033fb3dad91b22bfe22c01f23f27ab0c6a1ce19d2f4f4235281cbca15dafe50f383ba89a8c46a666b106c1ac534955df71f4c560010934fd3eb68eebd55487defa1e024f75ac30139cd190bde1dc8684936bc23a1882ae469fc4af8730d29658f996f71c219526497918e359228b55849d952f4b2996fe5f45a6cfdf87da93bfada579479b18d05c4e964c85b88a7bfc6e4f2b5d6e98e00635e8bd2ebb9eb40b99a9e9db2f688b2d94b8cc8c5fb2a1928624fa5df1c228e6499d992453772084bcd33dda984d97e3857b6fee43c6666b3206ccfe3af52debea4ee060c6edd194b90309213f5c4805f454c7e57bc759377aae9727e484391486be0849c5cdfa99c5a0d0687d6afdce97a32e01d45fef015e7c869ca190219a778b91d881a7b595313fb462e5bf78260c78285d6ccf5e4c50ed56ff28e3f49912773f0a58093f259b5cf4e7f607c51a81576fa95b97bf32d0e2e3511b5d784eba29a15246a97ccf608db456cd70adacc6c31913416f24f38dec3544ac2e88c409b5ff7771d873ea8d7a1868775c8b5502273c784cf945680fb14f143140b56462cd46874ffeacde7bf329fe8369df9c4b95a42535ea56ad6fa260f5c738eb9627f890f4a34f80bf3b8fe568d44c3895029b5f9557f17469a53fe4c0d581eb29029ff162ca906cd0e4bb81138be91a254752bf849232ed7042a82cda1e14dfbfdf74a09c17a9039749c789ab0242ed2d0249231c4ad70c23c805676968bdeb96c2d8886f784ecc3e42e6493e45aa20b6e8ede65c49136c9e9414a4371e3012bf596d55315be17ea9396b1df7f82db27f0d121f8aa66c40365fa686a46f430b4cd336da0d9937d5c26284bdcc6c4e0d5a6acc1be089e1a5d6ec422ad3961fb5c5c9836466c3366e6d3f2686b19b529549cacb6252b0d7a7f5df42ea2961ac59ba0b911311ccc4d83f8611f0c4b071544236037b2863d673303a4e3d428131b07f60eb2cd507dc43503456ce829aed8254bf0b51b38008d42e445acb0effc2ab7e4bc26ad76ffba1220f2e878fe9b5de39bf4f25a9ed468cdb100008ffac6bef401df4817b23463e771a3c834c32993274689c01004eb94b89bc44257b7d2b3936caab6d86937b5bb8f705d00fb6f091711222b6dc25eeaa0e350fe484337396162c86bf7d3a1ab82591ad35d393664617041142c0f8b528e947c092f28c3142493d056bd548910615e7300f041f5d01a2f00138ae5d7849244ef9215f5c9dd874e60ca4ad883f86e71690a510831e35c24de1e0d1261172bf4a8625af958febb7b109c5ca5bfffd4342c43ad02136c6eb117b4a6ea98c07a91279731c1228b01e6be755c1c1d095d3cdfe950ac32eee77327a0e7e342ccfc13c69ab6ab113b18c1abe72d39c03e351986cb3326b8b17ada5884aa7d0a553b0d35e32b8c09f1a4106f5d675a88a1508de4a0e9c598c082ae5b229b75579e39e297b225a852e3f6a7d0990a45fdf68771991acf9b7a5c04bc21a40c57817d500e8ebc6b5919219a4110395817c92bf9eb9c623606d4d98ed68dc0b51a0278b0addce8753f86316158bb4bd6a7a0c4c72b0d17b9545695e54826021a6ac44b4de1b4ea977b20af3c47b8860b0ed29a68c1a883777097d54b162cc58edc0f4de1afbbad7c340a5cd9f2f93133cb2a4babc2a688e2ddd580ef8d9d0846c269c265ce9d978aa233c73aa11eb78d3a67f4e7a3dd035ef5a1f832ada87c7dfa377b77215f8c23b1a78e4a7faa6d0c1a4a28a0ef7b32b36bd566d8c478d0133ab43f9c2a4829624eec535234eb89a177ca8d4e9d2d422f33a24d15044822e4a4c1bca5f470b8c8fde09fb69160297218398da27f4e80dbd480782ee75cecd20ad23fdbcc1d4a0acbc63241c1e2cf1a0b12949e42f707ba06b6fdbd8f336bd72d7f96ddf9ec2b5cfcc4c8da6e1ea573e97eeaea537511ac9fd2ae78eb18cb50c13b595f8b6d65ce8c08e9028fffff6b512080dbbd3fb5e5068538c05f73254969f9727db9bff0c6aeaaf83713812499308792a7fc8318e6b2996bcd1b072641be1eb8e028cbd6b0a5f1fa13bfe35b5cd0d2ca21d9cf8ed97f724ef73ab5a99d65befa38d636f2f827d229479377f25501f3a6ece12cb095549503b2299db7806d32751d4851d62b0c6a91e2e961d475d33a8874c96df52c75bb5a0569e892743937451f75345e0351bfa334d37aa43f01ad1ff984dec164faebc713de31470db5e536a0681a042ced0f9839d9ce89259349075961985171c27c410c99458d4c25614ea1d4252293c4f85b0d2ded9ac560cfd024c199d5f0f4bd47763690ba1bca88b8cc81059bb9fe82c955488523114db8c2caf8a63c0049e90ca524330b57edcf718f6a7aab0efe282079d198cc3c1294f35d1a1bf5f69a8838cfc5d4363f9ca9383f83e4f9576de3fac48866ddcde282e5e4ee3f852a063bd6423ac1fdc6201b1facd6c36609fa2faf96afc1c0b76fff27bce059ad6390fd1e3f735806ce654ed555a78ea8e59fb16ff5ac5ad183aab9de37c3d033b3018d591e7ff1a896de969f561260f797603df5fc232076ccdc2e1fe9fc789253a54af151dd50f89e777c2541591101720c893647bd4b3e6257de85251c9bcd700154e85db2a9e2c4d9d2e531a18bfaa05d16ce75f823e60416b3afebce16555536120d5f554fd13e861d74c4947a62d2d09473d8d75f03d354572b371b02e16f3976b1b0b235582ee38d938fe843b107c77c2acd88f34e1669816eb3867134b1c5fce5afad3c70f9bca972ed494577f2ba6362a6ee6b4720bd86938bb49490982a1b5ce6dd54b79f093ce27051530e1233f03d6641392d4fe7a1f7dcec8ba86d8f32f00f0ad50a29b1e17de07bd0205c0d893532c198f23656f7f5d178c0745b7e0b7e8afdd29c8fa1639a06039980d9a5fba11801db4e7868a9b77925a03a770aae3430b1ccbddb8bd766f51fef71ba25cf9184c9cfa6f9921d69066d09a656080f3c5fe475ccab94cdfccd76f3c7dada9236d1be861eb5fe6247ae9f97b7705bb71c375e8b98203c5bd224202c1aa714da47e0daf98fd3eca617f9a255df5dbe98a7520a1e6db9b88af893521f2ecf7fd2b08a7f3c5aeb77ebe6f52739b473840889c41315407477b82242d9a805f9aa200a129c4701d1c88ccd34871f356caf02da9937a88612a9755315914f4e8e1bf471a46c00650457cc06db168e5457fb3f9662994d901a1f58306156979aa795afacc1a7d6111cbea53e97fb71c7bbe44558fb06f8d78ee08e3678b5d218e13f79cf06f1da9f7e128647884589c487147b3edbdaffa16f9388568d3c8caa34a6b944e4f171842cdbb293474fcd5201b7440e05ddcf9e0b476773119516ef45077705e8bab5f877657205bf9eaaa7c86734b1b6c3661dfd4b9eb8590f962e17ad51b44058d558744e5b44cf9db280bff1062b2431d298064f11e7700ba4c8ece6f4df659d4880c4983db0152f1f903023672f6234620134bd5d1d888022da128a527d82e8fa1a562827a4f1592efe3b0bb78060626e8688ef3d5162afe9f1060123dbb1f93b7bdb6ad4ad6e1772bf8705cca424d9c42e4992eb5bef1ec7961bd4260d1e55e863fa9c8e0cb6d28b495fa37b5f59fd18cfcec6319288dd7363821e47ec46664e1994157319eb0d466b42fd9b5fac5ba979a9baf4f699dc539bf77852e18014074f88108b654219e4f9396696c94eb9fb9b360e59920f187029608bed76d09dd006f4033d384cd109726d51850202ba564599dbff7808591f834cc4084db29111de86a70217defa490e39c6e281650d15b1e44bb55164be0f6da58e838bf5f4d7cc2a23b818557ab1fad0fb2253c4da6af41591940b2608f6fa6bc25939ede95317ff96050bbc1f389235caa78adc0d801a56b2fb4cc41e73d5131552985b5af241722e0637f3b88e46b09ea875e5cf66f534666368ff8e46413e5ab557236134afa63478e18328d33b1a235deb2034955cdbb2bfd0e55fd885f380ae8efca1feea985a946519a712df1384f9e024efec61c30a6989aa3b5bd486366f3fccadc0add175c1cf0d2730ab97370eb47bcda4226ee140edbcd9b38b8ee913587125cb185adb4df18e80df2b0ea6e3e87dc8755fe6823ab5ee1feaebb1e6208cf3dd5ad5581f2388be92", 0x2000, &(0x7f0000002340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={0x18, 0x0, 0x10000, {0x7}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f00000046c0)={0x50, 0x0, r6, {0x7, 0x9, 0x4, 0x403a1810, 0xfffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r0, 0x0)
openat$mice(0xffffffffffffff9c, 0x0, 0x101)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000200), 0x2, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05605, &(0x7f0000000340)={0x1, @pix_mp={0x6, 0x9, 0x55595659, 0x6, 0xc, [{0xfffffffd}, {0x4, 0x52}, {0x7, 0x9}, {0x40, 0x8}, {0x3, 0x9}, {0x2007ff, 0x10001}, {0x0, 0x1}, {0xb, 0x8}], 0x3, 0x1, 0x4, 0x0, 0x1}})

7.868281501s ago: executing program 4 (id=6388):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={&(0x7f0000f4dff4), 0x4d9, &(0x7f0000000040)={&(0x7f0000000080)=@migrate={0x15c, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev}}, [@migrate={0x10c}]}, 0x15c}}, 0x0) (async)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0xeef, 0x7349, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0xc0, 0x1, [{{0x9, 0x4, 0x0, 0x9f, 0x2, 0x3, 0x1, 0x1, 0xf, {0x9, 0x21, 0x7, 0x7, 0x1, {0x22, 0xe3d}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x7f, 0x2, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x7, 0x0, 0x4}}]}}}]}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x250, 0xfe, 0x7, 0xc, 0x20, 0x6}, 0xb, &(0x7f0000000180)={0x5, 0xf, 0xb, 0x2, [@ptm_cap={0x3}, @ptm_cap={0x3}]}, 0x2, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x421}}, {0x4c, &(0x7f0000000200)=@string={0x4c, 0x3, "aa0fd3cbfc75b96d73ac72cbb5bc9a73d608ac27f2f0af35b22e76d4573cd7967f10df7808c5b5f9a1241d997e429fe70943a1c262fdd4aa0191cc215086733096d331b9f26845821204"}}]}) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
syz_clone3(&(0x7f0000000280)={0x2041080, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)

5.85953258s ago: executing program 1 (id=6394):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x12ac, &(0x7f00000002c0)={0x0, 0x7d45, 0x8, 0x0, 0x38b}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_open_procfs(0x0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f00000000c0)=@in={0x2, 0x4e21, @multicast1}, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.807374963s ago: executing program 3 (id=6395):
r0 = syz_open_dev$sndctrl(&(0x7f00000018c0), 0x0, 0x40280)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000001a00)={0x3482, 0x1, 0xe4cd, 0x200, &(0x7f0000001900)=[{}]})

5.708401201s ago: executing program 3 (id=6397):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0x119)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap(&(0x7f0000317000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x40010, r1, 0x0)
syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x35, 0xff, 0xaa, 0x20, 0xccd, 0x10af, 0x384e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x59, 0x2, 0x1, 0x9b, 0x1e, 0x2a, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000540)={0x2c, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x679a, 0x10, 0x4, 0x3cc}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000140))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socket$inet_sctp(0x2, 0x5, 0x84)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r6 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0xb5ac, 0x400, 0x0, 0x4003}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, 0x0, 0x0, 0x4)
r9 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r9, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a140efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb737ae996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be500e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef1d7ee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLAIMINTERFACE(r9, 0x8004550f, &(0x7f00000001c0))
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.707775056s ago: executing program 0 (id=6398):
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CROPCAP(r1, 0xc02c563a, &(0x7f0000000040)={0x2, {0x6, 0x5b, 0x1, 0x2}, {0xff, 0xcf, 0x9, 0x101}, {0xcc, 0x80000000}})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_BACKING_CLOSE(r2, 0xe503, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x103)
r3 = socket(0x400000000010, 0x4, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x5c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0x4}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x6, 0x1, 0xff81}, {0x0, 0x3, 0x78, 0x4, 0x6, 0x0, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r5, 0x0, 0x70bd29, 0x25dfdbff}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8800)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x413, &(0x7f00000003c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x8000}})
syz_fuse_handle_req(r2, &(0x7f0000002100)="1d31e9d35e0437475f03277e1e60d4c330c81c19e03cd384bda39dc048d4bde69bf6d9e3b2dcc299c85012e602d9e7ae2988629baca214b8bb3d20127a5359a4810736a43cac9d82889301660e5939aec307e6417fa690d6d4769a6896d7d70c9020d584a3a92c7bb8770ca9a44ede4e50c17987ee05d0c1aa18e9f70cab6400076dccb7e4acd7eff0c287d7b99ee3fcd69469e17be04911dd2dd3b1f47122d7ff8bcc1e8a16cd2f96241b342bda93010c2d47a02a2da8636138f0fd9994fb4a12c3dc0035843a13c9a8e7f5b95edb4dffac912ad4cd295cf6a5d8fc063ca1117dd226210939299e0f69015cff1e08893c0d0f30d4447b06421bf4cb0b73617478542952436ed36544a0dc0a5482510be6ff6135738e017a833288d9f72e68f3be0ff7aef9a79501c2572690ec9917b68eab403318b8fa7bdc71a3d885328d3b99242c3c72174c28de16e78853918f8b673e76befd375b70e8f1578bd3d8b3e87b47e9787ddc5f87951455e31225345085bf35ac1dcaf601a834e50b2ed654c7d9143e92568f802cd1b6347c0f09f45d398b9d83c1fa2f57f9c413691f9c2dd4d5337b14a942c4e6b52e13a1844df71c7fd666737e5254490da2d643673a30c0ce3a811c6502e93c13f65666f63b090f7170183ebe09e88ed68aedaf56553a73edce2c658c4cffed266f751fa4b55c90ea5e585aac2821f6e765f4f14b500941b9e4076b4ed9686c8c5b64dcafb291e5adc1f2a1030da9fd65fb7fa6dc5cec7b4d72862e38c298bc210d4b1053fa3f117440a6e7d9f89519537a4177ca7433030df1f2d2343c6f18f4ed41b8f6f5a03676b17666e177080c90d0c7755cbe1eacbc5112d4c2347fbb730f7076eca79ce3b19761c9b450601c2b32d59db7cf0bd0475fa2e789df63bf52ba1ae7e416857d4f3cafea346a483c69f2c8aecf69ad75657030da305e7db7ebfb2b22c2584af0dcbc75fabb3919985c4f96a9795b5a883c545b091caace0dc11a4b7a914688818248c16f2135c49354fdee63125a3c117d3d28fcea96f9d9515e62a74d3951100757b0a745d65ddc1af9216990c68d5c1cb67ce2717958b81a03991fccde52156e01853199f73dc9a57c58fd70aafca3a98ac227253e2172a64cf13805b8aaec28de9d5bfb621f8f62f90a524df50bbde39b62af200296a58254d74195d2fd70101c21c717b043b233e9b84c2c586a198b9f04bad5b4dc4dad6cdb1cf7adca04ac1e878562c4af02edfbe967a4549a5af3a8465a714a51237352c3c137ce869a7b8892bba0835b3f31f693a01a72511fa17c78210181932752507b1b405ff415b4db2e2d128bce65a94387fefa7641c538c535f2d61ac1aeadb232a9ceaeacdf48710179d412ac7642a6267a51e60d6195c0db17ffa16295498879fd6c06b8769d1ac1e9f71aeef39e64c781437b0e2743836c59ea0abc130b2d9ba5b788e30c338329fa35c5c2665af1460159fd9e2150f01deb33823351c0fbe34f397aba6d14c1c881310ecdf8fc94fc478e3f2b98ba54442aa8fb4f45fed819ae08aa85f51b3cf50ed742f97e0a774622919f14b755178770a17f1ccf0d97c567febd3e17db7d4007c87eb242492c13b879e4291877334dbf48fb81d110390c3d61e4650e9b998f20530664a59eb5c98d366bd2938b6e5bc7f70f9c502c72af8995baa9c7d118e359980a8e24f81ac5d7da5e0bb066c6aff1629147427519b973a5975af25d998fe9433737ece1824fea79da7ef43feb598b5937d1ff315d8e0b91d7635d9e44ab108248decb8811374966197c1de6cdf5f14775d1d9efc9878ad98e6beae4b97d279203a21862a2d6150112111f618e8d45a504d38480a56bd847e17e216a115f3e21f715884fae5ef5a9768b37ab3cbeb3172be71e565e3b4a81df4f33ef6bfc8a0005d86a3f2042aa759606a2ab971f668730fa1482a4971201e4b583b8da492067df49c14b66953512fb61e7a29da56646eaf0598f3a65187023d051f6158e4922678ae3ca1b8c59326ca149a9fd48af23e9abe7f975f65f6034dbe2b0ad3673773ac1cf39e5bedbe200d43467d5d3b80e75573b91d336bc85a563b8cfed4b12b51193343d5e805ec840f14d9ba4f40034945aab3fa44486b9ff74f97cd1a6f90fb47703f5c4fda87ee2f605d91766ac91156f301b032d77a85a2f31f815fb077d16da7b1c76c781001a53a4af19ab544253b14fca954ba5c3adf2599163076158527a152ba720bcbe554313e145295fe0838d5f11c9abcafc62ec28526c25b6cd051e85831ee07fc58f0793b75cc4e694bd18e398dac6f93258a23925d592542c4a965405c8a5f10fa0060573d6c57da39a3109bd2fb5cfafcd6976a96a1ed77513e3eded8b81f3589cbb8ba53b3f364471ad89bce4c99403b861bc869f0c20f21c68b65e409888fe74ec30fa371dd8f39409cf67fe4dbd992118afb2a8dc9c36c1b7a068a48bafa0aebddaeb1cad940d36e3a36e499ce2422e4f8de72ac44706983af96009317af18b93ff68d7989d09ab04a475a44e936327aac71ebc71feb71f3a674be1da08d6b40b96f7a7065e98c4585094d6ea6d195a0db13d3f03ee8b794092d21a80c47f41a23144ebee60992a52ab72b9b2b19322b3e2578c55aba7be4e1670481212e4797fd3f5475e6d2b9edf0d4f0aa8b90d3179eb4c348356ea36d67b856fefc80b447804c8b21b385800cf17fa70a1edd38ec17016d314e675b82280b81b245f463b0414b2681d36025d313a4c29d603d3a8d0aaf6a2c5403c1cdbeca9fe8e3f2a095a0d54a5059451ec31ea5af6539a6cb4f7a50b445884b83c555535fd3460b8fb09ba4c580f2387271a47dbcdbdfcd371ffb3f07a65cffb971aaebefaa3ce4fe378f98b30dae731b27f336e576992afcd6e43ac9e4a10d8ca7b3d8933803093375c119cf1747f740f5acb3b829d5fad396cda8443babc702bf996af1534b3ad0aa8a855323f3783e625803716a13ac4f33b1e02ebe5fd14102d4770706130948a288cf9bd39e6c117ef6a199ec0bb6c14aa77e8f14edb84061afb84168ca9d461d52904f888c6aa9b86a111d014b376fd9d0967cf14738bd315fabf1b2d604317a1a3b53f32f56a0318344964e621c132635681d81eea3c20e3b5582ca89b92da3b8707ba8859fe55ff73c670f8c098cd437fe2e7fa32dfe84036b3ffe7623a72b96b7bd1c1fb1fe9461384eacde42d2171b2246b2f85366a1508d25dc015988efca5ef2fb0a941a821d692888ea786b0a0fe989751cc049a68de7407df68069bfe697bca773da4e29ae23cd7f01a52ace70eba798eab412cafc370c7323e0e6a1458f632d7c7f353cf67e04bf876e1fc9890d2197946d0bedf8689699193c658f3a4f69b88eea819b5a2ecbe04c5583e5146496bbcf006fb7e3b4bf3a6966f78aaa11fef4fe7a0dc56afd16e83a504e112136807e7143fea2e58bb929594f5182ee2f55630ae9edd7f88b371ccc182f6f9f92f0bead9b4b819897d5c76ca9a4006599edf464a891b2e32bf01e6b6cd0cc688bc8a117390d4d184e3b638030410d10b32fd205332ae003ba755edbaf1fce3cf3e8fb836b4426afe2ea949141f3135241a42a231e268a46132a96093be6939f247b470edc61d95cbd420c8b9b0e0bef5a39e2ca2b93584c2d4c7a14c1cfe400aaed44f2f7afa37cfe07137a9155b663466c99c15d25c738b902ec305af0d1e04d25c01d35f0d018d628319475a59f523c0ad01abf950f14eddf2fb4060359ba04341ab60b923563ed66dee98fcb450ee38beea31ff61c7babde95353d0dc522fe4d9abbf13997205c4062231b0ad896845a83f6bfb656a666f5dcc5a88313631cdda5345becb25eff915a2604bab82f3b769f1acf1a32232273d17e3de45b8ee4aedbaca50a317b2494cabba17a236cb814550bb0f1775e355f76aae01a21a39db4771ab2648a9bf56d5b530d2929f990f7085223acc76b46214cb0b468388b7fd392cde52c61dfd8eda44f26ef9f040add00e6e42c5915c3bcce06086f460a1dc9dd00b8bfa6b38c2bc2adbbfd569bbdc6fcf6e19c00dbcbaae5564ca870d8a9f964ed37fe76446e851445b93acb30d348206427c81e49316f12aa0f8fb588ebb127a0545612e6655bc5a02dc5f9e176aba7f504253069316c6874144e4c30a67c66a2c5daf243781ef2861bee5344961bca19e13e2015251bd7d032e483d5c82bfee0f29daebf4cf00f092b27bd52dcd55c9fc5e746d11adfedafa9f9df1cc5e7459f7a770df6e26ced4875b89e6d8de9ad45aa6a652e921cdf1af9c2ab69ed3695990a63d703175eb8b5fc630840f8f0bf50f88a6d15c3123963826cc8ccfa4fa4a39db5355f311d9df664b4ddd27964383b6f980f8ddff759012ff3482accbbe439f43144a741274d0e5715800939ffcf003ba8b35138daf771bd8a2a5a74b94a684b183bf3c6604c2759600ac28cd42c8313b244996ef48e402c4cc9efbc2a570cc60114cb8b3deaadb81b6f0fb2ce7b5343bca24032df60976001d694debbae9f94a7a23e7044e709d9caa182ad404db3c88d13ab46544f4d76fdcea06a6628f00ac147063d66a04d85d246cfe0a836ae75f1b29c8e7ca4051c74e1c186e79b68220b4b3447e9c97d7aeef8b2a8b49a559596e2a9c577a22a463aeb8cbb1895ae7f419ac17ef43fea25c2592fc4612d455f511a3df8e42451390fd6251eae350b4dbad95cb72d383e2e3a9bf433895a63bddfe867d3128bdbeab043c2814500dd3591033422aaa30a7b535ff03f21b7a52b6b8f79f6b7c22d2878b92dbdb10a8174c634a8ce843df49ad773bb418d1b7e05027382250310f09f91fb7a961f9201af75922d871343b53fbb50c4cccd013b391f16d8885943e31d0e258cc99fdf3402ea702e7bf57d2c84c6ad945bcbb2802ba5837dd965ab33b25a935b8c023d75b24ed172306a9a0888423e91e89aca50b8190a78754010bfdd3b5b227108489b0498e817e8541cd1db1666686d2eec9f9d62748c90b06dddbbb72faf3f0f57503087da6ab8c7fdce08a98f8198853286dcaf56cfdd46c462dea9a8214bc3522fe2fe10573df7fd4f88f662b2fa7b3e0af2849bf43c94ccd2380d5751eb7928d4dabbc6cac4b05b0194792dc1ac2e9abb47aacfa540f1b5accd16bd4d26c4cac209026e96c8af7dce9030c9b22e7d02030bd1dc07caf7f7b06153947dfae620a9334a61b49fc2f975b56d6464eece4b0199bf037214d02463a877e62d70a106f56c7db6580fc5679b089d075f7c98a01aecb64ba90963772aa6bf11224da633fd9867a949ee159d0493cd1d102fa885413806e84066beaab6554221eabc3f978051cce495a65ffdc8cb4c3b1df0fc5b8c47a6d91ae758eb8ce3a1bb35141bbe81474f90f4c177ba37986d39ccef8cc32fed443320bf081574bbc749f9e7c1753d4823a584268d944a45157988c97261c821a59a9ec3e20d19c46ab7e9aa95e360164db8d3ee061237c120cff01685debe6bcd659c3276daa14c7005e8ea31dd19fcd27c3e9970ebeb7f164671ae541a1a232340678afd00b6ce7655e86063885fbde53e9324f33615fafd57d8075549ee891ba234c72b9ee435f92fe5b9ff9b7092ace3261cc7daafb70878254f38463260fbe7bd1fd1f28013b1cab510871a24d1216f0a2d376802022a7a62af692449001be9de4cff162c969f47a32fc1aa34b6ca247f53aa73ea71a616eeb7cd7ac0af78a56cfefa430ac6e0c904bdc0205e76b7d545106475705381360700c69bea36cacd6a5a7cab6c923bc8c5cf1cf2856ebeb6638b59009db6ea692284a2223d56429c1ad4474d6185a037ea81120d666109bd72f2e0b3e8203ac32518872580c28aca59844be3ddfef0c00f0f6de60f4646282e543034e34acc01ae6e1cb8a9b953a259856de3ba951737824500740d18337a7e6f783c89bd212950539e6e7ae449e97b37e1d56e23425f4351203a24aa5fd676f5223d235d53cacc1444aae32b62422427d274a7c674459efa0a0a5f34df92b05c8d9092c0dd73e932229a25f6bd2929f214f7c965a6986548c012579361d089914674cb99fb0426617ac343f3ba4c495f881e2c5257d3979fbeb2e74e65c0a53256854ba7de4045ad5ddb1d14b250deb8978f1c2f64a383bd44c43441d004ab8fe7714f29af5bf86e546e2a8c56ff1d22360f65efe8d525622c32840a4ad8427ad20018adc0ce38d6ecae551d4a24a4cbde7d9789db7fe730d7087cd0637f9bc13e838c3b28bdbf8bd28dc3437966e72669a4e0ba94b5e96fd359f0cd6ee7d8e729b838d00e900104a6d8a5a2a2d24e507c8200f4651ac3e6470e84b8ad1dc7714a29a68ee34265c92fdea5f20fec18eddfd379a3633ca50de16ea7b597a0eba503bde3be0cf5f3f314242d7285371dad6d446f0916b5d44cba72481b35405e2d383ae2c6cd7e9fca92be9b6335a6a7b5202aaac4c9e0be160cfb65f0d6e059013a27d524ca8d22dfe5e123d33612d07734e6990d629350ccb772ac3e83bc8e162099813699c752ecd19dd4502bae519a961417de61428bba088914f4b0c652c79610810bf6d78ce2dcecd1fcafa7c73ccdecd70976c57bf9074b150ce29f4509414ec118bfe280bddcb14f479dddda087c9b15b803fe7ccc8e57fc71f9dce24037075bdb13b74a9b9210b0436989bc10249b3dd917e92113121d39bf5015c53f0454b24bb79a335b1bc7c10f72f69213551818975ee241c3bf2f14ec2a2e304922b32e45a5019ac1b69b280b67f1264988ce42faf59f3af477113c60fd039695e9e6f19032671962bb255691f4a0784002965e351600cfb004b758eb49bcabd9e24387fe8f85f502c0e016c8430b083b75d1ee497a69773cda3515f375e67f6e17c7a776715bc57366ed796967bdbe930dea0f37df0f1022ff39213630b53fa81f61ae12d287a3f68d5c7cdf40fa15dae5c262e8ef9e673ba5c43b47bd54ea2dc20984a549bc72d9c4246fc75dc147dc986d7e35cc439fc58210f31f4c395dc189bbc4b503fc5cd12ab8e44371170f185f9ce734b0392966ce161afb1bbc049e203d38fe9740c00db1673a73e404e1a3acabde8dbbaedb0a538898348f0ec7d096e15341450e7e244172629e530144a9ee137db30b8e717e1bb75886e330d85ff1c1ae518b0693e1dd1cb3df433b541327fadb66aaf65d50713fddf3bfcc21b269a92541778bd9ef9ebab958d762aa7bad6bf6eb3b3493d66178a5be692eb01bf9699ffb3f6e6c8b5107b7ab2a8393dca276d0ce2c45987ff5aef8bea9b5dae6ddf0b0dca67ed9a2d19aac66ecd86a6fd2ba2667f390adb0e1f34d53bf9a0b4002baf73d66026e4d1cc9a7615a9ddc1f046b06f738aa892a5c7052e383ebd768762994080d1f20716356712ecdadd3f3d5919a35f78fb6655a4fada519c3eea528d0a8ee1c3d2c0653a012caa2e2f8c27af736bfc41339d758d6641d03291e22f27db49e603c6ca7cba2c036026917347bac99573fc1cafc8c3df46c7b35417ba149ee817a462a038ecbfac2109f410ceb3f9ab63aac29a5ff06cc13f5086a6867ea3692f0ee416928323f50fa51df86da82307433c94f891eb3a6d38707abcd3ecbb19bfcc5f65a6199740daf9f6848da3c54858a7a62d39c8d78a4aec1298dc3a407032545b843955c40fd6f2205dd8d3c25c6dd763ede6a2a85e61388b25cb36ab8b5fdf8a36e90f8bb806ec7d58121f0f461a6ed3f488232bd1d57d9fbe3e6bbd188530e2de007c5d9caa1428ee552855173071d322fba849ca1d40d55e35573a47cbdab8633b1d72eee9f3faec4679bb9887c7378d1ca8ef7d01f8d00badc0fac806c36ed0dfbc8adc1de5b05a68060a380d20001eec8ceb21c6f502a90f03061ad439c92f5a5608165837a4d9118888eaeca93bcf829a9c7167e253d713a242e32070ab9db0d298aa018d6bc17044667f231dbe8a4f1c076ce6fb22266682dd38572a1ed910b7141f9d4dbb199d0ac7ebd2a6e441201ca20574e77ef6a0a889ddf9c1e5c3fe0405cbbe002d451889f0ab1f982962973735ff0c980e47f86a28dad42b765cd8913835d48ce045fb8aa55e3ea81cf14d736a724af2ed3ceeab1ec33d00368805049ede790ebb69e5ab77a0dcdeb7e238f008483807c395cd6035207e1e0c003ca56fb798a4e6d38ad7beba80d6b5c68270f3aee88aa8fa18f5ed92f8aeac0959b61e0426dfb9c1515e306e53ae561398e5eac21adb5c38bd02478b0900281753539ed8fca3343f0328a76693cf9f1fd454305ab39621f7671b1669adbf69a00a84c7469f966e7a87870d3f24540d212b161469dd93709ae84c8d4d83eae73b447c1f6793776f69e13017513574d9e69deffedbd2f265752d3cf3df9034461d2ee0c8c30f69f74da99953ec88bb5c45b46bc6441c45a6b4c3bbf320b904aebce6bb2c44a429917bef1c716b166924074812ff70a64f48b432b7a4642b9e0dc30ae4b4456c41767be0b3f4766ae32e7051dc8fe8cb8ca797a3251baaf43863f037fd00de3a58659b6990bda3f8e10bf3a3e504d0f023cab20935621d990a0c9fd60e29fa9a65e2ba19283c0700cca3352d8587f482c59df72c0f76b59e368c5790f68194d742c9b160121a78fcdd2323bf9c1ebc18d2026a973d7073404b33db3d46431a4dad83687023b39e31e54c8649f901c93f6fa21b3a815013029224edddb5f3314f8deed9a0f3859b6e8408d4c7309ee65d95217e6de74aec8affa4333da605561377cc76feb626df88cb04c9b8ca5130a662400befec7d745d34590c184c16c8d2870717f82a3b173d788ffed8ed281240c650f7fdcd55c995344334bf5d329cbd6168e6bffaa2760a0fe02edface9282ceb3817236991ed3850a62d7556a74ee8f9d2bf2094d13b421e9afa286dfc0c76489f5e05916a92ce6e3ee485dc1ad95cd169c63caf94a1c6b5fb5912418074ec87a2d16538ec79083755a839cb6401033d2f82a3a3af52935518c547983eba9c9ad897129533999609de60c92e53b661ffa58c4155f8f049f612b54b30f42ca4f5a89c5e5eb5ac4dddeea63c68fe27a8f930f3796af0a4c258a6bdd2c8780d0cabc5abdce87e8e9b969b5b2766089a8992d524a7144dddbb291e78886e00b8ed356f3391151fd49ff16c0e4d7f11f0c714dcc793fc2ba1c86b5684232cb5f35b4321ef648677be0125b3d37af854bb8aaf303227141e8a3e6f1ae123be39058f23d79623b2d933ab512c0e0ea870f8912438e2b177561aa894955a983b9bc3938fad957b13b48a40f0db80b654b1a03508c38f7a77fc80fcf27687f7844cc128a5859b7de113bf40d379063ec686edb56203828459ae575c37a7a684c9b32f8eaad4d3a8be4da48bf64650c24776781202354127cf392b7ba1fc8145ceff44da2bb2afc2a47391fb5596e8c4742a8e9287b0c1c49a66b579f0131c2bc45c80ed45f05d02f01f8fda4eaf36b3545d4f50d65d26bef7607a6cbfba5bf74522216d8cfc6c6217878e29ef055cbfcc884d65719de05645b350b9eb77b6084e48506069301749e4102d34ed58333a175e0581491dc2e2e921e54209f97b0318deb251ac2d9e197200a889e3a2588728144c7c5c99d54c499261ffaf1ae4d95fd9165bd13027ce2eebb34e02a1ada7af036d4a9aa7a6bfb72af203cfeeb36edf67f26786ffc15ccf4192b53f2736e429210a22918c459620571dce200158b227efb3d8ee7926eb1647e7a703641cfc2c179c28606af56779fa8fc225f16ebdbe54edc1b1603ad39262079aba86825d5fa75c1643f2ef5e56463947f7afa92945e81716345816f9b0146fecce984ce78fc55fbe1dc89400b243b3e5f313f7cff20efae9296d6fbcf290f6844a1f848a4bfc842112183dc25a08d0853ba5508cb3f82d430d0dfb3e0cf1002ea891b41e0676f149915daa823988d286daaa2bfbb2256bb047f5f9aa6078bd7cdd6420e10cb3684426d0d5b26750bcd2a85b2bc687e10281eb8f2aea6c1e31536bbe6864ea50a12b3798c324f9cfb31ea486c5da5da25eb16c8a0b2c37752b17b6a268acc39af2a198b827d57a5a7f02d0204af41d2eb02df928aff76f53036ffb2f0f01232080d810d02a9e4130f07c3c5efd5898f0ab2bd6f5e6091c043a809da6a8c36f5f89f58540dbb2d0125efa11417d06aa21d0029bdf6fd07215870cc0feed6fb0329e7a1ab6dd70a80771a694741d169bbf530a93f171534e56ceaa2b43d63f466b21fc1e6b953ff51e0b9881cc64528990d7b0d4c2dae235eb04261b2369c5b7428bb4f4cfd196a4c16af141c4bd787a8764373aee609aa2c8622136115e80590175410d6db3f10adbe47c37395c66042e20f4409332ec3af579abd7041af84ed547731fcbe6709ebdd71ccb21c6b7ad3bb00b5b4fe1a7352703a077d8c0dc386223a8ce2f6df54d1cb8351032a6818a75ec9ecf36d199d623e462a528a873096aab0dc7cf74f889d152b289df096fda397b5108389e5989f57ff21dea05ac5b053b46d37cb59d340e07096f5114872b61c710f5469dabf363c79e214725a627b543618ee0768f278fe3a80e19b0155f630a8cf441a2f3b78fae740bb1714a2d37e7b4748959eb4ddd18f39c9a009593332cd35d593e27a1fdb8c51e032ac4fae6a61aa2c32131286e33fbd5c44daeaece59bf0c0ac982aa13ae398a8eac4d3eda4582ffceef12dd55ad55352de0508f53ea9faf7d29a58101602f9cbcc3a8638850320d7e558cf40b7bb5512891cef17c1955801b0af2629eeb80ae8040cc2e9e84426805d11b2f08aede4ba2d47201a3126b9dc8d9cd6e0a99969a3113b334f3b9126ea4e839ea93f68dbed0ee30540bec979cf2b9e117bb25be71f244f3bf7b64b3eacb5d98283d132478e2c4624fbab7a8d0dfa8ec126026beacd8fdd7221d025fc81c1c1805736598bf6c3b43d5d8e33d8a3dd8e5e22afedfd71e1ad336df3b1b5d1fdfe424a70cebd20809093bd963bda95b9375ef885eb699445e6ff51d29b114390b0f3a00f8ca079b0ad5e5cae842fa12939346b07bf3f9c334fde14c487376e97b71891bb943ada8a4480c92e4d87371223d69ab00d9990b6d26bbb050090a44bd1fc48d99e1fb000f4c383a3824f5e8608a78f93196d8baee48107c300d2451b2aeb4cc902d456bf8ba5492d5bf30c9a073e39229e4efa9232d7477e520d851b9e4a95286d1cff69817e254e8faa5a190232f633fce91d9c83d059b7e0b638362579eeed8f1df38a9f12f7086c002cb7392c02cde8bfc39bffcc4736285d73dd4f509ca9636f05359884c0ebcd1959ab6f33be9d50ac067df45ae80e5aa0dfe3662b735dd88bee08df50db2314353fb7869d9a39a29d5d8b5650f761f373a5ff8c784f792cd08aecb89d0bc2e1ef8b1e4ff72029e1a112c42318a292c772370a1bb232a58890daad99361ebd93db418dd32013890c4f41ef2d280f4465961cc5c6f1b819e9c7499a1015ae784ae62496c5f1c7c53b7e525c50933df55dbe7161989f9abf4075b26699c176a3c3d18eed35cc163061abbf1b9", 0x2000, &(0x7f0000001140)={&(0x7f0000000080)={0x50, 0x0, 0x3, {0x7, 0x2b, 0x400, 0x400004, 0xf, 0xffff, 0x7, 0xa, 0x1fb0, 0x0, 0x40, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.12743204s ago: executing program 0 (id=6399):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x7f, &(0x7f0000000940)=<r2=>0x0)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
pipe2(&(0x7f0000000000), 0x0)
getsockopt$bt_hci(r3, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
io_submit(r2, 0xfdef, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000080)="c3", 0x1}])
vmsplice(r1, &(0x7f0000000cc0)=[{&(0x7f0000000100)="03", 0x1}], 0x1, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x2a, &(0x7f0000000040)=ANY=[], 0x190)

4.823771591s ago: executing program 0 (id=6400):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="58000000d90f01002bbd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="398902000360000008001b00000000001c001680180001"], 0x58}, 0x1, 0x0, 0x0, 0x40088c0}, 0x0)

4.684370344s ago: executing program 4 (id=6401):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x2)
ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000100)={0x4, 0x18, [0x0, 0x80000000, 0x1, 0xffffffffffffffff], &(0x7f00000000c0)=[0x0, 0x0, 0x0]})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140)=<r1=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r1, 0x1, &(0x7f0000000180))
fsetxattr$trusted_overlay_origin(r0, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
r2 = dup3(r0, r0, 0x0)
connect$unix(r2, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
ioctl$HIDIOCGNAME(r2, 0x80404806, &(0x7f0000000340))
r3 = syz_clone(0x10040000, &(0x7f0000000380)="4f633f345596e4bbaa357e8a6133fabd6bb8d5d1efa7758b6bd629f4932ffedaac66345f6e7ab3ec60c36a7c9ec443e3e61f385d06bd77466d7c014eafa2c6474c730d2d0638575709827b8b6b16198a2c16c5892f92923cd2f17d006d3c648004d437015998e022742a11de0a6b7a9045538ebc050fed1e3a0e4a4165c2021153e5bcc1e0cf5f830ece5c48c034b987e96cc4167dda67f246fa7a1ccfdb4649811eb16030b4838a38047e16cf8474308c38a05cf8e2c668d832b7aa46a137e52df2dfe7171c0a13268f61d09c", 0xcd, &(0x7f0000000480), &(0x7f00000004c0), &(0x7f0000000500)="9e9f5afec09c540e9af849089b000483be8405c1f1025ceded2604ae2f50bc2a54ca2457e87e9c9384897c7961f7d7834803ca8216b6bfccbf025b84442bd45d6f5c12ad48edcb0c47e11a9ff122655c52638d5a931cb799d926cd1d690e743341bfc52c833b95e67b8827cc63991ed332e7c625944bd2df71c8bbfc434964b1e15e117f0e0c257ef8d831a00430dd86fe260de99dfcc0e5f9320e698a4f37a1c8b9aad7c4d4f1e9a958efcceb160634498880590d3c04b0bc1b323dfb")
getpriority(0x0, r3)
r4 = syz_io_uring_setup(0x74b1, &(0x7f00000005c0)={0x0, 0xd528, 0x80, 0x3, 0x18f, 0x0, r2}, &(0x7f0000000640), &(0x7f0000000680))
syz_io_uring_setup(0x38e, &(0x7f00000006c0)={0x0, 0x9602, 0x40, 0x0, 0x2ac, 0x0, r4}, &(0x7f0000000740), &(0x7f0000000780))
fcntl$setstatus(r2, 0x4, 0x44800)
ioctl$KVM_NMI(r2, 0xae9a)
fcntl$setown(r4, 0x8, r3)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000007c0)={[0xa, 0x8, 0x2, 0x7, 0x68, 0x6, 0x7, 0x1, 0x7, 0xcda2, 0x2, 0x1, 0x4, 0x5, 0x4245, 0x588b3c3a], 0x4, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ptrace$PTRACE_GETSIGMASK(0x420a, r3, 0x8, &(0x7f0000000880))
ioctl$INCFS_IOC_CREATE_FILE(r2, 0xc058671e, &(0x7f0000001bc0)={{'\x00', 0x3}, {0x2}, 0x131, 0x0, 0x0, &(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)='./file0\x00', &(0x7f0000000940)="de98cf8050cbfa6cbfd1801b81fe730d7d2fa0f85df9036f4faa98d9e2c59e6b499e3b1370328fea60ad4b910a4b636ac19c29f95ce03822194800ac3ec3c61ddfda2e2f70d97b661d23ec9cfbe86254f9c12a801c260536b87978e2c9cad2a0cafa4d9dc1f6bf7556c3e75ee1bd6630becec04894c14f3cfd724867c18372de239d63d494aa27e3ba1885661d9796f6904db684214767523d86e008fea0d34b9d4aa48e13f2e633a0b139c243cd48de67947cfe7f118ffb90de4b721eecc51172ed8fd0125b7145db250366723a26058a838cd1e18e542932aa2513da3560ca524f79b37ce14b56a6eb88436b07b65b556194069fa69bb28f92b7899e1ca6eae2", 0x101, 0x0, &(0x7f0000000a80)={0x2, 0xfc, {0x1, 0xc, 0x0, "", 0xef, "0b0d34cb95e9f513e15800aad83770708e9c4ebff9451a9b1ecf14d72e3c82808fce7aee8a1bc0ad457440104cba051d6fe92c47754bd8816d7af1874db9b5e91d99a02236e45c1ad76b6dd8895fc8fe979fcea2a38fe39d3868c2aca5504b838de13873dfb754f3febb162e7c06cda2d2b9a57ca4bd10360cef20862614b271ad8d1710dfd9dbc6d59cf301e584677ee1b61d2bee203be377fda240e3d7b7f8c0490b027310fa9cb19c8decf49a810549ef8d748794e12b237b5cbab21456d19b20b5ac5337217d5de30f7779f646b7c6209b71f2f0730bda51227d0d0f4a384d41a3f9fe4dff8451be51c2b5ef48"}, 0x1000, "b69a2809ed85ef534b017e7ee024dbe386e5a11a6039f454439677c38c55533a78d0a0364644df2e4b18df09a3ebbb8ec7b9cfac97de7006800b5e589bcbedbaf681a56564b2a03e0272f6dff9785bad2104c7f2db98c7451303ea0b531a6b2e1c447310147c2c9b283668444930491a189e42af21be83959661c61bf5fae35d70a7d7de295690066feda519ddb41934dc0409e66659393068d059a9405db31deb51dd2dbfb30af646756e6702a8531bdc9e807fe7e166649424a8779c512fdb8a14dda33d0a473973934d614a5d69632bacf4a44562a174b73cabf6af879f385da3288b76d58451f18d375a330ecb1de3b73267833d298ffb988ad04a962a414ce276459c98a41265b037f655a082495783e307708202edd35d917a0fbf6f4d0273abb38d4ec8c5679e07bd9eb258b9acb2f7a6c0c9d0b110da6d093c4e10cf68fc1a9afee75823826256b5fe86543026fe3701bac646a6dea90ea96f8c30e44b3eaab2d5e3ac6eb29051b88043257962e7da5d06285e849bd30f9fb5b9bee569d79787cabddd53a96d8f029e7589b2d75e31f39ed69c04467f3a601efb230260247955bfe7c7b321ef1e125f2a7a4dbe0e87c28ada8b75631effce30013ff3ea7e420f63841ace2740caf9c220de1114fef395f830090350a110542fec302209a750b1b57c6f91943e63c0a921342d4f6d8301673daa2145f372bcc2b2ef813b0fa652a367b527323c7c61874357744c4f55873f384a41a051a4d2775bea71d7cc0b77e89ca57e4a8d0fa6d1e05a9003aec6e3d40aababd5de17fd03567979541da5e819cba322d48ee77d53749b517262fa679a83381775451846fd869b0acb4e072587aa1a91a85c28efcd4a70b6caec590aebc938f0042a54de0dd37d9e4a031e20a1e557a99d7bdcb38a7147869f39842f663ac35e5f08c52ace8c2f80337dc496a53e159e763d5f34d97aa84506281655ed862cdab70cfb722cca589692321f9c3eb675b4abcc6348fe7a1c58922c2e63cee61ab12fed5cbff4a67e4eb9ebdd1cec883778f0f5bbee0848200d26128eb70beeadd762eee8a31d5d3f207e2d9b42b57133f196b45b756516cdcc20bb8e8e3409cb4a4bdbb319b3b61ee1882af293928672bdd4edb3ef30e1bf151dcc7151da8a105cbaf684bf2d7018b8332c393db8585c9d390d394b0ccf735d3186852825435b9fbb5e5e32137eb5e734e9a796003e959dc7ad3b6de780cff28eae5578a78998eeef39d737ae3d987229759fe658b48f9f8f0ce7f390658d295041a9dee9729667830a8418019a40b082b9d38317be5e46c0b6bdc4b122bc557e6a7f7f5cebe5f44885e6cec0095ff483b0dbeb389af5df6b08c57cb65244bb7e6c8f25c49c3a1187bb6b1801bd5f85302ab4f920ac3ac41ebff0fa347e5856adeade7cf3888d7df82b55d9ea2b4b81319f674d9ed3a1cfc7810047ce97abfd2e06ef251c41e6971096828b76a50ab84a62cbf1134fd7f38b16d4763a91c832e07cbfebc39b89c25fe541e3db6003c8bc6e7e26cd491ba59b1eb62ee0619d6825b62ea07a6379a190acc9fbfefc50af6cd7d92890db6a8edb38c0e5756af302368a71e6ce4a7f35ef6c7fb3c9d1f1a7be99253e144c07e37bfedfa81808ce9b20f05873f00460647ea70aea490adee147f629c2aa8d946bf56b88d88d9decb3127c206d0650d5d38bd8fcbb4a4c2d87a48690062a777d8d507074b41831c029e0ddbbc7b5708afa09c0e6d25034f08ebe9d8c310b1c46d78c646ef6894843febfb4591b34e40a99cce4eabf8764fe8cd4718183bb092704ba585f2e53937051a948f454d4cbad59dcc3f32d12262e3d304ea22ddc92f6926473de810593fd9ce479c69ad82d0007e1e7d5c91cb8e0811ebd98ac74fa147ab71ad3492cfc6e2adb4a2589147b217e9383c2d38c20821b95c1f9e312ae541055eb212f11cbc8706bfb660e315b25b6698f51739c944c7b2c291d036d40085423a35baf9488e70f732feb00c824a9c2d900be0c1830c002c85a2d10cc4da19a71b7f316b9bd670f68cc1f4f05062c50ca539d9b574384219dba1221ac9cee9d80c746e43b1a3fbc36fafe378fc2656cc628a722f2b1a3ea9e80c3147c44101a07f0b37738dd5e41d0687c76a4a283cae2117d6f91caf8c6b7923871d9922aca4f8aa99be243ba7df753f0de6fa0fd6f89a1262037b287f40285332deecaab1961a13fa97f56e2ada9c07367ca16a37d4dcf8bdf3f65192dc69973e74612f11fc6d1e20a47750e8e6cfc398c3402780da50df3bd75777da0ca4398c45cb64ae9ff93ca906b371eb12185e61525f84664a7d87798d41c8413d336ed795e094eb0cc3e058c0564c72cf7ec15e19ff7036739658637109850a47df155b84ae4c944e08f2f9e6eb699e6b8f6fba87446ef32463bb3f1130a6cd3e741f5af2a709408888a3913064a45bbab0fa0e16b2bd1dd0a007a0fb62cc2fe565c38128497a6e16ba5d0bf2bc04dc4daf7f4b418dca88ec111dbfc8117bea537f92a2603380d79356aea0a0c7e7e0b42d8003ec1af66b5a24c45f4e80fcb5f0387591a55ed2d4edffe553f51f8dc68d1bd4ce89d79c4b4d948748fdd6fe5a04a36f17e8310ee30e2bcc615288364d8e220b4a7cb50acbe04b190696e4602e3ffed80f4965b063365043c4750e5c827e8bf986d900a0f27acf2c0ddb699754effc4b3c2a71b8aaad785597d2bd2b8688c99d1c5a75f102f97a2072244e6e5e5ea90988adcb371bb810dafb3347ec22cefa37b6a346c625dc8a262bbbff1d22ea7b2da0d57c857451e676ac5bddb7bd7cf4d50270a5026fe97d9fed5a852c671e5c9120e227480f48166af0f979d3c352e415c01362d597fe129b2e9f0ecc2151f0708c002ba761a45b42895b9e82727725649302d3089d7cdd306414d919f1cc555f9acdaaf4de77ce930810f28cc015901bfe8ddba5af476862147f0f5e27be895d1c82cae93cba58cbfac6c3bb0b508c6ac952007dbd1415f2b57e021491c6b1a918e3af51bfb48ae4d72ad29c3f936f0cbef9593ca90d58c2574fad8dacbac1bec87373c2471c8eb9c403498471e0e732c7dd94b99d87a636598e245007e02ff8018d8997fd7017aac4e97537551e2231dcc8c54c116c875cb242ab21e8d6f8868d8207f5561f09333cef2dda2f4b48ec8ff069d2cfe1d95003ee141ee4e0ebcc7ae305900f33c9c66043a6f7fbe5dfbaab10526dbba59079dbfa8e842b92784faa7e500723a0f10c821a089d27b0b1ab07c07f1edbd55f9a53b9f26bc0f69670574a1c238116206e60c8c934d4b2b663765d8ac8c57e7f7f8e6aed126225e92144380849bc69a47464c083db9bc72dc4aeaa5d53c55dc818941c42be1e8af33edb0ce2e80103c2b6a38d65f2d8bf46b59523ea0abbe478ea235827988c7808f0b20ddc2e2a98e2acb766cd740ab88f9048a00fbf1fdb93c7b7ab01939925500f1af8ec87b7b9441798e1b461de29eb7a74c698457838892e31b959936743f6218b3289288261b04bd1b0af3d9064c07f5f9e22fa60254b170e968672ba1b96751701b9048048376122c1099aa7be8e0826e0e4189989543beaaeb2055694ef585866576e15dc708bbd23e6b14315da2ee2e13485d3add71cb871272b87a2de62807445e360b24c0be63161afd8b5db98e10c4c8c0d0eb61dc8e5f520433153e745ada58a10ebd97078f83ea075464ba934b70d9037df04c313738ca53d8c47a9d4ca51cf0820a05164329ec52533ef8641be157054de3426db8ca767bf2e1ee1834018b8828a77710b15d4f7be1c83f78e9db38b65930af72bc6b4e5228405ac2313894c7968a79e9e7b661ce4258019612b7699abddbc0985aaf646289fd3045e1428480a031d604914458926c650a52ad47f2225db24079b8f3e4be8622388e2c3506a16eeef1f2a482af863a14e5e52abbb569c368e90ef5711018ac7b69f85a078d198a12429256fe6072378d6cc212db268da9d3922de6845df884b9c57b0ead69a94ecd1040be64b5676c08f5e62ea5715c53a025fea0a405690c482468bf6ac5bbfd6c516516fede10612ebfef7a80b512fb165b57b078c5a42ed95e62794be314128db86ed1c10b465ef374f6a43d92d9467bb040b56ae6fbbbba446c05dd19696754ca4ff94b18c1a7591854f1e18ee370209f5dbe828472d973dd83f86d76fe50a077fc7afa250bc4058a45670675eaa41814bbae1297497e7646b26541377ad6e845f96fb9dcf057f557828482ed42c72fd40b870acc2013fc702b2f702a9cb1887eb7e58f348f478026c38f2826045bab696ba2bebc41db3b069574f33631fd04e1772a3c8ff3b76322b561df5e11a21df65d27f035d5b19aa51feaa4634ca9ae90ae37da5d63448bafbf5d3e546bfe003efaa826905620d4596501bfed76e0c9b3510f394e8052ecca927600f35d51412bfb513753475f57b44555f16113da04d12d961b8df701d1c78d75c1a91ef18459408144798674451b7c3b02739dfd063a1356d067725874495530cd9eea54c93059ae4b4f4bd6e5ce722e4a829ca107282fe1a98ad9d6930728f4d271f4ee9dd1ae35454dfecf3ea3d6ea83f7f7f4a92e58e59a65eb8876da6193bd46855e1955fec3e535cfd1460d8c840f0a16ea3e3f8569d685ade953745a06672783cd61fa3a2334e15cd0a24257fb23f0bd8fd5945121038dff9addd1194cdd8df40cbe9d3c278e9f18f1e7a903f7e65fff43782188a18083a23bbbec5367dcc7c1ffea2748a21b98e4867d1adbf464e0c25aeff2e37d57accb6b05b98421b728b0dec9d8a8c32052fbfcbbe42599041a7e7093d482fab1a98bd5cc19c6217b7f0ae66c31b7b1f31311b1c74cd63bde6bf8eb02c418a536abe68e692b4921ad5fc63e2304dab75c3a74ba7ddd08bff6899b57a52e47578c5cb17a96d548f3e45d7eb2fc5fd8a7a74db8b235f68074d7e78381a70ca370408cacf1443547147c5c3d73a4e9e4c2cb9620a5cde3e03fad26aed928684e49dca6dc29ea9aff6d12f37a37899cfe08ee485e21c6d66dc77d667823445d7534483fa5625be7a95e700d94d5a3904264b94c0b75e08f375a835863dc52b70cf5047ef60d48692d86e529262e1784a9926da0969eace71cc3917979497da10dd7d6abe064ac40a9041a693b6ec35b94a13a998806719a2d7758e826b4c04102e45314095f1f704604f815bc9b67f1fb722f875a257bec036b84c829b9771b69910f57589d6086aa158f4a69f929fc6c3e368dcbbae8cf2c080e233f90f175141406dc8c60840f5408b353dbdc82a1807eabd4bc082fdc2a3a54f73782842af5f4349e4f8a7ac26b411df5d808dbe78ee7e9c600f10dc0714a871a5a43adb740b5293eee95ee2214aedd977a780a81169a99277dc1f75dc849f0af94825fb97da792c71ff229eeca4038715415f5f392bb81460ee40532d12d5568013e03fb75dcc9a4d5814f4223f4a109b67c32507bf12ad4503d1bd4ee3d90fc13656e9ded80171b89ea1306ee84eb1446da44b7c441b9337b82a7043ccdf4d7f81002157c982e393366d88be60b054cf4e451fd6991836b05f10823682c63f85835bdef937cf6d1c21611ce53e03346c713e1bfbd842af4ddd5b73c7a0ff552a458eb0c7ac4eb01f8d1736df1e331bf0208699938356601d94745a9a9582331c46fb0059b322736a98821f5fda5b95fdda4b33bdce808464f16d751fd4aac16e1dbccf38dc592d0556a1c57e11ea94e597d48876e9cef9ef86c"}, 0x1108})
r5 = syz_open_dev$sndctrl(&(0x7f0000001c40), 0x8, 0x20000)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r5, 0x80045530, &(0x7f0000001c80)=""/145)
socket$can_bcm(0x1d, 0x2, 0x2)
r6 = fcntl$getown(r0, 0x9)
ptrace$setregs(0xd, r6, 0x7fffffffffffffff, &(0x7f0000001d40)="4172e94aa2652f81d01a50e3dfe58199579807fd3ad71a4200300a339d026ca5dcc9763d4fc080ce6bea63388b37baec0d815e95d7695162addb88ad9ca0457936e539ae13f50fe66a636928469c5ef26d107a794e5b36a94d558a2770b96782011d8c6f6efd2e92e559ac8f45b5ee9794300b598a166040957831c068b380aeb45d74076a6ba1e549cc5774c34a6c7e8b497061f8b88baea26ddfcd2b60ac77cbb9825b24742561826ee21954bf1dcdeb3f60e3b09d82678d95160f0a")
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000001e00))
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000002280)={&(0x7f0000002180)=[0x0, 0x0, 0x0], &(0x7f00000021c0)=[0x0], &(0x7f0000002200)=[<r7=>0x0], &(0x7f0000002240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0x1, 0x1, 0x9})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f00000022c0)={&(0x7f0000001f00)=[0x0, 0x0, 0x0], &(0x7f0000001f40)=[{}, {}, {}, {}, {}, {}], &(0x7f0000002100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002140)=[0x0], 0x6, 0xa, 0x3, 0x0, r7})
syz_open_procfs(r3, &(0x7f0000002340)='fdinfo\x00')

4.575483775s ago: executing program 0 (id=6402):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r2, &(0x7f0000002100)={0x2020, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000940)={0x69, 0x7d, 0x2, {{0x0, 0x4d, 0x3, 0x7fff, {0x1, 0x3, 0x8}, 0x2840000, 0x2, 0x6, 0x9b, 0x1, ',', 0x8, 'totmaps\x00', 0x9, '()^@-#^}\xa2', 0x8, 'totmaps\x00'}, 0x7, '@+*&#\\{', 0x0, r3, 0xffffffffffffffff}}, 0x69)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
chdir(&(0x7f0000000340)='./file2\x00')
mkdir(&(0x7f00000002c0)='./file2\x00', 0x0)
rename(&(0x7f0000000000)='./file2\x00', 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='.\x00', 0x5000009)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140)={<r5=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x100000000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
munmap(&(0x7f0000ff3000/0xb000)=nil, 0xb000)
mlockall(0x2)
brk(0x200000ffc000)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='totmaps\x00')
write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0xf}, r5}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, r5, 0x9dffffff}}, 0x48)

4.545429629s ago: executing program 2 (id=6403):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000000000000a000100ffffffffffff0000"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0xb, 0x8000000000000000, 0x6, 0xfa11, 0xffffffff}, 0x0)
statfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000800)=""/193)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
gettid()
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
close(r4)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
socket$isdn(0x22, 0x3, 0x506ef02d16505362)
r5 = socket$pppoe(0x18, 0x1, 0x0)
getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f0000000440))
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000180)="e502", 0x2)
r6 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r6, 0xc00864bf, &(0x7f0000000100)={<r7=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r4, 0xc01864c1, &(0x7f0000000900)={r7})
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x50, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa198", 0x0, 0x3c, 0x0, @ipv4, @ipv4={'\x00', '\xff\xff', @loopback}, [@srh={0x2f, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@private0]}, @fragment]}}}}}}}, 0x0)

4.305221609s ago: executing program 1 (id=6404):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={0xfffffffffffffffc, 0x4000015f})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001", @ANYRES8], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000200)={'erspan0\x00', 0x0, 0x700, 0x8, 0x7, 0x40000000, {{0x1e, 0x4, 0x2, 0x23, 0x78, 0x68, 0x0, 0x7, 0x2f, 0x0, @remote, @private=0xa010100, {[@generic={0x86, 0xc, "0332e9a863721bc6e7eb"}, @rr={0x7, 0xf, 0x9b, [@remote, @empty, @dev={0xac, 0x14, 0x14, 0x39}]}, @timestamp_addr={0x44, 0xc, 0x48, 0x1, 0x7, [{@multicast2, 0xc}]}, @timestamp_addr={0x44, 0xc, 0xa6, 0x1, 0x7, [{@multicast1, 0x600000}]}, @ssrr={0x89, 0x1f, 0x9f, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x24}, @multicast1, @local, @empty, @dev={0xac, 0x14, 0x14, 0x1a}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @generic={0x86, 0x12, "e315258c8fa02e31da19bf04a0e85be7"}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'syztnl0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x5, 0x98, 0x70a0, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, 0x10, 0x40, 0x3, 0xffff}})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x18)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @private=0xa010101, 0x4e24, 0x1, 'none\x00', 0x5, 0x32bd, 0x9}, {@loopback, 0x4e25, 0x2, 0xfffffffe, 0x8, 0x12d5c}}, 0x44)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYRES32=0x0, @ANYBLOB="0c0000000000000000000000f1a84e6895b1abf54c84e0d6b6e1c5f532ac2fb4b2c2ead34b2cba"], 0x30}, 0x1, 0x0, 0x0, 0x40000a0}, 0x810)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, 0x0, 0x4040040)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)

4.236668519s ago: executing program 4 (id=6405):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3d0)
syz_emit_ethernet(0x66, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @random="80754f36bbad", @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x30, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x39}, @remote, {[], {{0x4e23, 0x4e21, 0x41424344, 0x41424344, 0x1, 0x0, 0xc, 0x10, 0x7, 0x0, 0x3, {[@generic={0x5, 0xa, "5d08800000000000"}, @fastopen={0x22, 0x12, "a063ee96f66e046c3a00a53459a104e8"}]}}}}}}}}, 0x0)

3.757041053s ago: executing program 4 (id=6406):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
socket(0x10, 0x80002, 0x0)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$video(&(0x7f0000000100), 0x9, 0x1e3a00)
ioctl$VIDIOC_ENUMINPUT(r3, 0xc050561a, &(0x7f00000002c0)={0x1, "c5c2a91e002b1b800000ffe73d5eff0010ffffffe70000ffe700", 0x1, 0x7, 0x1, 0x1000000, 0x0, 0x2})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x2, 0x6}}, 0x20)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
timer_create(0x3, 0x0, &(0x7f00000000c0))
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0500000005001800008000005c"], 0x50)

2.488215359s ago: executing program 1 (id=6407):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000040)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", <r4=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda501009bdeffafde25", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f00000001c0)={"0080bced01eb0100000000000000000700000000000000c900", r5, <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r6, 0xc0383e04, &(0x7f00000000c0)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$unix(0x1, 0x1, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x304}, "25beb819521eb41d", "cae5e9937ba539347092dd17d39ed975", 'LP3F', "50f641306280c4e9"}, 0x28)
setsockopt$inet6_tcp_int(r7, 0x11a, 0x4, &(0x7f0000000040), 0x4)

1.575952434s ago: executing program 1 (id=6408):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000000c0), 0x10)
sendmmsg$inet(r1, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000070605000000000000000000070000080800065e001f00030900020073797a3100000000050001"], 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'veth1_to_team\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x102, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {0xffff, 0x1}, {0xfff2}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xfffffffa}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7ff}, @qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0x7, 0x2}}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="d8000000180081064e81f782db4cb904021d0800fd027c05e8fe55a10a000b000140020203600e41b0000900ac0006031100000016000500000000000004015c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000022c0000000e0a8d5dda63e717542700000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$RTC_AIE_ON(r7, 0x7001)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000040000043e43b3a7ee61f988d3672c5c9280efd17869318110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
getpeername$packet(r8, 0x0, 0x0)
read$FUSE(r8, &(0x7f0000001b80)={0x2020}, 0x2020)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f080, 0x15})
ioctl$FIOCLEX(r0, 0x5451)

1.313590145s ago: executing program 0 (id=6409):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={0x1c, 0x2e, 0x9, 0x70bd29, 0x0, {0x4}, [@nested={0x8, 0x1a, 0x0, 0x1, [@nested={0x4, 0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x42804}, 0x84)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
write$tcp_mem(r1, &(0x7f0000000080)={0x7, 0x20, 0x3, 0x20, 0x3}, 0x48)

1.289963998s ago: executing program 4 (id=6410):
syz_emit_ethernet(0x3e, &(0x7f00000006c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x4, 0x0, 0x0, @broadcast=0x1000000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty=0xb00}}}}}}, 0x0)

1.216333604s ago: executing program 2 (id=6411):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x4, 0xfff, 0xfffffe0000000001, 0xfa11, 0x6}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002d40)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, 0x0)
socket$kcm(0x2, 0x3, 0x2)
socket$kcm(0x2, 0x3, 0x2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r3)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000006800e97800000000000000000a0000000000000004000400886d97f44a190f08c6243b4cdf56bd5ebeb90761ce9ec21c99f0349ba39c8563c4bac571b76c17fdba914c20eabb20d90cdb79971df4c43c8578d931c454d50b52d738e7f293fde4e52142f8ad8960b97dad30267b0c96a129b5900d15d2dc823aba7a86e111fd6c3e48847867f70ded3fe2ef02c7588965d326"], 0x1c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000000206010200000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a2100000c000780050015800300000011000300686173683a6e6574"], 0x58}}, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x5, 0x3, 0xc06a2f7, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newtfilter={0x48, 0x2c, 0xd2b, 0x800, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0x10, 0xfff1}, {}, {0xfff3, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_CT_LABELS={0x14, 0x61, "d89933c8221bed90b593a1f978374fb9"}]}}]}, 0x48}}, 0x24044094)

1.173497252s ago: executing program 1 (id=6412):
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf00020106500008ffffffe7020d0000052406000108247c2a6ad07be4aefb0000000300ff000606241a05001407240a050905580c240c00000000a90c090003042402020424"], 0x0) (async)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf00020106500008ffffffe7020d0000052406000108247c2a6ad07be4aefb0000000300ff000606241a05001407240a050905580c240c00000000a90c090003042402020424"], 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) (async)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000240)={0x1, 0x0, [{0x30000, 0x1a, &(0x7f0000000040)=""/26}]})
r1 = socket(0x1e, 0x4, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(r1, &(0x7f0000004400), 0x400000000000203, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000140)=@routing={0x3a, 0x6, 0x2, 0xe, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @empty, @dev={0xfe, 0x80, '\x00', 0x1b}]}, 0x38) (async)
setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000140)=@routing={0x3a, 0x6, 0x2, 0xe, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @empty, @dev={0xfe, 0x80, '\x00', 0x1b}]}, 0x38)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x0, 0xf0abc20785377744})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200002, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="17"], 0x20) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="17"], 0x20)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0xfffffffffffffffc, &(0x7f00000003c0))
ptrace$getregset(0x4205, r3, 0x200, &(0x7f0000000080)={0x0})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x3a}]})
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)

1.048661842s ago: executing program 4 (id=6413):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f0000000200))

832.437446ms ago: executing program 0 (id=6414):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x12ac, &(0x7f00000002c0)={0x0, 0x7d45, 0x8, 0x0, 0x38b}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_open_procfs(0x0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f00000000c0)=@in={0x2, 0x4e21, @multicast1}, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

630.452889ms ago: executing program 3 (id=6415):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000300)={0x1, 0x0, [{0x40000000, 0x9, 0x1, 0x0, 0x2, 0x6, 0x1000}]})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x190, 0x11, 0x148, 0x0, 0x0, 0x190, 0x2a8, 0x2a8, 0x190, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @local, 0xffffff00, 0xffffff00, 'lo\x00', 'pim6reg0\x00', {}, {}, 0x11, 0x1, 0x1}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x8, 0x2, '\x00', {0xffff}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'geneve0\x00', 'veth0_virt_wifi\x00', {}, {}, 0x5e, 0x7, 0x27}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1e, 0x3, 0x10001, 0xb3d6, 'syz1\x00', 'syz0\x00', {0x1}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x288)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCGETA(r4, 0x5405, &(0x7f0000000000))
ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000380))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xd) (async)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xd)
ioctl$KVM_CAP_DISABLE_QUIRKS(r5, 0x4068aea3, &(0x7f0000000300)={0x74, 0x0, 0x20})

0s ago: executing program 1 (id=6416):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3d0)
syz_emit_ethernet(0x66, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @random="80754f36bbad", @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x30, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x39}, @remote, {[], {{0x4e23, 0x4e21, 0x41424344, 0x41424344, 0x1, 0x0, 0xc, 0x10, 0x7, 0x0, 0x3, {[@generic={0x5, 0xa, "5d08800000000000"}, @fastopen={0x22, 0x12, "a063ee96f66e046c3a00a53459a104e8"}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

1
[ 1777.780093][T10376] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1777.839796][ T5885] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1777.856158][T15999] Bluetooth: hci2: command tx timeout
[ 1777.889436][ T5885] usb 3-1: config 0 has no interface number 0
[ 1777.965239][ T5885] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1778.005038][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1778.067303][ T5885] usb 3-1: Product: syz
[ 1778.131506][ T5885] usb 3-1: Manufacturer: syz
[ 1778.141409][ T5885] usb 3-1: SerialNumber: syz
[ 1778.169569][ T5885] usb 3-1: config 0 descriptor??
[ 1778.223369][ T5885] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1778.266893][T23824] bond4 (unregistering): (slave geneve3): Releasing active interface
[ 1778.403564][T23824] bond2 (unregistering): (slave geneve2): Releasing active interface
[ 1778.470454][ T5885] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB2
[ 1778.528255][ T5885] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB3
[ 1779.412990][T23824] bond0 (unregistering): (slave bond6): Releasing backup interface
[ 1779.430731][T23824] bond0 (unregistering): Released all slaves
[ 1779.907181][T23824] bond1 (unregistering): Released all slaves
[ 1780.202305][T27366] kAFS: unable to lookup cell 'ÿ'
[ 1780.209592][T27366] kAFS: unable to lookup cell '(,c¾Ì'
[ 1780.580049][T23824] bond2 (unregistering): Released all slaves
[ 1781.178641][T23824] bond3 (unregistering): Released all slaves
[ 1781.517684][T23824] bond4 (unregistering): Released all slaves
[ 1781.731186][T23824] bond5 (unregistering): Released all slaves
[ 1781.941813][T23824] bond6 (unregistering): Released all slaves
[ 1781.976893][T27359] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5921'.
[ 1782.097832][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1782.098417][ T5899] usb 5-1: USB disconnect, device number 41
[ 1782.202586][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1782.212137][ T5885] usb 3-1: USB disconnect, device number 66
[ 1782.281148][ T5899] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1782.299845][ T5885] quatech-serial ttyUSB2: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB2
[ 1782.364726][ T5899] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1782.397946][T23824] : left promiscuous mode
[ 1782.427559][ T5885] quatech-serial ttyUSB3: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB3
[ 1782.439861][ T5899] quatech2 5-1:0.51: device disconnected
[ 1782.460573][ T5885] quatech2 3-1:0.51: device disconnected
[ 1782.492473][T27379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5926'.
[ 1782.787051][T23824] tipc: Left network mode
[ 1782.864798][T23824] IPVS: stopping backup sync thread 16628 ...
[ 1782.979430][ T5885] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[ 1783.066213][T15936] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 1783.173172][ T5885] usb 5-1: config 0 has no interfaces?
[ 1783.181950][ T5885] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1783.194699][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1783.209208][T27403] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5931'.
[ 1783.225417][ T5885] usb 5-1: Product: syz
[ 1783.234739][ T5885] usb 5-1: Manufacturer: syz
[ 1783.253805][ T5885] usb 5-1: SerialNumber: syz
[ 1783.270930][ T5885] usb 5-1: config 0 descriptor??
[ 1783.288745][T15936] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[ 1783.305950][T15936] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1783.325900][T15936] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1783.336824][T15936] usb 3-1: config 220 has no interface number 2
[ 1783.347008][T15936] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1783.364032][T15936] usb 3-1: config 220 interface 0 has no altsetting 0
[ 1783.371959][T15936] usb 3-1: config 220 interface 76 has no altsetting 0
[ 1783.379602][T15936] usb 3-1: config 220 interface 1 has no altsetting 0
[ 1783.393181][T15936] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1783.412819][T15936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1783.433168][T15936] usb 3-1: Product: syz
[ 1783.437533][T15936] usb 3-1: Manufacturer: syz
[ 1783.442306][T15936] usb 3-1: SerialNumber: syz
[ 1783.584313][T27385] bond0: (slave netdevsim0): Releasing backup interface
[ 1783.620560][T27385] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1783.657122][T27385] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1783.784013][T15936] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1783.795379][T15936] uvcvideo 3-1:220.0: No valid video chain found.
[ 1783.802328][T15936] usb 3-1: selecting invalid altsetting 0
[ 1783.846237][T15936] usb 3-1: selecting invalid altsetting 0
[ 1783.852596][T15936] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[ 1783.891582][T15936] usb 3-1: USB disconnect, device number 67
[ 1784.083193][T23824] hsr_slave_0: left promiscuous mode
[ 1784.089828][T23824] hsr_slave_1: left promiscuous mode
[ 1784.169085][T23824] veth1_macvtap: left promiscuous mode
[ 1784.180042][T23824] veth0_macvtap: left promiscuous mode
[ 1784.190315][T23824] veth1_vlan: left promiscuous mode
[ 1784.195727][T23824] veth0_vlan: left promiscuous mode
[ 1784.855742][ T5899] usb 5-1: USB disconnect, device number 42
[ 1784.900329][T27422] netlink: 'syz.1.5934': attribute type 10 has an invalid length.
[ 1785.794723][T27432] FAULT_INJECTION: forcing a failure.
[ 1785.794723][T27432] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1785.811958][T27432] CPU: 0 UID: 0 PID: 27432 Comm: syz.0.5937 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1785.811993][T27432] Tainted: [L]=SOFTLOCKUP
[ 1785.811998][T27432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1785.812005][T27432] Call Trace:
[ 1785.812012][T27432]  <TASK>
[ 1785.812018][T27432]  dump_stack_lvl+0xe8/0x150
[ 1785.812040][T27432]  should_fail_ex+0x412/0x560
[ 1785.812057][T27432]  prepare_alloc_pages+0x22a/0x650
[ 1785.812076][T27432]  __alloc_frozen_pages_noprof+0x12f/0x380
[ 1785.812092][T27432]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1785.812108][T27432]  ? __pfx_policy_nodemask+0x10/0x10
[ 1785.812127][T27432]  alloc_pages_mpol+0x232/0x4a0
[ 1785.812144][T27432]  folio_alloc_mpol_noprof+0x39/0x70
[ 1785.812158][T27432]  shmem_alloc_and_add_folio+0x445/0xf80
[ 1785.812178][T27432]  ? filemap_get_entry+0xca/0x320
[ 1785.812189][T27432]  ? filemap_get_entry+0xca/0x320
[ 1785.812201][T27432]  ? filemap_get_entry+0x2ac/0x320
[ 1785.812212][T27432]  ? __pfx_filemap_get_entry+0x10/0x10
[ 1785.812223][T27432]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1785.812249][T27432]  shmem_get_folio_gfp+0x5a9/0x1670
[ 1785.812277][T27432]  shmem_fallocate+0x96f/0xec0
[ 1785.812313][T27432]  ? __pfx_shmem_fallocate+0x10/0x10
[ 1785.812334][T27432]  ? vfs_fallocate+0x5f0/0x7e0
[ 1785.812356][T27432]  vfs_fallocate+0x669/0x7e0
[ 1785.812371][T27432]  ? __pfx_vfs_fallocate+0x10/0x10
[ 1785.812387][T27432]  __x64_sys_fallocate+0xc0/0x110
[ 1785.812400][T27432]  do_syscall_64+0xe2/0xf80
[ 1785.812413][T27432]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1785.812424][T27432]  ? trace_irq_disable+0x37/0x100
[ 1785.812436][T27432]  ? clear_bhb_loop+0x60/0xb0
[ 1785.812450][T27432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1785.812461][T27432] RIP: 0033:0x7fc6cb99aeb9
[ 1785.812473][T27432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1785.812483][T27432] RSP: 002b:00007fc6cc7aa028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1785.812499][T27432] RAX: ffffffffffffffda RBX: 00007fc6cbc15fa0 RCX: 00007fc6cb99aeb9
[ 1785.812513][T27432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1785.812525][T27432] RBP: 00007fc6cc7aa090 R08: 0000000000000000 R09: 0000000000000000
[ 1785.812536][T27432] R10: 0000000000400001 R11: 0000000000000246 R12: 0000000000000002
[ 1785.812548][T27432] R13: 00007fc6cbc16038 R14: 00007fc6cbc15fa0 R15: 00007fc6cbd3fa48
[ 1785.812580][T27432]  </TASK>
[ 1786.115909][T10777] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[ 1786.350134][T10777] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1786.363527][T27436] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5938'.
[ 1786.372983][T27436] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5938'.
[ 1786.376957][T10777] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1786.393568][T10777] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1786.431671][T10777] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1786.455473][T10777] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1786.464191][T10777] usb 5-1: SerialNumber: syz
[ 1786.561600][T27430] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1786.587743][T27430] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1786.823623][   T30] kauditd_printk_skb: 106 callbacks suppressed
[ 1786.823669][   T30] audit: type=1326 audit(1770133430.085:3948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.856917][   T30] audit: type=1326 audit(1770133430.085:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.880225][   T30] audit: type=1326 audit(1770133430.085:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.905028][   T30] audit: type=1326 audit(1770133430.085:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.929778][   T30] audit: type=1326 audit(1770133430.115:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.952644][   T30] audit: type=1326 audit(1770133430.115:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.975698][   T30] audit: type=1326 audit(1770133430.115:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1786.999284][   T30] audit: type=1326 audit(1770133430.115:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1787.022872][   T30] audit: type=1326 audit(1770133430.115:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1787.045636][   T30] audit: type=1326 audit(1770133430.115:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27426 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbd3d9aeb9 code=0x7ffc0000
[ 1787.292197][T27253] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1787.475490][T27253] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1787.552076][T27253] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1787.562727][T27445] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1787.646514][T27253] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1788.196426][T27253] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1788.260307][T27468] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5942'.
[ 1788.308177][T23824] IPVS: stop unused estimator thread 0...
[ 1788.324405][T27253] 8021q: adding VLAN 0 to HW filter on device team0
[ 1788.384544][T23839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1788.391822][T23839] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1788.516503][T10777] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[ 1788.524573][T10777] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -12
[ 1788.548669][T23839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1788.555986][T23839] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1788.675095][T27473] ALSA: mixer_oss: invalid OSS volume '00000000000000000003'
[ 1788.685630][T10777] usb 5-1: USB disconnect, device number 43
[ 1788.870808][T27253] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1789.329336][T27253] veth0_vlan: entered promiscuous mode
[ 1789.468449][T27486] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5947'.
[ 1789.743299][T27482] 
: renamed from bridge_slave_0 (while UP)
[ 1789.804246][T27253] veth1_vlan: entered promiscuous mode
[ 1790.419950][T27253] veth0_macvtap: entered promiscuous mode
[ 1790.533074][T27253] veth1_macvtap: entered promiscuous mode
[ 1790.675219][T27253] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1790.708131][T27253] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1790.744446][   T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.916417][   T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.963566][   T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.984438][   T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1791.487718][T18025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1791.495677][T18025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1791.540641][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1791.570355][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1791.779859][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.788906][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.453843][T24954] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1792.468597][T24954] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1792.483361][T24954] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1792.493814][T24954] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1792.502472][T24954] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1793.043945][T27562] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5958'.
[ 1793.265989][T10376] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1793.581139][T10376] usb 2-1: Using ep0 maxpacket: 32
[ 1793.595003][T10376] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[ 1793.603312][T10376] usb 2-1: config 0 has no interface number 0
[ 1793.675900][T10376] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1793.695514][T10376] usb 2-1: config 0 interface 85 has no altsetting 0
[ 1793.717523][T10376] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1793.729505][T10376] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1793.739488][T10376] usb 2-1: Product: syz
[ 1793.757137][T10376] usb 2-1: Manufacturer: syz
[ 1793.771181][T10376] usb 2-1: SerialNumber: syz
[ 1793.831621][T10376] usb 2-1: config 0 descriptor??
[ 1794.048889][T27561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1794.067671][T27561] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1794.176596][T10376] appletouch 2-1:0.85: Failed to read mode from device.
[ 1794.183850][T10376] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[ 1794.192505][T27550] chnl_net:caif_netlink_parms(): no params data found
[ 1794.463478][T23824] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1794.512525][T23824] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1794.571177][T10376] usb 2-1: USB disconnect, device number 55
[ 1794.587913][T15999] Bluetooth: hci5: command tx timeout
[ 1795.123322][T23824] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1795.256743][T23824] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1795.677801][T23824] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1795.741281][T23824] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1796.329339][T27610] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1796.456860][T27550] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1796.464064][T27550] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1796.471387][T17285] usb 2-1: new full-speed USB device number 56 using dummy_hcd
[ 1796.561903][T27550] bridge_slave_0: entered allmulticast mode
[ 1796.585599][T27550] bridge_slave_0: entered promiscuous mode
[ 1796.652229][T27550] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1796.656090][T15999] Bluetooth: hci5: command tx timeout
[ 1796.716954][T17285] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1796.731777][T27550] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1796.756462][T17285] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1796.766866][T27550] bridge_slave_1: entered allmulticast mode
[ 1796.795992][T17285] usb 2-1: Product: syz
[ 1796.797781][T27550] bridge_slave_1: entered promiscuous mode
[ 1796.820419][T17285] usb 2-1: Manufacturer: syz
[ 1796.852066][T17285] usb 2-1: SerialNumber: syz
[ 1797.038757][T17285] usb 2-1: config 0 descriptor??
[ 1797.159831][T27550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1797.248837][T27550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1797.313639][T17285] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1797.483869][T23824] bridge_slave_1: left allmulticast mode
[ 1797.500431][T23824] bridge_slave_1: left promiscuous mode
[ 1797.524946][T23824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1797.607024][T23824] bridge_slave_0: left allmulticast mode
[ 1797.623113][T23824] bridge_slave_0: left promiscuous mode
[ 1797.642010][T23824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1797.802290][T27624] xt_CT: No such helper "pptp"
[ 1798.735743][T23824] bond1 (unregistering): (slave vti0): Releasing backup interface
[ 1798.748086][T15999] Bluetooth: hci5: command tx timeout
[ 1798.754519][T23824] vti0 (unregistering): left promiscuous mode
[ 1798.903309][T27651] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5971'.
[ 1798.937730][T23824] batman_adv: batadv0: Removing interface: gretap1
[ 1799.314443][T23824] dvmrp8 (unregistering): left allmulticast mode
[ 1799.595594][T23824] bond3 (unregistering): (slave geneve2): Releasing active interface
[ 1799.792232][T17285] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1799.870527][T17285] usb 2-1: USB disconnect, device number 56
[ 1800.286492][T23824] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1800.305309][T23824] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1800.370372][T23824] bond0 (unregistering): Released all slaves
[ 1800.820979][T15999] Bluetooth: hci5: command tx timeout
[ 1800.883481][T23824] bond1 (unregistering): Released all slaves
[ 1801.378279][T23834] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1801.574086][T23824] bond2 (unregistering): (slave veth6): Releasing active interface
[ 1801.832202][T23824] bond2 (unregistering): Released all slaves
[ 1803.017628][T23824] bond3 (unregistering): Released all slaves
[ 1803.275160][T27550] team0: Port device team_slave_0 added
[ 1803.284221][T23824] tipc: Left network mode
[ 1803.295505][T27550] team0: Port device team_slave_1 added
[ 1803.534057][T27550] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1803.550021][T27550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1803.585714][T27550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1803.697303][T27550] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1803.713943][T27699] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5982'.
[ 1803.749179][T27550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1803.776411][T27550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1804.478051][T27550] hsr_slave_0: entered promiscuous mode
[ 1804.494694][T27550] hsr_slave_1: entered promiscuous mode
[ 1804.557908][T27550] debugfs: 'hsr0' already exists in 'hsr'
[ 1804.564051][T27550] Cannot create hsr debugfs directory
[ 1804.906722][ T6863] hid-generic 0000:0000:0000.0074: unknown main item tag 0x0
[ 1804.955574][ T6863] hid-generic 0000:0000:0000.0074: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1805.027875][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1805.027897][   T30] audit: type=1326 audit(1770133448.255:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1805.315436][T27725] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1805.363067][   T30] audit: type=1326 audit(1770133448.255:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1805.462488][   T30] audit: type=1326 audit(1770133448.255:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1805.689753][   T30] audit: type=1326 audit(1770133448.255:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1805.834093][   T30] audit: type=1326 audit(1770133448.255:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1805.882627][   T30] audit: type=1326 audit(1770133448.255:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1806.050824][   T30] audit: type=1326 audit(1770133448.255:3970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1806.077387][T27730] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1806.198189][   T30] audit: type=1326 audit(1770133448.255:3971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1806.261828][   T30] audit: type=1326 audit(1770133448.255:3972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1806.319919][   T30] audit: type=1326 audit(1770133448.255:3973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27716 comm="syz.2.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff504b9aeb9 code=0x7ffc0000
[ 1806.686170][T23824] hsr_slave_0: left promiscuous mode
[ 1806.705749][T23824] hsr_slave_1: left promiscuous mode
[ 1806.752928][T23824] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1806.787749][T23824] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1806.799567][T23824] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1806.807820][T23824] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1806.983313][T23824] veth1_macvtap: left promiscuous mode
[ 1806.991356][T23824] veth0_macvtap: left promiscuous mode
[ 1807.016582][T23824] veth1_vlan: left promiscuous mode
[ 1807.029820][T23824] veth0_vlan: left promiscuous mode
[ 1807.408981][T27764] netlink: 'syz.2.5995': attribute type 1 has an invalid length.
[ 1807.465700][T27764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5995'.
[ 1807.582156][T27757] hfs: unable to load iocharset "io#harset"
[ 1808.801978][T27775] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6000'.
[ 1809.715933][T10777] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1809.893600][T10777] usb 4-1: config 0 has an invalid interface number: 197 but max is 0
[ 1809.902099][T10777] usb 4-1: config 0 has no interface number 0
[ 1809.908892][T10777] usb 4-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8
[ 1809.919573][T10777] usb 4-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64
[ 1809.936974][T10777] usb 4-1: config 0 interface 197 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 1024
[ 1809.953067][T10777] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[ 1809.979976][T10777] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1810.005928][T10777] usb 4-1: Product: syz
[ 1810.010403][T10777] usb 4-1: Manufacturer: syz
[ 1810.015138][T10777] usb 4-1: SerialNumber: syz
[ 1810.042163][T10777] usb 4-1: config 0 descriptor??
[ 1810.058632][T27792] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1810.079018][T27792] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1810.311576][T27792] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1810.321661][T27792] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1810.356000][T10777] qmi_wwan 4-1:0.197: probe with driver qmi_wwan failed with error -22
[ 1810.604447][T27762] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5995'.
[ 1810.615065][T27781] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[ 1810.673519][T15936] usb 4-1: USB disconnect, device number 53
[ 1812.509590][T27824] bridge_slave_0: left allmulticast mode
[ 1812.515394][T27824] bridge_slave_0: left promiscuous mode
[ 1812.586342][T27824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1812.630254][T27824] bridge_slave_1: left allmulticast mode
[ 1812.683954][T27824] bridge_slave_1: left promiscuous mode
[ 1812.703979][T27824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1812.779652][T27824] bond0: (slave bond_slave_0): Releasing backup interface
[ 1812.876942][T27824] bond0: (slave bond_slave_1): Releasing backup interface
[ 1812.905605][T27824] team0: Port device team_slave_0 removed
[ 1812.951575][T27824] team0: Port device team_slave_1 removed
[ 1812.987307][T27824] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1813.011464][T27824] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1813.044402][T27824] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1813.095909][T27824] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1813.131816][T27824] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1813.199291][T23824] IPVS: stop unused estimator thread 0...
[ 1813.657915][T27852] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6016'.
[ 1813.731323][T27550] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1813.842318][T27550] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1814.016080][T27550] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1814.078202][T27550] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1815.259910][T27869] netlink: 232 bytes leftover after parsing attributes in process `syz.0.6018'.
[ 1815.916671][T27550] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1815.974598][T27550] 8021q: adding VLAN 0 to HW filter on device team0
[ 1816.181467][T23834] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1816.188716][T23834] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1816.305326][T23834] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1816.312501][T23834] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1816.343149][T27882] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6020'.
[ 1816.875156][T27550] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1817.316716][T10777] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1817.325126][T27550] veth0_vlan: entered promiscuous mode
[ 1817.442293][T27550] veth1_vlan: entered promiscuous mode
[ 1817.487868][T10777] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1817.497616][T10777] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1817.537507][T10777] usb 2-1: config 0 descriptor??
[ 1817.626793][T27908] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1817.775573][T27900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1817.847107][T27900] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1817.888615][T27900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1817.910883][T27550] veth0_macvtap: entered promiscuous mode
[ 1817.936582][T27900] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1817.971360][T27550] veth1_macvtap: entered promiscuous mode
[ 1818.090150][T27550] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1818.215541][T27550] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1818.265605][T23839] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.317140][T23839] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.401526][T23839] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.477781][T23834] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.909421][T13267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1818.918392][T13267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1819.045957][T13267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1819.073800][T13267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1820.112493][T27947] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6029'.
[ 1821.574054][T27961] FAULT_INJECTION: forcing a failure.
[ 1821.574054][T27961] name failslab, interval 1, probability 0, space 0, times 0
[ 1821.594790][T27961] CPU: 1 UID: 0 PID: 27961 Comm: syz.3.6031 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1821.594824][T27961] Tainted: [L]=SOFTLOCKUP
[ 1821.594833][T27961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1821.594843][T27961] Call Trace:
[ 1821.594852][T27961]  <TASK>
[ 1821.594866][T27961]  dump_stack_lvl+0xe8/0x150
[ 1821.594896][T27961]  should_fail_ex+0x412/0x560
[ 1821.594924][T27961]  should_failslab+0xa8/0x100
[ 1821.594948][T27961]  kmem_cache_alloc_noprof+0x87/0x6e0
[ 1821.594976][T27961]  ? __kernfs_new_node+0xe9/0x8e0
[ 1821.595009][T27961]  __kernfs_new_node+0xe9/0x8e0
[ 1821.595041][T27961]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1821.595069][T27961]  ? kernfs_root+0x1c/0x230
[ 1821.595101][T27961]  ? kernfs_root+0x1c/0x230
[ 1821.595124][T27961]  ? kernfs_root+0x1c/0x230
[ 1821.595145][T27961]  ? kernfs_root+0x1c/0x230
[ 1821.595174][T27961]  kernfs_new_node+0x102/0x210
[ 1821.595204][T27961]  __kernfs_create_file+0x4b/0x2e0
[ 1821.595228][T27961]  sysfs_add_file_mode_ns+0x238/0x300
[ 1821.595260][T27961]  internal_create_group+0x673/0x1180
[ 1821.595300][T27961]  ? __pfx_internal_create_group+0x10/0x10
[ 1821.595324][T27961]  ? kernfs_add_one+0x46f/0x5c0
[ 1821.595363][T27961]  ? up_write+0x1ab/0x410
[ 1821.595387][T27961]  sysfs_create_groups+0x59/0x120
[ 1821.595416][T27961]  device_add_attrs+0x13b/0x5b0
[ 1821.595439][T27961]  ? __pfx_device_add_attrs+0x10/0x10
[ 1821.595455][T27961]  ? kobject_put+0x516/0x560
[ 1821.595485][T27961]  ? device_add_class_symlinks+0x21f/0x240
[ 1821.595506][T27961]  device_add+0x496/0xb70
[ 1821.595541][T27961]  input_register_device+0x9d3/0x1160
[ 1821.595577][T27961]  uinput_create_device+0x422/0x670
[ 1821.595606][T27961]  uinput_ioctl_handler+0x417/0x14a0
[ 1821.595633][T27961]  ? __pfx_uinput_ioctl_handler+0x10/0x10
[ 1821.595665][T27961]  ? __fget_files+0x2a/0x420
[ 1821.595686][T27961]  ? __fget_files+0x3a0/0x420
[ 1821.595713][T27961]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1821.595738][T27961]  ? __pfx_uinput_ioctl+0x10/0x10
[ 1821.595757][T27961]  __se_sys_ioctl+0xfc/0x170
[ 1821.595784][T27961]  do_syscall_64+0xe2/0xf80
[ 1821.595804][T27961]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.595821][T27961]  ? clear_bhb_loop+0x60/0xb0
[ 1821.595844][T27961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.595863][T27961] RIP: 0033:0x7f4c2479aeb9
[ 1821.595883][T27961] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1821.595899][T27961] RSP: 002b:00007f4c25652028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1821.595921][T27961] RAX: ffffffffffffffda RBX: 00007f4c24a15fa0 RCX: 00007f4c2479aeb9
[ 1821.595935][T27961] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[ 1821.595946][T27961] RBP: 00007f4c25652090 R08: 0000000000000000 R09: 0000000000000000
[ 1821.595958][T27961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1821.595970][T27961] R13: 00007f4c24a16038 R14: 00007f4c24a15fa0 R15: 00007f4c24b3fa48
[ 1821.596003][T27961]  </TASK>
[ 1822.531585][T10777] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1822.669450][T10777] [drm:udl_init] *ERROR* Selecting channel failed
[ 1822.671102][T27964] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1822.945742][T10777] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[ 1822.996083][T10777] [drm] Initialized udl on minor 2
[ 1823.096029][T10777] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1823.125555][T10777] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1823.136998][ T5885] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1823.238886][T10777] usb 2-1: USB disconnect, device number 57
[ 1823.256229][ T5885] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1823.302165][ T5885] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1823.575360][T24954] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1823.587720][T24954] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1823.608323][T24954] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1823.637091][T24954] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1823.644982][T24954] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1823.784673][ T6863] hid-generic 0003:0004:FFFF0001.0075: unknown main item tag 0x0
[ 1823.892891][ T6863] hid-generic 0003:0004:FFFF0001.0075: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1824.144433][T27988] netlink: 464 bytes leftover after parsing attributes in process `syz.3.6038'.
[ 1824.289781][T25516] syz_tun (unregistering): left allmulticast mode
[ 1824.312593][T25516] bridge0: port 1(syz_tun) entered disabled state
[ 1824.383932][T27985] fido_id[27985]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1824.635927][ T5885] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 1824.799253][ T5885] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1824.824326][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1824.865884][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1824.908533][ T5885] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1825.100414][ T5885] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1825.126097][ T5885] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1825.134219][ T5885] usb 4-1: Manufacturer: syz
[ 1825.186890][ T5885] usb 4-1: config 0 descriptor??
[ 1825.696308][T15999] Bluetooth: hci1: command tx timeout
[ 1825.723475][ T5885] appleir 0003:05AC:8243.0076: unknown main item tag 0x0
[ 1825.763148][T27970] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6035'.
[ 1825.777716][ T5885] appleir 0003:05AC:8243.0076: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[ 1826.235918][T26153] usb 3-1: new full-speed USB device number 68 using dummy_hcd
[ 1826.365325][T28008] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6042'.
[ 1826.434917][T26153] usb 3-1: config 0 has no interfaces?
[ 1826.442837][T26153] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1826.462251][T26153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1826.512298][T26153] usb 3-1: config 0 descriptor??
[ 1826.621106][T27983] chnl_net:caif_netlink_parms(): no params data found
[ 1827.005613][T27928] usb 3-1: USB disconnect, device number 68
[ 1827.235295][T27983] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1827.263243][T27983] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1827.281206][T27983] bridge_slave_0: entered allmulticast mode
[ 1827.305900][T27983] bridge_slave_0: entered promiscuous mode
[ 1827.344190][T27983] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1827.368363][T27983] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1827.406187][T27983] bridge_slave_1: entered allmulticast mode
[ 1827.427235][T27983] bridge_slave_1: entered promiscuous mode
[ 1827.534006][T27983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1827.599952][T27983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1827.720893][T15936] usb 4-1: USB disconnect, device number 54
[ 1827.832518][T24954] Bluetooth: hci1: command tx timeout
[ 1828.058722][T28022] netlink: 'syz.4.6045': attribute type 6 has an invalid length.
[ 1828.167891][T27983] team0: Port device team_slave_0 added
[ 1828.192753][T27983] team0: Port device team_slave_1 added
[ 1828.354814][T27983] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1828.490865][T27983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1828.675975][T27983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1828.691952][T27983] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1828.700679][T27983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1828.728500][T27983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1829.225327][T28032] netlink: 'syz.2.6046': attribute type 4 has an invalid length.
[ 1829.335449][T28038] netlink: 'syz.2.6046': attribute type 4 has an invalid length.
[ 1829.954063][T24954] Bluetooth: hci1: command tx timeout
[ 1830.086621][T27983] hsr_slave_0: entered promiscuous mode
[ 1830.103260][T27983] hsr_slave_1: entered promiscuous mode
[ 1830.118198][T27983] debugfs: 'hsr0' already exists in 'hsr'
[ 1830.128453][T27983] Cannot create hsr debugfs directory
[ 1830.805456][ T5885] hid-generic 0003:0004:FFFF0001.0077: unknown main item tag 0x0
[ 1830.859489][ T5885] hid-generic 0003:0004:FFFF0001.0077: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1830.986934][T28056] fido_id[28056]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1831.069919][T28059] ptrace attach of "./syz-executor exec"[27253] was attempted by "./syz-executor exec"[28059]
[ 1831.107100][T28059] random: crng reseeded on system resumption
[ 1831.316375][T27983] bond0: (slave netdevsim0): Releasing backup interface
[ 1831.917161][T27983] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1831.952769][T27983] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1832.031958][T24954] Bluetooth: hci1: command tx timeout
[ 1832.067572][T27983] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1832.123323][T27983] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1832.198713][T28074] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6057'.
[ 1832.498268][T27983] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1832.566157][T10777] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[ 1832.594806][T27983] 8021q: adding VLAN 0 to HW filter on device team0
[ 1832.623060][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1832.630273][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1832.660010][T13261] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1832.667213][T13261] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1832.747194][T10777] usb 3-1: Using ep0 maxpacket: 32
[ 1832.756511][T10777] usb 3-1: config 1 interface 0 altsetting 4 bulk endpoint 0x1 has invalid maxpacket 1023
[ 1832.786202][T10777] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1832.893368][T27983] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1833.061750][T27983] veth0_vlan: entered promiscuous mode
[ 1833.133959][T27983] veth1_vlan: entered promiscuous mode
[ 1833.134380][T28091] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1833.221402][T28091] kvm: pic: level sensitive irq not supported
[ 1833.221757][T28091] kvm: pic: non byte read
[ 1833.229689][T27983] veth0_macvtap: entered promiscuous mode
[ 1833.269830][T28091] kvm: pic: level sensitive irq not supported
[ 1833.270818][T28091] kvm: pic: non byte read
[ 1833.274716][T27983] veth1_macvtap: entered promiscuous mode
[ 1833.301538][T28091] kvm: pic: level sensitive irq not supported
[ 1833.301655][T28091] kvm: pic: non byte read
[ 1833.337048][T27983] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1833.379434][   T36] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1833.396686][T27983] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1833.433541][T23839] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1833.462816][T23839] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1833.498400][T23839] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1833.558988][T23839] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1833.812821][T23839] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1833.836690][T23839] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1833.930625][ T6863] hid-generic 0003:0004:FFFF0001.0078: unknown main item tag 0x0
[ 1833.952791][T23824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1833.971462][ T6863] hid-generic 0003:0004:FFFF0001.0078: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1833.986065][T23824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1834.067921][T28106] netlink: 56 bytes leftover after parsing attributes in process `syz.3.6066'.
[ 1834.121305][T28104] fido_id[28104]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1834.386235][T28119] loop9: detected capacity change from 0 to 7
[ 1834.466955][T28119] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1834.718673][T28119] vivid-002: disconnect
[ 1835.252126][T28115] vivid-002: reconnect
[ 1835.344951][T10777] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1835.375384][T10777] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1835.406302][T10777] usb 3-1: Product: 䔹᠚»둒蟤떣ዧ깬仫ꃢ��┅ી볖⋹�㲋�る��蕞묉؟ª䷉�壋긢酂訤�欟ꅟ嵖ﯬᘧ雽ߙꕳɽ檂ꦭ蕜况ࡔ釶飭싩ꢵ눌Ĕꋼ题ᩦь翉뮗鼸꼣헳㦤뙦⛸狇��䶼湧愑�떯蕻詆�
[ 1835.530713][T10777] usb 3-1: can't set config #1, error -71
[ 1835.557370][T10777] usb 3-1: USB disconnect, device number 69
[ 1836.317275][T15999] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1836.331398][T15999] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1836.340866][T15999] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1836.359586][T15999] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1836.453788][T15999] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1837.070431][T17051] syz_tun (unregistering): left allmulticast mode
[ 1837.078372][T28149] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6074'.
[ 1837.155327][T28152] FAULT_INJECTION: forcing a failure.
[ 1837.155327][T28152] name failslab, interval 1, probability 0, space 0, times 0
[ 1837.240211][T28152] CPU: 1 UID: 0 PID: 28152 Comm: syz.1.6078 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1837.240243][T28152] Tainted: [L]=SOFTLOCKUP
[ 1837.240251][T28152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1837.240262][T28152] Call Trace:
[ 1837.240272][T28152]  <TASK>
[ 1837.240280][T28152]  dump_stack_lvl+0xe8/0x150
[ 1837.240311][T28152]  should_fail_ex+0x412/0x560
[ 1837.240340][T28152]  should_failslab+0xa8/0x100
[ 1837.240365][T28152]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1837.240392][T28152]  ? __alloc_skb+0x193/0x390
[ 1837.240413][T28152]  ? __alloc_skb+0x1d7/0x390
[ 1837.240433][T28152]  ? __local_bh_enable_ip+0xd0/0x130
[ 1837.240452][T28152]  ? __alloc_skb+0x193/0x390
[ 1837.240476][T28152]  __alloc_skb+0x1d7/0x390
[ 1837.240502][T28152]  netlink_sendmsg+0x5d4/0xb40
[ 1837.240533][T28152]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1837.240558][T28152]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1837.240582][T28152]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1837.240606][T28152]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1837.240627][T28152]  ____sys_sendmsg+0xa68/0xad0
[ 1837.240652][T28152]  ? __might_fault+0xaf/0x130
[ 1837.240682][T28152]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1837.240715][T28152]  ? import_iovec+0x73/0xa0
[ 1837.240746][T28152]  ___sys_sendmsg+0x2a5/0x360
[ 1837.240770][T28152]  ? __lock_acquire+0x6b5/0x2cf0
[ 1837.240802][T28152]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1837.240859][T28152]  ? __fget_files+0x2a/0x420
[ 1837.240880][T28152]  ? __fget_files+0x3a0/0x420
[ 1837.240909][T28152]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1837.240937][T28152]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1837.240959][T28152]  ? __pfx_ksys_write+0x10/0x10
[ 1837.240982][T28152]  do_syscall_64+0xe2/0xf80
[ 1837.240995][T28152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.241006][T28152]  ? trace_irq_disable+0x37/0x100
[ 1837.241017][T28152]  ? clear_bhb_loop+0x60/0xb0
[ 1837.241043][T28152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.241054][T28152] RIP: 0033:0x7f509299aeb9
[ 1837.241067][T28152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1837.241078][T28152] RSP: 002b:00007f5093824028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1837.241092][T28152] RAX: ffffffffffffffda RBX: 00007f5092c15fa0 RCX: 00007f509299aeb9
[ 1837.241101][T28152] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[ 1837.241108][T28152] RBP: 00007f5093824090 R08: 0000000000000000 R09: 0000000000000000
[ 1837.241116][T28152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1837.241123][T28152] R13: 00007f5092c16038 R14: 00007f5092c15fa0 R15: 00007f5092d3fa48
[ 1837.241141][T28152]  </TASK>
[ 1837.368123][T28158] fuse: Bad value for 'fd'
[ 1837.539787][T28158] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6077'.
[ 1837.816699][T28133] chnl_net:caif_netlink_parms(): no params data found
[ 1838.237495][T23818] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1838.314976][T28162] netlink: 5 bytes leftover after parsing attributes in process `syz.1.6079'.
[ 1838.570633][T28167] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6081'.
[ 1838.580025][T15999] Bluetooth: hci0: command tx timeout
[ 1838.637772][T23818] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1838.940644][T28168] team0 (unregistering): Port device team_slave_0 removed
[ 1838.988234][T28168] team0 (unregistering): Port device team_slave_1 removed
[ 1839.162971][T23818] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1839.531252][T23818] bond0: (slave netdevsim0): Releasing backup interface
[ 1839.550369][T23818] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1839.586666][T28133] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1839.598529][T28133] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1839.606346][T28133] bridge_slave_0: entered allmulticast mode
[ 1839.615591][T28133] bridge_slave_0: entered promiscuous mode
[ 1839.628562][T28175] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1839.659859][T28133] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1839.677028][T28133] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1839.690427][T28133] bridge_slave_1: entered allmulticast mode
[ 1839.715586][T28133] bridge_slave_1: entered promiscuous mode
[ 1839.805874][T15936] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[ 1839.912216][T28133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1839.997985][T28133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1840.041388][T15936] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1840.087154][T15936] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1840.118339][T15936] usb 2-1: Product: syz
[ 1840.158975][T15936] usb 2-1: Manufacturer: syz
[ 1840.176873][T15936] usb 2-1: SerialNumber: syz
[ 1840.218443][T15936] usb 2-1: config 0 descriptor??
[ 1840.312964][T28133] team0: Port device team_slave_0 added
[ 1840.350354][T28183] netlink: 'syz.3.6085': attribute type 6 has an invalid length.
[ 1840.413602][T28133] team0: Port device team_slave_1 added
[ 1840.580324][T28133] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1840.599391][T28133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1840.665842][T15999] Bluetooth: hci0: command tx timeout
[ 1840.682703][T28133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1840.743243][T28173] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1840.773733][T28173] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1840.826836][T15936] airspy 2-1:0.0: usb_control_msg() failed -71 request 09
[ 1840.831874][T28133] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1840.864278][T15936] airspy 2-1:0.0: Could not detect board
[ 1840.892032][T15936] airspy 2-1:0.0: probe with driver airspy failed with error -71
[ 1840.913321][T28133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1841.033828][T15936] usb 2-1: USB disconnect, device number 58
[ 1841.036020][T28133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1841.578516][T28195] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1841.654905][T28195] kvm: pic: non byte read
[ 1841.659897][T28195] kvm: pic: level sensitive irq not supported
[ 1841.659972][T28195] kvm: pic: non byte read
[ 1841.690960][T28195] kvm: pic: level sensitive irq not supported
[ 1841.691099][T28195] kvm: pic: non byte read
[ 1842.084023][T23818] dvmrp6 (unregistering): left allmulticast mode
[ 1842.330016][T28214] netlink: 'syz.0.6088': attribute type 4 has an invalid length.
[ 1842.389315][T28215] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6089'.
[ 1842.428971][T28218] netlink: 'syz.0.6088': attribute type 4 has an invalid length.
[ 1842.495487][T23818] bond2 (unregistering): (slave bridge1): Releasing backup interface
[ 1842.509982][T23818] bridge1 (unregistering): left promiscuous mode
[ 1842.583672][T23818] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1842.776124][T15999] Bluetooth: hci0: command tx timeout
[ 1842.829762][T28226] netlink: 64 bytes leftover after parsing attributes in process `syz.3.6090'.
[ 1842.931740][T23818] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1843.027484][T23818] bond0 (unregistering): Released all slaves
[ 1843.037926][T23818] bond1 (unregistering): Released all slaves
[ 1843.517529][T23818] bond2 (unregistering): Released all slaves
[ 1843.806505][T23818] bond3 (unregistering): Released all slaves
[ 1844.163294][T23818] bond4 (unregistering): (slave veth3): Releasing active interface
[ 1844.179004][T23818] bond4 (unregistering): Released all slaves
[ 1844.204271][T23818] bond5 (unregistering): Released all slaves
[ 1844.561573][T23818] bond6 (unregistering): Released all slaves
[ 1844.601418][T23818] bond7 (unregistering): Released all slaves
[ 1844.624263][T23818] bond8 (unregistering): Released all slaves
[ 1844.799645][T28133] hsr_slave_0: entered promiscuous mode
[ 1844.826025][T15999] Bluetooth: hci0: command tx timeout
[ 1844.831890][T28133] hsr_slave_1: entered promiscuous mode
[ 1844.843405][T28133] debugfs: 'hsr0' already exists in 'hsr'
[ 1844.861645][T28133] Cannot create hsr debugfs directory
[ 1845.105254][T28236] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6092'.
[ 1845.293821][T28215] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1845.328008][T23818] tipc: Left network mode
[ 1845.390911][T23818] IPVS: stopping master sync thread 27191 ...
[ 1845.409502][T23818] IPVS: stopping backup sync thread 24160 ...
[ 1845.639759][T28243] binder: 28242:28243 unknown command 0
[ 1845.705871][T28243] binder: 28242:28243 ioctl c0306201 200000000080 returned -22
[ 1846.187140][T28252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6095'.
[ 1847.115918][T23818] hsr_slave_0: left promiscuous mode
[ 1847.139944][T28262] netlink: 'syz.4.6097': attribute type 1 has an invalid length.
[ 1847.196327][T23818] hsr_slave_1: left promiscuous mode
[ 1847.278916][T23818] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1847.286923][T23818] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1847.296911][T23818] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1847.334960][T28268] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6097'.
[ 1847.377167][T23818] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1847.399076][T23818] veth1_macvtap: left promiscuous mode
[ 1847.404717][T23818] veth0_macvtap: left promiscuous mode
[ 1847.418740][T23818] veth1_vlan: left promiscuous mode
[ 1847.454776][T23818] veth0_vlan: left promiscuous mode
[ 1848.931354][T28289] x_tables: ip6_tables: dccp match: only valid for protocol 33
[ 1850.389829][T23818] team_slave_1 (unregistering): left promiscuous mode
[ 1850.400709][T23818] team0 (unregistering): Port device team_slave_1 removed
[ 1850.410992][T28309] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6106'.
[ 1850.664848][T23818] team_slave_0 (unregistering): left promiscuous mode
[ 1850.677328][T23818] team0 (unregistering): Port device team_slave_0 removed
[ 1851.572436][T23818] team0 (unregistering): Port device dummy0 removed
[ 1851.655590][T28262] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1851.667172][T28278] netlink: 108 bytes leftover after parsing attributes in process `syz.1.6099'.
[ 1851.924449][T28321] binder: 28320:28321 ioctl c0306201 200000000640 returned -22
[ 1852.666282][T27928] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[ 1852.856561][T27928] usb 5-1: Using ep0 maxpacket: 32
[ 1852.869912][T27928] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1852.883319][T27928] usb 5-1: config 0 has no interface number 0
[ 1852.926197][T15936] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 1852.967750][T27928] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1853.028545][T27928] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1853.094651][T28133] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1853.102668][T27928] usb 5-1: Product: syz
[ 1853.119965][T27928] usb 5-1: Manufacturer: syz
[ 1853.154604][T27928] usb 5-1: SerialNumber: syz
[ 1853.201209][T28133] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1853.211307][T27928] usb 5-1: config 0 descriptor??
[ 1853.223122][T15936] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1853.283416][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.285690][T15936] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1853.291065][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.348119][T28133] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1853.358057][T27928] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1853.381403][T28133] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1853.418553][T15936] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1853.479652][T15936] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1854.009959][T28339] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1854.029508][T27928] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1854.069245][T15936] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1854.197128][T27928] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1854.370422][T28339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1854.381011][T28339] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1854.646910][T28354] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1855.135443][T28133] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1855.305491][T28133] 8021q: adding VLAN 0 to HW filter on device team0
[ 1855.337212][T23834] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1855.344439][T23834] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1855.402976][T23834] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1855.410316][T23834] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1855.876904][T28133] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1856.240628][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1856.252041][T27928] usb 5-1: USB disconnect, device number 44
[ 1856.290480][T27928] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1856.348509][T28133] veth0_vlan: entered promiscuous mode
[ 1856.366726][T27928] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1856.403223][T27928] quatech2 5-1:0.51: device disconnected
[ 1856.458980][T28133] veth1_vlan: entered promiscuous mode
[ 1856.469501][T28377] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6115'.
[ 1856.553357][T28377] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1856.685997][T24124] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 1856.720801][T28133] veth0_macvtap: entered promiscuous mode
[ 1856.756385][T28133] veth1_macvtap: entered promiscuous mode
[ 1856.808118][T28133] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1856.853533][T28133] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1856.877960][T24124] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1857.062944][T24124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1857.099479][T13261] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1857.109185][T13261] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1857.128995][T24124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1857.158474][T13261] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1857.161361][T24124] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1857.220207][T24124] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1857.231695][T24124] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1857.240191][T13261] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1857.240883][T24124] usb 2-1: Manufacturer: syz
[ 1857.294712][T10376] usb 4-1: USB disconnect, device number 55
[ 1857.311116][T28398] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6118'.
[ 1857.402516][T24124] usb 2-1: config 0 descriptor??
[ 1858.411489][T24124] appleir 0003:05AC:8243.0079: unknown main item tag 0x0
[ 1858.465100][T24124] appleir 0003:05AC:8243.0079: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[ 1858.556148][T23818] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1858.577048][T23818] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1858.625654][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1858.652588][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1858.660301][T28097] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 1858.718657][T28371] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1858.756842][T28371] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1858.828091][T28097] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84
[ 1858.870530][T28097] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024
[ 1858.912444][T28097] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024
[ 1858.964508][T28097] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1859.009038][T28097] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1859.042603][T28097] usb 4-1: Product: syz
[ 1859.067470][T28097] usb 4-1: Manufacturer: syz
[ 1859.104534][T28097] usb 4-1: SerialNumber: syz
[ 1859.161171][T28097] usb 4-1: config 0 descriptor??
[ 1859.190540][T28406] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1859.240602][T28415] netlink: zone id is out of range
[ 1859.269173][T28415] netlink: zone id is out of range
[ 1859.304559][T28415] netlink: zone id is out of range
[ 1859.328236][T28415] netlink: zone id is out of range
[ 1859.333618][T28415] netlink: zone id is out of range
[ 1859.343326][T28415] netlink: zone id is out of range
[ 1859.367409][T28415] netlink: zone id is out of range
[ 1859.372742][T28415] netlink: zone id is out of range
[ 1859.380186][T28415] netlink: zone id is out of range
[ 1859.385505][T28415] netlink: zone id is out of range
[ 1859.414012][T28406] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1859.825911][T24124] usb 2-1: reset high-speed USB device number 59 using dummy_hcd
[ 1859.895686][T28428] netlink: 'syz.2.6124': attribute type 1 has an invalid length.
[ 1860.630740][T10777] usb 2-1: USB disconnect, device number 59
[ 1860.723270][T28097] usb 4-1: USB disconnect, device number 56
[ 1861.009501][T28457] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1861.064322][T28457] kvm: pic: non byte read
[ 1861.071235][T28457] kvm: pic: level sensitive irq not supported
[ 1861.071392][T28457] kvm: pic: non byte read
[ 1861.088754][T28457] kvm: pic: level sensitive irq not supported
[ 1861.088830][T28457] kvm: pic: non byte read
[ 1861.890105][T28470] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6133'.
[ 1862.625935][T28097] usb 4-1: new low-speed USB device number 57 using dummy_hcd
[ 1862.681450][T28488] netlink: 202036 bytes leftover after parsing attributes in process `syz.2.6139'.
[ 1862.808655][T28097] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1862.832919][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1862.871512][T28097] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1862.901110][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1862.919567][T28494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6142'.
[ 1862.928892][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1863.049400][T28097] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1863.066217][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1863.079204][T28097] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1863.093463][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1863.172391][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1863.234906][T28097] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1863.278183][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1863.317922][T28499] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1863.350536][T28097] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1863.368834][T28499] kvm: pic: non byte read
[ 1863.376236][T28499] kvm: pic: level sensitive irq not supported
[ 1863.376290][T28505] loop7: detected capacity change from 0 to 16384
[ 1863.376340][T28499] kvm: pic: non byte read
[ 1863.398009][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1863.410056][T28097] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1863.422172][T28499] kvm: pic: level sensitive irq not supported
[ 1863.422265][T28499] kvm: pic: non byte read
[ 1863.438858][T28508] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 1863.452572][T28508] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1863.474341][T28508] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1863.574438][T28097] usb 4-1: string descriptor 0 read error: -22
[ 1863.583378][T28097] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1863.612102][T28097] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1863.648714][T28509] loop7: detected capacity change from 16384 to 16383
[ 1863.665562][T28097] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1863.984689][T28513] [syz.2.] <== rxrpc_preparse_xdr_yfs_rxgk() = -EKEYREJECTED [d9c19884!=bc, 2c,d9c19820]
[ 1864.250684][T28515] Invalid option length (1047854) for dns_resolver key
[ 1864.325662][T28519] QAT: Invalid ioctl 1075883590
[ 1864.462351][T28519] QAT: Invalid ioctl 1075883590
[ 1864.463575][T28515] input: syz0 as /devices/virtual/input/input95
[ 1864.494396][T28519] QAT: Invalid ioctl 1075883590
[ 1864.502342][T28519] QAT: Invalid ioctl 1075883590
[ 1864.511908][T28519] QAT: Invalid ioctl 1075883590
[ 1864.542037][T28526] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6149'.
[ 1864.598420][T28519] QAT: Invalid ioctl 1075883590
[ 1864.603569][T28519] QAT: Invalid ioctl 1075883590
[ 1864.608931][T28519] QAT: Invalid ioctl 1075883590
[ 1864.633973][T28519] QAT: Invalid ioctl 1075883590
[ 1864.713082][T28519] QAT: Invalid ioctl 1075883590
[ 1865.386472][T18025] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1866.665801][T27928] usb 4-1: USB disconnect, device number 57
[ 1867.262130][T28561] netlink: 'syz.4.6159': attribute type 10 has an invalid length.
[ 1867.312182][T28561] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1867.572484][T28567] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1867.591879][T28567] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1867.844540][T28569] tipc: Started in network mode
[ 1867.849506][T28569] tipc: Node identity 8ae86ba03c09, cluster identity 4711
[ 1867.860265][T28567] netlink: 'syz.1.6162': attribute type 2 has an invalid length.
[ 1867.911104][T28569] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1867.980084][T28573] syzkaller0: entered promiscuous mode
[ 1867.985878][T28573] syzkaller0: entered allmulticast mode
[ 1868.045416][T28569] tipc: Resetting bearer <eth:syzkaller0>
[ 1868.096239][T28568] tipc: Resetting bearer <eth:syzkaller0>
[ 1868.123555][T28568] tipc: Disabling bearer <eth:syzkaller0>
[ 1868.207198][T15936] usb 3-1: new full-speed USB device number 70 using dummy_hcd
[ 1868.517886][T15936] usb 3-1: config 2 has an invalid interface number: 169 but max is 0
[ 1868.713060][T15936] usb 3-1: config 2 has no interface number 0
[ 1868.736246][T28582] ip6gretap1: entered promiscuous mode
[ 1868.741923][T15936] usb 3-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=b8.92
[ 1868.816180][T15936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1868.885907][T26153] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1868.909252][T15936] cypress_m8 3-1:2.169: DeLorme Earthmate USB converter detected
[ 1868.938138][T15936] earthmate ttyUSB0: required endpoint is missing
[ 1869.056306][T26153] usb 2-1: Using ep0 maxpacket: 16
[ 1869.068238][T26153] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1869.103622][T26153] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1869.136043][T26153] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1869.165716][T26153] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1869.197860][T26153] usb 2-1: config 0 descriptor??
[ 1869.401557][T27928] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[ 1869.604265][T28597] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6169'.
[ 1869.614008][T27928] usb 5-1: Using ep0 maxpacket: 8
[ 1869.622431][T27928] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1869.647836][T27928] usb 5-1: New USB device found, idVendor=17ef, idProduct=61ae, bcdDevice= 0.00
[ 1869.675251][T27928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1869.704303][T26153] nzxt-smart2 0003:1E71:2009.007A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[ 1869.761594][T27928] usb 5-1: config 0 descriptor??
[ 1870.176233][T10376] usb 2-1: USB disconnect, device number 60
[ 1870.197058][T28577] SET target dimension over the limit!
[ 1870.265877][T27928] lenovo 0003:17EF:61AE.007B: hidraw0: USB HID vff.ff Device [HID 17ef:61ae] on usb-dummy_hcd.4-1/input0
[ 1870.289988][T28601] fido_id[28601]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1870.418506][T10376] usb 5-1: USB disconnect, device number 45
[ 1870.579108][T28602] fido_id[28602]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[ 1871.162428][T26153] usb 3-1: USB disconnect, device number 70
[ 1871.182785][T27928] IPVS: starting estimator thread 0...
[ 1871.192294][T26153] cypress_m8 3-1:2.169: device disconnected
[ 1871.255426][T28613] netlink: 'syz.1.6175': attribute type 1 has an invalid length.
[ 1871.268807][T28613] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6175'.
[ 1871.306221][T28611] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1871.425989][T27928] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[ 1871.545877][T26153] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 1871.579204][T27928] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1871.590800][T27928] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1871.605174][T28621] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 4, id = 0
[ 1871.758950][T27928] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1871.775160][T27928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1871.785324][T27928] usb 5-1: SerialNumber: syz
[ 1871.849401][T26153] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1871.866040][T26153] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1871.877283][T26153] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1871.888500][T26153] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1871.907435][T26153] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1871.917988][T26153] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1871.926280][T26153] usb 4-1: Manufacturer: syz
[ 1871.936810][T26153] usb 4-1: config 0 descriptor??
[ 1872.014723][T27928] usb 5-1: 0:2 : does not exist
[ 1872.032903][T27928] usb 5-1: USB disconnect, device number 46
[ 1872.070837][T28358] udevd[28358]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1872.358651][T26153] appleir 0003:05AC:8243.007C: unknown main item tag 0x0
[ 1872.373457][T26153] appleir 0003:05AC:8243.007C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[ 1874.296842][T10376] usb 5-1: new full-speed USB device number 47 using dummy_hcd
[ 1874.503835][T10376] usb 5-1: config 0 has no interfaces?
[ 1874.524274][T10376] usb 5-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[ 1874.533619][T10376] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1874.548073][T10777] usb 4-1: USB disconnect, device number 58
[ 1874.554536][T10376] usb 5-1: config 0 descriptor??
[ 1874.695857][T26153] usb 3-1: new full-speed USB device number 71 using dummy_hcd
[ 1875.251517][T26153] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1875.252112][T28670] loop5: detected capacity change from 0 to 7695
[ 1875.286012][T26153] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1875.465955][T26153] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1875.470602][T28672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1875.498953][T28670]  loop5: [CUMANA/ADFS] p1 [ADFS] p1
[ 1875.504999][T26153] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1875.520232][T26153] usb 3-1: Product: syz
[ 1875.524603][T26153] usb 3-1: Manufacturer: syz
[ 1875.530511][T26153] usb 3-1: SerialNumber: syz
[ 1875.564069][T28326] Buffer I/O error on dev loop5, logical block 961, async page read
[ 1875.566362][T28677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6192'.
[ 1875.611287][T28672] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1875.634976][T28358] Buffer I/O error on dev loop5, logical block 961, async page read
[ 1875.743632][T28681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6192'.
[ 1875.917994][T28682] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6192'.
[ 1875.939955][T26153] usb 3-1: 0:2 : does not exist
[ 1876.025213][T27928] usb 5-1: USB disconnect, device number 47
[ 1876.037934][T26153] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1876.144272][T26153] usb 3-1: USB disconnect, device number 71
[ 1877.254267][   T30] kauditd_printk_skb: 32 callbacks suppressed
[ 1877.254289][   T30] audit: type=1326 audit(1770133520.515:4006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28700 comm="syz.4.6197" exe="/root/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7fcace39aeb9 code=0x0
[ 1877.326122][T28702] binder: 28698:28702 ioctl c0306201 200000000680 returned -14
[ 1877.475923][   T30] audit: type=1326 audit(1770133520.635:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1877.574855][   T30] audit: type=1326 audit(1770133520.635:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1877.688519][   T30] audit: type=1326 audit(1770133520.635:4009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1877.765894][   T30] audit: type=1326 audit(1770133520.635:4010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1877.855994][   T30] audit: type=1326 audit(1770133520.635:4011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1877.929808][   T30] audit: type=1326 audit(1770133520.635:4012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1878.055843][   T30] audit: type=1326 audit(1770133520.635:4013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.1.6199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f509299aeb9 code=0x7ffc0000
[ 1878.721350][T28733] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.6207'.
[ 1879.624078][T28744] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6212'.
[ 1879.643477][T28744] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6212'.
[ 1879.696483][T28748] xt_cluster: you have exceeded the maximum number of cluster nodes (37482740 > 32)
[ 1879.778056][T28752] netlink: 'syz.2.6214': attribute type 1 has an invalid length.
[ 1879.839844][T28752] macsec1: entered promiscuous mode
[ 1879.845119][T28752] macsec1: entered allmulticast mode
[ 1880.125924][T26153] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1880.256100][T26153] usb 2-1: device descriptor read/64, error -71
[ 1880.496693][T26153] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1880.667075][T26153] usb 2-1: device descriptor read/64, error -71
[ 1880.776191][T26153] usb usb2-port1: attempt power cycle
[ 1881.108484][T28772] gretap1: entered promiscuous mode
[ 1881.118174][T28772] batman_adv: batadv0: Adding interface: gretap1
[ 1881.129700][T28772] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[ 1881.165882][T26153] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1881.178793][T28772] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[ 1881.200050][T26153] usb 2-1: device descriptor read/8, error -71
[ 1881.410001][T28776] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1881.417304][T28776] IPv6: NLM_F_CREATE should be set when creating new route
[ 1881.424587][T28776] IPv6: NLM_F_CREATE should be set when creating new route
[ 1881.431968][T28776] IPv6: NLM_F_CREATE should be set when creating new route
[ 1881.459983][T26153] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1881.509843][T26153] usb 2-1: device descriptor read/8, error -71
[ 1881.671803][T26153] usb usb2-port1: unable to enumerate USB device
[ 1881.701397][T28787] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6225'.
[ 1881.710836][T28787] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6225'.
[ 1882.347681][T28802] netlink: 'syz.4.6228': attribute type 10 has an invalid length.
[ 1882.411326][T28802] team0: Port device dummy0 added
[ 1883.528082][T28809] syzkaller0: entered promiscuous mode
[ 1883.543927][T28809] syzkaller0: entered allmulticast mode
[ 1883.562269][T28814] FAULT_INJECTION: forcing a failure.
[ 1883.562269][T28814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1883.620259][T28814] CPU: 1 UID: 0 PID: 28814 Comm: syz.1.6232 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1883.620287][T28814] Tainted: [L]=SOFTLOCKUP
[ 1883.620292][T28814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1883.620300][T28814] Call Trace:
[ 1883.620306][T28814]  <TASK>
[ 1883.620311][T28814]  dump_stack_lvl+0xe8/0x150
[ 1883.620333][T28814]  should_fail_ex+0x412/0x560
[ 1883.620351][T28814]  _copy_from_iter+0x1d3/0x1670
[ 1883.620370][T28814]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1883.620390][T28814]  ? __pfx__copy_from_iter+0x10/0x10
[ 1883.620406][T28814]  ? __build_skb_around+0x22d/0x3c0
[ 1883.620422][T28814]  ? __alloc_skb+0x193/0x390
[ 1883.620435][T28814]  ? netlink_sendmsg+0x650/0xb40
[ 1883.620447][T28814]  ? skb_put+0x11b/0x210
[ 1883.620463][T28814]  netlink_sendmsg+0x6c0/0xb40
[ 1883.620481][T28814]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1883.620495][T28814]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1883.620511][T28814]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1883.620525][T28814]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1883.620537][T28814]  ____sys_sendmsg+0xa68/0xad0
[ 1883.620552][T28814]  ? __might_fault+0xaf/0x130
[ 1883.620573][T28814]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1883.620593][T28814]  ? import_iovec+0x73/0xa0
[ 1883.620612][T28814]  ___sys_sendmsg+0x2a5/0x360
[ 1883.620626][T28814]  ? __lock_acquire+0x6b5/0x2cf0
[ 1883.620645][T28814]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1883.620687][T28814]  ? __fget_files+0x2a/0x420
[ 1883.620699][T28814]  ? __fget_files+0x3a0/0x420
[ 1883.620717][T28814]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1883.620734][T28814]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1883.620755][T28814]  ? __pfx_ksys_write+0x10/0x10
[ 1883.620777][T28814]  do_syscall_64+0xe2/0xf80
[ 1883.620790][T28814]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1883.620802][T28814]  ? trace_irq_disable+0x37/0x100
[ 1883.620813][T28814]  ? clear_bhb_loop+0x60/0xb0
[ 1883.620827][T28814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1883.620839][T28814] RIP: 0033:0x7f509299aeb9
[ 1883.620851][T28814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1883.620861][T28814] RSP: 002b:00007f5093824028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1883.620877][T28814] RAX: ffffffffffffffda RBX: 00007f5092c15fa0 RCX: 00007f509299aeb9
[ 1883.620886][T28814] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000007
[ 1883.620894][T28814] RBP: 00007f5093824090 R08: 0000000000000000 R09: 0000000000000000
[ 1883.620904][T28814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1883.620912][T28814] R13: 00007f5092c16038 R14: 00007f5092c15fa0 R15: 00007f5092d3fa48
[ 1883.620930][T28814]  </TASK>
[ 1884.353129][T28827] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.6237'.
[ 1884.497547][T28831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6238'.
[ 1885.336121][T15936] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1885.489390][T15936] usb 2-1: device descriptor read/64, error -71
[ 1885.747875][T15936] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1885.892292][T15936] usb 2-1: device descriptor read/64, error -71
[ 1886.032142][T15936] usb usb2-port1: attempt power cycle
[ 1886.407390][T15936] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1886.442886][T15936] usb 2-1: device descriptor read/8, error -71
[ 1886.523715][T28840] net_ratelimit: 372 callbacks suppressed
[ 1886.523739][T28840] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[ 1886.696028][T15936] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1886.759185][T15936] usb 2-1: device descriptor read/8, error -71
[ 1886.871142][T15936] usb usb2-port1: unable to enumerate USB device
[ 1888.930948][T28860] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1888.947318][T28860] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1888.969031][T28860] netlink: 'syz.2.6246': attribute type 2 has an invalid length.
[ 1889.585940][T10777] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1889.717222][T10777] usb 2-1: device descriptor read/64, error -71
[ 1889.966066][T10777] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 1890.222368][T10777] usb 2-1: device descriptor read/64, error -71
[ 1890.386395][T10777] usb usb2-port1: attempt power cycle
[ 1890.795887][T10777] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 1890.816613][T10777] usb 2-1: device descriptor read/8, error -71
[ 1891.056157][T10777] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 1891.121840][T10777] usb 2-1: device descriptor read/8, error -71
[ 1891.154922][T28902] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1891.240077][T10777] usb usb2-port1: unable to enumerate USB device
[ 1891.257296][T28906] netlink: 'syz.4.6262': attribute type 1 has an invalid length.
[ 1891.428947][T28910] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6262'.
[ 1891.495065][T28910] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1891.697749][T28913] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1891.821208][T28913] bond1: (slave geneve2): making interface the new active one
[ 1891.836891][T28913] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1891.893712][T23818] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[ 1891.915452][T23818] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[ 1891.952300][T23818] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[ 1892.031792][T23818] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[ 1892.826888][ T5885] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[ 1892.969106][T28935] veth1_to_team: entered promiscuous mode
[ 1892.985547][T28935] macsec2: entered allmulticast mode
[ 1892.999210][ T5885] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1893.005849][T28935] veth1_to_team: entered allmulticast mode
[ 1893.007416][ T5885] usb 5-1: can't read configurations, error -61
[ 1893.024384][T28935] veth1_to_team: left allmulticast mode
[ 1893.040096][T28935] veth1_to_team: left promiscuous mode
[ 1893.157689][ T5885] usb 5-1: new full-speed USB device number 49 using dummy_hcd
[ 1893.224063][T28943] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1893.328290][ T5885] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1893.341340][ T5885] usb 5-1: can't read configurations, error -61
[ 1893.359363][ T5885] usb usb5-port1: attempt power cycle
[ 1893.432528][T28951] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6274'.
[ 1893.616150][T27928] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1893.727206][T15936] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1893.735877][ T5885] usb 5-1: new full-speed USB device number 50 using dummy_hcd
[ 1893.746062][T27928] usb 4-1: device descriptor read/64, error -71
[ 1893.770716][ T5885] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1893.781983][ T5885] usb 5-1: can't read configurations, error -61
[ 1894.086062][ T5885] usb 5-1: new full-speed USB device number 51 using dummy_hcd
[ 1894.113485][ T5885] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1894.121232][ T5885] usb 5-1: can't read configurations, error -61
[ 1894.191884][T27928] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1894.215508][ T5885] usb usb5-port1: unable to enumerate USB device
[ 1894.349779][T15936] usb 3-1: device descriptor read/64, error -71
[ 1894.385896][T27928] usb 4-1: device descriptor read/64, error -71
[ 1894.506054][T27928] usb usb4-port1: attempt power cycle
[ 1894.606520][T15936] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1894.745852][T15936] usb 3-1: device descriptor read/64, error -71
[ 1894.763671][T24954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1894.774766][T24954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1894.783674][T24954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1894.793709][T24954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1894.808946][T24954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1894.845879][T27928] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1894.856701][T15936] usb usb3-port1: attempt power cycle
[ 1894.866693][T27928] usb 4-1: device descriptor read/8, error -71
[ 1895.091785][T23839] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1895.105976][T27928] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1895.115670][T23839] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1895.129641][T27928] usb 4-1: device descriptor read/8, error -71
[ 1895.213467][T15936] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1895.253062][T27928] usb usb4-port1: unable to enumerate USB device
[ 1895.273294][T15936] usb 3-1: device descriptor read/8, error -71
[ 1895.363784][T23839] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1895.397475][T23839] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1895.525874][T15936] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1895.540237][T23839] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1895.554374][T15936] usb 3-1: device descriptor read/8, error -71
[ 1895.570743][T23839] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1895.666900][T15936] usb usb3-port1: unable to enumerate USB device
[ 1895.765702][T23839] bond0: (slave netdevsim0): Releasing backup interface
[ 1895.811550][T23839] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1895.849491][T23839] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1896.032891][T28963] chnl_net:caif_netlink_parms(): no params data found
[ 1896.320550][T28963] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1896.329558][T28963] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1896.338352][T28963] bridge_slave_0: entered allmulticast mode
[ 1896.345591][T28963] bridge_slave_0: entered promiscuous mode
[ 1896.386058][T28963] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1896.413780][T28963] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1896.421029][T15999] Bluetooth: hci2: command 0x0406 tx timeout
[ 1896.436864][T28963] bridge_slave_1: entered allmulticast mode
[ 1896.445969][T28963] bridge_slave_1: entered promiscuous mode
[ 1896.526075][T27928] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 1896.697605][T27928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1896.711721][T27928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1896.723263][T27928] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1896.732727][T27928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1896.793961][T27928] usb 5-1: config 0 descriptor??
[ 1896.906293][T15999] Bluetooth: hci3: command tx timeout
[ 1897.373726][T27928] cp2112 0003:10C4:EA90.007D: unknown main item tag 0x0
[ 1897.726189][T27928] cp2112 0003:10C4:EA90.007D: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[ 1897.832558][T27928] cp2112 0003:10C4:EA90.007D: Part Number: 0x82 Device Version: 0xFE
[ 1897.991085][T23839] bond3 (unregistering): (slave vti0): Releasing backup interface
[ 1898.016280][T23824] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1898.035260][T23839] vti0 (unregistering): left promiscuous mode
[ 1898.044778][T28996] program syz.1.6287 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1898.095092][T28996] netlink: 164 bytes leftover after parsing attributes in process `syz.1.6287'.
[ 1898.171545][T23839] team0: Port device macvlan2 removed
[ 1898.334774][T23839] bond4 (unregistering): (slave geneve3): Releasing active interface
[ 1898.442745][T28992] input: syz0 as /devices/virtual/input/input96
[ 1898.458094][T28992] cp2112 0003:10C4:EA90.007D: Error starting transaction: -38
[ 1898.648057][T15936] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1898.822617][T15936] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1898.833871][T15936] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1898.845874][T10376] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1898.856133][T23839] bond0 (unregistering): Released all slaves
[ 1898.885552][T15936] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1898.901642][T15936] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1898.913492][T15936] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1898.953283][T15936] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1898.974640][T15936] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1898.984287][T15936] usb 2-1: Product: syz
[ 1898.985896][T15999] Bluetooth: hci3: command tx timeout
[ 1898.995833][T10376] usb 4-1: device descriptor read/64, error -71
[ 1899.003857][T15936] usb 2-1: Manufacturer: syz
[ 1899.013828][T15936] cdc_wdm 2-1:1.0: skipping garbage
[ 1899.020535][T15936] cdc_wdm 2-1:1.0: skipping garbage
[ 1899.039945][T15936] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1899.047000][T15936] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1899.173242][T23839] bond1 (unregistering): Released all slaves
[ 1899.193637][T23839] bond2 (unregistering): Released all slaves
[ 1899.245441][T10376] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1899.415935][T10376] usb 4-1: device descriptor read/64, error -71
[ 1899.526231][T10376] usb usb4-port1: attempt power cycle
[ 1899.535346][T23839] bond3 (unregistering): Released all slaves
[ 1899.745502][T23839] bond4 (unregistering): Released all slaves
[ 1899.875871][T10376] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1899.916677][T10376] usb 4-1: device descriptor read/8, error -71
[ 1899.966850][T23839] bond5 (unregistering): Released all slaves
[ 1899.989141][T28963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1900.007225][T28963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1900.029675][T24124] usb 2-1: USB disconnect, device number 73
[ 1900.082602][T27928] cp2112 0003:10C4:EA90.007D: error reading lock byte: -71
[ 1900.144145][T28963] team0: Port device team_slave_0 added
[ 1900.156040][T10376] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1900.163979][T27928] usb 5-1: USB disconnect, device number 52
[ 1900.189004][T28963] team0: Port device team_slave_1 added
[ 1900.200889][T10376] usb 4-1: device descriptor read/8, error -71
[ 1900.338360][T10376] usb usb4-port1: unable to enumerate USB device
[ 1900.364451][T28963] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1900.383166][T28963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1900.442573][T28963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1900.480754][T28963] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1900.497074][T28963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1900.573084][T28963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1900.959246][T28963] hsr_slave_0: entered promiscuous mode
[ 1901.004318][T28963] hsr_slave_1: entered promiscuous mode
[ 1901.014991][T28963] debugfs: 'hsr0' already exists in 'hsr'
[ 1901.063966][T15999] Bluetooth: hci3: command tx timeout
[ 1901.065997][T28963] Cannot create hsr debugfs directory
[ 1901.089869][T27928] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 1901.293663][T27928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1901.309737][T27928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1901.411713][T27928] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1901.472065][T27928] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1901.634165][T27928] usb 2-1: config 0 descriptor??
[ 1902.199734][T27928] cp2112 0003:10C4:EA90.007E: unknown main item tag 0x0
[ 1902.219462][T27928] cp2112 0003:10C4:EA90.007E: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[ 1902.404292][T27928] cp2112 0003:10C4:EA90.007E: Part Number: 0x82 Device Version: 0xFE
[ 1903.027255][T29025] cp2112 0003:10C4:EA90.007E: Error starting transaction: -38
[ 1903.045840][T27928] cp2112 0003:10C4:EA90.007E: error reading lock byte: -71
[ 1903.121597][T27928] usb 2-1: USB disconnect, device number 74
[ 1903.136927][T15999] Bluetooth: hci3: command tx timeout
[ 1903.318179][T23839] hsr_slave_0: left promiscuous mode
[ 1903.407892][T23839] hsr_slave_1: left promiscuous mode
[ 1903.491333][T23839] veth1_macvtap: left promiscuous mode
[ 1903.527335][T23839] veth0_macvtap: left promiscuous mode
[ 1903.549469][T23839] veth1_vlan: left promiscuous mode
[ 1903.566884][T29058] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1903.578053][T29058] ptrace attach of "./syz-executor exec"[27550] was attempted by "./syz-executor exec"[29058]
[ 1903.602823][T23839] veth0_vlan: left promiscuous mode
[ 1903.847178][T29065] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6300'.
[ 1903.856746][T29065] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6300'.
[ 1904.290861][T29080] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6306'.
[ 1904.706077][ T6863] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1904.845909][ T6863] usb 4-1: device descriptor read/64, error -71
[ 1905.170943][ T6863] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1905.321889][ T6863] usb 4-1: device descriptor read/64, error -71
[ 1905.436411][ T6863] usb usb4-port1: attempt power cycle
[ 1905.816978][T29101] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6312'.
[ 1905.927816][ T6863] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1906.084757][ T6863] usb 4-1: device descriptor read/8, error -71
[ 1906.327507][ T6863] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1906.357160][ T6863] usb 4-1: device descriptor read/8, error -71
[ 1906.466722][ T6863] usb usb4-port1: unable to enumerate USB device
[ 1908.363386][T28963] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1908.384410][T29127] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1908.481267][T28963] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1908.600381][T28963] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1908.605796][T29137] netlink: 'syz.1.6322': attribute type 1 has an invalid length.
[ 1908.615355][T29137] netlink: 'syz.1.6322': attribute type 2 has an invalid length.
[ 1908.698050][T29137] netlink: 'syz.1.6322': attribute type 1 has an invalid length.
[ 1908.760406][T28963] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1908.810245][T29137] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6322'.
[ 1908.912025][T23839] IPVS: stop unused estimator thread 0...
[ 1909.146118][ T6863] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[ 1909.276104][T28963] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1909.319800][ T6863] usb 2-1: config 6 has an invalid interface number: 4 but max is 0
[ 1909.328557][ T6863] usb 2-1: config 6 has no interface number 0
[ 1909.350186][ T6863] usb 2-1: config 6 interface 4 has no altsetting 0
[ 1909.363821][T28963] 8021q: adding VLAN 0 to HW filter on device team0
[ 1909.374968][ T6863] usb 2-1: New USB device found, idVendor=16d8, idProduct=7003, bcdDevice=d0.3e
[ 1909.393351][ T6863] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1909.409793][ T6863] usb 2-1: Product: syz
[ 1909.411141][T13267] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1909.415396][ T6863] usb 2-1: Manufacturer: syz
[ 1909.421290][T13267] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1909.466033][T10376] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1909.534889][   T30] audit: type=1804 audit(1770133552.755:4014): pid=29164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.6327" name="bus" dev="ramfs" ino=135859 res=1 errno=0
[ 1909.761543][T23834] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1909.768727][T23834] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1909.886085][ T6863] usb 2-1: SerialNumber: syz
[ 1909.906226][T10376] usb 4-1: device descriptor read/64, error -71
[ 1910.049149][T28963] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1910.146040][T10376] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1910.229709][T28963] veth0_vlan: entered promiscuous mode
[ 1910.252324][T28963] veth1_vlan: entered promiscuous mode
[ 1910.275906][T10376] usb 4-1: device descriptor read/64, error -71
[ 1910.359224][T28963] veth0_macvtap: entered promiscuous mode
[ 1910.406259][T28963] veth1_macvtap: entered promiscuous mode
[ 1910.441745][T10376] usb usb4-port1: attempt power cycle
[ 1910.482119][ T6863] usb 2-1: USB disconnect, device number 75
[ 1910.586044][T28963] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1910.629360][T28963] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1910.690141][T23834] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.753983][T23834] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.792945][T23834] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.843820][T23834] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.859448][T10376] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1910.917013][T10376] usb 4-1: device descriptor read/8, error -71
[ 1911.028845][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1911.056090][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1911.165495][T23834] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1911.186802][T10376] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[ 1911.186827][T23834] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1911.241634][T15936] hid-generic 0003:0004:FFFF0001.007F: unknown main item tag 0x0
[ 1911.287822][T10376] usb 4-1: device descriptor read/8, error -71
[ 1911.311223][T15936] hid-generic 0003:0004:FFFF0001.007F: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1911.436279][T10376] usb usb4-port1: unable to enumerate USB device
[ 1911.741686][T29198] netlink: 'syz.1.6331': attribute type 6 has an invalid length.
[ 1911.806236][T29190] fido_id[29190]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1912.776044][ T6863] usb 3-1: new full-speed USB device number 76 using dummy_hcd
[ 1912.821382][T29212] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1913.014173][ T6863] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1913.024638][ T6863] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1913.117221][ T6863] usb 3-1: can't read configurations, error -71
[ 1913.435940][T24124] usb 2-1: new full-speed USB device number 76 using dummy_hcd
[ 1913.468420][T29217] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6335'.
[ 1913.495961][T29217] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6335'.
[ 1913.515866][T15936] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1913.600138][T24124] usb 2-1: config 2 has an invalid interface number: 169 but max is 0
[ 1913.610576][T24124] usb 2-1: config 2 has no interface number 0
[ 1913.618449][T24124] usb 2-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=b8.92
[ 1913.636153][T24124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1913.675915][T15936] usb 4-1: Using ep0 maxpacket: 8
[ 1913.691443][T15936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1913.691981][T24124] cypress_m8 2-1:2.169: DeLorme Earthmate USB converter detected
[ 1913.733505][T15936] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1913.744948][T24124] earthmate ttyUSB0: required endpoint is missing
[ 1913.754103][T15936] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1913.788766][T15936] usb 4-1: config 0 descriptor??
[ 1914.045964][T24124] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1914.072052][   T30] audit: type=1326 audit(1770133557.335:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29221 comm="syz.3.6337" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4c2479aeb9 code=0x0
[ 1914.250217][T15936] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1914.282143][T24124] usb 5-1: Using ep0 maxpacket: 32
[ 1914.312260][T24124] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1914.321127][T24124] usb 5-1: config 0 has no interface number 0
[ 1914.332687][T29239] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6342'.
[ 1914.385558][T24124] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1914.397616][T24124] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1914.412459][T24124] usb 5-1: Product: syz
[ 1914.426140][T24124] usb 5-1: Manufacturer: syz
[ 1914.437017][T24124] usb 5-1: SerialNumber: syz
[ 1914.446596][T10777] usb 4-1: USB disconnect, device number 75
[ 1914.452637][    C1] iowarrior 4-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[ 1914.503954][T24124] usb 5-1: config 0 descriptor??
[ 1914.533389][T24124] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1914.662332][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.673404][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1914.832017][T24124] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1915.500237][T24124] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB2
[ 1915.530368][T29244] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1915.537767][T29244] IPv6: NLM_F_CREATE should be set when creating new route
[ 1916.205840][T15936] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1916.366208][T15936] usb 3-1: Using ep0 maxpacket: 32
[ 1916.382168][T15936] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1916.401964][T15936] usb 3-1: config 0 has no interface number 0
[ 1916.415257][T15936] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1916.435320][T15936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1916.453749][T15936] usb 3-1: Product: syz
[ 1916.478443][T15936] usb 3-1: Manufacturer: syz
[ 1916.483135][T15936] usb 3-1: SerialNumber: syz
[ 1916.542476][T15936] usb 3-1: config 0 descriptor??
[ 1916.565613][T15936] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1916.599970][T28097] usb 2-1: USB disconnect, device number 76
[ 1916.611889][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1916.614381][T10376] usb 5-1: USB disconnect, device number 53
[ 1916.634279][T10376] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1916.646332][T28097] cypress_m8 2-1:2.169: device disconnected
[ 1916.676725][T10376] quatech-serial ttyUSB2: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB2
[ 1916.691967][T10376] quatech2 5-1:0.51: device disconnected
[ 1916.741867][T15999] Bluetooth: hci5: command 0x0406 tx timeout
[ 1916.783465][T15936] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1916.807277][T29258] lo: entered promiscuous mode
[ 1916.812555][T29258] lo: entered allmulticast mode
[ 1916.813468][T15936] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1916.826469][T29258] netlink: 'syz.4.6347': attribute type 2 has an invalid length.
[ 1916.856576][T29258] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1916.878846][T29260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6346'.
[ 1916.910203][T29260] netlink: 'syz.1.6346': attribute type 10 has an invalid length.
[ 1917.022327][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1917.030896][T10376] usb 3-1: USB disconnect, device number 78
[ 1917.064820][T10376] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1917.103763][T10376] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1917.118088][T10376] quatech2 3-1:0.51: device disconnected
[ 1918.357347][T29290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6355'.
[ 1918.605992][T29290] bridge_slave_1: left allmulticast mode
[ 1918.621360][T29291] binder: 29287:29291 unknown command 0
[ 1918.627438][T29291] binder: 29287:29291 ioctl c0306201 2000000001c0 returned -22
[ 1918.649706][T29290] bridge_slave_1: left promiscuous mode
[ 1918.718993][T29290] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1918.999126][T29290] bridge_slave_0: left allmulticast mode
[ 1919.006128][T29290] bridge_slave_0: left promiscuous mode
[ 1919.014375][T29290] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1919.566879][T29307] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1920.838788][T15936] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[ 1921.098159][T15936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1921.109476][T15936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1921.143751][T15936] usb 2-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[ 1921.186874][T15936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1921.276630][T15936] usb 2-1: config 0 descriptor??
[ 1921.721457][T15936] cypress 0003:04B4:DE61.0080: item fetching failed at offset 5/7
[ 1921.766868][T15936] cypress 0003:04B4:DE61.0080: parse failed
[ 1921.846330][T15936] cypress 0003:04B4:DE61.0080: probe with driver cypress failed with error -22
[ 1922.045874][ T6863] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1922.197588][T29328] netlink: 464 bytes leftover after parsing attributes in process `syz.0.6367'.
[ 1922.207102][ T6863] usb 5-1: Using ep0 maxpacket: 16
[ 1922.214679][ T6863] usb 5-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[ 1922.230625][ T6863] usb 5-1: config 128 has 0 interfaces, different from the descriptor's value: 1
[ 1922.252649][ T6863] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1922.277791][ T6863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1922.530386][T29340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6370'.
[ 1922.551262][T29340] netlink: 'syz.3.6370': attribute type 10 has an invalid length.
[ 1922.639114][T29342] x_tables: duplicate entry at hook 3
[ 1923.597882][ T5885] usb 2-1: USB disconnect, device number 77
[ 1924.042826][T29358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6376'.
[ 1924.065868][ T5885] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 1924.197062][T29358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6376'.
[ 1924.225872][T24124] usb 4-1: new full-speed USB device number 76 using dummy_hcd
[ 1924.245844][ T5885] usb 2-1: Using ep0 maxpacket: 8
[ 1924.253799][ T5885] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1924.290631][ T5885] usb 2-1: config 4 interface 0 has no altsetting 0
[ 1924.341822][ T5885] usb 2-1: string descriptor 0 read error: -22
[ 1924.348265][ T5885] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 1924.358737][T29358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6376'.
[ 1924.367955][ T5885] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[ 1924.378093][T24124] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1924.389388][T24124] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1924.405345][ T5885] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 1924.414987][T24124] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[ 1924.426402][T24124] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1924.434438][T24124] usb 4-1: SerialNumber: syz
[ 1924.441633][ T5885] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1924.456987][ T5885] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 1924.474683][T24124] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[ 1924.483703][ T5885] usb 2-1: media controller created
[ 1924.584401][T24124] usb-storage 4-1:1.0: USB Mass Storage device detected
[ 1924.605224][T24124] usb-storage 4-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[ 1924.613742][ T5885] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1924.652099][T29346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1924.663428][T29346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1924.681224][T24124] scsi host1: usb-storage 4-1:1.0
[ 1924.828830][T28097] usb 5-1: USB disconnect, device number 54
[ 1924.927724][ T5885] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1924.967254][T24124] usb 4-1: USB disconnect, device number 76
[ 1925.107455][ T5885] usb 2-1: USB disconnect, device number 78
[ 1925.302190][T29373] binder: 29372:29373 unknown command 0
[ 1925.308285][T29373] binder: 29372:29373 ioctl c0306201 200000000080 returned -22
[ 1925.566011][ T5885] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1925.666587][T28097] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1925.735896][ T5885] usb 4-1: Using ep0 maxpacket: 8
[ 1925.742557][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 32, changing to 9
[ 1925.755434][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1925.766800][ T5885] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1925.778581][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1925.799923][ T5885] usb 4-1: config 0 descriptor??
[ 1925.859368][T28097] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1925.870183][T28097] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1925.878152][T28097] usb 5-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.00
[ 1925.887777][T28097] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1925.900122][T28097] usb 5-1: config 0 descriptor??
[ 1925.944723][T29398] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6386'.
[ 1925.960680][T29398] netlink: 'syz.0.6386': attribute type 10 has an invalid length.
[ 1925.981996][T29398] team0: Port device dummy0 added
[ 1926.011434][ T5885] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1926.118525][T29379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1926.132076][T29379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1926.350133][T29379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1926.371728][T29379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1926.389384][T28097] usbhid 5-1:0.0: can't add hid device: -71
[ 1926.399201][T28097] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1926.417818][T28097] usb 5-1: USB disconnect, device number 55
[ 1927.266485][T10376] usb 5-1: new full-speed USB device number 56 using dummy_hcd
[ 1927.409381][T10376] usb 5-1: device descriptor read/64, error -71
[ 1927.665982][T10376] usb 5-1: new full-speed USB device number 57 using dummy_hcd
[ 1927.805900][T10376] usb 5-1: device descriptor read/64, error -71
[ 1927.870048][T29414] netlink: 'syz.1.6390': attribute type 6 has an invalid length.
[ 1927.917219][T10376] usb usb5-port1: attempt power cycle
[ 1927.970190][T29416] netlink: 'syz.1.6391': attribute type 6 has an invalid length.
[ 1928.002117][T29416] FAULT_INJECTION: forcing a failure.
[ 1928.002117][T29416] name failslab, interval 1, probability 0, space 0, times 0
[ 1928.034726][T29416] CPU: 1 UID: 0 PID: 29416 Comm: syz.1.6391 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1928.034762][T29416] Tainted: [L]=SOFTLOCKUP
[ 1928.034769][T29416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1928.034776][T29416] Call Trace:
[ 1928.034782][T29416]  <TASK>
[ 1928.034789][T29416]  dump_stack_lvl+0xe8/0x150
[ 1928.034809][T29416]  should_fail_ex+0x412/0x560
[ 1928.034831][T29416]  should_failslab+0xa8/0x100
[ 1928.034846][T29416]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1928.034864][T29416]  ? __alloc_skb+0x193/0x390
[ 1928.034877][T29416]  ? __alloc_skb+0x1d7/0x390
[ 1928.034889][T29416]  ? __local_bh_enable_ip+0xd0/0x130
[ 1928.034902][T29416]  ? __alloc_skb+0x193/0x390
[ 1928.034916][T29416]  __alloc_skb+0x1d7/0x390
[ 1928.034932][T29416]  alloc_skb_with_frags+0xca/0x890
[ 1928.034951][T29416]  ? __lock_acquire+0x6b5/0x2cf0
[ 1928.034973][T29416]  sock_alloc_send_pskb+0x878/0x990
[ 1928.035005][T29416]  ? __kernel_text_address+0xd/0x30
[ 1928.035039][T29416]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1928.035064][T29416]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1928.035100][T29416]  __ip_append_data+0x2bc5/0x3f30
[ 1928.035124][T29416]  ? __x64_sys_sendmsg+0x1bd/0x2a0
[ 1928.035139][T29416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1928.035152][T29416]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1928.035167][T29416]  ? ipv4_mtu+0x23/0x650
[ 1928.035188][T29416]  ? __pfx___ip_append_data+0x10/0x10
[ 1928.035201][T29416]  ? ipv4_mtu+0x53b/0x650
[ 1928.035215][T29416]  ? ip_setup_cork+0x577/0x9a0
[ 1928.035231][T29416]  ip_make_skb+0x22e/0x450
[ 1928.035249][T29416]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1928.035263][T29416]  ? __pfx_ip_make_skb+0x10/0x10
[ 1928.035288][T29416]  udp_sendmsg+0x19ec/0x2240
[ 1928.035314][T29416]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1928.035329][T29416]  ? __pfx_udp_sendmsg+0x10/0x10
[ 1928.035353][T29416]  ? ip4_datagram_release_cb+0xa2/0xbe0
[ 1928.035368][T29416]  ? reacquire_held_locks+0x104/0x190
[ 1928.035389][T29416]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1928.035401][T29416]  ? inet_sendmsg+0x14f/0x370
[ 1928.035415][T29416]  ? __local_bh_enable_ip+0xd0/0x130
[ 1928.035426][T29416]  ? inet_sendmsg+0x29c/0x370
[ 1928.035443][T29416]  ____sys_sendmsg+0x894/0xad0
[ 1928.035464][T29416]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1928.035491][T29416]  ? import_iovec+0x73/0xa0
[ 1928.035511][T29416]  ___sys_sendmsg+0x2a5/0x360
[ 1928.035525][T29416]  ? __lock_acquire+0x6b5/0x2cf0
[ 1928.035544][T29416]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1928.035579][T29416]  ? __fget_files+0x2a/0x420
[ 1928.035591][T29416]  ? __fget_files+0x3a0/0x420
[ 1928.035610][T29416]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1928.035627][T29416]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1928.035648][T29416]  ? __pfx_ksys_write+0x10/0x10
[ 1928.035672][T29416]  do_syscall_64+0xe2/0xf80
[ 1928.035685][T29416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1928.035696][T29416]  ? trace_irq_disable+0x37/0x100
[ 1928.035706][T29416]  ? clear_bhb_loop+0x60/0xb0
[ 1928.035725][T29416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1928.035743][T29416] RIP: 0033:0x7f509299aeb9
[ 1928.035761][T29416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1928.035776][T29416] RSP: 002b:00007f5093824028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1928.035798][T29416] RAX: ffffffffffffffda RBX: 00007f5092c15fa0 RCX: 00007f509299aeb9
[ 1928.035812][T29416] RDX: 0000000004000000 RSI: 0000200000000840 RDI: 0000000000000004
[ 1928.035825][T29416] RBP: 00007f5093824090 R08: 0000000000000000 R09: 0000000000000000
[ 1928.035834][T29416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1928.035841][T29416] R13: 00007f5092c16038 R14: 00007f5092c15fa0 R15: 00007f5092d3fa48
[ 1928.035860][T29416]  </TASK>
[ 1928.558036][ T5885] usb 4-1: USB disconnect, device number 77
[ 1928.869967][T10376] usb 5-1: new full-speed USB device number 58 using dummy_hcd
[ 1928.932497][T10376] usb 5-1: device descriptor read/8, error -71
[ 1929.600744][T10376] usb 5-1: new full-speed USB device number 59 using dummy_hcd
[ 1929.628366][T23839] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1929.671475][T10376] usb 5-1: device descriptor read/8, error -71
[ 1929.786363][T10376] usb usb5-port1: unable to enumerate USB device
[ 1929.955857][ T5885] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[ 1930.336124][ T5885] usb 4-1: Using ep0 maxpacket: 32
[ 1930.346992][ T5885] usb 4-1: config 0 has an invalid interface number: 89 but max is 0
[ 1930.364719][ T5885] usb 4-1: config 0 has no interface number 0
[ 1930.370918][ T5885] usb 4-1: config 0 interface 89 has no altsetting 0
[ 1930.388548][ T5885] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 1930.398170][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1930.406549][ T5885] usb 4-1: Product: syz
[ 1930.410731][ T5885] usb 4-1: Manufacturer: syz
[ 1930.415540][ T5885] usb 4-1: SerialNumber: syz
[ 1930.430694][ T5885] usb 4-1: config 0 descriptor??
[ 1930.443565][ T5885] em28xx 4-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1930.455874][ T5885] em28xx 4-1:0.89: Video interface 89 found: bulk
[ 1932.176115][ T5885] em28xx 4-1:0.89: unknown em28xx chip ID (0)
[ 1932.395941][ T5885] em28xx 4-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1932.424412][ T5885] em28xx 4-1:0.89: board has no eeprom
[ 1932.755826][ T5885] em28xx 4-1:0.89: Identified as Terratec Grabby (card=67)
[ 1932.815174][T29464] syzkaller0: entered promiscuous mode
[ 1932.842229][ T5885] em28xx 4-1:0.89: analog set to bulk mode.
[ 1932.848379][T29464] syzkaller0: entered allmulticast mode
[ 1932.876287][T24124] em28xx 4-1:0.89: Registering V4L2 extension
[ 1933.450286][T29468] netlink: 'syz.1.6408': attribute type 11 has an invalid length.
[ 1934.169233][T10777] usb 4-1: USB disconnect, device number 78
[ 1934.175455][T24124] em28xx 4-1:0.89: reading from i2c device at 0x4a failed (error=-5)
[ 1934.201564][T10777] em28xx 4-1:0.89: Disconnecting em28xx
[ 1934.242149][T24124] em28xx 4-1:0.89: Config register raw data: 0xffffffed
[ 1934.351783][T24124] em28xx 4-1:0.89: AC97 chip type couldn't be determined
[ 1934.665910][T24124] em28xx 4-1:0.89: No AC97 audio processor
[ 1934.718502][T24124] usb 4-1: Decoder not found
[ 1934.723157][T24124] em28xx 4-1:0.89: failed to create media graph
[ 1934.864594][T24124] em28xx 4-1:0.89: V4L2 device video103 deregistered
[ 1935.069322][T24124] em28xx 4-1:0.89: Registering snapshot button...
[ 1935.069841][T29493] ==================================================================
[ 1935.083876][T29493] BUG: KASAN: slab-use-after-free in v4l2_fh_open+0xac/0x420
[ 1935.091285][T29493] Read of size 8 at addr ffff88807c5d0740 by task v4l_id/29493
[ 1935.098875][T29493] 
[ 1935.101227][T29493] CPU: 0 UID: 0 PID: 29493 Comm: v4l_id Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1935.101256][T29493] Tainted: [L]=SOFTLOCKUP
[ 1935.101264][T29493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1935.101277][T29493] Call Trace:
[ 1935.101285][T29493]  <TASK>
[ 1935.101294][T29493]  dump_stack_lvl+0xe8/0x150
[ 1935.101322][T29493]  print_report+0xba/0x230
[ 1935.101343][T29493]  ? v4l2_fh_open+0xac/0x420
[ 1935.101363][T29493]  kasan_report+0x117/0x150
[ 1935.101386][T29493]  ? v4l2_fh_open+0xac/0x420
[ 1935.101411][T29493]  v4l2_fh_open+0xac/0x420
[ 1935.101433][T29493]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1935.101457][T29493]  em28xx_v4l2_open+0x157/0x9a0
[ 1935.101486][T29493]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1935.101512][T29493]  v4l2_open+0x1bf/0x3a0
[ 1935.101537][T29493]  chrdev_open+0x4cd/0x5e0
[ 1935.101559][T29493]  ? __pfx_chrdev_open+0x10/0x10
[ 1935.101577][T29493]  ? fsnotify_open_perm_and_set_mode+0x135/0x6d0
[ 1935.101604][T29493]  ? __pfx_chrdev_open+0x10/0x10
[ 1935.101629][T29493]  do_dentry_open+0x7ce/0x1420
[ 1935.101658][T29493]  vfs_open+0x3b/0x340
[ 1935.101678][T29493]  ? path_openat+0x346e/0x3e20
[ 1935.101705][T29493]  path_openat+0x3486/0x3e20
[ 1935.101743][T29493]  ? kmem_cache_alloc_noprof+0x370/0x6e0
[ 1935.101770][T29493]  ? getname_flags+0xb7/0x540
[ 1935.101790][T29493]  ? __pfx_path_openat+0x10/0x10
[ 1935.101817][T29493]  ? __lock_acquire+0x6b5/0x2cf0
[ 1935.101849][T29493]  do_filp_open+0x22d/0x490
[ 1935.101876][T29493]  ? __pfx_do_filp_open+0x10/0x10
[ 1935.101910][T29493]  ? _raw_spin_unlock+0x28/0x50
[ 1935.101937][T29493]  ? alloc_fd+0x64b/0x6c0
[ 1935.101961][T29493]  do_sys_openat2+0x12f/0x220
[ 1935.101985][T29493]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1935.102007][T29493]  ? exc_page_fault+0x6a/0xc0
[ 1935.102029][T29493]  ? do_user_addr_fault+0xc7c/0x1360
[ 1935.102058][T29493]  __x64_sys_openat+0x138/0x170
[ 1935.102084][T29493]  do_syscall_64+0xe2/0xf80
[ 1935.102104][T29493]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1935.102123][T29493]  ? trace_irq_disable+0x37/0x100
[ 1935.102142][T29493]  ? clear_bhb_loop+0x60/0xb0
[ 1935.102163][T29493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1935.102182][T29493] RIP: 0033:0x7f03382a7407
[ 1935.102200][T29493] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 1935.102217][T29493] RSP: 002b:00007ffd8d14efd0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1935.102240][T29493] RAX: ffffffffffffffda RBX: 00007f033894b880 RCX: 00007f03382a7407
[ 1935.102255][T29493] RDX: 0000000000000000 RSI: 00007ffd8d14ff1b RDI: ffffffffffffff9c
[ 1935.102270][T29493] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1935.102282][T29493] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1935.102294][T29493] R13: 00007ffd8d14f220 R14: 00007f0338ab2000 R15: 00005614f59974d8
[ 1935.102316][T29493]  </TASK>
[ 1935.102324][T29493] 
[ 1935.389672][T29493] Allocated by task 24124:
[ 1935.394080][T29493]  kasan_save_track+0x3e/0x80
[ 1935.398753][T29493]  __kasan_kmalloc+0x93/0xb0
[ 1935.403342][T29493]  __kmalloc_cache_noprof+0x3d1/0x6e0
[ 1935.408733][T29493]  em28xx_v4l2_init+0x10b/0x2e70
[ 1935.413666][T29493]  em28xx_init_extension+0x120/0x1c0
[ 1935.418940][T29493]  process_scheduled_works+0xaec/0x17a0
[ 1935.424527][T29493]  worker_thread+0xda6/0x1360
[ 1935.429197][T29493]  kthread+0x726/0x8b0
[ 1935.433259][T29493]  ret_from_fork+0x51b/0xa40
[ 1935.437839][T29493]  ret_from_fork_asm+0x1a/0x30
[ 1935.442593][T29493] 
[ 1935.444904][T29493] Freed by task 24124:
[ 1935.448958][T29493]  kasan_save_track+0x3e/0x80
[ 1935.453626][T29493]  kasan_save_free_info+0x46/0x50
[ 1935.458736][T29493]  __kasan_slab_free+0x5c/0x80
[ 1935.463488][T29493]  kfree+0x1be/0x650
[ 1935.467376][T29493]  em28xx_v4l2_init+0x1683/0x2e70
[ 1935.472396][T29493]  em28xx_init_extension+0x120/0x1c0
[ 1935.477795][T29493]  process_scheduled_works+0xaec/0x17a0
[ 1935.483350][T29493]  worker_thread+0xda6/0x1360
[ 1935.488051][T29493]  kthread+0x726/0x8b0
[ 1935.492215][T29493]  ret_from_fork+0x51b/0xa40
[ 1935.496800][T29493]  ret_from_fork_asm+0x1a/0x30
[ 1935.501641][T29493] 
[ 1935.503958][T29493] The buggy address belongs to the object at ffff88807c5d0000
[ 1935.503958][T29493]  which belongs to the cache kmalloc-8k of size 8192
[ 1935.518092][T29493] The buggy address is located 1856 bytes inside of
[ 1935.518092][T29493]  freed 8192-byte region [ffff88807c5d0000, ffff88807c5d2000)
[ 1935.532228][T29493] 
[ 1935.534555][T29493] The buggy address belongs to the physical page:
[ 1935.540961][T29493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c5d0
[ 1935.549718][T29493] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1935.558309][T29493] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1935.566452][T29493] page_type: f5(slab)
[ 1935.570544][T29493] raw: 00fff00000000040 ffff88813fe27280 0000000000000000 0000000000000001
[ 1935.579139][T29493] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[ 1935.587898][T29493] head: 00fff00000000040 ffff88813fe27280 0000000000000000 0000000000000001
[ 1935.596656][T29493] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[ 1935.605335][T29493] head: 00fff00000000003 ffffea0001f17401 00000000ffffffff 00000000ffffffff
[ 1935.614109][T29493] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1935.622957][T29493] page dumped because: kasan: bad access detected
[ 1935.629558][T29493] page_owner tracks the page as allocated
[ 1935.635266][T29493] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 16781, tgid 16780 (syz.4.2954), ts 944190296416, free_ts 944034042467
[ 1935.658383][T29493]  post_alloc_hook+0x228/0x280
[ 1935.663463][T29493]  get_page_from_freelist+0x24dc/0x2580
[ 1935.669011][T29493]  __alloc_frozen_pages_noprof+0x18d/0x380
[ 1935.674813][T29493]  alloc_pages_mpol+0x232/0x4a0
[ 1935.679701][T29493]  allocate_slab+0x86/0x3a0
[ 1935.684205][T29493]  ___slab_alloc+0xd82/0x1760
[ 1935.688872][T29493]  __slab_alloc+0x65/0x100
[ 1935.693283][T29493]  __kmalloc_cache_noprof+0x40d/0x6e0
[ 1935.698761][T29493]  audit_log_d_path+0xb8/0x1a0
[ 1935.703521][T29493]  audit_log_d_path_exe+0x42/0x70
[ 1935.708625][T29493]  audit_log_task+0x2c3/0x3d0
[ 1935.713310][T29493]  audit_seccomp+0x85/0x190
[ 1935.717890][T29493]  __seccomp_filter+0xd48/0x1ef0
[ 1935.722905][T29493]  syscall_trace_enter+0xa9/0x160
[ 1935.728011][T29493]  do_syscall_64+0xbb/0xf80
[ 1935.732510][T29493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1935.738826][T29493] page last free pid 10777 tgid 10777 stack trace:
[ 1935.745753][T29493]  __free_frozen_pages+0xbf8/0xd70
[ 1935.750881][T29493]  __put_partials+0x146/0x170
[ 1935.755562][T29493]  __slab_free+0x294/0x320
[ 1935.760057][T29493]  qlist_free_all+0x97/0x100
[ 1935.764664][T29493]  kasan_quarantine_reduce+0x148/0x160
[ 1935.770205][T29493]  __kasan_slab_alloc+0x22/0x80
[ 1935.775219][T29493]  __kmalloc_node_track_caller_noprof+0x511/0x7f0
[ 1935.781632][T29493]  kmalloc_reserve+0x136/0x290
[ 1935.786480][T29493]  __alloc_skb+0x204/0x390
[ 1935.790889][T29493]  mld_newpack+0x14c/0xc90
[ 1935.795301][T29493]  add_grhead+0x5a/0x2a0
[ 1935.799546][T29493]  add_grec+0x1452/0x1740
[ 1935.803866][T29493]  mld_send_initial_cr+0x288/0x550
[ 1935.808969][T29493]  mld_dad_work+0x45/0x5b0
[ 1935.813374][T29493]  process_scheduled_works+0xaec/0x17a0
[ 1935.818918][T29493]  worker_thread+0xda6/0x1360
[ 1935.823590][T29493] 
[ 1935.825926][T29493] Memory state around the buggy address:
[ 1935.831565][T29493]  ffff88807c5d0600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1935.839720][T29493]  ffff88807c5d0680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1935.847786][T29493] >ffff88807c5d0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1935.855840][T29493]                                            ^
[ 1935.862088][T29493]  ffff88807c5d0780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1935.870136][T29493]  ffff88807c5d0800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1935.878199][T29493] ==================================================================
[ 1935.893199][T24124] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.89/input/input98
[ 1936.050339][T29493] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1936.057593][T29493] CPU: 0 UID: 0 PID: 29493 Comm: v4l_id Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1936.068821][T29493] Tainted: [L]=SOFTLOCKUP
[ 1936.073177][T29493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1936.083778][T29493] Call Trace:
[ 1936.087082][T29493]  <TASK>
[ 1936.090013][T29493]  vpanic+0x1e0/0x670
[ 1936.094015][T29493]  panic+0xc5/0xd0
[ 1936.097857][T29493]  ? __pfx_panic+0x10/0x10
[ 1936.102319][T29493]  ? preempt_schedule_common+0x82/0xd0
[ 1936.107870][T29493]  ? v4l2_fh_open+0xac/0x420
[ 1936.112469][T29493]  check_panic_on_warn+0x89/0xb0
[ 1936.117419][T29493]  ? v4l2_fh_open+0xac/0x420
[ 1936.122015][T29493]  end_report+0x6f/0x140
[ 1936.126257][T29493]  kasan_report+0x128/0x150
[ 1936.130761][T29493]  ? v4l2_fh_open+0xac/0x420
[ 1936.135353][T29493]  v4l2_fh_open+0xac/0x420
[ 1936.139768][T29493]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1936.145767][T29493]  em28xx_v4l2_open+0x157/0x9a0
[ 1936.150714][T29493]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1936.155759][T29493]  v4l2_open+0x1bf/0x3a0
[ 1936.160005][T29493]  chrdev_open+0x4cd/0x5e0
[ 1936.164431][T29493]  ? __pfx_chrdev_open+0x10/0x10
[ 1936.169718][T29493]  ? fsnotify_open_perm_and_set_mode+0x135/0x6d0
[ 1936.176192][T29493]  ? __pfx_chrdev_open+0x10/0x10
[ 1936.181340][T29493]  do_dentry_open+0x7ce/0x1420
[ 1936.186210][T29493]  vfs_open+0x3b/0x340
[ 1936.190282][T29493]  ? path_openat+0x346e/0x3e20
[ 1936.195061][T29493]  path_openat+0x3486/0x3e20
[ 1936.199665][T29493]  ? kmem_cache_alloc_noprof+0x370/0x6e0
[ 1936.205322][T29493]  ? getname_flags+0xb7/0x540
[ 1936.210000][T29493]  ? __pfx_path_openat+0x10/0x10
[ 1936.214945][T29493]  ? __lock_acquire+0x6b5/0x2cf0
[ 1936.219950][T29493]  do_filp_open+0x22d/0x490
[ 1936.224548][T29493]  ? __pfx_do_filp_open+0x10/0x10
[ 1936.229584][T29493]  ? _raw_spin_unlock+0x28/0x50
[ 1936.234449][T29493]  ? alloc_fd+0x64b/0x6c0
[ 1936.238786][T29493]  do_sys_openat2+0x12f/0x220
[ 1936.243485][T29493]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1936.248694][T29493]  ? exc_page_fault+0x6a/0xc0
[ 1936.253387][T29493]  ? do_user_addr_fault+0xc7c/0x1360
[ 1936.258712][T29493]  __x64_sys_openat+0x138/0x170
[ 1936.263593][T29493]  do_syscall_64+0xe2/0xf80
[ 1936.268107][T29493]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1936.274185][T29493]  ? trace_irq_disable+0x37/0x100
[ 1936.279233][T29493]  ? clear_bhb_loop+0x60/0xb0
[ 1936.283944][T29493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1936.289864][T29493] RIP: 0033:0x7f03382a7407
[ 1936.294288][T29493] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 1936.314095][T29493] RSP: 002b:00007ffd8d14efd0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1936.322618][T29493] RAX: ffffffffffffffda RBX: 00007f033894b880 RCX: 00007f03382a7407
[ 1936.331470][T29493] RDX: 0000000000000000 RSI: 00007ffd8d14ff1b RDI: ffffffffffffff9c
[ 1936.339623][T29493] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1936.347690][T29493] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1936.355662][T29493] R13: 00007ffd8d14f220 R14: 00007f0338ab2000 R15: 00005614f59974d8
[ 1936.363737][T29493]  </TASK>
[ 1936.366909][T29493] Kernel Offset: disabled
[ 1936.371227][T29493] Rebooting in 86400 seconds..