last executing test programs:

4m20.296254379s ago: executing program 3 (id=1227):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405668, &(0x7f0000000080)={0x0, 0x0, 0x2, "bc3e098e0000f403040000000000000000000000000000ffffffffffffffec00"})
r1 = socket(0x2b, 0x2, 0x0)
sendmsg$nl_route(r1, 0x0, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)

4m19.679443535s ago: executing program 3 (id=1228):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x2c)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_DROP_PRIVILEGES(0xffffffffffffffff, 0x4004551e, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x5c8c, 0x42, @empty, @mcast1, 0x80, 0x0, 0x0, 0x20000000}})
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38ff, 0x0, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000880)=""/220, 0xdc}], 0x1, 0xbffffffe, 0x10a2)
syz_emit_ethernet(0x6e, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000640)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000001300)=""/102400, 0x19000)

4m19.5349721s ago: executing program 3 (id=1230):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000003800)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xf71, @remote, 0x27}, 0x1c, &(0x7f0000001340)=[{&(0x7f0000000040)="2ab2", 0x2}], 0x1}}], 0x1, 0x4000844)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000280), 0x4)

4m18.282468647s ago: executing program 3 (id=1231):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000940)='./file0\x00', 0x0, 0x0)
mknodat(r4, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
renameat2(r5, &(0x7f00000001c0)='./file0\x00', r5, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, 0x0, 0x0)
r7 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, 0x0)

4m17.676249562s ago: executing program 3 (id=1235):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$USBDEVFS_SETINTERFACE(r5, 0x80045510, &(0x7f0000000000)={0x0, 0x40000000})
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, 0x0, 0x48080)
ioctl$PPPIOCUNBRIDGECHAN(0xffffffffffffffff, 0x7434)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10012}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000840}, 0x40000)

4m17.114711111s ago: executing program 3 (id=1237):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
setresuid(0xee01, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
r4 = dup(0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, 0x0, &(0x7f00000000c0))
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048001}, 0x1)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)

3m38.870950215s ago: executing program 0 (id=1307):
chdir(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000d000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
shmget(0x1, 0x1000, 0x200, &(0x7f0000fff000/0x1000)=nil)
r2 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
setrlimit(0x7, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0xf)
fsconfig$FSCONFIG_SET_FLAG(r2, 0x0, 0x0, 0x0, 0x0)
setreuid(0xee01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
getpid()
setns(0xffffffffffffffff, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x13, 0x0, 0x0, 0x0)

3m32.568993633s ago: executing program 0 (id=1315):
socket$kcm(0x10, 0x2, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7}]})
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0x9, 0x2012, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f00000005c0)={0x48})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
add_key(&(0x7f0000000240)='user\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r2 = epoll_create1(0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r3, &(0x7f0000000100)=""/162, 0xa2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d40)={&(0x7f0000000b00)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000003300000000000005000000000000"], 0x0, 0x26, 0x0, 0x400}, 0x28)
pread64(r3, &(0x7f00000002c0)=""/190, 0xbe, 0x200)
syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000002400)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

3m29.89831378s ago: executing program 0 (id=1318):
mmap(&(0x7f0000104000/0x3000)=nil, 0x3000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xfffffeb7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000400)={0xf0f071, 0x2})
r6 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000000)={0xf0f071, 0x1})

3m28.603599024s ago: executing program 0 (id=1319):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getgid()
r4 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, 0x0, 0x0)

3m26.776845025s ago: executing program 0 (id=1321):
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={0xffffffffffffffff, &(0x7f0000000440), &(0x7f0000000040)=@udp}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_NEWPDP(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, 0x0, 0x1, 0x0, 0x0, {0x3}, [@GTPA_VERSION={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x2000094)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='ntfs3\x00', 0x1000080, 0x0)

3m18.871997571s ago: executing program 0 (id=1330):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="00008864ffffffffffffaaaaaaaaaaaa08004519001400f400000101"], 0x26)
socket$nl_generic(0x10, 0x3, 0x10)

3m2.731874443s ago: executing program 32 (id=1330):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="00008864ffffffffffffaaaaaaaaaaaa08004519001400f400000101"], 0x26)
socket$nl_generic(0x10, 0x3, 0x10)

28.268859918s ago: executing program 2 (id=1587):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100"], 0x48)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000003c0), 0xa0581, 0x0)
r1 = dup(r0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0403d11, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000002e80), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000002ec0)={0x1, @vbi={0x1c, 0x20, 0x47425247, 0x32314742, [0x400, 0x8], [0x5, 0x7], 0x108}})

23.289416683s ago: executing program 2 (id=1593):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$USBDEVFS_SETINTERFACE(r5, 0x80045510, &(0x7f0000000000)={0x0, 0x40000000})
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, 0x0, 0x48080)
ioctl$PPPIOCUNBRIDGECHAN(0xffffffffffffffff, 0x7434)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10012}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000840}, 0x40000)

17.262857621s ago: executing program 2 (id=1601):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100"], 0x48)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000003c0), 0xa0581, 0x0)
r1 = dup(r0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0403d11, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000002e80), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000002ec0)={0x1, @vbi={0x1c, 0x20, 0x47425247, 0x32314742, [0x400, 0x8], [0x5, 0x7], 0x108}})

14.662480275s ago: executing program 2 (id=1605):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x17, &(0x7f00000006c0)=0x400, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r5}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/179}, 0x20)
shutdown(r0, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2$watch_queue(&(0x7f0000000100), 0x80)
r6 = dup(0xffffffffffffffff)
ioctl$PTP_EXTTS_REQUEST2(r6, 0x40603d10, &(0x7f00000002c0)={0x1, 0x9})

14.566594565s ago: executing program 1 (id=1606):
r0 = socket(0x28, 0x5, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r0, &(0x7f0000000080), 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
sendmmsg(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000380)="1b", 0x1}], 0x1}}], 0x1, 0x0)

14.113238995s ago: executing program 1 (id=1607):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x6e)
io_setup(0x42, &(0x7f0000000100)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000580)=[0x0])
socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400090500000000fddbdf25021f00cb", @ANYRES32=r6, @ANYBLOB="080008100002000008000200ffffffff0800090006000000080009000000180008000200ac1414aa080009"], 0x48}}, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0xed, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

13.007072187s ago: executing program 2 (id=1608):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, r0, 0x200000000000000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
syz_emit_ethernet(0x7e, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_rr_get_interval(r4, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x15, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0xfffffffc}, 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000a80)={<r6=>0x0, 0x10, &(0x7f0000000a40)=[@in={0x2, 0x4e24, @rand_addr=0x64010101}]}, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000080)={r6, @in={{0x2, 0x4e24, @rand_addr=0x64010101}}, 0x2, 0x88}, 0x90)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fdinfo/4\x00')
pread64(r7, &(0x7f0000002140)=""/17, 0x11, 0x0)

9.933965092s ago: executing program 1 (id=1609):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$USBDEVFS_SETINTERFACE(r5, 0x80045510, &(0x7f0000000000)={0x0, 0x40000000})
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, 0x0, 0x48080)
ioctl$PPPIOCUNBRIDGECHAN(0xffffffffffffffff, 0x7434)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10012}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000840}, 0x40000)

9.158572017s ago: executing program 2 (id=1610):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x40000000100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
socket$inet6_icmp(0xa, 0x2, 0x3a)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x4800)

8.653766957s ago: executing program 4 (id=1611):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2, 0x0, 0xe}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000100)={0xf00001, 0x2})
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r4, 0x5608)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x4, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@cswp={0x58, 0x114, 0x7, {{0x88, 0x800}, &(0x7f00000000c0)=0x3b3, 0x0, 0x10001, 0x2, 0x0, 0x4, 0x21, 0x9}}], 0x58, 0x8004}, 0x0)

7.350568649s ago: executing program 4 (id=1612):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000340)={0x3, 0x0, 0x1, 0x0, 0x7fffffff})

6.645981827s ago: executing program 1 (id=1613):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100"], 0x48)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000003c0), 0xa0581, 0x0)
r1 = dup(r0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0403d11, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000002e80), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000002ec0)={0x1, @vbi={0x1c, 0x20, 0x47425247, 0x32314742, [0x400, 0x8], [0x5, 0x7], 0x108}})

6.152532363s ago: executing program 4 (id=1614):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207)
mount(0x0, &(0x7f0000000000)='./cgroup\x00', 0x0, 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0xffff, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r3, 0x0, 0x9}, 0x18)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0xb3409000)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
timer_settime(0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc22, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x400c890)
ioctl$sock_proto_private(0xffffffffffffffff, 0x89dc, 0x0)
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r2)
ioctl$TIOCL_SETVESABLANK(r5, 0x560e, &(0x7f0000000140))
ioctl$TIOCL_BLANKSCREEN(r5, 0x541c, &(0x7f0000000040))

5.162366225s ago: executing program 4 (id=1615):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000200000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7336b5d}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2000000, 0xd50, 0x0, &(0x7f00000002c0)="fef351f6b11f421a5b4e415288ca", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

4.93158123s ago: executing program 4 (id=1616):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sg(&(0x7f00000060c0), 0xa, 0x0)
socket(0x10, 0x3, 0x0)
syz_open_dev$sg(0x0, 0x6f5e, 0x0)
socket(0x840000000002, 0x3, 0xfa)
socket$pppoe(0x18, 0x1, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb000000010902"], 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
fsopen(&(0x7f00000007c0)='erofs\x00', 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r4 = syz_io_uring_setup(0x10d2, &(0x7f0000000540)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f0000000600)=<r5=>0x0, &(0x7f00000005c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x4, 0x1cd83f7c25e05491, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x1, {0x3}})
io_uring_enter(r4, 0x47bc, 0x3, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

4.124879975s ago: executing program 1 (id=1617):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
io_setup(0x42, &(0x7f0000000100)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000580)=[0x0])
socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400090500000000fddbdf25021f00cb", @ANYRES32=r6, @ANYBLOB="080008100002000008000200ffffffff0800090006000000080009000000180008000200ac1414aa080009"], 0x48}}, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0xed, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

2.599037109s ago: executing program 1 (id=1618):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, r0, 0x200000000000000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
syz_emit_ethernet(0x7e, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_rr_get_interval(r4, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x15, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0xfffffffc}, 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000a80)={<r6=>0x0, 0x10, &(0x7f0000000a40)=[@in={0x2, 0x4e24, @rand_addr=0x64010101}]}, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000080)={r6, @in={{0x2, 0x4e24, @rand_addr=0x64010101}}, 0x2, 0x88}, 0x90)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fdinfo/4\x00')
pread64(r7, &(0x7f0000002140)=""/17, 0x11, 0x0)

0s ago: executing program 4 (id=1619):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000fffffff02e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000000c000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.12' (ED25519) to the list of known hosts.
[   74.776612][ T5787] cgroup: Unknown subsys name 'net'
[   75.017912][ T5787] cgroup: Unknown subsys name 'cpuset'
[   75.083822][ T5787] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   76.748648][ T5787] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   80.729994][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.741107][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.751542][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.769551][ T5119] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.770429][ T5119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.874342][   T62] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.879098][   T62] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.880486][   T62] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.882061][   T62] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.916064][   T62] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.995474][ T5119] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.999536][ T5119] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   81.000335][ T5119] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   81.001727][ T5119] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   81.002554][ T5119] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   81.080443][   T62] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   81.085673][   T62] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   81.114088][ T5812] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   81.117484][ T5812] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   81.120378][ T5798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   81.121625][ T5798] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   81.147769][ T5798] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   81.150381][ T5798] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   81.182020][ T5798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   81.191218][ T5812] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   81.631042][ T1235] cfg80211: failed to load regulatory.db
[   81.850110][ T5797] chnl_net:caif_netlink_parms(): no params data found
[   81.956226][ T5802] chnl_net:caif_netlink_parms(): no params data found
[   82.169032][ T5805] chnl_net:caif_netlink_parms(): no params data found
[   82.569884][ T5806] chnl_net:caif_netlink_parms(): no params data found
[   82.575269][ T5807] chnl_net:caif_netlink_parms(): no params data found
[   82.674017][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.675165][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.675522][ T5797] bridge_slave_0: entered allmulticast mode
[   82.677025][ T5797] bridge_slave_0: entered promiscuous mode
[   82.795419][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.795487][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.795610][ T5797] bridge_slave_1: entered allmulticast mode
[   82.796992][ T5797] bridge_slave_1: entered promiscuous mode
[   82.815063][ T5119] Bluetooth: hci0: command tx timeout
[   82.851897][ T5802] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.851987][ T5802] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.852091][ T5802] bridge_slave_0: entered allmulticast mode
[   82.854485][ T5802] bridge_slave_0: entered promiscuous mode
[   82.973359][ T5119] Bluetooth: hci1: command tx timeout
[   83.133153][ T5119] Bluetooth: hci2: command tx timeout
[   83.173903][ T5802] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.173993][ T5802] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.174101][ T5802] bridge_slave_1: entered allmulticast mode
[   83.175535][ T5802] bridge_slave_1: entered promiscuous mode
[   83.213067][ T5119] Bluetooth: hci4: command tx timeout
[   83.294325][ T5119] Bluetooth: hci3: command tx timeout
[   83.427356][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.427592][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.427704][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.427858][ T5805] bridge_slave_0: entered allmulticast mode
[   83.429618][ T5805] bridge_slave_0: entered promiscuous mode
[   83.547029][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.547728][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.547973][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.548148][ T5805] bridge_slave_1: entered allmulticast mode
[   83.549665][ T5805] bridge_slave_1: entered promiscuous mode
[   83.587610][ T5802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.865573][ T5802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.295562][ T5797] team0: Port device team_slave_0 added
[   84.298445][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.298699][ T5807] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.298896][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.299059][ T5807] bridge_slave_0: entered allmulticast mode
[   84.300574][ T5807] bridge_slave_0: entered promiscuous mode
[   84.302327][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.302450][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.303875][ T5806] bridge_slave_0: entered allmulticast mode
[   84.306251][ T5806] bridge_slave_0: entered promiscuous mode
[   84.386689][ T5797] team0: Port device team_slave_1 added
[   84.388864][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.389080][ T5807] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.389186][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.389289][ T5807] bridge_slave_1: entered allmulticast mode
[   84.390611][ T5807] bridge_slave_1: entered promiscuous mode
[   84.391524][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.391610][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.391705][ T5806] bridge_slave_1: entered allmulticast mode
[   84.393715][ T5806] bridge_slave_1: entered promiscuous mode
[   84.398426][ T5802] team0: Port device team_slave_0 added
[   84.695889][ T5802] team0: Port device team_slave_1 added
[   84.893337][ T5119] Bluetooth: hci0: command tx timeout
[   85.053103][ T5119] Bluetooth: hci1: command tx timeout
[   85.055631][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.055642][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.055656][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.059217][ T5805] team0: Port device team_slave_0 added
[   85.062639][ T5807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.068532][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.213233][ T5119] Bluetooth: hci2: command tx timeout
[   85.302921][ T5119] Bluetooth: hci4: command tx timeout
[   85.324762][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.324778][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.324801][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.326672][ T5805] team0: Port device team_slave_1 added
[   85.328672][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.343403][ T5807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.355335][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.355349][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.355372][ T5802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.373089][ T5119] Bluetooth: hci3: command tx timeout
[   85.514292][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.514303][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.514318][ T5802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.775342][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.775358][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.775391][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.777734][ T5806] team0: Port device team_slave_0 added
[   85.781921][ T5807] team0: Port device team_slave_0 added
[   85.894266][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.894277][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.894292][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.896485][ T5806] team0: Port device team_slave_1 added
[   85.898702][ T5807] team0: Port device team_slave_1 added
[   86.248529][ T5797] hsr_slave_0: entered promiscuous mode
[   86.249548][ T5797] hsr_slave_1: entered promiscuous mode
[   86.576333][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.576346][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.576360][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.581593][ T5802] hsr_slave_0: entered promiscuous mode
[   86.582406][ T5802] hsr_slave_1: entered promiscuous mode
[   86.586708][ T5802] debugfs: 'hsr0' already exists in 'hsr'
[   86.586825][ T5802] Cannot create hsr debugfs directory
[   86.587789][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.587802][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.587825][ T5807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.661260][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.661275][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.661299][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.665129][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.665144][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.665167][ T5807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.888542][ T5805] hsr_slave_0: entered promiscuous mode
[   86.890184][ T5805] hsr_slave_1: entered promiscuous mode
[   86.890724][ T5805] debugfs: 'hsr0' already exists in 'hsr'
[   86.890742][ T5805] Cannot create hsr debugfs directory
[   86.983147][ T5119] Bluetooth: hci0: command tx timeout
[   87.133125][ T5119] Bluetooth: hci1: command tx timeout
[   87.293159][ T5119] Bluetooth: hci2: command tx timeout
[   87.345498][ T5806] hsr_slave_0: entered promiscuous mode
[   87.346257][ T5806] hsr_slave_1: entered promiscuous mode
[   87.346804][ T5806] debugfs: 'hsr0' already exists in 'hsr'
[   87.346824][ T5806] Cannot create hsr debugfs directory
[   87.370717][ T5807] hsr_slave_0: entered promiscuous mode
[   87.371953][ T5807] hsr_slave_1: entered promiscuous mode
[   87.372865][ T5807] debugfs: 'hsr0' already exists in 'hsr'
[   87.373530][ T5807] Cannot create hsr debugfs directory
[   87.383017][ T5119] Bluetooth: hci4: command tx timeout
[   87.453092][ T5119] Bluetooth: hci3: command tx timeout
[   88.492622][ T5797] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   88.553232][ T5797] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   88.602136][ T5797] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   88.649897][ T5797] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   88.754381][ T5805] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.787049][ T5805] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.818538][ T5805] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.876028][ T5805] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.989685][ T5806] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   89.023820][ T5806] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   89.053140][ T5119] Bluetooth: hci0: command tx timeout
[   89.076389][ T5806] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   89.127774][ T5806] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   89.213149][ T5119] Bluetooth: hci1: command tx timeout
[   89.242976][ T5807] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.287004][ T5807] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.322666][ T5807] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.372238][ T5807] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.373315][ T5119] Bluetooth: hci2: command tx timeout
[   89.453176][ T5119] Bluetooth: hci4: command tx timeout
[   89.477114][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.503888][ T5802] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   89.533396][ T5119] Bluetooth: hci3: command tx timeout
[   89.559332][ T5802] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   89.590727][ T5802] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   89.618488][ T5802] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   89.685028][ T5797] 8021q: adding VLAN 0 to HW filter on device team0
[   89.725965][ T1174] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.726730][ T1174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.757118][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.767299][ T1174] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.768197][ T1174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.850450][ T5805] 8021q: adding VLAN 0 to HW filter on device team0
[   89.884145][ T1174] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.884401][ T1174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.888190][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.927680][ T1174] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.928066][ T1174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.979067][ T5806] 8021q: adding VLAN 0 to HW filter on device team0
[   90.004672][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.041750][ T1174] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.041981][ T1174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.086734][ T1174] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.087539][ T1174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.154815][ T5807] 8021q: adding VLAN 0 to HW filter on device team0
[   90.168972][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.206773][ T3589] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.206850][ T3589] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.259190][ T1174] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.263663][ T1174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.311145][ T5802] 8021q: adding VLAN 0 to HW filter on device team0
[   90.351076][ T1174] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.351276][ T1174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.378258][ T1174] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.378376][ T1174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.429750][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.711886][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.735390][ T5797] veth0_vlan: entered promiscuous mode
[   90.795859][ T5797] veth1_vlan: entered promiscuous mode
[   90.937636][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.987800][ T5805] veth0_vlan: entered promiscuous mode
[   91.001486][ T5797] veth0_macvtap: entered promiscuous mode
[   91.012321][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.040670][ T5797] veth1_macvtap: entered promiscuous mode
[   91.049570][ T5805] veth1_vlan: entered promiscuous mode
[   91.077610][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.137739][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.159988][ T5806] veth0_vlan: entered promiscuous mode
[   91.172734][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.233887][ T3887] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.239396][ T5806] veth1_vlan: entered promiscuous mode
[   91.245509][ T3887] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.270962][ T5805] veth0_macvtap: entered promiscuous mode
[   91.271891][ T3887] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.296254][ T3887] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.315891][ T5807] veth0_vlan: entered promiscuous mode
[   91.373807][ T5805] veth1_macvtap: entered promiscuous mode
[   91.409490][ T5807] veth1_vlan: entered promiscuous mode
[   91.574182][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.582348][ T5806] veth0_macvtap: entered promiscuous mode
[   91.604929][ T3817] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.604952][ T3817] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.629620][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.649522][ T5806] veth1_macvtap: entered promiscuous mode
[   91.693360][   T82] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.699658][ T5807] veth0_macvtap: entered promiscuous mode
[   91.702168][   T82] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.742034][   T82] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.754624][   T82] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.756933][ T3817] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.756950][ T3817] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.766688][ T5807] veth1_macvtap: entered promiscuous mode
[   91.849747][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.849943][ T5802] veth0_vlan: entered promiscuous mode
[   91.912192][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.009950][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.025939][ T5802] veth1_vlan: entered promiscuous mode
[   92.045296][   T82] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.062001][   T82] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.086199][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.086490][   T82] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.104873][   T82] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.230334][ T3817] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.232480][ T3817] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.251532][ T3817] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.259500][ T3817] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.259759][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.259773][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.522947][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.532941][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.542911][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.552908][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.562921][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.572909][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.582916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.794111][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.912907][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   92.912946][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   94.323477][ T1270] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.323496][ T1270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.429499][ T5802] veth0_macvtap: entered promiscuous mode
[   94.475524][ T5802] veth1_macvtap: entered promiscuous mode
[   94.491855][ T3752] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.491877][ T3752] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.608858][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.646142][ T1174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.646169][ T1174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.670436][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.730092][ T1404] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.730110][ T1404] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.731172][ T1404] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.765486][ T1150] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.983047][ T1150] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.036576][ T1150] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.875178][ T1270] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.875197][ T1270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.916424][   T37] audit: type=1326 audit(1768702646.672:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   96.916470][   T37] audit: type=1326 audit(1768702646.672:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.252409][   T37] audit: type=1326 audit(1768702647.012:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.252726][   T37] audit: type=1326 audit(1768702647.012:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.303471][   T37] audit: type=1326 audit(1768702647.032:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.303521][   T37] audit: type=1326 audit(1768702647.042:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.303558][   T37] audit: type=1326 audit(1768702647.042:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.303594][   T37] audit: type=1326 audit(1768702647.052:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.303629][   T37] audit: type=1326 audit(1768702647.052:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.303665][   T37] audit: type=1326 audit(1768702647.052:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5929 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f7d90c0f749 code=0x7ffc0000
[   97.666608][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.666628][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.821376][ T3752] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.821396][ T3752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.654687][ T6006] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  113.219608][ T6018] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  123.221547][ T6097] ntfs3(nullb0): Primary boot signature is not NTFS.
[  123.238210][ T6097] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  126.582277][ T6108] syz.2.49 (6108): drop_caches: 2
[  129.373156][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  130.387789][ T6125] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  130.967886][   T10] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  130.967914][   T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  130.967933][   T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  130.968008][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.996576][   T10] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  130.996606][   T10] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  130.996625][   T10] usb 5-1: Product: syz
[  130.996637][   T10] usb 5-1: Manufacturer: syz
[  131.128679][   T10] cdc_wdm 5-1:1.0: skipping garbage
[  131.128699][   T10] cdc_wdm 5-1:1.0: skipping garbage
[  131.687896][   T10] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  131.687935][   T10] cdc_wdm 5-1:1.0: Unknown control protocol
[  131.796263][   T10] usb 5-1: USB disconnect, device number 2
[  131.997426][  T804] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  132.174892][  T804] usb 4-1: Using ep0 maxpacket: 32
[  132.184776][  T804] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  132.184806][  T804] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.184826][  T804] usb 4-1: Product: syz
[  132.184841][  T804] usb 4-1: Manufacturer: syz
[  132.184856][  T804] usb 4-1: SerialNumber: syz
[  132.411333][  T804] usb 4-1: config 0 descriptor??
[  133.599388][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  133.599472][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  133.635799][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  133.743822][  T804] RobotFuzz Open Source InterFace, OSIF 4-1:0.0: version d4.15 found at bus 004 address 002
[  134.267175][ T6139] i2c i2c-1: failure reading data
[  134.281557][ T5921] usb 4-1: USB disconnect, device number 2
[  134.946108][ T6179] overlayfs: overlapping lowerdir path
[  138.858752][ T6200] Bluetooth: MGMT ver 1.23
[  138.858810][ T6200] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  145.268394][ T1235] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  146.043016][ T1235] usb 4-1: Using ep0 maxpacket: 8
[  146.045972][ T1235] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  146.046025][ T1235] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  146.046038][ T1235] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  146.046051][ T1235] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  146.046063][ T1235] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  146.046087][ T1235] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  146.046099][ T1235] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.327945][ T1235] usb 4-1: usb_control_msg returned -32
[  146.327996][ T1235] usbtmc 4-1:16.0: can't read capabilities
[  146.351304][ T6226] netlink: 'syz.1.87': attribute type 12 has an invalid length.
[  148.867993][ T6257] usbtmc 4-1:16.0: usb_control_msg returned -32
[  150.244622][ T6197] usb 4-1: USB disconnect, device number 3
[  153.591624][ T6289] loop7: detected capacity change from 0 to 7
[  153.974273][ T6289] Dev loop7: unable to read RDB block 7
[  153.974331][ T6289]  loop7: unable to read partition table
[  153.974548][ T6289] loop7: partition table beyond EOD, truncated
[  154.006365][ T6289] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  163.060660][ T6345] =======================================================
[  163.060660][ T6345] WARNING: The mand mount option has been deprecated and
[  163.060660][ T6345]          and is ignored by this kernel. Remove the mand
[  163.060660][ T6345]          option from the mount to silence this warning.
[  163.060660][ T6345] =======================================================
[  163.087435][ T6345] option changes via remount are deprecated (pid=6341 comm=syz.2.116)
[  163.087480][ T6345] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  170.543631][ T6396] mmap: syz.4.133 (6396) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  186.483106][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  186.642983][    T9] usb 1-1: Using ep0 maxpacket: 8
[  186.644633][    T9] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  186.644690][    T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  186.644711][    T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  186.644724][    T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  186.644736][    T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  186.644759][    T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  186.644771][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.124292][    T9] usb 1-1: usb_control_msg returned -32
[  188.124341][    T9] usbtmc 1-1:16.0: can't read capabilities
[  188.503200][ T6491] usbtmc 1-1:16.0: usb_control_msg returned -32
[  188.527672][ T5973] usb 1-1: USB disconnect, device number 2
[  189.676380][ T6507] fuse: Bad value for 'fd'
[  193.650869][ T6524] evm: overlay not supported
[  194.649756][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  194.649824][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  195.409548][ T5973] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  195.768559][ T5973] usb 4-1: Using ep0 maxpacket: 8
[  195.770427][ T5973] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  195.770482][ T5973] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  195.770502][ T5973] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  195.770516][ T5973] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  195.770529][ T5973] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  195.770552][ T5973] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  195.770564][ T5973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.112619][ T5973] usb 4-1: usb_control_msg returned -32
[  196.112667][ T5973] usbtmc 4-1:16.0: can't read capabilities
[  196.539976][ T6545] usbtmc 4-1:16.0: usb_control_msg returned -32
[  196.577157][    T9] usb 4-1: USB disconnect, device number 4
[  206.589024][ T6599] Bluetooth: hci3: command 0x0406 tx timeout
[  206.589062][ T6599] Bluetooth: hci0: command 0x0406 tx timeout
[  206.589086][ T6599] Bluetooth: hci1: command 0x0406 tx timeout
[  206.589108][ T6599] Bluetooth: hci2: command 0x0406 tx timeout
[  206.589131][ T6599] Bluetooth: hci4: command 0x0406 tx timeout
[  209.780557][ T6650] option changes via remount are deprecated (pid=6643 comm=syz.2.204)
[  209.780577][ T6650] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  209.843238][ T6653] Device name cannot be null; rc = [-22]
[  217.013820][ T5905] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  217.163167][ T5905] usb 3-1: Using ep0 maxpacket: 8
[  217.166498][ T5905] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  217.166846][ T5905] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  217.166870][ T5905] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  217.166893][ T5905] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  217.166916][ T5905] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  217.166952][ T5905] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  217.166965][ T5905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.403040][ T5905] usb 3-1: usb_control_msg returned -32
[  217.403089][ T5905] usbtmc 3-1:16.0: can't read capabilities
[  220.017051][ T6197] usb 3-1: USB disconnect, device number 2
[  220.051136][ T6711] binder: BINDER_SET_CONTEXT_MGR already set
[  220.051152][ T6711] binder: 6710:6711 ioctl 4018620d 200000000040 returned -16
[  220.402965][ T6115] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  220.597478][ T6115] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  220.597507][ T6115] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  220.597526][ T6115] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  220.597576][ T6115] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.600617][ T6115] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  220.600644][ T6115] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  220.600664][ T6115] usb 4-1: Product: syz
[  220.600678][ T6115] usb 4-1: Manufacturer: syz
[  220.685124][ T6115] cdc_wdm 4-1:1.0: skipping garbage
[  220.685143][ T6115] cdc_wdm 4-1:1.0: skipping garbage
[  220.704868][ T6115] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  220.704888][ T6115] cdc_wdm 4-1:1.0: Unknown control protocol
[  220.891503][ T6115] usb 4-1: USB disconnect, device number 5
[  220.898123][ T6723] option changes via remount are deprecated (pid=6719 comm=syz.4.226)
[  220.898142][ T6723] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  222.182932][ T6115] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  222.363549][ T6115] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  222.363579][ T6115] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  222.363599][ T6115] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  222.363673][ T6115] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.373918][ T6115] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  222.373948][ T6115] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  222.373968][ T6115] usb 4-1: Product: syz
[  222.373983][ T6115] usb 4-1: Manufacturer: syz
[  222.460373][ T6115] cdc_wdm 4-1:1.0: skipping garbage
[  222.460392][ T6115] cdc_wdm 4-1:1.0: skipping garbage
[  222.479970][ T6115] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  222.479991][ T6115] cdc_wdm 4-1:1.0: Unknown control protocol
[  222.743921][ T6750] binder_alloc: 6749: binder_alloc_buf, no vma
[  225.286829][ T5903] usb 4-1: USB disconnect, device number 6
[  226.698526][ T6780] binder_alloc: 6777: binder_alloc_buf, no vma
[  234.294532][ T6748] syz.1.234 (6748): drop_caches: 1
[  235.468462][ T6906] usb usb8: usbfs: process 6906 (syz.0.298) did not claim interface 0 before use
[  240.246761][ T6941] option changes via remount are deprecated (pid=6940 comm=syz.4.312)
[  240.246780][ T6941] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  241.914402][ T6966] usb usb8: usbfs: process 6966 (syz.0.321) did not claim interface 0 before use
[  248.446048][ T7033] usb usb8: usbfs: process 7033 (syz.4.345) did not claim interface 0 before use
[  249.775250][ T7063] binder: BINDER_SET_CONTEXT_MGR already set
[  249.775264][ T7063] binder: 7062:7063 ioctl 4018620d 200000000040 returned -16
[  251.878652][ T7080] usb usb8: usbfs: process 7080 (syz.0.363) did not claim interface 0 before use
[  253.793068][ T7100] binder: BINDER_SET_CONTEXT_MGR already set
[  253.793082][ T7100] binder: 7098:7100 ioctl 4018620d 200000000040 returned -16
[  255.701515][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  255.701583][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  257.557870][ T7135] faux_driver vgem: [drm] Unknown color mode 13; guessing buffer size.
[  268.338478][ T7220] option changes via remount are deprecated (pid=7215 comm=syz.4.420)
[  268.338498][ T7220] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  274.144901][ T7306] option changes via remount are deprecated (pid=7304 comm=syz.0.449)
[  274.144914][ T7306] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  278.242973][ T7334] syz.2.462 (7334): drop_caches: 2
[  280.356404][ T7353] overlayfs: failed to resolve './file1': -2
[  301.024940][ T5973] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  301.173093][ T5973] usb 1-1: Using ep0 maxpacket: 8
[  301.174839][ T5973] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  301.174873][ T5973] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  301.174886][ T5973] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  301.174899][ T5973] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  301.174914][ T5973] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  301.174937][ T5973] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  301.174953][ T5973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.703540][ T5973] usb 1-1: usb_control_msg returned -32
[  301.703589][ T5973] usbtmc 1-1:16.0: can't read capabilities
[  302.609912][ T7641] overlayfs: failed to resolve './file0': -2
[  305.373748][ T7670] option changes via remount are deprecated (pid=7666 comm=syz.2.584)
[  305.373791][ T7670] cgroup: option or name mismatch, new: 0x0 "pim6reg0", old: 0x0 ""
[  307.402869][ T7636] usbtmc 1-1:16.0: usb_control_msg returned -110
[  307.485224][ T5973] usb 1-1: USB disconnect, device number 3
[  311.163616][ T7737] futex_wake_op: syz.2.610 tries to shift op by -1; fix this program
[  312.003361][ T5973] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  313.444060][ T5973] usb 2-1: Using ep0 maxpacket: 8
[  313.462566][ T5973] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  313.462621][ T5973] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  313.462642][ T5973] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  313.462664][ T5973] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  313.462687][ T5973] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  313.462728][ T5973] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  313.462750][ T5973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.522982][ T5973] usb 2-1: usb_control_msg returned -32
[  314.523032][ T5973] usbtmc 2-1:16.0: can't read capabilities
[  316.772916][ T5921] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  316.903019][ T5921] usb 5-1: device descriptor read/64, error -71
[  317.140335][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  317.140423][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  317.182945][ T5921] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  317.312933][ T5921] usb 5-1: device descriptor read/64, error -71
[  317.434739][ T5921] usb usb5-port1: attempt power cycle
[  318.558965][ T7814] usb usb8: usbfs: process 7814 (syz.4.639) did not claim interface 0 before use
[  322.473492][ T7853] overlayfs: overlapping lowerdir path
[  322.942102][ T7795] usbtmc 2-1:16.0: usb_control_msg returned -110
[  323.183247][ T6214] usb 2-1: USB disconnect, device number 2
[  323.934508][ T6214] IPVS: starting estimator thread 0...
[  324.044017][ T7877] IPVS: using max 8 ests per chain, 19200 per kthread
[  325.893200][   T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  326.022986][   T10] usb 2-1: device descriptor read/64, error -71
[  326.598520][ T7922] overlayfs: failed to resolve './file0': -2
[  327.492945][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  327.623104][   T10] usb 2-1: device descriptor read/64, error -71
[  327.740698][   T10] usb usb2-port1: attempt power cycle
[  328.103196][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  328.975663][   T10] usb 2-1: device descriptor read/8, error -71
[  330.294965][ T7956] overlayfs: failed to resolve './file0': -2
[  340.806201][ T8043] kvm: kvm [8040]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xffeb0000cf00
[  340.806628][ T8043] kvm: kvm [8040]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xfff6000066e6
[  342.099582][ T8060] futex_wake_op: syz.4.726 tries to shift op by -1; fix this program
[  348.353892][ T8114] futex_wake_op: syz.4.744 tries to shift op by -1; fix this program
[  353.803476][ T8153] futex_wake_op: syz.2.758 tries to shift op by -1; fix this program
[  357.085659][ T8192] futex_wake_op: syz.4.770 tries to shift op by -1; fix this program
[  359.309976][ T8223] kvm: kvm [8214]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x1000200
[  359.310032][ T8223] kvm: kvm [8214]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  359.635962][ T8237] fuse: Invalid rootmode
[  366.496225][ T8316] kvm: kvm [8314]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x1000200
[  366.496278][ T8316] kvm: kvm [8314]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  372.001464][ T8369] usb usb8: usbfs: process 8369 (syz.4.836) did not claim interface 0 before use
[  373.344114][ T8384] netlink: 24 bytes leftover after parsing attributes in process `syz.2.841'.
[  378.691506][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  378.691576][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  381.316095][ T8448] binder: 8447:8448 ioctl 4018620d 0 returned -22
[  384.953108][ T8469] usb usb8: usbfs: process 8469 (syz.4.872) did not claim interface 0 before use
[  389.332014][ T8504] futex_wake_op: syz.1.870 tries to shift op by -1; fix this program
[  389.617155][ T6466] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  389.746294][ T6466] usb 3-1: device descriptor read/64, error -71
[  391.893971][ T6466] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  392.017175][ T8519] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  395.395428][   T37] kauditd_printk_skb: 10 callbacks suppressed
[  395.395447][   T37] audit: type=1326 audit(1768702945.162:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8565 comm="syz.1.889" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  398.142311][ T8592] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  401.275571][ T8614] usb usb8: usbfs: process 8614 (syz.0.885) did not claim interface 0 before use
[  404.283650][   T37] audit: type=1326 audit(1768702954.052:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8633 comm="syz.1.919" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  407.893563][ T8657] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  408.335742][   T31] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  409.143883][   T31] usb 2-1: Using ep0 maxpacket: 8
[  409.148151][   T31] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  409.148168][   T31] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  409.148198][   T31] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  409.148231][   T31] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  409.148243][   T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.220859][   T31] usbtmc 2-1:16.0: bulk endpoints not found
[  410.045432][ T8676] usb usb8: usbfs: process 8676 (syz.2.945) did not claim interface 0 before use
[  411.885116][ T8697] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  413.247227][ T6099] usb 2-1: USB disconnect, device number 7
[  413.445228][   T37] audit: type=1326 audit(1768702963.212:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8718 comm="syz.2.947" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  414.569967][   T37] audit: type=1326 audit(1768702964.332:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8714 comm="syz.1.959" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  425.082953][ T6115] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  425.233044][ T6115] usb 2-1: Using ep0 maxpacket: 8
[  425.311451][ T6115] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  425.311906][ T6115] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  425.312005][ T6115] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  425.312140][ T6115] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  425.312208][ T6115] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.871535][ T6115] usbtmc 2-1:16.0: bulk endpoints not found
[  429.535646][ T5941] usb 2-1: USB disconnect, device number 8
[  430.078515][ T8846] kvm: kvm [8839]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xfff200000000
[  435.444247][ T8893] fuse: Bad value for 'fd'
[  440.096374][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  440.096469][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  443.548710][   T37] audit: type=1326 audit(1768702993.312:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8956 comm="syz.2.1027" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  444.524432][ T8969] fuse: Unknown parameter '0x0000000000000004'
[  448.177756][   T31] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  449.083277][   T31] usb 1-1: Using ep0 maxpacket: 8
[  449.085678][   T31] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  449.085705][   T31] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  449.085757][   T31] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  449.085779][   T31] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  449.085804][   T31] usb 1-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  449.085845][   T31] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  449.085868][   T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.096472][   T31] usbtmc 1-1:16.0: bulk endpoints not found
[  453.033538][ T5940] usb 1-1: USB disconnect, device number 4
[  455.414205][ T9072] capability: warning: `syz.1.1082' uses 32-bit capabilities (legacy support in use)
[  455.421038][ T9072] program syz.1.1082 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  455.770323][ T6092] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  456.454582][ T9079] syz.0.1083 (9079): drop_caches: 2
[  457.387034][ T6092] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  459.360587][ T9094] fido_id[9094]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  462.119316][   T37] audit: type=1326 audit(1768703011.882:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9141 comm="syz.1.1110" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  468.007192][ T9185] syz.1.1122 (9185): drop_caches: 2
[  478.013590][ T9282] usb usb8: usbfs: process 9282 (syz.2.1160) did not claim interface 0 before use
[  484.805150][ T9374] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  484.908697][ T9377] sctp: [Deprecated]: syz.2.1202 (pid 9377) Use of int in maxseg socket option.
[  484.908697][ T9377] Use struct sctp_assoc_value instead
[  490.741127][ T9419] usb usb8: usbfs: process 9419 (syz.1.1216) did not claim interface 0 before use
[  496.927584][ T9471] sctp: [Deprecated]: syz.4.1241 (pid 9471) Use of int in maxseg socket option.
[  496.927584][ T9471] Use struct sctp_assoc_value instead
[  498.981245][ T5798] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  498.998072][ T5798] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  499.021073][ T5798] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  499.022529][ T5798] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  499.039472][ T5798] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  501.645726][ T5798] Bluetooth: hci5: command tx timeout
[  501.647181][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  501.647246][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  502.997548][ T6084] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.702927][ T5798] Bluetooth: hci5: command tx timeout
[  504.190616][ T6084] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.732848][ T6099] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  505.787287][ T5798] Bluetooth: hci5: command tx timeout
[  506.002999][ T6099] usb 1-1: Using ep0 maxpacket: 8
[  506.008509][ T6099] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  506.008568][ T6099] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  506.008590][ T6099] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  506.008614][ T6099] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  506.008638][ T6099] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  506.008680][ T6099] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  506.008703][ T6099] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.965459][ T6084] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.163568][ T6099] usb 1-1: usb_control_msg returned -71
[  507.163616][ T6099] usbtmc 1-1:16.0: can't read capabilities
[  507.215174][ T6099] usb 1-1: USB disconnect, device number 5
[  507.346318][   T37] audit: type=1326 audit(1768703057.112:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9527 comm="syz.1.1249" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  507.641477][ T6084] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.853038][ T5798] Bluetooth: hci5: command tx timeout
[  508.279022][ T9479] chnl_net:caif_netlink_parms(): no params data found
[  510.235081][ T6084] bridge_slave_1: left allmulticast mode
[  510.235215][ T6084] bridge_slave_1: left promiscuous mode
[  510.240853][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.831752][ T6084] bridge_slave_0: left allmulticast mode
[  511.831778][ T6084] bridge_slave_0: left promiscuous mode
[  511.832024][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.102847][ T6466] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  512.274792][ T6466] usb 1-1: Using ep0 maxpacket: 8
[  512.311472][ T6466] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  512.311531][ T6466] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  512.311552][ T6466] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  512.311565][ T6466] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  512.311578][ T6466] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  512.311601][ T6466] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  512.311616][ T6466] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.536962][   T37] audit: type=1326 audit(1768703062.302:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9567 comm="syz.2.1265" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  512.686123][ T6466] usb 1-1: usb_control_msg returned -32
[  512.686169][ T6466] usbtmc 1-1:16.0: can't read capabilities
[  514.407057][ T9583] sctp: [Deprecated]: syz.1.1268 (pid 9583) Use of int in maxseg socket option.
[  514.407057][ T9583] Use struct sctp_assoc_value instead
[  514.593446][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  514.655997][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  514.696089][ T6084] bond0 (unregistering): Released all slaves
[  514.965165][ T9089] usb 1-1: USB disconnect, device number 6
[  515.561033][ T9479] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.572892][ T9479] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.573096][ T9479] bridge_slave_0: entered allmulticast mode
[  515.608328][ T9479] bridge_slave_0: entered promiscuous mode
[  515.678970][ T9479] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.680130][ T9479] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.681044][ T9479] bridge_slave_1: entered allmulticast mode
[  515.737656][ T9479] bridge_slave_1: entered promiscuous mode
[  518.121681][   T37] audit: type=1326 audit(1768703067.882:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.1.1276" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  519.408349][ T9615] sctp: [Deprecated]: syz.0.1278 (pid 9615) Use of int in maxseg socket option.
[  519.408349][ T9615] Use struct sctp_assoc_value instead
[  523.028354][ T9479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  523.054948][ T9479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  523.060149][   T37] audit: type=1326 audit(1768703072.812:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9644 comm="syz.2.1290" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  525.010011][ T9658] sctp: [Deprecated]: syz.0.1291 (pid 9658) Use of int in maxseg socket option.
[  525.010011][ T9658] Use struct sctp_assoc_value instead
[  525.915943][ T9479] team0: Port device team_slave_0 added
[  525.977676][ T9479] team0: Port device team_slave_1 added
[  526.326140][ T6084] hsr_slave_0: left promiscuous mode
[  526.472817][ T6084] hsr_slave_1: left promiscuous mode
[  526.489580][ T6084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  526.489702][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  526.540351][ T6084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  526.540376][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  526.851593][ T6084] veth1_macvtap: left promiscuous mode
[  526.851845][ T6084] veth0_macvtap: left promiscuous mode
[  526.867847][ T6084] veth1_vlan: left promiscuous mode
[  526.868223][ T6084] veth0_vlan: left promiscuous mode
[  531.795739][   T37] audit: type=1326 audit(1768703081.562:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9711 comm="syz.2.1302" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  539.765510][   T37] audit: type=1326 audit(1768703089.532:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9754 comm="syz.0.1315" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d6fd7f749 code=0x0
[  547.494195][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  549.706865][ T9811] ntfs3(nullb0): Primary boot signature is not NTFS.
[  549.707070][ T9811] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  549.726293][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  550.154117][ T1235] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  550.312248][ T1235] usb 2-1: Using ep0 maxpacket: 8
[  550.314234][ T1235] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  550.314288][ T1235] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  550.314311][ T1235] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  550.314335][ T1235] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  550.314359][ T1235] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  550.314401][ T1235] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  550.314424][ T1235] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.373768][   T37] audit: type=1326 audit(1768703100.142:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9816 comm="syz.4.1327" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe23724f749 code=0x0
[  550.532531][ T1235] usb 2-1: usb_control_msg returned -32
[  550.532642][ T1235] usbtmc 2-1:16.0: can't read capabilities
[  551.404481][ T9823] usbtmc 2-1:16.0: usb_control_msg returned -32
[  553.074428][ T5905] usb 2-1: USB disconnect, device number 9
[  553.100435][ T9836] syz.0.1330 uses obsolete (PF_INET,SOCK_PACKET)
[  558.751540][ T6597] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  558.764410][ T6597] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  558.765904][ T6597] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  558.785568][ T6597] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  558.786369][ T6597] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  560.813003][ T6597] Bluetooth: hci0: command tx timeout
[  562.364330][ T5973] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  562.957889][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  562.957945][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  562.958272][ T6597] Bluetooth: hci0: command tx timeout
[  563.242761][ T5973] usb 2-1: Using ep0 maxpacket: 8
[  563.244642][ T5973] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  563.244697][ T5973] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  563.244719][ T5973] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  563.244742][ T5973] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  563.244766][ T5973] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  563.244807][ T5973] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  563.244829][ T5973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.002819][ T5973] usb 2-1: usb_control_msg returned -32
[  564.002849][ T5973] usbtmc 2-1:16.0: can't read capabilities
[  565.099198][ T6115] usb 2-1: USB disconnect, device number 10
[  565.300581][ T6597] Bluetooth: hci0: command tx timeout
[  568.925359][ T5798] Bluetooth: hci0: command tx timeout
[  569.605711][ T5798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  569.627891][ T5798] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  569.634275][ T5798] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  569.658117][ T5798] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  569.676416][ T5798] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  572.260990][ T5798] Bluetooth: hci6: command tx timeout
[  574.334662][ T5798] Bluetooth: hci6: command tx timeout
[  574.792792][ T6115] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  574.954363][ T6115] usb 5-1: Using ep0 maxpacket: 8
[  574.958101][ T6115] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  574.958156][ T6115] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  574.958170][ T6115] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  574.958183][ T6115] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  574.958195][ T6115] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  574.958217][ T6115] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  574.958229][ T6115] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.178507][ T6115] usb 5-1: usb_control_msg returned -32
[  575.178554][ T6115] usbtmc 5-1:16.0: can't read capabilities
[  576.412758][ T5798] Bluetooth: hci6: command tx timeout
[  576.413562][ T9981] usbtmc 5-1:16.0: usb_control_msg returned -32
[  576.565377][ T5973] usb 5-1: USB disconnect, device number 7
[  576.573226][ T9865] chnl_net:caif_netlink_parms(): no params data found
[  577.517494][ T9923] chnl_net:caif_netlink_parms(): no params data found
[  578.557143][ T5798] Bluetooth: hci6: command tx timeout
[  578.805826][ T6084] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.245220][ T6084] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.881092][ T6084] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.313876][ T9865] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.314613][ T9865] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.314812][ T9865] bridge_slave_0: entered allmulticast mode
[  583.321444][ T9865] bridge_slave_0: entered promiscuous mode
[  583.545624][ T6084] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.613382][ T9923] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.615206][ T9923] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.615428][ T9923] bridge_slave_0: entered allmulticast mode
[  583.619224][ T9923] bridge_slave_0: entered promiscuous mode
[  583.660322][ T9865] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.660445][ T9865] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.660615][ T9865] bridge_slave_1: entered allmulticast mode
[  583.694257][ T9865] bridge_slave_1: entered promiscuous mode
[  583.696323][ T9923] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.696443][ T9923] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.696611][ T9923] bridge_slave_1: entered allmulticast mode
[  583.699036][ T9923] bridge_slave_1: entered promiscuous mode
[  585.071824][ T9923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  585.113590][ T9865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  585.117055][ T9923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  586.367798][ T9865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  588.337580][ T9923] team0: Port device team_slave_0 added
[  588.433997][ T9865] team0: Port device team_slave_0 added
[  588.436644][ T9923] team0: Port device team_slave_1 added
[  588.555741][ T9865] team0: Port device team_slave_1 added
[  589.094602][ T9923] batman_adv: batadv0: Adding interface: batadv_slave_0
[  589.094619][ T9923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  589.094644][ T9923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  589.416010][ T9923] batman_adv: batadv0: Adding interface: batadv_slave_1
[  589.416026][ T9923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  589.416051][ T9923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  589.475922][ T9865] batman_adv: batadv0: Adding interface: batadv_slave_0
[  589.475945][ T9865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  589.475970][ T9865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  589.533685][ T9865] batman_adv: batadv0: Adding interface: batadv_slave_1
[  589.533700][ T9865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  589.533724][ T9865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  591.309946][ T6084] bridge_slave_1: left allmulticast mode
[  591.309973][ T6084] bridge_slave_1: left promiscuous mode
[  591.310208][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.383674][ T6084] bridge_slave_0: left allmulticast mode
[  591.383692][ T6084] bridge_slave_0: left promiscuous mode
[  591.383844][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.476009][ T6084] bridge_slave_1: left allmulticast mode
[  591.476027][ T6084] bridge_slave_1: left promiscuous mode
[  591.476187][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.534743][ T6084] bridge_slave_0: left allmulticast mode
[  591.534768][ T6084] bridge_slave_0: left promiscuous mode
[  591.534988][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  595.116371][   T37] audit: type=1326 audit(1768703144.882:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10102 comm="syz.1.1391" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  600.442917][ T7508] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  600.605142][ T7508] usb 3-1: Using ep0 maxpacket: 8
[  600.607388][ T7508] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  600.607446][ T7508] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  600.607470][ T7508] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  600.607494][ T7508] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  600.607525][ T7508] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  600.607566][ T7508] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  600.607590][ T7508] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.862782][ T7508] usb 3-1: usb_control_msg returned -32
[  600.862827][ T7508] usbtmc 3-1:16.0: can't read capabilities
[  600.953643][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  601.056705][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  601.086308][ T6084] bond0 (unregistering): Released all slaves
[  601.216401][   T37] audit: type=1326 audit(1768703150.982:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10143 comm="syz.1.1400" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  601.313485][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  601.627453][T10153] usbtmc 3-1:16.0: usb_control_msg returned -32
[  601.786760][ T5921] usb 3-1: USB disconnect, device number 5
[  602.183438][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  602.266030][ T6084] bond0 (unregistering): Released all slaves
[  602.966593][T10165] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1406'.
[  605.267409][ T9923] hsr_slave_0: entered promiscuous mode
[  605.268216][ T9923] hsr_slave_1: entered promiscuous mode
[  605.269128][T10165] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1406'.
[  605.394461][   T37] audit: type=1326 audit(1768703155.162:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10173 comm="syz.1.1410" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  606.306320][ T9865] hsr_slave_0: entered promiscuous mode
[  606.309806][ T9865] hsr_slave_1: entered promiscuous mode
[  606.310749][ T9865] debugfs: 'hsr0' already exists in 'hsr'
[  606.310771][ T9865] Cannot create hsr debugfs directory
[  607.892770][ T5921] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  608.102842][ T5921] usb 5-1: Using ep0 maxpacket: 8
[  608.104886][ T5921] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  608.104944][ T5921] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  608.104967][ T5921] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  608.104992][ T5921] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  608.105022][ T5921] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  608.105064][ T5921] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  608.105087][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.081618][ T5921] usb 5-1: usb_control_msg returned -32
[  609.081666][ T5921] usbtmc 5-1:16.0: can't read capabilities
[  611.585170][ T6099] usb 5-1: USB disconnect, device number 8
[  612.312122][ T6084] hsr_slave_0: left promiscuous mode
[  612.526560][ T6084] hsr_slave_1: left promiscuous mode
[  612.527320][ T6084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  612.527336][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  612.599604][ T6084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  612.599631][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  612.772790][ T6084] veth1_macvtap: left promiscuous mode
[  612.782950][ T6084] veth0_macvtap: left promiscuous mode
[  612.783196][ T6084] veth1_vlan: left promiscuous mode
[  612.783366][ T6084] veth0_vlan: left promiscuous mode
[  613.058101][   T37] audit: type=1326 audit(1768703162.822:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10246 comm="syz.2.1419" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  615.586210][ T7508] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  615.742738][ T7508] usb 2-1: Using ep0 maxpacket: 8
[  615.746120][ T7508] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  615.746177][ T7508] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  615.746201][ T7508] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.751025][ T7508] usb 2-1: config 0 descriptor??
[  615.772174][   T37] audit: type=1326 audit(1768703165.532:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10273 comm="syz.2.1433" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  615.986572][ T7508] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  618.425169][ T1235] usb 2-1: USB disconnect, device number 11
[  619.493526][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  619.525373][T10304] syz.4.1441 (10304) used greatest stack depth: 17800 bytes left
[  619.710781][ T6597] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  619.812587][ T6597] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  619.818906][ T6597] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  619.820898][ T6597] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  619.822506][ T6597] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  620.839231][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  620.870708][   T37] audit: type=1326 audit(1768703170.632:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10320 comm="syz.2.1445" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  622.012871][ T6597] Bluetooth: hci2: command tx timeout
[  622.852964][ T6092] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  623.022912][ T6092] usb 5-1: Using ep0 maxpacket: 8
[  623.039843][ T6092] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  623.039893][ T6092] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  623.039918][ T6092] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.119346][ T6092] usb 5-1: config 0 descriptor??
[  623.764992][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  623.953577][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  624.092727][ T6597] Bluetooth: hci2: command tx timeout
[  624.380485][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  624.380556][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  625.980143][ T6092] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  626.082577][ T6092] usb 5-1: USB disconnect, device number 9
[  626.172758][ T6597] Bluetooth: hci2: command tx timeout
[  627.307185][   T37] audit: type=1326 audit(1768703177.072:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10368 comm="syz.4.1459" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe23724f749 code=0x0
[  627.482893][ T9923] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  628.432818][ T6597] Bluetooth: hci2: command tx timeout
[  628.450917][ T9923] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  628.556071][ T9923] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  629.364253][ T9923] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  631.616626][ T5798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  631.619585][ T5798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  631.621220][ T5798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  631.622535][ T5798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  631.660703][ T5798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  633.351096][T10308] chnl_net:caif_netlink_parms(): no params data found
[  633.564048][T10434] fuse: Bad value for 'fd'
[  633.794016][ T5798] Bluetooth: hci0: command tx timeout
[  633.869835][   T37] audit: type=1326 audit(1768703183.632:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10444 comm="syz.4.1473" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe23724f749 code=0x0
[  636.084543][ T6597] Bluetooth: hci0: command tx timeout
[  636.494399][ T6084] bridge_slave_1: left allmulticast mode
[  636.494425][ T6084] bridge_slave_1: left promiscuous mode
[  636.495268][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.426516][T10470] vivid-002: =================  START STATUS  =================
[  637.426621][T10470] vivid-002: Radio HW Seek Mode: Bounded
[  637.426648][T10470] vivid-002: Radio Programmable HW Seek: false
[  637.426659][T10470] vivid-002: RDS Rx I/O Mode: Block I/O
[  637.426668][T10470] vivid-002: Generate RBDS Instead of RDS: false
[  637.426678][T10470] vivid-002: RDS Reception: true
[  637.426695][T10470] vivid-002: RDS Program Type: 0 inactive
[  637.426708][T10470] vivid-002: RDS PS Name:  inactive
[  637.426719][T10470] vivid-002: RDS Radio Text:  inactive
[  637.426731][T10470] vivid-002: RDS Traffic Announcement: false inactive
[  637.426743][T10470] vivid-002: RDS Traffic Program: false inactive
[  637.426754][T10470] vivid-002: RDS Music: false inactive
[  637.426766][T10470] vivid-002: ==================  END STATUS  ==================
[  637.524302][ T6084] bridge_slave_0: left allmulticast mode
[  637.524330][ T6084] bridge_slave_0: left promiscuous mode
[  637.526763][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.697747][ T5798] Bluetooth: hci0: command tx timeout
[  639.094893][T10485] ntfs3(nullb0): Primary boot signature is not NTFS.
[  639.098081][T10485] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  639.966144][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  640.083231][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  640.188563][ T6084] bond0 (unregistering): Released all slaves
[  640.993813][ T5798] Bluetooth: hci0: command tx timeout
[  641.241016][T10308] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.242951][T10308] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.243195][T10308] bridge_slave_0: entered allmulticast mode
[  641.245770][T10308] bridge_slave_0: entered promiscuous mode
[  641.318590][   T37] audit: type=1326 audit(1768703191.082:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10500 comm="syz.1.1484" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  641.423047][ T6084] hsr_slave_0: left promiscuous mode
[  641.472784][ T6084] hsr_slave_1: left promiscuous mode
[  641.473754][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  641.934095][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.908051][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  644.016091][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  644.198143][T10528] kvm: kvm [10527]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbe
[  644.918757][T10308] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.918991][T10308] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.919328][T10308] bridge_slave_1: entered allmulticast mode
[  644.922000][T10308] bridge_slave_1: entered promiscuous mode
[  645.154301][   T37] audit: type=1326 audit(1768703194.912:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10538 comm="syz.4.1494" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe23724f749 code=0x0
[  645.237785][T10308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  645.381883][T10308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  646.925465][T10414] chnl_net:caif_netlink_parms(): no params data found
[  646.992070][T10308] team0: Port device team_slave_0 added
[  647.038313][T10308] team0: Port device team_slave_1 added
[  648.566563][T10572] overlayfs: overlapping lowerdir path
[  651.064778][T10308] batman_adv: batadv0: Adding interface: batadv_slave_0
[  651.064797][T10308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  651.064821][T10308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  651.079075][   T37] audit: type=1326 audit(1768703200.842:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10579 comm="syz.2.1505" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  651.166158][T10308] batman_adv: batadv0: Adding interface: batadv_slave_1
[  651.166175][T10308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  651.166198][T10308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  654.678503][T10414] bridge0: port 1(bridge_slave_0) entered blocking state
[  654.678727][T10414] bridge0: port 1(bridge_slave_0) entered disabled state
[  654.683320][T10414] bridge_slave_0: entered allmulticast mode
[  654.726545][T10414] bridge_slave_0: entered promiscuous mode
[  655.857418][T10414] bridge0: port 2(bridge_slave_1) entered blocking state
[  655.857545][T10414] bridge0: port 2(bridge_slave_1) entered disabled state
[  655.858057][T10414] bridge_slave_1: entered allmulticast mode
[  655.902860][T10414] bridge_slave_1: entered promiscuous mode
[  656.076103][T10308] hsr_slave_0: entered promiscuous mode
[  656.077505][T10308] hsr_slave_1: entered promiscuous mode
[  656.078474][T10308] debugfs: 'hsr0' already exists in 'hsr'
[  656.078497][T10308] Cannot create hsr debugfs directory
[  658.166111][T10414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  658.488922][T10414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  659.994774][T10414] team0: Port device team_slave_0 added
[  659.997872][   T37] audit: type=1326 audit(1768703209.762:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.2.1516" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  660.301192][T10638] overlayfs: overlapping lowerdir path
[  662.431134][T10414] team0: Port device team_slave_1 added
[  662.526803][T10645] Zero length message leads to an empty skb
[  666.938818][T10414] batman_adv: batadv0: Adding interface: batadv_slave_0
[  666.938837][T10414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  666.938862][T10414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  666.946920][T10414] batman_adv: batadv0: Adding interface: batadv_slave_1
[  666.946937][T10414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  666.946962][T10414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  669.293283][T10668] ntfs3(nullb0): Primary boot signature is not NTFS.
[  669.298950][T10668] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  670.126623][T10414] hsr_slave_0: entered promiscuous mode
[  670.145137][T10414] hsr_slave_1: entered promiscuous mode
[  670.146074][T10414] debugfs: 'hsr0' already exists in 'hsr'
[  670.146091][T10414] Cannot create hsr debugfs directory
[  670.404008][T10680] overlayfs: overlapping lowerdir path
[  675.483658][   T37] audit: type=1326 audit(1768703225.252:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10703 comm="syz.1.1526" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  675.663260][ T6099] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  675.822752][ T6099] usb 3-1: Using ep0 maxpacket: 8
[  675.828265][ T6099] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  675.828292][ T6099] usb 3-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  675.828310][ T6099] usb 3-1: config 179 has no interface number 0
[  675.828354][ T6099] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  675.828379][ T6099] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  675.828405][ T6099] usb 3-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  675.828432][ T6099] usb 3-1: config 179 interface 65 has no altsetting 0
[  675.828463][ T6099] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  675.828486][ T6099] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  676.163195][T10712] program syz.4.1531 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  676.188434][ T6084] bridge_slave_1: left allmulticast mode
[  676.188461][ T6084] bridge_slave_1: left promiscuous mode
[  676.188705][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  676.258669][ T6084] bridge_slave_0: left allmulticast mode
[  676.258765][ T6084] bridge_slave_0: left promiscuous mode
[  676.259040][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  676.668773][ T6530] usb 3-1: USB disconnect, device number 6
[  676.777092][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  676.878873][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  677.850491][ T6084] bond0 (unregistering): Released all slaves
[  679.262289][ T6597] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  679.268631][ T6597] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  679.323940][ T6597] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  679.340798][ T6597] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  679.342279][ T6597] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  680.182837][ T6084] hsr_slave_0: left promiscuous mode
[  680.216556][ T6084] hsr_slave_1: left promiscuous mode
[  680.217584][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  680.263993][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  680.844827][T10736] overlayfs: overlapping lowerdir path
[  681.397328][ T6597] Bluetooth: hci5: command tx timeout
[  683.906549][T10747] atomic_op ffff888029708a18 conn xmit_atomic 0000000000000000
[  684.008153][ T6597] Bluetooth: hci5: command tx timeout
[  684.626619][   T37] audit: type=1326 audit(1768703234.392:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10752 comm="syz.2.1540" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb30ff6f749 code=0x0
[  685.303558][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  685.503652][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  685.783997][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  685.787225][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  686.025214][ T6597] Bluetooth: hci5: command tx timeout
[  688.424084][ T5798] Bluetooth: hci5: command tx timeout
[  693.047599][   T37] audit: type=1326 audit(1768703242.812:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10783 comm="syz.1.1549" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feee2f2f749 code=0x0
[  693.231177][ T5798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  693.258509][ T5798] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  693.302991][ T5798] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  693.304347][ T5798] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  693.305938][ T5798] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  695.474832][ T6597] Bluetooth: hci6: command tx timeout
[  696.599538][T10811] overlayfs: overlapping lowerdir path
[  697.532766][ T6597] Bluetooth: hci6: command tx timeout
[  699.521597][ T6084] bridge_slave_1: left allmulticast mode
[  699.521627][ T6084] bridge_slave_1: left promiscuous mode
[  699.521790][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.694811][ T6597] Bluetooth: hci6: command tx timeout
[  699.836609][ T6084] bridge_slave_0: left allmulticast mode
[  699.836630][ T6084] bridge_slave_0: left promiscuous mode
[  699.836812][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.016338][ T6597] Bluetooth: hci6: command tx timeout
[  703.698981][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  703.834188][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  703.933115][ T6084] bond0 (unregistering): Released all slaves
[  704.067953][T10726] chnl_net:caif_netlink_parms(): no params data found
[  704.342169][T10861] overlayfs: overlapping lowerdir path
[  706.793669][T10879] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1559'.
[  706.863002][ T6084] hsr_slave_0: left promiscuous mode
[  706.884607][ T6084] hsr_slave_1: left promiscuous mode
[  706.885576][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  706.916181][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  708.643398][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  710.483356][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  714.839547][T10726] bridge0: port 1(bridge_slave_0) entered blocking state
[  714.843307][T10726] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.843558][T10726] bridge_slave_0: entered allmulticast mode
[  714.875510][T10726] bridge_slave_0: entered promiscuous mode
[  714.893609][T10786] chnl_net:caif_netlink_parms(): no params data found
[  714.923895][T10726] bridge0: port 2(bridge_slave_1) entered blocking state
[  714.924085][T10726] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.924332][T10726] bridge_slave_1: entered allmulticast mode
[  714.927110][T10726] bridge_slave_1: entered promiscuous mode
[  715.037910][ T8821] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  715.242835][ T8821] usb 5-1: Using ep0 maxpacket: 16
[  715.245795][ T8821] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  715.264668][ T8821] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  715.264701][ T8821] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.264721][ T8821] usb 5-1: Product: syz
[  715.264735][ T8821] usb 5-1: Manufacturer: syz
[  715.264749][ T8821] usb 5-1: SerialNumber: syz
[  715.295359][ T8821] usb 5-1: config 0 descriptor??
[  716.382389][ T6530] usb 5-1: USB disconnect, device number 10
[  716.708024][T10726] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.725207][T10941] process 'syz.4.1577' launched './file1' with NULL argv: empty string added
[  716.997141][T10726] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  717.620240][T10726] team0: Port device team_slave_0 added
[  717.645157][T10726] team0: Port device team_slave_1 added
[  720.315775][ T6084] bridge_slave_1: left allmulticast mode
[  720.315807][ T6084] bridge_slave_1: left promiscuous mode
[  720.316187][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.469808][ T6084] bridge_slave_0: left allmulticast mode
[  720.469837][ T6084] bridge_slave_0: left promiscuous mode
[  720.470024][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.716283][ T6084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  724.903604][ T6084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  725.004788][ T6084] bond0 (unregistering): Released all slaves
[  725.065864][T10786] bridge0: port 1(bridge_slave_0) entered blocking state
[  725.066001][T10786] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.066279][T10786] bridge_slave_0: entered allmulticast mode
[  725.069744][T10786] bridge_slave_0: entered promiscuous mode
[  725.124262][T10726] batman_adv: batadv0: Adding interface: batadv_slave_0
[  725.124278][T10726] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  725.124294][T10726] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  725.125027][T10786] bridge0: port 2(bridge_slave_1) entered blocking state
[  725.131979][T10786] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.132298][T10786] bridge_slave_1: entered allmulticast mode
[  725.154301][T10786] bridge_slave_1: entered promiscuous mode
[  725.167012][T10726] batman_adv: batadv0: Adding interface: batadv_slave_1
[  725.167029][T10726] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  725.167054][T10726] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  725.931222][ T6084] hsr_slave_0: left promiscuous mode
[  725.987390][ T6084] hsr_slave_1: left promiscuous mode
[  725.988453][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  726.060053][ T6084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  729.723909][ T6084] team0 (unregistering): Port device team_slave_1 removed
[  730.358552][T11010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1597'.
[  730.799922][ T6084] team0 (unregistering): Port device team_slave_0 removed
[  731.777265][T10786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  731.950277][T10786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  733.962081][T10726] hsr_slave_0: entered promiscuous mode
[  733.967455][T10726] hsr_slave_1: entered promiscuous mode
[  734.139422][T10786] team0: Port device team_slave_0 added
[  734.321220][T10786] team0: Port device team_slave_1 added
[  735.686665][T10786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  735.686689][T10786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  735.686714][T10786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  735.699534][T10786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  735.699552][T10786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  735.699583][T10786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  737.094176][T10786] hsr_slave_0: entered promiscuous mode
[  737.103280][T10786] hsr_slave_1: entered promiscuous mode
[  737.104552][T10786] debugfs: 'hsr0' already exists in 'hsr'
[  737.104583][T10786] Cannot create hsr debugfs directory
[  739.229332][T11074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1607'.
[  742.574147][ T5798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  742.611882][ T5798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  742.617273][ T5798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  742.621730][ T5798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  742.626623][ T5798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  744.874004][ T6597] Bluetooth: hci0: command tx timeout
[  745.510505][ T6288] bridge_slave_1: left allmulticast mode
[  745.510534][ T6288] bridge_slave_1: left promiscuous mode
[  745.510824][ T6288] bridge0: port 2(bridge_slave_1) entered disabled state
[  745.779798][ T6288] bridge_slave_0: left allmulticast mode
[  745.779828][ T6288] bridge_slave_0: left promiscuous mode
[  745.780084][ T6288] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.892870][ T6597] Bluetooth: hci0: command tx timeout
[  747.284979][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  747.285208][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  747.342890][ T6530] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  747.423746][ T6288] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  747.514703][ T6530] usb 5-1: config 0 has no interfaces?
[  747.514728][ T6530] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  747.514741][ T6530] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.518207][ T6530] usb 5-1: config 0 descriptor??
[  748.303417][T11141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1617'.
[  748.773756][ T6288] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  748.900782][ T6288] bond0 (unregistering): Released all slaves
[  748.991121][ T6597] Bluetooth: hci0: command tx timeout
[  749.358962][T10786] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  749.819954][T10786] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  750.747707][ T6288] hsr_slave_0: left promiscuous mode
[  750.836190][ T6288] hsr_slave_1: left promiscuous mode
[  750.837170][ T6288] batman_adv: batadv0: Removing interface: batadv_slave_0
[  750.873650][ T6288] batman_adv: batadv0: Removing interface: batadv_slave_1
[  751.062681][ T6597] Bluetooth: hci0: command tx timeout
[  751.702817][ T6115] usb 5-1: USB disconnect, device number 11
[  751.883221][ T6115] ==================================================================
[  751.883238][ T6115] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130
[  751.883277][ T6115] Read of size 8 at addr ffffc900058d2008 by task kworker/0:11/6115
[  751.883292][ T6115] 
[  751.883315][ T6115] CPU: 0 UID: 0 PID: 6115 Comm: kworker/0:11 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  751.883336][ T6115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  751.883348][ T6115] Workqueue: usb_hub_wq hub_event
[  751.883379][ T6115] Call Trace:
[  751.883389][ T6115]  <TASK>
[  751.883398][ T6115]  dump_stack_lvl+0xe8/0x150
[  751.883424][ T6115]  print_report+0xca/0x240
[  751.883444][ T6115]  ? __list_add_valid_or_report+0x4e/0x130
[  751.883465][ T6115]  kasan_report+0x118/0x150
[  751.883492][ T6115]  ? __list_add_valid_or_report+0x4e/0x130
[  751.883518][ T6115]  __list_add_valid_or_report+0x4e/0x130
[  751.883541][ T6115]  kcov_remote_stop+0x458/0x690
[  751.883563][ T6115]  hub_event+0x4982/0x4f30
[  751.883591][ T6115]  ? __lock_acquire+0x6b6/0x2cf0
[  751.883622][ T6115]  ? finish_task_switch+0x162/0x940
[  751.883653][ T6115]  ? __pfx_hub_event+0x10/0x10
[  751.883676][ T6115]  ? process_scheduled_works+0x9ef/0x1770
[  751.883699][ T6115]  ? process_scheduled_works+0x9ef/0x1770
[  751.883717][ T6115]  ? process_scheduled_works+0x9ef/0x1770
[  751.883737][ T6115]  process_scheduled_works+0xad1/0x1770
[  751.883769][ T6115]  ? __pfx_process_scheduled_works+0x10/0x10
[  751.883787][ T6115]  ? do_raw_spin_lock+0x121/0x290
[  751.883814][ T6115]  worker_thread+0x8a0/0xda0
[  751.883847][ T6115]  ? __kthread_parkme+0x7b/0x200
[  751.883872][ T6115]  kthread+0x711/0x8a0
[  751.883895][ T6115]  ? __pfx_worker_thread+0x10/0x10
[  751.883914][ T6115]  ? __pfx_kthread+0x10/0x10
[  751.883935][ T6115]  ? rt_spin_unlock+0x150/0x200
[  751.883962][ T6115]  ? rt_spin_unlock+0x161/0x200
[  751.883984][ T6115]  ? __pfx_kthread+0x10/0x10
[  751.884006][ T6115]  ret_from_fork+0x510/0xa50
[  751.884026][ T6115]  ? __pfx_ret_from_fork+0x10/0x10
[  751.884043][ T6115]  ? __switch_to+0xc9e/0x1480
[  751.884069][ T6115]  ? __pfx_kthread+0x10/0x10
[  751.884090][ T6115]  ret_from_fork_asm+0x1a/0x30
[  751.884121][ T6115]  </TASK>
[  751.884128][ T6115] 
[  751.884133][ T6115] The buggy address belongs to a vmalloc virtual mapping
[  751.884148][ T6115] Memory state around the buggy address:
[  751.884159][ T6115]  ffffc900058d1f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  751.884171][ T6115]  ffffc900058d1f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  751.884182][ T6115] >ffffc900058d2000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  751.884191][ T6115]                       ^
[  751.884200][ T6115]  ffffc900058d2080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  751.884212][ T6115]  ffffc900058d2100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  751.884220][ T6115] ==================================================================
[  751.884239][ T6115] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  751.884255][ T6115] CPU: 0 UID: 0 PID: 6115 Comm: kworker/0:11 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  751.884275][ T6115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  751.884286][ T6115] Workqueue: usb_hub_wq hub_event
[  751.884308][ T6115] Call Trace:
[  751.884315][ T6115]  <TASK>
[  751.884321][ T6115]  vpanic+0x1e0/0x670
[  751.884345][ T6115]  panic+0xb9/0xc0
[  751.884367][ T6115]  ? __pfx_panic+0x10/0x10
[  751.884391][ T6115]  ? __list_add_valid_or_report+0x4e/0x130
[  751.884416][ T6115]  ? __list_add_valid_or_report+0x4e/0x130
[  751.884437][ T6115]  check_panic_on_warn+0x89/0xb0
[  751.884462][ T6115]  ? __list_add_valid_or_report+0x4e/0x130
[  751.884484][ T6115]  end_report+0x6f/0x140
[  751.884508][ T6115]  kasan_report+0x129/0x150
[  751.884534][ T6115]  ? __list_add_valid_or_report+0x4e/0x130
[  751.884559][ T6115]  __list_add_valid_or_report+0x4e/0x130
[  751.884582][ T6115]  kcov_remote_stop+0x458/0x690
[  751.884604][ T6115]  hub_event+0x4982/0x4f30
[  751.884631][ T6115]  ? __lock_acquire+0x6b6/0x2cf0
[  751.884661][ T6115]  ? finish_task_switch+0x162/0x940
[  751.884691][ T6115]  ? __pfx_hub_event+0x10/0x10
[  751.884714][ T6115]  ? process_scheduled_works+0x9ef/0x1770
[  751.884737][ T6115]  ? process_scheduled_works+0x9ef/0x1770
[  751.884755][ T6115]  ? process_scheduled_works+0x9ef/0x1770
[  751.884775][ T6115]  process_scheduled_works+0xad1/0x1770
[  751.884807][ T6115]  ? __pfx_process_scheduled_works+0x10/0x10
[  751.884825][ T6115]  ? do_raw_spin_lock+0x121/0x290
[  751.884855][ T6115]  worker_thread+0x8a0/0xda0
[  751.884876][ T6115]  ? __kthread_parkme+0x7b/0x200
[  751.884897][ T6115]  kthread+0x711/0x8a0
[  751.884919][ T6115]  ? __pfx_worker_thread+0x10/0x10
[  751.884937][ T6115]  ? __pfx_kthread+0x10/0x10
[  751.884955][ T6115]  ? rt_spin_unlock+0x150/0x200
[  751.884979][ T6115]  ? rt_spin_unlock+0x161/0x200
[  751.885000][ T6115]  ? __pfx_kthread+0x10/0x10
[  751.885023][ T6115]  ret_from_fork+0x510/0xa50
[  751.885043][ T6115]  ? __pfx_ret_from_fork+0x10/0x10
[  751.885060][ T6115]  ? __switch_to+0xc9e/0x1480
[  751.885085][ T6115]  ? __pfx_kthread+0x10/0x10
[  751.885107][ T6115]  ret_from_fork_asm+0x1a/0x30
[  751.885139][ T6115]  </TASK>
[  751.886010][ T6115] Kernel Offset: disabled