last executing test programs:

10m0.672871102s ago: executing program 0 (id=633):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000100)=0x7)

10m0.453970276s ago: executing program 0 (id=637):
pipe2$watch_queue(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000040)=ANY=[@ANYBLOB="01"])
close_range(r0, r1, 0x0)

10m0.252468763s ago: executing program 0 (id=640):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0400"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, 0x0)

9m58.811915073s ago: executing program 0 (id=648):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x5, 0x0, 0x0, 0x0, 0x2000})

9m58.412232209s ago: executing program 0 (id=653):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)

9m58.241480084s ago: executing program 0 (id=654):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000380)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

9m42.82406757s ago: executing program 32 (id=654):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000380)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7m15.616736872s ago: executing program 4 (id=1602):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
inotify_init1(0x0)
rseq(0x0, 0x0, 0x1000000, 0x0)
ioctl$FBIOGETCMAP(0xffffffffffffffff, 0x4604, 0x0)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
clock_gettime(0x0, 0x0)

7m15.224360166s ago: executing program 4 (id=1605):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x2f, &(0x7f00000002c0)="c5469e3602c607ca68b5", 0xa)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xc, 0x7, 0x3, 0x1, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x1, 0x3], 0x8000000, 0x49340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m14.69822571s ago: executing program 4 (id=1610):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/snmp\x00')
preadv(r2, &(0x7f0000001980)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1, 0x96, 0xd)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@mcast2, @in=@private=0xa010100, 0x0, 0x0, 0x4e21, 0x0, 0x2}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9c0, 0x3}, {0xffffbffffffffffc, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@empty, 0x4d3, 0x3c}, 0xa, @in=@multicast2, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x4000000, 0x1}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

7m14.573452739s ago: executing program 4 (id=1613):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x3930c3, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000280)='./file0/file0\x00', 0x0)

7m14.460722351s ago: executing program 4 (id=1615):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x10, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m13.493530216s ago: executing program 4 (id=1622):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

7m13.11080263s ago: executing program 33 (id=1622):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

7m4.311457008s ago: executing program 1 (id=1672):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x40000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000040)={0x2000, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r1, 0xffffffffffffffff, 0x0)

7m4.160380052s ago: executing program 1 (id=1674):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000400)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)='G', 0x1}], 0x1}, 0x480c0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000040)='0', 0x1}], 0x1}, 0x8840)
sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000001980)="d857b36d6efd2f5eb872967392734c119a3706c9a7a27593a8955a655d6259313fd86d7b08ee9fc74b7cf75fb7e7eca8dd80ba8f252cdbcf311fb5ed838294c6fe33f0d7ff629aaf9db3c6d1a7affa075750d5dfd99d2d389437ef5db565dda522246a90023171874440ef97808e8816d8bc006de25f670d26c69b53b17731051e11b1a20d3651455ec03feaae7fe142f5327ed442c40fd5e9a4c43b1a95f3e959c0e3903db1733e6f94effaab06ac27417d8b8fbe230be1aae4ca7a428b1b9fca16cc82a74a8cbe9b4a5c5e93a3d7816cd695b2d4b268e8a5f7384403085c5c0d8ab9b9eb08795fd547dc61f1057bc3533f74c6283edd25770f50684da9cd4680ef73a245695c2d66b7d446d145e1f152e0903c31c9a6fa6acf87c5d362a70624c4dd2c903f21d7ccf0dfb3ca802e22dbd02a1e8ad05c5ecdec69cead54d205c07b16724e76fb629c6d1c31a0e803672658179526d0b04f45a087407daba6fa3da9920605b50314cd563e71def98e7b9abd7cc28f6beedecb3c5eda38fc81fd946e439e4fa138df470e60e771ccd2b117386e68dd5b050ec6fbc0221ba8156d510fe607c95607c254cba3193acccc6e3c1c1f8d84bbca6d23da4ff37a06992f2017de65a56f177b5f8307a129fbc9d5fcd94decf5a83807892f5e94d96b4a95040bf149b795ffe194802b3ee7cd19df2dc13772e332244e5780ecb859771823d543ed645e8d5e074dee1396e0f09f7732069f258e586505a5aae11e120af8a55b33fcefa7811a248250ebd3850e6c40968e19e1475f0bbf722c680be06fc0ecf98aa22215a00b8d5789f78b8f5b1e0b9ecc5a9f80ea964bcc72975555abbedcbfdac58693562e69c1dc1319b3cabd4132447339a97a48aca928bb9cd4372acd54083984b02f33395bc29c16c125a55f7e4ffe69cb2a706afffdfbe4690593d1e4080f6dcb780ba3c18dcc68d215b06dbd27efc0a4f78f9cfa4429597e1771ef93a7ac21bff6420ead1372d082031c72ec2184c1c50d7d3e41fbd6b9195a01e7e6ad7c5a2347ed96c7c9190d13baae3fc783e0330ec76be98659bb46d3dbb672a011517524567094e2467a98be059f59a161d3ab87696f09eb18685622fb8f6a8dfe88466f1a160050010875c1ea8b647bf0e5d1a1106ac01bbb95eedce26a7aca504704eac1bee0064f8e5a105c32132c6e50ca60f2c6829da7f244355ca29ffa116fa009dd18fc03a0b9699b379d11bc4f16f74f3951993849a1e77c5bd0e1050f700378ca52149d88db861d035a059e7f27c3550d8d0026c491496b932a65db94c24ce0c78d0dd71b2f9bcc6d6dba2afc9e363d7cc7514349cd4a137910ed164f2ef575a80b5df238b607520d930cad10693c8dadd50d4b0cedabcd0301b1e130c0d363fdedc54ca2e24786eb0c192054165ab62856b49188ec35b62927004fad8aa98a1589c0b52972f613a04af28ebf9fd530eec3946f323af59e5835bf7080c6791b9fe5ce8cf2b99251ebd08b44daeb7eeea822a030af96e2e10c7f90706d3a9d67a1f2ff4147f97dbbf5c2983b01c22a370f0f1660f207e7d1287f075719d2ae58bef91370b03ed234d5d3d4a59937fdf86ee3bda7e4becc7393ddf944b93ebe796a5dd3ea241d27f5e89b676f1ef1b8638489c4410593bcf5ddf0549040a13c64609ae48a1d5020a58a9fc83235334237761259806f7185478b4a2c94f082318d6ce5892d57628115d0ba42318a89d76fbd55b486aed58a3f7ddbe815e6941a6bc0e730d0e722afd072637f01df998bfdd368ecc347864c4d19bdf0212fc2e2d2c1cc18425ef0be4b6696e5273e6e2fa01ab18304de83f10d858fdd9a3be15ecc73fd71a7e103bcf8bbcb21e1f4428c8798dd27c963acd2ed53d3b739c0350ec6dc3ee9694abca99d8f4c471450a14864d28b7858fc8ecd58726862a98d77e681a8a3f25cdb8bc5ed708221682bc45a18c7c7e42cd90660cec44061d22e", 0x582}], 0x1}, 0x41)

7m4.095669058s ago: executing program 1 (id=1675):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
pselect6(0x517, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280), 0x8})

7m3.028202987s ago: executing program 1 (id=1679):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')

7m2.817139637s ago: executing program 1 (id=1682):
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)

7m0.479707879s ago: executing program 1 (id=1690):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
sendmmsg(r1, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)='l', 0x1}], 0x1}}], 0x1, 0x20000040)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f00000000c0)={0x5000000, 0x0, 0xd, 0x0, 0x0, r1, &(0x7f0000000080)='=', 0x11}])

7m0.154565462s ago: executing program 34 (id=1690):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
sendmmsg(r1, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)='l', 0x1}], 0x1}}], 0x1, 0x20000040)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f00000000c0)={0x5000000, 0x0, 0xd, 0x0, 0x0, r1, &(0x7f0000000080)='=', 0x11}])

5m19.46224994s ago: executing program 6 (id=2029):
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

5m17.869686653s ago: executing program 6 (id=2034):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3e, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x6)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, 0x0)

5m16.25315267s ago: executing program 6 (id=2037):
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0x13}], 0x2)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000740)='net/xfrm_stat\x00')
pread64(r2, &(0x7f0000000080)=""/237, 0xed, 0x5)

5m14.973255862s ago: executing program 6 (id=2041):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r3, &(0x7f0000000040)={0x1f, @any, 0x5}, 0xa)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r4, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
shutdown(r3, 0x1)

5m11.913498146s ago: executing program 6 (id=2046):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x1b)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x0, r1, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x183822, 0x0)
syz_io_uring_setup(0xac9, 0x0, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r5, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1})

5m10.528566006s ago: executing program 6 (id=2049):
r0 = syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x442402, 0x0)
dup(r0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r2, 0x2000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

5m9.84871594s ago: executing program 5 (id=2050):
socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x9)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r0}], 0x2b, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x2, @empty, 0xa098}, {0xa, 0x4e21, 0x8000009, @mcast1}, r2, 0x4040099d}}, 0x48)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

5m9.363237072s ago: executing program 5 (id=2051):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x28, r2, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfff}]}]}, 0x28}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x78, 0x30, 0x9, 0x0, 0x0, {}, [{0x64, 0x1, [@m_skbedit={0x60, 0x1, 0x0, 0x0, {{0xc}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x9}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x2847}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x6}]}, {0x4}, {0xc, 0x8}, {0x5, 0x9, {0x0, 0x1}}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000), 0x8)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x8000}, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x3}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "d57e190d001e6e1d16c1711bbd8adbf65bd846957b378a02340c68117aa1b390", "b0b4170e157cddfb9792c8e37bafb99e319950347e93f4d34870ee24c0ea06d56270e45c8d3e7d708161ba81dd33c54b", "01acae6f69ea1443db8d53af54944d4894a87f20c65bfb8e0c8cfb67", {"38f5e54b3dc7c070b4d66f0f9565df74", "d2653a13d554fee0e7be27c873db314d"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42}, 0xe0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

5m3.684270889s ago: executing program 5 (id=2058):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_dev$MSR(&(0x7f00000001c0), 0x4, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/57, 0xd000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

5m0.953303701s ago: executing program 5 (id=2063):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, 0x0, 0x4004)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000240)={{}, {0x0, 0x3938700}}, 0x0)
r2 = socket$inet6(0xa, 0x80803, 0x87)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040000)
r3 = syz_usb_connect(0x3, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
connect$inet6(r2, &(0x7f00000000c0), 0x1c)

4m57.644803295s ago: executing program 5 (id=2069):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6000, 0x1)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x5}, 0x0)
r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000480), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r5, r3, r4}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}})

4m56.195823232s ago: executing program 5 (id=2070):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000035c0)=@newtaction={0x14, 0x30, 0x800, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24004000}, 0x24048880)
recvmmsg$unix(r4, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)

4m54.429967833s ago: executing program 35 (id=2049):
r0 = syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x442402, 0x0)
dup(r0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r2, 0x2000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

4m39.814155661s ago: executing program 36 (id=2070):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000035c0)=@newtaction={0x14, 0x30, 0x800, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24004000}, 0x24048880)
recvmmsg$unix(r4, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)

49.757949792s ago: executing program 9 (id=2658):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r0 = open(&(0x7f0000000280)='.\x00', 0x2000, 0x0)
fcntl$notify(r0, 0x402, 0x80000018)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x2b, 0xa, 0x110, 0x4, 0x10, 0x1ff, 0x5, 0x0, 0x0, 0x10, 0x3}}, 0x50)
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)

49.487082452s ago: executing program 9 (id=2660):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f000000c340)={0xa802100, 0x0, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, &(0x7f000000c2c0)=[0x0], 0x1}, 0x58)

45.250238767s ago: executing program 9 (id=2683):
syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00')
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0)
getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001001400000008000a"], 0x24}}, 0x0)

44.359706621s ago: executing program 9 (id=2687):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x8)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f0000000040)='.\x00', 0x2)

43.813964766s ago: executing program 9 (id=2690):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x1103, 0x4, @private2, 0x2}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
r4 = dup(r0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x84, &(0x7f00000008c0)={0x0, @in6={{0xa, 0x4e21, 0x0, @empty, 0x4}}, 0x671, 0xd}, 0x90)

41.309231156s ago: executing program 9 (id=2701):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000880)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0xa, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x20000000, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)

40.819483751s ago: executing program 37 (id=2701):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000880)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0xa, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x20000000, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)

27.834765537s ago: executing program 2 (id=2733):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x28000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x20000, 0x100}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x0, 0x2, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffff2a4, 0x2000, 0x2], 0x0, 0x200306})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23.123253409s ago: executing program 2 (id=2739):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r1, 0x2000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$rtc(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

15.762261751s ago: executing program 2 (id=2753):
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000080)=0x3ff)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

13.861279678s ago: executing program 8 (id=2755):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000101020d00"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x3)
ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000000))
sendmsg$NFT_BATCH(r2, 0x0, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a000006"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

12.190355989s ago: executing program 7 (id=2759):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket(0xa, 0x3, 0xfc)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r4, 0x8008551d, 0x0)

9.871341045s ago: executing program 7 (id=2760):
ftruncate(0xffffffffffffffff, 0xc17a)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000026c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}]}}}]}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x8044)
r4 = accept(r1, 0x0, 0x0)
connect$unix(r4, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)

9.869440736s ago: executing program 3 (id=2761):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e1d}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000012d, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x3c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x8004890)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c000280080001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4000, 0x0, @mcast2, 0x5}, 0x1c)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

9.518358256s ago: executing program 8 (id=2762):
socket$pppl2tp(0x18, 0x1, 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000000180))
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

8.373456359s ago: executing program 3 (id=2763):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000380)=0x20700, 0x4)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
wait4(r2, 0x0, 0x8, &(0x7f0000000380))
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x4, 0x0, 0x30, r0}, 0x10)

7.009723963s ago: executing program 8 (id=2764):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

6.916470598s ago: executing program 2 (id=2765):
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x2, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)}, 0x0)

6.897052085s ago: executing program 7 (id=2766):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_procfs(0x0, &(0x7f0000000200)='stat\x00')
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
lseek(r3, 0x1000801, 0x0)
getdents64(r3, 0xffffffffffffffff, 0x43)

6.895968025s ago: executing program 3 (id=2767):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x18)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='bond0\x00', 0x10)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x80, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x133}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xcd}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x80}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r3, &(0x7f0000000000)={0x0, 0xffffffffffffffab, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)

5.271949321s ago: executing program 8 (id=2768):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.821178409s ago: executing program 7 (id=2769):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000005c0)=@abs={0x0, 0x0, 0x20004e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
preadv2(r3, 0x0, 0x0, 0x8, 0x0, 0x28)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pipe2$watch_queue(0x0, 0x80)

4.820306454s ago: executing program 3 (id=2770):
socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000000), 0x2, 0x101102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
r1 = userfaultfd(0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

3.86356829s ago: executing program 2 (id=2771):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
fspick(0xffffffffffffffff, 0x0, 0x1)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

3.817158262s ago: executing program 8 (id=2772):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
close(0xffffffffffffffff)
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x2e288501978821b, 0x80)
r2 = socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r3, 0xffffffffffffffff, 0x0)

2.801973398s ago: executing program 7 (id=2773):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r1, r0, 0x0, 0x207b)

2.587762787s ago: executing program 2 (id=2774):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
timerfd_gettime(0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

2.504948659s ago: executing program 8 (id=2775):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000240))
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x4000050, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x7, 0x9)
write$P9_RWRITE(r5, &(0x7f0000000040)={0xb}, 0x11000)
read(r4, &(0x7f0000032440)=""/102364, 0x18fdc)
write$bt_hci(r5, &(0x7f0000000300)={0x1, @delete_stored_link_key={{0xc12, 0x7}, {@none, 0x2}}}, 0xb)

2.457382186s ago: executing program 3 (id=2776):
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={0x6, 0x7, 0x3})
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6002, &(0x7f0000000000)=0x3, 0x7, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x1f, &(0x7f0000000180)=""/110, &(0x7f00000002c0)=0x6e)

73.40312ms ago: executing program 3 (id=2777):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000580))
syz_usb_connect(0x3, 0x46, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
r4 = syz_open_dev$tty1(0xc, 0x4, 0x2)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000001180)="6cd84ee85d5b38e5d35e2c1b4134f0119cb0d7e984db8598f0e8bae85264323187558085045092f64997828eac51a3c51e6a454083a2f47e4c45f53ed6849903ebdecadc7250180e43407e3c8d2a111876f1806479eaf69adcae70a70af0266eea1f751821c6714f9cfc5c1c65e454db6c732e51be80e840e73fe3dbbec656e69c13e8a6df33ed8224ef869d82f5c46b60f5ef4e7bf7030e1d57cbd76c68eed2fd5ae81a0371071f033830e4dac38809bff5a93e2f6ee1afdc987d5fbf3c49b58aca3bba4c811558563cd25e80af76e10925f0698e0f97dcb96dee7a4e93b2d50ece37ee9f2ea356cc60758d5ead2aef85c41cb7fac4f34fbaff4f8bac6b2f910159c5a0840fc2c2a0066de1e81c785e4d0fe09b6641faa7c47c93ccb8263a948a27076eacdcd1a8f4478f34285b7803529c4d388a36a45044fac3f18c7064065db10caf6f429b78de15e72a3251dde63339d4a519c97c3f90f76d8d51edd72e62bcb7e2e77c606f031104479e310c49d7c2223f728c60a942b5d7bc69baa03af908cb018965b866067b39af4eb7221aefad54c61c08c093489954d01922a4afb9724fdcbf178ffd260bae2ec9c7824179ee4633481e6e7c61514966160f6663d63dd0d8736ae9defd80ef4d4f68625fb27c263bcb96a15ece750c69e938a3bc7ec4d4bae98bb79819bff89cc208aae1ec62b4fa653252c67e581c18e491dd79f6d699fc0ce9137e77ab8987ab35c7abc3a913c5de2153884560deb12e5628d4274bb62270093d49005ab438f79671eae39d0e20126f8b0da217dba7cdf9dc348a3e52197186da1ebbb9a1a29976bb78ef00ea58c2ffd01b135d6172a8c87c49be8122320151af4f9dbc12afc142ff73de39a63cbd6d155157bef956abd062949e574727900483aa41c543840d0d7fbfa53f494ea37ee405abfcba0f33e7ba0ef9ba89c616341603d4c7d6e1fa2a3b1aa13ad7c9c7b6b16cab97b2b91eef366c61ee0767faba6d0b78bd6daf4b6aebd2d6048f8f595babd01de05cad14a64fff729a23066fb918c54d54128e5eada304b16e134fb2ed99d4efe4966404b0dba83bd57cb76c6d5156ffaf3df7db6d9a9c6ea014c96aed99f016f50b49c4f5ea5276ff635f46f37aaac517be5e61a43831f918b5443208e5f6b6eed403cba96b7fb91a8cad4fb6c5586e18a53954f7e962f8a7f64dde64d6951e0b454e0dc808bdd1b5a16f6785c27021803e4a8f2127ca589e1d8974fcf973cc3189cad5fcd78a9be6a752198e160998e6f221b123d4b530ec90d15e3554c7a404b6cff47213dc71b1eeb8903ff6c21b9326ec6111cdee47ce60a38f9374a7fa415428ced2599dd7581cbf452725b57eafde50ea2b380e2f842e79f45b63b0c0507ad76aeca5e4daa10518f511c2b14c5790aa6436c03eacc6613f0e2f4c615ea2242cb1025c5d77004bd26642eac0df9e135f2c86f254978209c5d6dae9b3a74916530741d071da3f79883454cb967105425ab127549dcf9d3a2ff6e752491fd181a7960561b6f6cdd39fd0e9a1feb6ae8a970b768b57e16d15f2dfa17d44b08b3089cb3271df3992a30236f2e34d41a892f083d574cc66e57a7f91bb0e07d0ff326ca1b7f54f150fc18e92b245f9cd816a806147e6ba27a907bac1a49cb921748dbf1b8e575ef3820602583954108146a74f46b0eb03dd5b0ab1b8605a091f7d05cfb5de5b8b70690162f43fe312640df0166bcd4538d67d94d92c5b787d74770689214dbfd76577abbf7e7705a57504d488e4eaac4a2324efa996d9176dad0666c4921f45baf8368c78742532202934831f57ec1dfd974fc9128918ae96579257324f63f353439eea037f44e6617114f862bef214a77569ced2e3df25e977cdb257000026c638f2a4a9e80fada09d3260df553a091225091d858c6abe90e34c138f47e71ec72d5e25815f31f77cf4ee820bf665cfe0804e5b0ef0d0e2f9434cf157e56e27eacbca45c1730c65d31f8f5d9311d9e9ef67cb54f49778a9fce7a284362accc7a0d5b456567086fc0ad1c6aee2b704f14f05e9d0e4672fcf721bc694b5174f6ebdb97ecb72367ad17b8a5ec795f0dca8b42a8ef3765eedb2af44edd8c6124257e11e7ecfad68436411636699b7acf603efc4f6490af4d23faaaa2bd4c9faf8c61dfc12dc80e88d9c3201d4f2c8d65f0e8c8859d91c0be9cc2d627d5d52f1b089f456b30e0f3aaece2c4536e3415d877122d77117de5ee3f5a6b1ebeb624e64d6ee487b82c4e4a59171400878178ec13fd38c9932b3d935700b42c25e11e2b198811370dc84c7772a9d2ff7ac40153a3bb5493623fb5c48e49ec50b42894dc7d6a91ff9d68f62bb6753ff86a6a37f390bf68805fa3ba9c65585a4a037f4997290dfbd3a6b24de38775faa723990acb524a90deaa636f7eecbad960150791428e42be2a8ec06d64a7c101aaeb7188a8c1cd5a233fe5d2d4582a27abdca694ce62cbec3ec1c8528a3e78031ae6e390df9fc7f8a2638905205fc8685f126b4460454f672caf9a24448e3c0f0517b1b79e5fba47906c395e14296bcb006a4a7a631eb7ef68abbcd5ceefc303a5293c82037e86071ea8d3b6bb22b42a44cbf048f1c5fd79a8330955564886bab8673d04cfaaffa133825199dfc133f77a7cc0a36d37b38091912a7d80c569940c6e2b5feffaf2fd0dd82659c760d822f8629fba3098d7e533339a34042a955b3be6d007c616e4c13eeccba6f87a5de21b2dda7a3a6ff43e82cafe34a5666f3b705808c2fa285b5e8dac0f78e9cc95bacbe018178ca7c5107326b0567ef6abf9b180d47dfe30864793db6dcd7b944c05d0c059c86b176e7a0e7f5726a9318a131d850dc4335d5938917e1b4fed1a0ce22b6e49905d599d133e17da9174f0fcd4d34d4ddb938545ae042af60d113bbfe878407936be8a2b4224478fa0fb2be211a789c95844ee5160de9001abb0e9e401e1218a60a781807de4198f67ecfc38fa93e046cfb920c23cde38d2568950e3396804f6ec81317ab0cefb90ea63a2f14146a6fa36a45600491e3361e90a539b8179e18d36688f405e3deedbc146ba353b812c88683152b64f06b11988635e95b419f21bc655250b7c896b2b06000f9e6e699c96b68e3798cdd1bdf8919bb62a9b61616633ec7249925c45e886fb93af85258fe16bbb380c6872b2ec84d4c8d30cadda25b0eb58d285e50cd19983e0d434604af85d692a8feed9a229e38c019bd4269cdea4fd31593cef43cbfec75304a405c46904e2a7ea7bbda177597e2fca6ce9dade9069d633603cc4986ab4e23d5ac3e9d911f87bd45e820a2a63f915539dee5e1e87bb00ca9032a6f28bea28ecfee8c4c26a007f7a32d17d2ebfb7a564981cff34a704f887feec685d16d4b56fe85129bc953c3b791b2d0849a513df6df1bb81215d456c4578e4db1920c8cd6740bab66380b4ee866f07119586f3fad489f781757a2e2ecc5e8210167fc0fa095e1b56f6eb7144d63f0eeaf50ac7340718db3a3003fe31b83a6efc2b8956f55a36f99cc1562edf6f477a82afbfe7c3b697e7b54a21f4832d3f9c1ce6e0af7a241ee38de1fbc7c02a1172a0b3da13d1c2ef623ab522bd6d5902b9d7d6df49eb3d1c2c2f5fc8dd589fd6d8eecca5cb5d0dc0942ddbf5bcb7b86da27df7e6402a298bfdce48dcc0f01dd74baa8203fef0e81e1b2db2343966f5d2cdd920c3a583386122fc1241e514496c1e4de6df95e71b186d22552fb3ad92b84aac1ea3a0b47a37e55adac82c5aa68c19d2756e5284add838ca507b1f678dad52bcb944d0f5f1057b74d9664ba6cd1408e676da1abcdf486235271b02355c7a78967972833cf5686a3e412e9af05baa9764669fc0a42371530233782cfc05953a9fc568adb8854dbfd560e469fe7ad67dc0e535dce286c41886c339d57f3dad264653e66a2cff47c4602d8b74bad233f0b5955a4f453e3e00ff444710d34ca37cadb6b3d9a2303c7bf8f1336a563b3ac0a26972857486ae7d92533c3b16eafc2cb175b8496ae223508589872db9203b209ef2dcaf2326d766137f2435a38602e41d3405e4c3254859037b1b5eb945cf84f7ccacc531675efdf1911f833e4138bfda4cae329a8b20dcd63747c7ae195059b1f59cd36b116402c3eb349e6fbae350b24d2a408fef61c201dc48e6f3c60fa78d20b26a3493df538a0c94770636ffbb0b6250f2f7bbb80d34af278a8c783df7a7463117e7d512579ee5562722ef4812e48b3b55209c749b1fa77fb3960722ad8444d9480bba30ced122b640af676fa186f1be033423318a7c1788185bde34cebbdd47e13eb6e6c949ea4bba411964440735664448934984f7dac58bf7024b8e71b88df7e0cb1b76bc0cef7522809a36ec2bc067dfab803b4ee8821baa5e557edc716d8bf002c9e8aab78e1a5af8bc58078fa256d3321a55481f36f45fb508a397e757d7b7b287830e362888b7cbff976bc70698024d838e5dba6e6813152a178c80180b306b2f4eb8cbe40f800bcbce51a845b6fcf70f225b90bc34bc36f68dd2b64c1b389e0a9f744615bfdcd683e8d850c635a295b6db75dbf1b8b072454d91eb08381e1018ea625462d52d44b2ea064ae6f5922fba6d326711a0ddbf091a885", 0xcd3}], 0x1)

0s ago: executing program 7 (id=2778):
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000)
pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

kernel console output (not intermixed with test programs):

verrun
[  522.225536][    C1] vkms_vblank_simulate: vblank timer overrun
[  522.296135][    T9] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  522.302355][ T5888] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  522.388589][T11467] Process accounting resumed
[  522.451441][    T9] usb 8-1: config 0 has no interfaces?
[  522.453018][    T9] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  522.453048][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  522.453071][    T9] usb 8-1: SerialNumber: syz
[  522.484138][    C1] vkms_vblank_simulate: vblank timer overrun
[  522.529838][    T9] usb 8-1: config 0 descriptor??
[  522.876395][    C1] vkms_vblank_simulate: vblank timer overrun
[  522.934001][ T3535] bridge_slave_1: left allmulticast mode
[  522.934033][ T3535] bridge_slave_1: left promiscuous mode
[  522.934312][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.022612][    C1] vkms_vblank_simulate: vblank timer overrun
[  523.572338][    C1] vkms_vblank_simulate: vblank timer overrun
[  523.829183][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  523.829361][ T5813] Bluetooth: hci1: command tx timeout
[  523.949814][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  524.072286][ T3535] bridge_slave_0: left allmulticast mode
[  524.072313][ T3535] bridge_slave_0: left promiscuous mode
[  524.072501][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  525.128839][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.168419][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  525.233435][ T5937] usb 8-1: USB disconnect, device number 5
[  525.939123][ T5813] Bluetooth: hci1: command tx timeout
[  526.223554][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  526.594648][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.738482][    C1] vkms_vblank_simulate: vblank timer overrun
[  527.047234][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  527.090540][    C1] vkms_vblank_simulate: vblank timer overrun
[  528.034150][    C1] vkms_vblank_simulate: vblank timer overrun
[  528.037089][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  528.287759][    C1] vkms_vblank_simulate: vblank timer overrun
[  528.337322][    C1] vkms_vblank_simulate: vblank timer overrun
[  528.545109][    C1] vkms_vblank_simulate: vblank timer overrun
[  529.352831][    C1] vkms_vblank_simulate: vblank timer overrun
[  529.365014][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  529.511517][    C1] vkms_vblank_simulate: vblank timer overrun
[  529.541063][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  529.748738][    C1] vkms_vblank_simulate: vblank timer overrun
[  529.752406][T11517] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2110'.
[  530.098233][    C1] vkms_vblank_simulate: vblank timer overrun
[  530.114274][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  530.154466][    C1] vkms_vblank_simulate: vblank timer overrun
[  530.219417][    C1] vkms_vblank_simulate: vblank timer overrun
[  530.249483][T11526] overlayfs: failed to clone upperpath
[  530.329044][    C1] vkms_vblank_simulate: vblank timer overrun
[  530.506996][    C1] vkms_vblank_simulate: vblank timer overrun
[  530.745232][    C1] vkms_vblank_simulate: vblank timer overrun
[  530.832646][    C1] vkms_vblank_simulate: vblank timer overrun
[  531.590880][    C1] vkms_vblank_simulate: vblank timer overrun
[  532.269939][    C1] vkms_vblank_simulate: vblank timer overrun
[  532.358161][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  532.732319][    C1] vkms_vblank_simulate: vblank timer overrun
[  533.071381][    C1] vkms_vblank_simulate: vblank timer overrun
[  534.306690][   T38] kauditd_printk_skb: 22 callbacks suppressed
[  534.306710][   T38] audit: type=1800 audit(533.735:200): pid=11549 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.2116" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  534.845411][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.882867][    C1] vkms_vblank_simulate: vblank timer overrun
[  535.159232][    C1] vkms_vblank_simulate: vblank timer overrun
[  535.196652][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  535.514553][    C1] vkms_vblank_simulate: vblank timer overrun
[  535.717782][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.178530][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.211755][T11562] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2121'.
[  536.401945][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  536.459438][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.498222][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.661738][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.768190][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.822968][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.873997][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.036815][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.154482][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.205456][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.279236][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.475187][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.512374][    C1] vkms_vblank_simulate: vblank timer overrun
[  537.520099][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.781253][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.497543][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.520770][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.523182][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.579315][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  538.677075][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.685582][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.707965][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  538.733027][T11573] tmpfs: Unsupported parameter 'huge'
[  538.749436][ T3535] bond0 (unregistering): Released all slaves
[  538.805960][T11516] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  538.859323][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.937528][    C1] vkms_vblank_simulate: vblank timer overrun
[  539.084098][    C1] vkms_vblank_simulate: vblank timer overrun
[  539.101559][T11562] team_slave_0: entered promiscuous mode
[  539.101621][T11562] team_slave_1: entered promiscuous mode
[  539.101893][T11562] macvtap1: entered promiscuous mode
[  539.101910][T11562] team0: entered promiscuous mode
[  539.102596][T11562] macvtap1: entered allmulticast mode
[  539.102614][T11562] team0: entered allmulticast mode
[  539.102628][T11562] team_slave_0: entered allmulticast mode
[  539.102649][T11562] team_slave_1: entered allmulticast mode
[  539.104432][T11562] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  539.740243][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.087224][    C1] vkms_vblank_simulate: vblank timer overrun
[  540.127223][T11563] team0: left allmulticast mode
[  540.127251][T11563] team_slave_0: left allmulticast mode
[  540.127272][T11563] team_slave_1: left allmulticast mode
[  540.127315][T11563] team0: left promiscuous mode
[  540.134389][T11563] team_slave_0: left promiscuous mode
[  540.134493][T11563] team_slave_1: left promiscuous mode
[  540.213473][    C1] vkms_vblank_simulate: vblank timer overrun
[  542.173278][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.514603][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.033152][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  545.290789][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.326097][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  545.993292][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.060149][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  546.179766][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.639583][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.815710][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.834890][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.718937][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.820986][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  547.918108][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  547.924275][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  548.219240][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.270923][T11384] chnl_net:caif_netlink_parms(): no params data found
[  549.094369][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.129757][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.156321][T10124] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.157642][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.198590][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.766575][    C1] vkms_vblank_simulate: vblank timer overrun
[  549.968758][T11621] overlayfs: failed to clone upperpath
[  550.110884][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.548160][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.654750][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  550.808204][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.946120][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  551.286575][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.136863][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.549510][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.954180][    C0] net_ratelimit: 1 callbacks suppressed
[  552.954237][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  553.402047][    C1] vkms_vblank_simulate: vblank timer overrun
[  554.168701][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  554.568025][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  554.749520][T11638] syz.2.2139: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  554.749996][T11638] CPU: 0 UID: 0 PID: 11638 Comm: syz.2.2139 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  554.750016][T11638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  554.750029][T11638] Call Trace:
[  554.750038][T11638]  <TASK>
[  554.750046][T11638]  dump_stack_lvl+0x189/0x250
[  554.750077][T11638]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  554.750102][T11638]  ? __pfx_dump_stack_lvl+0x10/0x10
[  554.750128][T11638]  ? __pfx__printk+0x10/0x10
[  554.750147][T11638]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  554.750167][T11638]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  554.750192][T11638]  warn_alloc+0x22e/0x3b0
[  554.750223][T11638]  ? __pfx_warn_alloc+0x10/0x10
[  554.750254][T11638]  ? __get_vm_area_node+0x2bc/0x350
[  554.750276][T11638]  ? vb2_vmalloc_alloc+0xef/0x340
[  554.750300][T11638]  __vmalloc_node_range_noprof+0x690/0x12d0
[  554.750346][T11638]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  554.750372][T11638]  ? __kasan_kmalloc+0x93/0xb0
[  554.750398][T11638]  vmalloc_user_noprof+0xad/0xf0
[  554.750420][T11638]  ? vb2_vmalloc_alloc+0xef/0x340
[  554.750441][T11638]  vb2_vmalloc_alloc+0xef/0x340
[  554.750462][T11638]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  554.750484][T11638]  __vb2_queue_alloc+0x9c2/0x15a0
[  554.750522][T11638]  vb2_core_reqbufs+0xc31/0x1420
[  554.750555][T11638]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  554.750573][T11638]  ? vb2_verify_memory_type+0x1fc/0x570
[  554.750594][T11638]  ? vb2_reqbufs+0x3a9/0x630
[  554.750618][T11638]  v4l2_m2m_ioctl_reqbufs+0x110/0x200
[  554.750645][T11638]  __video_do_ioctl+0xa5c/0xc10
[  554.750674][T11638]  ? __pfx___video_do_ioctl+0x10/0x10
[  554.750706][T11638]  video_usercopy+0x82d/0x1450
[  554.750735][T11638]  ? __pfx___video_do_ioctl+0x10/0x10
[  554.750756][T11638]  ? __pfx_video_usercopy+0x10/0x10
[  554.750775][T11638]  ? smack_file_ioctl+0x2ac/0x340
[  554.750813][T11638]  ? __fget_files+0x3a6/0x420
[  554.750839][T11638]  v4l2_ioctl+0x190/0x1e0
[  554.750867][T11638]  ? __pfx_v4l2_ioctl+0x10/0x10
[  554.750887][T11638]  __se_sys_ioctl+0xff/0x170
[  554.750907][T11638]  do_syscall_64+0xfa/0xfa0
[  554.750929][T11638]  ? lockdep_hardirqs_on+0x9c/0x150
[  554.750951][T11638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.750967][T11638]  ? clear_bhb_loop+0x60/0xb0
[  554.750987][T11638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.751002][T11638] RIP: 0033:0x7f634044f6c9
[  554.751018][T11638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.751033][T11638] RSP: 002b:00007f633e695038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  554.751049][T11638] RAX: ffffffffffffffda RBX: 00007f63406a6090 RCX: 00007f634044f6c9
[  554.751061][T11638] RDX: 0000200000000000 RSI: 00000000c0145608 RDI: 0000000000000005
[  554.751071][T11638] RBP: 00007f63404d1f91 R08: 0000000000000000 R09: 0000000000000000
[  554.751082][T11638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  554.751092][T11638] R13: 00007f63406a6128 R14: 00007f63406a6090 R15: 00007fffe20dd288
[  554.751117][T11638]  </TASK>
[  554.751127][T11638] Mem-Info:
[  554.751134][T11638] active_anon:262 inactive_anon:5576 isolated_anon:0
[  554.751134][T11638]  active_file:6452 inactive_file:46768 isolated_file:0
[  554.751134][T11638]  unevictable:17740 dirty:236 writeback:0
[  554.751134][T11638]  slab_reclaimable:12864 slab_unreclaimable:109220
[  554.751134][T11638]  mapped:31316 shmem:1381 pagetables:1117
[  554.751134][T11638]  sec_pagetables:0 bounce:0
[  554.751134][T11638]  kernel_misc_reclaimable:0
[  554.751134][T11638]  free:1286735 free_pcp:8131 free_cma:0
[  554.751180][T11638] Node 0 active_anon:1048kB inactive_anon:22304kB active_file:25612kB inactive_file:187068kB unevictable:69424kB isolated(anon):0kB isolated(file):0kB mapped:125264kB dirty:944kB writeback:0kB shmem:3988kB kernel_stack:13728kB pagetables:4336kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  554.751219][T11638] Node 1 active_anon:0kB inactive_anon:0kB active_file:196kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  554.751254][T11638] Node 0 DMA free:15356kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  554.751300][T11638] lowmem_reserve[]: 0 2515 2517 2517 2517
[  554.751328][T11638] Node 0 DMA32 free:1228380kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1048kB inactive_anon:22304kB active_file:25612kB inactive_file:187068kB unevictable:69424kB writepending:944kB zspages:0kB present:3129332kB managed:2576092kB mlocked:0kB bounce:0kB free_pcp:32028kB local_pcp:8960kB free_cma:0kB
[  554.751378][T11638] lowmem_reserve[]: 0 0 1 1 1
[  554.751404][T11638] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  554.751450][T11638] lowmem_reserve[]: 0 0 0 0 0
[  554.751474][T11638] Node 1 Normal free:3903204kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:196kB inactive_file:4kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:496kB local_pcp:496kB free_cma:0kB
[  554.751522][T11638] lowmem_reserve[]: 0 0 0 0 0
[  554.751546][T11638] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB
[  554.751666][T11638] Node 0 DMA32: 271*4kB (UME) 36*8kB (ME) 24*16kB (UME) 22*32kB (UME) 83*64kB (UME) 78*128kB (UME) 39*256kB (UME) 5*512kB (UM) 12*1024kB (UM) 7*2048kB (UM) 286*4096kB (M) = 1228380kB
[  554.751786][T11638] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  554.751868][T11638] Node 1 Normal: 29*4kB (UE) 34*8kB (UME) 36*16kB (UME) 203*32kB (UME) 93*64kB (UME) 29*128kB (UME) 10*256kB (UME) 5*512kB (UME) 2*1024kB (UM) 2*2048kB (ME) 946*4096kB (UM) = 3903204kB
[  554.751993][T11638] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  554.752007][T11638] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  554.752020][T11638] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  554.752033][T11638] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  554.752046][T11638] 71569 total pagecache pages
[  554.752055][T11638] 0 pages in swap cache
[  554.752061][T11638] Free swap  = 124996kB
[  554.752067][T11638] Total swap = 124996kB
[  554.752074][T11638] 2097051 pages RAM
[  554.752079][T11638] 0 pages HighMem/MovableOnly
[  554.752084][T11638] 421002 pages reserved
[  554.752090][T11638] 0 pages cma reserved
[  555.017740][   T44] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  555.466539][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.513643][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.525940][   T44] usb 8-1: Using ep0 maxpacket: 32
[  556.096161][    C1] vkms_vblank_simulate: vblank timer overrun
[  556.144445][ T3535] hsr_slave_0: left promiscuous mode
[  556.155546][   T44] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.155572][   T44] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.155601][   T44] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  556.155619][   T44] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.168088][   T44] usb 8-1: config 0 descriptor??
[  556.172883][   T44] hub 8-1:0.0: USB hub found
[  556.261480][ T3535] hsr_slave_1: left promiscuous mode
[  556.262632][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  556.262654][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  556.516113][    C1] vkms_vblank_simulate: vblank timer overrun
[  556.563833][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  556.596552][   T44] hub 8-1:0.0: config failed, can't read hub descriptor (err -22)
[  557.030250][    C1] vkms_vblank_simulate: vblank timer overrun
[  557.086793][   T38] audit: type=1326 audit(556.525:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11652 comm="syz.2.2143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  557.087261][   T38] audit: type=1326 audit(556.525:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11652 comm="syz.2.2143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  557.087576][   T38] audit: type=1326 audit(556.545:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11652 comm="syz.2.2143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f634044df10 code=0x7ffc0000
[  557.508107][    C1] vkms_vblank_simulate: vblank timer overrun
[  557.512702][T11655] tty tty25: ldisc open failed (-12), clearing slot 24
[  557.581159][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  557.716195][    C1] vkms_vblank_simulate: vblank timer overrun
[  557.746161][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  557.746194][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  557.786374][   T44] usbhid 8-1:0.0: can't add hid device: -71
[  557.786527][   T44] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  557.834038][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  557.835106][   T44] usb 8-1: USB disconnect, device number 6
[  558.059507][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  558.061687][ T7748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  558.062877][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  558.402890][    C1] vkms_vblank_simulate: vblank timer overrun
[  558.746827][    C1] vkms_vblank_simulate: vblank timer overrun
[  558.753780][  T991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  559.109338][    C1] vkms_vblank_simulate: vblank timer overrun
[  559.145782][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  560.145965][ T3535] veth1_macvtap: left promiscuous mode
[  560.149057][ T3535] veth0_macvtap: left promiscuous mode
[  560.149318][ T3535] veth1_vlan: left promiscuous mode
[  560.149472][ T3535] veth0_vlan: left promiscuous mode
[  560.153763][    C1] vkms_vblank_simulate: vblank timer overrun
[  560.242327][    C1] vkms_vblank_simulate: vblank timer overrun
[  560.625774][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.102286][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.153557][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  561.410558][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.629276][ T5808] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  561.648187][ T5808] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  561.651396][ T5808] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  561.652709][ T5808] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  561.653559][ T5808] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  561.764132][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.854233][    C1] vkms_vblank_simulate: vblank timer overrun
[  568.128820][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.177319][    C1] vkms_vblank_simulate: vblank timer overrun
[  568.252865][    C1] vkms_vblank_simulate: vblank timer overrun
[  568.369793][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  568.369877][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  568.476348][    C1] vkms_vblank_simulate: vblank timer overrun
[  568.514018][    C1] vkms_vblank_simulate: vblank timer overrun
[  568.938320][T11696] overlayfs: failed to clone upperpath
[  568.943562][    C1] vkms_vblank_simulate: vblank timer overrun
[  569.090746][    C1] vkms_vblank_simulate: vblank timer overrun
[  569.106861][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  569.911246][ T5808] Bluetooth: hci5: command tx timeout
[  569.945907][    C1] vkms_vblank_simulate: vblank timer overrun
[  570.143639][    C1] vkms_vblank_simulate: vblank timer overrun
[  570.165588][    C1] vkms_vblank_simulate: vblank timer overrun
[  570.973528][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.978985][   T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.980026][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.980722][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.104277][T11703] overlayfs: failed to resolve './file1': -2
[  571.249816][    C1] vkms_vblank_simulate: vblank timer overrun
[  571.254454][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.595027][    C1] vkms_vblank_simulate: vblank timer overrun
[  572.449192][T11717] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2156'.
[  572.739465][ T5808] Bluetooth: hci5: command tx timeout
[  572.933371][    C1] vkms_vblank_simulate: vblank timer overrun
[  572.945875][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  572.947609][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  573.061304][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.196362][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.255024][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.391648][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.483721][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.583648][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.724304][    T9] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  573.793677][    C1] vkms_vblank_simulate: vblank timer overrun
[  573.986553][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  574.055530][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  574.055566][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.055590][    T9] usb 3-1: Product: syz
[  574.055606][    T9] usb 3-1: Manufacturer: syz
[  574.055623][    T9] usb 3-1: SerialNumber: syz
[  574.237293][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.319378][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.406070][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.491636][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.569018][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.720814][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.792030][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.794932][T11723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.795458][T11723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.800728][ T5808] Bluetooth: hci5: command tx timeout
[  574.807535][T11723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.808051][T11723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.810948][T11723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.811431][T11723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.860563][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000098. ret = -EPROTO
[  574.860626][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[  574.861142][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  574.861193][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  574.861939][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  574.873530][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.941130][    C1] vkms_vblank_simulate: vblank timer overrun
[  574.962259][    T9] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  574.997210][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.021418][    T9] usb 3-1: USB disconnect, device number 29
[  575.022428][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  575.104292][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.212518][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.254747][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.301121][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.355440][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.411094][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.466477][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.541040][    C1] vkms_vblank_simulate: vblank timer overrun
[  576.017401][    C1] vkms_vblank_simulate: vblank timer overrun
[  576.025847][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  576.056770][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  576.325313][T11730] usb usb9: usbfs: process 11730 (syz.2.2159) did not claim interface 0 before use
[  576.867479][    C1] vkms_vblank_simulate: vblank timer overrun
[  576.872723][ T5808] Bluetooth: hci5: command tx timeout
[  576.924042][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.121421][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.124351][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  577.182631][ T5813] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  577.220449][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.233940][ T5813] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  577.242957][ T5813] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  577.260350][ T5813] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  577.275232][T11734] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  577.312083][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  577.353327][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.406237][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.596728][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  577.860776][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.909230][    C1] vkms_vblank_simulate: vblank timer overrun
[  577.962194][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.005446][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.076044][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.127473][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.137102][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  578.559705][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.562985][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  578.706227][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.841694][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.958138][    C1] vkms_vblank_simulate: vblank timer overrun
[  579.224719][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.259057][    C1] vkms_vblank_simulate: vblank timer overrun
[  579.295939][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.371426][    C1] vkms_vblank_simulate: vblank timer overrun
[  579.564822][    C1] vkms_vblank_simulate: vblank timer overrun
[  579.606581][T11734] Bluetooth: hci6: command tx timeout
[  580.322168][    C1] vkms_vblank_simulate: vblank timer overrun
[  580.487941][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  580.759033][    C1] vkms_vblank_simulate: vblank timer overrun
[  580.859297][    C1] vkms_vblank_simulate: vblank timer overrun
[  581.997329][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.149516][    C1] vkms_vblank_simulate: vblank timer overrun
[  582.151136][T11734] Bluetooth: hci6: command tx timeout
[  582.186002][    C1] vkms_vblank_simulate: vblank timer overrun
[  582.364743][    C1] vkms_vblank_simulate: vblank timer overrun
[  582.378935][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.677184][    C1] vkms_vblank_simulate: vblank timer overrun
[  582.779245][    C1] vkms_vblank_simulate: vblank timer overrun
[  582.952729][    C1] vkms_vblank_simulate: vblank timer overrun
[  583.204195][    C1] vkms_vblank_simulate: vblank timer overrun
[  583.507160][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  583.655697][    C1] vkms_vblank_simulate: vblank timer overrun
[  583.769501][    C1] vkms_vblank_simulate: vblank timer overrun
[  583.849485][    C1] vkms_vblank_simulate: vblank timer overrun
[  583.976613][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.063516][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.129949][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.197528][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.217289][T11734] Bluetooth: hci6: command tx timeout
[  584.270551][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.339101][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.407564][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.465170][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.515205][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.537001][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  584.591646][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.671790][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.716236][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.777748][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.856163][    C1] vkms_vblank_simulate: vblank timer overrun
[  584.937683][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.067513][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.563278][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.636720][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  585.689765][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.699649][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  585.844117][    C1] vkms_vblank_simulate: vblank timer overrun
[  586.032293][    C1] vkms_vblank_simulate: vblank timer overrun
[  586.681667][    C1] vkms_vblank_simulate: vblank timer overrun
[  586.683187][T11734] Bluetooth: hci6: command tx timeout
[  586.953248][    C1] vkms_vblank_simulate: vblank timer overrun
[  587.166056][    C1] vkms_vblank_simulate: vblank timer overrun
[  587.546529][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  587.691449][    C1] vkms_vblank_simulate: vblank timer overrun
[  588.093682][T11677] lo speed is unknown, defaulting to 1000
[  588.256042][    C1] vkms_vblank_simulate: vblank timer overrun
[  588.260872][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.414303][T11784] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2170'.
[  589.224011][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.232760][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  589.470387][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.691814][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  589.742496][T11731] lo speed is unknown, defaulting to 1000
[  590.050969][    C1] vkms_vblank_simulate: vblank timer overrun
[  590.053643][   T44] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  590.356642][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.033824][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.067450][   T44] usb 8-1: Using ep0 maxpacket: 16
[  591.123048][   T44] usb 8-1: device descriptor read/all, error -71
[  591.292283][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.428699][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.568077][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.894602][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.901636][ T6001] IPVS: starting estimator thread 0...
[  592.012228][T11796] IPVS: using max 7 ests per chain, 16800 per kthread
[  592.950238][   T38] audit: type=1326 audit(592.555:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.950303][   T38] audit: type=1326 audit(592.555:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965026][   T38] audit: type=1326 audit(592.565:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965094][   T38] audit: type=1326 audit(592.565:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965145][   T38] audit: type=1326 audit(592.565:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965195][   T38] audit: type=1326 audit(592.565:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965247][   T38] audit: type=1326 audit(592.565:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965297][   T38] audit: type=1326 audit(592.565:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965347][   T38] audit: type=1326 audit(592.565:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  592.965399][   T38] audit: type=1326 audit(592.565:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11800 comm="syz.3.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  593.205138][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.732401][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.180047][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.572682][T11731] chnl_net:caif_netlink_parms(): no params data found
[  594.782207][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.909923][    C1] vkms_vblank_simulate: vblank timer overrun
[  594.981440][    C1] vkms_vblank_simulate: vblank timer overrun
[  595.180054][T11677] chnl_net:caif_netlink_parms(): no params data found
[  595.225402][T11734] Bluetooth: hci4: unexpected event for opcode 0x0419
[  595.266234][    C1] vkms_vblank_simulate: vblank timer overrun
[  595.374924][    C1] vkms_vblank_simulate: vblank timer overrun
[  596.605894][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.759513][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  597.760302][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.823531][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  597.824077][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  598.013800][    C1] vkms_vblank_simulate: vblank timer overrun
[  598.249823][    C1] vkms_vblank_simulate: vblank timer overrun
[  598.481644][    C1] vkms_vblank_simulate: vblank timer overrun
[  598.555144][    C1] vkms_vblank_simulate: vblank timer overrun
[  599.108057][    C1] vkms_vblank_simulate: vblank timer overrun
[  599.165626][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  599.358254][    C1] vkms_vblank_simulate: vblank timer overrun
[  599.360193][T11734] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  599.360503][T11734] Bluetooth: hci4: Injecting HCI hardware error event
[  599.366140][T11734] Bluetooth: hci4: hardware error 0x00
[  600.216566][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.726069][ T6001] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  600.856474][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.875889][ T6001] usb 3-1: Using ep0 maxpacket: 16
[  600.878315][ T6001] usb 3-1: config 0 has an invalid interface number: 246 but max is 0
[  600.878344][ T6001] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  600.878365][ T6001] usb 3-1: config 0 has no interface number 0
[  600.881588][ T6001] usb 3-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice=77.b0
[  600.881621][ T6001] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.881645][ T6001] usb 3-1: Product: syz
[  600.881661][ T6001] usb 3-1: Manufacturer: syz
[  600.881678][ T6001] usb 3-1: SerialNumber: syz
[  600.999367][    C1] vkms_vblank_simulate: vblank timer overrun
[  601.060671][ T6001] usb 3-1: config 0 descriptor??
[  601.371098][    C1] vkms_vblank_simulate: vblank timer overrun
[  601.577108][    C1] vkms_vblank_simulate: vblank timer overrun
[  601.882917][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.907865][    C1] vkms_vblank_simulate: vblank timer overrun
[  601.909104][T11734] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  601.957894][ T6001] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.246/input/input25
[  602.155738][    C1] vkms_vblank_simulate: vblank timer overrun
[  602.199916][ T5155] bcm5974 3-1:0.246: could not read from device
[  602.283116][    C1] vkms_vblank_simulate: vblank timer overrun
[  602.330283][ T6001] usb 3-1: USB disconnect, device number 30
[  603.158592][    C1] vkms_vblank_simulate: vblank timer overrun
[  603.186961][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  603.407607][T11731] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.408090][T11731] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.414727][T11731] bridge_slave_0: entered allmulticast mode
[  603.504674][T11731] bridge_slave_0: entered promiscuous mode
[  603.736139][T11734] Bluetooth: hci6: command 0x0405 tx timeout
[  603.897961][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  604.223347][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  604.499689][T11731] bridge0: port 2(bridge_slave_1) entered blocking state
[  604.499835][T11731] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.500127][T11731] bridge_slave_1: entered allmulticast mode
[  604.535319][T11731] bridge_slave_1: entered promiscuous mode
[  604.580787][   T38] kauditd_printk_skb: 14 callbacks suppressed
[  604.580807][   T38] audit: type=1326 audit(604.185:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11870 comm="syz.3.2190" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x0
[  606.727769][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  606.859098][    C1] vkms_vblank_simulate: vblank timer overrun
[  606.938717][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  607.263600][    C1] vkms_vblank_simulate: vblank timer overrun
[  607.355957][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  607.922757][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  607.983742][T11731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  608.152109][T11731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  608.996179][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.058772][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.183301][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.217213][T11677] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.217584][T11677] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.218626][T11677] bridge_slave_0: entered allmulticast mode
[  610.340367][T11677] bridge_slave_0: entered promiscuous mode
[  611.256694][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  611.487283][    C1] vkms_vblank_simulate: vblank timer overrun
[  611.523919][    C1] vkms_vblank_simulate: vblank timer overrun
[  612.851342][T11899] fuse: Bad value for 'fd'
[  612.854761][    C1] vkms_vblank_simulate: vblank timer overrun
[  612.879758][    C1] vkms_vblank_simulate: vblank timer overrun
[  612.971578][T11904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2193'.
[  613.429453][    C1] vkms_vblank_simulate: vblank timer overrun
[  613.520351][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.564106][T11677] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.564249][T11677] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.564546][T11677] bridge_slave_1: entered allmulticast mode
[  613.596988][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.602636][T11677] bridge_slave_1: entered promiscuous mode
[  613.935903][ T5892] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  614.087849][ T5892] usb 3-1: Using ep0 maxpacket: 32
[  614.089884][ T5892] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  614.089922][ T5892] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x49, changing to 0x9
[  614.089942][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  614.089961][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  614.089977][ T5892] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[  614.090009][ T5892] usb 3-1: New USB device found, idVendor=1b96, idProduct=000b, bcdDevice= 0.00
[  614.090026][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.098308][ T5892] usb 3-1: config 0 descriptor??
[  614.204288][ T5892] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  614.215938][ T5869] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  614.371499][ T5869] usb 8-1: Using ep0 maxpacket: 16
[  614.380743][T11731] team0: Port device team_slave_0 added
[  614.401102][ T5869] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  614.401142][ T5869] usb 8-1: config 0 interface 0 has no altsetting 0
[  614.669175][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.669978][ T5892] usb 3-1: USB disconnect, device number 31
[  614.681371][ T5869] usb 8-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  614.681403][ T5869] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.681475][ T5869] usb 8-1: Product: syz
[  614.681488][ T5869] usb 8-1: Manufacturer: syz
[  614.681499][ T5869] usb 8-1: SerialNumber: syz
[  614.746133][ T5869] usb 8-1: config 0 descriptor??
[  615.750726][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.596037][    C1] vkms_vblank_simulate: vblank timer overrun
[  616.616722][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.955949][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  617.470876][    C1] vkms_vblank_simulate: vblank timer overrun
[  617.489089][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  617.669979][    C1] vkms_vblank_simulate: vblank timer overrun
[  617.696171][    C1] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  617.748720][    C1] vkms_vblank_simulate: vblank timer overrun
[  617.930222][ T5869] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input26
[  617.950275][T11731] team0: Port device team_slave_1 added
[  618.095169][ T5869] imon:send_packet: packet tx failed (-71)
[  618.106232][ T5869] imon 8-1:0.0: panel buttons/knobs setup failed
[  618.293345][T11677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  618.345941][ T5869] rc_core: IR keymap rc-imon-pad not found
[  618.345957][ T5869] Registered IR keymap rc-empty
[  618.348576][ T5869] imon 8-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  618.348592][ T5869] imon 8-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  618.403621][ T5869] imon:send_packet: packet tx failed (-71)
[  618.417672][ T5869] imon 8-1:0.0: remote input dev register failed
[  618.417865][ T5869] imon 8-1:0.0: imon_init_intf0: rc device setup failed
[  618.459108][ T3535] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.459139][ T3535] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.600820][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  618.824747][ T5869] imon 8-1:0.0: unable to initialize intf0, err 0
[  618.824773][ T5869] imon:imon_probe: failed to initialize context!
[  618.824787][ T5869] imon 8-1:0.0: unable to register, err -19
[  618.837505][ T5869] usb 8-1: USB disconnect, device number 9
[  618.937985][T11677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  618.989156][T11731] batman_adv: batadv0: Adding interface: batadv_slave_0
[  618.989176][T11731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  618.989208][T11731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  619.100966][    C1] vkms_vblank_simulate: vblank timer overrun
[  619.262656][ T3535] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  619.262697][ T3535] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.332573][T11731] batman_adv: batadv0: Adding interface: batadv_slave_1
[  619.332593][T11731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  619.332626][T11731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  619.656775][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.723332][    C1] vkms_vblank_simulate: vblank timer overrun
[  619.726762][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.807623][T11677] team0: Port device team_slave_0 added
[  619.884909][ T3535] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  619.884939][ T3535] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.006959][T11677] team0: Port device team_slave_1 added
[  620.158162][T11960] netlink: 264 bytes leftover after parsing attributes in process `syz.7.2220'.
[  620.708124][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  621.780907][    C1] vkms_vblank_simulate: vblank timer overrun
[  621.845342][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.731962][    C1] vkms_vblank_simulate: vblank timer overrun
[  622.936311][    C1] vkms_vblank_simulate: vblank timer overrun
[  623.004244][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.016889][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.366914][ T3535] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  623.366956][ T3535] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.753814][T11731] hsr_slave_0: entered promiscuous mode
[  623.784834][T11731] hsr_slave_1: entered promiscuous mode
[  623.846466][T11731] debugfs: 'hsr0' already exists in 'hsr'
[  623.846487][T11731] Cannot create hsr debugfs directory
[  623.964230][T11734] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  623.989850][T11734] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  623.999846][T11734] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  624.001300][T11734] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  624.002956][T11734] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  624.057264][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.567622][    C1] vkms_vblank_simulate: vblank timer overrun
[  624.712858][    C1] vkms_vblank_simulate: vblank timer overrun
[  625.107672][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  625.282233][T11994] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  625.282248][T11994] IPv6: NLM_F_CREATE should be set when creating new route
[  625.282319][T11994] IPv6: NLM_F_CREATE should be set when creating new route
[  625.282343][T11994] IPv6: NLM_F_CREATE should be set when creating new route
[  626.058171][T11734] Bluetooth: hci0: unexpected event for opcode 0x0419
[  626.066710][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  626.136188][T11734] Bluetooth: hci1: command tx timeout
[  626.137990][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  626.306496][T11977] lo speed is unknown, defaulting to 1000
[  626.756305][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.176403][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.730366][ T3535] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.248494][T11734] Bluetooth: hci1: command tx timeout
[  628.286176][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  628.385025][ T3535] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.408355][T12022] overlayfs: conflicting options: nfs_export=on,index=off
[  628.683064][    C1] vkms_vblank_simulate: vblank timer overrun
[  628.744744][ T3535] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.927805][    C1] vkms_vblank_simulate: vblank timer overrun
[  629.107633][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.132340][T12027] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2243'.
[  629.132370][T12027] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2243'.
[  629.329550][T11734] Bluetooth: hci2: unexpected event for opcode 0x0419
[  629.469851][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.816744][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  629.816825][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  630.144322][T11734] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  630.144617][T11734] Bluetooth: hci0: Injecting HCI hardware error event
[  630.150603][T11734] Bluetooth: hci0: hardware error 0x00
[  630.184706][T12039] netlink: 'syz.7.2245': attribute type 10 has an invalid length.
[  630.376049][ T5808] Bluetooth: hci1: command tx timeout
[  630.846166][    C1] vkms_vblank_simulate: vblank timer overrun
[  630.849273][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  631.156443][    C1] vkms_vblank_simulate: vblank timer overrun
[  631.179893][ T3535] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.810656][T12039] team0: Cannot enslave team device to itself
[  631.905658][T11731] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  631.911466][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.054358][T11731] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  632.279196][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.279529][T11731] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  632.352598][T11731] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  632.557769][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.560113][T11045] Bluetooth: hci1: command tx timeout
[  632.832087][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.994388][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.013791][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.045259][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.607641][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.625843][T11045] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  633.626143][T11045] Bluetooth: hci2: Injecting HCI hardware error event
[  633.629218][T11045] Bluetooth: hci2: hardware error 0x00
[  633.667017][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.802579][T11734] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  633.812480][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  633.828013][T11977] chnl_net:caif_netlink_parms(): no params data found
[  634.575990][    C1] vkms_vblank_simulate: vblank timer overrun
[  635.214680][    C1] vkms_vblank_simulate: vblank timer overrun
[  635.422671][    C1] vkms_vblank_simulate: vblank timer overrun
[  635.525325][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.814880][    C1] vkms_vblank_simulate: vblank timer overrun
[  635.864708][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.056045][T11045] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  636.106234][ T3535] bridge_slave_1: left allmulticast mode
[  636.106257][ T3535] bridge_slave_1: left promiscuous mode
[  636.106461][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.146614][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.537573][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.720314][    C1] vkms_vblank_simulate: vblank timer overrun
[  636.750954][ T3535] bridge_slave_0: left allmulticast mode
[  636.750975][ T3535] bridge_slave_0: left promiscuous mode
[  636.752520][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.379565][T11734] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  637.421974][T11734] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  637.435117][T11734] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  637.448795][T11734] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  637.451680][T11734] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  637.567788][ T3535] team0: left allmulticast mode
[  637.567827][ T3535] team_slave_0: left allmulticast mode
[  637.567849][ T3535] team_slave_1: left allmulticast mode
[  637.568081][ T3535] team0: left promiscuous mode
[  637.568095][ T3535] team_slave_0: left promiscuous mode
[  637.573596][ T3535] team_slave_1: left promiscuous mode
[  637.574195][ T3535] bridge0: port 3(team0) entered disabled state
[  637.579941][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  637.788664][ T3535] bridge_slave_1: left allmulticast mode
[  637.788698][ T3535] bridge_slave_1: left promiscuous mode
[  637.788964][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.888417][ T3535] bridge_slave_0: left allmulticast mode
[  637.888449][ T3535] bridge_slave_0: left promiscuous mode
[  637.888707][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.625302][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  639.577363][T11045] Bluetooth: hci3: command tx timeout
[  639.658405][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  641.664636][T11045] Bluetooth: hci3: command tx timeout
[  642.036546][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  642.036658][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  642.209510][T12118] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2271'.
[  643.406155][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.745963][T11045] Bluetooth: hci3: command tx timeout
[  643.825820][ T5937] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  645.054074][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  645.073778][ T5937] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  645.073817][ T5937] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  645.073842][ T5937] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  645.073889][ T5937] usb 8-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[  645.073915][ T5937] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.132990][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  645.161063][ T5937] usb 8-1: config 0 descriptor??
[  645.198996][T12136] 9pnet_fd: Insufficient options for proto=fd
[  645.202866][ T3535] bond0 (unregistering): Released all slaves
[  645.424378][ T3535] bond0 (unregistering): Released all slaves
[  645.582872][ T5937] uclogic 0003:5543:0005.001D: hidraw0: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.7-1/input0
[  645.752130][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  645.808635][ T6001] usb 8-1: USB disconnect, device number 10
[  645.817155][T11045] Bluetooth: hci3: command tx timeout
[  646.060972][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  646.976906][ T5937] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  647.316860][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  647.465825][ T5937] usb 8-1: Using ep0 maxpacket: 16
[  647.469848][ T5937] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 23, changing to 8
[  647.469887][ T5937] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  647.469935][ T5937] usb 8-1: New USB device found, idVendor=0079, idProduct=1803, bcdDevice= 0.00
[  647.469962][ T5937] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.475495][ T5937] usb 8-1: config 0 descriptor??
[  647.981642][ T5937] hid_mf 0003:0079:1803.001E: unknown main item tag 0x0
[  647.981684][ T5937] hid_mf 0003:0079:1803.001E: unknown main item tag 0x0
[  647.981716][ T5937] hid_mf 0003:0079:1803.001E: unknown main item tag 0x0
[  647.981745][ T5937] hid_mf 0003:0079:1803.001E: unknown main item tag 0x0
[  647.981774][ T5937] hid_mf 0003:0079:1803.001E: unknown main item tag 0x0
[  647.985644][ T5937] hid_mf 0003:0079:1803.001E: hidraw0: USB HID v0.05 Device [HID 0079:1803] on usb-dummy_hcd.7-1/input0
[  648.039890][ T5937] hid_mf 0003:0079:1803.001E: Force feedback for HJZ Mayflash game controller adapters by Marcel Hasler <mahasler@gmail.com>
[  648.136201][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  648.466045][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  648.490829][ T5937] usb 8-1: USB disconnect, device number 11
[  649.679219][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  650.696188][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.215249][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  651.414207][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.498671][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  651.551988][ T3535] bond0 (unregistering): Released all slaves
[  651.736399][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  652.963448][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  653.445852][ T5892] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  653.595848][ T5892] usb 8-1: Using ep0 maxpacket: 16
[  653.600105][ T5892] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  653.600141][ T5892] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  653.600170][ T5892] usb 8-1: New USB device found, idVendor=17ef, idProduct=7309, bcdDevice= 0.00
[  653.600187][ T5892] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.603940][ T5892] usb 8-1: config 0 descriptor??
[  653.608686][ T5892] hub 8-1:0.0: USB hub found
[  653.837767][ T5892] hub 8-1:0.0: 7 ports detected
[  653.838166][ T5892] hub 8-1:0.0: insufficient power available to use all downstream ports
[  653.877452][ T3535] team0: Port device bridge1 removed
[  653.996959][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  654.073606][ T5892] hub 8-1:0.0: hub_hub_status failed (err = -71)
[  654.073638][ T5892] hub 8-1:0.0: config failed, can't get hub status (err -71)
[  654.096906][ T5892] usb 8-1: USB disconnect, device number 12
[  654.476084][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.016489][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.166936][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  655.229938][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  655.263351][ T3535] bond0 (unregistering): Released all slaves
[  655.340908][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.975155][T12204] bridge0: port 1(bridge_slave_0) entered forwarding state
[  656.007314][T11977] bridge0: port 1(bridge_slave_0) entered blocking state
[  656.007465][T11977] bridge0: port 1(bridge_slave_0) entered disabled state
[  656.007749][T11977] bridge_slave_0: entered allmulticast mode
[  656.017068][T11977] bridge_slave_0: entered promiscuous mode
[  656.053025][T11977] bridge0: port 2(bridge_slave_1) entered blocking state
[  656.053171][T11977] bridge0: port 2(bridge_slave_1) entered disabled state
[  656.053453][T11977] bridge_slave_1: entered allmulticast mode
[  656.056432][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  656.060595][T11977] bridge_slave_1: entered promiscuous mode
[  656.686757][ T3535] tipc: Disabling bearer <udp:syz2>
[  656.686913][ T3535] tipc: Disabling bearer <udp:�>
[  656.687065][ T3535] tipc: Left network mode
[  657.124494][ T5891] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.358961][T12237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2318'.
[  657.683300][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.797656][T12249] fuse: Bad value for 'fd'
[  657.832212][T12247] tipc: Started in network mode
[  657.832249][T12247] tipc: Node identity c269b57a38e6, cluster identity 4711
[  657.832546][T12247] tipc: Enabled bearer <eth:xfrm0>, priority 10
[  657.861127][T11977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  657.928852][T11977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.136407][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  658.137749][T12087] lo speed is unknown, defaulting to 1000
[  659.781438][ T5892] tipc: Node number set to 4203722106
[  659.886660][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  659.987368][T12255] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2325'.
[  660.225539][T11977] team0: Port device team_slave_0 added
[  660.307084][T11977] team0: Port device team_slave_1 added
[  660.698569][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  661.043559][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  661.108547][T11977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.108565][T11977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  661.108591][T11977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  661.228142][T11977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  661.228161][T11977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  661.228193][T11977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  661.728088][T12282] ipvlan0: entered promiscuous mode
[  661.730717][T12282] ipvlan0: left promiscuous mode
[  662.057170][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.136783][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.138730][T11977] hsr_slave_0: entered promiscuous mode
[  663.140256][T11977] hsr_slave_1: entered promiscuous mode
[  663.141339][T11977] debugfs: 'hsr0' already exists in 'hsr'
[  663.141366][T11977] Cannot create hsr debugfs directory
[  663.658071][ T3535] hsr_slave_0: left promiscuous mode
[  663.696008][ T3535] hsr_slave_1: left promiscuous mode
[  663.697230][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  663.697258][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  663.736162][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.739018][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  663.739044][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  663.940850][ T3535] hsr_slave_0: left promiscuous mode
[  663.981901][ T3535] hsr_slave_1: left promiscuous mode
[  663.982781][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  663.982802][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  664.046001][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  664.046032][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  664.166485][ T6001] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  664.206258][ T3535] veth1_macvtap: left promiscuous mode
[  664.206368][ T3535] veth0_macvtap: left promiscuous mode
[  664.206581][ T3535] veth1_vlan: left promiscuous mode
[  664.206709][ T3535] veth0_vlan: left promiscuous mode
[  664.226357][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  664.317947][ T6001] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  664.318013][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  664.319683][ T6001] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  664.319704][ T6001] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  664.319718][ T6001] usb 3-1: Manufacturer: syz
[  664.323768][ T6001] usb 3-1: config 0 descriptor??
[  664.383092][ T3535] veth1_macvtap: left promiscuous mode
[  664.383184][ T3535] veth0_macvtap: left promiscuous mode
[  664.383393][ T3535] veth1_vlan: left promiscuous mode
[  664.403411][ T3535] veth0_vlan: left promiscuous mode
[  664.435888][ T6001] rc_core: IR keymap rc-hauppauge not found
[  664.435912][ T6001] Registered IR keymap rc-empty
[  664.437122][ T6001] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  664.439290][ T6001] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input28
[  664.597728][ T6001] usb 3-1: USB disconnect, device number 32
[  664.936022][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  665.272658][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.296681][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.753328][T12352] netlink: 'syz.3.2367': attribute type 10 has an invalid length.
[  666.796008][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.808148][T12353] netlink: 'syz.3.2367': attribute type 10 has an invalid length.
[  667.356219][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.666569][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  667.946602][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  668.376364][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  669.427649][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  669.833293][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  670.486049][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  671.496511][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.550143][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.856900][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.326531][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  673.576397][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.597468][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  674.546468][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  674.616441][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.660263][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.925184][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  676.663110][T12352] team0: Port device netdevsim0 added
[  676.700718][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  676.781298][T12353] team0: Port device netdevsim0 removed
[  676.790959][T12353] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  676.913723][   T38] audit: type=1326 audit(676.515:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.3.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  676.913777][   T38] audit: type=1326 audit(676.515:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.3.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  676.914122][   T38] audit: type=1326 audit(676.515:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.3.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  676.914386][   T38] audit: type=1326 audit(676.515:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.3.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  676.921006][   T38] audit: type=1326 audit(676.525:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.3.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44070f6c9 code=0x7ffc0000
[  677.713239][T12087] chnl_net:caif_netlink_parms(): no params data found
[  677.736403][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.655404][T12087] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.655595][T12087] bridge0: port 1(bridge_slave_0) entered disabled state
[  678.672858][T12087] bridge_slave_0: entered allmulticast mode
[  678.674898][T12087] bridge_slave_0: entered promiscuous mode
[  678.676323][T10943] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  678.707118][T12087] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.707211][T12087] bridge0: port 2(bridge_slave_1) entered disabled state
[  678.707408][T12087] bridge_slave_1: entered allmulticast mode
[  678.712965][T12087] bridge_slave_1: entered promiscuous mode
[  678.715583][T11977] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  678.776522][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.847641][T10943] usb 8-1: Using ep0 maxpacket: 16
[  678.877966][T10943] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  678.878021][T10943] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[  678.878047][T10943] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.886454][T10943] usb 8-1: config 0 descriptor??
[  678.938084][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  679.063939][T11977] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  679.272751][T11977] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  679.344053][T10943] konepure 0003:1E7D:2DBE.001F: bogus close delimiter
[  679.344070][T10943] konepure 0003:1E7D:2DBE.001F: item 0 4 2 10 parsing failed
[  679.394968][T10943] konepure 0003:1E7D:2DBE.001F: parse failed
[  679.395095][T10943] konepure 0003:1E7D:2DBE.001F: probe with driver konepure failed with error -22
[  679.406512][T12087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  679.418252][T11977] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  679.528979][T12087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  679.550340][ T5892] usb 8-1: USB disconnect, device number 13
[  679.910934][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.026019][    T9] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  680.084462][T12087] team0: Port device team_slave_0 added
[  680.102882][T12087] team0: Port device team_slave_1 added
[  680.198733][    T9] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  680.198766][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.243396][    T9] usb 3-1: config 0 descriptor??
[  680.437425][T12087] batman_adv: batadv0: Adding interface: batadv_slave_0
[  680.437502][T12087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  680.437535][T12087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  680.442088][T12087] batman_adv: batadv0: Adding interface: batadv_slave_1
[  680.442107][T12087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  680.442138][T12087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  680.575222][    T9] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  680.595944][ T5937] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  680.779451][    T9] [drm:udl_init] *ERROR* Selecting channel failed
[  680.789034][ T5937] usb 8-1: Using ep0 maxpacket: 32
[  680.813921][ T5937] usb 8-1: config 0 has an invalid interface number: 85 but max is 0
[  680.813953][ T5937] usb 8-1: config 0 has no interface number 0
[  680.813996][ T5937] usb 8-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  680.814017][ T5937] usb 8-1: config 0 interface 85 has no altsetting 0
[  680.820590][ T5937] usb 8-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  680.820624][ T5937] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.820642][ T5937] usb 8-1: Product: syz
[  680.820652][ T5937] usb 8-1: Manufacturer: syz
[  680.820663][ T5937] usb 8-1: SerialNumber: syz
[  680.884577][ T5937] usb 8-1: config 0 descriptor??
[  680.951547][    T9] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  680.951577][    T9] [drm] Initialized udl on minor 2
[  680.971172][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  681.029291][    T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  681.068008][    T9] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  681.120033][T12087] hsr_slave_0: entered promiscuous mode
[  681.124573][T12087] hsr_slave_1: entered promiscuous mode
[  681.139803][    T9] usb 3-1: USB disconnect, device number 33
[  681.141268][ T5891] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  681.169788][ T5891] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  681.559000][ T5937] appletouch 8-1:0.85: Geyser mode initialized.
[  681.590541][ T5937] input: appletouch as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.85/input/input29
[  681.790552][T10943] usb 8-1: USB disconnect, device number 14
[  681.790642][    C1] appletouch 8-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  681.800270][   T38] audit: type=1326 audit(681.385:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12425 comm="syz.2.2391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  681.827886][   T38] audit: type=1326 audit(681.405:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12425 comm="syz.2.2391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  681.836265][   T38] audit: type=1326 audit(681.435:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12425 comm="syz.2.2391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  681.836335][   T38] audit: type=1326 audit(681.435:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12425 comm="syz.2.2391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  681.840535][   T38] audit: type=1326 audit(681.445:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12425 comm="syz.2.2391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  681.908835][T10943] appletouch 8-1:0.85: input: appletouch disconnected
[  681.944706][   T38] kauditd_printk_skb: 3 callbacks suppressed
[  681.944730][   T38] audit: type=1326 audit(681.525:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12425 comm="syz.2.2391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  681.976184][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  681.976275][ T6001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.436071][ T5937] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  682.562732][T11734] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  682.602075][T11734] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  682.604295][T11734] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  682.612598][T11734] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  682.634508][T11734] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  682.697611][ T5937] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  682.697645][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  682.697667][ T5937] usb 3-1: Product: syz
[  682.697683][ T5937] usb 3-1: Manufacturer: syz
[  682.697700][ T5937] usb 3-1: SerialNumber: syz
[  682.755740][ T5937] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  682.817010][ T3535] IPVS: stop unused estimator thread 0...
[  682.994667][T12446] Bluetooth: MGMT ver 1.23
[  682.994700][T12446] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  683.043249][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  683.143852][ T5891] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  683.413041][    C0] usb 3-1: ath: unknown panic pattern!
[  683.624032][T10943] usb 3-1: USB disconnect, device number 34
[  683.911875][T12438] lo speed is unknown, defaulting to 1000
[  684.056201][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  684.296389][ T5891] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  684.297194][ T5891] ath9k_htc: Failed to initialize the device
[  684.326686][T10943] usb 3-1: ath9k_htc: USB layer deinitialized
[  684.329572][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  684.776733][T11734] Bluetooth: hci5: command tx timeout
[  685.066484][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  685.096189][ T5891] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  686.610282][T12511] netlink: 83 bytes leftover after parsing attributes in process `syz.7.2422'.
[  686.856060][T11734] Bluetooth: hci5: command tx timeout
[  686.975886][ T5937] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  687.153640][T12523] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2429'.
[  687.179542][ T5937] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  687.179579][ T5937] usb 3-1: config 0 interface 0 has no altsetting 0
[  687.182627][ T5937] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  687.182659][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  687.182683][ T5937] usb 3-1: Product: syz
[  687.182699][ T5937] usb 3-1: Manufacturer: syz
[  687.182715][ T5937] usb 3-1: SerialNumber: syz
[  687.191723][ T5937] usb 3-1: config 0 descriptor??
[  687.225537][ T5937] usb 3-1: selecting invalid altsetting 0
[  687.335415][T12526] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2430'.
[  687.422457][T12515] usb 3-1: cannot submit urb 0, error -2: endpoint not enabled
[  687.449341][ T5937] usb 3-1: USB disconnect, device number 35
[  687.543020][T12532] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  687.543020][T12532] The task syz.7.2431 (12532) triggered the difference, watch for misbehavior.
[  687.704740][T12530] bridge0: port 1(bridge_slave_0) entered disabled state
[  687.733879][T12438] chnl_net:caif_netlink_parms(): no params data found
[  687.956592][T12087] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  688.001029][T12087] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  688.371176][T12087] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  688.897146][ T5937] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  688.950680][T11734] Bluetooth: hci5: command tx timeout
[  689.105949][ T5937] usb 3-1: Using ep0 maxpacket: 8
[  689.108822][ T5937] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  689.108888][ T5937] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  689.108914][ T5937] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  689.108943][ T5937] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  689.108971][ T5937] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  689.109018][ T5937] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  689.109043][ T5937] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  689.343795][T12087] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  689.682683][T12562] traps: syz.7.2440[12562] attempts to use CLI/STI, pretending it's a NOP, ip:200000000002
[  689.823287][T12565] loop8: detected capacity change from 0 to 7
[  689.842792][T12565] Dev loop8: unable to read RDB block 7
[  689.842840][T12565]  loop8: unable to read partition table
[  689.843010][T12565] loop8: partition table beyond EOD, truncated
[  689.843025][T12565] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[  690.036217][T12438] bridge0: port 1(bridge_slave_0) entered blocking state
[  690.036426][T12438] bridge0: port 1(bridge_slave_0) entered disabled state
[  690.036702][T12438] bridge_slave_0: entered allmulticast mode
[  690.039854][T12438] bridge_slave_0: entered promiscuous mode
[  690.077935][T12438] bridge0: port 2(bridge_slave_1) entered blocking state
[  690.078072][T12438] bridge0: port 2(bridge_slave_1) entered disabled state
[  690.078348][T12438] bridge_slave_1: entered allmulticast mode
[  690.082938][T12438] bridge_slave_1: entered promiscuous mode
[  690.205825][ T5937] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  690.360159][ T5937] usb 8-1: Using ep0 maxpacket: 32
[  690.364003][ T5937] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  690.364032][ T5937] usb 8-1: config 0 has no interface number 0
[  690.398802][ T5937] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  690.398836][ T5937] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.398858][ T5937] usb 8-1: Product: syz
[  690.398873][ T5937] usb 8-1: Manufacturer: syz
[  690.398888][ T5937] usb 8-1: SerialNumber: syz
[  690.447435][ T5937] usb 8-1: config 0 descriptor??
[  690.450799][ T5937] smsc95xx v2.0.0
[  690.494659][T12438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  690.536436][T12438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  690.841512][ T3535] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.015953][T11734] Bluetooth: hci5: command tx timeout
[  691.047493][T12438] team0: Port device team_slave_0 added
[  691.190992][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  691.191155][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  691.294833][ T3535] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.340817][T10943] usb 3-1: USB disconnect, device number 36
[  691.363888][T12438] team0: Port device team_slave_1 added
[  691.478891][ T5937] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  691.478927][ T5937] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  691.480106][ T5937] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  691.480439][ T5937] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -71
[  691.491215][ T5937] usb 8-1: USB disconnect, device number 15
[  691.970820][ T3535] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.081280][T12438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  692.081299][T12438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  692.081329][T12438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  692.165002][T12438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  692.165017][T12438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  692.165038][T12438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  692.413265][T10943] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  692.439599][ T3535] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.568366][T10943] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  692.568407][T10943] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  692.568433][T10943] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  692.568481][T10943] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  692.568508][T10943] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  692.649538][T10943] usb 8-1: config 0 descriptor??
[  692.999735][T12438] hsr_slave_0: entered promiscuous mode
[  693.004944][T12438] hsr_slave_1: entered promiscuous mode
[  693.027081][T12438] debugfs: 'hsr0' already exists in 'hsr'
[  693.027113][T12438] Cannot create hsr debugfs directory
[  693.090862][T10943] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  693.608414][ T5891] usb 8-1: USB disconnect, device number 16
[  693.703914][T12087] 8021q: adding VLAN 0 to HW filter on device bond0
[  693.730837][ T3535] bridge_slave_1: left allmulticast mode
[  693.730867][ T3535] bridge_slave_1: left promiscuous mode
[  693.731196][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.834802][ T3535] bridge_slave_0: left allmulticast mode
[  693.834836][ T3535] bridge_slave_0: left promiscuous mode
[  693.835246][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.920544][ T3535] bridge_slave_1: left allmulticast mode
[  693.920578][ T3535] bridge_slave_1: left promiscuous mode
[  693.920829][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.988901][ T3535] bridge_slave_0: left allmulticast mode
[  693.988934][ T3535] bridge_slave_0: left promiscuous mode
[  693.989194][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.090983][ T3535] bridge_slave_1: left allmulticast mode
[  694.091015][ T3535] bridge_slave_1: left promiscuous mode
[  694.091411][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.178969][ T3535] bridge_slave_0: left allmulticast mode
[  694.179004][ T3535] bridge_slave_0: left promiscuous mode
[  694.185396][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.275188][ T3535] bridge_slave_1: left allmulticast mode
[  694.275221][ T3535] bridge_slave_1: left promiscuous mode
[  694.275480][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.394860][ T3535] bridge_slave_0: left allmulticast mode
[  694.394890][ T3535] bridge_slave_0: left promiscuous mode
[  694.395166][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.760389][T12652] hpfs: hpfs_map_sector(): read error
[  694.855859][T10943] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  695.005897][T10943] usb 8-1: Using ep0 maxpacket: 16
[  695.008288][T10943] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  695.008324][T10943] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  695.008348][T10943] usb 8-1: config 0 interface 0 has no altsetting 0
[  695.008385][T10943] usb 8-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  695.008420][T10943] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  695.076967][T10943] usb 8-1: config 0 descriptor??
[  695.084647][T11045] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  695.105422][T11045] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  695.108758][T11045] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  695.125603][T11045] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  695.133802][T11045] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  695.516731][T12649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  695.517525][T12649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  695.541922][T10943] hid (null): usage index exceeded
[  695.553759][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553786][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553806][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553825][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553844][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553862][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553881][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553899][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553918][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.553936][T10943] cougar 0003:060B:500A.0021: unknown main item tag 0x0
[  695.554490][T10943] cougar 0003:060B:500A.0021: unexpected long global item
[  695.555045][T10943] cougar 0003:060B:500A.0021: parse failed
[  695.555117][T10943] cougar 0003:060B:500A.0021: probe with driver cougar failed with error -22
[  695.733879][T10943] usb 8-1: USB disconnect, device number 17
[  696.016742][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  696.106524][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  696.173806][ T3535] bond0 (unregistering): Released all slaves
[  696.614703][ T5937] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  696.805820][ T5937] usb 8-1: config 0 has no interfaces?
[  696.808149][ T5937] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  696.808172][ T5937] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  696.808186][ T5937] usb 8-1: SerialNumber: syz
[  696.813604][ T5937] usb 8-1: config 0 descriptor??
[  697.020556][T10943] usb 8-1: USB disconnect, device number 18
[  697.274721][T11734] Bluetooth: hci1: command tx timeout
[  698.157385][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  698.238679][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  698.287942][ T3535] bond0 (unregistering): Released all slaves
[  698.566669][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  698.686636][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  698.761469][ T3535] bond0 (unregistering): Released all slaves
[  698.926490][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  699.007386][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  699.068921][ T3535] bond0 (unregistering): Released all slaves
[  699.339614][T11734] Bluetooth: hci1: command tx timeout
[  699.466136][T12667] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2485'.
[  699.466163][T12667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2485'.
[  699.563278][T12667] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2485'.
[  699.563304][T12667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2485'.
[  700.056835][T12657] lo speed is unknown, defaulting to 1000
[  700.207182][T12697] 9pnet_fd: Insufficient options for proto=fd
[  700.283575][T12699] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2498'.
[  700.335519][T12700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2498'.
[  701.038459][T12704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  701.419681][T11734] Bluetooth: hci1: command tx timeout
[  702.807463][ T3535] hsr_slave_0: left promiscuous mode
[  702.854092][ T3535] hsr_slave_1: left promiscuous mode
[  702.855355][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  702.933300][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  703.295977][ T3535] hsr_slave_0: left promiscuous mode
[  703.385980][ T3535] hsr_slave_1: left promiscuous mode
[  703.387187][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  703.387216][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  703.442223][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  703.442246][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  703.496341][T11734] Bluetooth: hci1: command tx timeout
[  703.609296][ T3535] hsr_slave_0: left promiscuous mode
[  703.768423][ T3535] hsr_slave_1: left promiscuous mode
[  703.769475][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  703.806789][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  703.961323][ T3535] veth1_macvtap: left promiscuous mode
[  703.961436][ T3535] veth0_macvtap: left promiscuous mode
[  703.962990][ T3535] veth1_vlan: left promiscuous mode
[  703.963188][ T3535] veth0_vlan: left promiscuous mode
[  705.159936][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  705.316512][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  705.365133][T12761] sctp: [Deprecated]: syz.7.2518 (pid 12761) Use of int in max_burst socket option deprecated.
[  705.365133][T12761] Use struct sctp_assoc_value instead
[  705.705908][ T5937] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  705.855833][ T5937] usb 8-1: Using ep0 maxpacket: 8
[  705.858759][ T5937] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  705.858813][ T5937] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  705.858840][ T5937] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.908823][ T5937] usb 8-1: config 0 descriptor??
[  706.145263][ T5937] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  706.522156][ T5869] usb 8-1: USB disconnect, device number 19
[  707.450561][T10943] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  707.625939][T10943] usb 8-1: Using ep0 maxpacket: 16
[  707.628191][T10943] usb 8-1: config index 0 descriptor too short (expected 16456, got 72)
[  707.628221][T10943] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  707.628245][T10943] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  707.628268][T10943] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  707.628290][T10943] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  707.628305][T10943] usb 8-1: config 0 has no interface number 0
[  707.628347][T10943] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  707.628367][T10943] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  707.628384][T10943] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  707.628412][T10943] usb 8-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  707.628432][T10943] usb 8-1: config 0 interface 125 has no altsetting 0
[  707.628446][T10943] usb 8-1: config 0 interface 125 has no altsetting 2
[  707.631985][T10943] usb 8-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  707.632014][T10943] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.632030][T10943] usb 8-1: Product: syz
[  707.632041][T10943] usb 8-1: Manufacturer: syz
[  707.632052][T10943] usb 8-1: SerialNumber: syz
[  707.636399][T10943] usb 8-1: config 0 descriptor??
[  707.731001][T10943] usb 8-1: selecting invalid altsetting 2
[  708.544199][    C1] usb 8-1: async_complete: urb error -71
[  708.544321][    C1] usb 8-1: async_complete: urb error -71
[  708.544419][    C1] usb 8-1: async_complete: urb error -71
[  708.552653][T10943] get_1284_register: usb error -71
[  708.552814][T10943] uss720 8-1:0.125: probe with driver uss720 failed with error -71
[  708.564532][T10943] usb 8-1: USB disconnect, device number 20
[  708.956633][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  709.246681][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  712.898073][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  713.046683][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  713.876547][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  714.026820][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  714.752305][T12750] lo speed is unknown, defaulting to 1000
[  715.201948][T12657] chnl_net:caif_netlink_parms(): no params data found
[  715.504769][T12798] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2532'.
[  715.873808][T12802] syzkaller0: entered promiscuous mode
[  715.873838][T12802] syzkaller0: entered allmulticast mode
[  716.833506][T12657] bridge0: port 1(bridge_slave_0) entered blocking state
[  716.833647][T12657] bridge0: port 1(bridge_slave_0) entered disabled state
[  716.833910][T12657] bridge_slave_0: entered allmulticast mode
[  716.839160][T12657] bridge_slave_0: entered promiscuous mode
[  716.863046][T12438] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  716.931935][T12657] bridge0: port 2(bridge_slave_1) entered blocking state
[  716.932077][T12657] bridge0: port 2(bridge_slave_1) entered disabled state
[  716.932328][T12657] bridge_slave_1: entered allmulticast mode
[  716.935955][T12657] bridge_slave_1: entered promiscuous mode
[  716.937740][T12438] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  717.170865][T12438] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  717.412956][T12438] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  717.462274][T12832] cgroup: Setting release_agent not allowed
[  717.489905][T12657] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  717.528459][T12657] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  718.196266][T10943] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  718.204877][T12657] team0: Port device team_slave_0 added
[  718.247446][T12657] team0: Port device team_slave_1 added
[  718.346050][T10943] usb 8-1: Using ep0 maxpacket: 32
[  718.361396][T10943] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  718.361426][T10943] usb 8-1: config 0 has no interface number 0
[  718.401425][T10943] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  718.401458][T10943] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  718.401479][T10943] usb 8-1: Product: syz
[  718.401495][T10943] usb 8-1: Manufacturer: syz
[  718.401510][T10943] usb 8-1: SerialNumber: syz
[  718.489793][T10943] usb 8-1: config 0 descriptor??
[  718.503377][T10943] smsc95xx v2.0.0
[  718.503396][T10943] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  718.503675][T10943] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -22
[  718.696554][T12657] batman_adv: batadv0: Adding interface: batadv_slave_0
[  718.696574][T12657] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.696605][T12657] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  718.704042][T12657] batman_adv: batadv0: Adding interface: batadv_slave_1
[  718.704060][T12657] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.704103][T12657] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  719.386695][ T5937] usb 8-1: USB disconnect, device number 21
[  719.468049][T12657] hsr_slave_0: entered promiscuous mode
[  719.493427][T12657] hsr_slave_1: entered promiscuous mode
[  719.494500][T12657] debugfs: 'hsr0' already exists in 'hsr'
[  719.494524][T12657] Cannot create hsr debugfs directory
[  719.675271][T12868] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2554'.
[  720.885445][T12438] 8021q: adding VLAN 0 to HW filter on device bond0
[  720.970320][T12438] 8021q: adding VLAN 0 to HW filter on device team0
[  721.011821][ T3535] IPVS: stop unused estimator thread 0...
[  721.655229][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[  721.655550][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[  721.727277][ T3571] bridge0: port 2(bridge_slave_1) entered blocking state
[  721.727435][ T3571] bridge0: port 2(bridge_slave_1) entered forwarding state
[  723.883039][ T3535] bridge_slave_1: left allmulticast mode
[  723.883070][ T3535] bridge_slave_1: left promiscuous mode
[  723.883344][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.987762][ T3535] bridge_slave_0: left allmulticast mode
[  723.987794][ T3535] bridge_slave_0: left promiscuous mode
[  723.988116][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  726.106594][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  726.186747][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  726.259219][ T3535] bond0 (unregistering): Released all slaves
[  726.866008][ T3535] hsr_slave_0: left promiscuous mode
[  726.905895][ T3535] hsr_slave_1: left promiscuous mode
[  726.907992][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  726.936852][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  727.045826][ T5869] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  727.195979][ T5869] usb 8-1: Using ep0 maxpacket: 32
[  727.198225][ T5869] usb 8-1: config 0 has an invalid interface number: 12 but max is 0
[  727.198255][ T5869] usb 8-1: config 0 has no interface number 0
[  727.198312][ T5869] usb 8-1: config 0 interface 12 has no altsetting 0
[  727.200890][ T5869] usb 8-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  727.200919][ T5869] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.200934][ T5869] usb 8-1: Product: syz
[  727.200945][ T5869] usb 8-1: Manufacturer: syz
[  727.200955][ T5869] usb 8-1: SerialNumber: syz
[  727.204943][ T5869] usb 8-1: config 0 descriptor??
[  727.205854][ T5892] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  727.355789][ T5892] usb 3-1: Using ep0 maxpacket: 8
[  727.358203][ T5892] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  727.358270][ T5892] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  727.358298][ T5892] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  727.358326][ T5892] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  727.358351][ T5892] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  727.358392][ T5892] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  727.358421][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.698309][ T5892] usb 3-1: GET_CAPABILITIES returned 0
[  727.698372][ T5892] usbtmc 3-1:16.0: can't read capabilities
[  727.908318][ T5892] usb 3-1: USB disconnect, device number 37
[  728.141348][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  728.357520][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  728.988144][ T5869] f81534 8-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  728.988198][ T5869] f81534 8-1:0.12: f81534_find_config_idx: read failed: -71
[  728.988216][ T5869] f81534 8-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  728.988301][ T5869] f81534 8-1:0.12: probe with driver f81534 failed with error -71
[  728.998637][ T5869] usb 8-1: USB disconnect, device number 22
[  729.503819][ T5891] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  729.665819][ T5891] usb 3-1: Using ep0 maxpacket: 32
[  729.672286][ T5891] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  729.672316][ T5891] usb 3-1: config 0 has no interface number 0
[  729.672373][ T5891] usb 3-1: config 0 interface 184 has no altsetting 0
[  729.677917][ T5891] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  729.677948][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.677970][ T5891] usb 3-1: Product: syz
[  729.677986][ T5891] usb 3-1: Manufacturer: syz
[  729.678001][ T5891] usb 3-1: SerialNumber: syz
[  729.712677][ T5891] usb 3-1: config 0 descriptor??
[  729.761045][ T5891] smsc75xx v1.0.0
[  730.309926][T12438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  730.311904][T12657] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  730.366366][T12657] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  730.409212][T12657] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  730.570139][T12657] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  730.960423][T13028] kvm: emulating exchange as write
[  731.064750][ T5891] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -32
[  731.064786][ T5891] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  731.066002][ T5891] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  731.066033][ T5891] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  731.066053][ T5891] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  731.066072][ T5891] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32
[  731.066482][ T5891] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -32
[  731.084226][ T5891] usb 3-1: USB disconnect, device number 38
[  731.458452][T12657] 8021q: adding VLAN 0 to HW filter on device bond0
[  731.599346][T12657] 8021q: adding VLAN 0 to HW filter on device team0
[  731.670487][ T3535] bridge0: port 1(bridge_slave_0) entered blocking state
[  731.679287][ T3535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  731.734203][ T3535] bridge0: port 2(bridge_slave_1) entered blocking state
[  731.735025][ T3535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  731.770493][T12438] veth0_vlan: entered promiscuous mode
[  731.845448][T12438] veth1_vlan: entered promiscuous mode
[  732.089414][T12438] veth0_macvtap: entered promiscuous mode
[  732.131967][T12438] veth1_macvtap: entered promiscuous mode
[  732.228437][T12438] batman_adv: batadv0: Interface activated: batadv_slave_0
[  732.268821][T12438] batman_adv: batadv0: Interface activated: batadv_slave_1
[  732.321318][ T6814] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  732.336569][ T6814] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  732.338975][ T3535] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  732.352060][T11095] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  732.735007][T12657] 8021q: adding VLAN 0 to HW filter on device batadv0
[  733.215821][ T7748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  733.215846][ T7748] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  733.507495][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  733.507520][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  733.827899][T12657] veth0_vlan: entered promiscuous mode
[  733.873718][T12657] veth1_vlan: entered promiscuous mode
[  733.986826][T12657] veth0_macvtap: entered promiscuous mode
[  733.993644][T12657] veth1_macvtap: entered promiscuous mode
[  734.044597][T12657] batman_adv: batadv0: Interface activated: batadv_slave_0
[  734.161489][T12657] batman_adv: batadv0: Interface activated: batadv_slave_1
[  734.249276][ T3571] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  734.249358][ T3571] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  734.249402][ T3571] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  734.249443][ T3571] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  735.542783][ T3571] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  735.542807][ T3571] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  735.625157][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  735.625180][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  737.367505][ T5877] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  737.536128][ T5877] usb 8-1: Using ep0 maxpacket: 16
[  737.551334][ T5877] usb 8-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  737.551371][ T5877] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.551397][ T5877] usb 8-1: Product: syz
[  737.551414][ T5877] usb 8-1: Manufacturer: syz
[  737.551431][ T5877] usb 8-1: SerialNumber: syz
[  737.604259][ T5877] r8152-cfgselector 8-1: Unknown version 0x0000
[  737.604285][ T5877] r8152-cfgselector 8-1: config 0 descriptor??
[  738.025366][ T5891] r8152-cfgselector 8-1: USB disconnect, device number 23
[  739.066068][ T5877] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  739.221243][ T5877] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  739.221266][ T5877] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  739.221281][ T5877] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  739.221317][ T5877] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  739.221337][ T5877] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  739.223123][ T5877] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  739.223144][ T5877] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  739.223159][ T5877] usb 9-1: Product: syz
[  739.223170][ T5877] usb 9-1: Manufacturer: syz
[  739.323937][ T5877] cdc_wdm 9-1:1.0: skipping garbage
[  739.323959][ T5877] cdc_wdm 9-1:1.0: skipping garbage
[  739.375984][ T5877] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  739.376007][ T5877] cdc_wdm 9-1:1.0: Unknown control protocol
[  739.751670][   T44] usb 9-1: USB disconnect, device number 2
[  740.378953][   T10] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  740.546114][   T10] usb 10-1: Using ep0 maxpacket: 16
[  740.549955][   T10] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  740.549993][   T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  740.587672][   T10] usb 10-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  740.587707][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  740.587730][   T10] usb 10-1: Product: syz
[  740.587886][   T10] usb 10-1: Manufacturer: syz
[  740.590713][   T10] usb 10-1: SerialNumber: syz
[  740.702109][   T10] usb 10-1: config 0 descriptor??
[  740.792920][   T10] em28xx 10-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  740.792961][   T10] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class)
[  741.635057][   T10] em28xx 10-1:0.0: unknown em28xx chip ID (0)
[  741.719611][   T10] em28xx 10-1:0.0: Config register raw data: 0x23
[  741.719630][   T10] em28xx 10-1:0.0: I2S Audio (1 sample rate(s))
[  741.719642][   T10] em28xx 10-1:0.0: No AC97 audio processor
[  742.400509][T13205] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2652'.
[  742.405464][T13205] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2652'.
[  742.409561][T13205] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2652'.
[  742.409787][T13205] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2652'.
[  742.409988][T13205] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2652'.
[  742.596719][   T10] usb 10-1: USB disconnect, device number 2
[  743.306452][T13218] binder: 13216:13218 unknown command 0
[  743.306470][T13218] binder: 13216:13218 ioctl c0306201 200000000080 returned -22
[  743.313356][T13218] binder: 13216:13218 ioctl c0306201 2000000003c0 returned -14
[  743.744502][   T38] audit: type=1804 audit(743.345:243): pid=13223 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.9.2658" name="/newroot/8/bus/bus" dev="overlay" ino=67 res=1 errno=0
[  746.262181][T13265] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  746.645857][   T38] audit: type=1326 audit(746.245:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.645907][   T38] audit: type=1326 audit(746.245:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.650062][   T38] audit: type=1326 audit(746.255:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.650105][   T38] audit: type=1326 audit(746.255:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.650139][   T38] audit: type=1326 audit(746.255:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.650172][   T38] audit: type=1326 audit(746.255:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.650213][   T38] audit: type=1326 audit(746.255:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.650246][   T38] audit: type=1326 audit(746.255:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  746.654666][   T38] audit: type=1326 audit(746.255:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13272 comm="syz.2.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f634044f6c9 code=0x7ffc0000
[  750.657149][T13315] syz_tun: entered allmulticast mode
[  750.758295][T13315] dvmrp8: entered allmulticast mode
[  750.838375][T13314] syz_tun: left allmulticast mode
[  751.527314][T13331] serio: Serial port ptm1
[  752.640232][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  752.640320][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  752.804839][T10124] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.248687][   T10] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  753.261291][T11045] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  753.269491][T11045] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  753.278510][T11045] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  753.282393][T11045] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  753.283977][T11045] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  753.396024][   T10] usb 8-1: Using ep0 maxpacket: 8
[  753.403237][   T10] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  753.403275][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.403301][   T10] usb 8-1: Product: syz
[  753.403319][   T10] usb 8-1: Manufacturer: syz
[  753.403338][   T10] usb 8-1: SerialNumber: syz
[  753.410212][   T10] usb 8-1: config 0 descriptor??
[  754.685575][   T10] usb 8-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  755.706690][T11734] Bluetooth: hci1: command tx timeout
[  755.963599][T10124] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  756.601902][T13393] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[  756.601927][T13393] CUSE: unknown device info "3�ܟ�,��̘�"
[  756.602262][T13393] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[  756.602262][T13393] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[  756.602402][T13393] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[  756.602475][T13393] CUSE: DEVNAME unspecified
[  757.743342][T11734] Bluetooth: hci1: command tx timeout
[  758.942281][   T10] dvb_usb_rtl28xxu 8-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  759.001354][   T10] usb 8-1: USB disconnect, device number 24
[  759.073785][T10124] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  759.229674][T13371] lo speed is unknown, defaulting to 1000
[  759.296028][T13402] syzkaller0: entered allmulticast mode
[  759.825619][T11734] Bluetooth: hci1: command tx timeout
[  761.340937][T10124] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  761.906225][T11734] Bluetooth: hci1: command tx timeout
[  763.552434][T10124] bridge_slave_1: left allmulticast mode
[  763.552465][T10124] bridge_slave_1: left promiscuous mode
[  763.552716][T10124] bridge0: port 2(bridge_slave_1) entered disabled state
[  763.781789][T10124] bridge_slave_0: left allmulticast mode
[  763.781814][T10124] bridge_slave_0: left promiscuous mode
[  763.782011][T10124] bridge0: port 1(bridge_slave_0) entered disabled state
[  765.894840][T13463] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  777.100495][T13533] netlink: 'syz.8.2752': attribute type 1 has an invalid length.
[  778.846681][T10124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  778.908115][T10124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  778.932389][T10124] bond0 (unregistering): Released all slaves
[  779.007291][T13371] chnl_net:caif_netlink_parms(): no params data found
[  779.057002][T13533] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  779.816031][   T44] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  780.126802][   T44] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  780.126831][   T44] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  780.126875][   T44] usb 9-1: config 1 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  780.126895][   T44] usb 9-1: config 1 interface 0 has no altsetting 0
[  780.130651][   T44] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  780.130683][   T44] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.130705][   T44] usb 9-1: Product: syz
[  780.130721][   T44] usb 9-1: Manufacturer: syz
[  780.130737][   T44] usb 9-1: SerialNumber: syz
[  780.228067][T13553] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2757'.
[  783.604571][   T10] usb 9-1: USB disconnect, device number 3
[  793.407279][    C1] ------------[ cut here ]------------
[  793.407299][    C1] WARNING: CPU: 1 PID: 29 at kernel/time/timer.c:1785 __run_timer_base+0x777/0x970
[  793.407343][    C1] Modules linked in:
[  793.407360][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  793.407381][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  793.407393][    C1] RIP: 0010:__run_timer_base+0x777/0x970
[  793.407417][    C1] Code: 26 4d 85 e4 74 7d e8 68 f6 12 00 e9 48 fe ff ff e8 5e f6 12 00 48 8b 5c 24 28 43 80 7c 3d 00 00 75 d4 eb da e8 4a f6 12 00 90 <0f> 0b 90 48 8b 44 24 40 42 80 3c 38 00 48 8b 5c 24 28 74 a9 48 89
[  793.407433][    C1] RSP: 0018:ffffc90000a3f9a0 EFLAGS: 00010046
[  793.407456][    C1] RAX: ffffffff81abc9d6 RBX: 0000000000000000 RCX: ffff88801bac9e00
[  793.407468][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[  793.407479][    C1] RBP: ffffc90000a3fb10 R08: 0000000000000000 R09: 0000000000000100
[  793.407491][    C1] R10: dffffc0000000000 R11: fffffbfff1dac60f R12: ffff888029016c10
[  793.407505][    C1] R13: 1ffff92000147f4c R14: ffffc90000a3fa60 R15: dffffc0000000000
[  793.407519][    C1] FS:  0000000000000000(0000) GS:ffff888126ef9000(0000) knlGS:0000000000000000
[  793.407533][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  793.407546][    C1] CR2: 00007f5145ae7dac CR3: 0000000036b66000 CR4: 00000000003526f0
[  793.407563][    C1] Call Trace:
[  793.407570][    C1]  <TASK>
[  793.407594][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  793.407635][    C1]  run_timer_softirq+0xb7/0x180
[  793.407659][    C1]  handle_softirqs+0x22f/0x710
[  793.407693][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  793.407726][    C1]  run_ktimerd+0xcf/0x190
[  793.407751][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[  793.407775][    C1]  ? schedule+0x91/0x360
[  793.407807][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  793.407830][    C1]  smpboot_thread_fn+0x542/0xa60
[  793.407855][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  793.407886][    C1]  kthread+0x711/0x8a0
[  793.407918][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  793.407941][    C1]  ? __pfx_kthread+0x10/0x10
[  793.407966][    C1]  ? rt_spin_unlock+0x150/0x200
[  793.407991][    C1]  ? rt_spin_unlock+0x161/0x200
[  793.408009][    C1]  ? __pfx_kthread+0x10/0x10
[  793.408038][    C1]  ret_from_fork+0x4bc/0x870
[  793.408063][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  793.408092][    C1]  ? __switch_to_asm+0x39/0x70
[  793.408110][    C1]  ? __switch_to_asm+0x33/0x70
[  793.408127][    C1]  ? __pfx_kthread+0x10/0x10
[  793.408156][    C1]  ret_from_fork_asm+0x1a/0x30
[  793.408191][    C1]  </TASK>
[  793.408205][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  793.408217][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  793.408237][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  793.408247][    C1] Call Trace:
[  793.408254][    C1]  <TASK>
[  793.408260][    C1]  dump_stack_lvl+0x99/0x250
[  793.408289][    C1]  ? __asan_memcpy+0x40/0x70
[  793.408311][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  793.408340][    C1]  ? __pfx__printk+0x10/0x10
[  793.408375][    C1]  vpanic+0x237/0x6d0
[  793.408393][    C1]  ? __pfx_vpanic+0x10/0x10
[  793.408421][    C1]  panic+0xb9/0xc0
[  793.408443][    C1]  ? __pfx_panic+0x10/0x10
[  793.408475][    C1]  __warn+0x31b/0x4b0
[  793.408492][    C1]  ? __run_timer_base+0x777/0x970
[  793.408516][    C1]  ? __run_timer_base+0x777/0x970
[  793.408538][    C1]  report_bug+0x2be/0x4f0
[  793.408562][    C1]  ? __run_timer_base+0x777/0x970
[  793.408585][    C1]  ? __run_timer_base+0x777/0x970
[  793.408607][    C1]  ? __run_timer_base+0x779/0x970
[  793.408629][    C1]  handle_bug+0x84/0x160
[  793.408659][    C1]  exc_invalid_op+0x1a/0x50
[  793.408688][    C1]  asm_exc_invalid_op+0x1a/0x20
[  793.408706][    C1] RIP: 0010:__run_timer_base+0x777/0x970
[  793.408728][    C1] Code: 26 4d 85 e4 74 7d e8 68 f6 12 00 e9 48 fe ff ff e8 5e f6 12 00 48 8b 5c 24 28 43 80 7c 3d 00 00 75 d4 eb da e8 4a f6 12 00 90 <0f> 0b 90 48 8b 44 24 40 42 80 3c 38 00 48 8b 5c 24 28 74 a9 48 89
[  793.408744][    C1] RSP: 0018:ffffc90000a3f9a0 EFLAGS: 00010046
[  793.408759][    C1] RAX: ffffffff81abc9d6 RBX: 0000000000000000 RCX: ffff88801bac9e00
[  793.408772][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[  793.408782][    C1] RBP: ffffc90000a3fb10 R08: 0000000000000000 R09: 0000000000000100
[  793.408794][    C1] R10: dffffc0000000000 R11: fffffbfff1dac60f R12: ffff888029016c10
[  793.408808][    C1] R13: 1ffff92000147f4c R14: ffffc90000a3fa60 R15: dffffc0000000000
[  793.408829][    C1]  ? __run_timer_base+0x776/0x970
[  793.408873][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  793.408912][    C1]  run_timer_softirq+0xb7/0x180
[  793.408936][    C1]  handle_softirqs+0x22f/0x710
[  793.408968][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  793.409000][    C1]  run_ktimerd+0xcf/0x190
[  793.409026][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[  793.409049][    C1]  ? schedule+0x91/0x360
[  793.409079][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  793.409101][    C1]  smpboot_thread_fn+0x542/0xa60
[  793.409126][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  793.409158][    C1]  kthread+0x711/0x8a0
[  793.409189][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  793.409213][    C1]  ? __pfx_kthread+0x10/0x10
[  793.409242][    C1]  ? rt_spin_unlock+0x150/0x200
[  793.409270][    C1]  ? rt_spin_unlock+0x161/0x200
[  793.409286][    C1]  ? __pfx_kthread+0x10/0x10
[  793.409317][    C1]  ret_from_fork+0x4bc/0x870
[  793.409347][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  793.409382][    C1]  ? __switch_to_asm+0x39/0x70
[  793.409398][    C1]  ? __switch_to_asm+0x33/0x70
[  793.409413][    C1]  ? __pfx_kthread+0x10/0x10
[  793.409444][    C1]  ret_from_fork_asm+0x1a/0x30
[  793.409477][    C1]  </TASK>
[  794.519882][    C1] Shutting down cpus with NMI
[  794.520228][    C1] Kernel Offset: disabled