last executing test programs:

2m46.407666251s ago: executing program 2 (id=147):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x0, 0x0, [0x0, 0x20000240, 0xc, 0x9, 0x130f], 0x0, 0x0, 0x0}, 0xe0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="1800298014e5298005000c000000000006000500591a0000", @ANYBLOB="0300000000000089af96ad00000008000300", @ANYRES32=r7, @ANYRES64=r1], 0x34}}, 0x4010)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00')
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file1\x00')
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})

2m45.497524606s ago: executing program 2 (id=154):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5c, 0x80, 0x0, 0x89}, &(0x7f00000001c0), &(0x7f0000000380))
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000080)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x584, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x4}]}}, @filter_kind_options=@f_cgroup={{0xb}, {0x52c, 0x2, [@TCA_CGROUP_EMATCHES={0x320, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x158, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x1, 0x0, 0x0, {{0x3, 0x2, 0x3}, {0x80, 0x7, 0x2, "74bde958131bd6"}}}, @TCF_EM_IPT={0x44, 0x1, 0x0, 0x0, {{0x69a4, 0x9, 0x7}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0x22, 0x5, "a9f2a42d52ba23d63395f9ca755505686d63e20c4343e9fc364849fe563f"}]}}, @TCF_EM_CONTAINER={0xf8, 0x2, 0x0, 0x0, {{0x1ff, 0x0, 0x5}, "5965cd8a4f42c25e1cdf54cb511b78664dd6ced799c945d03c607483b850a2eda7edab530c0ddbf4abe4e8416326f227410488a0ffeae8a96bf0c1babfccb99c9f9bac5699104d429245118c8b8cc79bf9a4a5ec66d96f59247ea1dcff1122d9552db257f5c57018465c6d066435c4494648272ff618f1e4dfd3dbe746604d0ddec398e8e2e7afb68383977de7e8dbd546d8c22722a4beaf34ff023f0d20b9b780389db0f407917870a4e707e3768c7c028caed47a876786962880885ed2450f571e43cbee37c7059ea63beb045ceda37923ccc7d8b9e3e871e520e3b810189072f303aaceefa8cccf"}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_LIST={0xd8, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x77, 0x1, 0x3}, {0x4, 0x7, 0x8, 0x2, 0x3, 0x1, 0x2}}}, @TCF_EM_IPT={0x14, 0x2, 0x0, 0x0, {{0x5, 0x9, 0x7fff}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x1}]}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xed9, 0x8, 0x8}, {0x4, 0x1, 0x1}}}, @TCF_EM_META={0x80, 0x3, 0x0, 0x0, {{0x80, 0x4, 0x100}, [@TCA_EM_META_LVALUE={0xd, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="fd", @TCF_META_TYPE_INT=0x5]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="6aca28888a82", @TCF_META_TYPE_VAR='G']}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_VAR="566abb09e429a54607a0", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_LVALUE={0x2c, 0x2, [@TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="bc3f86c7d8", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="d544235dfc9fa7e0a3", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="7143f0", @TCF_META_TYPE_VAR="6a91b815346b90dcc4", @TCF_META_TYPE_VAR="5015"]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="c860cf", @TCF_META_TYPE_INT=0x401]}]}}, @TCF_EM_NBYTE={0x18, 0x2, 0x0, 0x0, {{0x1000, 0x2, 0x9}, {0x8d34, 0x8, 0x1, "1d5800c563305634"}}}]}, @TCA_EMATCH_TREE_LIST={0xe0, 0x2, 0x0, 0x1, [@TCF_EM_META={0xac, 0x2, 0x0, 0x0, {{0x7f, 0x4, 0xb}, [@TCA_EM_META_RVALUE={0x1b, 0x3, [@TCF_META_TYPE_VAR="eb08a3", @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="4de41b54", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT]}, @TCA_EM_META_RVALUE={0xc, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_LVALUE={0x7, 0x2, [@TCF_META_TYPE_VAR="1d5a5b"]}, @TCA_EM_META_LVALUE={0x2c, 0x2, [@TCF_META_TYPE_VAR="3afe", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="0025d52e0d89d9a4", @TCF_META_TYPE_VAR="6c0cd2f7b08ad362", @TCF_META_TYPE_VAR="5a3984e53ad9681f", @TCF_META_TYPE_VAR="f8bb"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x501b, 0x10, 0x2}, {0x1ff, 0x1}}}, @TCA_EM_META_RVALUE={0xd, 0x3, [@TCF_META_TYPE_VAR="34c6eba0918ef888d4", @TCF_META_TYPE_VAR]}, @TCA_EM_META_LVALUE={0x25, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="2467bc702868a610", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x106, @TCF_META_TYPE_VAR="bd", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x3, 0x7, 0x1}, {{0x1, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}}}}, @TCF_EM_IPT={0x1c, 0x1, 0x0, 0x0, {{0xb530}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}]}, @TCA_CGROUP_ACT={0x208, 0x1, [@m_xt={0x204, 0x13, 0x0, 0x0, {{0x7}, {0x120, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x6a}, @TCA_IPT_TARG={0x114, 0x6, {0xc501, 'nat\x00', 0xa, 0x10, "5aa33f2b64f6650d009b63bfc088a0d7563249a42df365422c4e88c70880bfc9aa886dcc2f57c831738e8d64a816ac2712ab081731b969b30964e6dd1fc10a2bb334b3396efc4fc4b8413cd8cc9ec1de4be88bc819050a7e6b382c0018e294e450809d6a707152bbf3df041d3d0816037745104423c5e226f8776796848bbc08c1d5127271411bb555f13066852e8b1c0e85c16f17bdfed2c2c0ee9c3affb4499153aadeaa4322b818d7c4992e86c04a3d0216573590ed1068b3df099b57478c65486bfac13b97f09d8cc105d20ed853bad6e5121464840e242217023c827166e193573491aad93e5162"}}]}, {0xbf, 0x6, "4247000cc55c72f0c786901327395509b03cdeeb7aeaf80316994c19ab7b8fd555a90bd0023705b0253721dfd1b6b7b06cce8a67cccd62fd20644d013b1c7e85bbc16c2479e483f6919c0e3d3c0b1797f608c66419214572864c6e3e59dfe96f11bdb03c5d79e487d6800d928a616fdae0139c7e6d14d9a79e5caa40f1fb3b74c7029110dffc44459331e19cb9f2d79c6a780194ed4bcc09d32a4caa457af3811021b79ef91ec0d00f83a434fb481f2e321673258c77e8e60a5f95"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x14, 0x1}}]}, 0x584}}, 0x0)
sendmmsg(r4, &(0x7f0000006780)=[{{0x0, 0x0, 0x0}}], 0x80000000000020c, 0x0)

2m44.608455984s ago: executing program 2 (id=159):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB="da2261875f58323cf5704ca92bdcc7e39a892ad9ce2e9482b397d74faa777043c798"], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="07000000000000000000020000000c0001800500020001000000f84293458d27c97efd35000000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

2m43.728303747s ago: executing program 2 (id=163):
syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r0 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x40, 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) (async)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000002c0)=0x4000000)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b"], 0x0) (async)
r2 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b"], 0x0)
r3 = socket$kcm(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00', 0x10)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)
r4 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10) (async)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) (async)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$afs(0x0, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) (async)
mount$afs(0x0, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000400)={[{@dyn}]})
mount$afs(0x0, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x2004000, &(0x7f0000000400)={[{@dyn}]})
epoll_create1(0x80000)
syz_usb_disconnect(r2)
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522)
socket$xdp(0x2c, 0x3, 0x0) (async)
socket$xdp(0x2c, 0x3, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x2040, 0x0) (async)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x2040, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

2m40.628111985s ago: executing program 2 (id=176):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x34, 0x13, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
r2 = dup(r0)
r3 = openat$hwrng(0xffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000100)={<r4=>0x0, 0x40, 0x30, 0x7, 0x80000000}, &(0x7f00000001c0)=0x18)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000200)={r4, 0x46a}, 0x8)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$video(0x0, 0x7, 0x40580)
fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
openat$khugepaged_scan(0xffffff9c, &(0x7f0000000280), 0x1, 0x0)
r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0x1100005}, 0x10)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000001000a00000800040001000000", 0x24)
ioctl$AUTOFS_IOC_CATATONIC(r7, 0xc0089364, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000000080)={'veth1_macvtap\x00'})
sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x6000, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="140100002c00010000000000000000000401"], 0x114}], 0x1}, 0x2000000000000000)
socket$kcm(0x29, 0x5, 0x0)

2m40.327908148s ago: executing program 2 (id=177):
r0 = socket(0x1d, 0x2, 0xcb5)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x6a, 0x2, 0x0, 0x0)

2m40.273532886s ago: executing program 32 (id=177):
r0 = socket(0x1d, 0x2, 0xcb5)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x6a, 0x2, 0x0, 0x0)

5.675540059s ago: executing program 3 (id=1085):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB="da2261875f58323cf5704ca92bdcc7e39a892ad9ce2e9482b397d74faa777043c798"], 0x0, 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="07000000000000000000020000000c0001800500020001000000f84293458d27c97efd35000000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

4.50639675s ago: executing program 3 (id=1090):
socket$xdp(0x2c, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0x8, 0x8}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
r1 = getpid()
sched_setscheduler(r1, 0x0, &(0x7f00000000c0)=0xffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$dri(0x0, 0xab, 0x0)
io_uring_setup(0x25f2, &(0x7f0000000500)={0x0, 0xeb53, 0x850, 0x120, 0x182, 0x0, r4})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpu.weight.nice\x00', 0x2, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@newtfilter={0x24, 0x2c, 0x20, 0xfffffff2, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x4}, {0x0, 0xc}, {0x5, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1)
recvmmsg(r8, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f00000003c0)=""/206, 0xce}], 0x1}, 0x400000}], 0x1, 0x0, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000140)=ANY=[], 0x27)
io_uring_enter(0xffffffffffffffff, 0x4a25, 0x14e8, 0xf, &(0x7f00000002c0)={[0x3, 0x22]}, 0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x4c)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x840)
syz_open_dev$ttys(0xc, 0x2, 0x0)

4.107342353s ago: executing program 1 (id=1091):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x200, [0x2, 0x0, 0x0, 0x7ff, 0x1951, 0x51d5, 0x7ff, 0x60f4, 0x100, 0x7, 0x8, 0x404, 0x1006, 0x8, 0xfffa, 0x0, 0x1, 0x7, 0x4, 0x71, 0x6, 0x1, 0x7, 0x7fff, 0xfffa, 0x3, 0x5, 0x8000, 0x40, 0xfd7d, 0x80, 0x3b, 0x401, 0xe, 0x7, 0xa, 0xfb, 0x5, 0x7, 0x0, 0x1, 0x9, 0x6, 0x7, 0x10, 0x0, 0x2, 0x1], 0x80000200}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000000240)=ANY=[], 0x48)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x1000007, 0x2172, r0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000380)={0x2c, r3, 0x101, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000380))
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000002c0)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/42, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000005c0)=ANY=[], 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)

2.786875627s ago: executing program 3 (id=1095):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/key-users\x00', 0x0, 0x0)
preadv2(r4, 0x0, 0x0, 0x2b, 0x0, 0x0)
write$tun(r4, &(0x7f0000000480)=ANY=[@ANYBLOB="0000884c04000078c40002000c00677c5c6f00b811fffe880000000000000000000000000001fe8000000000000000000000000000aa3c08000000000000033fe9ca48a40a306d16f2c1babb623f3f453e65d7e266e24e6511c0fabe5fa234f9951cf0ce8010fd0d005098b7194306df11661d1613a40a000000000000003c00052864000000a10038106500000004005751650000002c00ea21670000004e224e20004890780300000003000000d8b60d99178c59ce0e08bab6a8b0387ed37e034601959aaffc88ad2cbda4106765749140f3bbe17dea9ca35fdb5a694b31ec6f9ea8adf07a"], 0xee)
io_setup(0x4082, &(0x7f0000000380))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
unshare(0x400)
r5 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r7 = io_uring_setup(0x253c, &(0x7f0000000000)={0x0, 0x0, 0x1000, 0x3, 0x2})
r8 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
close_range(r7, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_to_hsr\x00', &(0x7f0000000080)=@ethtool_coalesce={0xf, 0x1, 0x408, 0x4, 0x3, 0x8, 0x200, 0x12000000, 0x280, 0xc, 0x8d9b, 0x6e0, 0x7, 0x3, 0x1fda4c1e, 0x5c, 0x875d, 0x6, 0x800, 0x45a, 0x7, 0x2bc4, 0xffff0000}})

2.78626931s ago: executing program 4 (id=1096):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5c, 0x80, 0x0, 0x89}, &(0x7f00000001c0), &(0x7f0000000380))
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000080)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="00000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x584, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x4}]}}, @filter_kind_options=@f_cgroup={{0xb}, {0x52c, 0x2, [@TCA_CGROUP_EMATCHES={0x320, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x158, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x1, 0x0, 0x0, {{0x3, 0x2, 0x3}, {0x80, 0x7, 0x2, "74bde958131bd6"}}}, @TCF_EM_IPT={0x44, 0x1, 0x0, 0x0, {{0x69a4, 0x9, 0x7}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0x22, 0x5, "a9f2a42d52ba23d63395f9ca755505686d63e20c4343e9fc364849fe563f"}]}}, @TCF_EM_CONTAINER={0xf8, 0x2, 0x0, 0x0, {{0x1ff, 0x0, 0x5}, "5965cd8a4f42c25e1cdf54cb511b78664dd6ced799c945d03c607483b850a2eda7edab530c0ddbf4abe4e8416326f227410488a0ffeae8a96bf0c1babfccb99c9f9bac5699104d429245118c8b8cc79bf9a4a5ec66d96f59247ea1dcff1122d9552db257f5c57018465c6d066435c4494648272ff618f1e4dfd3dbe746604d0ddec398e8e2e7afb68383977de7e8dbd546d8c22722a4beaf34ff023f0d20b9b780389db0f407917870a4e707e3768c7c028caed47a876786962880885ed2450f571e43cbee37c7059ea63beb045ceda37923ccc7d8b9e3e871e520e3b810189072f303aaceefa8cccf"}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_LIST={0xd8, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x77, 0x1, 0x3}, {0x4, 0x7, 0x8, 0x2, 0x3, 0x1, 0x2}}}, @TCF_EM_IPT={0x14, 0x2, 0x0, 0x0, {{0x5, 0x9, 0x7fff}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x1}]}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xed9, 0x8, 0x8}, {0x4, 0x1, 0x1}}}, @TCF_EM_META={0x80, 0x3, 0x0, 0x0, {{0x80, 0x4, 0x100}, [@TCA_EM_META_LVALUE={0xd, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="fd", @TCF_META_TYPE_INT=0x5]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="6aca28888a82", @TCF_META_TYPE_VAR='G']}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_VAR="566abb09e429a54607a0", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_LVALUE={0x2c, 0x2, [@TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="bc3f86c7d8", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="d544235dfc9fa7e0a3", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="7143f0", @TCF_META_TYPE_VAR="6a91b815346b90dcc4", @TCF_META_TYPE_VAR="5015"]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="c860cf", @TCF_META_TYPE_INT=0x401]}]}}, @TCF_EM_NBYTE={0x18, 0x2, 0x0, 0x0, {{0x1000, 0x2, 0x9}, {0x8d34, 0x8, 0x1, "1d5800c563305634"}}}]}, @TCA_EMATCH_TREE_LIST={0xe0, 0x2, 0x0, 0x1, [@TCF_EM_META={0xac, 0x2, 0x0, 0x0, {{0x7f, 0x4, 0xb}, [@TCA_EM_META_RVALUE={0x1b, 0x3, [@TCF_META_TYPE_VAR="eb08a3", @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="4de41b54", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT]}, @TCA_EM_META_RVALUE={0xc, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_LVALUE={0x7, 0x2, [@TCF_META_TYPE_VAR="1d5a5b"]}, @TCA_EM_META_LVALUE={0x2c, 0x2, [@TCF_META_TYPE_VAR="3afe", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="0025d52e0d89d9a4", @TCF_META_TYPE_VAR="6c0cd2f7b08ad362", @TCF_META_TYPE_VAR="5a3984e53ad9681f", @TCF_META_TYPE_VAR="f8bb"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x501b, 0x10, 0x2}, {0x1ff, 0x1}}}, @TCA_EM_META_RVALUE={0xd, 0x3, [@TCF_META_TYPE_VAR="34c6eba0918ef888d4", @TCF_META_TYPE_VAR]}, @TCA_EM_META_LVALUE={0x25, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="2467bc702868a610", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x106, @TCF_META_TYPE_VAR="bd", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x3, 0x7, 0x1}, {{0x1, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}}}}, @TCF_EM_IPT={0x1c, 0x1, 0x0, 0x0, {{0xb530}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}]}, @TCA_CGROUP_ACT={0x208, 0x1, [@m_xt={0x204, 0x13, 0x0, 0x0, {{0x7}, {0x120, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x6a}, @TCA_IPT_TARG={0x114, 0x6, {0xc501, 'nat\x00', 0xa, 0x10, "5aa33f2b64f6650d009b63bfc088a0d7563249a42df365422c4e88c70880bfc9aa886dcc2f57c831738e8d64a816ac2712ab081731b969b30964e6dd1fc10a2bb334b3396efc4fc4b8413cd8cc9ec1de4be88bc819050a7e6b382c0018e294e450809d6a707152bbf3df041d3d0816037745104423c5e226f8776796848bbc08c1d5127271411bb555f13066852e8b1c0e85c16f17bdfed2c2c0ee9c3affb4499153aadeaa4322b818d7c4992e86c04a3d0216573590ed1068b3df099b57478c65486bfac13b97f09d8cc105d20ed853bad6e5121464840e242217023c827166e193573491aad93e5162"}}]}, {0xbf, 0x6, "4247000cc55c72f0c786901327395509b03cdeeb7aeaf80316994c19ab7b8fd555a90bd0023705b0253721dfd1b6b7b06cce8a67cccd62fd20644d013b1c7e85bbc16c2479e483f6919c0e3d3c0b1797f608c66419214572864c6e3e59dfe96f11bdb03c5d79e487d6800d928a616fdae0139c7e6d14d9a79e5caa40f1fb3b74c7029110dffc44459331e19cb9f2d79c6a780194ed4bcc09d32a4caa457af3811021b79ef91ec0d00f83a434fb481f2e321673258c77e8e60a5f95"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x14, 0x1}}]}, 0x584}}, 0x0)
sendmmsg(r4, &(0x7f0000006780)=[{{0x0, 0x0, 0x0}}], 0x80000000000020c, 0x0)

2.589851148s ago: executing program 0 (id=1097):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}, {&(0x7f00000002c0)='2', 0x1}], 0x2, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x609e917f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="290000001600190f00003fffffffda0602000000ffe80001dd0000040d001800ea1101650005000000", 0x29}], 0x1)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r0, 0xffffffffffffffff, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="043c"], 0xa)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x20010, 0xffffffffffffffff, 0x16718000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r5, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_AUDIO(r7, 0x40345622, &(0x7f0000000200)={0x6, "d244ccffc57d420d18213903928777c2bd55f1cc7f6bd5eaefd4dd43f4133fbe", 0x2})
sendmsg$nl_route(r6, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000300)=ANY=[@ANYBLOB="4000000013000500"/20, @ANYRES32=0x0, @ANYBLOB="00231300b482cd2cec07459c1811ee2afa0c00000000000014000300776c616e3100000000000000000000000a0001000180c20000000000"], 0x40}}, 0x0)

2.066967307s ago: executing program 0 (id=1098):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x14, r1, 0x601, 0x3f00}, 0x14}}, 0x0)

2.015650468s ago: executing program 0 (id=1099):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050007200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.01529905s ago: executing program 0 (id=1100):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x1, 0x800000, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x2410}, [@IFLA_VFINFO_LIST={0x8, 0x16, 0x0, 0x1, [{0x4}]}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x20004004)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$kcm(0x2, 0xa, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001f80), r2)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000007002e0000000c000500000000000000000008000200", @ANYRES32=r0, @ANYBLOB="e169b532634d29d717f30c0c5d0443211324b205433b1e0ee61b1f3eef2551205be273472e2c01035cae5087d921b35e11285faaeb2dfca3318dc5580ee2d5b65e2595ee5303a200c8f412b590e56d64740e5683bbec8b4c2f5664ef213353e3afab4621a8238c171ebc0fd69cd2b2de406848b73bbf74b0fb7545afcc4fb0f10e9938c20f570725c7fce276555a58f27774acbe6b987b6f6b01bd596ad8137577e3c9b979e2af1a0d"], 0x30}}, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
write$tun(0xffffffffffffffff, &(0x7f0000000280)={@val={0x6f01, 0x800}, @void, @mpls={[], @generic="b849b7b54ab478beab2f1431c247ac4b3a4e04f604"}}, 0x19)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x7}, [@NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x1c, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x800)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x4001, 0x3, 0x27c, 0x12c, 0x600, 0x148, 0x0, 0x148, 0x1e8, 0x240, 0x240, 0x1e8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'ip6gretap0\x00'}, 0x0, 0xcc, 0x12c, 0x0, {}, [@common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffe}}, @common=@inet=@socket3={{0x24}}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x9c, 0xbc, 0x0, {}, [@common=@ah={{0x2c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x2d8)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
r8 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_MIDI_PRETIME(r8, 0xc0046d00, &(0x7f00000000c0)=0x101)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, 0x0}, 0xe0)

1.796769231s ago: executing program 4 (id=1101):
memfd_create(0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000001280)=ANY=[@ANYBLOB="100700001900010000000000000000011d010900040000ffffff7f800702b78014006500ff02000000000000000000000000000173d995db3b24e54fa666758b1985411262dc773c5be602080000007e86ececf9ac89f23a2426b41282638de01d58323def71fd98a815ecc2936392bffdc8054990a11009c07b8d5d1c08d31872cc13794a1a85fcb16fd255fd6460051b84c102df68bbc2d2b1e6385b7996c5a6a6c069fc4ee4e94c9b979bd20277377949b200ba28b508b0910004f8172be190594c7060cd8945f603823453cb24c8ce91cc60ed862b3ca1d1a29a47bb8b9ab4e44e48816a9f3342c1f36c57a3416c546309004e5834708943c4bcd35f3cffdeac0e4309c1edeea3888622d1ae3f9675aeff9c6035a2e9ede669e340bad6a670a92efdf45f1761b1d3d40400a0800800250000000000", @ANYBLOB="b80024003e57b661bcb31395221b08e88e340e13bb6804906be5f68401e3ae516671fce57e3b136ac6e125933b45cf521c4fc51351cf0bc3ef37de04a6d48a7311bb2046396679abdf89c614429ddd81fac290a6ba7184ef7ef5c6ca7f28ed8484ddcb63143fb01b50316a8e1a81d4ddf23235a0e8702f669b2edc9e2c7ea75505cd4bdd98a0751d95c658a76eae2f7f1909fbf0353ed704a27e9faf22a8997d5eaa7196d1", @ANYRES32, @ANYBLOB="ac8aca9f76f95e5cdfe61e752b19a5c78a4087262617cbb1befb328b4e3d9607d52863ee3ec317d7a69ade0ace12a2a044006e75c837b6f357ff2e0ca2f45c3bf1221d7aa8755180f9a8622b23239d59b81eb74abec4a876dfdef4d663c0eb13dceef07ae72214f94c44f2e837b9442bde917459d276b900ac8004003a8055bd55a992a23b25d96e04e1b3c32bb1dfbfa8047f7696a33dfb6e8a9ccb0af3d2769a4722627cd4c12599f7e2e8bd1fb75fc649d83ab5a9493608936b21b9c9b57ccb78ce4632a23709bd02d80b9c3e5e24046adb931fcb67d291d1746ff3a89c82e288828bb132f8f2c093a61236fc38a50b310d334f4dff1e78b2e266ff1bef68458a2a01cc6c4ab1cdea4861d1fc12c1dbfb1afa4066d20400dd80040002800400bf80040013800400268004000c800000007d00810014b067a2bf13e7b2782cc9e45c091f2a71837345362bb1021e5e4c418aa24a8e30242f8d0789cc6964fba7cb91be6488e296727c1851bb8e83bb8a00691f2101c5e29b5c0f213bae99f26e40c4f9049d9db6723031727f0c823fb46089d2fc1cd608fe3ac3770c71333fca21202dd0888201f820c23bef687e0000006000df8028002c00b98b0106f0e8caaea86de3c668848ecda831fc6ffb0c24a61d8ecc806c1c6d5a6667a60b0c00320000000000000000001400180000000000000000000000ffffac1414aa040003000c00140007000000000000000400ab8036027680abc48bb651abbf16b21df2bc9a3fac94c0128270b280e72b87edf3407cc7eafff3cb88d9865ab12b27262182b3f18a5667db68c18a48dfd83cce6a71ab04e78c341a4e09d48494c966668c2b66c8133a89c294b76392807f5286a2620ca29782e105437b8254f818209f146f65a490250e834cad6b3f6edf14be82368a23d9ebf6e916473517dae5eec77c3d671fb0477d4470eac74fc9237f58f1a3eb59d4a648965daec7e7c952564955988a8345270a98c48bab761f270373c153a0068d72b698918905d23228df0a7c5a97a03e5e4a8bfda865953b52daeda3ac4069778485e72e8b2c0ae50cb77b0e4b742303d71c29973c4fdf53e00d1e7660aeb989fd172ba3b5a7b420e0a54d13fc0787261ce11daeac3cab5132de104cbe36b865a962f7035d375f7a9d936236a3c7182e3968ebccc58f2560ef83ce6830a83272031a743620ed95cb90caeb41a6dc0548cbb5ac949792560fc3d13265fa4508fc9abe318171e5eea39744e110122972088adec581859bbc3af762f4aef11abe29cb299bf9c229691527a1578ce8bc8652f93882e3b0cd542e8c754204bd67baad75e36ad3d109d7dfe1c4a0072fdda5835ad5ba391b091d786a8268120546202a5b007a13f53a6b3e8f5a90c0f283b687336041884325e3f6d8a329f6606317d58d03994e5feafb47d16915c4f7452cb7e39d87392f8c2946488eb891905d3d83cfa380e2c3fb3a8f2eab79b17c79f31e4eed6544e2f8630d232194539bb5e1e47812da5c35f1d67a739517428c6a71ee081fdb0000490f6ed33e99579437646ba3164ffa144b1333a25045e63a14712ad1ffb651a191ff1c606caa4a996e9b2c95bc579245e76bf788e4c5451f75b261b58d9638ac99ecb0ccbab506eba3074eaec54dcad016b3a40709a4666a6434d56efdb4d672daf2910ae7c29ee870db341c41c6ff049974cb4d2df536f17633167a7764a6a54aaa5ff97c73f65a4e8a6ec1088f91ec5fb3f9f80bc63fe9f209f8ed74197d6aabe96cccce68781c6e32ed5f3440c3da3edda787c054526372de42edeabcc2e96a40dc8a65ab85508b86d67eded212fdb8000000"], 0x710}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x304}, "96252c3ea0d7753e", "cbf5d3b37b3074a0c87a2b7ca37fa3d6", "be80269a", "eb11c9adbdbc87a7"}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
write$apparmor_exec(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="737461636b203a007e142d901405008f51686a1b04e58da1c2aa2dc7674423031ceeaadd809e2f197b5315feba4faea17a2cde2d8f4b4e86679be4feae2f90d85e4f868184ab71eb8b3b46e9eec8d1b4510514e7a963283044375bcc42e1599905aeba00c4083184d608b0f09a98853bff5571393aafa2838864c0e5278c893827656ade3b2b0a31d415f951ac77cf53ed800c6b74eddb7c10bdbef19499e13f10dac7ed5b00"/177], 0xb1)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'sit0\x00', &(0x7f00000003c0)={'syztnl1\x00', 0x0, 0x7, 0x7, 0x2000, 0x6, {{0x1d, 0x4, 0x0, 0x6, 0x74, 0x68, 0x0, 0x4, 0x29, 0x0, @multicast1, @multicast1, {[@timestamp={0x44, 0x10, 0x68, 0x0, 0x6, [0xb, 0x24d, 0xffff]}, @rr={0x7, 0x27, 0xa4, [@local, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, @multicast2, @private=0xa010102, @rand_addr=0x64010102, @broadcast, @empty]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x1c, 0xd3, 0x1, 0x5, [{@loopback, 0x4}, {@loopback, 0x4}, {@remote, 0xffffffff}]}, @rr={0x7, 0x7, 0x2f, [@multicast2]}, @end]}}}}})
pipe2$watch_queue(&(0x7f0000000200), 0x80)

1.320265927s ago: executing program 3 (id=1102):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
listen(r0, 0x4) (async)
r1 = open(&(0x7f00000001c0)='./file0\x00', 0x315001, 0x48)
r2 = eventfd2(0x4, 0x80002) (async)
r3 = eventfd2(0x9, 0x80001) (async)
r4 = signalfd4(r0, &(0x7f00000004c0)={[0x2, 0xb7]}, 0x8, 0x80000)
r5 = eventfd(0x6) (async)
r6 = eventfd(0x8)
r7 = socket$caif_stream(0x25, 0x1, 0x0)
r8 = eventfd(0x4)
r9 = eventfd(0xffffff80)
io_submit(0x0, 0xa, &(0x7f0000000880)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x8, r0, &(0x7f0000000000)="dedf1148ef4420731c265297b1c513b9bf425c164e8de383db868377c682dae3dda228f69188c66e66e87eb0a2879edd074b0114af597b71390950670a4061ae012477f9e8593b40ac7c8d8baff98ba1c005768d9e013d8e68820b46e9d56690afd69b48891567f128fb7572402c927250ca146adc577e53c6554f7df2c387d2b8b1f2039055", 0x86, 0x8}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x1, r0, &(0x7f0000000100)="15cd52dc336e672388b5603e0d73b12a80b5495b6a13d6f8212821ccb746e5c72e06f9d6df739df3e0bb6a82369b1498ecff0989ebc6e2711130fb108231f871d695dca86cf221a84193aa0d94ee3b970ba2202738d98e0ef22c870e856b44e5975cb91e6495b4ea5955b38521bab7958548538c4a6886c3f8f545a77ee8c0f944a2a853d5bca6", 0x87, 0x5, 0x0, 0x6, r1}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x5, r0, &(0x7f0000000240)="4fc12d9e1c63db2d20dc72c561e497b5120ec18d9f2896682c066581713184978ee56a36cae7c433cfbc77e1f9f8461e4e66b1907f0060be3413f25395a7820fde10b68256f4d336c98ce26e3508b701ebd00646541e594037c81081f41f1d433c2eee1ad726101192f0378c840a6373d2cf5450b734d124b805a21872303a3f9dd67104d152c005ee5ce9e4a83d2e63a948471dfd06e4e6c9620e8978524e093a789e21ea3dc5ece7792bd369c5ab4dec8865497ef1dd588ce2f0592a939100a0ab52292e22366e9dadf660fbfc9310abbdf99285059376610e03", 0xdb, 0x5, 0x0, 0x3, r2}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x6, r0, &(0x7f0000000380)="f42fd86d03748f7ae96259800d002696c93c378f483a98cf604dbe9b6ecb59741851b812b037a44829d2b193b10be6e1e920a949eb6013445da1675e5544190df90ba66f0d89a544f05c43a6f99c6cfb8d885091c7dc4ca2a05a03849bf49c0b979dfb002bb1dc828c0f241afb0858a89fe6eaac05f8e5d5aa8bae3f94a458ca4ef577ba7ba50b7b7c9afb909de485331025d4d08e07", 0x96, 0x4, 0x0, 0x3, r3}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0xa, 0x4, r0, &(0x7f0000000480)="2c6c318cc6b71d1e6ea8b55fc0a9acb50ec8008ff2725650c8e16a3220498d51ab8aeb7b1478924cffa9cc95354dbdfb5dc31c97091f35ecc8e8bcd350c6fe66", 0x40, 0x2, 0x0, 0x2, r4}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x1, r0, &(0x7f0000000540)="1f4d3fbe459ae67951eb4c851b0cf75b30141d05712a0f1f032bb28aaf9c731cb439e7671bdd628c9a0f9aeaade8a835ae828b27ff9a9ade37be8bff5d59203667c1c694256e106ba66dcec34f1f86e78f7a585e73862a1e1bc1c85702c5a4eba617a1d5e27ef7e569d34d0e627e5e2bc83b2893da2bfc05ec3f87bac3b7051954aab89a21e3c9bb943ec40a279e936755e27f4c9ce9e1c98216844977b0871927987175738fe00f54898ec7d2c28fd3252b9bfb7574401465a45262", 0xbc, 0x8, 0x0, 0x3, r5}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x4, r0, &(0x7f0000000640)="19d364adc5e80ffe774706edf479", 0xe, 0x8625, 0x0, 0x0, r6}, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x4, r7, &(0x7f00000006c0)="a8e4b88e17423828cf185bdd40d7d42b878de5a9b1fd430d68347f7195079b09d95aec1a87124156da", 0x29, 0x0, 0x0, 0x0, r8}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x8, 0xffff, r0, &(0x7f0000000740)="8da3d1c4bacae88cd6a75b4b1b471ab7663507d5afbfe975081d9be4d53b7b67cd1fd547f82d5d", 0x27, 0x5, 0x0, 0x1, r9}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f00000007c0)="29a7120f283374bbe8cf01714d336c58de72cf4f26acb3dc4c2983013085853efb97d6bdf24c31e1699a62136ce41d4e1906cbd1201e9178c18d340b372cc52fdbe923dd0ff5c7050e", 0x49, 0x3, 0x0, 0x5}])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r1, 0xe0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000008c0)=[0x0, 0x0], ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f0000000900)=[0x0, 0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd6, &(0x7f0000000980)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000009c0), &(0x7f0000000a00), 0x8, 0x16, 0x8, 0x8, &(0x7f0000000a40)}}, 0x10) (async)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r4, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0x7, 0x0, 0xa}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4) (async)
ioctl$SOUND_MIXER_READ_CAPS(r1, 0x80044dfc, &(0x7f0000000cc0))
sendmsg$rds(r4, &(0x7f0000001540)={&(0x7f0000000d00)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000000fc0)=[{&(0x7f0000000d40)=""/184, 0xb8}, {&(0x7f0000000e00)=""/168, 0xa8}, {&(0x7f0000000ec0)=""/238, 0xee}], 0x3, &(0x7f0000001340)=[@fadd={0x58, 0x114, 0x6, {{0xfffffffe, 0x2}, &(0x7f0000001000)=0x7ff, &(0x7f0000001040)=0x1ff, 0xd5, 0x5518, 0x8, 0x54f9, 0x78, 0x6}}, @fadd={0x58, 0x114, 0x6, {{0x2, 0xffff}, &(0x7f0000001080)=0x2, &(0x7f00000010c0)=0x2, 0x3, 0x9, 0xe6, 0xb, 0x0, 0x4}}, @fadd={0x58, 0x114, 0x6, {{0x4, 0x80}, &(0x7f0000001100)=0x101, &(0x7f0000001140)=0x1000, 0x5, 0x0, 0x9, 0x4, 0x10, 0x2}}, @fadd={0x58, 0x114, 0x6, {{0x7, 0x5}, &(0x7f0000001180), &(0x7f00000011c0)=0x5, 0x400, 0x80, 0x1, 0x7, 0x20, 0xb}}, @rdma_dest={0x18, 0x114, 0x2, {0xffff, 0x6}}, @rdma_map={0x2c, 0x114, 0x3, {{&(0x7f0000001200)=""/83, 0x53}, &(0x7f0000001280), 0x66}}, @cswp={0x58, 0x114, 0x7, {{0x1000, 0x5}, &(0x7f00000012c0)=0x1, &(0x7f0000001300)=0x7, 0x8000000000000000, 0xe7e, 0x4, 0x1ff, 0x18, 0x6c}}], 0x1fc, 0x800}, 0x40010) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f00000017c0)={'ip6_vti0\x00', &(0x7f0000001740)={'syztnl2\x00', <r11=>0x0, 0x2f, 0x6, 0xff, 0x3, 0x44, @dev={0xfe, 0x80, '\x00', 0x3f}, @empty, 0x1, 0x781f, 0x7, 0xfff}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x11, 0x17, &(0x7f0000001580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xd249}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000001640)='syzkaller\x00', 0x6, 0xa0, &(0x7f0000001680)=""/160, 0x41000, 0x26, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000001800)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xc, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001880)=[r1], 0x0, 0x10, 0x79f, @void, @value}, 0x94)
ioctl$SG_GET_RESERVED_SIZE(r4, 0x2272, &(0x7f0000001980)) (async)
ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0xa) (async)
recvmmsg(r4, &(0x7f0000003000)=[{{&(0x7f00000019c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev}}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000001a40)=""/20, 0x14}], 0x1}, 0x3098}, {{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000001ac0)=""/153, 0x99}], 0x1}, 0x5}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001bc0)=""/202, 0xca}, {&(0x7f0000001cc0)=""/203, 0xcb}, {&(0x7f0000001dc0)=""/4096, 0x1000}, {&(0x7f0000002dc0)=""/254, 0xfe}, {&(0x7f0000002ec0)=""/61, 0x3d}], 0x5, &(0x7f0000002f40)=""/167, 0xa7}, 0x3}], 0x3, 0x2, &(0x7f0000003080)={0x0, 0x989680}) (async)
r12 = syz_genetlink_get_family_id$team(&(0x7f0000003100), r4) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000003140)={'team0\x00', <r13=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000003200)={'ip6tnl0\x00', &(0x7f0000003180)={'ip6tnl0\x00', <r14=>r11, 0x2f, 0xc, 0xc, 0x4, 0x0, @private1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40, 0x10, 0xfffffffe, 0xffff}}) (async)
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000003240)={@mcast2, <r15=>0x0}, &(0x7f0000003280)=0x14)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000003700)={&(0x7f00000030c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000036c0)={&(0x7f00000032c0)={0x3e0, r12, 0x121, 0x70bd26, 0x25dfdbfd, {}, [{{0x8, 0x1, r13}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8, 0x1, r11}, {0x230, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r14}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x15}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r11}, {0x148, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r11}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}]}, 0x3e0}, 0x1, 0x0, 0x0, 0x44080}, 0x8000) (async)
ioctl$SNDCTL_DSP_RESET(r1, 0x5000, 0x0) (async)
r16 = syz_open_dev$cec(&(0x7f0000003740), 0x0, 0x0)
tee(r7, r16, 0x4, 0x2) (async)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000003880)={&(0x7f0000003780)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000003840)={&(0x7f0000003800)={0x30, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x80)

1.23417648s ago: executing program 3 (id=1103):
syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000800"/16], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x8000001, 0x0, 0x3, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000140)={0x19, 0x400000})

1.087053507s ago: executing program 0 (id=1104):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$ubi_ctrl(0xffffff9c, 0x0, 0x80040, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x23, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000005000000000000000600000018110000", @ANYRES64=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000", @ANYBLOB, @ANYRES32, @ANYRES16=r0], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d9c826367e94ff87e48b5c84c384e4da2242cd7402f8ed7ca62f2bc83f74a833985f857aea120980634d28db59881240ddcdb80ae6800e45e612019d9a17a04", 0xa2, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001980)=ANY=[@ANYBLOB="190000000400000008000004ff08007f00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0xfffffffffffffd2a, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, 0x0, 0x0)

1.00513761s ago: executing program 1 (id=1105):
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071183e00000000009500030000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', r0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc01cf509, &(0x7f0000000080)={r1, 0x7, 0x4, 0x1})
r2 = memfd_secret(0x0)
r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000)={'#! ', './file0', [{0x20, '-.*@'}, {}]}, 0x11)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0xea141000, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)

1.004793116s ago: executing program 3 (id=1106):
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @any, 0x3}, 0xfffffffffffffcc1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000c80)=[{0x20, 0xfc, 0x0, 0xfffff00c}]}, 0x8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, {0x6, 0x4, 0x80, 0xff, 0xfdfc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "126b99010000003a08000000a9a50100702a0bcc476b15000000000000850100"}})
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000340)={0x2, 0x0, 0x0, 0xd6d5, 0x6, 0x52d, 0x5})
cachestat(r1, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r2 = syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045003, &(0x7f0000000300))
ioctl$SNDCTL_DSP_RESET(r5, 0x5000, 0x0)
r6 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r6, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r6, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
ioctl$NBD_CLEAR_SOCK(r6, 0xab04)
r7 = syz_open_dev$sndmidi(&(0x7f0000000300), 0x20, 0x961c0)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0xb0601)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000200)='2', 0x1}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.004622816s ago: executing program 1 (id=1107):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x5, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002}, [@call={0x85, 0x0, 0x0, 0x18}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)="fffff00000000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

935.872109ms ago: executing program 1 (id=1108):
socket(0x10, 0x3, 0x0) (async)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000100)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3b, @void, @value}, 0x94)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x5, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) (async)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x8, 0x0, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000000000000000080"], 0x125) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$binder_debug(0xffffff9c, &(0x7f0000000340)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
io_uring_setup(0x84b61, &(0x7f0000000340)={0x0, 0xf93c, 0x2000, 0x20000003, 0x357})
r4 = socket$inet6(0xa, 0x3, 0x400)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES8=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r5}, 0x18) (async)
r6 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r6, 0x541b, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) (async)
bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e1d, 0x4004, @private0}, 0x1c)
listen(r4, 0x20000005)

930.670801ms ago: executing program 4 (id=1109):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xff9e, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x150, 0x10, 0x1, 0x70bd2d, 0x0, {{@in=@rand_addr=0x64010102, @in6=@loopback}, {@in=@remote, 0x2, 0x32}, @in6=@loopback, {0x0, 0x0, 0x800000000, 0x0, 0x9, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x1}, {}, 0x0, 0x0, 0x2, 0x2, 0x0, 0xbf}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x0, 0xffff7fff, 0x0, 0x79}}]}, 0x150}, 0x1, 0x0, 0x0, 0x4048091}, 0x0)

864.801981ms ago: executing program 4 (id=1110):
syz_emit_ethernet(0xa6, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x20, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "ffffffffff60000000000000"}]}}}}}}, 0x0)

796.133451ms ago: executing program 4 (id=1111):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))

795.755335ms ago: executing program 1 (id=1112):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000c80)=[{0x20, 0xfc, 0x0, 0xfffff00c}]}, 0x8)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
cachestat(r3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='nfsd\x00', 0x0, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x10)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)
lseek(r7, 0x1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x121b01)
socket(0xf, 0x3, 0x20000)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000040)={0x1})
r9 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000300)={0x41, 0x3, 0x3, 0x3}, 0x10)
r10 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r10, &(0x7f0000000340)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r10, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
syz_pidfd_open(0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

795.447451ms ago: executing program 4 (id=1113):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x200, [0x2, 0x0, 0x0, 0x7ff, 0x1951, 0x51d5, 0x7ff, 0x60f4, 0x100, 0x7, 0x8, 0x404, 0x1006, 0x8, 0xfffa, 0x0, 0x1, 0x7, 0x4, 0x71, 0x6, 0x1, 0x7, 0x7fff, 0xfffa, 0x3, 0x5, 0x8000, 0x40, 0xfd7d, 0x80, 0x3b, 0x401, 0xe, 0x7, 0xa, 0xfb, 0x5, 0x7, 0x0, 0x1, 0x9, 0x6, 0x7, 0x10, 0x0, 0x2, 0x1], 0x80000200}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000000240)=ANY=[], 0x48)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x1000007, 0x2172, r0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000380)={0x2c, r3, 0x101, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000380))
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000002c0)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/42, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000005c0)=ANY=[], 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)

1.464375ms ago: executing program 1 (id=1114):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfff}, 0x0, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x3f}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x2)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x1}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r5, 0x0, 0x0)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
mknodat$loop(r6, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
unlinkat(r6, &(0x7f0000000240)='./file1\x00', 0x0)
unlink(&(0x7f0000000200)='./file1\x00')

0s ago: executing program 0 (id=1115):
r0 = openat$cuse(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000100)={0x2020}, 0x2020)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r1=>0x0}, &(0x7f0000000080)=0xc)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000801, r1, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000000)={0x3804, {0x35, 0x100000001, 0x3, 0x0, 0x1ff}})

kernel console output (not intermixed with test programs):

   99.226291][   T39] audit: type=1326 audit(1734335339.657:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.4.357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   99.248247][ T7488] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  100.273737][ T7518] netlink: 32 bytes leftover after parsing attributes in process `syz.1.364'.
[  101.037776][ T7514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  101.286893][ T7532] process 'syz.4.368' launched './file1' with NULL argv: empty string added
[  101.594667][ T7549] netlink: 32 bytes leftover after parsing attributes in process `syz.4.373'.
[  101.768467][ T7554] trusted_key: syz.4.375 sent an empty control message without MSG_MORE.
[  101.910736][ T7562] netlink: 'syz.0.374': attribute type 1 has an invalid length.
[  101.913632][ T7562] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.374'.
[  102.225409][   T30] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  102.436939][   T30] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  102.446077][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.449951][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.452819][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.455381][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.457794][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.462956][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.466276][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.469106][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.474224][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.477532][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.480130][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.483496][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.488629][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.491240][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.494150][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.497485][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.499929][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.502776][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.506173][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.508645][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.513766][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.519070][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  102.522031][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  102.527833][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[  102.536006][   T30] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  102.538823][   T30] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  102.585539][   T30] usb 9-1: Product: syz
[  102.591277][   T30] usb 9-1: Manufacturer: syz
[  102.593608][   T30] usb 9-1: SerialNumber: syz
[  102.599429][   T30] usb 9-1: config 0 descriptor??
[  102.609772][   T30] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  102.819432][   T57] usb 9-1: USB disconnect, device number 3
[  102.825508][   T57] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  103.351790][ T7587] netlink: 32 bytes leftover after parsing attributes in process `syz.1.383'.
[  103.774320][ T7580] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.710865][ T7618] binder: 7613:7618 ioctl c0306201 20000300 returned -22
[  105.236448][ T7627] netlink: 16 bytes leftover after parsing attributes in process `syz.3.394'.
[  105.239033][ T7627] netlink: 16 bytes leftover after parsing attributes in process `syz.3.394'.
[  105.244116][ T7627] netlink: 16 bytes leftover after parsing attributes in process `syz.3.394'.
[  106.003685][ T7631] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  106.065349][   T57] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  106.228312][   T57] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  106.230573][   T57] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  106.233226][   T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  106.235877][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  106.238680][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  106.244493][   T57] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  106.246972][   T57] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  106.249043][   T57] usb 6-1: Product: syz
[  106.250216][   T57] usb 6-1: Manufacturer: syz
[  106.255502][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  106.256914][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  106.259372][   T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  106.260938][   T57] cdc_wdm 6-1:1.0: Unknown control protocol
[  106.471396][   T64] usb 6-1: USB disconnect, device number 4
[  106.965724][ T7660] syz.4.405 (7660) used greatest stack depth: 20960 bytes left
[  107.286582][ T7693] netlink: 12 bytes leftover after parsing attributes in process `syz.4.414'.
[  107.901418][ T7687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  107.996296][ T7699] netlink: 12 bytes leftover after parsing attributes in process `syz.0.418'.
[  108.113215][ T7700] IPVS: length: 46 != 8
[  108.414337][ T7702] FAULT_INJECTION: forcing a failure.
[  108.414337][ T7702] name failslab, interval 1, probability 0, space 0, times 0
[  108.418323][ T7702] CPU: 2 UID: 0 PID: 7702 Comm: syz.4.420 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  108.421111][ T7702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.423958][ T7702] Call Trace:
[  108.424851][ T7702]  <TASK>
[  108.425639][ T7702]  dump_stack_lvl+0x16c/0x1f0
[  108.426952][ T7702]  should_fail_ex+0x497/0x5b0
[  108.428320][ T7702]  should_failslab+0xc2/0x120
[  108.429579][ T7702]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  108.431015][ T7702]  ? skb_clone+0x190/0x3f0
[  108.432225][ T7702]  skb_clone+0x190/0x3f0
[  108.433354][ T7702]  netlink_deliver_tap+0xafd/0xca0
[  108.434718][ T7702]  netlink_unicast+0x5e1/0x7f0
[  108.435994][ T7702]  ? __pfx_netlink_unicast+0x10/0x10
[  108.437436][ T7702]  ? __phys_addr_symbol+0x30/0x80
[  108.438773][ T7702]  ? __check_object_size+0x488/0x710
[  108.440182][ T7702]  netlink_sendmsg+0x8b8/0xd70
[  108.441455][ T7702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.442864][ T7702]  ____sys_sendmsg+0x9ae/0xb40
[  108.444149][ T7702]  ? __pfx_____sys_sendmsg+0x10/0x10
[  108.445549][ T7702]  ? get_compat_msghdr+0x11b/0x170
[  108.446947][ T7702]  ___sys_sendmsg+0x135/0x1e0
[  108.448204][ T7702]  ? __pfx____sys_sendmsg+0x10/0x10
[  108.449587][ T7702]  ? __pfx_lock_release+0x10/0x10
[  108.450925][ T7702]  ? trace_lock_acquire+0x14e/0x1f0
[  108.452312][ T7702]  ? __fget_files+0x206/0x3a0
[  108.453595][ T7702]  __sys_sendmsg+0x16e/0x220
[  108.454826][ T7702]  ? __pfx___sys_sendmsg+0x10/0x10
[  108.456205][ T7702]  __do_fast_syscall_32+0x73/0x120
[  108.457634][ T7702]  do_fast_syscall_32+0x32/0x80
[  108.458930][ T7702]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.460610][ T7702] RIP: 0023:0xf70be579
[  108.461720][ T7702] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.466821][ T7702] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  108.469028][ T7702] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000000
[  108.471106][ T7702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  108.473212][ T7702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.475307][ T7702] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.477480][ T7702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.479590][ T7702]  </TASK>
[  108.480810][    C2] hpet_rtc_timer_reinit: 13 callbacks suppressed
[  108.480818][    C2] hpet: Lost 3 RTC interrupts
[  108.862480][   T39] audit: type=1326 audit(1734335349.287:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.868208][   T39] audit: type=1326 audit(1734335349.287:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.873803][   T39] audit: type=1326 audit(1734335349.287:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.880636][   T39] audit: type=1326 audit(1734335349.287:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.886803][   T39] audit: type=1326 audit(1734335349.287:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.893249][   T39] audit: type=1326 audit(1734335349.287:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.904581][   T39] audit: type=1326 audit(1734335349.287:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.914403][   T39] audit: type=1326 audit(1734335349.287:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  108.920510][   T39] audit: type=1326 audit(1734335349.297:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  109.770718][ T7733] netlink: 1784 bytes leftover after parsing attributes in process `syz.3.431'.
[  110.005456][    T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  110.075521][ T7741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.432'.
[  110.189326][    T8] usb 6-1: config 0 has an invalid interface number: 120 but max is 0
[  110.191915][    T8] usb 6-1: config 0 has no interface number 0
[  110.195058][    T8] usb 6-1: config 0 interface 120 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.203321][    T8] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  110.207660][    T8] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  110.211895][    T8] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  110.215200][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.236211][    T8] usb 6-1: config 0 descriptor??
[  110.243154][ T7730] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  110.296390][    T8] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.120/input/input7
[  110.384717][ T7748] tmpfs: Unknown parameter 'uqrquotá'
[  110.410193][ T7748] netlink: 36 bytes leftover after parsing attributes in process `syz.0.434'.
[  110.412637][ T7748] netlink: 16 bytes leftover after parsing attributes in process `syz.0.434'.
[  110.414955][ T7748] netlink: 36 bytes leftover after parsing attributes in process `syz.0.434'.
[  110.417387][ T7748] netlink: 36 bytes leftover after parsing attributes in process `syz.0.434'.
[  110.472564][ T6136] usb 6-1: USB disconnect, device number 5
[  111.023406][ T7756] netlink: 12 bytes leftover after parsing attributes in process `syz.3.436'.
[  111.030428][ T7756] bond1: entered promiscuous mode
[  111.031976][ T7756] 8021q: adding VLAN 0 to HW filter on device bond1
[  111.037602][ T7756] netlink: 3 bytes leftover after parsing attributes in process `syz.3.436'.
[  111.042171][ T7756] batadv1: entered promiscuous mode
[  111.043566][ T7756] batadv1: entered allmulticast mode
[  111.046454][ T7756] 8021q: adding VLAN 0 to HW filter on device batadv1
[  111.050502][ T7756] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  111.435008][ T7777] netlink: 'syz.4.441': attribute type 4 has an invalid length.
[  111.490842][ T7779] netlink: 'syz.4.441': attribute type 4 has an invalid length.
[  112.465459][ T7795] netlink: 'syz.3.445': attribute type 10 has an invalid length.
[  112.496786][ T7795] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.499368][ T7795] team0: Port device bond0 added
[  112.530284][ T7799] netlink: 32 bytes leftover after parsing attributes in process `syz.0.446'.
[  112.736392][ T7811] IPVS: set_ctl: invalid protocol: 47 100.1.1.1:20002
[  112.843211][ T7816] netlink: 'syz.0.449': attribute type 4 has an invalid length.
[  113.130203][ T7779] syz.4.441 (7779) used greatest stack depth: 20928 bytes left
[  113.253652][ T7822] netlink: 72 bytes leftover after parsing attributes in process `syz.1.453'.
[  113.258174][ T7822] netlink: 72 bytes leftover after parsing attributes in process `syz.1.453'.
[  113.258658][ T7820] libceph: resolve '
[  113.258658][ T7820] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[  113.258658][ T7820] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[  114.426671][ T7847] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  114.455338][   T30] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  114.464639][ T7845] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'.
[  114.527750][ T7848] mmap: syz.1.459 (7848) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  114.605318][   T30] usb 8-1: Using ep0 maxpacket: 16
[  114.629387][   T30] usb 8-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  114.631990][   T30] usb 8-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  114.634179][   T30] usb 8-1: Product: syz
[  114.635388][   T30] usb 8-1: Manufacturer: syz
[  114.637584][   T30] usb 8-1: SerialNumber: syz
[  114.645507][   T30] usb 8-1: config 0 descriptor??
[  114.853860][ T5947] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  114.854396][ T6136] usb 8-1: USB disconnect, device number 5
[  115.441596][ T7867] capability: warning: `syz.3.466' uses deprecated v2 capabilities in a way that may be insecure
[  116.045337][   T63] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  116.175425][ T6002] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  116.217798][   T63] usb 9-1: Using ep0 maxpacket: 16
[  116.221089][   T63] usb 9-1: config 0 has no interfaces?
[  116.222796][   T63] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  116.225179][   T63] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.229315][   T63] usb 9-1: config 0 descriptor??
[  116.325606][ T6002] usb 5-1: Using ep0 maxpacket: 16
[  116.328270][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.331248][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.333783][ T6002] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  116.336236][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.339311][ T6002] usb 5-1: config 0 descriptor??
[  116.448353][   T63] usb 9-1: USB disconnect, device number 4
[  116.753671][ T6002] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0002/input/input8
[  116.829167][ T6002] appleir 0003:05AC:8241.0002: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  117.055440][ T6136] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  117.080520][ T7910] bridge_slave_0: left allmulticast mode
[  117.082029][ T7910] bridge_slave_0: left promiscuous mode
[  117.084701][ T7910] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.091694][ T7910] bridge_slave_1: left allmulticast mode
[  117.093458][ T7910] bridge_slave_1: left promiscuous mode
[  117.094993][ T7910] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.100120][ T7910] bond0: (slave bond_slave_0): Releasing backup interface
[  117.105079][ T7910] bond0: (slave bond_slave_1): Releasing backup interface
[  117.119837][ T7910] team0: Port device team_slave_0 removed
[  117.126418][ T7910] team0: Port device team_slave_1 removed
[  117.128420][ T7910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.130900][ T7910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.134614][ T7910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.135650][   T30] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  117.137588][ T7910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  117.217712][ T6136] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.221482][ T6136] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.224375][ T6136] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  117.228254][ T6136] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  117.230625][ T6136] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.234198][ T6136] usb 8-1: config 0 descriptor??
[  117.315593][ T7914] __nla_validate_parse: 4 callbacks suppressed
[  117.315603][ T7914] netlink: 12 bytes leftover after parsing attributes in process `syz.0.470'.
[  117.322197][   T30] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  117.325056][   T30] usb 6-1: config 0 has no interface number 0
[  117.327327][   T30] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  117.330999][   T30] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  117.334494][ T7914] bond1: entered promiscuous mode
[  117.334593][   T30] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  117.337525][ T7914] 8021q: adding VLAN 0 to HW filter on device bond1
[  117.342175][   T30] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  117.346997][   T30] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  117.350608][   T30] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  117.355034][   T30] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  117.355694][ T7914] netlink: 3 bytes leftover after parsing attributes in process `syz.0.470'.
[  117.358786][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.365918][   T30] usb 6-1: config 0 descriptor??
[  117.373269][ T7903] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  117.376244][ T7903] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  117.379803][ T7914] batadv1: entered promiscuous mode
[  117.381624][ T7914] batadv1: entered allmulticast mode
[  117.384982][ T7914] 8021q: adding VLAN 0 to HW filter on device batadv1
[  117.388873][ T7914] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  117.466168][   T30] ldusb 6-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[  117.511525][   T64] usb 5-1: USB disconnect, device number 3
[  117.639653][ T6136] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  117.645682][ T6136] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  118.274010][ T7927] netlink: 1784 bytes leftover after parsing attributes in process `syz.0.482'.
[  118.454666][ T6136] usb 8-1: USB disconnect, device number 6
[  119.027995][ T7937] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  119.520181][ T7956] netlink: 32 bytes leftover after parsing attributes in process `syz.3.490'.
[  119.834407][   T30] usb 6-1: USB disconnect, device number 6
[  119.839864][   T30] ldusb 6-1:0.55: LD USB Device #1 now disconnected
[  119.997524][ T7968] netfs: Couldn't get user pages (rc=-14)
[  120.002843][ T7968] 9pnet_virtio: no channels available for device syz
[  120.094327][ T7969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.492'.
[  120.813432][ T7982] netlink: 'syz.3.497': attribute type 1 has an invalid length.
[  120.953753][ T7993] FAULT_INJECTION: forcing a failure.
[  120.953753][ T7993] name failslab, interval 1, probability 0, space 0, times 0
[  120.965318][ T7993] CPU: 3 UID: 0 PID: 7993 Comm: syz.1.501 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  120.968014][ T7993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.970773][ T7993] Call Trace:
[  120.971703][ T7993]  <TASK>
[  120.972488][ T7993]  dump_stack_lvl+0x16c/0x1f0
[  120.973734][ T7993]  should_fail_ex+0x497/0x5b0
[  120.974998][ T7993]  ? fs_reclaim_acquire+0xae/0x150
[  120.976367][ T7993]  should_failslab+0xc2/0x120
[  120.977697][ T7993]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  120.979232][ T7993]  ? __alloc_skb+0x2b3/0x380
[  120.980457][ T7993]  __alloc_skb+0x2b3/0x380
[  120.981674][ T7993]  ? __pfx___alloc_skb+0x10/0x10
[  120.982981][ T7993]  ? lock_acquire+0x2f/0xb0
[  120.984191][ T7993]  netlink_alloc_large_skb+0x69/0x130
[  120.985597][ T7993]  netlink_sendmsg+0x689/0xd70
[  120.986899][ T7993]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.988324][ T7993]  ____sys_sendmsg+0x9ae/0xb40
[  120.989586][ T7993]  ? __pfx_____sys_sendmsg+0x10/0x10
[  120.990968][ T7993]  ? get_compat_msghdr+0x11b/0x170
[  120.992352][ T7993]  ___sys_sendmsg+0x135/0x1e0
[  120.993641][ T7993]  ? __pfx____sys_sendmsg+0x10/0x10
[  120.995023][ T7993]  ? __pfx_lock_release+0x10/0x10
[  120.996346][ T7993]  ? trace_lock_acquire+0x14e/0x1f0
[  120.997754][ T7993]  ? __fget_files+0x206/0x3a0
[  120.998952][ T7993]  __sys_sendmsg+0x16e/0x220
[  121.000188][ T7993]  ? __pfx___sys_sendmsg+0x10/0x10
[  121.001552][ T7993]  __do_fast_syscall_32+0x73/0x120
[  121.002905][ T7993]  do_fast_syscall_32+0x32/0x80
[  121.004197][ T7993]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  121.005848][ T7993] RIP: 0023:0xf70ee579
[  121.006904][ T7993] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  121.012043][ T7993] RSP: 002b:00000000f50bf55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  121.014185][ T7993] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380
[  121.015984][ T7993] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  121.018052][ T7993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  121.020111][ T7993] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  121.022181][ T7993] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  121.024297][ T7993]  </TASK>
[  121.792950][ T8007] batadv0: entered promiscuous mode
[  121.795025][ T8007] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  121.799044][ T8007] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  121.834568][ T8009] befs: Unknown parameter 'b±Fs	µÚì'
[  122.636337][ T8038] netlink: 92 bytes leftover after parsing attributes in process `syz.0.515'.
[  122.778612][ T8044] FAULT_INJECTION: forcing a failure.
[  122.778612][ T8044] name failslab, interval 1, probability 0, space 0, times 0
[  122.781554][ T8044] CPU: 1 UID: 0 PID: 8044 Comm: syz.0.516 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  122.783976][ T8044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.786592][ T8044] Call Trace:
[  122.787437][ T8044]  <TASK>
[  122.788205][ T8044]  dump_stack_lvl+0x16c/0x1f0
[  122.789402][ T8044]  should_fail_ex+0x497/0x5b0
[  122.790588][ T8044]  ? fs_reclaim_acquire+0xae/0x150
[  122.791944][ T8044]  should_failslab+0xc2/0x120
[  122.793125][ T8044]  __kmalloc_noprof+0xce/0x4f0
[  122.794318][ T8044]  ? d_absolute_path+0x137/0x1b0
[  122.795585][ T8044]  ? tomoyo_encode2+0x100/0x3e0
[  122.796825][ T8044]  tomoyo_encode2+0x100/0x3e0
[  122.798023][ T8044]  tomoyo_realpath_from_path+0x1a7/0x710
[  122.799439][ T8044]  tomoyo_path_number_perm+0x248/0x5b0
[  122.800782][ T8044]  ? tomoyo_path_number_perm+0x235/0x5b0
[  122.802179][ T8044]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  122.803718][ T8044]  ? __pfx_lock_release+0x10/0x10
[  122.805004][ T8044]  ? trace_lock_acquire+0x14e/0x1f0
[  122.806315][ T8044]  ? lock_acquire+0x2f/0xb0
[  122.807464][ T8044]  ? __fget_files+0x40/0x3a0
[  122.808641][ T8044]  ? __fget_files+0x206/0x3a0
[  122.809802][ T8044]  security_file_ioctl_compat+0x9b/0x240
[  122.811228][ T8044]  __do_compat_sys_ioctl+0x4e/0x2c0
[  122.812530][ T8044]  __do_fast_syscall_32+0x73/0x120
[  122.813786][ T8044]  do_fast_syscall_32+0x32/0x80
[  122.815111][ T8044]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.816655][ T8044] RIP: 0023:0xf7f23579
[  122.817687][ T8044] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.822537][ T8044] RSP: 002b:00000000f505555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  122.824634][ T8044] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000720
[  122.826575][ T8044] RDX: 0000000020003080 RSI: 0000000000000000 RDI: 0000000000000000
[  122.828532][ T8044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  122.830485][ T8044] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.832458][ T8044] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.834394][ T8044]  </TASK>
[  122.835437][ T8044] ERROR: Out of memory at tomoyo_realpath_from_path.
[  123.101046][ T8052] syzkaller1: entered promiscuous mode
[  123.102886][ T8052] syzkaller1: entered allmulticast mode
[  123.700852][ T8065] FAULT_INJECTION: forcing a failure.
[  123.700852][ T8065] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.705920][ T8065] CPU: 3 UID: 0 PID: 8065 Comm: syz.0.523 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  123.708682][ T8065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.711464][ T8065] Call Trace:
[  123.712338][ T8065]  <TASK>
[  123.713127][ T8065]  dump_stack_lvl+0x16c/0x1f0
[  123.714487][ T8065]  should_fail_ex+0x497/0x5b0
[  123.716234][ T8065]  _copy_from_user+0x2e/0xd0
[  123.717919][ T8065]  input_event_from_user+0x22d/0x3b0
[  123.719822][ T8065]  ? __pfx_input_event_from_user+0x10/0x10
[  123.721950][ T8065]  ? input_inject_event+0x193/0x370
[  123.723841][ T8065]  evdev_write+0x377/0x750
[  123.725383][ T8065]  ? __pfx_evdev_write+0x10/0x10
[  123.727084][ T8065]  ? bpf_lsm_file_permission+0x9/0x10
[  123.729003][ T8065]  ? security_file_permission+0x71/0x210
[  123.731018][ T8065]  ? __pfx_evdev_write+0x10/0x10
[  123.732757][ T8065]  vfs_write+0x24c/0x1150
[  123.733880][ T8065]  ? __fget_files+0x1fc/0x3a0
[  123.735527][ T8065]  ? __pfx_lock_release+0x10/0x10
[  123.737355][ T8065]  ? __pfx_vfs_write+0x10/0x10
[  123.739108][ T8065]  ? lock_acquire+0x2f/0xb0
[  123.740730][ T8065]  ? __fget_files+0x40/0x3a0
[  123.742434][ T8065]  ? __fget_files+0x206/0x3a0
[  123.744199][ T8065]  ksys_write+0x207/0x250
[  123.745765][ T8065]  ? __pfx_ksys_write+0x10/0x10
[  123.747546][ T8065]  __do_fast_syscall_32+0x73/0x120
[  123.749358][ T8065]  do_fast_syscall_32+0x32/0x80
[  123.751131][ T8065]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  123.752858][ T8065] RIP: 0023:0xf7f23579
[  123.753958][ T8065] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  123.760580][ T8065] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  123.763466][ T8065] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  123.766180][ T8065] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000
[  123.768476][ T8065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  123.770502][ T8065] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  123.772561][ T8065] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  123.774620][ T8065]  </TASK>
[  123.823441][ T8067] netlink: 32 bytes leftover after parsing attributes in process `syz.4.524'.
[  124.135924][ T5986] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  124.285312][ T5986] usb 9-1: Using ep0 maxpacket: 8
[  124.288185][ T5986] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  124.291670][ T5986] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  124.294257][ T5986] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  124.297020][ T5986] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  124.300347][ T5986] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  124.302670][ T5986] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.514371][ T5986] usb 9-1: GET_CAPABILITIES returned 0
[  124.515905][ T5986] usbtmc 9-1:16.0: can't read capabilities
[  125.466461][   T39] kauditd_printk_skb: 11 callbacks suppressed
[  125.466472][   T39] audit: type=1326 audit(1734335365.897:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.474113][   T39] audit: type=1326 audit(1734335365.897:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.482475][   T39] audit: type=1326 audit(1734335365.897:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.489280][   T39] audit: type=1326 audit(1734335365.897:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.494853][   T39] audit: type=1326 audit(1734335365.897:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.500593][   T39] audit: type=1326 audit(1734335365.907:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=442 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.507522][   T39] audit: type=1326 audit(1734335365.907:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  125.508358][ T8132] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  125.515050][   T39] audit: type=1326 audit(1734335365.907:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.0.534" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  126.923871][   T57] usb 9-1: USB disconnect, device number 5
[  127.451692][ T6136] IPVS: starting estimator thread 0...
[  127.535341][ T8176] IPVS: using max 39 ests per chain, 93600 per kthread
[  127.696482][ T8185] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  127.702440][ T8185] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  130.316357][ T8239] netlink: 12 bytes leftover after parsing attributes in process `syz.4.560'.
[  130.328078][ T8239] bond2: entered promiscuous mode
[  130.329598][ T8239] 8021q: adding VLAN 0 to HW filter on device bond2
[  130.438904][ T8239] FAULT_INJECTION: forcing a failure.
[  130.438904][ T8239] name failslab, interval 1, probability 0, space 0, times 0
[  130.442470][ T8239] CPU: 3 UID: 0 PID: 8239 Comm: syz.4.560 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  130.445244][ T8239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.448085][ T8239] Call Trace:
[  130.448973][ T8239]  <TASK>
[  130.449767][ T8239]  dump_stack_lvl+0x16c/0x1f0
[  130.451029][ T8239]  should_fail_ex+0x497/0x5b0
[  130.452280][ T8239]  should_failslab+0xc2/0x120
[  130.453529][ T8239]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  130.455092][ T8239]  ? trace_lock_acquire+0x14e/0x1f0
[  130.456487][ T8239]  ? skb_clone+0x190/0x3f0
[  130.457688][ T8239]  skb_clone+0x190/0x3f0
[  130.458837][ T8239]  dev_queue_xmit_nit+0x38f/0xbc0
[  130.460199][ T8239]  dev_hard_start_xmit+0x283/0x7b0
[  130.461580][ T8239]  __dev_queue_xmit+0x7f0/0x43e0
[  130.462903][ T8239]  ? __pfx___dev_queue_xmit+0x10/0x10
[  130.464331][ T8239]  ? irqentry_exit+0x3b/0x90
[  130.465560][ T8239]  ? lockdep_hardirqs_on+0x7c/0x110
[  130.466933][ T8239]  ? __skb_clone+0x570/0x760
[  130.468189][ T8239]  netlink_deliver_tap+0xa61/0xca0
[  130.469552][ T8239]  netlink_unicast+0x5e1/0x7f0
[  130.470816][ T8239]  ? __pfx_netlink_unicast+0x10/0x10
[  130.472225][ T8239]  ? __phys_addr_symbol+0x30/0x80
[  130.473562][ T8239]  ? __check_object_size+0x488/0x710
[  130.474962][ T8239]  netlink_sendmsg+0x8b8/0xd70
[  130.476242][ T8239]  ? __pfx_netlink_sendmsg+0x10/0x10
[  130.477711][ T8239]  ____sys_sendmsg+0x9ae/0xb40
[  130.479247][ T8239]  ? __pfx_____sys_sendmsg+0x10/0x10
[  130.480646][ T8239]  ? get_compat_msghdr+0x11b/0x170
[  130.482017][ T8239]  ___sys_sendmsg+0x135/0x1e0
[  130.483284][ T8239]  ? __pfx____sys_sendmsg+0x10/0x10
[  130.484651][ T8239]  ? __pfx_lock_release+0x10/0x10
[  130.485990][ T8239]  ? trace_lock_acquire+0x14e/0x1f0
[  130.487362][ T8239]  ? __fget_files+0x206/0x3a0
[  130.488620][ T8239]  __sys_sendmsg+0x16e/0x220
[  130.489851][ T8239]  ? __pfx___sys_sendmsg+0x10/0x10
[  130.491225][ T8239]  __do_fast_syscall_32+0x73/0x120
[  130.492606][ T8239]  do_fast_syscall_32+0x32/0x80
[  130.493890][ T8239]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  130.495550][ T8239] RIP: 0023:0xf70be579
[  130.496872][ T8239] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  130.500337][ T8243] netlink: 1784 bytes leftover after parsing attributes in process `syz.0.562'.
[  130.502525][ T8239] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  130.507117][ T8239] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  130.509230][ T8239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  130.511344][ T8239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  130.513881][ T8239] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  130.516525][ T8239] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  130.519261][ T8239]  </TASK>
[  130.528546][ T8239] netlink: 3 bytes leftover after parsing attributes in process `syz.4.560'.
[  130.536773][ T8239] batadv1: entered promiscuous mode
[  130.538409][ T8239] batadv1: entered allmulticast mode
[  130.542576][ T8239] 8021q: adding VLAN 0 to HW filter on device batadv1
[  130.547391][ T8239] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  130.815605][ T5947] Bluetooth: hci3: command 0x0405 tx timeout
[  131.029806][ T8254] netlink: 32 bytes leftover after parsing attributes in process `syz.1.563'.
[  132.097461][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  132.099287][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  132.484477][ T8284] netlink: 'syz.4.571': attribute type 4 has an invalid length.
[  132.539661][ T8284] netlink: 'syz.4.571': attribute type 4 has an invalid length.
[  133.097792][ T8296] netlink: 12 bytes leftover after parsing attributes in process `syz.0.574'.
[  133.933824][ T8287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.221187][ T8308] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  134.223044][ T8308] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  134.224709][ T8308] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  134.242644][ T8308] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  134.244343][ T8308] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  134.256486][ T8308] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  134.265491][ T8308] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  134.432985][ T8314] netlink: 32 bytes leftover after parsing attributes in process `syz.3.579'.
[  134.797280][ T8327] netlink: 12 bytes leftover after parsing attributes in process `syz.4.580'.
[  134.909316][ T8328] netlink: 12 bytes leftover after parsing attributes in process `syz.3.581'.
[  135.728553][ T8356] FAULT_INJECTION: forcing a failure.
[  135.728553][ T8356] name failslab, interval 1, probability 0, space 0, times 0
[  135.731945][ T8356] CPU: 3 UID: 0 PID: 8356 Comm: syz.1.589 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  135.734705][ T8356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.737483][ T8356] Call Trace:
[  135.738313][ T8356]  <TASK>
[  135.739116][ T8356]  dump_stack_lvl+0x16c/0x1f0
[  135.740451][ T8356]  should_fail_ex+0x497/0x5b0
[  135.741724][ T8356]  ? fs_reclaim_acquire+0xae/0x150
[  135.743119][ T8356]  should_failslab+0xc2/0x120
[  135.744371][ T8356]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[  135.746059][ T8356]  ? kvasprintf_const+0x66/0x1a0
[  135.747398][ T8356]  kvasprintf+0xbd/0x160
[  135.748532][ T8356]  ? __pfx_kvasprintf+0x10/0x10
[  135.749855][ T8356]  ? lockdep_init_map_type+0x16d/0x7d0
[  135.751339][ T8356]  kvasprintf_const+0x66/0x1a0
[  135.752615][ T8356]  kobject_set_name_vargs+0x5a/0x140
[  135.754014][ T8356]  device_create_groups_vargs+0x1b1/0x270
[  135.755527][ T8356]  device_create+0xe9/0x130
[  135.756742][ T8356]  ? __pfx_device_create+0x10/0x10
[  135.758141][ T8356]  ? rcu_is_watching+0x12/0xc0
[  135.759455][ T8356]  ? do_init_timer+0xc9/0x110
[  135.760687][ T8356]  ? ieee80211_roc_setup+0x136/0x270
[  135.762071][ T8356]  ? ieee80211_alloc_hw_nm+0x231/0x2260
[  135.763506][ T8356]  mac80211_hwsim_new_radio+0x3df/0x56c0
[  135.764957][ T8356]  ? rcu_is_watching+0x12/0xc0
[  135.766199][ T8356]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  135.767768][ T8356]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  135.769137][ T8356]  hwsim_new_radio_nl+0xb42/0x12b0
[  135.770430][ T8356]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  135.771857][ T8356]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  135.773811][ T8356]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  135.775715][ T8356]  genl_family_rcv_msg_doit+0x202/0x2f0
[  135.777148][ T8356]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  135.778728][ T8356]  ? genl_get_cmd+0x195/0x580
[  135.779958][ T8356]  ? bpf_lsm_capable+0x9/0x10
[  135.781198][ T8356]  ? security_capable+0x7e/0x260
[  135.782491][ T8356]  ? ns_capable+0xd7/0x110
[  135.783682][ T8356]  genl_rcv_msg+0x565/0x800
[  135.784877][ T8356]  ? __pfx_genl_rcv_msg+0x10/0x10
[  135.786189][ T8356]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  135.787638][ T8356]  ? __pfx___lock_acquire+0x10/0x10
[  135.788996][ T8356]  netlink_rcv_skb+0x165/0x410
[  135.790261][ T8356]  ? __pfx_genl_rcv_msg+0x10/0x10
[  135.791575][ T8356]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  135.792951][ T8356]  ? down_read+0xc9/0x330
[  135.794080][ T8356]  ? __pfx_down_read+0x10/0x10
[  135.795332][ T8356]  ? netlink_deliver_tap+0x1ae/0xca0
[  135.796705][ T8356]  genl_rcv+0x28/0x40
[  135.797762][ T8356]  netlink_unicast+0x53c/0x7f0
[  135.799010][ T8356]  ? __pfx_netlink_unicast+0x10/0x10
[  135.800374][ T8356]  ? __phys_addr_symbol+0x30/0x80
[  135.801698][ T8356]  ? __check_object_size+0x4a1/0x710
[  135.803081][ T8356]  netlink_sendmsg+0x8b8/0xd70
[  135.804327][ T8356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.805721][ T8356]  ____sys_sendmsg+0x9ae/0xb40
[  135.806983][ T8356]  ? __pfx_____sys_sendmsg+0x10/0x10
[  135.808364][ T8356]  ? get_compat_msghdr+0x11b/0x170
[  135.809702][ T8356]  ___sys_sendmsg+0x135/0x1e0
[  135.810936][ T8356]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.812302][ T8356]  ? __pfx_lock_release+0x10/0x10
[  135.813608][ T8356]  ? trace_lock_acquire+0x14e/0x1f0
[  135.814969][ T8356]  ? __fget_files+0x206/0x3a0
[  135.816196][ T8356]  __sys_sendmsg+0x16e/0x220
[  135.817407][ T8356]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.818750][ T8356]  __do_fast_syscall_32+0x73/0x120
[  135.820050][ T8356]  do_fast_syscall_32+0x32/0x80
[  135.821321][ T8356]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.822932][ T8356] RIP: 0023:0xf70ee579
[  135.824008][ T8356] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.828926][ T8356] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  135.831059][ T8356] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  135.833090][ T8356] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.835120][ T8356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.837171][ T8356] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.839217][ T8356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.841263][ T8356]  </TASK>
[  136.222289][ T8373] netlink: 12 bytes leftover after parsing attributes in process `syz.3.594'.
[  136.255364][ T5300] Bluetooth: hci3: command 0x0405 tx timeout
[  136.257023][ T5300] Bluetooth: hci2: command 0x0c1a tx timeout
[  136.258691][ T5300] Bluetooth: hci1: command 0x0c1a tx timeout
[  136.260240][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[  136.551919][ T8379] netlink: 32 bytes leftover after parsing attributes in process `syz.4.597'.
[  136.846470][    T9] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  136.947506][ T5947] Bluetooth: hci0: unexpected subevent 0x01 length: 12 < 18
[  136.995336][    T9] usb 9-1: Using ep0 maxpacket: 16
[  136.999033][    T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10
[  137.003256][    T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024
[  137.009870][    T9] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  137.019119][    T9] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  137.023238][    T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.031227][    T9] usb 9-1: config 0 descriptor??
[  137.119671][ T8396] netlink: 4 bytes leftover after parsing attributes in process `syz.3.599'.
[  137.718191][    T9] usbhid 9-1:0.0: can't add hid device: -71
[  137.719944][    T9] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  137.723723][    T9] usb 9-1: USB disconnect, device number 6
[  137.958354][ T8410] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  137.960623][ T8410] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  137.966359][ T8410] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  137.968108][ T8410] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  137.971720][ T8410] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  137.973292][ T8410] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  137.980516][ T8410] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  137.982176][ T8410] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  138.024623][ T8419] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  138.225373][    T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  138.337211][ T8435] netlink: 12 bytes leftover after parsing attributes in process `syz.3.611'.
[  138.378258][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  138.380743][    T9] usb 5-1: not running at top speed; connect to a high speed hub
[  138.383629][    T9] usb 5-1: config 17 has an invalid interface number: 8 but max is 1
[  138.387697][    T9] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 2
[  138.390158][    T9] usb 5-1: config 17 has no interface number 0
[  138.391892][    T9] usb 5-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 65535, setting to 64
[  138.394762][    T9] usb 5-1: config 17 interface 8 has no altsetting 0
[  138.399753][    T9] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  138.402289][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.407112][    T9] usb 5-1: Product: syz
[  138.408367][    T9] usb 5-1: Manufacturer: syz
[  138.409611][    T9] usb 5-1: SerialNumber: syz
[  138.441477][ T8416] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  138.473594][ T8437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.612'.
[  138.653279][    T9] usb 5-1: selecting invalid altsetting 0
[  138.661811][    T9] usb 5-1: USB disconnect, device number 4
[  138.825953][ T6445] udevd[6445]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  138.988265][ T8442] netlink: 'syz.3.615': attribute type 3 has an invalid length.
[  139.195930][ T8450] netlink: 'syz.0.618': attribute type 12 has an invalid length.
[  139.465451][ T8466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.621'.
[  139.469151][ T8466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.621'.
[  139.474554][ T8466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.621'.
[  139.625196][ T8470] nbd: must specify a device to reconfigure
[  139.655471][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  139.815843][    T9] usb 5-1: Using ep0 maxpacket: 16
[  139.823597][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.828145][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.832441][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.839932][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.848225][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.852249][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.858358][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.871878][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.875898][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  139.878748][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.890044][    T9] usb 5-1: config 0 descriptor??
[  139.893606][    T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input9
[  140.104067][ T8458] ntfs3(nbd0): try to read out of volume at offset 0x0
[  140.117198][ T5346] bcm5974 5-1:0.0: could not read from device
[  140.127570][ T5346] bcm5974 5-1:0.0: could not read from device
[  140.131538][    T9] bcm5974 5-1:0.0: could not read from device
[  140.142168][    T9] input: failed to attach handler mousedev to device input9, error: -5
[  140.146816][ T5346] bcm5974 5-1:0.0: could not read from device
[  140.149166][    T9] usb 5-1: USB disconnect, device number 5
[  140.358175][ T8478] team_slave_0: entered promiscuous mode
[  140.359822][ T8478] team_slave_1: entered promiscuous mode
[  140.361378][ T8478] bond_slave_0: entered promiscuous mode
[  140.362999][ T8478] bond_slave_1: entered promiscuous mode
[  140.366206][ T8478] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  140.434021][ T8483] netlink: 32 bytes leftover after parsing attributes in process `syz.1.627'.
[  140.726029][   T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  140.885340][   T35] usb 6-1: Using ep0 maxpacket: 8
[  140.898732][   T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  140.901702][   T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  140.905290][   T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  140.907844][   T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  140.911305][   T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  140.913654][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.119662][   T35] usb 6-1: GET_CAPABILITIES returned 0
[  141.121162][   T35] usbtmc 6-1:16.0: can't read capabilities
[  141.729855][ T8512] netlink: 32 bytes leftover after parsing attributes in process `syz.0.636'.
[  142.010003][ T8524] netlink: 12 bytes leftover after parsing attributes in process `syz.0.638'.
[  143.444149][ T8541] netlink: 'syz.3.643': attribute type 12 has an invalid length.
[  143.496073][ T6706] usb 6-1: USB disconnect, device number 7
[  143.587095][ T8551] netlink: 32 bytes leftover after parsing attributes in process `syz.3.646'.
[  143.851847][ T8564] fuse: Bad value for 'user_id'
[  143.853560][ T8564] fuse: Bad value for 'user_id'
[  144.012603][ T8562] syz.3.647: attempt to access beyond end of device
[  144.012603][ T8562] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0
[  144.015716][ T8558] nbd3: detected capacity change from 0 to 20
[  144.022201][ T6445] block nbd3: Send control failed (result -89)
[  144.024039][ T6445] block nbd3: Request send failed, requeueing
[  144.027486][ T6445] block nbd3: Dead connection, failed to find a fallback
[  144.029248][ T6445] block nbd3: shutting down sockets
[  144.030651][ T6445] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.042332][   T71] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.044876][   T71] Buffer I/O error on dev nbd3, logical block 0, async page read
[  144.055294][ T6445] Buffer I/O error on dev nbd3, logical block 1, async page read
[  144.057575][ T6445] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.060206][ T6445] Buffer I/O error on dev nbd3, logical block 2, async page read
[  144.065758][ T6445] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.068703][ T6445] Buffer I/O error on dev nbd3, logical block 3, async page read
[  144.071366][ T6445] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.074684][ T6445] Buffer I/O error on dev nbd3, logical block 0, async page read
[  144.077366][ T6445] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.080355][ T6445] Buffer I/O error on dev nbd3, logical block 1, async page read
[  144.085400][ T6445] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.088455][ T6445] Buffer I/O error on dev nbd3, logical block 2, async page read
[  144.091006][ T6445] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.105338][ T6445] Buffer I/O error on dev nbd3, logical block 3, async page read
[  144.108026][ T6445] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.111202][ T6445] Buffer I/O error on dev nbd3, logical block 0, async page read
[  144.114112][ T6445] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  144.117360][ T6445] Buffer I/O error on dev nbd3, logical block 1, async page read
[  144.123144][ T6445] ldm_validate_partition_table(): Disk read failed.
[  144.127598][ T6445] Dev nbd3: unable to read RDB block 0
[  144.129852][ T6445]  nbd3: unable to read partition table
[  144.131739][ T6445] nbd3: partition table beyond EOD, truncated
[  144.135941][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  144.140326][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=9, location=9
[  144.143403][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=8, location=8
[  144.147048][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=7, location=7
[  144.150122][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  144.153848][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  144.157181][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=4, location=4
[  144.160284][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=3, location=3
[  144.163328][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=2, location=2
[  144.166189][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  144.169090][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  144.172290][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=1, location=1
[  144.175412][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=0, location=0
[  144.177259][ T6445] ldm_validate_partition_table(): Disk read failed.
[  144.178616][ T8562] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  144.181612][ T6445] Dev nbd3: unable to read RDB block 0
[  144.183567][ T8562] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[  144.187578][ T6445]  nbd3: unable to read partition table
[  144.189112][ T6445] nbd3: partition table beyond EOD, truncated
[  144.817620][ T8579] netlink: 32 bytes leftover after parsing attributes in process `syz.4.655'.
[  146.028745][ T8606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  146.145415][   T63] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  146.305570][   T63] usb 5-1: Using ep0 maxpacket: 32
[  146.308951][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.311813][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.314699][   T63] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  146.318156][   T63] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  146.320864][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.323884][   T63] usb 5-1: config 0 descriptor??
[  146.747570][   T63] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5011.0004/input/input10
[  146.902567][   T63] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5011.0004/input/input11
[  146.914043][   T63] kye 0003:0458:5011.0004: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0
[  147.749783][ T8635] netlink: 4 bytes leftover after parsing attributes in process `syz.4.668'.
[  147.895831][    T9] usb 5-1: reset high-speed USB device number 6 using dummy_hcd
[  148.035334][    T9] usb 5-1: device descriptor read/64, error -32
[  148.275343][    T9] usb 5-1: reset high-speed USB device number 6 using dummy_hcd
[  148.407326][    T9] usb 5-1: device descriptor read/64, error -32
[  148.625146][ T8647] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.645584][    T9] usb 5-1: reset high-speed USB device number 6 using dummy_hcd
[  148.668039][    T9] usb 5-1: device descriptor read/8, error -32
[  148.910262][ T8662] netlink: 12 bytes leftover after parsing attributes in process `syz.4.672'.
[  148.914978][ T8662] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  148.918121][    T9] usb 5-1: reset high-speed USB device number 6 using dummy_hcd
[  148.936920][    T9] usb 5-1: device descriptor read/8, error -32
[  149.055014][    T9] raw-gadget.0 gadget.0: failed to queue suspend event
[  149.072389][ T6002] usb 5-1: USB disconnect, device number 6
[  149.114861][ T6002] raw-gadget.0 gadget.0: failed to queue reset event
[  149.123437][ T8629] raw-gadget.0 gadget.0: failed to queue disconnect event
[  149.623893][ T8674] netlink: 24 bytes leftover after parsing attributes in process `syz.4.678'.
[  149.625984][ T6029] Bluetooth: hci4: Frame reassembly failed (-90)
[  149.762294][ T8679] netlink: 32 bytes leftover after parsing attributes in process `syz.1.681'.
[  150.035393][    T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  150.186880][    T8] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  150.189932][    T8] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  150.192978][    T8] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  150.195724][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.201368][ T8683] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  150.201604][ T8691] sctp: [Deprecated]: syz.0.684 (pid 8691) Use of struct sctp_assoc_value in delayed_ack socket option.
[  150.201604][ T8691] Use struct sctp_sack_info instead
[  150.205361][    T8] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  150.408336][    T8] usb 6-1: USB disconnect, device number 8
[  150.644866][ T8696] netlink: 12 bytes leftover after parsing attributes in process `syz.0.686'.
[  151.254577][ T8714] netlink: 32 bytes leftover after parsing attributes in process `syz.0.691'.
[  151.445419][ T6706] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  151.685411][ T6706] usb 6-1: Using ep0 maxpacket: 16
[  151.693116][ T6706] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  151.696762][ T6706] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  151.700249][ T6706] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11
[  151.703115][ T6706] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  151.705555][ T5947] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  151.705926][ T6706] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  151.713794][ T6706] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  151.716217][ T6706] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.718309][ T6706] usb 6-1: Product: syz
[  151.719429][ T6706] usb 6-1: Manufacturer: syz
[  151.720655][ T6706] usb 6-1: SerialNumber: syz
[  151.728818][ T6706] usb 6-1: config 0 descriptor??
[  151.948089][ T6706] appledisplay 6-1:0.0: Error while getting initial brightness: -71
[  151.954064][ T6706] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -71
[  151.963741][ T6706] usb 6-1: USB disconnect, device number 9
[  152.861200][ T8748] netlink: 12 bytes leftover after parsing attributes in process `syz.4.698'.
[  152.864442][ T8748] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  153.349331][   T39] audit: type=1326 audit(1734335393.777:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.363681][   T39] audit: type=1326 audit(1734335393.777:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.375322][   T39] audit: type=1326 audit(1734335393.787:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.381364][   T39] audit: type=1326 audit(1734335393.787:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.387563][   T39] audit: type=1326 audit(1734335393.787:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.393106][   T39] audit: type=1326 audit(1734335393.787:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=177 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.405344][   T39] audit: type=1326 audit(1734335393.787:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.410972][   T39] audit: type=1326 audit(1734335393.787:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.419187][   T39] audit: type=1326 audit(1734335393.787:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.425077][   T39] audit: type=1326 audit(1734335393.787:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  153.469350][ T8751] veth1_to_bridge: entered promiscuous mode
[  153.695906][   T63] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  153.780615][ T8749] veth1_to_bridge: left promiscuous mode
[  153.846363][   T63] usb 5-1: Using ep0 maxpacket: 16
[  153.850612][   T63] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  153.853803][   T63] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  153.860150][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11
[  153.863254][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  153.867693][   T63] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  153.878196][   T63] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  153.880456][   T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.882530][   T63] usb 5-1: Product: syz
[  153.883985][   T63] usb 5-1: Manufacturer: syz
[  153.885210][   T63] usb 5-1: SerialNumber: syz
[  153.886831][ T8773] netlink: 32 bytes leftover after parsing attributes in process `syz.3.704'.
[  153.903689][   T63] usb 5-1: config 0 descriptor??
[  153.912581][ T8775] netlink: 32 bytes leftover after parsing attributes in process `syz.4.705'.
[  154.175757][   T63] appledisplay 5-1:0.0: Error while getting initial brightness: -110
[  154.180782][   T63] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -110
[  154.208342][   T63] usb 5-1: USB disconnect, device number 8
[  155.303496][ T8801] netlink: 596 bytes leftover after parsing attributes in process `syz.4.712'.
[  155.411444][ T8806] netlink: 32 bytes leftover after parsing attributes in process `syz.1.714'.
[  156.920457][ T8852] loop6: detected capacity change from 0 to 524287999
[  156.925771][    C2] blk_print_req_error: 78 callbacks suppressed
[  156.925785][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.930108][    C2] buffer_io_error: 70 callbacks suppressed
[  156.930119][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.936502][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.939634][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.942243][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.945737][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.948544][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.950993][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.953249][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.955697][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.957850][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.960261][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.962805][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.965436][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.967621][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.970067][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  156.972489][ T8852] ldm_validate_partition_table(): Disk read failed.
[  156.974439][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.977244][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  157.053778][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.057274][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  157.061211][ T8852] Dev loop6: unable to read RDB block 0
[  157.063736][ T8852]  loop6: unable to read partition table
[  157.065889][ T8852] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  157.070980][ T8854] ldm_validate_partition_table(): Disk read failed.
[  157.079534][ T8854] Dev loop6: unable to read RDB block 0
[  157.083572][ T8854]  loop6: unable to read partition table
[  157.085024][ T8856] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  157.094539][ T8854] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  157.325324][ T6002] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  157.371638][ T8862] netlink: 'syz.3.729': attribute type 2 has an invalid length.
[  157.373738][ T8862] netlink: 56 bytes leftover after parsing attributes in process `syz.3.729'.
[  157.375358][ T8863] netlink: 'syz.3.729': attribute type 2 has an invalid length.
[  157.378320][ T8863] netlink: 56 bytes leftover after parsing attributes in process `syz.3.729'.
[  157.475324][ T6002] usb 5-1: Using ep0 maxpacket: 8
[  157.478285][ T6002] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  157.481234][ T6002] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  157.483896][ T6002] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.486684][ T6002] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.490586][ T6002] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  157.493874][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.701664][ T6002] usb 5-1: GET_CAPABILITIES returned 0
[  157.734680][ T6002] usbtmc 5-1:16.0: can't read capabilities
[  157.963116][ T8872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  158.978780][ T8908] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  159.582222][ T8917] netlink: 32 bytes leftover after parsing attributes in process `syz.3.744'.
[  160.039564][ T6706] usb 5-1: USB disconnect, device number 9
[  160.446146][ T8934] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  160.558639][ T8939] overlay: Unknown parameter '/'
[  160.959490][ T8948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.751'.
[  162.581245][ T8999] netlink: 39 bytes leftover after parsing attributes in process `syz.3.765'.
[  163.134035][ T9010] netlink: 'syz.0.768': attribute type 1 has an invalid length.
[  163.136326][ T9010] netlink: 224 bytes leftover after parsing attributes in process `syz.0.768'.
[  163.366800][ T9021] vivid-001: disconnect
[  163.961980][ T9008] vivid-001: reconnect
[  165.287484][ T9088] netlink: zone id is out of range
[  165.288879][ T9088] netlink: zone id is out of range
[  165.290366][ T9088] netlink: zone id is out of range
[  165.291736][ T9088] netlink: zone id is out of range
[  165.293085][ T9088] netlink: zone id is out of range
[  165.294493][ T9088] netlink: zone id is out of range
[  165.296259][ T9088] netlink: zone id is out of range
[  165.297657][ T9088] netlink: zone id is out of range
[  165.299032][ T9088] netlink: zone id is out of range
[  165.300478][ T9088] netlink: zone id is out of range
[  166.355711][ T9115] can0: slcan on ptm0.
[  166.362095][ T9115] batman_adv: batadv0: Adding interface: dummy0
[  166.364513][ T9115] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.371930][ T9115] batman_adv: batadv0: Interface activated: dummy0
[  166.459394][ T9114] can0 (unregistered): slcan off ptm0.
[  167.514075][ T9162] fuse: Unknown parameter ''
[  167.521968][ T9164] FAULT_INJECTION: forcing a failure.
[  167.521968][ T9164] name failslab, interval 1, probability 0, space 0, times 0
[  167.526729][ T9164] CPU: 3 UID: 0 PID: 9164 Comm: syz.4.797 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  167.530070][ T9164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.532876][ T9164] Call Trace:
[  167.533756][ T9164]  <TASK>
[  167.534538][ T9164]  dump_stack_lvl+0x16c/0x1f0
[  167.535949][ T9164]  should_fail_ex+0x497/0x5b0
[  167.537472][ T9164]  ? fs_reclaim_acquire+0xae/0x150
[  167.538833][ T9164]  should_failslab+0xc2/0x120
[  167.540115][ T9164]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  167.541529][ T9164]  ? audit_log_start+0x2bc/0x7e0
[  167.542849][ T9164]  audit_log_start+0x2bc/0x7e0
[  167.544110][ T9164]  ? __pfx_audit_log_start+0x10/0x10
[  167.545667][ T9164]  ? integrity_audit_msg+0x41/0x60
[  167.547435][ T9164]  integrity_audit_message+0x10d/0x4c0
[  167.549088][ T9164]  ? __pfx_integrity_audit_message+0x10/0x10
[  167.550999][ T9164]  ? __pfx_ima_add_template_entry+0x10/0x10
[  167.553006][ T9164]  integrity_audit_msg+0x41/0x60
[  167.554725][ T9164]  ima_add_violation+0x1c1/0x3d0
[  167.556120][ T9164]  ? __pfx_ima_add_violation+0x10/0x10
[  167.557548][ T9164]  ? ima_d_path+0x12c/0x2a0
[  167.558848][ T9164]  ? __pfx_ima_d_path+0x10/0x10
[  167.560506][ T9164]  ? ima_inode_get+0x39e/0x580
[  167.561878][ T9164]  process_measurement+0x86c/0x2370
[  167.563603][ T9164]  ? __pfx_process_measurement+0x10/0x10
[  167.565256][ T9164]  ? tomoyo_check_open_permission+0x20f/0x3c0
[  167.567209][ T9164]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  167.569049][ T9164]  ? inode_to_bdi+0x9e/0x160
[  167.570685][ T9164]  ima_file_check+0xc6/0x110
[  167.572267][ T9164]  ? __pfx_ima_file_check+0x10/0x10
[  167.573955][ T9164]  security_file_post_open+0x8e/0x210
[  167.575695][ T9164]  path_openat+0x1419/0x2d60
[  167.577286][ T9164]  ? __pfx_path_openat+0x10/0x10
[  167.578984][ T9164]  ? __pfx___lock_acquire+0x10/0x10
[  167.580645][ T9164]  ? lock_acquire.part.0+0x11b/0x380
[  167.582336][ T9164]  ? find_held_lock+0x2d/0x110
[  167.583719][ T9164]  do_filp_open+0x20c/0x470
[  167.584986][ T9164]  ? __pfx_do_filp_open+0x10/0x10
[  167.586673][ T9164]  ? find_held_lock+0x2d/0x110
[  167.588186][ T9164]  ? alloc_fd+0x41f/0x760
[  167.589670][ T9164]  do_sys_openat2+0x17a/0x1e0
[  167.591284][ T9164]  ? __pfx_do_sys_openat2+0x10/0x10
[  167.593057][ T9164]  ? __fget_files+0x206/0x3a0
[  167.594560][ T9164]  __ia32_compat_sys_openat+0x16e/0x210
[  167.596030][ T9164]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  167.597640][ T9164]  ? ksys_write+0x1ba/0x250
[  167.598855][ T9164]  __do_fast_syscall_32+0x73/0x120
[  167.600374][ T9164]  do_fast_syscall_32+0x32/0x80
[  167.601929][ T9164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.603592][ T9164] RIP: 0023:0xf70be579
[  167.604665][ T9164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.610338][ T9164] RSP: 002b:00000000f50b0490 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  167.612619][ T9164] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f50b04e0
[  167.614900][ T9164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73f3ff4
[  167.617631][ T9164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.619878][ T9164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  167.621925][ T9164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.624009][ T9164]  </TASK>
[  167.624891][    C3] vkms_vblank_simulate: vblank timer overrun
[  167.629236][ T9164] audit_log_lost: 18 callbacks suppressed
[  167.629245][ T9164] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  167.632892][ T9164] audit: out of memory in audit_log_start
[  167.690747][ T9173] netlink: 1784 bytes leftover after parsing attributes in process `syz.4.800'.
[  168.086701][ T9188] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.802'.
[  168.089598][ T9184] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.802'.
[  170.239329][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.242107][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.244755][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.247745][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.249968][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.252202][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.254782][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.256925][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.258915][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.260802][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.262716][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.264625][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.266892][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.268956][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.270938][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.272854][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.273361][ T9225] netlink: 1784 bytes leftover after parsing attributes in process `syz.4.815'.
[  170.274784][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.280071][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.283078][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.285055][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.287249][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.400952][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.403097][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.405182][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.407204][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.409125][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.411057][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.412970][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.414966][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.417232][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.419157][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.421074][   T30] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  170.430072][   T30] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  170.443792][ T9230] netlink: 32 bytes leftover after parsing attributes in process `syz.0.817'.
[  170.664536][   T63] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  170.827462][   T63] usb 6-1: config 0 has no interfaces?
[  170.830557][   T63] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  170.833297][   T63] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.846188][   T63] usb 6-1: config 0 descriptor??
[  171.113899][   T35] usb 6-1: USB disconnect, device number 10
[  171.561252][   T64] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  171.705402][   T64] usb 9-1: Using ep0 maxpacket: 8
[  171.711457][   T64] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  171.714669][   T64] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  171.717403][   T64] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  171.719923][   T64] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  171.723347][   T64] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  171.725818][   T64] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.832959][ T9252] IPv6: NLM_F_REPLACE set, but no existing node found!
[  171.932299][   T64] usb 9-1: GET_CAPABILITIES returned 0
[  171.933868][   T64] usbtmc 9-1:16.0: can't read capabilities
[  172.654458][ T9266] netlink: 32 bytes leftover after parsing attributes in process `syz.0.826'.
[  172.935025][ T9273] netlink: 1784 bytes leftover after parsing attributes in process `syz.3.828'.
[  172.955858][ T9271] 
: renamed from bond0 (while UP)
[  173.841452][ T9285] veth0_virt_wifi: entered promiscuous mode
[  173.844144][ T9285] veth0_virt_wifi: left promiscuous mode
[  173.914588][ T9290] netlink: 8 bytes leftover after parsing attributes in process `syz.3.832'.
[  174.354123][ T6706] usb 9-1: USB disconnect, device number 7
[  175.042264][ T9309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.837'.
[  175.987164][ T9332] netlink: 16 bytes leftover after parsing attributes in process `syz.0.843'.
[  176.063425][ T9335] netlink: 20 bytes leftover after parsing attributes in process `syz.1.842'.
[  176.175703][ T9335] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  176.177834][ T9335] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  176.180448][ T9335] vhci_hcd vhci_hcd.0: Device attached
[  176.435633][   T30] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  176.635458][ T9342] vhci_hcd: connection reset by peer
[  176.637145][ T6049] vhci_hcd: stop threads
[  176.638466][ T6049] vhci_hcd: release socket
[  176.639714][ T6049] vhci_hcd: disconnect device
[  177.198803][ T9354] [U] :
[  177.199786][ T9354] [U] 
[  177.200544][ T9354] [U] 
[  177.201300][ T9354] [U] 
[  177.202030][ T9354] [U] 
[  177.202771][ T9354] [U] 
[  177.203498][ T9354] [U] 
[  177.204229][ T9354] [U] 
[  177.204968][ T9354] [U] 
[  177.205743][ T9354] [U] 
[  177.206464][ T9354] [U] 
[  177.207205][ T9354] [U] 
[  177.207935][ T9354] [U] 
[  177.208665][ T9354] [U] 
[  177.209397][ T9354] [U] 
[  177.210145][ T9354] [U] 
[  177.211349][ T9354] [U] 
[  177.212101][ T9354] [U] 
[  177.212838][ T9354] [U] 
[  177.213577][ T9354] [U] 
[  177.214312][ T9354] [U] 
[  177.215060][ T9354] [U] 
[  177.215807][ T9354] [U] 
[  177.216541][ T9354] [U] 
[  177.217781][ T9354] [U] 
[  177.218495][ T9354] [U] 
[  177.219225][ T9354] [U] 
[  177.220874][ T9354] [U] 
[  177.222381][ T9354] [U] 
[  177.223436][ T9354] [U] 
[  177.224390][ T9354] [U] 
[  177.225423][ T9354] [U] 
[  177.226774][ T9354] [U] 
[  177.227734][ T9354] [U] 
[  177.228673][ T9354] [U] 
[  177.229615][ T9354] [U] 
[  177.230564][ T9354] [U] 
[  177.231578][ T9354] [U] 
[  177.232571][ T9354] [U] 
[  177.233565][ T9354] [U] 
[  177.234660][ T9354] [U] 
[  177.235736][ T9354] [U] 
[  177.236738][ T9354] [U] 
[  177.237742][ T9354] [U] 
[  177.238747][ T9354] [U] 
[  177.239735][ T9354] [U] 
[  177.240689][ T9354] [U] 
[  177.241434][ T9354] [U] 
[  177.242445][ T9354] [U] 
[  177.243211][ T9354] [U] 
[  177.243946][ T9354] [U] 
[  177.244689][ T9354] [U] 
[  177.245440][ T9354] [U] 
[  177.246230][ T9354] [U] 
[  177.247139][ T9354] [U] 
[  177.248089][ T9354] [U] 
[  177.249132][ T9354] [U] 
[  177.249884][ T9354] [U] 
[  177.250637][ T9354] [U] 
[  177.251381][ T9354] [U] 
[  177.252183][ T9354] [U] 
[  177.252960][ T9354] [U] 
[  177.253833][ T9354] [U] 
[  177.254589][ T9354] [U] 
[  177.255514][ T9354] [U] 
[  177.256256][ T9354] [U] 
[  177.256998][ T9354] [U] 
[  177.257760][ T9354] [U] 
[  177.258496][ T9354] [U] 
[  177.259243][ T9354] [U] 
[  177.259982][ T9354] [U] 
[  177.260716][ T9354] [U] 
[  177.261513][ T9354] [U] 
[  177.262262][ T9354] [U] 
[  177.263020][ T9354] [U] 
[  177.263764][ T9354] [U] 
[  177.264506][ T9354] [U] 
[  177.265268][ T9354] [U] 
[  177.266034][ T9354] [U] 
[  177.266781][ T9354] [U] 
[  177.267188][ T9357] netlink: 40 bytes leftover after parsing attributes in process `syz.1.846'.
[  177.267741][ T9354] [U] 
[  177.271276][ T9354] [U] 
[  177.271995][ T9354] [U] 
[  177.272716][ T9354] [U] 
[  177.273457][ T9354] [U] 
[  177.274208][ T9354] [U] 
[  177.274940][ T9354] [U] 
[  177.275675][ T9354] [U] 
[  177.276499][ T9354] [U] 
[  177.277233][ T9354] [U] 
[  177.277979][ T9354] [U] 
[  177.278911][ T9354] [U] 
[  177.279775][ T9354] [U] 
[  177.280519][ T9354] [U] 
[  177.281283][ T9354] [U] 
[  177.282042][ T9354] [U] 
[  177.283114][ T9354] [U] 
[  177.283875][ T9354] [U] 
[  177.284601][ T9354] [U] 
[  177.285331][ T9354] [U] 
[  177.286078][ T9354] [U] 
[  177.286810][ T9354] [U] 
[  177.287578][ T9354] [U] 
[  177.288491][ T9354] [U] 
[  177.289782][ T9354] [U] 
[  177.290751][ T9354] [U] 
[  177.291689][ T9354] [U] 
[  177.292624][ T9354] [U] 
[  177.293545][ T9354] [U] 
[  177.294410][ T9354] [U] 
[  177.295274][ T9354] [U] 
[  177.296196][ T9354] [U] 
[  177.298416][ T9354] [U] 
[  177.299412][ T9354] [U] 
[  177.300351][ T9354] [U] 
[  177.301273][ T9354] [U] 
[  177.302049][ T9354] [U] 
[  177.302932][ T9354] [U] 
[  177.303669][ T9354] [U] 
[  177.304404][ T9354] [U] 
[  177.305198][ T9354] [U] 
[  177.305918][ T9354] [U] 
[  177.306671][ T9354] [U] 
[  177.307408][ T9354] [U] 
[  177.308145][ T9354] [U] 
[  177.308880][ T9354] [U] 
[  177.309606][ T9354] [U] 
[  177.315107][ T9353] [U] 
[  177.371675][ T9359] syz.1.848 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  178.465308][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.520264][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.562769][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.435386][   T64] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  180.595361][   T64] usb 5-1: Using ep0 maxpacket: 8
[  180.601171][   T64] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  180.603506][   T64] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  180.606676][   T64] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  180.609324][   T64] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  180.612083][   T64] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  180.616058][   T64] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  180.618728][   T64] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.818046][ T9423] FAULT_INJECTION: forcing a failure.
[  180.818046][ T9423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.821490][ T9423] CPU: 3 UID: 0 PID: 9423 Comm: syz.4.866 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  180.824245][ T9423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.827032][ T9423] Call Trace:
[  180.827917][ T9423]  <TASK>
[  180.828704][ T9423]  dump_stack_lvl+0x16c/0x1f0
[  180.829950][ T9423]  should_fail_ex+0x497/0x5b0
[  180.831208][ T9423]  _copy_from_user+0x2e/0xd0
[  180.832442][ T9423]  do_handle_open+0x41f/0x990
[  180.833691][ T9423]  ? __pfx_do_handle_open+0x10/0x10
[  180.835059][ T9423]  ? ksys_write+0x1ba/0x250
[  180.836293][ T9423]  ? __do_fast_syscall_32+0x73/0x120
[  180.837700][ T9423]  __do_fast_syscall_32+0x73/0x120
[  180.839045][ T9423]  do_fast_syscall_32+0x32/0x80
[  180.840329][ T9423]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.842003][ T9423] RIP: 0023:0xf70be579
[  180.843092][ T9423] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  180.848205][ T9423] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[  180.850439][ T9423] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  180.852547][ T9423] RDX: 0000000000301800 RSI: 0000000000000000 RDI: 0000000000000000
[  180.854612][ T9423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.856687][ T9423] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  180.858760][ T9423] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.860663][ T9423]  </TASK>
[  181.172803][ T9434] netlink: 12 bytes leftover after parsing attributes in process `syz.1.870'.
[  181.188670][   T64] usb 5-1: usb_control_msg returned -71
[  181.193440][   T64] usbtmc 5-1:16.0: can't read capabilities
[  181.199309][   T64] usb 5-1: USB disconnect, device number 10
[  181.376045][ T5986] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  181.535431][ T5986] usb 9-1: Using ep0 maxpacket: 8
[  181.538254][ T5986] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  181.542240][ T5986] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  181.545365][ T5986] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  181.548397][ T5986] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  181.552998][ T5986] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  181.557282][ T5986] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.782398][ T5986] usb 9-1: GET_CAPABILITIES returned 0
[  181.783894][ T5986] usbtmc 9-1:16.0: can't read capabilities
[  181.865364][   T30] vhci_hcd: vhci_device speed not set
[  182.513326][ T9451] netlink: 1784 bytes leftover after parsing attributes in process `syz.0.875'.
[  184.126314][   T39] audit: type=1326 audit(1734335424.557:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9478 comm="syz.3.882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  184.173226][   T30] usb 9-1: USB disconnect, device number 8
[  184.177868][   T39] audit: type=1326 audit(1734335424.607:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9478 comm="syz.3.882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  184.183695][   T39] audit: type=1326 audit(1734335424.607:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9478 comm="syz.3.882" exe="/syz-executor" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  184.194118][   T39] audit: type=1326 audit(1734335424.607:88): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=9478 comm="syz.3.882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  184.200176][   T39] audit: type=1326 audit(1734335424.607:89): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=9478 comm="syz.3.882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  184.206195][   T39] audit: type=1326 audit(1734335424.617:90): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=9478 comm="syz.3.882" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  185.616787][ T6706] usb 9-1: new low-speed USB device number 9 using dummy_hcd
[  185.790682][ T6706] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  185.798377][ T6706] usb 9-1: config 0 has no interface number 0
[  185.800357][ T6706] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  185.803654][ T6706] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  185.811044][ T6706] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  185.814898][ T6706] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  185.819116][ T6706] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  185.822286][ T6706] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  185.825681][ T6706] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  185.828056][ T6706] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.833053][ T6706] usb 9-1: config 0 descriptor??
[  185.835671][ T9496] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  185.837977][ T9496] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  185.844980][ T6706] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  186.116090][   T64] libceph: connect (1)[c::]:6789 error -101
[  186.118743][   T64] libceph: mon0 (1)[c::]:6789 connect error
[  186.122779][   T64] libceph: connect (1)[c::]:6789 error -101
[  186.124423][   T64] libceph: mon0 (1)[c::]:6789 connect error
[  186.191505][ T6002] libceph: connect (1)[b::]:6789 error -101
[  186.193293][ T6002] libceph: mon0 (1)[b::]:6789 connect error
[  186.197235][ T6002] libceph: connect (1)[b::]:6789 error -101
[  186.199229][ T6002] libceph: mon0 (1)[b::]:6789 connect error
[  186.389365][   T64] libceph: connect (1)[c::]:6789 error -101
[  186.391763][   T64] libceph: mon0 (1)[c::]:6789 connect error
[  186.459156][ T6002] libceph: connect (1)[b::]:6789 error -101
[  186.461325][ T6002] libceph: mon0 (1)[b::]:6789 connect error
[  186.588839][   T39] audit: type=1326 audit(1734335427.017:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9516 comm="syz.3.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  186.594408][   T39] audit: type=1326 audit(1734335427.017:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9516 comm="syz.3.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  186.600114][   T39] audit: type=1326 audit(1734335427.017:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9516 comm="syz.3.890" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  186.608889][   T39] audit: type=1326 audit(1734335427.017:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9516 comm="syz.3.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  186.646943][ T9517] netlink: 'syz.3.890': attribute type 1 has an invalid length.
[  186.798882][ T9520] usb 2-1: USB disconnect, device number 2
[  186.846453][ T9520] hub 2-0:1.0: USB hub found
[  186.848390][ T9520] hub 2-0:1.0: 6 ports detected
[  186.895521][   T64] libceph: connect (1)[c::]:6789 error -101
[  186.897227][   T64] libceph: mon0 (1)[c::]:6789 connect error
[  186.932900][ T9512] ceph: No mds server is up or the cluster is laggy
[  186.932925][ T9509] ceph: No mds server is up or the cluster is laggy
[  186.969867][ T6002] libceph: connect (1)[b::]:6789 error -101
[  186.972571][ T6002] libceph: mon0 (1)[b::]:6789 connect error
[  187.035721][   T25] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  187.041724][ T9523] netlink: 'syz.1.892': attribute type 1 has an invalid length.
[  187.061502][ T9523] bond1: entered promiscuous mode
[  187.063362][ T9523] 8021q: adding VLAN 0 to HW filter on device bond1
[  187.082804][ T9523] FAT-fs (nullb0): bogus number of reserved sectors
[  187.084726][ T9523] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  187.090950][ T9523] netlink: 28 bytes leftover after parsing attributes in process `syz.1.892'.
[  187.146674][ T9527] netlink: 3 bytes leftover after parsing attributes in process `syz.1.892'.
[  187.156063][ T9527] batadv1: entered promiscuous mode
[  187.157535][ T9527] batadv1: entered allmulticast mode
[  187.160938][ T9527] 8021q: adding VLAN 0 to HW filter on device batadv1
[  187.164763][ T9527] bond1: (slave batadv1): making interface the new active one
[  187.169520][ T9527] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  187.232769][   T25] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  187.240868][   T25] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  187.244060][   T25] usb 2-1: Product: QEMU USB Tablet
[  187.246782][   T25] usb 2-1: Manufacturer: QEMU
[  187.248503][   T25] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  187.289767][   T25] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0006/input/input13
[  187.357112][   T25] hid-generic 0003:0627:0001.0006: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  188.148334][ T6706] usb 9-1: USB disconnect, device number 9
[  188.151668][ T6706] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  188.244832][ T9543] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  188.272187][ T9545] binder: 9544:9545 ioctl c0306201 0 returned -14
[  188.285878][ T9545] netlink: 32 bytes leftover after parsing attributes in process `syz.4.900'.
[  188.585213][ T9553] FAULT_INJECTION: forcing a failure.
[  188.585213][ T9553] name failslab, interval 1, probability 0, space 0, times 0
[  188.602754][ T9553] CPU: 3 UID: 0 PID: 9553 Comm: syz.4.902 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  188.605585][ T9553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.608372][ T9553] Call Trace:
[  188.609252][ T9553]  <TASK>
[  188.610034][ T9553]  dump_stack_lvl+0x16c/0x1f0
[  188.611279][ T9553]  should_fail_ex+0x497/0x5b0
[  188.612527][ T9553]  ? fs_reclaim_acquire+0xae/0x150
[  188.613869][ T9553]  should_failslab+0xc2/0x120
[  188.615118][ T9553]  __kmalloc_noprof+0xce/0x4f0
[  188.616583][ T9553]  ? d_absolute_path+0x137/0x1b0
[  188.617918][ T9553]  ? tomoyo_encode2+0x100/0x3e0
[  188.619211][ T9553]  tomoyo_encode2+0x100/0x3e0
[  188.620455][ T9553]  tomoyo_realpath_from_path+0x1a7/0x710
[  188.621910][ T9553]  tomoyo_path_number_perm+0x248/0x5b0
[  188.623294][ T9553]  ? tomoyo_path_number_perm+0x235/0x5b0
[  188.624753][ T9553]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  188.626399][ T9553]  ? __pfx_lock_release+0x10/0x10
[  188.627647][ T9553]  ? trace_lock_acquire+0x14e/0x1f0
[  188.628987][ T9553]  ? lock_acquire+0x2f/0xb0
[  188.630156][ T9553]  ? __fget_files+0x40/0x3a0
[  188.631300][ T9553]  ? __fget_files+0x206/0x3a0
[  188.632608][ T9553]  security_file_ioctl_compat+0x9b/0x240
[  188.634118][ T9553]  __do_compat_sys_ioctl+0x4e/0x2c0
[  188.635707][ T9553]  __do_fast_syscall_32+0x73/0x120
[  188.637044][ T9553]  do_fast_syscall_32+0x32/0x80
[  188.638458][ T9553]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  188.640314][ T9553] RIP: 0023:0xf70be579
[  188.641458][ T9553] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  188.646826][ T9553] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  188.649155][ T9553] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040284504
[  188.651280][ T9553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  188.653329][ T9553] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  188.655397][ T9553] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  188.657624][ T9553] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  188.659684][ T9553]  </TASK>
[  188.663294][ T9553] ERROR: Out of memory at tomoyo_realpath_from_path.
[  188.956741][ T9562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.905'.
[  188.983874][ T9562] capability: warning: `syz.0.905' uses 32-bit capabilities (legacy support in use)
[  189.272292][ T9575] netlink: 28 bytes leftover after parsing attributes in process `syz.1.907'.
[  189.908913][ T9578] netlink: 32 bytes leftover after parsing attributes in process `syz.0.909'.
[  189.925447][ T9581] fuse: Unknown parameter 'group'
[  190.078774][ T9588] netlink: 1784 bytes leftover after parsing attributes in process `syz.1.913'.
[  190.179432][ T9586] 9pnet: Could not find request transport: nd
[  190.581624][ T9598] netlink: 1784 bytes leftover after parsing attributes in process `syz.0.915'.
[  190.635693][ T9600] netlink: 'syz.4.914': attribute type 1 has an invalid length.
[  190.649617][ T9600] bond3: entered promiscuous mode
[  190.651948][ T9600] 8021q: adding VLAN 0 to HW filter on device bond3
[  190.679140][ T9600] syz.4.914: attempt to access beyond end of device
[  190.679140][ T9600] loop4: rw=0, sector=0, nr_sectors = 1 limit=0
[  190.683929][ T9600] FAT-fs (loop4): unable to read boot sector
[  190.743269][ T9603] netlink: 3 bytes leftover after parsing attributes in process `syz.4.914'.
[  190.750982][ T9603] batadv2: entered promiscuous mode
[  190.752521][ T9603] batadv2: entered allmulticast mode
[  190.755848][ T9603] 8021q: adding VLAN 0 to HW filter on device batadv2
[  190.759170][ T9603] bond3: (slave batadv2): making interface the new active one
[  190.761517][ T9603] bond3: (slave batadv2): Enslaving as an active interface with an up link
[  191.543215][ T9613] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  191.913181][ T9622] netlink: 28 bytes leftover after parsing attributes in process `syz.0.919'.
[  192.748921][ T9635] netlink: 1784 bytes leftover after parsing attributes in process `syz.3.924'.
[  193.565654][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  194.025089][ T9663] netlink: 28 bytes leftover after parsing attributes in process `syz.0.930'.
[  194.556399][ T9656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.263839][ T9678] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  195.715340][   T35] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  195.866480][   T35] usb 6-1: config 0 has no interfaces?
[  195.868117][   T35] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  195.870516][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.874012][   T35] usb 6-1: config 0 descriptor??
[  196.421067][   T35] usb 6-1: USB disconnect, device number 11
[  197.228225][ T9717] snd_dummy snd_dummy.0: control 6:0:0:syz0:0 is already present
[  197.344585][ T9701] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  197.947273][   T39] kauditd_printk_skb: 53 callbacks suppressed
[  197.947287][   T39] audit: type=1326 audit(1734335438.377:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  197.956665][   T39] audit: type=1326 audit(1734335438.377:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  197.962982][   T39] audit: type=1326 audit(1734335438.377:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  197.975327][   T39] audit: type=1326 audit(1734335438.377:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  197.982445][   T39] audit: type=1326 audit(1734335438.377:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  197.990069][   T39] audit: type=1326 audit(1734335438.387:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  197.995779][   T39] audit: type=1326 audit(1734335438.387:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9724 comm="syz.0.948" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x0
[  198.349606][ T9736] netlink: 'syz.4.951': attribute type 2 has an invalid length.
[  199.514896][ T9754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.953'.
[  199.539654][ T9754] netlink: 44 bytes leftover after parsing attributes in process `syz.0.953'.
[  199.785322][ T6706] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  199.955383][ T6706] usb 5-1: Using ep0 maxpacket: 8
[  199.963568][ T6706] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  199.966736][ T6706] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  199.970163][ T6706] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 57120, setting to 1024
[  199.974033][ T6706] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  200.013777][ T6706] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  200.065802][ T6706] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  200.075166][ T6706] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.371554][ T6706] usb 5-1: GET_CAPABILITIES returned 0
[  200.375431][ T6706] usbtmc 5-1:16.0: can't read capabilities
[  200.588371][ T9773] FAULT_INJECTION: forcing a failure.
[  200.588371][ T9773] name failslab, interval 1, probability 0, space 0, times 0
[  200.591826][ T9773] CPU: 2 UID: 0 PID: 9773 Comm: syz.1.959 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  200.594892][ T9773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.597963][ T9773] Call Trace:
[  200.598922][ T9773]  <TASK>
[  200.599755][ T9773]  dump_stack_lvl+0x16c/0x1f0
[  200.601075][ T9773]  should_fail_ex+0x497/0x5b0
[  200.602405][ T9773]  ? fs_reclaim_acquire+0xae/0x150
[  200.603823][ T9773]  should_failslab+0xc2/0x120
[  200.605204][ T9773]  __kmalloc_node_noprof+0xd1/0x520
[  200.606644][ T9773]  ? trace_lock_acquire+0x14e/0x1f0
[  200.608077][ T9773]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  200.609610][ T9773]  __kvmalloc_node_noprof+0xad/0x1a0
[  200.611082][ T9773]  __kvm_mmu_topup_memory_cache+0x451/0x600
[  200.612722][ T9773]  ? rcuwait_wake_up+0xe9/0x290
[  200.614145][ T9773]  mmu_topup_memory_caches+0x22/0xd0
[  200.615829][ T9773]  kvm_mmu_load+0xda/0x21f0
[  200.617098][ T9773]  ? vmx_get_rflags+0x100/0x420
[  200.618510][ T9773]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  200.620063][ T9773]  ? __pfx_kvm_mmu_load+0x10/0x10
[  200.621490][ T9773]  ? vmx_enable_irq_window+0xa9/0x190
[  200.623015][ T9773]  ? kvm_check_and_inject_events+0x725/0x12e0
[  200.624675][ T9773]  ? record_steal_time+0x51/0xbe0
[  200.626059][ T9773]  vcpu_run+0x2e2e/0x4c00
[  200.627262][ T9773]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  200.628801][ T9773]  ? __pfx_vcpu_run+0x10/0x10
[  200.630100][ T9773]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  200.631651][ T9773]  ? rcu_is_watching+0x12/0xc0
[  200.632953][ T9773]  ? trace_lock_acquire+0x14e/0x1f0
[  200.634492][ T9773]  ? __local_bh_enable_ip+0xa4/0x120
[  200.635971][ T9773]  ? lockdep_hardirqs_on+0x7c/0x110
[  200.637400][ T9773]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  200.638950][ T9773]  ? lock_acquire+0x2f/0xb0
[  200.640215][ T9773]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  200.641788][ T9773]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  200.643296][ T9773]  kvm_vcpu_ioctl+0x6ce/0x1520
[  200.644686][ T9773]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  200.646207][ T9773]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  200.647635][ T9773]  ? tomoyo_path_number_perm+0x190/0x5b0
[  200.649190][ T9773]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  200.650828][ T9773]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  200.652484][ T9773]  ? do_vfs_ioctl+0x513/0x1950
[  200.653794][ T9773]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  200.655217][ T9773]  ? __pfx_lock_release+0x10/0x10
[  200.656609][ T9773]  ? trace_lock_acquire+0x14e/0x1f0
[  200.658072][ T9773]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  200.659522][ T9773]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  200.661104][ T9773]  ? __fget_files+0x206/0x3a0
[  200.662499][ T9773]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  200.664087][ T9773]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  200.665781][ T9773]  __do_fast_syscall_32+0x73/0x120
[  200.667685][ T9773]  do_fast_syscall_32+0x32/0x80
[  200.669493][ T9773]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  200.671824][ T9773] RIP: 0023:0xf70ee579
[  200.673276][ T9773] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  200.680168][ T9773] RSP: 002b:00000000f50bf55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  200.683157][ T9773] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  200.686035][ T9773] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  200.688960][ T9773] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  200.691870][ T9773] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  200.694574][ T9773] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  200.697053][ T9773]  </TASK>
[  200.699108][    C2] hpet: Lost 6 RTC interrupts
[  200.849588][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.852943][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.858335][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.861110][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.863379][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.865952][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.868607][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.870691][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.872690][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.874734][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.876893][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.879013][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.880981][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.883324][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.885357][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.889327][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.891349][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.893292][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.895870][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.898350][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.898700][ T9759] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  200.900939][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.904751][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.907028][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.909078][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.911213][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.913202][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.916662][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.920049][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.922318][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.924448][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.926682][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.928771][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.931259][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.934510][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.937872][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.940116][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.942244][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.944364][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.947049][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.949158][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.955432][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.957580][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.959723][   T25] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  200.965515][   T25] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  201.775411][   T35] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  201.925325][   T35] usb 9-1: Using ep0 maxpacket: 16
[  201.928130][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.932461][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.937620][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.941824][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.946132][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.951817][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.956531][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.960734][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  201.964215][   T35] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  201.966773][   T35] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.970689][   T35] usb 9-1: config 0 descriptor??
[  201.974252][   T35] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input14
[  202.176800][ T9783] ntfs3(nbd4): try to read out of volume at offset 0x0
[  202.177933][   T57] usb 5-1: USB disconnect, device number 11
[  202.180994][ T5346] bcm5974 9-1:0.0: could not read from device
[  202.188311][   T35] bcm5974 9-1:0.0: could not read from device
[  202.193273][ T5346] bcm5974 9-1:0.0: could not read from device
[  202.198890][   T35] input: failed to attach handler mousedev to device input14, error: -5
[  202.203467][ T5346] bcm5974 9-1:0.0: could not read from device
[  202.205407][   T35] usb 9-1: USB disconnect, device number 10
[  202.209561][ T5346] bcm5974 9-1:0.0: could not read from device
[  202.374723][ T9792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.966'.
[  202.386200][ T9792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.966'.
[  202.672598][ T9800] netlink: 16 bytes leftover after parsing attributes in process `syz.3.968'.
[  202.680433][ T9800] pim6reg1: entered allmulticast mode
[  202.864154][ T9807] FAULT_INJECTION: forcing a failure.
[  202.864154][ T9807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.868985][ T9807] CPU: 2 UID: 0 PID: 9807 Comm: syz.4.970 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  202.872845][ T9807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.876779][ T9807] Call Trace:
[  202.877999][ T9807]  <TASK>
[  202.879117][ T9807]  dump_stack_lvl+0x16c/0x1f0
[  202.880878][ T9807]  should_fail_ex+0x497/0x5b0
[  202.882662][ T9807]  _copy_from_user+0x2e/0xd0
[  202.884398][ T9807]  get_compat_msghdr+0xa8/0x170
[  202.886233][ T9807]  ? __pfx_get_compat_msghdr+0x10/0x10
[  202.888256][ T9807]  ? ctx_flush_and_put.constprop.0+0x16b/0x410
[  202.890541][ T9807]  ? io_handle_tw_list+0x3df/0x540
[  202.892444][ T9807]  ___sys_recvmsg+0x193/0x1a0
[  202.894198][ T9807]  ? __pfx____sys_recvmsg+0x10/0x10
[  202.896132][ T9807]  ? __fget_files+0x1fc/0x3a0
[  202.897898][ T9807]  ? trace_lock_acquire+0x14e/0x1f0
[  202.899857][ T9807]  ? __fget_files+0x206/0x3a0
[  202.901627][ T9807]  do_recvmmsg+0x55d/0x740
[  202.903324][ T9807]  ? __pfx_do_recvmmsg+0x10/0x10
[  202.905193][ T9807]  ? arch_do_signal_or_restart+0x212/0x7e0
[  202.907364][ T9807]  ? __fget_files+0x206/0x3a0
[  202.909124][ T9807]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  202.911434][ T9807]  __sys_recvmmsg+0x21e/0x280
[  202.913203][ T9807]  ? __pfx___sys_recvmmsg+0x10/0x10
[  202.915123][ T9807]  ? __pfx_ksys_write+0x10/0x10
[  202.916952][ T9807]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  202.919271][ T9807]  ? do_int80_emulation+0xd1/0x200
[  202.921200][ T9807]  ? lockdep_hardirqs_on+0x7c/0x110
[  202.923135][ T9807]  do_int80_emulation+0x104/0x200
[  202.925000][ T9807]  asm_int80_emulation+0x1a/0x20
[  202.926853][ T9807] RIP: 0023:0xf70be579
[  202.928346][ T9807] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  202.935380][ T9807] RSP: 002b:00000000f508f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  202.938486][ T9807] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200055c0
[  202.941413][ T9807] RDX: 000000000400023c RSI: 0000000000000302 RDI: 0000000000000000
[  202.944310][ T9807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  202.947205][ T9807] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  202.950105][ T9807] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  202.953043][ T9807]  </TASK>
[  202.954655][    C2] hpet: Lost 4 RTC interrupts
[  204.054424][ T9826] netlink: 24 bytes leftover after parsing attributes in process `syz.3.974'.
[  205.143026][ T9850] hsr0: entered promiscuous mode
[  205.260210][ T5947] Bluetooth: hci4: sending frame failed (-49)
[  205.265342][   T67] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  205.585450][   T57] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  205.736533][   T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.739475][   T57] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  205.742987][   T57] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  205.745665][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.748797][   T57] usb 5-1: config 0 descriptor??
[  206.158738][   T57] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  206.165535][   T57] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  207.029393][ T9884] 9pnet_fd: Insufficient options for proto=fd
[  207.238143][ T9894] vlan2: entered promiscuous mode
[  207.239735][ T9894] vlan2: entered allmulticast mode
[  207.241523][ T9894] hsr_slave_1: entered allmulticast mode
[  208.389916][   T57] usb 5-1: USB disconnect, device number 12
[  208.499448][ T9913] netlink: 12 bytes leftover after parsing attributes in process `syz.4.997'.
[  208.523890][ T9913] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  210.719849][ T9961] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  210.767818][   T39] audit: type=1326 audit(1734335451.197:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7fc00000
[  210.969528][ T9971] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  211.366644][ T9975] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1012'.
[  211.795545][ T9979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1013'.
[  211.800112][ T9979] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1013'.
[  211.814503][ T9981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1014'.
[  212.013136][ T9994] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  212.098494][ T9997] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  212.781434][T10017] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  213.106128][T10055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1030'.
[  213.131123][T10055] team1: Mode "" not found
[  213.198929][T10064] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1027'.
[  213.264405][T10065] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  213.397580][T10071] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1032'.
[  213.483793][T10075] Process accounting resumed
[  213.507428][T10079] netlink: 'syz.1.1034': attribute type 1 has an invalid length.
[  213.509885][T10079] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1034'.
[  213.569849][T10085] vivid-003: disconnect
[  214.916540][T10110] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1041'.
[  215.528825][T10129] netlink: 'syz.1.1045': attribute type 4 has an invalid length.
[  216.303911][T10135] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1046'.
[  217.722657][T10155] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1052'.
[  217.866281][T10158] cgroup: fork rejected by pids controller in /syz4
[  219.047052][T10553] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1058'.
[  219.192109][T10561] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1061'.
[  219.569916][T10584] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  219.661450][   T57] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  219.809924][   T57] usb 9-1: device descriptor read/64, error -71
[  220.025385][   T63] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  220.055329][   T57] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  220.175404][   T63] usb 6-1: Using ep0 maxpacket: 16
[  220.178313][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.184026][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.189405][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.193859][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.199358][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.204437][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.205374][   T57] usb 9-1: device descriptor read/64, error -71
[  220.209758][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.216478][   T63] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.220772][   T63] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  220.223636][   T63] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.227936][   T63] usb 6-1: config 0 descriptor??
[  220.231695][   T63] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input16
[  220.315468][   T57] usb usb9-port1: attempt power cycle
[  220.446150][T10587] ntfs3(nbd1): try to read out of volume at offset 0x0
[  220.457966][ T5346] bcm5974 6-1:0.0: could not read from device
[  220.464587][   T63] bcm5974 6-1:0.0: could not read from device
[  220.475866][ T5346] bcm5974 6-1:0.0: could not read from device
[  220.486501][   T63] input: failed to attach handler mousedev to device input16, error: -5
[  220.496794][ T5346] bcm5974 6-1:0.0: could not read from device
[  220.503670][   T63] usb 6-1: USB disconnect, device number 12
[  220.745353][   T57] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  220.775800][   T57] usb 9-1: device descriptor read/8, error -71
[  221.025326][   T57] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  221.065766][   T57] usb 9-1: device descriptor read/8, error -71
[  221.079236][T10608] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  221.188935][   T57] usb usb9-port1: unable to enumerate USB device
[  221.434225][T10615] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  221.696993][T10621] can0: slcan on pts0.
[  221.775900][T10621] can0 (unregistered): slcan off pts0.
[  222.320702][T10643] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1083'.
[  222.337047][T10643] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  223.222921][T10658] binder: 10657:10658 ioctl c0306201 0 returned -14
[  223.233662][T10658] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1088'.
[  224.586749][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  224.815398][    T9] usb 6-1: device descriptor read/64, error -71
[  225.071637][    T9] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  225.210571][    T9] usb 6-1: device descriptor read/64, error -71
[  225.345599][    T9] usb usb6-port1: attempt power cycle
[  225.391896][T10702] binder: 10701:10702 ioctl c0306201 0 returned -14
[  225.552256][T10702] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1097'.
[  225.651177][T10706] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1096'.
[  225.674404][T10706] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  225.685812][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  225.825719][    T9] usb 6-1: device descriptor read/8, error -71
[  225.913873][T10713] net_ratelimit: 488 callbacks suppressed
[  225.913883][T10713] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  225.924887][T10713] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1100'.
[  226.065416][    T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  226.085844][    T9] usb 6-1: device descriptor read/8, error -71
[  226.154414][T10717] xt_time: invalid argument - start or stop time greater than 23:59:59
[  226.197633][    T9] usb usb6-port1: unable to enumerate USB device
[  227.515401][   T35] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  227.592326][T10760] syz.1.1112 (10760): drop_caches: 2
[  227.665301][   T35] usb 9-1: device descriptor read/64, error -71
[  227.915377][   T35] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  227.924501][T10735] 
[  227.925440][T10735] ======================================================
[  227.927896][T10735] WARNING: possible circular locking dependency detected
[  227.930458][T10735] 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0 Not tainted
[  227.934133][T10735] ------------------------------------------------------
[  227.936879][T10735] syz.3.1106/10735 is trying to acquire lock:
[  227.938495][T10735] ffff888043a0fe78 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_mq_exit_sched+0xd1/0x310
[  227.940975][T10735] 
[  227.940975][T10735] but task is already holding lock:
[  227.942924][T10735] ffff88802436c8b8 (&eq->sysfs_lock){+.+.}-{4:4}, at: elevator_disable+0xb5/0x490
[  227.945321][T10735] 
[  227.945321][T10735] which lock already depends on the new lock.
[  227.945321][T10735] 
[  227.948327][T10735] 
[  227.948327][T10735] the existing dependency chain (in reverse order) is:
[  227.950667][T10735] 
[  227.950667][T10735] -> #4 (&eq->sysfs_lock){+.+.}-{4:4}:
[  227.952702][T10735]        __mutex_lock+0x19b/0xa60
[  227.954010][T10735]        elevator_disable+0xb5/0x490
[  227.955406][T10735]        __blk_mq_update_nr_hw_queues+0x41e/0x1500
[  227.957627][T10735]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  227.959276][T10735]        nbd_start_device+0x15b/0xd70
[  227.960730][T10735]        nbd_ioctl+0x21a/0xfd0
[  227.962046][T10735]        compat_blkdev_ioctl+0x2f7/0x750
[  227.963516][T10735]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  227.965033][T10735]        __do_fast_syscall_32+0x73/0x120
[  227.966801][T10735]        do_fast_syscall_32+0x32/0x80
[  227.968203][T10735]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  227.969966][T10735] 
[  227.969966][T10735] -> #3 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[  227.972193][T10735]        blk_mq_submit_bio+0x1fb6/0x24c0
[  227.973655][T10735]        __submit_bio+0x384/0x540
[  227.974996][T10735]        submit_bio_noacct_nocheck+0x698/0xd70
[  227.977013][T10735]        submit_bio_noacct+0x93a/0x1e20
[  227.978848][T10735]        block_read_full_folio+0x812/0xa50
[  227.980442][T10735]        filemap_read_folio+0x25d/0x2a0
[  227.981982][T10735]        filemap_get_pages+0x155f/0x1be0
[  227.983499][T10735]        filemap_read+0x3ca/0xd70
[  227.984828][T10735]        blkdev_read_iter+0x187/0x480
[  227.986266][T10735]        vfs_read+0x87f/0xbe0
[  227.987510][T10735]        ksys_read+0x12b/0x250
[  227.988776][T10735]        do_syscall_64+0xcd/0x250
[  227.990103][T10735]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.991850][T10735] 
[  227.991850][T10735] -> #2 (mapping.invalidate_lock#2){++++}-{4:4}:
[  227.994074][T10735]        down_read+0x9a/0x330
[  227.995326][T10735]        filemap_fault+0x62c/0x2820
[  227.996710][T10735]        __do_fault+0x10a/0x490
[  227.997989][T10735]        do_pte_missing+0xebd/0x3e00
[  227.999375][T10735]        __handle_mm_fault+0x103c/0x2a40
[  228.000860][T10735]        handle_mm_fault+0x3fa/0xaa0
[  228.002259][T10735]        do_user_addr_fault+0x7a3/0x13f0
[  228.003728][T10735]        exc_page_fault+0x5c/0xc0
[  228.005055][T10735]        asm_exc_page_fault+0x26/0x30
[  228.006440][T10735]        _copy_from_user+0x95/0xd0
[  228.007816][T10735]        move_addr_to_kernel+0x68/0x160
[  228.009301][T10735]        __sys_connect+0xb0/0x170
[  228.010667][T10735]        __ia32_sys_connect+0x71/0xb0
[  228.012077][T10735]        __do_fast_syscall_32+0x73/0x120
[  228.013580][T10735]        do_fast_syscall_32+0x32/0x80
[  228.015012][T10735]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.016842][T10735] 
[  228.016842][T10735] -> #1 (&mm->mmap_lock){++++}-{4:4}:
[  228.018825][T10735]        __might_fault+0x11b/0x190
[  228.020173][T10735]        _copy_from_user+0x29/0xd0
[  228.021529][T10735]        compat_blk_trace_setup+0xc9/0x200
[  228.023105][T10735]        blk_trace_ioctl+0x24a/0x290
[  228.024505][T10735]        compat_blkdev_ioctl+0x13c/0x750
[  228.025989][T10735]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  228.027520][T10735]        __do_fast_syscall_32+0x73/0x120
[  228.028990][T10735]        do_fast_syscall_32+0x32/0x80
[  228.030409][T10735]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.032205][T10735] 
[  228.032205][T10735] -> #0 (&q->debugfs_mutex){+.+.}-{4:4}:
[  228.034240][T10735]        __lock_acquire+0x249e/0x3c40
[  228.035645][T10735]        lock_acquire.part.0+0x11b/0x380
[  228.037115][T10735]        __mutex_lock+0x19b/0xa60
[  228.038458][T10735]        blk_mq_exit_sched+0xd1/0x310
[  228.039860][T10735]        elevator_disable+0xc0/0x490
[  228.041249][T10735]        __blk_mq_update_nr_hw_queues+0x41e/0x1500
[  228.042949][T10735]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  228.044537][T10735]        nbd_start_device+0x15b/0xd70
[  228.045934][T10735]        nbd_ioctl+0x21a/0xfd0
[  228.047198][T10735]        compat_blkdev_ioctl+0x2f7/0x750
[  228.048661][T10735]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  228.050193][T10735]        __do_fast_syscall_32+0x73/0x120
[  228.051654][T10735]        do_fast_syscall_32+0x32/0x80
[  228.053056][T10735]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.054833][T10735] 
[  228.054833][T10735] other info that might help us debug this:
[  228.054833][T10735] 
[  228.057429][T10735] Chain exists of:
[  228.057429][T10735]   &q->debugfs_mutex --> &q->q_usage_counter(io)#52 --> &eq->sysfs_lock
[  228.057429][T10735] 
[  228.061085][T10735]  Possible unsafe locking scenario:
[  228.061085][T10735] 
[  228.063114][T10735]        CPU0                    CPU1
[  228.064513][T10735]        ----                    ----
[  228.065890][T10735]   lock(&eq->sysfs_lock);
[  228.067076][T10735]                                lock(&q->q_usage_counter(io)#52);
[  228.069125][T10735]                                lock(&eq->sysfs_lock);
[  228.070966][T10735]   lock(&q->debugfs_mutex);
[  228.072180][T10735] 
[  228.072180][T10735]  *** DEADLOCK ***
[  228.072180][T10735] 
[  228.074270][T10735] 7 locks held by syz.3.1106/10735:
[  228.075612][T10735]  #0: ffff88801edae998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xfd0
[  228.078038][T10735]  #1: ffff88801edae8d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x20/0x40
[  228.080825][T10735]  #2: ffff888043a0fbc8 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x205/0x1500
[  228.083687][T10735]  #3: ffff888043a0fb38 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x214/0x1500
[  228.086489][T10735]  #4: ffff888043a0f608 (&q->q_usage_counter(io)#52){++++}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x21c/0x1500
[  228.089560][T10735]  #5: ffff888043a0f640 (&q->q_usage_counter(queue)#36){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x21c/0x1500
[  228.092701][T10735]  #6: ffff88802436c8b8 (&eq->sysfs_lock){+.+.}-{4:4}, at: elevator_disable+0xb5/0x490
[  228.095195][T10735] 
[  228.095195][T10735] stack backtrace:
[  228.096741][T10735] CPU: 0 UID: 0 PID: 10735 Comm: syz.3.1106 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  228.099521][T10735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  228.102296][T10735] Call Trace:
[  228.103175][T10735]  <TASK>
[  228.103953][T10735]  dump_stack_lvl+0x116/0x1f0
[  228.105187][T10735]  print_circular_bug+0x41c/0x610
[  228.106530][T10735]  check_noncircular+0x31a/0x400
[  228.107831][T10735]  ? __pfx_check_noncircular+0x10/0x10
[  228.109248][T10735]  ? hlock_class+0x4e/0x130
[  228.110467][T10735]  ? mark_lock+0xb5/0xc60
[  228.111600][T10735]  ? lockdep_lock+0xc6/0x200
[  228.112816][T10735]  ? __pfx_lockdep_lock+0x10/0x10
[  228.114141][T10735]  __lock_acquire+0x249e/0x3c40
[  228.115419][T10735]  ? __pfx___lock_acquire+0x10/0x10
[  228.116829][T10735]  lock_acquire.part.0+0x11b/0x380
[  228.118174][T10735]  ? blk_mq_exit_sched+0xd1/0x310
[  228.119488][T10735]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  228.120990][T10735]  ? rcu_is_watching+0x12/0xc0
[  228.122273][T10735]  ? trace_lock_acquire+0x14e/0x1f0
[  228.123646][T10735]  ? find_held_lock+0x2d/0x110
[  228.124901][T10735]  ? blk_mq_exit_sched+0xd1/0x310
[  228.126234][T10735]  ? lock_acquire+0x2f/0xb0
[  228.127431][T10735]  ? blk_mq_exit_sched+0xd1/0x310
[  228.128761][T10735]  __mutex_lock+0x19b/0xa60
[  228.129964][T10735]  ? blk_mq_exit_sched+0xd1/0x310
[  228.131328][T10735]  ? xas_find+0x2fd/0x870
[  228.132501][T10735]  ? blk_mq_exit_sched+0xd1/0x310
[  228.133828][T10735]  ? __pfx___mutex_lock+0x10/0x10
[  228.135169][T10735]  ? xa_find+0x1ca/0x370
[  228.136309][T10735]  ? __pfx_xa_find+0x10/0x10
[  228.137549][T10735]  ? elevator_disable+0xb5/0x490
[  228.138870][T10735]  ? blk_mq_exit_sched+0xd1/0x310
[  228.140185][T10735]  blk_mq_exit_sched+0xd1/0x310
[  228.141477][T10735]  ? __pfx_blk_mq_exit_sched+0x10/0x10
[  228.142918][T10735]  ? mark_held_locks+0x9f/0xe0
[  228.144191][T10735]  elevator_disable+0xc0/0x490
[  228.145455][T10735]  __blk_mq_update_nr_hw_queues+0x41e/0x1500
[  228.147050][T10735]  ? __mutex_trylock_common+0xea/0x250
[  228.148494][T10735]  ? __pfx___mutex_trylock_common+0x10/0x10
[  228.150048][T10735]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  228.151557][T10735]  ? rcu_is_watching+0x12/0xc0
[  228.152824][T10735]  ? __pfx___blk_mq_update_nr_hw_queues+0x10/0x10
[  228.154507][T10735]  ? __pfx___mutex_trylock_common+0x10/0x10
[  228.156094][T10735]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  228.157596][T10735]  ? __pfx___mutex_lock+0x10/0x10
[  228.158925][T10735]  ? trace_contention_end+0xee/0x140
[  228.160303][T10735]  ? __mutex_lock+0x1cc/0xa60
[  228.161542][T10735]  ? nbd_ioctl+0x151/0xfd0
[  228.162745][T10735]  ? __pfx___mutex_lock+0x10/0x10
[  228.164087][T10735]  blk_mq_update_nr_hw_queues+0x2a/0x40
[  228.165540][T10735]  nbd_start_device+0x15b/0xd70
[  228.166830][T10735]  ? bpf_lsm_capable+0x9/0x10
[  228.168052][T10735]  nbd_ioctl+0x21a/0xfd0
[  228.169125][T10735]  ? __pfx_nbd_ioctl+0x10/0x10
[  228.170367][T10735]  ? __pfx_lock_release+0x10/0x10
[  228.171692][T10735]  ? trace_lock_acquire+0x14e/0x1f0
[  228.173065][T10735]  ? __pfx_nbd_ioctl+0x10/0x10
[  228.174336][T10735]  compat_blkdev_ioctl+0x2f7/0x750
[  228.175682][T10735]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  228.177164][T10735]  ? __fget_files+0x206/0x3a0
[  228.178404][T10735]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  228.179906][T10735]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  228.181314][T10735]  __do_fast_syscall_32+0x73/0x120
[  228.182669][T10735]  do_fast_syscall_32+0x32/0x80
[  228.183954][T10735]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.185604][T10735] RIP: 0023:0xf7fb8579
[  228.186704][T10735] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  228.191710][T10735] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  228.193821][T10735] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ab03
[  228.195928][T10735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  228.198017][T10735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  228.200168][T10735] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  228.202272][T10735] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.204360][T10735]  </TASK>
[  228.205388][   T35] usb 9-1: device descriptor read/64, error -71
[  228.209362][   T67] block nbd3: Receive control failed (result -32)
[  228.211124][   T67] block nbd3: Receive control failed (result -32)
[  228.256000][T10741] block nbd3: shutting down sockets
[  228.325554][   T35] usb usb9-port1: attempt power cycle
[  228.825362][   T35] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  228.845713][   T35] usb 9-1: device descriptor read/8, error -71
[  229.105324][   T35] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  229.135908][   T35] usb 9-1: device descriptor read/8, error -71
[  229.255413][   T35] usb usb9-port1: unable to enumerate USB device

VM DIAGNOSIS:
07:51:08  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142075 RDI=ffffffff9a665300 RBP=ffffffff9a6652c0 RSP=ffffc90002d86f20
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000063 R14=ffffffff85142010 R15=0000000000000000
RIP=ffffffff8514209f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c398350 CR3=000000004b898000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000002 RBX=ffff888022d05c00 RCX=ffffc9002f5fe000 RDX=ffff8880231d0000
RSI=ffffffff8224eaaf RDI=ffff888022d05c00 RBP=ffff8880231d0000 RSP=ffffc90003457b78
R8 =0000000000000005 R9 =0000000000000000 R10=00000000fffffff2 R11=0000000000000b8f
R12=0000000000000000 R13=0000000000000001 R14=0000000000000001 R15=0000000000000001
RIP=ffffffff81994f31 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50b0b04 CR3=000000006f34a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
EAX=00000001 EBX=f73b3ff4 ECX=003c0000 EDX=2e620000
ESI=f7206997 EDI=ffb02394 EBP=ffb022f8 ESP=ffb02020
EIP=f70c6a7f EFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 5775d440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f70aad60 CR3=000000006f594000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000000000f6 RBX=0000000000000001 RCX=000000000000083f RDX=0000000000000000
RSI=00000000000000f6 RDI=000000000000003f RBP=0000000021fc4801 RSP=ffffc900035d7800
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffff88802b728abc
R12=0000000000000003 R13=0000000000000000 R14=0000000000000002 R15=ffffc900035d78a8
RIP=ffffffff8147b128 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000005775d4c0 CR3=000000004c274000 CR4=00352ef0
DR0=0000000000000003 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7393ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000