last executing test programs:

11m54.568871806s ago: executing program 4 (id=7091):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0), 0x1, 0x553, &(0x7f0000000700)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
preadv2(r0, &(0x7f0000000040), 0x0, 0x1, 0x0, 0xb)

11m53.567450167s ago: executing program 4 (id=7095):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
recvmmsg(r0, &(0x7f0000004180)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001a80)=""/4096, 0x1000}], 0x1}, 0x5}], 0x1, 0x40010080, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0)

11m52.662733641s ago: executing program 4 (id=7096):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[], 0xf8}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_TABLE(r4, 0x29, 0xcf, &(0x7f00000003c0)=0xffffffff, 0x4)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r6], 0x50}}, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000001000008000500", @ANYRES32=r9], 0x50}}, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r10=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x74, r10, {}, {0x0, 0x1}, {0xb, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

11m51.333003181s ago: executing program 4 (id=7101):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x0, 0x0, &(0x7f0000000140))
mkdir(&(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x4)
rmdir(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x3, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000340)='\b', 0x1}], 0x1, 0x7, 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, 0xfffffffffffffffd, 0x58)

11m49.568468054s ago: executing program 4 (id=7109):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0xabe)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/pm_print_times', 0x169a82, 0x0)
sendfile(r2, r2, 0x0, 0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f0000000040)={0x12, 0x10, 0xfa00, {0xffffffffffffffff, r4, r3}}, 0x18)
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000202, 0x0, 0x0)
munlockall()
madvise(&(0x7f0000597000/0x1000)=nil, 0x1000, 0x13)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x42782, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x7c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @dev}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}]}]}]}, 0x7c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
close(r5)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x21)

11m47.61276754s ago: executing program 4 (id=7113):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)

11m44.440388385s ago: executing program 32 (id=7113):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)

11m15.200533971s ago: executing program 2 (id=7212):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0x0, r1, {0x7, 0x4, 0x6, 0x8}}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x3c, r0, 0x1, 0x0, 0x0, {0x54}, [{{@nsim={{0xe, 0x2}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0)

11m14.889624399s ago: executing program 2 (id=7214):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[], 0xf8}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002", @ANYRES32=r2], 0x50}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000001000008000500", @ANYRES32=r6], 0x50}}, 0x2)

11m13.367398921s ago: executing program 2 (id=7223):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0x8, &(0x7f0000000a80)=ANY=[@ANYRESOCT=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r4)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_KEY(r4, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x40004}, 0x40021)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)
fadvise64(0xffffffffffffffff, 0xfffffffffffffff8, 0x2000000000b09c, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
chdir(0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x0, &(0x7f000082a000/0x400000)=nil)

11m12.321624774s ago: executing program 2 (id=7225):
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x14, 0x3, 0x2, 0x5, 0x0, 0x0, {0x1, 0x0, 0x4}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40081}, 0x8d0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xa, 0x8000, 0x0, 0x9, 0x1, 0xfffffdffffffffff, 0xfa0f, 0xffffffff}, 0x0)
mremap(&(0x7f00007f1000/0x4000)=nil, 0x4000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b04000000000000000002000000000000002800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a30000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/mem_sleep', 0xa0502, 0x49)
io_setup(0x1, &(0x7f00000016c0))
clock_getres(0xeaffffff, 0x0)
r4 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="f7", 0x1}], 0x1}, 0x4000000)
syz_io_uring_submit(r5, r6, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r8, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000800)=""/189, 0xbd}, {0x0}], 0x2}, 0x0, 0x40000103})
io_uring_enter(r4, 0x46f3, 0x0, 0x0, 0x0, 0x0)
r9 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r9, 0xc0045627, &(0x7f00000001c0)=0x1)

11m4.131624311s ago: executing program 2 (id=7243):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)
socket$packet(0x11, 0x2, 0x300)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x8, 0x4, 0x0)
getsockname$packet(r0, 0x0, 0x0)

10m59.491874252s ago: executing program 2 (id=7256):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x4)

10m44.249566502s ago: executing program 33 (id=7256):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x4)

5m49.279663983s ago: executing program 0 (id=7994):
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x8)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, 0x0, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r1, 0x20, &(0x7f0000000100)={0x0, 0x0, <r2=>0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc}}, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r2, r0, 0x0, 0x0, 0x0, 0x10, 0x4953}, 0x94)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r4, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r5, &(0x7f00000005c0)={0x1f, @any, 0x1}, 0xa)
shutdown(r4, 0x1)

5m48.143837243s ago: executing program 0 (id=7997):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}, 0x2105}, {{0x0, 0x0, 0x0}, 0x80000001}, {{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002b00)=[{&(0x7f0000000840)=""/198, 0xc6}, {&(0x7f0000000a00)=""/252, 0xfc}, {&(0x7f0000003bc0)=""/4101, 0x1005}, {&(0x7f0000000000)=""/69, 0x45}, {&(0x7f0000000500)=""/240, 0xf0}], 0x5}, 0xb}], 0x4, 0x0, 0x0)

5m47.73267118s ago: executing program 0 (id=8000):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r4], 0x54}}, 0x0)

5m45.110894415s ago: executing program 0 (id=8005):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newqdisc={0x34, 0x24, 0xe0b, 0xfefffffc, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendto$packet(r0, &(0x7f0000000080)="39c394e534ecf02e7e0e9ca20800", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x0, r3, 0x1, 0x95, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

5m43.442646317s ago: executing program 0 (id=8007):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$rxrpc(r1, 0x0, 0x0, 0x44800, 0x0, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x1)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x7, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8a, 0x6a, 0xa, 0xff00}, [@exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x40, 0x0, 0x38, 0x8}, {0x6, 0xfc}]})
write(r3, &(0x7f0000000280)="4591", 0x5e)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x19a)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\a\x00\x00\x00\t'], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r5}, 0x10)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000820}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000001280)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x1}}, 0x24)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x40, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec85000000750000008500000008000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000780)='netlink_extack\x00', r7, 0x0, 0xb0}, 0x18)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb9040220080000000000000000070a0016000900142603600e1208001e0000050401d559e0e0df7fc07963acc3038ebba8000400027c035c0461c1d67f6f94007134cf6efb8001a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c3f5aeb4edbb57a5025ccca9e008026f6e6ddba61f5fad95667e006dcdf639500bfeb789d00000000000000d5e1cace81ed6c117ab5d6d69bda4039e81f86f60f0bffece0", 0xcb}], 0x1}, 0x14)

5m42.336922144s ago: executing program 0 (id=8011):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}, 0x82}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2}, 0x1}], 0x4000092, 0x10103, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0)

5m26.446418067s ago: executing program 34 (id=8011):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}, 0x82}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2}, 0x1}], 0x4000092, 0x10103, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0)

15.67587122s ago: executing program 3 (id=8757):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x128, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x48, 0x2, [@TCA_FLOWER_KEY_CVLAN_ID={0x6, 0x4d, 0xfa7}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ARP_SIP_MASK={0x8, 0x3a, 0xffffffff}, @TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xff000000, 0x0, 0xffffffff, 0xffffff00]}, @TCA_FLOWER_KEY_UDP_DST_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_MPLS_LABEL={0x8, 0x46, 0xa1}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0xa0, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_ACT={0x8c, 0x1, [@m_ctinfo={0x88, 0x19, 0x0, 0x0, {{0xb}, {0x4}, {0x59, 0x6, "ed5c1eb99390e7d0a8730c2f4ad7eab8a255351b763e5585c30ef05596ff09fd3ea6975074d4baa7805a08bfdd7f7fa2634cbcdbba1c88eea89d70023a7b9d8d2a94daf79fa1e5bffdc60fbea174f1aa7372acb7f3"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x128}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x403, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40800}, [@IFLA_ADDRESS={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @IFLA_TARGET_NETNSID={0x8}]}, 0x34}, 0x1, 0xba01, 0x0, 0x400c002}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

15.440134862s ago: executing program 3 (id=8758):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x2000)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x4e24, 0x80000001, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x5}, {0xa, 0x4e24, 0xf5, @mcast2, 0x3}, 0xffffffffffffffff, {[0x2, 0x6, 0x401, 0x8, 0x10001, 0x8, 0x2, 0xd]}}, 0x5c)
fsmount(0xffffffffffffffff, 0x0, 0x0)
mlockall(0x7)
mlock(&(0x7f000083c000/0x3000)=nil, 0x3000)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)

15.347524024s ago: executing program 5 (id=8759):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)

14.340575193s ago: executing program 5 (id=8761):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
epoll_create1(0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80)
r5 = epoll_create1(0x0)
r6 = fcntl$dupfd(r5, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r6, r4, 0x11, 0x0, r6}, 0x14)

12.804419477s ago: executing program 7 (id=8765):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioperm(0xe6, 0x2, 0x3)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
openat$dir(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f00000002c0)={0xf0f044, 0x800})
poll(&(0x7f00000000c0)=[{r1, 0xe7d4c009da6c1985}], 0x1, 0x4)

12.11633778s ago: executing program 1 (id=8766):
socket(0x1d, 0x2, 0x6)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000140000042abd7000fcdbdf25ac14142f000000000000000000000000fc0000000000000000000000000000004e20ffc04e22f001020080a0", @ANYRES32=0x0, @ANYRES32], 0x50}}, 0x4040094)
syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0xa2242)

12.0472272s ago: executing program 6 (id=8767):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000000)=0x2, 0x4)
sendmsg$inet6(r0, &(0x7f0000000500)={&(0x7f0000000080)={0xa, 0xce27, 0x84, @dev={0xfe, 0x80, '\x00', 0x23}, 0x8}, 0x1c, &(0x7f00000008c0)=[{&(0x7f0000000640)='*', 0x1}], 0x1}, 0x80001)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @private2, 0x7}, 0x1c)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={r2, 0x1}, 0x8)

11.967383804s ago: executing program 7 (id=8768):
ioctl$BLKGETNRZONES(0xffffffffffffffff, 0x80041285, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x1052c0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000600)={0x32}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r3 = syz_open_dev$video(&(0x7f00000000c0), 0x6, 0x109001)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r3, 0xc0405665, &(0x7f0000000100)={0x5, 0x5, 0x80000001, 0x39212fbd8a022bff, 0x5, 0xe, 0x4})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

11.82386802s ago: executing program 1 (id=8769):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f00000003c0))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfff, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000500), 0x107382, 0x0)
socket(0x1, 0x1, 0x0)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89a0, &(0x7f0000000200)={@rand_addr=0x64010100, @empty})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x121403, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40081271, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='cramfs\x00', 0x800, 0x0)
mount(0x0, 0x0, &(0x7f0000000600)='debugfs\x00', 0x42000, 0x0)
chdir(&(0x7f0000000440)='./file0\x00')
r3 = syz_clone(0x88202200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, 0x0)
setpgid(0x0, r3)
open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x901)
mount(0x0, 0x0, 0x0, 0x2000, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b000000000000000000", @ANYRES32=0x0, @ANYRES16, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT=r1], 0x50)
mq_open(&(0x7f0000000640)='[\v\xdbX\xae[\x1a\xa9\xfd\x97,l\xa1\xc5\xc2l\xde\x9f1;$\xc3\x9c\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0b;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x7f\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*Tt\xa5\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\x06\x00\x00\x00\x00\x00\x00\x00\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd1d\x80\x13\x8fX\xb4\x19\xc4\\\xc3\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\x04\xf0pV!y\xe3', 0x40, 0x82, &(0x7f00000000c0)={0x2, 0x1940000, 0x1531b10a, 0x2})

11.290867302s ago: executing program 3 (id=8770):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x8000}, 0x80, &(0x7f0000000500)=[{&(0x7f00000006c0)="27031c00160014000000002f1eafacf706e105400000894f000500", 0x1b}], 0x1}, 0x4404c)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(authencesn(streebog256-generic,xchacha12-generic))\x00'}, 0x58)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x59}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f0000000300)={'tunl0\x00', <r4=>0x0, 0x80, 0x8000, 0x68a0, 0xffffffff, {{0x5d, 0x4, 0x3, 0x17, 0x174, 0x65, 0x0, 0x60, 0x29, 0x0, @loopback, @multicast1, {[@ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x32, 0x3, [{0x5, 0x9, "3556815b28820b"}, {0x1, 0x11, "cf2aaea1feaa1bb542854b1bf921ac"}, {0x1, 0x2}, {0x7, 0x5, "8896b9"}, {0x6, 0xb, "fe96b3ba203857aba1"}]}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x3c, 0x2c, 0x3, 0x8, [{@loopback, 0x7fffffff}, {@local, 0x9}, {@loopback, 0x9}, {@rand_addr=0x64010101, 0x7fffffff}, {@local, 0x1}, {@rand_addr=0x64010101, 0xa}, {@remote, 0x7}]}, @timestamp={0x44, 0x14, 0xd5, 0x0, 0x7, [0x400, 0x7fff, 0x1, 0x388]}, @timestamp_addr={0x44, 0x4c, 0xe1, 0x1, 0x1, [{@rand_addr=0x64010102}, {@multicast2, 0x3000000}, {@remote, 0x6}, {@multicast2, 0xc2a}, {@multicast1, 0x36}, {@remote, 0x80000000}, {@multicast1, 0x1}, {@local, 0x3}, {@private=0xa010101, 0x4}]}, @timestamp_addr={0x44, 0x1c, 0x4d, 0x1, 0x6, [{@local, 0x4}, {@rand_addr=0x64010101, 0x6}, {@remote}]}, @timestamp_prespec={0x44, 0x54, 0xab, 0x3, 0x3, [{@multicast2, 0x8001}, {@multicast1, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffff2723}, {@multicast2, 0x70000}, {@broadcast, 0x1}, {@broadcast, 0xc309}, {@rand_addr=0x64010102, 0x2}, {@multicast1, 0x8}, {@dev={0xac, 0x14, 0x14, 0x26}, 0x7ff}, {@private=0xa010102, 0x9}]}, @lsrr={0x83, 0x17, 0x8b, [@rand_addr=0x64010100, @private=0xa010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @empty]}]}}}}})
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x20, r3, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008010}, 0x810)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000840)='tasks\x00', 0x2, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

10.743930378s ago: executing program 6 (id=8771):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0xabe)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/pm_print_times', 0x169a82, 0x0)
sendfile(r2, r2, 0x0, 0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, 0x0, 0x0)
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000202, 0x0, 0x0)
munlockall()
madvise(&(0x7f0000597000/0x1000)=nil, 0x1000, 0x13)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x42782, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}]}, @CTA_NAT_SRC={0xc, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @dev}]}]}, 0x68}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
close(r4)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x21)

9.949132695s ago: executing program 3 (id=8772):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b80000001900010027bd700000000000e000000200"/43], 0xb8}}, 0x4004)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r6, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r6, 0x0, 0x0)
write$vhost_msg_v2(r6, 0x0, 0x0)
write$vhost_msg_v2(r6, 0x0, 0x0)
write$vhost_msg_v2(r6, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)
write$vhost_msg_v2(r6, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000340)=""/115, 0x73, &(0x7f0000000240)=""/31, 0x1, 0x1}}, 0x48)
ioctl$SIOCGSTAMPNS(r5, 0x8907, &(0x7f00000006c0))
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r7 = socket$inet(0x2, 0x3, 0x9)
getsockname$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000100)=0x10)
setsockopt$sock_int(r7, 0x1, 0x2e, &(0x7f0000000000)=0x7b, 0x4)
shutdown(r7, 0x0)
recvmmsg(r7, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000840)=ANY=[@ANYBLOB])
close_range(r0, 0xffffffffffffffff, 0x0)

9.291934635s ago: executing program 8 (id=8774):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, 0x0)

9.291215341s ago: executing program 5 (id=8775):
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$radio(0x0, 0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x1, 0x39d}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

8.915942629s ago: executing program 5 (id=8776):
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

8.708538981s ago: executing program 8 (id=8777):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000800000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000010000000850000000f00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)

8.557089571s ago: executing program 5 (id=8778):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c7515092", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r5], 0x54}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r8, @ANYBLOB="0174dfdb0d"], 0x20}}, 0x0)

8.309000274s ago: executing program 5 (id=8779):
unshare(0x4e000a00)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$video4linux(0x0, 0x1, 0x8aa000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
connect$can_j1939(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
r2 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
listxattr(0x0, &(0x7f00000002c0)=""/98, 0x62)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/mcfilter6\x00')
lseek(r3, 0x80, 0x1)
ioctl$TCSBRKP(r2, 0x5425, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syslog(0x3, &(0x7f0000000200)=""/90, 0x5a)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$TCSETSF(r4, 0x5404, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, 0x0, 0x0)
fstatfs(0xffffffffffffffff, 0x0)

8.100790775s ago: executing program 8 (id=8780):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_MAP_VDSO_32(0x1e, r0, 0x1, 0x2002)

7.609019859s ago: executing program 8 (id=8781):
socket(0x1d, 0x2, 0x6)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000140000042abd7000fcdbdf25ac14142f000000000000000000000000fc0000000000000000000000000000004e20ffc04e22f001020080a0", @ANYRES32=0x0, @ANYRES32], 0x50}}, 0x4040094)
syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0xa2242)

7.501061071s ago: executing program 6 (id=8782):
r0 = socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_uring_setup(0x330b, 0x0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, 0x0, 0x8000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x200000b, 0x11, 0xffffffffffffffff, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r5, &(0x7f0000000b00)=[{{&(0x7f0000000e80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000001dc0)="bb", 0x1}], 0x1, 0x0, 0x0, 0x10}}], 0x1, 0x0)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf80, 0x3}, 0x1c)

6.944830157s ago: executing program 1 (id=8783):
socket(0x3, 0xa, 0xfffffffc)
r0 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a3a0000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000054000000050a01020000000000000000010020"], 0xf0}}, 0x0)

5.888795266s ago: executing program 6 (id=8784):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x8000}, 0x80, &(0x7f0000000500)=[{&(0x7f00000006c0)="27031c00160014000000002f1eafacf706e105400000894f000500", 0x1b}], 0x1}, 0x4404c)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(authencesn(streebog256-generic,xchacha12-generic))\x00'}, 0x58)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x59}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f0000000300)={'tunl0\x00', <r5=>0x0, 0x80, 0x8000, 0x68a0, 0xffffffff, {{0x5d, 0x4, 0x3, 0x17, 0x174, 0x65, 0x0, 0x60, 0x29, 0x0, @loopback, @multicast1, {[@ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x32, 0x3, [{0x5, 0x9, "3556815b28820b"}, {0x1, 0x11, "cf2aaea1feaa1bb542854b1bf921ac"}, {0x1, 0x2}, {0x7, 0x5, "8896b9"}, {0x6, 0xb, "fe96b3ba203857aba1"}]}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x3c, 0x2c, 0x3, 0x8, [{@loopback, 0x7fffffff}, {@local, 0x9}, {@loopback, 0x9}, {@rand_addr=0x64010101, 0x7fffffff}, {@local, 0x1}, {@rand_addr=0x64010101, 0xa}, {@remote, 0x7}]}, @timestamp={0x44, 0x14, 0xd5, 0x0, 0x7, [0x400, 0x7fff, 0x1, 0x388]}, @timestamp_addr={0x44, 0x4c, 0xe1, 0x1, 0x1, [{@rand_addr=0x64010102}, {@multicast2, 0x3000000}, {@remote, 0x6}, {@multicast2, 0xc2a}, {@multicast1, 0x36}, {@remote, 0x80000000}, {@multicast1, 0x1}, {@local, 0x3}, {@private=0xa010101, 0x4}]}, @timestamp_addr={0x44, 0x1c, 0x4d, 0x1, 0x6, [{@local, 0x4}, {@rand_addr=0x64010101, 0x6}, {@remote}]}, @timestamp_prespec={0x44, 0x54, 0xab, 0x3, 0x3, [{@multicast2, 0x8001}, {@multicast1, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffff2723}, {@multicast2, 0x70000}, {@broadcast, 0x1}, {@broadcast, 0xc309}, {@rand_addr=0x64010102, 0x2}, {@multicast1, 0x8}, {@dev={0xac, 0x14, 0x14, 0x26}, 0x7ff}, {@private=0xa010102, 0x9}]}, @lsrr={0x83, 0x17, 0x8b, [@rand_addr=0x64010100, @private=0xa010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @empty]}]}}}}})
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x20, r4, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008010}, 0x810)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000840)='tasks\x00', 0x2, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

5.842758372s ago: executing program 8 (id=8785):
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000880)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4000884}, 0x6040)
syz_genetlink_get_family_id$nl80211(0x0, r3)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
ioctl$EVIOCGMASK(r4, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
socket$nl_netfilter(0x10, 0x3, 0xc)

5.841998435s ago: executing program 7 (id=8786):
socket(0x1000000000000010, 0x80802, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mq_open(&(0x7f00000000c0)='ns\xbf\x12\xe1\v\xc8E\xe0\x80r\x917kj\x9cL\xceZ\x99\xf8Q%#-\xd3\xd2\x13\xe8\xdc\xe1\xfd\xde\xef\xf2\xa7\xd2\xab\x97\xc2e\'\xfc\x10\x85\x03\x00\x00\x002\xb80\x10_\\KA\x97\xb7.[O\xd56\xec^F\xdfT\xda\x9817\"\xf5h\xc0\xf8\a\x9e\xce\xa9&\xffq\xebA\x98\x96~\x17|\xc9xR\\z\x9a\x8cRJ\x85\\u\xb2\\\xedB4\xb5z\xbb\xee\xbd\x96\x19\xd1\x98\xeb\xe8\xc1u\x8b\xf8hc\x81#\r\xe8\xf8%\xd9\x7f\r\x12M\x00', 0x40, 0x9, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0))

4.689724307s ago: executing program 7 (id=8787):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)

4.226443855s ago: executing program 6 (id=8788):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, 0x0, 0x0)
r1 = open$dir(0x0, 0x40000, 0x81)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = syz_open_dev$vbi(&(0x7f00000000c0), 0x2, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r2, 0xc0405665, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x200, 0x8001008, r1, &(0x7f0000000040)='./file0\x00')
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
modify_ldt$write2(0x11, 0x0, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = syz_io_uring_setup(0x49a, &(0x7f0000000100)={0x0, 0x10079af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r6=>0x0, &(0x7f00000006c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0xc})
io_uring_enter(r5, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0)
io_uring_enter(r5, 0x627, 0x4c1, 0x43, 0x0, 0x0)

3.956230223s ago: executing program 7 (id=8789):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000080e372208c106801b284010203110902240001000010000904020002f8fd00000905060200020d0006090582020002"], 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000014c0)={0x24, 0x0, &(0x7f00000002c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x42f}}, 0x0, 0x0}, 0x0)

3.908516208s ago: executing program 1 (id=8790):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r3, 0x0, 0x1, &(0x7f0000000000)=""/7, &(0x7f00000010c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}, 0x40010)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0xf}})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bond0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0xd, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x7f}}}}]}, 0x48}}, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002140)={0x1f, 0xf, &(0x7f00000009c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x520beaf08043c77b, 0x5a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, 0x0, 0x0)

2.853244802s ago: executing program 3 (id=8791):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[], 0xf8}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_TABLE(r4, 0x29, 0xcf, &(0x7f00000003c0)=0xffffffff, 0x4)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r6], 0x50}}, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e000000001800", @ANYRES32=r9], 0x50}}, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r10=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x74, r10, {}, {0x0, 0x1}, {0xb, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

2.046433549s ago: executing program 1 (id=8792):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e22, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e21, @remote}}, 0x80, &(0x7f0000000300)=[{0x0}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148"], 0x10b8}, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xe, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x8, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xc, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(0xffffffffffffffff, &(0x7f0000032440)=""/102364, 0x18fdc)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r5, 0xffffffffffffffff, 0x0)

1.932680868s ago: executing program 6 (id=8793):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x18557f, 0x0)
socket$inet(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r3 = syz_open_dev$usbfs(0x0, 0x75, 0x0)
ioctl$USBDEVFS_CLAIM_PORT(r3, 0x80045518, &(0x7f0000000000)=0x1)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_freezer_state(r4, &(0x7f0000000140), 0x2, 0x0)
sendfile(r5, r5, 0x0, 0x9)

1.015114042s ago: executing program 1 (id=8794):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0xabe)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/pm_print_times', 0x169a82, 0x0)
sendfile(r2, r2, 0x0, 0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, 0x0, 0x0)
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000202, 0x0, 0x0)
munlockall()
madvise(&(0x7f0000597000/0x1000)=nil, 0x1000, 0x13)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x42782, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}]}, @CTA_NAT_SRC={0xc, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @dev}]}]}, 0x68}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
close(r4)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x21)

723.088141ms ago: executing program 8 (id=8795):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0xf5, &(0x7f0000009b00)={&(0x7f00000042c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x24, 0x3, "7339f2f304fdd672bad09dfb040000000001000001f9580dabf95ddc91967c20"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f00000fe000/0xd000)=nil, 0xd000, 0x1000005, 0xd2952, 0xffffffffffffffff, 0xfffff000)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffdba)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = fsopen(&(0x7f00000003c0)='gfs2meta\x00', 0x1)
getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000), &(0x7f00000000c0)=0x8)
close(r6)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r4, 0x400454d4, &(0x7f0000000080)=0xa)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)

199.991039ms ago: executing program 3 (id=8796):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETVNETBE(r0, 0x800454df, &(0x7f0000000140)=0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB], 0xf0}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x34b7, 0x0, &(0x7f00000001c0), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
sendmmsg$sock(r3, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
shutdown(r3, 0x1)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast2}, {@remote}, {@loopback}, {@private=0xa010101, 0x8}, {@remote, 0x1}, {@multicast2, 0x5}, {@empty, 0xb}]}, @rr={0x7, 0x3, 0xf7}]}}}}}}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'pim6reg0\x00', 0x2})

0s ago: executing program 7 (id=8797):
socket(0x1d, 0x2, 0x6)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="50000000140000042abd7000fcdbdf25ac14142f000000000000000000000000fc0000000000000000000000000000004e20ffc04e22f001020080a0", @ANYRES32=0x0, @ANYRES32], 0x50}}, 0x4040094)
syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0xa2242)

kernel console output (not intermixed with test programs):

rsing attributes in process `syz.1.7773'.
[ 1683.107684][T22634] Bluetooth: hci0: command 0x0406 tx timeout
[ 1683.260541][T22634] Bluetooth: hci4: command 0x0406 tx timeout
[ 1683.340593][T22634] Bluetooth: hci3: command 0x0406 tx timeout
[ 1683.345044][T28020] usb 7-1: config 0 descriptor??
[ 1683.691933][T22634] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1683.757233][T28020] mcp2221 0003:04D8:00DD.0014: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[ 1684.186308][T30008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1684.285353][T30008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1684.420553][T16302] Bluetooth: hci1: command 0x0406 tx timeout
[ 1684.462733][T30008] i2c i2c-1: unsupported multi-msg i2c transaction
[ 1684.527440][  T975] usb 7-1: USB disconnect, device number 7
[ 1684.700452][T16302] Bluetooth: hci2: command 0x0406 tx timeout
[ 1685.860353][T16302] Bluetooth: hci0: command 0x0406 tx timeout
[ 1685.862740][T22634] Bluetooth: hci4: command 0x0406 tx timeout
[ 1685.866417][T16302] Bluetooth: hci3: command 0x0406 tx timeout
[ 1685.878418][T16302] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1686.446163][T30053] loop6: detected capacity change from 0 to 256
[ 1686.547721][T30053] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1686.600478][T30053] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[ 1686.906224][T30053] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1687.980969][T27056] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1688.921132][T23022] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 1689.041549][T30073] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7788'.
[ 1689.130702][T23022] usb 4-1: Using ep0 maxpacket: 16
[ 1689.194707][T23022] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1689.248711][T23022] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1689.407544][T23022] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1689.463579][T23022] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1689.502757][T23022] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1689.512696][T23022] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1689.540479][T23022] usb 4-1: Product: syz
[ 1689.556298][T23022] usb 4-1: Manufacturer: syz
[ 1689.571684][T23022] usb 4-1: SerialNumber: syz
[ 1689.662315][T23022] usb 4-1: config 0 descriptor??
[ 1690.464544][T30064] loop3: detected capacity change from 0 to 128
[ 1690.496923][T30064] vfat: Unknown parameter '01777777777777777777777'
[ 1690.569076][T30084] binder: 30081:30084 ioctl c0306201 200000000000 returned -14
[ 1691.278166][T23022] usb 4-1: USB disconnect, device number 40
[ 1693.708878][T30092] netlink: 'syz.6.7794': attribute type 1 has an invalid length.
[ 1696.440616][ T5955] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1696.920524][ T5955] usb 2-1: Using ep0 maxpacket: 32
[ 1696.958007][ T5955] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1696.995072][ T5955] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1697.015272][ T5955] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1697.028679][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1697.042137][ T5955] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1697.069090][ T5955] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1697.089355][ T5955] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1697.151311][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1698.934048][ T5955] usb 2-1: config 0 descriptor??
[ 1699.487944][ T5955] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 38 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1699.607160][ T5955] usb 2-1: USB disconnect, device number 38
[ 1699.641180][ T5955] usblp0: removed
[ 1702.828383][T30161] bridge0: port 3(vlan2) entered blocking state
[ 1702.835061][T30161] bridge0: port 3(vlan2) entered disabled state
[ 1703.043903][T30161] vlan2: entered allmulticast mode
[ 1704.290401][T30161] bridge0: entered allmulticast mode
[ 1704.522243][T30161] vlan2: left allmulticast mode
[ 1704.530428][T30161] bridge0: left allmulticast mode
[ 1706.678159][T30190] evm: overlay not supported
[ 1709.310540][  T975] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1709.601265][  T975] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1709.978153][  T975] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1710.044975][  T975] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1710.066218][  T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1710.089751][  T975] usb 2-1: SerialNumber: syz
[ 1710.373295][  T975] usb 2-1: 0:2 : does not exist
[ 1710.433203][  T975] usb 2-1: unit 255 not found!
[ 1710.905466][  T975] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1711.024823][  T975] usb 2-1: USB disconnect, device number 39
[ 1713.269002][T30234] bridge0: port 3(vlan2) entered blocking state
[ 1713.305015][T30234] bridge0: port 3(vlan2) entered disabled state
[ 1713.420635][T30234] vlan2: entered allmulticast mode
[ 1713.443153][T30234] bridge0: entered allmulticast mode
[ 1713.504061][T30234] vlan2: left allmulticast mode
[ 1713.533455][T30234] bridge0: left allmulticast mode
[ 1714.666385][T30249] loop7: detected capacity change from 0 to 8
[ 1714.899228][T30249] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1714.925994][T30249] SQUASHFS error: Failed to read block 0x0: -5
[ 1714.944475][T30249] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1714.954195][T30249] SQUASHFS error: Failed to read block 0x0: -5
[ 1715.011562][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1715.011584][   T30] audit: type=1800 audit(1759213178.750:5588): pid=30249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.7842" name="file2" dev="loop7" ino=3 res=0 errno=0
[ 1718.100507][T30279] overlayfs: failed to clone upperpath
[ 1723.700406][T23022] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1726.931637][T16579] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 1727.202494][T16579] usb 1-1: Using ep0 maxpacket: 16
[ 1727.585012][T16579] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1727.610554][T16579] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1727.693055][T16579] usb 1-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1728.648116][T16579] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1728.658576][T16579] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1728.740583][T16579] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1728.810561][T16579] usb 1-1: Product: syz
[ 1728.880867][T16579] usb 1-1: Manufacturer: syz
[ 1728.890470][T16579] usb 1-1: SerialNumber: syz
[ 1728.911545][T16579] usb 1-1: config 0 descriptor??
[ 1729.651026][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1729.734191][T30323] Unknown status report in ack skb
[ 1729.759866][T16579] usb 1-1: USB disconnect, device number 34
[ 1731.730715][T27056] Bluetooth: hci1: unexpected event for opcode 0x200a
[ 1732.478838][T30359] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7868'.
[ 1737.912895][T30402] overlayfs: failed to clone upperpath
[ 1739.650429][   T30] audit: type=1326 audit(1759213203.270:5589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1739.822419][T30414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7883'.
[ 1739.939708][   T30] audit: type=1326 audit(1759213203.280:5590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1740.049888][T30415] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1740.597137][   T30] audit: type=1326 audit(1759213203.500:5591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f961038d710 code=0x7ffc0000
[ 1741.366843][   T30] audit: type=1326 audit(1759213203.500:5592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1741.529374][   T30] audit: type=1326 audit(1759213203.500:5593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1741.602743][   T30] audit: type=1326 audit(1759213203.500:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1741.697963][   T30] audit: type=1326 audit(1759213203.500:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1741.795443][   T30] audit: type=1326 audit(1759213203.500:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1741.961817][   T30] audit: type=1326 audit(1759213203.500:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1742.026441][   T30] audit: type=1326 audit(1759213203.500:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30407 comm="syz.5.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961038eec9 code=0x7ffc0000
[ 1744.100346][T23022] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1744.318350][T23022] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1744.635268][T23022] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1744.811316][T23022] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1744.826735][T23022] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1744.871972][T23022] usb 7-1: SerialNumber: syz
[ 1745.104256][T23022] usb 7-1: 0:2 : does not exist
[ 1745.150435][T23022] usb 7-1: unit 255 not found!
[ 1745.235191][T23022] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1745.325593][T23022] usb 7-1: USB disconnect, device number 8
[ 1747.130383][T16579] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[ 1747.910723][ T5955] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1748.076710][T16579] usb 4-1: Using ep0 maxpacket: 32
[ 1748.090162][ T5955] usb 7-1: Using ep0 maxpacket: 16
[ 1748.171760][ T5955] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1748.544344][T16579] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1748.650403][ T5955] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1748.659499][T16579] usb 4-1: config 0 has no interface number 0
[ 1748.665618][ T5955] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1748.692743][T16579] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1748.718690][ T5955] usb 7-1: config 0 descriptor??
[ 1748.726942][T16579] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1748.754586][T16579] usb 4-1: Product: syz
[ 1748.764701][T16579] usb 4-1: Manufacturer: syz
[ 1748.794686][T16579] usb 4-1: SerialNumber: syz
[ 1748.834772][T16579] usb 4-1: config 0 descriptor??
[ 1748.886284][T16579] smsc95xx v2.0.0
[ 1749.148196][ T5955] mcp2221 0003:04D8:00DD.0015: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[ 1749.546000][T30468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1749.860773][T30468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1749.935266][ T5955] usb 7-1: USB disconnect, device number 9
[ 1750.053929][T16579] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[ 1750.106580][T16579] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[ 1750.160707][T16579] usb 4-1: USB disconnect, device number 41
[ 1750.286277][T30488] netlink: 9896 bytes leftover after parsing attributes in process `syz.3.7909'.
[ 1750.408785][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1750.408808][   T30] audit: type=1326 audit(1759213214.130:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa1d8eec9 code=0x7ffc0000
[ 1750.508718][T27056] Bluetooth: hci5: ACL packet for unknown connection handle 200
[ 1750.750357][   T30] audit: type=1326 audit(1759213214.130:5603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faaa1d8d710 code=0x7ffc0000
[ 1750.800435][T23022] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1750.940508][   T30] audit: type=1326 audit(1759213214.130:5604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1751.180126][   T30] audit: type=1326 audit(1759213214.130:5605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1751.308621][T23022] usb 1-1: Using ep0 maxpacket: 8
[ 1751.659611][T23022] usb 1-1: New USB device found, idVendor=0545, idProduct=800c, bcdDevice= 3.0a
[ 1751.905844][T23022] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1751.972625][   T30] audit: type=1326 audit(1759213214.140:5606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1752.012789][T23022] usb 1-1: Product: syz
[ 1752.030769][T23022] usb 1-1: Manufacturer: syz
[ 1752.050128][T23022] usb 1-1: SerialNumber: syz
[ 1752.177767][T23022] usb 1-1: config 0 descriptor??
[ 1752.184353][   T30] audit: type=1326 audit(1759213214.140:5607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1752.683858][   T30] audit: type=1326 audit(1759213214.380:5608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1752.860794][   T30] audit: type=1326 audit(1759213214.490:5609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1752.960357][   T30] audit: type=1326 audit(1759213214.720:5610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1753.126729][   T30] audit: type=1326 audit(1759213214.720:5611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30478 comm="syz.0.7907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa1d8eacb code=0x7ffc0000
[ 1753.350809][T30519] netlink: 'syz.1.7919': attribute type 11 has an invalid length.
[ 1756.848821][T30535] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7923'.
[ 1757.090401][T23022] usb 1-1: can't set config #0, error -71
[ 1757.163165][T23022] usb 1-1: USB disconnect, device number 35
[ 1757.784790][T23022] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1758.309422][T23022] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1758.329823][T23022] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1758.555627][T23022] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1758.584741][T23022] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1758.615050][T23022] usb 1-1: SerialNumber: syz
[ 1758.922995][T23022] usb 1-1: 0:2 : does not exist
[ 1758.951291][T23022] usb 1-1: unit 255 not found!
[ 1759.086506][T23022] usb 1-1: USB disconnect, device number 36
[ 1759.740667][T16579] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 1759.917080][T16579] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1759.928450][T16579] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1760.108392][T16579] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[ 1760.158444][T30590] Invalid ELF header magic: != ELF
[ 1760.164125][T16579] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1760.268443][T16579] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1760.692693][T16579] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1760.890301][T30580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1760.897855][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1760.897876][   T30] audit: type=1326 audit(1759213224.630:5629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1760.903969][T30580] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1760.934826][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1760.980555][   T30] audit: type=1326 audit(1759213224.630:5630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1761.131220][   T30] audit: type=1326 audit(1759213224.630:5631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f47a0f8d710 code=0x7ffc0000
[ 1761.167732][T16579] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -12
[ 1761.294942][T16579] usb 4-1: USB disconnect, device number 42
[ 1761.362701][   T30] audit: type=1326 audit(1759213224.630:5632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f47a0f8eacb code=0x7ffc0000
[ 1761.455553][   T30] audit: type=1326 audit(1759213224.630:5633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f47a0f8eacb code=0x7ffc0000
[ 1761.477980][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1761.653765][   T30] audit: type=1326 audit(1759213224.860:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1761.676285][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1761.831499][   T30] audit: type=1326 audit(1759213224.860:5635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1761.978533][   T30] audit: type=1326 audit(1759213224.870:5636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1762.130565][   T30] audit: type=1326 audit(1759213224.870:5637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1762.644338][   T30] audit: type=1326 audit(1759213224.870:5638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30571 comm="syz.3.7938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47a0f8eec9 code=0x7ffc0000
[ 1767.603569][T27056] Bluetooth: hci4: unexpected event for opcode 0x200a
[ 1768.004437][T30657] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7965'.
[ 1774.030473][T30704] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7977'.
[ 1774.235003][T30704] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1774.533338][T30711] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7979'.
[ 1774.910745][T27056] Bluetooth: hci0: unexpected event for opcode 0x200a
[ 1779.857345][T30762] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7995'.
[ 1781.802812][T30782] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8002'.
[ 1782.311050][T27056] Bluetooth: hci5: unexpected event for opcode 0x200a
[ 1784.007126][T30789] kthread_run failed with err -4
[ 1784.703996][T28020] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1784.958686][T28020] usb 2-1: Using ep0 maxpacket: 16
[ 1784.990801][T28020] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1785.020582][T28020] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1785.035487][T28020] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1785.048382][T28020] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1785.061330][T28020] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1785.071246][T28020] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1785.080314][T28020] usb 2-1: Product: syz
[ 1785.146440][T28020] usb 2-1: Manufacturer: syz
[ 1785.193363][T28020] usb 2-1: SerialNumber: syz
[ 1785.225575][T28020] usb 2-1: config 0 descriptor??
[ 1785.416846][T30807] input: syz1 as /devices/virtual/input/input39
[ 1785.685270][T28020] usb 2-1: USB disconnect, device number 41
[ 1787.420327][T30823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8014'.
[ 1787.434468][T30823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8014'.
[ 1787.446101][T30823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8014'.
[ 1787.468064][T30823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8014'.
[ 1787.531104][T30823] netlink: 'syz.1.8014': attribute type 3 has an invalid length.
[ 1788.295409][T27056] Bluetooth: hci1: unexpected event for opcode 0x200a
[ 1788.891948][T30831] netlink: 96 bytes leftover after parsing attributes in process `syz.1.8017'.
[ 1790.021491][T30838] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8019'.
[ 1791.234347][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.556903][T30854] loop3: detected capacity change from 0 to 128
[ 1798.523272][T30893] netlink: 40 bytes leftover after parsing attributes in process `syz.7.8036'.
[ 1800.468380][T30902] loop6: detected capacity change from 0 to 128
[ 1804.920647][T16302] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1804.932367][T16302] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1804.942071][T16302] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1804.955537][T16302] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1804.971687][T16302] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1805.585735][T30954] Invalid ELF header magic: != ELF
[ 1807.170623][T16302] Bluetooth: hci6: command tx timeout
[ 1807.376909][T30948] chnl_net:caif_netlink_parms(): no params data found
[ 1809.191974][T16302] Bluetooth: hci6: command tx timeout
[ 1809.309109][T30989] loop7: detected capacity change from 0 to 2048
[ 1809.316315][T30989] udf: Bad value for 'session'
[ 1809.567442][T30948] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1809.579107][T30948] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1809.592117][T30948] bridge_slave_0: entered allmulticast mode
[ 1809.783273][T30990] loop7: detected capacity change from 0 to 512
[ 1810.042001][T30948] bridge_slave_0: entered promiscuous mode
[ 1810.117083][T30948] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1810.191340][T30990] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1810.215132][T30948] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1810.230570][T30948] bridge_slave_1: entered allmulticast mode
[ 1810.239559][T30948] bridge_slave_1: entered promiscuous mode
[ 1810.358621][T30990] EXT4-fs (loop7): 1 orphan inode deleted
[ 1810.508953][T30990] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1811.000567][T30948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1811.133866][T30948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1811.261931][T16302] Bluetooth: hci6: command tx timeout
[ 1811.453382][T28283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1813.146851][T30948] team0: Port device team_slave_0 added
[ 1813.193629][T30948] team0: Port device team_slave_1 added
[ 1813.342582][T16302] Bluetooth: hci6: command tx timeout
[ 1814.402249][T30948] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1814.440410][T30948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1814.597872][T30948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1815.810640][T31039] Invalid ELF header magic: != ELF
[ 1816.254837][T30948] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1816.295031][T30948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1816.516961][T30948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1817.049757][ T6167] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1817.133719][ T6167] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1818.834809][ T6167] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1818.980358][ T6167] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1819.191850][T30948] hsr_slave_0: entered promiscuous mode
[ 1819.200725][T30948] hsr_slave_1: entered promiscuous mode
[ 1819.209001][T30948] debugfs: 'hsr0' already exists in 'hsr'
[ 1819.230309][T30948] Cannot create hsr debugfs directory
[ 1819.567060][T31054] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8071'.
[ 1819.762210][ T6167] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1819.846541][ T6167] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1822.086882][ T6167] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1822.324104][ T6167] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1823.513028][T30948] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1828.295031][T31124] netlink: 48 bytes leftover after parsing attributes in process `syz.6.8092'.
[ 1828.374193][T31128] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8092'.
[ 1828.968140][T31131] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8094'.
[ 1828.991114][ T6167] bond0 (unregistering): Released all slaves
[ 1829.009645][T30948] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1829.147507][T31128] hsr_slave_1 (unregistering): left promiscuous mode
[ 1829.180510][T30948] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1829.302419][T30948] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1830.559734][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1832.139073][ T6167] veth1_macvtap: left promiscuous mode
[ 1832.209967][ T6167] veth0_macvtap: left promiscuous mode
[ 1832.227004][ T6167] veth1_vlan: left promiscuous mode
[ 1832.274887][ T6167] veth0_vlan: left promiscuous mode
[ 1833.561320][T31175] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8106'.
[ 1834.141561][T23022] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[ 1834.344642][T23022] usb 4-1: Using ep0 maxpacket: 32
[ 1835.207657][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1835.909770][T31184] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8108'.
[ 1836.162370][T31170] vti0: entered promiscuous mode
[ 1836.168351][T31170] vti0: entered allmulticast mode
[ 1836.265148][T23022] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1836.300941][T23022] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1836.324775][T23022] usb 4-1: can't read configurations, error -71
[ 1838.211188][T30948] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1838.236790][T30948] 8021q: adding VLAN 0 to HW filter on device team0
[ 1838.504397][    C1] hrtimer: interrupt took 18030 ns
[ 1839.332977][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1839.340138][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1839.449759][T26481] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1839.457001][T26481] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1840.665036][T30948] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1841.514263][T27056] Bluetooth: hci6: command 0x0405 tx timeout
[ 1842.302237][T31242] netlink: 'syz.3.8122': attribute type 11 has an invalid length.
[ 1842.862646][T31246] netlink: 24 bytes leftover after parsing attributes in process `syz.7.8123'.
[ 1844.721642][T31252] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8125'.
[ 1845.009334][T30948] veth0_vlan: entered promiscuous mode
[ 1845.114112][ T5967] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[ 1845.723510][T30948] veth1_vlan: entered promiscuous mode
[ 1845.877235][T30948] veth0_macvtap: entered promiscuous mode
[ 1845.962150][T30948] veth1_macvtap: entered promiscuous mode
[ 1845.990432][ T5967] usb 4-1: Using ep0 maxpacket: 32
[ 1847.309013][T30948] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1847.381850][ T5967] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1847.404293][T30948] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1847.421465][ T5967] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1847.429083][ T5967] usb 4-1: can't read configurations, error -71
[ 1847.517014][T17520] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1847.777562][T17520] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1847.848630][T17520] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1847.994951][T17520] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.161491][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1848.192241][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1848.349013][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1848.765773][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1851.137503][T31292] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8138'.
[ 1851.784419][T31302] vti0: entered promiscuous mode
[ 1851.831730][T31302] vti0: entered allmulticast mode
[ 1851.867486][T31303] netlink: 36 bytes leftover after parsing attributes in process `syz.5.8143'.
[ 1852.467213][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.561292][T16302] Bluetooth: hci4: unexpected event for opcode 0x200a
[ 1853.854374][T31324] bridge0: port 1(vlan3) entered blocking state
[ 1854.200781][T31324] bridge0: port 1(vlan3) entered disabled state
[ 1854.278411][T31324] vlan3: entered allmulticast mode
[ 1854.320382][T31324] bridge0: entered allmulticast mode
[ 1854.386926][T31324] vlan3: left allmulticast mode
[ 1854.397645][T31324] bridge0: left allmulticast mode
[ 1854.549860][T31332] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8153'.
[ 1857.852029][T31351] gfs2: not a GFS2 filesystem
[ 1858.550401][ T5933] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[ 1858.710418][ T5933] usb 4-1: Using ep0 maxpacket: 16
[ 1858.751857][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1859.219434][ T5933] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1859.249240][ T5933] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1859.330019][ T5933] usb 4-1: config 0 descriptor??
[ 1860.855117][T31367] warn_alloc: 3 callbacks suppressed
[ 1860.855135][T31367] syz.5.8164: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x404dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_RETRY_MAYFAIL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1860.881007][T31367] CPU: 1 UID: 0 PID: 31367 Comm: syz.5.8164 Not tainted syzkaller #0 PREEMPT(full) 
[ 1860.881031][T31367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1860.881044][T31367] Call Trace:
[ 1860.881054][T31367]  <TASK>
[ 1860.881063][T31367]  dump_stack_lvl+0x189/0x250
[ 1860.881096][T31367]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1860.881125][T31367]  ? __pfx__printk+0x10/0x10
[ 1860.881143][T31367]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1860.881167][T31367]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1860.881192][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881214][T31367]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1860.881240][T31367]  warn_alloc+0x214/0x310
[ 1860.881265][T31367]  ? __pfx_warn_alloc+0x10/0x10
[ 1860.881290][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881312][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881333][T31367]  ? __get_vm_area_node+0x28f/0x300
[ 1860.881362][T31367]  ? veth_dev_init+0x363/0x570
[ 1860.881386][T31367]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1860.881415][T31367]  ? veth_newlink+0x5cc/0xa50
[ 1860.881454][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881475][T31367]  ? alloc_pages_mpol+0x3cd/0x4a0
[ 1860.881505][T31367]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1860.881533][T31367]  ? __kasan_kmalloc_large+0x1c/0xa0
[ 1860.881564][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881585][T31367]  ? rcu_is_watching+0x15/0xb0
[ 1860.881607][T31367]  ? veth_dev_init+0x363/0x570
[ 1860.881625][T31367]  ? veth_dev_init+0x363/0x570
[ 1860.881643][T31367]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1860.881672][T31367]  ? veth_dev_init+0x363/0x570
[ 1860.881692][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881719][T31367]  veth_dev_init+0x363/0x570
[ 1860.881746][T31367]  register_netdevice+0x6bf/0x1ae0
[ 1860.881783][T31367]  ? snprintf+0xda/0x120
[ 1860.881814][T31367]  ? __pfx_register_netdevice+0x10/0x10
[ 1860.881846][T31367]  ? __pfx_snprintf+0x10/0x10
[ 1860.881875][T31367]  ? __asan_memset+0x22/0x50
[ 1860.881898][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.881918][T31367]  ? dev_addr_mod+0x2ce/0x3d0
[ 1860.881949][T31367]  veth_newlink+0x5cc/0xa50
[ 1860.881972][T31367]  ? __pfx_veth_newlink+0x10/0x10
[ 1860.881989][T31367]  ? css_rstat_updated+0x23a/0x4f0
[ 1860.882015][T31367]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1860.882085][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882106][T31367]  ? validate_linkmsg+0x765/0x950
[ 1860.882129][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882154][T31367]  ? __pfx_veth_newlink+0x10/0x10
[ 1860.882174][T31367]  rtnl_newlink_create+0x310/0xb00
[ 1860.882203][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882224][T31367]  ? __lock_acquire+0xab9/0xd20
[ 1860.882246][T31367]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1860.882274][T31367]  ? __pfx___mutex_lock+0x10/0x10
[ 1860.882295][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882325][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882346][T31367]  ? ns_capable+0x8a/0xf0
[ 1860.882369][T31367]  rtnl_newlink+0x16d6/0x1c70
[ 1860.882392][T31367]  ? netlink_sendmsg+0x805/0xb30
[ 1860.882426][T31367]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1860.882515][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882536][T31367]  ? __lock_acquire+0xab9/0xd20
[ 1860.882566][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882596][T31367]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1860.882617][T31367]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1860.882642][T31367]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1860.882663][T31367]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1860.882683][T31367]  ? ref_tracker_free+0x63a/0x7d0
[ 1860.882703][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882724][T31367]  ? __asan_memcpy+0x40/0x70
[ 1860.882746][T31367]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1860.882765][T31367]  ? __skb_clone+0x63/0x7a0
[ 1860.882799][T31367]  netlink_rcv_skb+0x208/0x470
[ 1860.882822][T31367]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1860.882850][T31367]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1860.882882][T31367]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1860.882912][T31367]  netlink_unicast+0x82f/0x9e0
[ 1860.882939][T31367]  ? __pfx_netlink_unicast+0x10/0x10
[ 1860.882960][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.882981][T31367]  ? skb_put+0x11b/0x210
[ 1860.883003][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883029][T31367]  netlink_sendmsg+0x805/0xb30
[ 1860.883059][T31367]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1860.883084][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883105][T31367]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1860.883126][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883146][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883168][T31367]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1860.883191][T31367]  __sock_sendmsg+0x21c/0x270
[ 1860.883213][T31367]  ____sys_sendmsg+0x505/0x830
[ 1860.883245][T31367]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1860.883278][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883299][T31367]  ? import_iovec+0x74/0xa0
[ 1860.883328][T31367]  ___sys_sendmsg+0x21f/0x2a0
[ 1860.883356][T31367]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1860.883388][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883435][T31367]  ? __fget_files+0x2a/0x420
[ 1860.883451][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883472][T31367]  ? __fget_files+0x3a0/0x420
[ 1860.883500][T31367]  __x64_sys_sendmsg+0x19b/0x260
[ 1860.883529][T31367]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1860.883571][T31367]  ? do_syscall_64+0xbe/0x3b0
[ 1860.883597][T31367]  do_syscall_64+0xfa/0x3b0
[ 1860.883618][T31367]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1860.883639][T31367]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1860.883656][T31367]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1860.883677][T31367]  ? exc_page_fault+0x9f/0xf0
[ 1860.883699][T31367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1860.883718][T31367] RIP: 0033:0x7f961038eec9
[ 1860.883736][T31367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1860.883753][T31367] RSP: 002b:00007f9611292038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1860.883772][T31367] RAX: ffffffffffffffda RBX: 00007f96105e5fa0 RCX: 00007f961038eec9
[ 1860.883786][T31367] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1860.883799][T31367] RBP: 00007f9610411f91 R08: 0000000000000000 R09: 0000000000000000
[ 1860.883811][T31367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1860.883822][T31367] R13: 00007f96105e6038 R14: 00007f96105e5fa0 R15: 00007ffe3b15edd8
[ 1860.883854][T31367]  </TASK>
[ 1860.883885][T31367] Mem-Info:
[ 1861.525412][ T5933] mcp2221 0003:04D8:00DD.0016: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[ 1861.536651][T31367] active_anon:4756 inactive_anon:0 isolated_anon:0
[ 1861.536651][T31367]  active_file:24069 inactive_file:40730 isolated_file:0
[ 1861.536651][T31367]  unevictable:768 dirty:110 writeback:0
[ 1861.536651][T31367]  slab_reclaimable:12445 slab_unreclaimable:106781
[ 1861.536651][T31367]  mapped:34622 shmem:1353 pagetables:1474
[ 1861.536651][T31367]  sec_pagetables:0 bounce:0
[ 1861.536651][T31367]  kernel_misc_reclaimable:0
[ 1861.536651][T31367]  free:1278401 free_pcp:12052 free_cma:0
[ 1861.585754][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.594684][T31367] Node 0 active_anon:19024kB inactive_anon:0kB active_file:96276kB inactive_file:162724kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138488kB dirty:440kB writeback:0kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11772kB pagetables:5744kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1861.626775][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.652270][T31367] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1861.682195][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.689754][T31367] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1861.718906][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.725234][T31367] lowmem_reserve[]: 0 2505 2506 2506 2506
[ 1861.732243][T31367] Node 0 DMA32 free:1202852kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18988kB inactive_anon:0kB active_file:96276kB inactive_file:162396kB unevictable:1536kB writepending:440kB present:3129332kB managed:2565916kB mlocked:0kB bounce:0kB free_pcp:30884kB local_pcp:21220kB free_cma:0kB
[ 1861.764796][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.772541][T31367] lowmem_reserve[]: 0 0 0 0 0
[ 1861.778004][T31367] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1861.809407][T31367] lowmem_reserve[]: 0 0 0 0 0
[ 1861.821119][T31367] Node 1 Normal free:3895264kB boost:0kB min:55572kB low:69464kB high:83356kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17284kB local_pcp:12308kB free_cma:0kB
[ 1861.852331][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.858441][T31367] lowmem_reserve[]: 0 0 0 0 0
[ 1861.863226][T31367] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1861.877201][T31367] Node 0 DMA32: 3983*4kB (UME) 2754*8kB (UM) 1425*16kB (UME) 1491*32kB (UME) 565*64kB (UME) 659*128kB (UME) 665*256kB (UM) 374*512kB (UME) 143*1024kB (UME) 29*2048kB (UME) 99*4096kB (UM) = 1202044kB
[ 1861.897005][T31367] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1861.908667][T31367] Node 1 Normal: 118*4kB (UME) 55*8kB (UME) 49*16kB (UME) 190*32kB (UME) 56*64kB (UME) 11*128kB (UM) 4*256kB (UME) 7*512kB (UM) 3*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3895264kB
[ 1861.926926][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1861.933046][T31367] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1861.942701][T31367] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1861.952040][T31367] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1861.961654][T31367] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1861.970974][T31367] 66058 total pagecache pages
[ 1861.976868][T31367] 0 pages in swap cache
[ 1861.981122][T31367] Free swap  = 124996kB
[ 1861.985276][T31367] Total swap = 124996kB
[ 1861.989422][T31367] 2097051 pages RAM
[ 1861.993243][T31367] 0 pages HighMem/MovableOnly
[ 1861.997944][T31367] 423866 pages reserved
[ 1862.002130][T31367] 0 pages cma reserved
[ 1863.938772][   T56] usb 4-1: USB disconnect, device number 47
[ 1864.111454][T31373] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8166'.
[ 1864.508662][T31380] bridge0: port 1(vlan3) entered blocking state
[ 1864.567387][T31380] bridge0: port 1(vlan3) entered disabled state
[ 1864.643206][T31380] vlan3: entered allmulticast mode
[ 1864.714929][T31380] bridge0: entered allmulticast mode
[ 1864.734842][T31380] vlan3: left allmulticast mode
[ 1864.762621][T31380] bridge0: left allmulticast mode
[ 1864.981326][T31383] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1866.512347][T31403] /dev/nullb0: Can't open blockdev
[ 1871.241033][T31432] netlink: 156 bytes leftover after parsing attributes in process `syz.3.8185'.
[ 1871.527498][T31436] syzkaller0: entered promiscuous mode
[ 1871.540314][T31436] syzkaller0: entered allmulticast mode
[ 1872.600406][  T975] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[ 1872.809844][  T975] usb 4-1: Using ep0 maxpacket: 8
[ 1872.828582][  T975] usb 4-1: config 11 has an invalid interface number: 95 but max is 0
[ 1872.889104][  T975] usb 4-1: config 11 has no interface number 0
[ 1872.925352][  T975] usb 4-1: config 11 interface 95 altsetting 64 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1873.063053][  T975] usb 4-1: config 11 interface 95 has no altsetting 0
[ 1873.137170][  T975] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d
[ 1873.198540][  T975] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1873.224441][  T975] usb 4-1: Product: syz
[ 1873.228871][  T975] usb 4-1: Manufacturer: syz
[ 1873.241451][  T975] usb 4-1: SerialNumber: syz
[ 1874.478538][  T975] usbtouchscreen 4-1:11.95: probe with driver usbtouchscreen failed with error -8
[ 1874.655683][T31468] netlink: 'syz.1.8197': attribute type 11 has an invalid length.
[ 1875.074833][  T975] usb 4-1: USB disconnect, device number 48
[ 1880.167209][T31523] /dev/nullb0: Can't open blockdev
[ 1881.174006][T31543] Invalid ELF header magic: != ELF
[ 1883.753495][T31562] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1885.942397][T31569] warn_alloc: 1 callbacks suppressed
[ 1885.942413][T31569] syz.5.8231: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x404dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_RETRY_MAYFAIL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1885.967966][T31569] CPU: 1 UID: 0 PID: 31569 Comm: syz.5.8231 Not tainted syzkaller #0 PREEMPT(full) 
[ 1885.967991][T31569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1885.968003][T31569] Call Trace:
[ 1885.968013][T31569]  <TASK>
[ 1885.968023][T31569]  dump_stack_lvl+0x189/0x250
[ 1885.968055][T31569]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1885.968080][T31569]  ? __pfx__printk+0x10/0x10
[ 1885.968098][T31569]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1885.968122][T31569]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1885.968147][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968168][T31569]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1885.968194][T31569]  warn_alloc+0x214/0x310
[ 1885.968219][T31569]  ? __pfx_warn_alloc+0x10/0x10
[ 1885.968243][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968265][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968286][T31569]  ? __get_vm_area_node+0x28f/0x300
[ 1885.968315][T31569]  ? veth_dev_init+0x363/0x570
[ 1885.968338][T31569]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1885.968366][T31569]  ? veth_newlink+0x5cc/0xa50
[ 1885.968405][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968426][T31569]  ? alloc_pages_mpol+0x3cd/0x4a0
[ 1885.968456][T31569]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1885.968484][T31569]  ? __kasan_kmalloc_large+0x1c/0xa0
[ 1885.968515][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968535][T31569]  ? rcu_is_watching+0x15/0xb0
[ 1885.968557][T31569]  ? veth_dev_init+0x363/0x570
[ 1885.968575][T31569]  ? veth_dev_init+0x363/0x570
[ 1885.968592][T31569]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1885.968622][T31569]  ? veth_dev_init+0x363/0x570
[ 1885.968641][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968668][T31569]  veth_dev_init+0x363/0x570
[ 1885.968694][T31569]  register_netdevice+0x6bf/0x1ae0
[ 1885.968731][T31569]  ? snprintf+0xda/0x120
[ 1885.968761][T31569]  ? __pfx_register_netdevice+0x10/0x10
[ 1885.968789][T31569]  ? __pfx_snprintf+0x10/0x10
[ 1885.968818][T31569]  ? __asan_memset+0x22/0x50
[ 1885.968846][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.968866][T31569]  ? dev_addr_mod+0x2ce/0x3d0
[ 1885.968897][T31569]  veth_newlink+0x5cc/0xa50
[ 1885.968919][T31569]  ? __pfx_veth_newlink+0x10/0x10
[ 1885.968937][T31569]  ? css_rstat_updated+0x23a/0x4f0
[ 1885.968963][T31569]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1885.969033][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969054][T31569]  ? validate_linkmsg+0x765/0x950
[ 1885.969077][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969101][T31569]  ? __pfx_veth_newlink+0x10/0x10
[ 1885.969122][T31569]  rtnl_newlink_create+0x310/0xb00
[ 1885.969151][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969172][T31569]  ? __lock_acquire+0xab9/0xd20
[ 1885.969194][T31569]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1885.969222][T31569]  ? __pfx___mutex_lock+0x10/0x10
[ 1885.969243][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969273][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969294][T31569]  ? ns_capable+0x8a/0xf0
[ 1885.969318][T31569]  rtnl_newlink+0x16d6/0x1c70
[ 1885.969341][T31569]  ? netlink_sendmsg+0x805/0xb30
[ 1885.969375][T31569]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1885.969464][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969485][T31569]  ? __lock_acquire+0xab9/0xd20
[ 1885.969515][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969545][T31569]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1885.969566][T31569]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1885.969591][T31569]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1885.969612][T31569]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1885.969632][T31569]  ? ref_tracker_free+0x63a/0x7d0
[ 1885.969652][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969673][T31569]  ? __asan_memcpy+0x40/0x70
[ 1885.969695][T31569]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1885.969713][T31569]  ? __skb_clone+0x63/0x7a0
[ 1885.969748][T31569]  netlink_rcv_skb+0x208/0x470
[ 1885.969771][T31569]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1885.969794][T31569]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1885.969831][T31569]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1885.969860][T31569]  netlink_unicast+0x82f/0x9e0
[ 1885.969887][T31569]  ? __pfx_netlink_unicast+0x10/0x10
[ 1885.969909][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969929][T31569]  ? skb_put+0x11b/0x210
[ 1885.969951][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.969976][T31569]  netlink_sendmsg+0x805/0xb30
[ 1885.970007][T31569]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1885.970032][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970053][T31569]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1885.970073][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970094][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970115][T31569]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1885.970139][T31569]  __sock_sendmsg+0x21c/0x270
[ 1885.970161][T31569]  ____sys_sendmsg+0x505/0x830
[ 1885.970202][T31569]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1885.970247][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970270][T31569]  ? import_iovec+0x74/0xa0
[ 1885.970300][T31569]  ___sys_sendmsg+0x21f/0x2a0
[ 1885.970329][T31569]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1885.970361][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970408][T31569]  ? __fget_files+0x2a/0x420
[ 1885.970425][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970446][T31569]  ? __fget_files+0x3a0/0x420
[ 1885.970474][T31569]  __x64_sys_sendmsg+0x19b/0x260
[ 1885.970502][T31569]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1885.970544][T31569]  ? do_syscall_64+0xbe/0x3b0
[ 1885.970571][T31569]  do_syscall_64+0xfa/0x3b0
[ 1885.970592][T31569]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1885.970611][T31569]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1885.970629][T31569]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1885.970650][T31569]  ? exc_page_fault+0x9f/0xf0
[ 1885.970672][T31569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1885.970690][T31569] RIP: 0033:0x7f961038eec9
[ 1885.970708][T31569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1885.970724][T31569] RSP: 002b:00007f9611292038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1885.970743][T31569] RAX: ffffffffffffffda RBX: 00007f96105e5fa0 RCX: 00007f961038eec9
[ 1885.970757][T31569] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1885.970769][T31569] RBP: 00007f9610411f91 R08: 0000000000000000 R09: 0000000000000000
[ 1885.970780][T31569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1885.970792][T31569] R13: 00007f96105e6038 R14: 00007f96105e5fa0 R15: 00007ffe3b15edd8
[ 1885.970820][T31569]  </TASK>
[ 1886.593110][T31569] Mem-Info:
[ 1886.596216][T31569] active_anon:5100 inactive_anon:0 isolated_anon:0
[ 1886.596216][T31569]  active_file:24069 inactive_file:40750 isolated_file:0
[ 1886.596216][T31569]  unevictable:768 dirty:168 writeback:0
[ 1886.596216][T31569]  slab_reclaimable:12389 slab_unreclaimable:107574
[ 1886.596216][T31569]  mapped:36663 shmem:1353 pagetables:1438
[ 1886.596216][T31569]  sec_pagetables:0 bounce:0
[ 1886.596216][T31569]  kernel_misc_reclaimable:0
[ 1886.596216][T31569]  free:1279662 free_pcp:10976 free_cma:0
[ 1886.641676][T31569] Node 0 active_anon:20400kB inactive_anon:0kB active_file:96276kB inactive_file:162804kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:146652kB dirty:672kB writeback:0kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11764kB pagetables:5600kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1886.686983][T31569] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1886.878577][T31569] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1886.907939][T31569] lowmem_reserve[]: 0 2505 2506 2506 2506
[ 1886.914349][T31569] Node 0 DMA32 free:1200072kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31964kB inactive_anon:0kB active_file:96276kB inactive_file:162476kB unevictable:1536kB writepending:672kB present:3129332kB managed:2565916kB mlocked:0kB bounce:0kB free_pcp:22300kB local_pcp:5268kB free_cma:0kB
[ 1886.946806][T31569] lowmem_reserve[]: 0 0 0 0 0
[ 1886.952068][T31569] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1886.985557][T31569] lowmem_reserve[]: 0 0 0 0 0
[ 1886.990892][T31569] Node 1 Normal free:3895264kB boost:0kB min:55572kB low:69464kB high:83356kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17284kB local_pcp:12308kB free_cma:0kB
[ 1887.023201][T31569] lowmem_reserve[]: 0 0 0 0 0
[ 1887.028443][T31569] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1887.042392][T31569] Node 0 DMA32: 1614*4kB (UE) 786*8kB (UME) 1309*16kB (UME) 1341*32kB (UME) 599*64kB (UME) 685*128kB (UME) 662*256kB (UM) 361*512kB (UME) 136*1024kB (UME) 38*2048kB (UME) 104*4096kB (UM) = 1199992kB
[ 1887.065381][T31569] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1887.077969][T31569] Node 1 Normal: 118*4kB (UME) 55*8kB (UME) 49*16kB (UME) 190*32kB (UME) 56*64kB (UME) 11*128kB (UM) 4*256kB (UME) 7*512kB (UM) 3*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3895264kB
[ 1887.102098][T31569] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1887.111971][T31569] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1887.121407][T31569] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1887.131258][T31569] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1887.140733][T31569] 68918 total pagecache pages
[ 1887.145501][T31569] 0 pages in swap cache
[ 1887.149715][T31569] Free swap  = 124996kB
[ 1887.154009][T31569] Total swap = 124996kB
[ 1887.158228][T31569] 2097051 pages RAM
[ 1887.163937][T31569] 0 pages HighMem/MovableOnly
[ 1887.168720][T31569] 423866 pages reserved
[ 1887.173024][T31569] 0 pages cma reserved
[ 1888.776446][T31575] syzkaller0: entered promiscuous mode
[ 1889.012744][T31575] syzkaller0: entered allmulticast mode
[ 1889.099136][T31576] tipc: Started in network mode
[ 1889.104885][T31576] tipc: Node identity e2cb5173aa87, cluster identity 4711
[ 1889.115418][T31576] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1889.196417][T31573] tipc: Resetting bearer <eth:syzkaller0>
[ 1889.276105][T31572] tipc: Resetting bearer <eth:syzkaller0>
[ 1889.455709][T31572] tipc: Disabling bearer <eth:syzkaller0>
[ 1903.994789][T31621] warn_alloc: 1 callbacks suppressed
[ 1903.994806][T31621] syz.8.8246: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x404dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_RETRY_MAYFAIL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1904.045203][T31621] CPU: 0 UID: 0 PID: 31621 Comm: syz.8.8246 Not tainted syzkaller #0 PREEMPT(full) 
[ 1904.045235][T31621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1904.045248][T31621] Call Trace:
[ 1904.045256][T31621]  <TASK>
[ 1904.045266][T31621]  dump_stack_lvl+0x189/0x250
[ 1904.045298][T31621]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1904.045323][T31621]  ? __pfx__printk+0x10/0x10
[ 1904.045341][T31621]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1904.045366][T31621]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1904.045391][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.045412][T31621]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1904.045438][T31621]  warn_alloc+0x214/0x310
[ 1904.045463][T31621]  ? __pfx_warn_alloc+0x10/0x10
[ 1904.045488][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.045509][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.045530][T31621]  ? __get_vm_area_node+0x28f/0x300
[ 1904.045559][T31621]  ? veth_dev_init+0x363/0x570
[ 1904.045583][T31621]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1904.045612][T31621]  ? veth_newlink+0x5cc/0xa50
[ 1904.045650][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.045671][T31621]  ? alloc_pages_mpol+0x3cd/0x4a0
[ 1904.045701][T31621]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1904.045730][T31621]  ? __kasan_kmalloc_large+0x1c/0xa0
[ 1904.045761][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.045782][T31621]  ? rcu_is_watching+0x15/0xb0
[ 1904.045803][T31621]  ? veth_dev_init+0x363/0x570
[ 1904.045822][T31621]  ? veth_dev_init+0x363/0x570
[ 1904.045844][T31621]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1904.045876][T31621]  ? veth_dev_init+0x363/0x570
[ 1904.045896][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.045923][T31621]  veth_dev_init+0x363/0x570
[ 1904.045949][T31621]  register_netdevice+0x6bf/0x1ae0
[ 1904.045987][T31621]  ? snprintf+0xda/0x120
[ 1904.046017][T31621]  ? __pfx_register_netdevice+0x10/0x10
[ 1904.046045][T31621]  ? __pfx_snprintf+0x10/0x10
[ 1904.046073][T31621]  ? __asan_memset+0x22/0x50
[ 1904.046096][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046116][T31621]  ? dev_addr_mod+0x2ce/0x3d0
[ 1904.046147][T31621]  veth_newlink+0x5cc/0xa50
[ 1904.046170][T31621]  ? __pfx_veth_newlink+0x10/0x10
[ 1904.046187][T31621]  ? css_rstat_updated+0x23a/0x4f0
[ 1904.046214][T31621]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1904.046283][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046304][T31621]  ? validate_linkmsg+0x765/0x950
[ 1904.046326][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046351][T31621]  ? __pfx_veth_newlink+0x10/0x10
[ 1904.046372][T31621]  rtnl_newlink_create+0x310/0xb00
[ 1904.046401][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046422][T31621]  ? __lock_acquire+0xab9/0xd20
[ 1904.046444][T31621]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1904.046472][T31621]  ? __pfx___mutex_lock+0x10/0x10
[ 1904.046492][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046522][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046543][T31621]  ? ns_capable+0x8a/0xf0
[ 1904.046566][T31621]  rtnl_newlink+0x16d6/0x1c70
[ 1904.046590][T31621]  ? netlink_sendmsg+0x805/0xb30
[ 1904.046623][T31621]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1904.046712][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046733][T31621]  ? __lock_acquire+0xab9/0xd20
[ 1904.046763][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046792][T31621]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1904.046813][T31621]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1904.046843][T31621]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1904.046864][T31621]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1904.046884][T31621]  ? ref_tracker_free+0x63a/0x7d0
[ 1904.046904][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.046925][T31621]  ? __asan_memcpy+0x40/0x70
[ 1904.046947][T31621]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1904.046965][T31621]  ? __skb_clone+0x63/0x7a0
[ 1904.047000][T31621]  netlink_rcv_skb+0x208/0x470
[ 1904.047023][T31621]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1904.047047][T31621]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1904.047079][T31621]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1904.047108][T31621]  netlink_unicast+0x82f/0x9e0
[ 1904.047136][T31621]  ? __pfx_netlink_unicast+0x10/0x10
[ 1904.047157][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047178][T31621]  ? skb_put+0x11b/0x210
[ 1904.047199][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047225][T31621]  netlink_sendmsg+0x805/0xb30
[ 1904.047256][T31621]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1904.047281][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047301][T31621]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1904.047322][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047342][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047364][T31621]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1904.047387][T31621]  __sock_sendmsg+0x21c/0x270
[ 1904.047410][T31621]  ____sys_sendmsg+0x505/0x830
[ 1904.047441][T31621]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1904.047475][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047495][T31621]  ? import_iovec+0x74/0xa0
[ 1904.047524][T31621]  ___sys_sendmsg+0x21f/0x2a0
[ 1904.047552][T31621]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1904.047584][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047631][T31621]  ? __fget_files+0x2a/0x420
[ 1904.047648][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047669][T31621]  ? __fget_files+0x3a0/0x420
[ 1904.047696][T31621]  __x64_sys_sendmsg+0x19b/0x260
[ 1904.047724][T31621]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1904.047759][T31621]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.047780][T31621]  ? rcu_is_watching+0x15/0xb0
[ 1904.047806][T31621]  ? do_syscall_64+0xbe/0x3b0
[ 1904.047836][T31621]  do_syscall_64+0xfa/0x3b0
[ 1904.047860][T31621]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1904.047877][T31621]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1904.047901][T31621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1904.047920][T31621] RIP: 0033:0x7ff6c758eec9
[ 1904.047937][T31621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1904.047954][T31621] RSP: 002b:00007ff6c84ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1904.047973][T31621] RAX: ffffffffffffffda RBX: 00007ff6c77e6090 RCX: 00007ff6c758eec9
[ 1904.047987][T31621] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[ 1904.047999][T31621] RBP: 00007ff6c7611f91 R08: 0000000000000000 R09: 0000000000000000
[ 1904.048011][T31621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1904.048023][T31621] R13: 00007ff6c77e6128 R14: 00007ff6c77e6090 R15: 00007ffe870b06c8
[ 1904.048052][T31621]  </TASK>
[ 1904.700262][T31621] Mem-Info:
[ 1904.703392][T31621] active_anon:4937 inactive_anon:0 isolated_anon:0
[ 1904.703392][T31621]  active_file:24069 inactive_file:40756 isolated_file:0
[ 1904.703392][T31621]  unevictable:770 dirty:157 writeback:0
[ 1904.703392][T31621]  slab_reclaimable:12373 slab_unreclaimable:109265
[ 1904.703392][T31621]  mapped:44873 shmem:1353 pagetables:1487
[ 1904.703392][T31621]  sec_pagetables:0 bounce:0
[ 1904.703392][T31621]  kernel_misc_reclaimable:0
[ 1904.703392][T31621]  free:1276378 free_pcp:12081 free_cma:0
[ 1904.748980][T31621] Node 0 active_anon:19824kB inactive_anon:0kB active_file:96276kB inactive_file:162828kB unevictable:1544kB isolated(anon):0kB isolated(file):0kB mapped:179492kB dirty:592kB writeback:0kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11856kB pagetables:5796kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1904.791622][T31621] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1904.823681][T31621] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1904.853226][T31621] lowmem_reserve[]: 0 2505 2506 2506 2506
[ 1904.859062][T31621] Node 0 DMA32 free:1194760kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19788kB inactive_anon:0kB active_file:96276kB inactive_file:162500kB unevictable:1544kB writepending:592kB present:3129332kB managed:2565916kB mlocked:8kB bounce:0kB free_pcp:30688kB local_pcp:16380kB free_cma:0kB
[ 1904.892708][T31621] lowmem_reserve[]: 0 0 0 0 0
[ 1904.897509][T31621] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1904.926419][T31621] lowmem_reserve[]: 0 0 0 0 0
[ 1904.931273][T31621] Node 1 Normal free:3895264kB boost:0kB min:55572kB low:69464kB high:83356kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17284kB local_pcp:4976kB free_cma:0kB
[ 1904.963092][T31621] lowmem_reserve[]: 0 0 0 0 0
[ 1904.967900][T31621] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1904.981367][T31621] Node 0 DMA32: 4434*4kB (UME) 1004*8kB (UME) 938*16kB (UME) 1145*32kB (UME) 597*64kB (UME) 684*128kB (UME) 659*256kB (UM) 359*512kB (UME) 138*1024kB (UME) 35*2048kB (UME) 104*4096kB (UM) = 1194664kB
[ 1905.001701][T31621] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1905.020522][T31621] Node 1 Normal: 118*4kB (UME) 55*8kB (UME) 49*16kB (UME) 190*32kB (UME) 56*64kB (UME) 11*128kB (UM) 4*256kB (UME) 7*512kB (UM) 3*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3895264kB
[ 1905.039173][T31621] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1905.048963][T31621] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1905.058445][T31621] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1905.068221][T31621] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1905.077725][T31621] 66074 total pagecache pages
[ 1905.083418][T31621] 0 pages in swap cache
[ 1905.087603][T31621] Free swap  = 124996kB
[ 1905.091897][T31621] Total swap = 124996kB
[ 1905.096125][T31621] 2097051 pages RAM
[ 1905.099961][T31621] 0 pages HighMem/MovableOnly
[ 1905.110523][T31621] 423866 pages reserved
[ 1905.114725][T31621] 0 pages cma reserved
[ 1907.187938][T31650] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1907.939593][T31695] gfs2: not a GFS2 filesystem
[ 1912.618415][T31736] netlink: 'syz.1.8271': attribute type 11 has an invalid length.
[ 1913.030188][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1913.095709][  T975] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1913.309536][  T975] usb 9-1: Using ep0 maxpacket: 8
[ 1913.797841][  T975] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1913.810819][T31745] netlink: 'syz.3.8275': attribute type 1 has an invalid length.
[ 1913.837435][  T975] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1913.905368][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1913.938121][  T975] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1913.979665][  T975] pvrusb2: **********
[ 1913.994012][  T975] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1914.044715][  T975] pvrusb2: Important functionality might not be entirely working.
[ 1914.094430][  T975] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1914.147080][  T975] pvrusb2: **********
[ 1914.175835][ T2338] pvrusb2: Invalid write control endpoint
[ 1914.211047][ T5933] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1914.317743][ T2338] pvrusb2: Invalid write control endpoint
[ 1914.343252][ T2338] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1914.415425][ T2338] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1914.423158][ T5933] usb 7-1: Using ep0 maxpacket: 16
[ 1914.482115][ T5933] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1914.499321][ T2338] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1914.515083][ T5933] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1914.525744][ T2338] pvrusb2: Device being rendered inoperable
[ 1914.532884][ T5933] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1914.546942][ T2338] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[ 1914.557498][ T5933] usb 7-1: config 0 descriptor??
[ 1914.564298][ T2338] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1914.582157][ T2338] pvrusb2: Attached sub-driver cx25840
[ 1914.587945][ T2338] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1914.598107][ T2338] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1915.846938][T16579] usb 9-1: USB disconnect, device number 2
[ 1916.110133][T31760] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8280'.
[ 1916.123677][ T5933] mcp2221 0003:04D8:00DD.0017: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[ 1916.631636][T31748] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1916.652509][T31748] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1917.471141][T31748] i2c i2c-1: unsupported multi-msg i2c transaction
[ 1917.494131][T16579] usb 7-1: USB disconnect, device number 10
[ 1919.976410][T31786] netlink: 68 bytes leftover after parsing attributes in process `syz.8.8285'.
[ 1921.446739][T31741] warn_alloc: 1 callbacks suppressed
[ 1921.446756][T31741] syz.7.8274: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x404dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_RETRY_MAYFAIL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1921.482122][T31741] CPU: 0 UID: 0 PID: 31741 Comm: syz.7.8274 Not tainted syzkaller #0 PREEMPT(full) 
[ 1921.482156][T31741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1921.482171][T31741] Call Trace:
[ 1921.482180][T31741]  <TASK>
[ 1921.482188][T31741]  dump_stack_lvl+0x189/0x250
[ 1921.482219][T31741]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1921.482244][T31741]  ? __pfx__printk+0x10/0x10
[ 1921.482263][T31741]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1921.482287][T31741]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1921.482312][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.482333][T31741]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1921.482359][T31741]  warn_alloc+0x214/0x310
[ 1921.482385][T31741]  ? __pfx_warn_alloc+0x10/0x10
[ 1921.482410][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.482432][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.482453][T31741]  ? __get_vm_area_node+0x28f/0x300
[ 1921.482482][T31741]  ? veth_dev_init+0x363/0x570
[ 1921.482506][T31741]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1921.482535][T31741]  ? veth_newlink+0x5cc/0xa50
[ 1921.482574][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.482595][T31741]  ? alloc_pages_mpol+0x3cd/0x4a0
[ 1921.482625][T31741]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1921.482654][T31741]  ? __kasan_kmalloc_large+0x1c/0xa0
[ 1921.482685][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.482705][T31741]  ? rcu_is_watching+0x15/0xb0
[ 1921.482727][T31741]  ? veth_dev_init+0x363/0x570
[ 1921.482745][T31741]  ? veth_dev_init+0x363/0x570
[ 1921.482763][T31741]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1921.482792][T31741]  ? veth_dev_init+0x363/0x570
[ 1921.482812][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.482839][T31741]  veth_dev_init+0x363/0x570
[ 1921.482872][T31741]  register_netdevice+0x6bf/0x1ae0
[ 1921.482910][T31741]  ? snprintf+0xda/0x120
[ 1921.482941][T31741]  ? __pfx_register_netdevice+0x10/0x10
[ 1921.482969][T31741]  ? __pfx_snprintf+0x10/0x10
[ 1921.482997][T31741]  ? __asan_memset+0x22/0x50
[ 1921.483020][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483041][T31741]  ? dev_addr_mod+0x2ce/0x3d0
[ 1921.483072][T31741]  veth_newlink+0x5cc/0xa50
[ 1921.483094][T31741]  ? __pfx_veth_newlink+0x10/0x10
[ 1921.483111][T31741]  ? css_rstat_updated+0x23a/0x4f0
[ 1921.483137][T31741]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1921.483208][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483228][T31741]  ? validate_linkmsg+0x765/0x950
[ 1921.483252][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483276][T31741]  ? __pfx_veth_newlink+0x10/0x10
[ 1921.483297][T31741]  rtnl_newlink_create+0x310/0xb00
[ 1921.483326][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483347][T31741]  ? __lock_acquire+0xab9/0xd20
[ 1921.483369][T31741]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1921.483398][T31741]  ? __pfx___mutex_lock+0x10/0x10
[ 1921.483418][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483449][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483470][T31741]  ? ns_capable+0x8a/0xf0
[ 1921.483493][T31741]  rtnl_newlink+0x16d6/0x1c70
[ 1921.483517][T31741]  ? netlink_sendmsg+0x805/0xb30
[ 1921.483551][T31741]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1921.483641][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483662][T31741]  ? __lock_acquire+0xab9/0xd20
[ 1921.483692][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483721][T31741]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1921.483743][T31741]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1921.483768][T31741]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1921.483789][T31741]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1921.483809][T31741]  ? ref_tracker_free+0x63a/0x7d0
[ 1921.483829][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.483850][T31741]  ? __asan_memcpy+0x40/0x70
[ 1921.483877][T31741]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1921.483895][T31741]  ? __skb_clone+0x63/0x7a0
[ 1921.483930][T31741]  netlink_rcv_skb+0x208/0x470
[ 1921.483952][T31741]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1921.483976][T31741]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1921.484008][T31741]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1921.484038][T31741]  netlink_unicast+0x82f/0x9e0
[ 1921.484066][T31741]  ? __pfx_netlink_unicast+0x10/0x10
[ 1921.484087][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484108][T31741]  ? skb_put+0x11b/0x210
[ 1921.484129][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484154][T31741]  netlink_sendmsg+0x805/0xb30
[ 1921.484186][T31741]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1921.484210][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484231][T31741]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1921.484252][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484273][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484294][T31741]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1921.484317][T31741]  __sock_sendmsg+0x21c/0x270
[ 1921.484339][T31741]  ____sys_sendmsg+0x505/0x830
[ 1921.484370][T31741]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1921.484404][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484425][T31741]  ? import_iovec+0x74/0xa0
[ 1921.484454][T31741]  ___sys_sendmsg+0x21f/0x2a0
[ 1921.484482][T31741]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1921.484514][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484561][T31741]  ? __fget_files+0x2a/0x420
[ 1921.484578][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484599][T31741]  ? __fget_files+0x3a0/0x420
[ 1921.484626][T31741]  __x64_sys_sendmsg+0x19b/0x260
[ 1921.484655][T31741]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1921.484690][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484711][T31741]  ? rcu_is_watching+0x15/0xb0
[ 1921.484736][T31741]  ? do_syscall_64+0xbe/0x3b0
[ 1921.484762][T31741]  do_syscall_64+0xfa/0x3b0
[ 1921.484783][T31741]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1921.484803][T31741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1921.484821][T31741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1921.484842][T31741]  ? exc_page_fault+0x9f/0xf0
[ 1921.484867][T31741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1921.484886][T31741] RIP: 0033:0x7fd31098eec9
[ 1921.484903][T31741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1921.484919][T31741] RSP: 002b:00007fd31174c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1921.484940][T31741] RAX: ffffffffffffffda RBX: 00007fd310be6090 RCX: 00007fd31098eec9
[ 1921.484955][T31741] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[ 1921.484970][T31741] RBP: 00007fd310a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 1921.484982][T31741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1921.484993][T31741] R13: 00007fd310be6128 R14: 00007fd310be6090 R15: 00007ffe0881c188
[ 1921.485022][T31741]  </TASK>
[ 1921.485030][T31741] Mem-Info:
[ 1921.851807][T31796] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8287'.
[ 1922.144003][T31741] active_anon:4570 inactive_anon:0 isolated_anon:0
[ 1922.144003][T31741]  active_file:23712 inactive_file:41119 isolated_file:0
[ 1922.144003][T31741]  unevictable:768 dirty:53 writeback:0
[ 1922.144003][T31741]  slab_reclaimable:12380 slab_unreclaimable:109220
[ 1922.144003][T31741]  mapped:35662 shmem:1353 pagetables:1505
[ 1922.144003][T31741]  sec_pagetables:0 bounce:0
[ 1922.144003][T31741]  kernel_misc_reclaimable:0
[ 1922.144003][T31741]  free:1276195 free_pcp:12125 free_cma:0
[ 1922.194559][T31741] Node 0 active_anon:18280kB inactive_anon:0kB active_file:94848kB inactive_file:164280kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:142648kB dirty:212kB writeback:0kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11856kB pagetables:5868kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1922.227703][T31741] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1922.257677][T31741] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1922.287170][T31741] lowmem_reserve[]: 0 2505 2506 2506 2506
[ 1922.296201][T31741] Node 0 DMA32 free:1194100kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18212kB inactive_anon:0kB active_file:94848kB inactive_file:163948kB unevictable:1536kB writepending:216kB present:3129332kB managed:2565916kB mlocked:0kB bounce:0kB free_pcp:30352kB local_pcp:9768kB free_cma:0kB
[ 1922.329522][T31741] lowmem_reserve[]: 0 0 0 0 0
[ 1922.335075][T31741] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1922.363874][T31741] lowmem_reserve[]: 0 0 0 0 0
[ 1922.368610][T31741] Node 1 Normal free:3895264kB boost:0kB min:55572kB low:69464kB high:83356kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17284kB local_pcp:12308kB free_cma:0kB
[ 1922.408531][T31741] lowmem_reserve[]: 0 0 0 0 0
[ 1922.413471][T31741] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1922.426361][T31741] Node 0 DMA32: 3561*4kB (UME) 1723*8kB (UME) 579*16kB (UME) 1092*32kB (UME) 591*64kB (UME) 680*128kB (UME) 658*256kB (UM) 356*512kB (UME) 136*1024kB (UME) 36*2048kB (UME) 106*4096kB (UM) = 1194988kB
[ 1922.446824][T31741] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1922.460759][T31741] Node 1 Normal: 118*4kB (UME) 55*8kB (UME) 49*16kB (UME) 190*32kB (UME) 56*64kB (UME) 11*128kB (UM) 4*256kB (UME) 7*512kB (UM) 3*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3895264kB
[ 1922.483046][T31741] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1922.493878][T31741] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1922.506179][T31741] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1922.516837][T31741] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1922.526180][T31741] 66080 total pagecache pages
[ 1922.531606][T31741] 0 pages in swap cache
[ 1922.535758][T31741] Free swap  = 124996kB
[ 1922.539906][T31741] Total swap = 124996kB
[ 1922.544388][T31741] 2097051 pages RAM
[ 1922.552648][T31741] 0 pages HighMem/MovableOnly
[ 1922.557328][T31741] 423866 pages reserved
[ 1922.561730][T31741] 0 pages cma reserved
[ 1924.290809][T31745] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1924.328334][T31792] bridge0: port 3(vlan2) entered blocking state
[ 1924.351270][T31792] bridge0: port 3(vlan2) entered disabled state
[ 1924.358273][T31792] vlan2: entered allmulticast mode
[ 1924.374280][T31792] bridge0: entered allmulticast mode
[ 1924.455574][T31792] vlan2: left allmulticast mode
[ 1924.483372][T31792] bridge0: left allmulticast mode
[ 1924.615448][T31795] vlan2: entered promiscuous mode
[ 1924.628003][T31795] vlan2: entered allmulticast mode
[ 1924.634902][T31795] hsr_slave_1: entered allmulticast mode
[ 1925.158931][T31816] netlink: 'syz.1.8292': attribute type 11 has an invalid length.
[ 1925.634266][T31817] Invalid ELF header magic: != ELF
[ 1926.174893][T31822] gfs2: not a GFS2 filesystem
[ 1928.740313][T31837] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1928.750668][T31837] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1928.769657][T31837] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1928.778288][T31837] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1928.790017][T31837] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1928.880743][T31837] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1928.956579][T31837] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1929.030408][T31851] netlink: 68 bytes leftover after parsing attributes in process `syz.5.8299'.
[ 1929.047784][T31837] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1930.460311][T16302] Bluetooth: hci1: command 0x0406 tx timeout
[ 1930.762306][T31861] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8302'.
[ 1930.780413][T16302] Bluetooth: hci3: command 0x0406 tx timeout
[ 1930.787368][T16302] Bluetooth: hci4: command 0x0406 tx timeout
[ 1930.793505][T27056] Bluetooth: hci2: command 0x0406 tx timeout
[ 1930.870495][T31862] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1930.940521][T31862] Bluetooth: hci6: command 0x0405 tx timeout
[ 1931.867005][T31872] netlink: 'syz.6.8305': attribute type 11 has an invalid length.
[ 1932.629951][T31878] vlan2: entered promiscuous mode
[ 1932.686483][T31880] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8307'.
[ 1932.729823][T31878] vlan2: entered allmulticast mode
[ 1932.790295][T31878] hsr_slave_1: entered allmulticast mode
[ 1933.035793][T31862] Bluetooth: hci6: command 0x0405 tx timeout
[ 1935.035077][T31902] netlink: 'syz.1.8313': attribute type 1 has an invalid length.
[ 1935.100327][T31862] Bluetooth: hci6: command 0x0405 tx timeout
[ 1935.467339][T31907] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1937.749169][T31925] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8318'.
[ 1941.924257][T31960] gfs2: not a GFS2 filesystem
[ 1942.181483][T31962] netlink: 68 bytes leftover after parsing attributes in process `syz.3.8326'.
[ 1945.407585][T31987] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1945.420380][T31987] cramfs: wrong magic
[ 1946.691231][T31992] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8334'.
[ 1949.932734][T32026] netlink: 'syz.6.8342': attribute type 11 has an invalid length.
[ 1952.537948][T32033] ptrace attach of "./syz-executor exec"[32036] was attempted by "./syz-executor exec"[32033]
[ 1953.739713][   T56] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1953.858524][T32061] netlink: 68 bytes leftover after parsing attributes in process `syz.5.8352'.
[ 1953.970279][   T56] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1953.994601][   T56] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1954.077866][   T56] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1954.116823][   T56] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1954.146043][   T56] usb 2-1: SerialNumber: syz
[ 1954.467432][   T56] usb 2-1: 0:2 : does not exist
[ 1954.484635][   T56] usb 2-1: unit 255 not found!
[ 1954.529430][T32066] bridge0: port 1(vlan3) entered blocking state
[ 1954.595625][T32066] bridge0: port 1(vlan3) entered disabled state
[ 1954.620670][T32066] vlan3: entered allmulticast mode
[ 1954.665780][T32066] bridge0: entered allmulticast mode
[ 1954.773351][   T56] usb 2-1: USB disconnect, device number 42
[ 1954.810415][T32066] vlan3: left allmulticast mode
[ 1954.850782][T32066] bridge0: left allmulticast mode
[ 1956.020503][T26482] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1956.215156][T26482] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1956.230848][T26482] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1956.262353][T26482] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1956.441268][T26482] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1956.487928][T26482] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1956.537114][T26482] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1956.566279][T26482] usb 2-1: invalid MIDI out EP 0
[ 1956.742727][T26482] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1957.073243][T32080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1957.082493][T32080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1957.248042][T26482] usb 2-1: USB disconnect, device number 43
[ 1957.256072][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1957.256090][   T30] audit: type=1326 audit(1759213420.810:5651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1957.340406][   T30] audit: type=1326 audit(1759213420.810:5652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1958.150343][   T30] audit: type=1326 audit(1759213420.810:5653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f758d98d710 code=0x7ffc0000
[ 1958.217314][   T30] audit: type=1326 audit(1759213420.820:5654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f758d98eacb code=0x7ffc0000
[ 1958.359830][   T30] audit: type=1326 audit(1759213420.820:5655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f758d98eacb code=0x7ffc0000
[ 1958.382233][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1958.756868][   T30] audit: type=1326 audit(1759213420.840:5656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1958.779433][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1958.816912][   T30] audit: type=1326 audit(1759213420.840:5657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1958.974944][   T30] audit: type=1326 audit(1759213420.840:5658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1959.153766][   T30] audit: type=1326 audit(1759213420.840:5659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1959.393267][   T30] audit: type=1326 audit(1759213420.840:5660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32070 comm="syz.1.8354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 1959.680044][T32095] loop7: detected capacity change from 0 to 2048
[ 1959.687344][T32095] udf: Bad value for 'session'
[ 1960.196173][T32096] loop7: detected capacity change from 0 to 512
[ 1961.211356][T32096] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1961.382381][T32096] EXT4-fs (loop7): 1 orphan inode deleted
[ 1961.453973][T32096] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1965.015283][T28283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1969.387546][T32163] bridge0: port 3(vlan2) entered blocking state
[ 1969.418069][T32163] bridge0: port 3(vlan2) entered disabled state
[ 1969.478420][T32163] vlan2: entered allmulticast mode
[ 1969.536784][T32163] bridge0: entered allmulticast mode
[ 1969.610829][T32163] vlan2: left allmulticast mode
[ 1970.090972][T32163] bridge0: left allmulticast mode
[ 1970.686639][T32177] vivid-007: =================  START STATUS  =================
[ 1970.704760][T32177] vivid-007: Enable Output Cropping: true
[ 1970.719288][T32177] vivid-007: Enable Output Composing: true
[ 1970.739109][T32177] vivid-007: Enable Output Scaler: true
[ 1970.753039][T32177] vivid-007: Tx RGB Quantization Range: Automatic
[ 1970.769357][T32177] vivid-007: Transmit Mode: HDMI
[ 1970.783571][T32177] vivid-007: Hotplug Present: 0x00000000
[ 1970.797534][T32177] vivid-007: RxSense Present: 0x00000000
[ 1970.811404][T32177] vivid-007: EDID Present: 0x00000000
[ 1970.826348][T32177] vivid-007: ==================  END STATUS  ==================
[ 1971.310628][T32180] loop6: detected capacity change from 0 to 2048
[ 1971.351169][T32180] udf: Bad value for 'session'
[ 1971.700286][    T9] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1971.946792][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1972.012142][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1972.121704][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1972.160296][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1972.205921][    T9] usb 2-1: SerialNumber: syz
[ 1972.457238][    T9] usb 2-1: 0:2 : does not exist
[ 1972.501056][    T9] usb 2-1: unit 255 not found!
[ 1972.730676][    T9] usb 2-1: USB disconnect, device number 44
[ 1975.482011][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.832192][T32224] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1977.335406][T32227] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8395'.
[ 1983.016262][T32260] loop8: detected capacity change from 0 to 2048
[ 1983.071258][T32260] udf: Bad value for 'session'
[ 1984.611855][T32276] loop7: detected capacity change from 0 to 256
[ 1984.644413][T32278] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1984.655479][T32278] cramfs: wrong magic
[ 1984.673344][T32276] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1984.790409][T32276] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[ 1984.860896][T32279] loop8: detected capacity change from 0 to 512
[ 1985.006187][T32276] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1985.057599][T32279] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1985.068822][T32279] EXT4-fs (loop8): 1 orphan inode deleted
[ 1985.081902][T32279] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1987.652145][T30948] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1992.494767][T32339] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1994.946134][T32367] loop6: detected capacity change from 0 to 256
[ 1995.041994][T32367] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1995.436472][T32367] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[ 1995.449888][T32370] loop3: detected capacity change from 0 to 2048
[ 1995.555190][T32370] udf: Bad value for 'session'
[ 1996.046557][T32367] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1997.413097][T32389] netlink: 'syz.1.8435': attribute type 11 has an invalid length.
[ 1999.912463][T32408] tipc: Started in network mode
[ 1999.941179][T32408] tipc: Node identity 72c15eb3c3df, cluster identity 4711
[ 1999.954438][T32408] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2000.041715][T32408] syzkaller0: entered promiscuous mode
[ 2000.047547][T32408] syzkaller0: entered allmulticast mode
[ 2000.293742][T32408] tipc: Resetting bearer <eth:syzkaller0>
[ 2000.347286][T32407] tipc: Resetting bearer <eth:syzkaller0>
[ 2000.730049][T32407] tipc: Disabling bearer <eth:syzkaller0>
[ 2001.101815][T32417] bridge0: port 3(vlan2) entered blocking state
[ 2001.125113][T32417] bridge0: port 3(vlan2) entered disabled state
[ 2001.145524][T32417] vlan2: entered allmulticast mode
[ 2001.157056][T32417] bridge0: entered allmulticast mode
[ 2001.188013][T32417] vlan2: left allmulticast mode
[ 2001.214885][T32417] bridge0: left allmulticast mode
[ 2001.376378][T32422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8445'.
[ 2001.786460][T32428] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8447'.
[ 2002.334067][T32435] netlink: 'syz.3.8448': attribute type 11 has an invalid length.
[ 2003.415318][T32442] loop3: detected capacity change from 0 to 2048
[ 2003.653358][T32442] udf: Bad value for 'session'
[ 2004.139286][T32439] vivid-007: =================  START STATUS  =================
[ 2004.147308][T32439] vivid-007: Enable Output Cropping: true
[ 2004.153360][T32439] vivid-007: Enable Output Composing: true
[ 2004.159289][T32439] vivid-007: Enable Output Scaler: true
[ 2004.165004][T32439] vivid-007: Tx RGB Quantization Range: Automatic
[ 2004.171562][T32439] vivid-007: Transmit Mode: HDMI
[ 2004.182887][T32439] vivid-007: Hotplug Present: 0x00000000
[ 2004.188724][T32439] vivid-007: RxSense Present: 0x00000000
[ 2004.194558][T32439] vivid-007: EDID Present: 0x00000000
[ 2004.405368][T32439] vivid-007: ==================  END STATUS  ==================
[ 2008.420404][T32485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8461'.
[ 2011.919229][T32509] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8467'.
[ 2014.156841][T32517] loop7: detected capacity change from 0 to 2048
[ 2014.238170][T32517] udf: Bad value for 'session'
[ 2014.249234][T32519] loop6: detected capacity change from 0 to 512
[ 2014.312642][T32519] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2014.380539][T32519] EXT4-fs (loop6): 1 truncate cleaned up
[ 2014.391673][T32519] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2014.697859][T32532] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8475'.
[ 2015.759862][T27676] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2016.443717][T32543] loop6: detected capacity change from 0 to 256
[ 2016.451557][T32543] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2016.463052][T32543] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[ 2016.500045][T32543] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 2016.818708][T32547] netlink: 'syz.3.8481': attribute type 1 has an invalid length.
[ 2017.269582][T32552] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 2017.342203][T32547] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2017.471634][T32562] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8484'.
[ 2017.503616][T32563] Invalid ELF header magic: != ELF
[ 2018.656850][T32567] vlan3: entered promiscuous mode
[ 2018.661350][T32570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8486'.
[ 2018.710490][T32567] vlan3: entered allmulticast mode
[ 2018.726659][T32567] hsr_slave_1: entered allmulticast mode
[ 2020.084816][T32584] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8490'.
[ 2020.870582][T32590] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8491'.
[ 2024.592771][T32617] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8500'.
[ 2026.808575][T32629] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8503'.
[ 2027.489428][T32639] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8506'.
[ 2030.069174][T32646] vivid-007: =================  START STATUS  =================
[ 2030.078391][T32646] vivid-007: Enable Output Cropping: true
[ 2030.084376][T32646] vivid-007: Enable Output Composing: true
[ 2030.090333][T32646] vivid-007: Enable Output Scaler: true
[ 2030.095944][T32646] vivid-007: Tx RGB Quantization Range: Automatic
[ 2030.102492][T32646] vivid-007: Transmit Mode: HDMI
[ 2030.107497][T32646] vivid-007: Hotplug Present: 0x00000000
[ 2030.113438][T32646] vivid-007: RxSense Present: 0x00000000
[ 2030.119712][T32646] vivid-007: EDID Present: 0x00000000
[ 2030.125308][T32646] vivid-007: ==================  END STATUS  ==================
[ 2030.769955][T32673] netlink: 'syz.6.8514': attribute type 11 has an invalid length.
[ 2031.140308][T22634] Bluetooth: hci6: command 0x0405 tx timeout
[ 2032.687952][T32685] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8517'.
[ 2034.000229][T26482] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 2034.005571][T32705] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8522'.
[ 2034.319416][T26482] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2034.334015][T26482] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 2034.345613][T26482] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[ 2034.407583][T26482] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2034.431217][T26482] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2034.595651][T26482] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2034.888115][T26482] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -12
[ 2035.307614][T32714] loop3: detected capacity change from 0 to 512
[ 2035.333793][T32714] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 2035.367962][T32699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2035.378395][T32699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2035.418819][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 2035.418841][   T30] audit: type=1326 audit(1759213499.110:5668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2035.455452][T26482] usb 2-1: USB disconnect, device number 45
[ 2035.515742][   T30] audit: type=1326 audit(1759213499.110:5669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f758d98d710 code=0x7ffc0000
[ 2035.526767][T32714] EXT4-fs (loop3): 1 truncate cleaned up
[ 2035.688705][T32714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2035.839763][   T30] audit: type=1326 audit(1759213499.110:5670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f758d98eacb code=0x7ffc0000
[ 2036.064787][   T30] audit: type=1326 audit(1759213499.110:5671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f758d98eacb code=0x7ffc0000
[ 2036.087739][   T30] audit: type=1326 audit(1759213499.130:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2036.111222][   T30] audit: type=1326 audit(1759213499.130:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2036.812702][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 2036.847982][T27055] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2036.945114][   T30] audit: type=1326 audit(1759213499.130:5674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2037.038651][   T30] audit: type=1326 audit(1759213499.130:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2037.174757][   T30] audit: type=1326 audit(1759213499.140:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2037.657694][   T30] audit: type=1326 audit(1759213499.140:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32694 comm="syz.1.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f758d98eec9 code=0x7ffc0000
[ 2038.532146][T32747] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8533'.
[ 2040.017169][T32757] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8536'.
[ 2041.318296][T32767] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8540'.
[ 2044.894980][  T335] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 1, id = 0
[ 2048.386389][  T357] netlink: 20 bytes leftover after parsing attributes in process `syz.8.8555'.
[ 2048.584361][  T366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8559'.
[ 2050.697666][  T395] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 1, id = 0
[ 2051.626887][T31862] Bluetooth: hci1: unexpected event for opcode 0xcb0a
[ 2051.817823][  T418] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8573'.
[ 2053.814808][  T449] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8582'.
[ 2054.177267][  T452] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2055.242261][T31862] Bluetooth: hci3: unexpected event for opcode 0xcb0a
[ 2056.626226][  T475] loop6: detected capacity change from 0 to 256
[ 2056.711479][  T475] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2056.766790][  T475] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[ 2057.293424][  T475] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 2058.352618][  T491] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2058.362271][  T491] cramfs: wrong magic
[ 2060.883272][  T516] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 2060.883272][  T516]    program syz.3.8602 not setting count and/or reply_len properly
[ 2061.510255][   T56] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 2061.850414][   T56] usb 9-1: Using ep0 maxpacket: 16
[ 2061.859144][   T56] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2061.877557][   T56] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 2061.886782][   T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2062.134442][   T56] usb 9-1: config 0 descriptor??
[ 2062.430490][T23022] usb 4-1: new full-speed USB device number 49 using dummy_hcd
[ 2062.596784][   T56] mcp2221 0003:04D8:00DD.0018: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[ 2062.650583][T23022] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2062.678844][T23022] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 2062.758234][T23022] usb 4-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00
[ 2062.785927][T23022] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2062.806362][T23022] usb 4-1: config 0 descriptor??
[ 2063.017039][  T512] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2063.050979][  T512] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2063.111113][  T512] i2c i2c-1: unsupported multi-msg i2c transaction
[ 2063.360673][T23022] usbhid 4-1:0.0: can't add hid device: -71
[ 2063.371738][T28020] usb 9-1: USB disconnect, device number 3
[ 2063.391874][T23022] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2063.468636][T23022] usb 4-1: USB disconnect, device number 49
[ 2064.219473][  T539] bridge0: port 1(vlan2) entered blocking state
[ 2064.259701][  T539] bridge0: port 1(vlan2) entered disabled state
[ 2064.326254][  T539] vlan2: entered allmulticast mode
[ 2064.361537][  T539] bridge0: entered allmulticast mode
[ 2064.852355][  T539] vlan2: left allmulticast mode
[ 2064.857253][  T539] bridge0: left allmulticast mode
[ 2065.680424][T23022] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[ 2065.840664][  T558] ecryptfs: Unknown parameter 'cache'
[ 2066.494004][T23022] usb 4-1: Using ep0 maxpacket: 32
[ 2066.510649][T23022] usb 4-1: config 0 has an invalid interface number: 89 but max is 0
[ 2066.524941][T23022] usb 4-1: config 0 has no interface number 0
[ 2066.531180][T23022] usb 4-1: config 0 interface 89 has no altsetting 0
[ 2066.544730][T23022] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 2066.563757][T23022] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2066.588224][T23022] usb 4-1: Product: syz
[ 2066.603326][T23022] usb 4-1: Manufacturer: syz
[ 2066.618459][T23022] usb 4-1: SerialNumber: syz
[ 2066.645152][T23022] usb 4-1: config 0 descriptor??
[ 2066.675158][T23022] em28xx 4-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 2066.712310][T23022] em28xx 4-1:0.89: Video interface 89 found: bulk
[ 2067.202683][  T575] Invalid ELF header magic: != ELF
[ 2067.256613][ T5967] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[ 2067.281645][T23022] em28xx 4-1:0.89: unknown em28xx chip ID (0)
[ 2067.453454][ T5967] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2067.469232][ T5967] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 2067.549533][ T5967] usb 2-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00
[ 2067.597082][ T5967] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2067.731543][  T577] gfs2: not a GFS2 filesystem
[ 2068.067839][ T5967] usb 2-1: config 0 descriptor??
[ 2068.268948][T23022] em28xx 4-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 2068.290391][T23022] em28xx 4-1:0.89: board has no eeprom
[ 2068.314446][ T5967] usbhid 2-1:0.0: can't add hid device: -71
[ 2068.340408][ T5967] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2068.372252][ T5967] usb 2-1: USB disconnect, device number 46
[ 2068.405294][T23022] em28xx 4-1:0.89: Identified as Terratec Grabby (card=67)
[ 2068.428213][T23022] em28xx 4-1:0.89: analog set to bulk mode.
[ 2068.464259][    T9] em28xx 4-1:0.89: Registering V4L2 extension
[ 2068.490561][T23022] usb 4-1: USB disconnect, device number 50
[ 2068.510816][T23022] em28xx 4-1:0.89: Disconnecting em28xx
[ 2068.714103][    T9] em28xx 4-1:0.89: Config register raw data: 0xffffffed
[ 2068.738522][    T9] em28xx 4-1:0.89: AC97 chip type couldn't be determined
[ 2068.758800][    T9] em28xx 4-1:0.89: No AC97 audio processor
[ 2068.797443][    T9] usb 4-1: Decoder not found
[ 2068.833770][    T9] em28xx 4-1:0.89: failed to create media graph
[ 2068.850332][    T9] em28xx 4-1:0.89: V4L2 device video103 deregistered
[ 2068.862648][    T9] em28xx 4-1:0.89: Registering snapshot button...
[ 2068.874605][    T9] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.89/input/input41
[ 2069.004816][    T9] em28xx 4-1:0.89: Remote control support is not available for this card.
[ 2069.087213][T23022] em28xx 4-1:0.89: Closing input extension
[ 2069.179325][T23022] em28xx 4-1:0.89: Deregistering snapshot button
[ 2070.177307][T23022] em28xx 4-1:0.89: Freeing device
[ 2070.564395][  T605] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8631'.
[ 2074.316142][  T629] vivid-007: =================  START STATUS  =================
[ 2074.330757][  T629] vivid-007: Enable Output Cropping: true
[ 2074.336539][  T629] vivid-007: Enable Output Composing: true
[ 2074.360256][  T559] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[ 2074.369364][  T629] vivid-007: Enable Output Scaler: true
[ 2074.375225][  T629] vivid-007: Tx RGB Quantization Range: Automatic
[ 2074.382182][  T629] vivid-007: Transmit Mode: HDMI
[ 2074.387555][  T629] vivid-007: Hotplug Present: 0x00000000
[ 2074.398446][  T629] vivid-007: RxSense Present: 0x00000000
[ 2074.418778][  T629] vivid-007: EDID Present: 0x00000000
[ 2074.429475][  T629] vivid-007: ==================  END STATUS  ==================
[ 2074.602510][  T559] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2074.641596][  T559] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 2074.654737][  T559] usb 9-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00
[ 2074.664856][  T559] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2074.695923][  T559] usb 9-1: config 0 descriptor??
[ 2074.927957][  T559] usbhid 9-1:0.0: can't add hid device: -71
[ 2074.957147][  T559] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 2075.000484][  T559] usb 9-1: USB disconnect, device number 4
[ 2076.829873][  T650] Invalid source name
[ 2076.834227][  T650] UBIFS error (pid: 650): cannot open "./file0", error -22
[ 2077.288691][  T559] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 2077.626242][  T654] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2077.890189][  T559] usb 9-1: Using ep0 maxpacket: 16
[ 2078.165063][  T559] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2078.210355][  T559] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 2078.237133][  T559] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2078.301204][  T559] usb 9-1: config 0 descriptor??
[ 2078.846994][  T559] mcp2221 0003:04D8:00DD.0019: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[ 2079.240282][T26482] usb 2-1: new full-speed USB device number 47 using dummy_hcd
[ 2079.317399][  T653] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2079.326814][  T653] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2079.346192][  T653] i2c i2c-1: unsupported multi-msg i2c transaction
[ 2079.355381][ T5933] usb 9-1: USB disconnect, device number 5
[ 2079.512278][T26482] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2079.974651][T26482] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 2080.010344][T26482] usb 2-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00
[ 2080.019432][T26482] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2080.788628][T26482] usb 2-1: config 0 descriptor??
[ 2081.364158][T26482] usbhid 2-1:0.0: can't add hid device: -71
[ 2081.379591][T26482] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2081.390683][T26482] usb 2-1: USB disconnect, device number 47
[ 2082.935073][  T733] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8672'.
[ 2087.770271][  T765] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8683'.
[ 2088.093746][  T775] netlink: 608 bytes leftover after parsing attributes in process `syz.5.8688'.
[ 2088.869764][  T793] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8690'.
[ 2093.456419][  T559] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 2094.530374][  T559] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2094.582503][  T559] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 2094.601730][  T559] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2094.619214][  T559] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2094.670753][  T837] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 2094.682425][  T559] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 2095.213223][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 2095.213245][   T30] audit: type=1326 audit(1759213558.960:5682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2095.247565][  T837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2095.677092][   T30] audit: type=1326 audit(1759213558.990:5683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2095.729700][   T30] audit: type=1326 audit(1759213558.990:5684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9ba6f8d710 code=0x7ffc0000
[ 2095.752925][  T837] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2095.870528][   T30] audit: type=1326 audit(1759213558.990:5685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9ba6f8eacb code=0x7ffc0000
[ 2095.929142][  T559] usb 7-1: USB disconnect, device number 11
[ 2095.963046][   T30] audit: type=1326 audit(1759213558.990:5686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9ba6f8eacb code=0x7ffc0000
[ 2095.997353][   T30] audit: type=1326 audit(1759213559.550:5687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2096.023003][   T30] audit: type=1326 audit(1759213559.550:5688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2096.069754][   T30] audit: type=1326 audit(1759213559.560:5689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2096.172528][   T30] audit: type=1326 audit(1759213559.560:5690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2096.277062][   T30] audit: type=1326 audit(1759213559.570:5691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=835 comm="syz.6.8706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ba6f8eec9 code=0x7ffc0000
[ 2096.380540][    T9] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[ 2096.572913][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2097.089542][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 2097.168971][    T9] usb 2-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00
[ 2097.212490][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2097.252119][    T9] usb 2-1: config 0 descriptor??
[ 2097.530664][    T9] usbhid 2-1:0.0: can't add hid device: -71
[ 2097.536758][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2097.804468][    T9] usb 2-1: USB disconnect, device number 48
[ 2098.228739][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 2101.475924][  T902] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 1, id = 0
[ 2102.352890][  T921] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8732'.
[ 2102.627784][  T936] netlink: 36 bytes leftover after parsing attributes in process `syz.6.8735'.
[ 2104.348086][  T957] loop8: detected capacity change from 0 to 512
[ 2104.422398][  T957] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 2104.685703][  T957] EXT4-fs (loop8): 1 truncate cleaned up
[ 2104.693764][  T957] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2106.219923][T30948] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2107.341279][  T980] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8748'.
[ 2110.740183][  T997] input: syz1 as /devices/virtual/input/input42
[ 2111.640331][    T9] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 2112.240163][    T9] usb 9-1: Using ep0 maxpacket: 8
[ 2112.373202][    T9] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2112.383620][    T9] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[ 2112.396177][    T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 2112.419498][    T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 2112.460415][    T9] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 2112.511710][    T9] usb 9-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 2112.555342][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 2112.600175][    T9] usb 9-1: Product: syz
[ 2112.604381][    T9] usb 9-1: Manufacturer: syz
[ 2112.647675][    T9] usb 9-1: SerialNumber: syz
[ 2112.661264][    T9] usb 9-1: config 0 descriptor??
[ 2113.300839][    T9] radio-si470x 9-1:0.0: si470x_get_report: usb_control_msg returned -110
[ 2113.380655][    T9] radio-si470x 9-1:0.0: probe with driver radio-si470x failed with error -5
[ 2113.415104][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 2113.508470][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 2113.521313][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 2113.528757][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 2113.541616][    T9] usb 9-1: USB disconnect, device number 6
[ 2114.324123][ T1035] overlayfs: missing 'lowerdir'
[ 2115.541843][ T1043] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8763'.
[ 2115.953676][T16579] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 2116.150451][T16579] usb 9-1: Using ep0 maxpacket: 16
[ 2116.175539][T16579] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2116.200212][T16579] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 2116.254220][T16579] usb 9-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2116.298142][ T1063] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2116.313047][ T1063] cramfs: wrong magic
[ 2116.654103][T16579] usb 9-1: config 0 interface 0 has no altsetting 0
[ 2116.681317][T16579] usb 9-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 2116.690504][T16579] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2116.703728][T16579] usb 9-1: Product: syz
[ 2116.719202][T16579] usb 9-1: Manufacturer: syz
[ 2116.728269][T16579] usb 9-1: SerialNumber: syz
[ 2116.752172][T16579] usb 9-1: config 0 descriptor??
[ 2117.535658][ T1047] loop8: detected capacity change from 0 to 128
[ 2117.569688][ T1047] vfat: Unknown parameter '01777777777777777777777'
[ 2117.614161][T16579] usb 9-1: USB disconnect, device number 7
[ 2119.249759][ T1095] trusted_key: encrypted_key: insufficient parameters specified
[ 2119.548243][ T1097] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8778'.
[ 2122.784213][ T1127] netlink: 64 bytes leftover after parsing attributes in process `syz.1.8783'.
[ 2125.202716][ T1147] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8790'.
[ 2125.212930][ T1147] netlink: 9 bytes leftover after parsing attributes in process `syz.1.8790'.
[ 2126.610722][ T1155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8791'.
[ 2129.386327][T22634]  non-paged memory
[ 2129.393203][T22634] list_del corruption, ffff8880539a7580->next is LIST_POISON1 (dead000000000100)
[ 2129.404831][T22634] ------------[ cut here ]------------
[ 2129.410615][T22634] kernel BUG at lib/list_debug.c:58!
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2129.527678][T22634] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[ 2129.534225][T22634] CPU: 0 UID: 0 PID: 22634 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[ 2129.543859][T22634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2129.553916][T22634] Workqueue: hci6 hci_conn_timeout
[ 2129.559055][T22634] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190
[ 2129.566104][T22634] Code: 60 73 9e 8b 48 89 de e8 d0 47 9b fc 90 0f 0b 4c 89 e7 e8 b5 52 74 fd 48 c7 c7 c0 73 9e 8b 48 89 de 4c 89 e2 e8 b3 47 9b fc 90 <0f> 0b 4c 89 e7 e8 98 52 74 fd 48 c7 c7 20 74 9e 8b 48 89 de 4c 89
[ 2129.585721][T22634] RSP: 0018:ffffc9000e76f980 EFLAGS: 00010246
[ 2129.591809][T22634] RAX: 000000000000004e RBX: ffff8880539a7580 RCX: ae3151866baa5300
[ 2129.599776][T22634] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 2129.607835][T22634] RBP: ffffffff8a43a6c0 R08: 0000000000000003 R09: 0000000000000004
[ 2129.615910][T22634] R10: dffffc0000000000 R11: fffffbfff1b7a1d4 R12: dead000000000100
[ 2129.623909][T22634] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122
[ 2129.631902][T22634] FS:  0000000000000000(0000) GS:ffff88812637e000(0000) knlGS:0000000000000000
[ 2129.640866][T22634] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2129.647461][T22634] CR2: 00007f3d44f17d60 CR3: 000000007eb26000 CR4: 0000000000350ef0
[ 2129.655444][T22634] Call Trace:
[ 2129.658731][T22634]  <TASK>
[ 2129.661673][T22634]  hci_cmd_sync_dequeue_once+0x24a/0x370
[ 2129.667341][T22634]  hci_cancel_connect_sync+0xc8/0x120
[ 2129.672737][T22634]  hci_abort_conn+0x191/0x330
[ 2129.677431][T22634]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 2129.683077][T22634]  ? process_scheduled_works+0x9ef/0x17b0
[ 2129.688818][T22634]  process_scheduled_works+0xae1/0x17b0
[ 2129.694403][T22634]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2129.700400][T22634]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 2129.706056][T22634]  worker_thread+0x8a0/0xda0
[ 2129.710680][T22634]  kthread+0x711/0x8a0
[ 2129.714775][T22634]  ? __pfx_worker_thread+0x10/0x10
[ 2129.719902][T22634]  ? __pfx_kthread+0x10/0x10
[ 2129.724516][T22634]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 2129.730169][T22634]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2129.735385][T22634]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 2129.741037][T22634]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2129.746248][T22634]  ? __pfx_kthread+0x10/0x10
[ 2129.750856][T22634]  ret_from_fork+0x439/0x7d0
[ 2129.755632][T22634]  ? __pfx_ret_from_fork+0x10/0x10
[ 2129.760755][T22634]  ? __switch_to_asm+0x39/0x70
[ 2129.765541][T22634]  ? __switch_to_asm+0x33/0x70
[ 2129.770322][T22634]  ? __pfx_kthread+0x10/0x10
[ 2129.774928][T22634]  ret_from_fork_asm+0x1a/0x30
[ 2129.779722][T22634]  </TASK>
[ 2129.782735][T22634] Modules linked in:
[ 2129.787478][T22634] ---[ end trace 0000000000000000 ]---
[ 2130.866010][T22634] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190
[ 2130.873159][T22634] Code: 60 73 9e 8b 48 89 de e8 d0 47 9b fc 90 0f 0b 4c 89 e7 e8 b5 52 74 fd 48 c7 c7 c0 73 9e 8b 48 89 de 4c 89 e2 e8 b3 47 9b fc 90 <0f> 0b 4c 89 e7 e8 98 52 74 fd 48 c7 c7 20 74 9e 8b 48 89 de 4c 89
[ 2130.892945][T22634] RSP: 0018:ffffc9000e76f980 EFLAGS: 00010246
[ 2130.899034][T22634] RAX: 000000000000004e RBX: ffff8880539a7580 RCX: ae3151866baa5300
[ 2130.921707][T22634] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 2130.929704][T22634] RBP: ffffffff8a43a6c0 R08: 0000000000000003 R09: 0000000000000004
[ 2130.950145][T22634] R10: dffffc0000000000 R11: fffffbfff1b7a1d4 R12: dead000000000100
[ 2130.958154][T22634] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122
[ 2130.966299][T22634] FS:  0000000000000000(0000) GS:ffff88812637e000(0000) knlGS:0000000000000000
[ 2130.975498][T22634] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2130.982223][T22634] CR2: 000020000000e000 CR3: 00000000240f9000 CR4: 0000000000350ef0
[ 2130.990230][T22634] Kernel panic - not syncing: Fatal exception
[ 2130.996538][T22634] Kernel Offset: disabled
[ 2131.000854][T22634] Rebooting in 86400 seconds..