last executing test programs:

10.640056689s ago: executing program 1 (id=1493):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xcc, &(0x7f0000000680)=""/204, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x5, @void, @value}, 0x94)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x7, 0xe2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x219)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
syz_clone(0xa1100, &(0x7f00000000c0)="31098128cb16003a07da431b79fb5d906287ade73ff30c662f0cccc8", 0x1c, &(0x7f0000000100), &(0x7f0000000240), &(0x7f00000002c0)="0f2de38e24a92738cb91fb1f2695870367b0ac7e8daaddde38310e56159f44d334d77a988b39bd87616fe60d84e6792af68bb3086e2c37c8bd4cd91d04bcfa6dd189dbc7e68ef2a3a8b729f5d121f6978752d8fcbcd1e66cefec22c1")
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x34, 0x1407, 0x400, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000891}, 0x4)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000fa990500000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r3, 0x0, 0x1ba8847c99}, 0x38)

9.280739101s ago: executing program 1 (id=1497):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x40187013, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x2, 0x0, 0x3, 0x7fff}})
r1 = socket$rds(0x15, 0x5, 0x0)
ioctl$FIOCLEX(r1, 0x5451)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x38, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x38}}, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@mask_fadd={0x58, 0x114, 0x8, {{0xf, 0x1}, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x7, 0x3, 0x28, 0x5}}], 0x58}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
getsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1000002)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x80)
ioctl$FS_IOC_FSSETXATTR(r9, 0x401c5820, &(0x7f0000000200)={0x71e5b314, 0x3c2, 0x0, 0xffffffff})
ioctl$KVM_PRE_FAULT_MEMORY(r8, 0xc040aed5, &(0x7f0000000000)={0xdddd1000, 0x4000})
readv(r8, &(0x7f0000000680)=[{&(0x7f0000000080)=""/142, 0x8e}, {&(0x7f0000000280)=""/212, 0xd4}, {&(0x7f0000000380)=""/241, 0xf1}, {&(0x7f0000000140)=""/136, 0x88}, {&(0x7f0000000480)=""/73, 0x49}, {&(0x7f0000000500)=""/61, 0x3d}, {&(0x7f0000000540)=""/142, 0x8e}, {&(0x7f0000000600)=""/110, 0x6e}], 0x8)

6.70826549s ago: executing program 1 (id=1513):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x20007113, 0x0, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
recvmsg(r5, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000063c0)=""/4097, 0x1001}], 0x1}, 0x102)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r7, 0x0, 0x0, 0x804)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x25}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xa8}}, 0x0)

5.750594601s ago: executing program 1 (id=1517):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r2, 0x29, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000b40)='./file0\x00', 0x0, 0x2500, 0x12345})
r5 = syz_io_uring_setup(0x181e, &(0x7f0000000500)={0x0, 0xfffffffe, 0x400, 0x1, 0x24f}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x4030, 0x0, 0x0, 0x6}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
r8 = memfd_create(&(0x7f0000000740)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c\xfa\xb4q\xbb\x7fN\xd1\r%;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\x12?\xc7zL\x01\r-\x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc\xbe\xb6\xa7w\x9d\xf1\xe5V\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca', 0x4)
mmap(&(0x7f00009f1000/0x4000)=nil, 0x4000, 0x0, 0x1010, r8, 0xffffd000)
io_uring_enter(r5, 0x47bc, 0x0, 0x21, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x0, 0x4000005)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mq_open(0x0, 0x1, 0x19, 0x0)

4.900494927s ago: executing program 2 (id=1521):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f0000002500), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000026c0)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x1d6c9b1c, 0x0, 0x0, 0x0, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e22, 0x9, @empty, 0x9}}}, 0x118)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000040)={0x1, 0x2, 0x1, "ca316871937c89ca201089533ff8c1122f4f8f3b5e7f0a750ef4cee49a0f8d7c", 0x42303159})

4.809536229s ago: executing program 0 (id=1522):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000210001"], 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000000)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="9000000020", 0x5, 0x0, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='.', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000001100)={&(0x7f0000001200)=[{0x0, 0xf5ff, 0x1, &(0x7f0000000280)='\x00'}], 0x1})
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000000)={0x0, 0x3b, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x48084}, 0x20050045)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r9, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r9, 0x112, 0x7, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001240)=@nat={'nat\x00', 0x1b, 0x5, 0x5f8, 0x1fc, 0xc8, 0xffffffff, 0x2e8, 0xc8, 0x530, 0x530, 0xffffffff, 0x530, 0x530, 0x5, &(0x7f0000000300), {[{{@uncond, 0x0, 0xa4, 0xc8}, @common=@inet=@SYNPROXY={0x24, 'SYNPROXY\x00', 0x0, {0x8, 0x9, 0x7}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @local}, @mcast1, [0xffffffff, 0xffffffff, 0xffffff00, 0xffffff00], [0xff, 0xffffffff, 0xff, 0xff], 'vlan0\x00', 'vlan0\x00', {}, {0xff}, 0x0, 0x4, 0x2, 0x24}, 0x0, 0xec, 0x134, 0x0, {}, [@common=@hbh={{0x48}, {0x7, 0x6, 0x1, [0x10, 0x1000, 0x2, 0x7, 0x7, 0x5, 0xc, 0x9, 0x9, 0x6, 0x6, 0x8, 0xc81, 0x35b3, 0xfffc, 0x545d], 0xa}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x9, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv4=@multicast1, @icmp_id=0x67, @icmp_id=0x66}}}, {{@ipv6={@mcast2, @private1={0xfc, 0x1, '\x00', 0x9}, [0xff000000, 0xff000000, 0xffffffff, 0x8000007f], [0xffffff00, 0xff000000, 0xff, 0x9dc3e0d41d376efa], 'veth1_to_bond\x00', 'vcan0\x00', {}, {0xff}, 0x33, 0x21, 0x2, 0x22}, 0x0, 0xa4, 0xec}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0xb, @ipv6=@empty, @ipv4=@empty, @port=0x2, @icmp_id=0x66}}}, {{@ipv6={@loopback, @dev={0xfe, 0x80, '\x00', 0x28}, [0xff000000, 0x0, 0x205a56d750858a9f, 0xff000000], [0xffffffff, 0xffffffff, 0xff000000], 'pim6reg0\x00', 'macvlan0\x00', {}, {}, 0x5e, 0x72, 0x4, 0x4}, 0x0, 0x200, 0x248, 0x0, {}, [@common=@ipv6header={{0x24}, {0x48, 0x4}}, @common=@rt={{0x138}, {0x28, [0x0, 0x3], 0x2, 0x30, 0x1, [@mcast1, @dev={0xfe, 0x80, '\x00', 0x1e}, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, @dev={0xfe, 0x80, '\x00', 0x1a}, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @private2, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x3a}, @private0, @private2={0xfc, 0x2, '\x00', 0x1}], 0xe}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@multicast2, @icmp_id=0x67, @gre_key=0x7}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x654)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r8, @ANYBLOB="05005b"], 0x24}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r13=>0x0})
r14 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r14, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000cc0)={0x24, r12, 0x1, 0xfffffffd, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "dd"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x2c}}, 0x40020)

4.809182173s ago: executing program 2 (id=1523):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f00000000c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@call={0x85, 0x0, 0x0, 0x87}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000140)="e0b9547ed3879be9abc59b6f5bec", 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$int_in(r0, 0x5421, &(0x7f00000001c0)=0x2f)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000100)=0x8, 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f00000006c0)={@void, @void, @eth={@broadcast, @local, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x3}, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x3fffff28}, {"a0"}}}}}}}, 0x3b)
close(r0)

4.760201608s ago: executing program 0 (id=1524):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000480)={0x1, {{0xa, 0x4, 0x0, @empty}}, {{0xa, 0x4e20, 0x0, @private1={0xfc, 0x1, '\x00', 0x4}}}}, 0x104) (async)
r1 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="6c00001700010104000000000000000002000000240001801400088008000100e2770023c1a8fb2a3b0108dd0100e00000010c0002800500010000000000240002800c000280050001001d00000014000180080001080000000008000200e06d0b7042eeebb9800000000800"], 0x6c}}, 0x0) (async)
r3 = syz_open_procfs(0x0, &(0x7f0000000400)='attr/exec\x00')
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000080)='4', 0x1}], 0x1) (async)
ioctl$VIDIOC_G_PARM(r3, 0xc0cc5615, &(0x7f0000000100)={0x3, @capture={0x1000, 0x1, {0x0, 0x2}, 0x3, 0x3}})
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101}) (async)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0xfffe, 0x40, @dev={0xfe, 0x80, '\x00', 0x15}}}, {{0xa, 0x0, 0x4, @mcast2, 0x240}}}, 0x104)

4.759828396s ago: executing program 0 (id=1525):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRES8=r0, @ANYRESHEX=r0], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x20000400)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={@map=r2, 0x7, 0x0, 0x7, 0x0, 0xfffffffffffffdad, 0x0, 0x0, 0x0, 0x0}, 0x40)
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, &(0x7f0000000000)={0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="3cbf5794392b5d6f"], 0x0}, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'veth1_to_hsr\x00', &(0x7f00000012c0)=@ethtool_dump={0x40, 0x5, 0x3, 0x1000, "5823fc9db464a697e9661fc7fba8708a3ecf7bd7a839353bba4073ec0d6ae381be71e2f47c21564e2d7dc17139d2f37238a8ae92d7d172cf584d9004c0702a492f472167dabccb1f86ffd5f5c44a508308a4bfde9dc4d4d908ff621d676150c9078cb9fe27ae085392c14f392df7e2ac6e70baa07303f3939aabc497fffdc520f62c882bb7ee8f9d8fe2a07370915125121647345f21aef0e10df75f61711d299e20bda979c0d9bab167f67fd5fd31f84ec79888e8545f080a67fcbc3ea92e56318226b5e52e432c44dba1ab24bc594d429f7a183c6b0d08399093a11b28c31c0bdf3bdde628d5866147818c9ed03a68247b2ed01bb3eff9f99496f4a23c7b8e991d7d69511c1048cf69831dbf819457504ed0af7d97fa7d1f9f2a55f7d0fdd59fc1cd6e98f09535ff42b67b82d9f6a4c1b7c1146114c654493cf446b3109899363fa0f07a017012661e784da0d687cfc202b6249d0d2b59841fbab2fb157a8b23b8a779df25bf2c142b81e047fe55e6e98b8e39dea3c1c1d9ca7948bf207948b8cf6d9dc8afb5400bc55270f7a5d458f91887163ddd521ea4dad730b66cd3be67610f211042fdbdfc9b8f3fc8b4a3de816926976fce1d48276aa2f8e285b8213b918b3c8af384f6517164fba916c94de228bdb4bc521013771bc5d84788384f8632517df513a20d393510b9b0f85691a8363bc4d4943099a358585bf6478e171d432dbbf9a05b7023f5dfd0e2fff87a0cc66783c2732dca3b081ed29f016c64bb5b9f5e40d6ae6dc94c07bd62e734aebc838ab8a57fc35a533aa27dda0b0f8bc1c40276b4778b3d0310535d001e5517b4c79ae44a3ce8fe1005679dee9fe6dff2bfa06a8943a414bfa4e6b65a6b9fb95b9f8f4fb31560796c88188f4b2a801458cb7f0a5a34f2ee3f9b3cb21bb392b2f16662456e3b7f0e8e9bca12e122ee039f1b8061d309fcd91e79cf9b7b07efdb62263face5e51c06bd5fb8f7a1187daa6b3b674e467722b00977a4d0efc4322692f531fe407e871ea2160863f86e37bf7a6a5474a24befa0f5188f366999ad4b66ce67b19ea304831a3194712bcd22f4b165dfb585ad4fe1019ad72e592840dddeb6cb161059a866d81fb11e7911552afc327b4cb2059f71a6ddb4438ff84eae043673dbc94ddfe8fd5cee22e526033f8df86070e07a0524a2d4c7414d14743306f0941e29a37084d29a04f5997bacee343231eb015a84b8679422261f82f6362ec36e1e0283c1c3b4eafade8758403f7a290e2840484a60bc23039b6941cf41cb19dfe01f20893c2a33e2f0c3b44dc9f19156dd46de4de52c06e86ae968f2b106563f1d6efe6281f8d92bcab0f69313940aa01fd1a41131323e3ffff5f6ff6635f97445f20839fb7b82c064f0680ceaf6ff93faaef5bf92e3f4870008ccc730d801819252f46a937acd4946a23d5715ac75ef78f49b60001eaa705c25cfaca45dd7fd4e83a3f5764ca392bab311497b6e69f356099550fad73c1b5a35425f3853b9e7389fc219168d6bb5fccbc748d5e156b368ef6c5a191d0d169e1b3cb7ac75c9bc35051114a97cfa30be88dc2b927734ab8ebe8514937ab26ae7f592f5b9b59cb5f45f2f25bfc18666c2288be7b192ce21aef4b0f18a10bba75dc5bb06fdc205e1b3a703a39d9b5fa0dea678cc9005ce909358ab5e8c4c7e90e20e19cc01918c76a1192edd5eeb94a3d709d048e470a7c0c96113132225df90863650afefb324595334311e7eb94acd8b2a760a5732b504cf7ae5f77897b834db17831afd50584402352d044d2dae076923f7cf664c5863559b4ece890d4a69c44d9219ba3bec21d55d10a11d5fd7a11175a37a17dfc52644c5a553feedf073827ee538dc719f6833d491b3f311e0a013c96c02d9a3a72e89848f630f2f1ca11f957913aea34908510cf3f0754ab27f426c3d306912557e42e254f21543542989e6c8b90948424abce767ebecb32bd0e4f84bbcf2ec31e967faffa1cc9c76caf5ba773aece805a9ebfcd499efe7ffdd8d83c9fb94f52376c22ead28457262a0eef31aabd38099ecb937c82f302650742a5eba070033c27877fc9de745f20ebbc35a000777a7dfc5c24c23d7c70d20bd18de778f2a18c14c9a9c7f92dba1bde537ccf9b7d671119624ef032122ab79a8f890654c0c8fa7358ae1831331531618f1d115a8d6bc8b76d253fdcfc66339151abae1a6aec4dc0cf37a6f41d35c9fd79707750ab011530b184cffa1ce81ad5464eb8bcf2fdb059a1629942397e798e1a8df909cdadb2439807eef22dedd7863445cec8ec02493c1fced6df40f1fba0fa51118e28e410fa301e5d7cb3fb9d60edc9b304327733b9954513861c329ce86052657830fabd36a882a13162e37527296bd034c1c429b6e995756edb6fcfd9df9c93b75715eb2587bd34356a440a22028ca1ead23072c27ab3f4c5ca9e2913769bc5474bd9de9b6d7a7215da9cb58d0e34f41b19945c98dba733eaee883b47d82d4e5745230f975f49d401d2d3a429b8baf998abda401a5eecf4d906da03c5bb6115c66dd9805484fb9bee1fec5f7ed22c11afa187d7d54d8e66720f5a5f3bf4b6a6ad059d21e2f402598eefb1d2a2a020d12cc3c65162285fe43773886b6896ce7068820872007cf442de15145ef0104a0aff7e8333f79d5cf4c793028463cb0d776a7caad46681f0c8f8b53e6c0cc84498b30c153675469a738d6b92f2d588dc2d30cb5c7db6e6ee5052b73a3c9e25071283126b7da5cef178e23454bd971070fd0b2f0654aed7a8c48cb38687c400a37faa587c6dcf43ad0c6599af96a2b07f18328f56552e90f122b3810d5b27530b4794660ef8651b0d748edfa1f954e8b5b8a2d9a9eefb4898e0c2d95e76142014ccf7a6975a6bba4a1c6868f8fdb308ea65b6c0a5791bbddb7ff7eb6be1567ba71195d99a0107d44eda104d40c80bb4723c891a2f84240a1fcbd2f2d15630c9ec3fa94e81b1fb8ccc0b77390b80361f7fbc5e83e4efc3b12881f6523b22fae19d1341218c8bdabe953575e35685ee0d31a4886b474a911cdd39f13dc693d60f6917d246ba6b939e28f4e62e7f3bd57d4f9533b42155e80a06849075867849243189202e8ba61f29702099c130b8472c2e10e030c4bf15bdbdf3a6c00bdae1ecef49d91d6832746dae78057eaf2772251221988e69769ded9129c0513700846c73735ab9c31ffa73b4874ee62df5cb89c873889f2335a0f7cc4ed76254d922b0b8ea7a670350c880ce07cc32a93855a0b3dc141d81bce228fe8f86bc632b003fbad537e74377f3cfb2913a86048f67f240ee5d7fa8256e824664b4acf2cdd640b89d462d66b85fcb4dfaaa6b3e292e6e083374dc4e19013560cdde4aed2538e109086828d40f3eb0a60188d065f0de5c0753812ab1e110d65a83556232d5680a2ed14610332c982f735f394b9d02889cb6061d7f689d6f95f7b7e4980121ec065e6c690a15937e47ee4df818e0ef0f17949a1b38a09c23136c5e45be1020c891272d8f7364cc4c72a27586b9446fa5ff5449b683e1dec47536a73d43eabbffc6bdd53dadc4debd38612e9553540c895099a44ea7278a06d8d4074e7922cc1ad2ac4b85f41cc904a270ae732c2ffbe993bdc41970cba23871554abb42ca6d48f9105e24907b51008f255419264305db7f47fd649e4c6208f4e2762237e13be26349d5446c681d407bf6d54456a657a68bf95b76f01c6200f8bc00c408d14259332b0fda1c26b9d35b51c926c748903e2356cfc90da1efcd1a209decf4b1bc7c857d9d3d1b2bc9c55fa06ac0963a4e89da46b7fb65945726b7eb56521aa1cdcc74cc5f54af21541a2b917ee0e01837315bc2acf05de9e944a6c9e490333bebd0ac3ae5cb97b48b4ab848d2319c43fe3e0a35bf88d6cdf5d929ac93b34d4d1a6f0f17368070ef757ced7a1cd5ac8fc0393f6bf1995ef3bce8c3bcf1a42bcb9d30cae9b9d2da4d46a386f97dc87f3169e848e39c7c5aa32286c296276e8f0701d8c8ed96d181b3400fe6f95ac96a7a4c925b2ab8ec8e07194ea1b8f5b54026d7724ef292a727be36d5bd7c315c403dbcc5aae6c27467a219050ccade37a93fc9186f7673c27a40d4e2df0078437d4126e30d0f4f1d6bd908d2c1dad87599e258dff9089ea70c85a5af7fab6b23f17429aebd63cb0cd5409a4c0bc45517b354009f32778cd5622df42264b295b18043c02bc4a8312ba2b832998af97fc9de0551284a542ad5c45d2899eaa852b506241a37d80fbc007d88c551953b9e347471ac085ceb7bcfbbf366255c78e5ef405fd5b7151524a5f90e5f1b64955ea4d6ce6bc687abc4fbaee271f4c701b51a950adab4d564f4e28366705a0fd53f2be8a009fb1f66730fd116ff9529381cd0b2eeacf12d12a41ab35077c5368e26aea4166a0340305856a16cc451afc05e49095cb0281bf34149dea1b50fb9c4baba7f1c488f61f67cb68130b6bb85ab3dfa5795196cc6238ff49e1c89563829cbbb0dda8a20036b33df98bcd997f825e3fec8afcdc827e66d2cf37e8e9a91e5dda3152d569ce892a83774f2911642e108bbbe1b0a8c989dee8ce1c43efcde7586ae92c29d0356d4825d525c9b8dfb441037026e43747f0a2d3887b41a32ca88954776c2a09fa5653cc72c374e25020ffc246eb30b864f04d6e164132a1e00b2db00810e1c4a737469c3d75d288aacd3863ebd1e0fb789249c22e5982718cebba1e85670eb76efbb209ca71eb12892e206db7fe6ee0420deef49cdd6f01941cceb6a1ddd5dbc085393150a28cd653f4353d32e645fa96f41c9b75a5e45881e91747a14a68d8b11c5d61b9715554c09278d39ebe9048162fe62c769a3b77951bd19bd01696de24a5cf501a7ee2c604f92e326354a6ce54abc57b1e6b1fb7b50eddb342590121ccaba8d94db3a544c16d3422dd0c1e30173bb071fd99e079dd11118a1eb772369f31c6068ddc6b70dfd46c8f3efc9b5aa1295e1fe266b2f5d58c3b9aa295b3e3c8d0db139be2d6399ee35ac86cb90615e0370721217c68359e95717bf887f523dfddbea490f58358ed0a6745b445139e0f2b4a01c8c19e6a3741cad64440e364a1ba40a60700e2211c11160b81c70b8c3769bbbae156c70565431268b5d1bef4aefac9eab3d240c5c9227bc3bc9f38472d13d099c236934320a9df83aa19a2ad745343d78a9cc531c99c3bc0984ef5b62e016b86982076f5511485375e9e5e423f7d60e43ee5948e0a16e8dccabbe5a9af4ee77b8522fa362fe7631974c9f5dbd159312f92eab03ab4bbf36d490d5c82e101c046c46903a0e00d18dc13a294154f7e071884080498d491f1b704704e3e99d8300fe75571cef37b901c6de79e9c91546758abb0ff327834cc28249f7235612fa3aa4b84cb8058fbbd8b1a4223d59e0aba7e704a8dcd63af212d5ca82fbeadbdc58cc0d3e5514045745171de16490b58501f2691797e1f78453afc28782b55448dc82149a30fc9a5668d77abd106e28a362e7e5639172564055853e58923e5fc68e02ce57420d1f6d284d39d63df7e74b00e0e94be3e11590dca548a151a40bd1571300d0e511c84bbc028a70663b1e00a35f88332002372823c35cc7ea14f2e71fcc2ade728abd9cd8abaa096a62fe980381e12f84e2b652496ffb9c48ccfedf5a6d576433124cc0294b8b2e50d9f3f6379b719bdc43259e0b79aa3ebaa4436ab7db3c07f99b3a62cc1cd9a4e72e469284b8dca1c76c721aef37114b6f24856d085c3ca68b54155e80f8126c13fe10a08f15df0"}})
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b02, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="88010000170a0101"], 0x188}}, 0x40004)

4.73183984s ago: executing program 2 (id=1526):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x3c, r1, 0x1, 0x0, 0x0, {0x1d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xeaeb, @void, @value}, 0x94)
r3 = epoll_create(0x10000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2c2fc2, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000400)='debugfs\x00', 0x112021, &(0x7f0000000300)='usrquota\xc8\xd1TK\xbeK)\x01\xea\xd2h_G\x1d\xe99\xdc~Y\xe3W\xaa\x8aL\xbfb\x8c9\xf0\xf7\x97\x172')
chdir(&(0x7f0000000140)='./file1\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r7, 0x80000300, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000240), 0x208e24b)
fchmod(r3, 0x108)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

4.080364914s ago: executing program 3 (id=1530):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000800), 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, r1, 0x9609a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000480)=""/135)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r6 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x10, 0x20000000})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008001d00"], 0x1c}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvmmsg(r7, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000021c0)=""/4104, 0x1000}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000002c0)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000440)=""/99, 0x63}], 0x1, &(0x7f0000000680)=""/141, 0x8d}, 0x7}, {{&(0x7f00000004c0)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f0000001080)=""/67, 0xfe3f}, {&(0x7f0000000580)}, {&(0x7f0000000740)=""/78, 0x4e}], 0x3, &(0x7f0000000800)=""/84, 0x54}, 0x7}], 0x40000000000027c, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x10000)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_open_dev$video(&(0x7f00000002c0), 0x1, 0x0)
ioctl$VIDIOC_S_FMT(r9, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.608615423s ago: executing program 0 (id=1531):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000800), 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, r1, 0x9609a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000480)=""/135)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r6 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x10, 0x20000000})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008001d00"], 0x1c}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvmmsg(r7, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000021c0)=""/4104, 0x1000}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000002c0)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000440)=""/99, 0x63}], 0x1, &(0x7f0000000680)=""/141, 0x8d}, 0x7}, {{&(0x7f00000004c0)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f0000001080)=""/67, 0xfe3f}, {&(0x7f0000000580)}, {&(0x7f0000000740)=""/78, 0x4e}], 0x3, &(0x7f0000000800)=""/84, 0x54}, 0x7}], 0x40000000000027c, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x10000)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_open_dev$video(&(0x7f00000002c0), 0x1, 0x0)
ioctl$VIDIOC_S_FMT(r9, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.192006516s ago: executing program 1 (id=1532):
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000800), 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, r1, 0x9609a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000480)=""/135)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r6 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x10, 0x20000000})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008001d00"], 0x1c}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvmmsg(r7, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000021c0)=""/4104, 0x1000}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000002c0)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000440)=""/99, 0x63}], 0x1, &(0x7f0000000680)=""/141, 0x8d}, 0x7}, {{&(0x7f00000004c0)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f0000001080)=""/67, 0xfe3f}, {&(0x7f0000000580)}, {&(0x7f0000000740)=""/78, 0x4e}], 0x3, &(0x7f0000000800)=""/84, 0x54}, 0x7}], 0x40000000000027c, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x10000)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_open_dev$video(&(0x7f00000002c0), 0x1, 0x0)
ioctl$VIDIOC_S_FMT(r9, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.191738874s ago: executing program 2 (id=1533):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000180))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
io_setup(0x0, &(0x7f0000000e80))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000500)="b9fedda8c6e96fd91c3505000000", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x4c)
r1 = syz_io_uring_setup(0x37b2, &(0x7f0000000000)={0x0, 0xfba5, 0x20000, 0x0, 0x258}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_int(r2, 0x0, 0x19, 0x0, 0x0)

1.123738862s ago: executing program 3 (id=1534):
r0 = openat$vcsa(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000040)=0x7, 0x4)
socket$netlink(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x2, '\x00', 0x0, r0, 0x1, 0x8, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
io_setup(0x200, &(0x7f0000000100)=<r1=>0x0)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
io_pgetevents(r1, 0x6, 0x4, &(0x7f0000000180)=[{}, {}, {}, {}], &(0x7f0000000200)={0x77359400}, &(0x7f0000000280)={&(0x7f0000000240)={[0xffffffff, 0x7]}, 0x8})
r3 = openat$hwrng(0xffffff9c, &(0x7f00000002c0), 0x200, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_SIOCDELDLCI(r4, 0x8981, &(0x7f0000000300)={'gre0\x00', 0x1})
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000340)={0x0, 'bond_slave_1\x00', {0x1}, 0x8000})
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000380)={{0x0, 0xeeee0000, 0xb, 0x2, 0x9, 0x8, 0x81, 0x1, 0x2, 0x5, 0xe, 0x41}, {0xdddd0000, 0xf000, 0xd, 0xc2, 0x9, 0xf9, 0x80, 0x3, 0x2, 0x79, 0x4, 0x91}, {0x8080000, 0xeeee8000, 0xc, 0x40, 0x4, 0x5, 0x7f, 0x8, 0xf, 0xe0, 0x5, 0x3}, {0x4000, 0xeeee8000, 0xf, 0x5, 0x0, 0x8, 0xa7, 0x7, 0x98, 0x7, 0x1, 0x9}, {0x0, 0x4000, 0xe, 0x81, 0x3, 0x7, 0x8, 0x7f, 0x2, 0x6, 0x6, 0xe}, {0xeeef0000, 0x8080000, 0x0, 0xfe, 0x2, 0x14, 0x0, 0x5, 0xf9, 0x80, 0xd, 0x8}, {0x10000, 0xd000, 0x3, 0x4, 0xb, 0x6, 0x6, 0x0, 0x5, 0x8f, 0x3, 0x6}, {0xdddd1000, 0xf000, 0x4, 0x4, 0x8, 0x80, 0x6, 0x1, 0x61, 0x7, 0x9, 0x6}, {0xd000, 0x1ff}, {0x3000, 0x8}, 0x40012, 0x0, 0x4000, 0x40402, 0xd, 0xc000, 0x8000000, [0x7f, 0x7, 0x8, 0x7]})
r5 = dup(r0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r5, 0x40044146, &(0x7f00000004c0)=0x8)
semget(0x2, 0x4, 0x101)
r6 = openat$binder_debug(0xffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r7 = getuid()
ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000700)=<r8=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000740)={0x0, <r9=>0x0}, &(0x7f0000000780)=0xc)
statx(r5, &(0x7f00000007c0)='./file0\x00', 0x1000, 0x800, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000900)={0x0, <r11=>0x0}, &(0x7f0000000940)=0xc)
sendmmsg$unix(r5, &(0x7f0000000a00)=[{{&(0x7f0000000500)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000680)=[{&(0x7f0000000580)="e95f3e363add80ae1c1e6cb97604dfd891e9273f39f79d2bbab77f5ce53288dc8746095b2b73b4c76651939dfdc82412cebbab71f3f4f1db7fb84c7d94120302f8c7624d9538ac6caf0489bc327239c7796ca6c685038e64c09becbb96175e4b14381494855b12238cc962d1ecb2d451a82986220d38480c9a1dd6a89a643ae7facb3acc957d924e029d15e507bc6fae084928ec49b169ad88f09893086dbf625df112f18911ecb54836fdd6621c5db46655f809a50e01cec774c400380fa706c0461affaeb01eb28fe8fbc593188bb67097059e0e12218894d3d782514b08e8802685bd3a96f0427605a6c761cab710655493cc", 0xf4}], 0x1, &(0x7f0000000980)=[@rights={{0x30, 0x1, 0x1, [r0, r3, r0, r2, r5, 0xffffffffffffffff, r3, r4, r6]}}, @cred={{0x18, 0x1, 0x2, {0x0, r7}}}, @cred={{0x18, 0x1, 0x2, {r8, r9, r10}}}, @cred={{0x18, 0x1, 0x2, {0x0, r11, 0xee01}}}], 0x78, 0x4000040}}], 0x1, 0x800)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x4010, r0, 0xa181f000)
recvmmsg(r3, &(0x7f0000007480)=[{{&(0x7f0000000a40)=@nfc, 0x80, &(0x7f0000000e40)=[{&(0x7f0000000ac0)=""/176, 0xb0}, {&(0x7f0000000b80)=""/178, 0xb2}, {&(0x7f0000000c40)=""/70, 0x46}, {&(0x7f0000000cc0)=""/221, 0xdd}, {&(0x7f0000000dc0)=""/77, 0x4d}], 0x5}, 0x9fc}, {{&(0x7f0000000e80)=@l2tp, 0x80, &(0x7f0000001100)=[{&(0x7f0000000f00)=""/170, 0xaa}, {&(0x7f0000000fc0)=""/150, 0x96}, {&(0x7f0000001080)=""/119, 0x77}], 0x3, &(0x7f0000001140)=""/219, 0xdb}, 0x7}, {{&(0x7f0000001240)=@xdp, 0x80, &(0x7f00000013c0)=[{&(0x7f00000012c0)=""/115, 0x73}, {&(0x7f0000001340)=""/93, 0x5d}], 0x2, &(0x7f0000001400)=""/95, 0x5f}, 0x9}, {{&(0x7f0000001480)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f00000038c0)=[{&(0x7f0000001500)=""/125, 0x7d}, {&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f0000002580)=""/4096, 0x1000}, {&(0x7f0000003580)=""/24, 0x18}, {&(0x7f00000035c0)=""/217, 0xd9}, {&(0x7f00000036c0)=""/135, 0x87}, {&(0x7f0000003780)=""/103, 0x67}, {&(0x7f0000003800)=""/153, 0x99}], 0x8, &(0x7f0000003900)=""/4096, 0x1000}}, {{&(0x7f0000004900)=@generic, 0x80, &(0x7f0000004b80)=[{&(0x7f0000004980)=""/177, 0xb1}, {0xfffffffffffffffe}, {&(0x7f0000004a40)=""/29, 0x1d}, {&(0x7f0000004a80)=""/17, 0x11}, {&(0x7f0000004ac0)=""/145, 0x91}], 0x5, &(0x7f0000004bc0)=""/183, 0xb7}, 0x9}, {{&(0x7f0000004c80)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000006e40)=[{&(0x7f0000004d00)=""/152, 0x98}, {&(0x7f0000004dc0)=""/4096, 0x1000}, {&(0x7f0000005dc0)=""/4096, 0x1000}, {&(0x7f0000006dc0)=""/14, 0xe}, {&(0x7f0000006e00)=""/35, 0x23}], 0x5, &(0x7f0000006e80)=""/68, 0x44}, 0x8}, {{&(0x7f0000006f00)=@un=@abs, 0x80, &(0x7f0000006fc0)=[{&(0x7f0000006f80)=""/64, 0x40}], 0x1, &(0x7f0000007000)=""/30, 0x1e}, 0x3}, {{&(0x7f0000007040)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r12=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, 0x80, &(0x7f0000007340)=[{&(0x7f00000070c0)=""/90, 0x5a}, {&(0x7f0000007140)=""/51, 0x33}, {&(0x7f0000007180)=""/176, 0xb0}, {&(0x7f0000007240)=""/224, 0xe0}], 0x4, &(0x7f0000007380)=""/237, 0xed}}], 0x8, 0x40000000, &(0x7f0000007580)={0x77359400})
r13 = syz_genetlink_get_family_id$tipc2(&(0x7f0000007600), r12)
sendmsg$TIPC_NL_LINK_SET(r12, &(0x7f0000007900)={&(0x7f00000075c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000078c0)={&(0x7f0000007640)={0x260, r13, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "4c07f29867994f4e974c01bbd5e09011d2bf26b503f8a75dd3187f85d03834265b68cad8"}}]}, @TIPC_NLA_NODE={0x94, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_ID={0x88, 0x3, "821326d0ed784405a3d4270c43dbccdb87d5df4024490c1e81b0d5141b179b8d369d8fdd94b9c494637a6254986df19549f8d5553b60180b0529825eb34fa626518766f0b56ad1efdade6bd780acb16cbca9b1ca3b481710cca13de755fdfab19d86a38e780c4ca9326252c31d129461ec052c9981037a44f005d1c569f8b52f851bc235"}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0xf8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xdfb}]}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, '\x00', 0x21}, 0xb}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x9, @mcast2, 0xd9}}, {0x14, 0x2, @in={0x2, 0x4e21, @loopback}}}}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffff44}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8e}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe65}]}]}]}, 0x260}, 0x1, 0x0, 0x0, 0x20044004}, 0x4)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000007940)={@my=0x1, 0x1})
r14 = openat$sndseq(0xffffff9c, &(0x7f0000007980), 0x208000)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r14, 0x4058534c, 0x0)

928.613734ms ago: executing program 2 (id=1535):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000001280)=ANY=[@ANYBLOB="840100001800010000000000000000001d0109004d000f8025b57e35619bf282cfcd8fba0cb7f2934efacde0a223b473fe77f3e5ba760d3793b2f943b7528ea34883bc4a506cf756740574b89d396af9b59638700500000005006f88d6e1db9b2f"], 0x184}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x12000000)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r3 = dup3(r0, r2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)

718.086625ms ago: executing program 3 (id=1536):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04040a0000006d6b692252ecc162"], 0xd)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4138ae84, 0x0)

696.968877ms ago: executing program 0 (id=1537):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x40187013, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x2, 0x0, 0x3, 0x7fff}})
r1 = socket$rds(0x15, 0x5, 0x0)
ioctl$FIOCLEX(r1, 0x5451)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x38, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x38}}, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@mask_fadd={0x58, 0x114, 0x8, {{0xf, 0x1}, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x7, 0x3, 0x28, 0x5}}], 0x58}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
getsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1000002)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x80)
ioctl$FS_IOC_FSSETXATTR(r8, 0x401c5820, &(0x7f0000000200)={0x71e5b314, 0x3c2, 0x0, 0xffffffff})
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f0000000000)={0xdddd1000, 0x4000})
readv(r7, &(0x7f0000000680)=[{&(0x7f0000000080)=""/142, 0x8e}, {&(0x7f0000000280)=""/212, 0xd4}, {&(0x7f0000000380)=""/241, 0xf1}, {&(0x7f0000000140)=""/136, 0x88}, {&(0x7f0000000480)=""/73, 0x49}, {&(0x7f0000000500)=""/61, 0x3d}, {&(0x7f0000000540)=""/142, 0x8e}, {&(0x7f0000000600)=""/110, 0x6e}], 0x8)

587.738446ms ago: executing program 3 (id=1538):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1200000004000000040000000200000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000f2d083e3eab8d9acf3825e01e87561500000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$packet(0x11, 0x2, 0x300)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

497.62801ms ago: executing program 3 (id=1539):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x87}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40404}, 0x100)

497.268877ms ago: executing program 3 (id=1540):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000800), 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, r1, 0x9609a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000480)=""/135)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r6 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x10, 0x20000000})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008001d00"], 0x1c}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvmmsg(r7, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000021c0)=""/4104, 0x1000}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000002c0)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000440)=""/99, 0x63}], 0x1, &(0x7f0000000680)=""/141, 0x8d}, 0x7}, {{&(0x7f00000004c0)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f0000001080)=""/67, 0xfe3f}, {&(0x7f0000000580)}, {&(0x7f0000000740)=""/78, 0x4e}], 0x3, &(0x7f0000000800)=""/84, 0x54}, 0x7}], 0x40000000000027c, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x10000)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_open_dev$video(&(0x7f00000002c0), 0x1, 0x0)
ioctl$VIDIOC_S_FMT(r9, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})

400.176487ms ago: executing program 0 (id=1541):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x40)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x4, 0xc}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="020f000014000000000000000000000005000500000000000a0000000000000000000000000000000000000000000000000400007a2dadaa79d72771e0a1bb6add43b6c7000000000800120000000200000000000200000006000000000000008009000000000000000000000000000000000000000000006401010000000000000000000000000005000600008000000a000002ffffffffff020000000000000000000000000001000000000000000034a16ece90e8599fcca7a1afe312cbaa675b01eeb3eae5f89e737d961d0bb0d66f08664d28d3a71fff43c4d7c735c2957496253ca42c2a608531a2b9b127a87ca10a0329ab90ea067d603a9bcf9550d9b7b1da5cc7d2a256d0b199f8e4cde9cc6dcd0d39edfdec414b700e3db81f6835e978bdd89a84c162d9efc7f924f103ff03bdf1bd47c0ef4d77f73dd5a3e9d4e3c62f3f24e59947685284e72c95e2b590"], 0xa0}}, 0x400c0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x0)
r6 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
splice(r5, 0x0, r6, 0x0, 0x10000000000016, 0x0)
r7 = open(&(0x7f0000000300)='./bus\x00', 0x14103e, 0x18a)
r8 = open(&(0x7f0000000080)='./bus\x00', 0x143042, 0x83)
ftruncate(r8, 0x3000000)
sendfile(r7, r8, 0x0, 0x80000001)

139.584546ms ago: executing program 1 (id=1542):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000800), 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, r1, 0x9609a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000480)=""/135)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r6 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x10, 0x20000000})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008001d00"], 0x1c}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvmmsg(r7, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000021c0)=""/4104, 0x1000}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000002c0)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000440)=""/99, 0x63}], 0x1, &(0x7f0000000680)=""/141, 0x8d}, 0x7}, {{&(0x7f00000004c0)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f0000001080)=""/67, 0xfe3f}, {&(0x7f0000000580)}, {&(0x7f0000000740)=""/78, 0x4e}], 0x3, &(0x7f0000000800)=""/84, 0x54}, 0x7}], 0x40000000000027c, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x10000)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_open_dev$video(&(0x7f00000002c0), 0x1, 0x0)
ioctl$VIDIOC_S_FMT(r9, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})

0s ago: executing program 2 (id=1543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000001200)={0x1d, r3}, 0x18)
connect$can_j1939(r2, &(0x7f0000000080)={0x1d, r3}, 0x18)
writev(r2, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1)
setsockopt$SO_J1939_FILTER(r2, 0x6b, 0x1, &(0x7f0000000340)=[{0x1, 0x8, {0x2, 0xf0}, {0x1, 0x0, 0x1}, 0x2}], 0x20)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000380)={0x1, 0x0, [{0x27ddc99d2b6db97c, 0x34, &(0x7f00000003c0)=""/52}]})
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af04, &(0x7f0000000200))
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000000)=0xc000000)
ioperm(0x0, 0xfffc, 0x8005)
syz_usbip_server_init(0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
sendmmsg(r4, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}}, 0x0)
io_uring_setup(0x57f9, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
fcntl$dupfd(r7, 0x0, r7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[{0x6, 0x1}]})
chdir(0x0)

kernel console output (not intermixed with test programs):

107.336012][   T25] usb 5-1: USB disconnect, device number 7
[  107.345750][   T25] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  107.512387][ T7399] netlink: 12 bytes leftover after parsing attributes in process `syz.1.361'.
[  107.530989][  T831] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  107.607676][ T7402] syz.1.362[7402] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.607728][ T7402] syz.1.362[7402] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.611378][ T7402] syz.1.362[7402] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.680893][  T831] usb 8-1: Using ep0 maxpacket: 16
[  107.688007][  T831] usb 8-1: config index 0 descriptor too short (expected 9, got 0)
[  107.690335][  T831] usb 8-1: can't read configurations, error -22
[  107.820979][  T831] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  107.970909][  T831] usb 8-1: Using ep0 maxpacket: 16
[  107.974582][  T831] usb 8-1: config index 0 descriptor too short (expected 9, got 0)
[  107.976872][  T831] usb 8-1: can't read configurations, error -22
[  107.978833][  T831] usb usb8-port1: attempt power cycle
[  108.330994][  T831] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  108.352825][  T831] usb 8-1: Using ep0 maxpacket: 16
[  108.356704][  T831] usb 8-1: config index 0 descriptor too short (expected 9, got 0)
[  108.359001][  T831] usb 8-1: can't read configurations, error -22
[  108.385571][ T7418] : entered promiscuous mode
[  108.511595][  T831] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  108.544172][  T831] usb 8-1: Using ep0 maxpacket: 16
[  108.553948][  T831] usb 8-1: config index 0 descriptor too short (expected 9, got 0)
[  108.556289][  T831] usb 8-1: can't read configurations, error -22
[  108.558224][  T831] usb usb8-port1: unable to enumerate USB device
[  108.566183][ T7427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.370'.
[  108.719857][ T7436] input: syz0 as /devices/virtual/input/input19
[  109.789921][   T39] kauditd_printk_skb: 8 callbacks suppressed
[  109.789935][   T39] audit: type=1800 audit(1737082186.608:104): pid=7452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.375" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  109.946079][ T7457] autofs: Unknown parameter '
'
[  110.209181][ T7461] netlink: 12 bytes leftover after parsing attributes in process `syz.1.380'.
[  110.536543][ T7472] input: syz0 as /devices/virtual/input/input21
[  110.638198][ T7479] autofs: Unknown parameter '
'
[  110.755248][ T7482] sctp: [Deprecated]: syz.0.388 (pid 7482) Use of struct sctp_assoc_value in delayed_ack socket option.
[  110.755248][ T7482] Use struct sctp_sack_info instead
[  110.780659][ T7482] netlink: 96 bytes leftover after parsing attributes in process `syz.0.388'.
[  110.967536][ T7488] netlink: 12 bytes leftover after parsing attributes in process `syz.1.389'.
[  111.022587][ T7490] netlink: 108 bytes leftover after parsing attributes in process `syz.1.392'.
[  111.195920][ T7498] netlink: 84 bytes leftover after parsing attributes in process `syz.1.395'.
[  111.392351][ T7506] fuse: Bad value for 'fd'
[  111.441095][  T831] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  111.590883][  T831] usb 6-1: Using ep0 maxpacket: 8
[  111.602060][  T831] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  111.604939][  T831] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  111.607742][  T831] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  111.610600][  T831] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  111.614729][  T831] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  111.617341][  T831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.877474][  T831] usb 6-1: GET_CAPABILITIES returned 0
[  111.879076][  T831] usbtmc 6-1:16.0: can't read capabilities
[  111.980805][   T39] audit: type=1800 audit(1737082188.798:105): pid=7514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.399" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  112.238962][ T5974] usb 6-1: USB disconnect, device number 8
[  112.259794][ T7517] 9pnet_virtio: no channels available for device syz
[  112.794997][ T7524] netlink: 12 bytes leftover after parsing attributes in process `syz.0.401'.
[  113.041961][ T7532] input: syz0 as /devices/virtual/input/input22
[  113.225025][ T7534] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  113.309158][ T7539] fuse: Unknown parameter 'fd0xffffffffffffffff'
[  114.135179][   T39] audit: type=1800 audit(1737082190.958:106): pid=7549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.409" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  114.180739][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.410'.
[  114.278013][ T7550] FAULT_INJECTION: forcing a failure.
[  114.278013][ T7550] name failslab, interval 1, probability 0, space 0, times 0
[  114.283528][ T7550] CPU: 3 UID: 0 PID: 7550 Comm: syz.3.410 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  114.286584][ T7550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.289687][ T7550] Call Trace:
[  114.290665][ T7550]  <TASK>
[  114.291535][ T7550]  dump_stack_lvl+0x16c/0x1f0
[  114.292901][ T7550]  should_fail_ex+0x497/0x5b0
[  114.294276][ T7550]  ? fs_reclaim_acquire+0xae/0x150
[  114.295790][ T7550]  should_failslab+0xc2/0x120
[  114.297191][ T7550]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  114.298904][ T7550]  ? __alloc_skb+0x2b3/0x380
[  114.300283][ T7550]  __alloc_skb+0x2b3/0x380
[  114.301548][ T7550]  ? __pfx___alloc_skb+0x10/0x10
[  114.302973][ T7550]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  114.304441][ T7550]  netlink_ack+0x164/0xb20
[  114.305743][ T7550]  netlink_rcv_skb+0x327/0x410
[  114.307083][ T7550]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  114.308600][ T7550]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  114.310158][ T7550]  ? netlink_deliver_tap+0x1ae/0xca0
[  114.311689][ T7550]  netlink_unicast+0x53c/0x7f0
[  114.313079][ T7550]  ? __pfx_netlink_unicast+0x10/0x10
[  114.314624][ T7550]  ? __phys_addr_symbol+0x30/0x80
[  114.316123][ T7550]  ? __check_object_size+0x488/0x710
[  114.317663][ T7550]  netlink_sendmsg+0x8b8/0xd70
[  114.319064][ T7550]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.320605][ T7550]  ____sys_sendmsg+0x9ae/0xb40
[  114.322005][ T7550]  ? __pfx_____sys_sendmsg+0x10/0x10
[  114.323537][ T7550]  ? get_compat_msghdr+0x11b/0x170
[  114.325027][ T7550]  ___sys_sendmsg+0x135/0x1e0
[  114.326433][ T7550]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.327958][ T7550]  ? __pfx_lock_release+0x10/0x10
[  114.329422][ T7550]  ? trace_lock_acquire+0x14e/0x1f0
[  114.330940][ T7550]  ? __fget_files+0x206/0x3a0
[  114.332322][ T7550]  __sys_sendmsg+0x16e/0x220
[  114.333685][ T7550]  ? __pfx___sys_sendmsg+0x10/0x10
[  114.335179][ T7550]  __do_fast_syscall_32+0x73/0x120
[  114.336690][ T7550]  do_fast_syscall_32+0x32/0x80
[  114.338115][ T7550]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.339956][ T7550] RIP: 0023:0xf7fd4579
[  114.341145][ T7550] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.346707][ T7550] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  114.349096][ T7550] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  114.351386][ T7550] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.353664][ T7550] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.355951][ T7550] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.358195][ T7550] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.360472][ T7550]  </TASK>
[  114.361457][    C3] vkms_vblank_simulate: vblank timer overrun
[  114.409597][ T7554] FAULT_INJECTION: forcing a failure.
[  114.409597][ T7554] name failslab, interval 1, probability 0, space 0, times 0
[  114.417450][ T7554] CPU: 0 UID: 0 PID: 7554 Comm: syz.3.411 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  114.421443][ T7554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.425820][ T7554] Call Trace:
[  114.427099][ T7554]  <TASK>
[  114.428231][ T7554]  dump_stack_lvl+0x16c/0x1f0
[  114.430035][ T7554]  should_fail_ex+0x497/0x5b0
[  114.431838][ T7554]  ? fs_reclaim_acquire+0xae/0x150
[  114.433794][ T7554]  should_failslab+0xc2/0x120
[  114.435596][ T7554]  __kmalloc_cache_noprof+0x68/0x420
[  114.437701][ T7554]  rtnl_newlink+0x108/0x1d70
[  114.439361][ T7554]  ? hlock_class+0x4e/0x130
[  114.441012][ T7554]  ? __lock_acquire+0xcc5/0x3c40
[  114.442845][ T7554]  ? __pfx_rtnl_newlink+0x10/0x10
[  114.444348][ T7554]  ? __pfx___lock_acquire+0x10/0x10
[  114.445926][ T7554]  ? kmem_cache_free+0x152/0x4c0
[  114.447394][ T7554]  ? aa_get_newest_label+0x376/0x680
[  114.448940][ T7554]  ? find_held_lock+0x2d/0x110
[  114.450372][ T7554]  ? find_held_lock+0x2d/0x110
[  114.451794][ T7554]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  114.453291][ T7554]  ? __pfx_lock_release+0x10/0x10
[  114.454777][ T7554]  ? trace_lock_acquire+0x14e/0x1f0
[  114.456329][ T7554]  ? __pfx_rtnl_newlink+0x10/0x10
[  114.457803][ T7554]  rtnetlink_rcv_msg+0x95b/0xea0
[  114.459251][ T7554]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  114.460815][ T7554]  ? __pfx___dev_queue_xmit+0x10/0x10
[  114.461442][ T7556] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  114.462375][ T7554]  netlink_rcv_skb+0x165/0x410
[  114.462392][ T7554]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  114.462406][ T7554]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  114.469544][ T7554]  ? netlink_deliver_tap+0x1ae/0xca0
[  114.471089][ T7554]  netlink_unicast+0x53c/0x7f0
[  114.472428][ T7554]  ? __pfx_netlink_unicast+0x10/0x10
[  114.473972][ T7554]  ? __phys_addr_symbol+0x30/0x80
[  114.475408][ T7554]  ? __check_object_size+0x4a1/0x710
[  114.476922][ T7554]  netlink_sendmsg+0x8b8/0xd70
[  114.478275][ T7554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.479732][ T7554]  ____sys_sendmsg+0x9ae/0xb40
[  114.481091][ T7554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  114.482612][ T7554]  ? get_compat_msghdr+0x11b/0x170
[  114.484123][ T7554]  ___sys_sendmsg+0x135/0x1e0
[  114.485541][ T7554]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.487077][ T7554]  ? __pfx_lock_release+0x10/0x10
[  114.488538][ T7554]  ? trace_lock_acquire+0x14e/0x1f0
[  114.490068][ T7554]  ? __fget_files+0x206/0x3a0
[  114.491448][ T7554]  __sys_sendmsg+0x16e/0x220
[  114.492807][ T7554]  ? __pfx___sys_sendmsg+0x10/0x10
[  114.494317][ T7554]  __do_fast_syscall_32+0x73/0x120
[  114.495848][ T7554]  do_fast_syscall_32+0x32/0x80
[  114.497286][ T7554]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.499160][ T7554] RIP: 0023:0xf7fd4579
[  114.500358][ T7554] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.505898][ T7554] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  114.508283][ T7554] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000340
[  114.510568][ T7554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.512836][ T7554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.515126][ T7554] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.517458][ T7554] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.519702][ T7554]  </TASK>
[  114.559442][ T7563] 9pnet_virtio: no channels available for device syz
[  114.562134][ T7561] autofs: Unknown parameter '
'
[  114.586104][ T7565] FAULT_INJECTION: forcing a failure.
[  114.586104][ T7565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.591365][ T7565] CPU: 2 UID: 0 PID: 7565 Comm: syz.0.416 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  114.594181][ T7565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.597220][ T7565] Call Trace:
[  114.598152][ T7565]  <TASK>
[  114.598975][ T7565]  dump_stack_lvl+0x16c/0x1f0
[  114.600330][ T7565]  should_fail_ex+0x497/0x5b0
[  114.601654][ T7565]  strncpy_from_user+0x3b/0x2d0
[  114.603008][ T7565]  __do_sys_add_key+0xcf/0x460
[  114.604476][ T7565]  ? __pfx___do_sys_add_key+0x10/0x10
[  114.605973][ T7565]  ? ksys_write+0x1ba/0x250
[  114.607232][ T7565]  __do_fast_syscall_32+0x73/0x120
[  114.608740][ T7565]  do_fast_syscall_32+0x32/0x80
[  114.610131][ T7565]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.611859][ T7565] RIP: 0023:0xf70be579
[  114.613010][ T7565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.618543][ T7565] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  114.620888][ T7565] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000000000000
[  114.623160][ T7565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000fffffffd
[  114.625560][ T7565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.627833][ T7565] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.630109][ T7565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.632398][ T7565]  </TASK>
[  114.807635][ T7583] fuse: Bad value for 'fd'
[  115.566354][ T7610] autofs: Unknown parameter '
'
[  116.047633][ T7623] fuse: Bad value for 'fd'
[  116.797193][ T7637] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  117.219745][ T7644] autofs: Unknown parameter '
'
[  117.224253][ T7646] capability: warning: `syz.0.439' uses deprecated v2 capabilities in a way that may be insecure
[  117.508652][ T7649] input: syz1 as /devices/virtual/input/input23
[  117.574353][ T7656] random: crng reseeded on system resumption
[  117.807370][ T7651] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  118.155150][ T7660] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  118.355712][ T7679] netlink: 'syz.3.449': attribute type 12 has an invalid length.
[  118.447328][   T39] audit: type=1804 audit(1737082195.268:107): pid=7685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.450" name="/newroot/133/bus/bus" dev="overlay" ino=743 res=1 errno=0
[  118.483027][ T7685] evm: overlay not supported
[  118.520978][ T5997] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  118.580294][ T7695] fuse: Bad value for 'fd'
[  118.661031][ T5997] usb 7-1: device descriptor read/64, error -71
[  118.900940][ T5997] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  119.030902][ T5997] usb 7-1: device descriptor read/64, error -71
[  119.151207][ T5997] usb usb7-port1: attempt power cycle
[  119.490907][ T5997] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  119.511362][ T5997] usb 7-1: device descriptor read/8, error -71
[  119.606477][ T7697] Bluetooth: hci1: Opcode 0x0401 failed: -4
[  119.655163][   T39] audit: type=1804 audit(1737082196.478:108): pid=7716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.460" name="/newroot/106/bus/file0" dev="overlay" ino=617 res=1 errno=0
[  119.751064][ T5997] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  119.771387][ T5997] usb 7-1: device descriptor read/8, error -71
[  120.233049][ T5997] usb usb7-port1: unable to enumerate USB device
[  120.448170][ T7735] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  120.453896][ T7735] netlink: 'syz.1.464': attribute type 58 has an invalid length.
[  120.459151][ T7735] netlink: 20 bytes leftover after parsing attributes in process `syz.1.464'.
[  120.735523][ T7746] input: syz0 as /devices/virtual/input/input24
[  120.806395][ T7748] fuse: Bad value for 'fd'
[  120.905459][   T39] audit: type=1800 audit(1737082197.728:109): pid=7749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.468" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  121.296961][ T7752] netlink: 72 bytes leftover after parsing attributes in process `syz.2.469'.
[  121.425760][ T7763] input: syz0 as /devices/virtual/input/input25
[  121.663797][    T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  121.736515][ T7772] netlink: 24 bytes leftover after parsing attributes in process `syz.3.476'.
[  121.740657][ T7772] Bluetooth: MGMT ver 1.23
[  121.831714][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  121.841794][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.845327][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.849632][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.853812][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.857309][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.861974][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.865588][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.869091][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.873855][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.877734][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.881434][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.885784][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.889326][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.893071][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.896330][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.899468][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.903588][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.908002][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.911913][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.915444][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.920035][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.924867][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  121.925563][ T7777] fuse: Bad value for 'fd'
[  121.928325][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  121.937286][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.941523][    T9] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  121.953970][    T9] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  121.957172][    T9] usb 5-1: Product: syz
[  121.969337][    T9] usb 5-1: Manufacturer: syz
[  121.971606][    T9] usb 5-1: SerialNumber: syz
[  121.981259][    T9] usb 5-1: config 0 descriptor??
[  121.992734][    T9] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  122.376743][    C0] usb 5-1: yurex_control_callback - control failed: -2
[  122.381272][   T30] usb 5-1: USB disconnect, device number 8
[  122.384255][   T30] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  122.556270][ T7785] input: syz0 as /devices/virtual/input/input26
[  122.787725][ T7789] fuse: Bad value for 'fd'
[  123.126522][   T39] audit: type=1800 audit(1737082199.948:110): pid=7801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.484" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  123.147031][ T7802] fuse: Bad value for 'fd'
[  123.318492][ T7805] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  123.325725][ T7805] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  123.695313][ T7807] 9pnet_virtio: no channels available for device syz
[  124.306016][ T7822] fuse: Bad value for 'fd'
[  124.478546][ T7824] input: syz0 as /devices/virtual/input/input27
[  124.646871][ T7826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.490'.
[  124.650408][ T7826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.490'.
[  124.720654][ T7827] netlink: 28 bytes leftover after parsing attributes in process `syz.3.490'.
[  124.724112][ T7827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.490'.
[  124.950752][ T7830] netlink: 'syz.1.491': attribute type 9 has an invalid length.
[  124.953291][ T7830] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.491'.
[  125.084793][ T7838] netlink: 12 bytes leftover after parsing attributes in process `syz.1.494'.
[  125.439888][   T39] audit: type=1800 audit(1737082202.258:111): pid=7859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.498" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  126.092579][ T7881] input: syz0 as /devices/virtual/input/input28
[  126.487269][ T7892] binder: 7891:7892 ioctl c0306201 20000bc0 returned -14
[  126.713362][ T7896] input: syz0 as /devices/virtual/input/input29
[  126.928980][ T7907] input: syz1 as /devices/virtual/input/input30
[  127.124966][ T7910] fuse: Bad value for 'fd'
[  127.155797][ T7914] netlink: 12 bytes leftover after parsing attributes in process `syz.3.512'.
[  127.624558][ T7921] No control pipe specified
[  127.663533][ T7923] No control pipe specified
[  127.814843][ T7937] input: syz0 as /devices/virtual/input/input31
[  127.883765][ T7944] netlink: 12 bytes leftover after parsing attributes in process `syz.1.521'.
[  127.902045][ T7945] x_tables: duplicate underflow at hook 1
[  128.044700][ T7945] process 'syz.2.520' launched './file0' with NULL argv: empty string added
[  128.186206][ T7961] netlink: 24 bytes leftover after parsing attributes in process `syz.0.525'.
[  128.619495][ T7969] No control pipe specified
[  129.018280][ T7977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.531'.
[  129.092269][ T7981] syzkaller1: entered promiscuous mode
[  129.094432][ T7981] syzkaller1: entered allmulticast mode
[  129.401231][   T39] audit: type=1800 audit(1737082206.218:112): pid=7989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.530" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  130.155834][   T39] audit: type=1800 audit(1737082206.978:113): pid=7999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.537" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  130.624298][ T8022] netlink: 12 bytes leftover after parsing attributes in process `syz.3.542'.
[  131.259756][ T8037] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  131.286606][ T8038] fuse: Bad value for 'fd'
[  131.478146][ T8042] dlm: no locking on control device
[  131.720868][ T8048] netlink: 12 bytes leftover after parsing attributes in process `syz.0.553'.
[  131.730125][ T8048] netlink: 12 bytes leftover after parsing attributes in process `syz.0.553'.
[  132.003696][ T6105] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  132.172434][ T6105] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[  132.176971][ T6105] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  132.186526][ T6105] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  132.197511][ T6105] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  132.206496][ T6105] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  132.215585][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  132.228997][ T6105] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.241142][ T6105] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.270955][ T6105] usb 6-1: config 0 descriptor??
[  132.351515][ T8052] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  132.691415][ T8074] netlink: 20 bytes leftover after parsing attributes in process `syz.3.561'.
[  132.768336][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.770708][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.773019][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.775141][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.777275][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.779383][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.782342][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.784448][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.786548][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.788647][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.790798][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.793225][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.795395][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.797529][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.799725][ T6105] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  132.802689][ T6105] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  132.811882][ T6105] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  133.062516][ T8052] 9pnet_fd: Insufficient options for proto=fd
[  133.070925][ T6105] usb 6-1: USB disconnect, device number 9
[  133.145124][ T8091] netlink: 'syz.2.563': attribute type 10 has an invalid length.
[  133.147651][ T8091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.563'.
[  133.267869][ T8094] FAULT_INJECTION: forcing a failure.
[  133.267869][ T8094] name failslab, interval 1, probability 0, space 0, times 0
[  133.272723][ T8094] CPU: 3 UID: 0 PID: 8094 Comm: syz.0.565 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  133.275801][ T8094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.278923][ T8094] Call Trace:
[  133.279870][ T8094]  <TASK>
[  133.280727][ T8094]  dump_stack_lvl+0x16c/0x1f0
[  133.282101][ T8094]  should_fail_ex+0x497/0x5b0
[  133.283483][ T8094]  should_failslab+0xc2/0x120
[  133.284855][ T8094]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  133.286450][ T8094]  ? skb_clone+0x190/0x3f0
[  133.287761][ T8094]  skb_clone+0x190/0x3f0
[  133.289010][ T8094]  netlink_deliver_tap+0xafd/0xca0
[  133.290671][ T8094]  netlink_unicast+0x6b4/0x7f0
[  133.292080][ T8094]  ? __pfx_netlink_unicast+0x10/0x10
[  133.293625][ T8094]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  133.295084][ T8094]  netlink_ack+0x6a5/0xb20
[  133.296399][ T8094]  netlink_rcv_skb+0x327/0x410
[  133.297808][ T8094]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  133.299393][ T8094]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  133.300963][ T8094]  ? netlink_deliver_tap+0x1ae/0xca0
[  133.302511][ T8094]  netlink_unicast+0x53c/0x7f0
[  133.303909][ T8094]  ? __pfx_netlink_unicast+0x10/0x10
[  133.305590][ T8094]  ? __phys_addr_symbol+0x30/0x80
[  133.307184][ T8094]  ? __check_object_size+0x488/0x710
[  133.308747][ T8094]  netlink_sendmsg+0x8b8/0xd70
[  133.310190][ T8094]  ? __pfx_netlink_sendmsg+0x10/0x10
[  133.311741][ T8094]  ____sys_sendmsg+0x9ae/0xb40
[  133.313171][ T8094]  ? __pfx_____sys_sendmsg+0x10/0x10
[  133.314717][ T8094]  ? get_compat_msghdr+0x11b/0x170
[  133.316254][ T8094]  ___sys_sendmsg+0x135/0x1e0
[  133.317645][ T8094]  ? __pfx____sys_sendmsg+0x10/0x10
[  133.319155][ T8094]  ? __pfx_lock_release+0x10/0x10
[  133.320496][ T8094]  ? trace_lock_acquire+0x14e/0x1f0
[  133.322034][ T8094]  ? __fget_files+0x206/0x3a0
[  133.323489][ T8094]  __sys_sendmsg+0x16e/0x220
[  133.324901][ T8094]  ? __pfx___sys_sendmsg+0x10/0x10
[  133.326521][ T8094]  __do_fast_syscall_32+0x73/0x120
[  133.328060][ T8094]  do_fast_syscall_32+0x32/0x80
[  133.329589][ T8094]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  133.331559][ T8094] RIP: 0023:0xf70be579
[  133.332816][ T8094] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  133.338625][ T8094] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  133.341137][ T8094] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000540
[  133.343539][ T8094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  133.345940][ T8094] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  133.348300][ T8094] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  133.350697][ T8094] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  133.353080][ T8094]  </TASK>
[  133.622929][ T8097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.566'.
[  133.695040][ T8100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.567'.
[  133.747190][ T8103] netlink: 28 bytes leftover after parsing attributes in process `syz.1.568'.
[  133.800228][ T8106] tun0: tun_chr_ioctl cmd 1074025675
[  133.802772][ T8106] tun0: persist enabled
[  133.806225][ T8106] tun0: tun_chr_ioctl cmd 1074025675
[  133.808570][ T8106] tun0: persist enabled
[  134.195670][ T8128] Driver unsupported XDP return value 0 on prog  (id 124) dev N/A, expect packet loss!
[  134.207057][ T8128] hub 5-0:1.0: USB hub found
[  134.209106][ T8128] hub 5-0:1.0: 1 port detected
[  134.330935][ T6105] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  134.490905][ T6105] usb 6-1: Using ep0 maxpacket: 8
[  134.494268][ T6105] usb 6-1: config 0 has no interfaces?
[  134.496113][ T6105] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.498805][ T6105] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.502444][ T6105] usb 6-1: config 0 descriptor??
[  134.714921][   T25] usb 6-1: USB disconnect, device number 10
[  135.201023][ T8142] input: syz0 as /devices/virtual/input/input33
[  135.392378][   T39] audit: type=1800 audit(1737082212.218:114): pid=8145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.577" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  135.432631][ T8147] netlink: 12 bytes leftover after parsing attributes in process `syz.3.578'.
[  135.586988][ T8152] autofs: Unknown parameter '
'
[  135.670524][ T8154] tipc: Failed to obtain node identity
[  135.672285][ T8154] tipc: Enabling of bearer <ib:caif0> rejected, failed to enable media
[  135.721048][ T6105] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  135.882124][ T6105] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  135.886538][ T6105] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  135.889441][ T6105] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  135.892100][ T6105] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.896014][ T8150] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  135.900534][ T6105] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  135.941005][    T9] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  136.104495][ T5940] usb 8-1: USB disconnect, device number 9
[  136.125160][    T9] usb 6-1: not running at top speed; connect to a high speed hub
[  136.137305][    T9] usb 6-1: config 129 has an invalid interface number: 247 but max is 3
[  136.140195][    T9] usb 6-1: config 129 has an invalid descriptor of length 0, skipping remainder of the config
[  136.143866][    T9] usb 6-1: config 129 has 1 interface, different from the descriptor's value: 4
[  136.146604][    T9] usb 6-1: config 129 has no interface number 0
[  136.148395][    T9] usb 6-1: config 129 interface 247 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  136.151737][    T9] usb 6-1: config 129 interface 247 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  136.154789][    T9] usb 6-1: config 129 interface 247 altsetting 0 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  136.157846][    T9] usb 6-1: config 129 interface 247 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  136.162008][    T9] usb 6-1: config 129 interface 247 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  136.165504][    T9] usb 6-1: config 129 interface 247 altsetting 0 has 9 endpoint descriptors, different from the interface descriptor's value: 15
[  136.172859][    T9] usb 6-1: New USB device found, idVendor=0c26, idProduct=0012, bcdDevice=5c.3a
[  136.175547][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.177827][    T9] usb 6-1: Product: �
[  136.179705][    T9] usb 6-1: Manufacturer: à š
[  136.182446][    T9] usb 6-1: SerialNumber: Ћ
[  136.362377][ T8174] fuse: Bad value for 'fd'
[  136.393780][ T8176] autofs: Unknown parameter '
'
[  136.611234][ T8183] [U] 
[  137.095899][    T9] ftdi_sio 6-1:129.247: FTDI USB Serial Device converter detected
[  137.098702][    T9] ftdi_sio ttyUSB0: unknown device type: 0x5c3a
[  137.103102][    T9] usb 6-1: USB disconnect, device number 11
[  137.107307][    T9] ftdi_sio 6-1:129.247: device disconnected
[  137.222574][ T8200] gfs2: gfs2 mount does not exist
[  137.322693][ T8208] input: syz0 as /devices/virtual/input/input34
[  137.366910][   T39] audit: type=1326 audit(1737082214.188:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.375264][   T39] audit: type=1326 audit(1737082214.198:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.383915][   T39] audit: type=1326 audit(1737082214.198:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.390273][   T39] audit: type=1326 audit(1737082214.198:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.396566][   T39] audit: type=1326 audit(1737082214.198:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.402628][   T39] audit: type=1326 audit(1737082214.198:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.409380][   T39] audit: type=1326 audit(1737082214.208:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.427255][   T39] audit: type=1326 audit(1737082214.208:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.436380][   T39] audit: type=1326 audit(1737082214.208:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.599" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.551727][ T8214] netlink: 'syz.2.597': attribute type 10 has an invalid length.
[  137.575812][ T8214] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  137.914730][ T8224] netlink: 252 bytes leftover after parsing attributes in process `syz.1.602'.
[  137.968193][ T8233] netlink: 24 bytes leftover after parsing attributes in process `syz.3.606'.
[  137.972939][ T8233] netlink: 228 bytes leftover after parsing attributes in process `syz.3.606'.
[  137.976644][ T8233] netlink: 24 bytes leftover after parsing attributes in process `syz.3.606'.
[  138.244274][ T8247] bond0: (slave wlan1): Releasing backup interface
[  138.351668][ T8263] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'.
[  138.359373][ T8263] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'.
[  138.431026][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  138.501588][ T8268] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  138.533899][ T8270] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  138.604113][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  138.608113][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.611770][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.616067][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.620657][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.626672][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.632064][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.635657][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.639140][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.643083][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.647078][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.649624][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.653643][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.658063][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.661707][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.665940][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.669425][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.673236][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.677199][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.679930][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.682586][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.685668][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.688246][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  138.690799][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  138.694613][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.697989][    T9] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  138.701755][    T9] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  138.704945][    T9] usb 5-1: Product: syz
[  138.706633][    T9] usb 5-1: Manufacturer: syz
[  138.708465][    T9] usb 5-1: SerialNumber: syz
[  138.717770][    T9] usb 5-1: config 0 descriptor??
[  138.722955][    T9] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  138.790470][ T8284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.621'.
[  138.920381][ T8286] netlink: 92 bytes leftover after parsing attributes in process `syz.2.618'.
[  138.928628][   T25] usb 5-1: USB disconnect, device number 9
[  138.936181][   T25] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  139.124038][ T5939] Bluetooth: unknown link type 193
[  139.126894][ T5939] Bluetooth: hci0: connection err: -111
[  140.656378][ T8325] netlink: 12 bytes leftover after parsing attributes in process `syz.0.633'.
[  140.656573][ T8326] netlink: 12 bytes leftover after parsing attributes in process `syz.3.632'.
[  140.881135][ T8337] fuse: Bad value for 'fd'
[  141.150907][  T831] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  141.281371][  T831] usb 5-1: device descriptor read/64, error -71
[  141.520962][  T831] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  141.661141][  T831] usb 5-1: device descriptor read/64, error -71
[  141.781107][  T831] usb usb5-port1: attempt power cycle
[  142.124226][ T8348] 
: renamed from bond0 (while UP)
[  142.167044][ T8357] netlink: 'syz.2.643': attribute type 10 has an invalid length.
[  142.340124][  T831] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  142.372230][  T831] usb 5-1: device descriptor read/8, error -71
[  142.610923][  T831] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  142.631419][  T831] usb 5-1: device descriptor read/8, error -71
[  142.751165][  T831] usb usb5-port1: unable to enumerate USB device
[  143.569175][ T8385] 9pnet_virtio: no channels available for device syz
[  144.110103][ T8397] __nla_validate_parse: 4 callbacks suppressed
[  144.110148][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.0.653'.
[  145.170188][ T8417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.660'.
[  145.259833][ T8420] autofs: Unknown parameter '
'
[  145.628909][ T8432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.665'.
[  145.673035][ T8434] input: syz0 as /devices/virtual/input/input35
[  145.852124][ T8438] fuse: Bad value for 'fd'
[  146.293287][ T8445] netlink: 'syz.2.667': attribute type 10 has an invalid length.
[  146.308976][ T8445] netlink: 4 bytes leftover after parsing attributes in process `syz.2.667'.
[  146.378809][ T8446] can0: slcan on ttyS3.
[  146.521574][ T8449] netlink: 20 bytes leftover after parsing attributes in process `syz.1.668'.
[  146.870786][ T8462] netlink: 'syz.3.669': attribute type 2 has an invalid length.
[  146.874332][ T8462] netlink: 'syz.3.669': attribute type 1 has an invalid length.
[  147.243107][ T8441] can0 (unregistered): slcan off ttyS3.
[  147.600988][ T5974] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  147.760955][ T5974] usb 6-1: Using ep0 maxpacket: 8
[  147.764112][ T5974] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  147.768298][ T5974] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  147.772342][ T5974] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  147.776038][ T5974] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  147.780093][ T5974] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  147.783508][ T5974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.787782][ T5974] hub 6-1:1.0: bad descriptor, ignoring hub
[  147.789694][ T5974] hub 6-1:1.0: probe with driver hub failed with error -5
[  147.791993][ T5974] cdc_wdm 6-1:1.0: skipping garbage
[  147.793521][ T5974] cdc_wdm 6-1:1.0: skipping garbage
[  147.795735][ T5974] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  147.797440][ T5974] cdc_wdm 6-1:1.0: Unknown control protocol
[  148.215382][ T5996] usb 6-1: USB disconnect, device number 12
[  148.288579][ T8502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.677'.
[  148.573444][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  148.573455][   T39] audit: type=1800 audit(1737082225.398:126): pid=8506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.678" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  148.899524][ T8510] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  148.901728][ T8510] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  148.913643][ T8510] vhci_hcd vhci_hcd.0: Device attached
[  148.919465][ T8510] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14)
[  148.921460][ T8510] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  148.924365][ T8510] vhci_hcd vhci_hcd.0: Device attached
[  148.927739][ T8510] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  148.934974][ T8510] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(18)
[  148.936992][ T8510] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  148.939225][ T8510] vhci_hcd vhci_hcd.0: Device attached
[  148.942009][ T8518] 9pnet_virtio: no channels available for device syz
[  148.942777][ T8510] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  148.949294][ T8510] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  148.953500][ T8510] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  148.956655][ T8510] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  148.963060][ T8510] vhci_hcd vhci_hcd.0: port 0 already used
[  148.994701][ T8522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.681'.
[  149.111078][ T5996] vhci_hcd: vhci_device speed not set
[  149.180980][ T5996] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  149.244396][ T8513] vhci_hcd: connection closed
[  149.246476][ T8511] vhci_hcd: connection reset by peer
[  149.250579][ T1196] vhci_hcd: stop threads
[  149.257031][ T1196] vhci_hcd: release socket
[  149.259235][ T1196] vhci_hcd: disconnect device
[  149.261302][ T1196] vhci_hcd: stop threads
[  149.262541][ T1196] vhci_hcd: release socket
[  149.263451][ T8515] vhci_hcd: connection closed
[  149.264794][ T1196] vhci_hcd: disconnect device
[  149.279073][ T1196] vhci_hcd: stop threads
[  149.280367][ T1196] vhci_hcd: release socket
[  149.282027][ T1196] vhci_hcd: disconnect device
[  150.200912][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  150.350187][ T8549] syz.0.688 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  150.356777][    T9] usb 6-1: Using ep0 maxpacket: 8
[  150.359592][    T9] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  150.362385][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  150.365237][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  150.367980][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  150.370924][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  150.374629][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  150.377222][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.592810][ T8543] netlink: 28 bytes leftover after parsing attributes in process `syz.1.686'.
[  150.602873][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  150.604546][    T9] usbtmc 6-1:16.0: can't read capabilities
[  150.762369][ T8557] fuse: Bad value for 'fd'
[  150.815822][ T8543] usb 6-1: usbtmc_ioctl_clear_in_halt returned -32
[  150.820671][    T8] usb 6-1: USB disconnect, device number 13
[  150.951087][ T8559] netlink: 12 bytes leftover after parsing attributes in process `syz.2.691'.
[  151.573189][ T8577] netlink: 8 bytes leftover after parsing attributes in process `syz.1.697'.
[  151.694515][ T8578] input: syz0 as /devices/virtual/input/input36
[  151.901033][ T5939] Bluetooth: unknown link type 193
[  151.903189][ T5939] Bluetooth: hci0: connection err: -111
[  151.956802][ T8584] netlink: 24 bytes leftover after parsing attributes in process `syz.2.698'.
[  152.561370][ T8589] syzkaller0: entered allmulticast mode
[  152.630997][ T8596] fuse: Bad value for 'fd'
[  152.986083][ T8606] fuse: Bad value for 'fd'
[  153.954186][ T8624] overlayfs: failed to clone upperpath
[  154.201955][   T39] audit: type=1800 audit(1737082231.018:127): pid=8627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.710" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  154.472450][ T8632] netlink: 200 bytes leftover after parsing attributes in process `syz.1.711'.
[  154.474902][ T8636] ax25_connect(): syz.3.712 uses autobind, please contact jreuter@yaina.de
[  154.491476][ T5996] vhci_hcd: vhci_device speed not set
[  154.777764][ T8650] fuse: Bad value for 'fd'
[  155.174415][ T8665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.722'.
[  155.404121][ T8673] [U] 
[  155.460974][   T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  155.611008][   T25] usb 5-1: Using ep0 maxpacket: 8
[  155.624441][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.628507][   T25] usb 5-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  155.632564][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.638499][   T25] usb 5-1: config 0 descriptor??
[  155.645596][   T25] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  156.428759][ T5996] usb 5-1: USB disconnect, device number 14
[  156.851041][ T8699] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  156.854430][ T8699] batman_adv: batadv0: Adding interface: ip6gretap1
[  156.856635][ T8699] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.864910][ T8699] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active
[  157.151991][ T8708] fuse: Bad value for 'fd'
[  157.314343][ T8714] trusted_key: encrypted_key: master key parameter '®¦m¿fI=¬:3¾‡è)�Ù²ÉÉ`ûÖP˜zfpî|Õ%oÿ™”ø|CÎôÚÀæE1÷þ™Ÿ,ób>‹H%^U¦µ³ÂÍE4+#”T�¾' is invalid
[  157.724506][ T8727] siw: device registration error -23
[  157.746211][ T8729] FAULT_INJECTION: forcing a failure.
[  157.746211][ T8729] name failslab, interval 1, probability 0, space 0, times 0
[  157.750384][ T8729] CPU: 2 UID: 0 PID: 8729 Comm: syz.3.740 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  157.753515][ T8729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.757096][ T8729] Call Trace:
[  157.758134][ T8729]  <TASK>
[  157.759122][ T8729]  dump_stack_lvl+0x16c/0x1f0
[  157.760595][ T8729]  should_fail_ex+0x497/0x5b0
[  157.762076][ T8729]  ? fs_reclaim_acquire+0xae/0x150
[  157.763579][ T8729]  should_failslab+0xc2/0x120
[  157.764959][ T8729]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  157.766780][ T8729]  ? __pfx_tcp_current_mss+0x10/0x10
[  157.768273][ T8729]  ? __alloc_skb+0x2b3/0x380
[  157.770109][ T8729]  __alloc_skb+0x2b3/0x380
[  157.772032][ T8729]  ? __pfx___alloc_skb+0x10/0x10
[  157.774114][ T8729]  ? hlock_class+0x4e/0x130
[  157.776021][ T8729]  tcp_stream_alloc_skb+0x34/0x570
[  157.778145][ T8729]  tcp_sendmsg_locked+0xed5/0x3770
[  157.780240][ T8729]  ? __pfx___lock_acquire+0x10/0x10
[  157.782321][ T8729]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  157.784528][ T8729]  ? tcp_sendmsg+0x20/0x50
[  157.786378][ T8729]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  157.788555][ T8729]  ? mark_held_locks+0x9f/0xe0
[  157.790543][ T8729]  ? __local_bh_enable_ip+0xa4/0x120
[  157.792681][ T8729]  tcp_sendmsg+0x2e/0x50
[  157.794473][ T8729]  ? __pfx_tcp_sendmsg+0x10/0x10
[  157.796536][ T8729]  inet_sendmsg+0xb9/0x140
[  157.798403][ T8729]  __sys_sendto+0x42a/0x4f0
[  157.800345][ T8729]  ? __pfx___sys_sendto+0x10/0x10
[  157.802023][ T8729]  ? ksys_write+0x1ba/0x250
[  157.803382][ T8729]  ? __pfx_ksys_write+0x10/0x10
[  157.804831][ T8729]  __ia32_sys_sendto+0xdd/0x1b0
[  157.806339][ T8729]  ? lockdep_hardirqs_on+0x7c/0x110
[  157.808270][ T8729]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  157.810674][ T8729]  __do_fast_syscall_32+0x73/0x120
[  157.812548][ T8729]  do_fast_syscall_32+0x32/0x80
[  157.814432][ T8729]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.816809][ T8729] RIP: 0023:0xf7fd4579
[  157.818375][ T8729] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  157.826187][ T8729] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  157.829536][ T8729] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200004c0
[  157.832539][ T8729] RDX: 0000000000000001 RSI: 0000000000000805 RDI: 0000000000000000
[  157.835670][ T8729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.838813][ T8729] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  157.841984][ T8729] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.845221][ T8729]  </TASK>
[  158.310022][ T8746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.747'.
[  158.510948][  T831] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  158.525438][ T5939] Bluetooth: unknown link type 193
[  158.527495][ T5939] Bluetooth: hci0: connection err: -111
[  158.664766][  T831] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  158.669378][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.672689][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.676755][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.679675][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.682400][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.685628][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.690229][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.692969][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.696128][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.698774][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.703681][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.707344][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.710276][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.713511][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.717289][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.719932][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.724215][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.727573][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.730543][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.733400][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.736765][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.739352][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  158.742050][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  158.745169][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  158.750505][  T831] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  158.754347][  T831] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  158.757456][  T831] usb 5-1: Product: syz
[  158.758759][  T831] usb 5-1: Manufacturer: syz
[  158.760662][  T831] usb 5-1: SerialNumber: syz
[  158.765470][  T831] usb 5-1: config 0 descriptor??
[  158.771919][  T831] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  158.983695][  T831] usb 5-1: USB disconnect, device number 15
[  158.988144][  T831] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  159.202988][ T8755] netlink: 'syz.2.749': attribute type 1 has an invalid length.
[  159.205519][ T8755] netlink: 4 bytes leftover after parsing attributes in process `syz.2.749'.
[  159.382551][ T8764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.752'.
[  159.734326][ T8772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.755'.
[  159.746625][   T39] audit: type=1800 audit(1737082237.559:128): pid=8775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.756" name="file0" dev="9p" ino=42207106 res=0 errno=0
[  160.136398][ T5939] Bluetooth: unknown link type 193
[  160.138634][ T5939] Bluetooth: hci0: connection err: -111
[  160.271304][ T8792] netlink: 8 bytes leftover after parsing attributes in process `syz.3.760'.
[  160.274396][ T8792] netlink: 'syz.3.760': attribute type 30 has an invalid length.
[  160.276749][ T8792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.760'.
[  161.413245][ T8824] 9pnet_fd: Insufficient options for proto=fd
[  161.471845][ T8833] netlink: 'syz.1.768': attribute type 10 has an invalid length.
[  161.475065][ T8833] netlink: 4 bytes leftover after parsing attributes in process `syz.1.768'.
[  161.524516][ T8835] netlink: 'syz.3.776': attribute type 3 has an invalid length.
[  161.526826][ T8835] netlink: 666 bytes leftover after parsing attributes in process `syz.3.776'.
[  161.675137][ T8850] 9pnet_fd: Insufficient options for proto=fd
[  162.548837][   T39] audit: type=1800 audit(1737082240.359:129): pid=8877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.785" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  162.707929][ T5939] Bluetooth: hci2: Malformed LE Event: 0x0d
[  162.808753][ T8891] netlink: 'syz.2.793': attribute type 3 has an invalid length.
[  162.811739][ T8891] netlink: 8 bytes leftover after parsing attributes in process `syz.2.793'.
[  163.358156][ T8909] netlink: 45 bytes leftover after parsing attributes in process `syz.0.799'.
[  163.389873][ T8911] openvswitch: netlink: Actions may not be safe on all matching packets
[  163.989343][ T8946] fuse: Bad value for 'fd'
[  164.860284][ T8962] nvme_fabrics: missing parameter 'transport=%s'
[  164.864096][ T8962] nvme_fabrics: missing parameter 'nqn=%s'
[  165.386037][   T39] audit: type=1800 audit(1737082243.199:130): pid=8972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.816" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  165.930907][ T5996] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  166.081418][ T5996] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  166.085092][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.087787][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.091015][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.093672][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.096366][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.099578][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.102351][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.105036][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.108190][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.111025][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.113841][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.117641][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.120311][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.122973][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.126167][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.128803][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.131884][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.135250][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.138458][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.141287][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.144558][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.147173][ T5996] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  166.149870][ T5996] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  166.153152][ T5996] usb 5-1: config 0 interface 0 has no altsetting 0
[  166.156596][ T5996] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  166.159821][ T5996] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  166.170325][ T5996] usb 5-1: Product: syz
[  166.171789][ T5996] usb 5-1: Manufacturer: syz
[  166.173481][ T5996] usb 5-1: SerialNumber: syz
[  166.176005][ T5996] usb 5-1: config 0 descriptor??
[  166.181828][ T5996] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  166.311057][ T8990] netlink: 12 bytes leftover after parsing attributes in process `syz.2.821'.
[  166.477361][ T8996] fuse: Bad value for 'fd'
[  166.583548][ T8998] fuse: Bad value for 'fd'
[  168.087259][ T9021] netlink: 16 bytes leftover after parsing attributes in process `syz.1.828'.
[  168.547981][   T25] hid-generic 0000:0000:0000.0004: item fetching failed at offset 0/1
[  168.551545][   T25] hid-generic 0000:0000:0000.0004: probe with driver hid-generic failed with error -22
[  168.899431][   T30] usb 5-1: USB disconnect, device number 16
[  168.913691][   T30] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  169.228714][ T9042] netlink: 'syz.3.833': attribute type 10 has an invalid length.
[  169.232060][ T9042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.833'.
[  169.258208][ T9044] tipc: Started in network mode
[  169.260247][ T9044] tipc: Node identity 7, cluster identity 4711
[  169.263061][ T9044] tipc: Node number set to 7
[  169.264567][ T9044] tipc: Cannot configure node identity twice
[  169.370927][   T30] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  169.552586][   T30] usb 5-1: Using ep0 maxpacket: 8
[  169.580895][   T30] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  169.583155][   T30] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  169.585815][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  169.588528][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  169.591304][   T30] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  169.594829][   T30] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  169.597402][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.825442][   T30] usb 5-1: GET_CAPABILITIES returned 0
[  169.827149][   T30] usbtmc 5-1:16.0: can't read capabilities
[  169.966929][ T9058] netlink: 'syz.2.839': attribute type 10 has an invalid length.
[  169.969894][ T9058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.839'.
[  170.121812][ T5939] Bluetooth: hci0: command 0x0406 tx timeout
[  170.131074][ T5939] Bluetooth: hci2: command 0x0406 tx timeout
[  170.211551][ T9060] netlink: 8 bytes leftover after parsing attributes in process `syz.1.840'.
[  170.548827][  T831] usb 5-1: USB disconnect, device number 17
[  170.659067][ T5939] Bluetooth: unknown link type 193
[  170.660732][ T5939] Bluetooth: hci0: connection err: -111
[  170.829390][ T9068] input: syz0 as /devices/virtual/input/input37
[  171.481295][ T9080] netdevsim netdevsim1: Direct firmware load for .
[  171.481295][ T9080]  failed with error -2
[  171.484740][ T9080] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  171.484740][ T9080] 
[  172.363805][ T9110] netlink: 8 bytes leftover after parsing attributes in process `syz.3.853'.
[  172.429618][ T9114] netlink: 12 bytes leftover after parsing attributes in process `syz.1.855'.
[  172.806977][   T39] audit: type=1326 audit(1737082250.619:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.815616][   T39] audit: type=1326 audit(1737082250.619:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.824124][   T39] audit: type=1326 audit(1737082250.619:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.833155][   T39] audit: type=1326 audit(1737082250.619:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.845487][   T39] audit: type=1326 audit(1737082250.619:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.851780][   T39] audit: type=1326 audit(1737082250.619:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=349 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.858007][   T39] audit: type=1326 audit(1737082250.619:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.864260][   T39] audit: type=1326 audit(1737082250.619:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.870421][   T39] audit: type=1326 audit(1737082250.619:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf70be579 code=0x7ffc0000
[  172.876643][   T39] audit: type=1326 audit(1737082250.619:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9131 comm="syz.0.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  173.256170][ T9154] netlink: 'syz.2.866': attribute type 10 has an invalid length.
[  173.260127][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.2.866'.
[  173.340444][ T9155] netlink: 'syz.1.867': attribute type 10 has an invalid length.
[  173.357437][ T9155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.867'.
[  174.749784][ T9167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.871'.
[  175.886171][ T9187] netlink: 4 bytes leftover after parsing attributes in process `syz.3.876'.
[  175.888902][ T9187] batman_adv: batadv0: Removing interface: ip6gretap1
[  176.113566][ T9193] x_tables: duplicate underflow at hook 2
[  176.408715][ T9214] overlayfs: failed to resolve './file1': -2
[  176.734778][ T9227] fuse: Bad value for 'fd'
[  176.737334][ T9232] netlink: 'syz.3.892': attribute type 4 has an invalid length.
[  176.852287][ T5939] Bluetooth: hci3: command 0x0405 tx timeout
[  176.962418][ T9240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.894'.
[  177.315217][ T9252] bridge_slave_0: left allmulticast mode
[  177.317561][ T9252] bridge_slave_0: left promiscuous mode
[  177.319885][ T9252] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.326467][ T9252] bridge_slave_1: left allmulticast mode
[  177.329048][ T9252] bridge_slave_1: left promiscuous mode
[  177.332503][ T9252] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.362832][ T9252] bond0: (slave bond_slave_0): Releasing backup interface
[  177.380689][ T9252] bond0: (slave bond_slave_1): Releasing backup interface
[  177.407331][ T9252] team0: Port device team_slave_0 removed
[  177.415171][ T9252] team0: Port device team_slave_1 removed
[  177.418165][ T9252] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.421592][ T9252] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.426583][ T9252] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.429675][ T9252] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.450526][ T9252] team0: Port device netdevsim0 removed
[  177.873704][   T39] kauditd_printk_skb: 18 callbacks suppressed
[  177.873716][   T39] audit: type=1800 audit(1737082255.689:159): pid=9269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.901" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  179.026306][ T9297] netlink: 8 bytes leftover after parsing attributes in process `syz.2.911'.
[  179.038762][ T9295] fuse: Bad value for 'fd'
[  179.946096][ T9309] netlink: 8 bytes leftover after parsing attributes in process `syz.2.915'.
[  180.497555][ T9326] netlink: 'syz.2.920': attribute type 1 has an invalid length.
[  180.719694][ T9332] netlink: 20 bytes leftover after parsing attributes in process `syz.2.922'.
[  180.724003][ T9332] netlink: 'syz.2.922': attribute type 10 has an invalid length.
[  180.729458][ T9332] veth0_macvtap: left promiscuous mode
[  180.734896][ T9332] batman_adv: batadv0: Adding interface: macvtap0
[  180.736710][ T9332] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.743991][ T9332] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active
[  180.938976][ T9340] netlink: 8 bytes leftover after parsing attributes in process `syz.2.926'.
[  181.407544][ T9352] overlayfs: failed to clone upperpath
[  181.629439][ T9368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.935'.
[  181.875536][ T9372] netlink: 64 bytes leftover after parsing attributes in process `syz.1.934'.
[  182.075970][ T5939] Bluetooth: unknown link type 193
[  182.077554][ T5939] Bluetooth: hci3: connection err: -111
[  182.092047][ T9384] fuse: Bad value for 'fd'
[  182.733616][ T9392] netlink: 'syz.1.939': attribute type 5 has an invalid length.
[  183.023115][   T39] audit: type=1326 audit(1737082260.839:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9404 comm="syz.0.943" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[  183.360404][ T9417] veth1_macvtap: left promiscuous mode
[  183.381257][ T9417] macsec0: entered promiscuous mode
[  183.382943][ T9417] macsec0: entered allmulticast mode
[  184.059191][ T9432] netlink: 8 bytes leftover after parsing attributes in process `syz.3.950'.
[  184.855795][ T9449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.955'.
[  184.976320][ T9461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.959'.
[  185.226465][ T5939] Bluetooth: unknown link type 193
[  185.228122][ T5939] Bluetooth: hci3: connection err: -111
[  185.545901][ T9468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.960'.
[  185.887342][ T9481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.964'.
[  185.891670][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.964'.
[  187.067485][   T39] audit: type=1800 audit(1737082264.879:161): pid=9501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.969" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  187.276451][   T39] audit: type=1326 audit(1737082265.089:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9512 comm="syz.1.973" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x0
[  187.404064][ T9516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.974'.
[  187.517369][ T5939] Bluetooth: unknown link type 193
[  187.519568][ T5939] Bluetooth: hci2: connection err: -111
[  188.360969][ T5940] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  188.462055][ T9533] netlink: 12 bytes leftover after parsing attributes in process `syz.2.979'.
[  188.512152][ T5940] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  188.515302][ T5940] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  188.518955][ T5940] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  188.524057][ T5940] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  188.527259][ T5940] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  188.530329][ T5940] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  188.538024][ T5940] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  188.543477][ T5940] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  188.545802][ T5940] usb 6-1: Product: syz
[  188.547412][ T5940] usb 6-1: Manufacturer: syz
[  188.551205][ T9530] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  188.554028][ T5940] cdc_wdm 6-1:1.0: skipping garbage
[  188.555617][ T5940] cdc_wdm 6-1:1.0: skipping garbage
[  188.558704][ T5940] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  188.574273][ T5940] cdc_wdm 6-1:1.0: Unknown control protocol
[  188.642465][ T9538] lo speed is unknown, defaulting to 1000
[  188.644108][ T9538] lo speed is unknown, defaulting to 1000
[  188.645961][ T9538] lo speed is unknown, defaulting to 1000
[  188.651744][ T9538] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  188.660486][ T9538] lo speed is unknown, defaulting to 1000
[  188.664068][ T9538] lo speed is unknown, defaulting to 1000
[  188.666575][ T9538] lo speed is unknown, defaulting to 1000
[  188.670414][ T9538] lo speed is unknown, defaulting to 1000
[  188.692862][ T9543] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  188.765069][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  188.766982][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  188.768874][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  188.770688][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  188.772585][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  188.774409][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  188.776276][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  188.778137][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  188.779798][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  188.783649][ T5940] usb 6-1: USB disconnect, device number 14
[  189.052424][ T9560] netlink: 12 bytes leftover after parsing attributes in process `syz.2.987'.
[  190.636775][   T39] audit: type=1800 audit(1737082268.449:163): pid=9620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1003" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  190.883711][ T9625] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1008'.
[  191.606403][ T9656] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1021'.
[  191.707754][ T5939] Bluetooth: unknown link type 193
[  191.709363][ T5939] Bluetooth: hci2: connection err: -111
[  191.921133][ T9666] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1023'.
[  191.924504][ T9666] netlink: 928 bytes leftover after parsing attributes in process `syz.1.1023'.
[  191.928617][ T9666] netlink: 928 bytes leftover after parsing attributes in process `syz.1.1023'.
[  191.928674][ T9668] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1023'.
[  192.923538][ T9698] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1033'.
[  193.212815][ T9705] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  193.556560][   T39] audit: type=1804 audit(1737082271.369:164): pid=9716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1038" name="/newroot/276/bus/bus" dev="overlay" ino=1513 res=1 errno=0
[  193.558085][ T9716] Invalid ELF header magic: != ELF
[  193.642786][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  193.903466][ T9731] IPVS: set_ctl: invalid protocol: 137 224.0.0.2:20002
[  194.592344][ T9762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1051'.
[  194.793678][ T5939] Bluetooth: unknown link type 193
[  194.795417][ T5939] Bluetooth: hci0: connection err: -111
[  195.173908][ T9797] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1062'.
[  195.218812][ T9799] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1063'.
[  195.983282][ T9844] __nla_validate_parse: 1 callbacks suppressed
[  195.983322][ T9844] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1075'.
[  196.973471][ T9876] netlink: 'syz.3.1085': attribute type 10 has an invalid length.
[  196.983002][ T9876] vlan0: entered allmulticast mode
[  196.987547][ T9876] veth0_vlan: entered allmulticast mode
[  196.994318][ T9876] team0: Port device vlan0 added
[  197.039653][ T9880] bridge0: entered allmulticast mode
[  197.072397][ T9887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1090'.
[  197.196031][ T5939] Bluetooth: unknown link type 193
[  197.197560][ T5939] Bluetooth: hci2: connection err: -111
[  197.330236][ T9899] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1093'.
[  197.731251][ T9921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1100'.
[  197.834658][   T65] Bluetooth: unknown link type 193
[  197.836220][   T65] Bluetooth: hci2: connection err: -111
[  198.388359][ T9962] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  198.402120][ T9964] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.1113'.
[  199.032847][ T9980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1116'.
[  199.035530][ T9980] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1116'.
[  199.187598][ T9984] netlink: 'syz.0.1118': attribute type 2 has an invalid length.
[  199.190009][ T9984] netlink: 'syz.0.1118': attribute type 8 has an invalid length.
[  199.197568][ T9984] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1118'.
[  199.264298][ T5939] Bluetooth: hci4: sending frame failed (-49)
[  199.266684][   T65] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  199.273241][ T9991] Bluetooth: Short BCSP packet
[  199.480944][   T65] Bluetooth: hci2: command 0x0406 tx timeout
[  200.100662][ T6105] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  200.251417][ T6105] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  200.254603][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.257541][ T6105] usb 5-1: config 0 has no interfaces?
[  200.260099][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.264617][ T6105] usb 5-1: config 0 has no interfaces?
[  200.266917][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.269803][ T6105] usb 5-1: config 0 has no interfaces?
[  200.272515][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.275476][ T6105] usb 5-1: config 0 has no interfaces?
[  200.277789][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.280647][ T6105] usb 5-1: config 0 has no interfaces?
[  200.284858][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.287753][ T6105] usb 5-1: config 0 has no interfaces?
[  200.290125][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.293179][ T6105] usb 5-1: config 0 has no interfaces?
[  200.295539][ T6105] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.298400][ T6105] usb 5-1: config 0 has no interfaces?
[  200.301745][ T6105] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  200.304280][ T6105] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  200.306707][ T6105] usb 5-1: Product: syz
[  200.307886][ T6105] usb 5-1: Manufacturer: syz
[  200.309225][ T6105] usb 5-1: SerialNumber: syz
[  200.311696][ T6105] usb 5-1: config 0 descriptor??
[  200.521605][ T6105] usb 5-1: USB disconnect, device number 18
[  200.822165][   T39] audit: type=1326 audit(1737082278.639:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.828340][   T39] audit: type=1326 audit(1737082278.639:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.834658][   T39] audit: type=1326 audit(1737082278.639:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.841216][   T39] audit: type=1326 audit(1737082278.639:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.847198][   T39] audit: type=1326 audit(1737082278.639:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.854418][   T39] audit: type=1326 audit(1737082278.639:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.926878][   T39] audit: type=1326 audit(1737082278.739:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.933007][   T39] audit: type=1326 audit(1737082278.739:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.952821][   T39] audit: type=1326 audit(1737082278.769:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  200.955790][T10039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1135'.
[  200.959902][   T39] audit: type=1326 audit(1737082278.769:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.2.1135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  201.049393][T10049] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1139'.
[  201.227431][T10061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1144'.
[  201.333452][   T65] Bluetooth: unknown link type 193
[  201.335013][   T65] Bluetooth: hci2: connection err: -111
[  201.463085][T10071] netlink: 'syz.3.1143': attribute type 10 has an invalid length.
[  201.466090][T10071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1143'.
[  202.186794][T10078] netlink: 'syz.0.1149': attribute type 1 has an invalid length.
[  202.199096][T10078] 8021q: adding VLAN 0 to HW filter on device bond1
[  202.212315][T10078] bond1: (slave bridge19): making interface the new active one
[  202.215963][T10078] bond1: (slave bridge19): Enslaving as an active interface with an up link
[  202.473519][T10093] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1153'.
[  202.507465][T10095] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1154'.
[  202.510157][T10095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1154'.
[  202.540903][T10097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1155'.
[  202.638130][   T65] Bluetooth: unknown link type 193
[  202.640418][   T65] Bluetooth: hci3: connection err: -111
[  203.343711][T10110] 9pnet_virtio: no channels available for device syz
[  203.526835][T10113] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1159'.
[  203.612906][T10117] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1161'.
[  203.649515][T10119] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1163'.
[  203.702670][T10126] program syz.0.1165 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  203.758423][T10129] input: syz0 as /devices/virtual/input/input39
[  203.770280][T10129] syz_tun: entered allmulticast mode
[  203.773867][T10129] syz_tun: left allmulticast mode
[  204.769481][T10154] fuse: Unknown parameter 'group_z’Ï„d'
[  205.590280][   T65] Bluetooth: unknown link type 193
[  205.592989][   T65] Bluetooth: hci2: connection err: -111
[  205.640896][   T65] Bluetooth: hci2: command 0x0406 tx timeout
[  205.671076][   T25] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  205.861513][   T25] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  205.864734][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  205.867427][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  205.870318][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  205.873475][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  205.876191][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  205.878988][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  205.882426][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  205.885018][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  205.887790][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  205.890379][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  205.893268][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  205.896127][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  205.898771][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  206.249417][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  206.252322][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  206.255278][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  206.257948][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  206.260970][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  206.263603][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  206.266225][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  206.269083][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  206.271838][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  206.274401][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  206.277566][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  206.281608][   T25] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  206.284253][   T25] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  206.286636][   T25] usb 6-1: Product: syz
[  206.287804][   T25] usb 6-1: Manufacturer: syz
[  206.289123][   T25] usb 6-1: SerialNumber: syz
[  206.291657][   T25] usb 6-1: config 0 descriptor??
[  206.294518][   T25] yurex 6-1:0.0: Could not find endpoints
[  206.498035][   T25] usb 6-1: USB disconnect, device number 15
[  206.749545][T10216] netlink: 'syz.3.1190': attribute type 10 has an invalid length.
[  206.752426][T10216] __nla_validate_parse: 3 callbacks suppressed
[  206.752435][T10216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1190'.
[  207.235313][T10220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1194'.
[  207.239547][   T65] Bluetooth: unknown link type 193
[  207.242044][   T65] Bluetooth: hci0: connection err: -111
[  207.620916][   T30] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  207.791015][   T30] usb 6-1: Using ep0 maxpacket: 8
[  207.795683][   T30] usb 6-1: config index 0 descriptor too short (expected 25439, got 45)
[  207.799077][   T30] usb 6-1: config 0 has too many interfaces: 109, using maximum allowed: 32
[  207.802145][   T30] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  207.806015][   T30] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 109
[  207.809155][   T30] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  207.812695][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.821841][   T30] usb 6-1: config 0 descriptor??
[  207.881050][ T6120] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  208.037646][    T9] usb 6-1: USB disconnect, device number 16
[  208.051496][ T6120] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  208.055513][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.058676][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.062607][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.065959][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.069295][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.073110][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.076426][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.079264][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.082947][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.085884][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.089256][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.093079][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.096153][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.099536][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.102489][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.105100][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.108105][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.111381][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.114699][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.117276][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.119999][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.122610][ T6120] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  208.125095][ T6120] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  208.127795][ T6120] usb 5-1: config 0 interface 0 has no altsetting 0
[  208.131926][ T6120] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  208.134473][ T6120] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  208.136781][ T6120] usb 5-1: Product: syz
[  208.137982][ T6120] usb 5-1: Manufacturer: syz
[  208.139303][ T6120] usb 5-1: SerialNumber: syz
[  208.141771][ T6120] usb 5-1: config 0 descriptor??
[  208.145137][ T6120] yurex 5-1:0.0: Could not find endpoints
[  208.347751][ T6120] usb 5-1: USB disconnect, device number 19
[  208.536008][T10247] fuse: Unknown parameter 'group_z’Ï„d'
[  209.616485][T10273] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1211'.
[  210.403080][T10281] cgroup: fork rejected by pids controller in /syz1
[  210.466214][T10321] IPVS: Error joining to the multicast group
[  210.629852][T10332] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1221'.
[  210.697634][T10335] fuse: Unknown parameter '0xffffffffffffffff'
[  210.875077][T10345] syz_tun: entered allmulticast mode
[  210.877236][T10345] syz_tun: left allmulticast mode
[  210.891392][T10341] nbd1: detected capacity change from 0 to 22
[  210.903122][T10335] block nbd1: shutting down sockets
[  210.920243][ T6186] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  210.923494][ T6186] Buffer I/O error on dev nbd1, logical block 0, async page read
[  210.925984][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  210.928786][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.032090][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.035671][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.037993][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.040447][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.042962][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.045453][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.049280][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.052833][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.055051][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.057610][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.059823][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.062572][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.064724][ T6206] ldm_validate_partition_table(): Disk read failed.
[  211.066596][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.069174][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.072439][ T6206] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.075034][ T6206] Buffer I/O error on dev nbd1, logical block 0, async page read
[  211.084139][ T6206] Dev nbd1: unable to read RDB block 0
[  211.085798][ T6206]  nbd1: unable to read partition table
[  211.087405][ T6206] nbd1: partition table beyond EOD, truncated
[  211.130000][ T6206] ldm_validate_partition_table(): Disk read failed.
[  211.133145][ T6206] Dev nbd1: unable to read RDB block 0
[  211.134997][ T6206]  nbd1: unable to read partition table
[  211.136914][ T6206] nbd1: partition table beyond EOD, truncated
[  211.381871][T10360] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1230'.
[  211.430391][   T65] Bluetooth: hci3: unexpected event for opcode 0x1407
[  211.620008][T10373] program syz.0.1234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  211.675798][T10379] input: syz0 as /devices/virtual/input/input40
[  211.686667][T10379] syz_tun: entered allmulticast mode
[  211.688829][T10379] syz_tun: left allmulticast mode
[  211.807892][   T65] Bluetooth: unknown link type 193
[  211.809524][   T65] Bluetooth: hci3: connection err: -111
[  211.847010][T10387] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1239'.
[  212.111118][T10394] mmap: syz.0.1241 (10394) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  212.388339][T10410] program syz.0.1247 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  212.443933][T10414] input: syz0 as /devices/virtual/input/input41
[  212.449762][T10414] syz_tun: entered allmulticast mode
[  212.451969][T10414] syz_tun: left allmulticast mode
[  212.611202][T10416] /dev/sr0: Can't open blockdev
[  212.678855][T10420] input: syz0 as /devices/virtual/input/input42
[  212.794299][T10432] fuse: Bad value for 'fd'
[  213.103723][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.109142][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.112367][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.115020][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.117679][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.120339][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.124237][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.126887][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.129529][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'.
[  213.266970][T10449] program syz.0.1259 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  213.322923][T10450] input: syz0 as /devices/virtual/input/input43
[  213.331086][T10450] syz_tun: entered allmulticast mode
[  213.333147][T10450] syz_tun: left allmulticast mode
[  213.535992][T10458] unsupported nlmsg_type 40
[  213.820334][   T39] kauditd_printk_skb: 19 callbacks suppressed
[  213.820350][   T39] audit: type=1326 audit(1737082291.629:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.831179][   T39] audit: type=1326 audit(1737082291.629:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.839440][   T39] audit: type=1326 audit(1737082291.639:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.850960][   T39] audit: type=1326 audit(1737082291.639:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.859221][   T39] audit: type=1326 audit(1737082291.639:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.867510][   T39] audit: type=1326 audit(1737082291.639:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.875743][   T39] audit: type=1326 audit(1737082291.639:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.883250][   T39] audit: type=1326 audit(1737082291.639:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.894231][   T39] audit: type=1326 audit(1737082291.639:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  213.903083][   T39] audit: type=1326 audit(1737082291.639:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000
[  214.305940][T10477] program syz.1.1268 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  214.364028][T10478] input: syz0 as /devices/virtual/input/input44
[  214.380379][T10478] syz_tun: entered allmulticast mode
[  214.383532][T10478] syz_tun: left allmulticast mode
[  214.700943][   T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  214.765610][T10486] fuse: Bad value for 'fd'
[  214.851393][   T25] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  214.854479][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.857041][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.860357][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.863445][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.866078][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.868595][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.871904][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.874619][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.877202][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.879745][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.882909][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.885690][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.888245][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.891464][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.894658][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.897574][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.900271][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.903012][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.907557][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.910433][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.913963][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.916589][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.919620][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.924272][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.926938][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.929492][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.933918][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.936847][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.939473][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  214.944074][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  214.947262][   T25] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  214.950259][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  214.954546][   T25] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  214.957491][   T25] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  214.959854][   T25] usb 6-1: Product: syz
[  214.962270][   T25] usb 6-1: Manufacturer: syz
[  214.963687][   T25] usb 6-1: SerialNumber: syz
[  214.968562][   T25] usb 6-1: config 0 descriptor??
[  214.973761][   T25] yurex 6-1:0.0: Could not submitting URB
[  214.976210][   T25] yurex 6-1:0.0: probe with driver yurex failed with error -5
[  215.176101][   T25] usb 6-1: USB disconnect, device number 17
[  215.491070][   T65] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  215.494602][   T65] Bluetooth: hci3: Injecting HCI hardware error event
[  215.499111][ T5939] Bluetooth: hci3: hardware error 0x00
[  215.925429][T10515] lo speed is unknown, defaulting to 1000
[  216.098199][T10523] fuse: Bad value for 'fd'
[  216.150932][   T25] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[  216.303091][   T25] usb 6-1: too many endpoints for config 1 interface 0 altsetting 253: 68, using maximum allowed: 30
[  216.306491][   T25] usb 6-1: config 1 interface 0 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 68
[  216.310303][   T25] usb 6-1: config 1 interface 0 has no altsetting 0
[  216.316934][   T25] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  216.319846][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.322780][   T25] usb 6-1: Product: syz
[  216.324001][   T25] usb 6-1: Manufacturer: syz
[  216.325453][   T25] usb 6-1: SerialNumber: syz
[  216.965257][T10537] fuse: Bad value for 'fd'
[  217.349953][T10538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.352521][T10538] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.561027][ T5939] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  217.993233][T10544] __nla_validate_parse: 12 callbacks suppressed
[  217.993244][T10544] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1286'.
[  218.402921][T10559] fuse: Bad value for 'fd'
[  218.942522][   T25] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  218.960090][   T25] usb 6-1: USB disconnect, device number 18
[  218.965671][   T25] usblp0: removed
[  219.265535][T10577] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1298'.
[  219.363244][T10579] program syz.0.1299 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  219.422130][T10595] input: syz0 as /devices/virtual/input/input45
[  219.480193][T10593] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1302'.
[  219.656240][T10611] fuse: Bad value for 'fd'
[  220.754487][T10635] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1310'.
[  220.853601][T10642] program syz.0.1312 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  220.923286][T10649] input: syz0 as /devices/virtual/input/input46
[  221.662839][ T5939] Bluetooth: unknown link type 193
[  221.665008][ T5939] Bluetooth: hci2: connection err: -111
[  221.716661][T10675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1323'.
[  221.720941][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1323'.
[  221.946303][T10694] bridge25: entered promiscuous mode
[  221.948102][T10694] bridge25: entered allmulticast mode
[  221.967713][T10694] team0: Port device bridge25 added
[  223.080261][T10735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1341'.
[  223.082965][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1341'.
[  223.115171][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1341'.
[  223.685996][T10708] fuse: Bad value for 'fd'
[  224.013423][   T39] kauditd_printk_skb: 264 callbacks suppressed
[  224.013455][   T39] audit: type=1800 audit(1737082301.789:468): pid=10757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1345" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  225.093538][T10776] pim6reg: entered allmulticast mode
[  225.096861][T10776] pim6reg: left allmulticast mode
[  225.756203][ T6105] sched: DL replenish lagged too much
[  225.905418][T10797] 9pnet_virtio: no channels available for device syz
[  226.066863][   T39] audit: type=1800 audit(1737082303.879:469): pid=10803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1358" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  227.026319][T10830] fuse: Bad value for 'fd'
[  227.028531][T10831] xt_CT: You must specify a L4 protocol and not use inversions on it
[  227.387760][   T39] audit: type=1800 audit(1737082305.199:470): pid=10845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1370" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  228.029714][T10852] netlink: 'syz.3.1373': attribute type 10 has an invalid length.
[  228.036395][T10852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1373'.
[  228.298052][T10856] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1375'.
[  228.310402][T10859] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1374'.
[  228.427466][T10867] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1379'.
[  228.488944][ T5939] Bluetooth: hci0: unexpected event for opcode 0x202d
[  228.541376][T10877] Bluetooth: MGMT ver 1.23
[  228.962634][T10884] fuse: Bad value for 'fd'
[  229.495722][T10893] input: syz0 as /devices/virtual/input/input47
[  229.650651][T10901] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1390'.
[  229.722567][T10905] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1391'.
[  230.218792][T10912] netlink: set zone limit has 4 unknown bytes
[  230.592743][T10921] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  230.894160][T10933] fuse: Bad value for 'fd'
[  231.318034][T10951] netlink: 'syz.0.1409': attribute type 10 has an invalid length.
[  231.426542][T10953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1409'.
[  231.668706][T10951] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  231.804096][T10953] bond0: (slave bridge0): Releasing backup interface
[  232.483647][T10979] 
: entered promiscuous mode
[  232.899727][ T5939] Bluetooth: unknown link type 193
[  232.901464][ T5939] Bluetooth: hci0: connection err: -111
[  233.137121][T10995] netlink: 'syz.1.1418': attribute type 4 has an invalid length.
[  233.154363][T10995] netlink: 'syz.1.1418': attribute type 4 has an invalid length.
[  233.193451][T10997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1419'.
[  233.961992][T11010] fuse: Bad value for 'fd'
[  234.455918][ T5939] Bluetooth: unknown link type 193
[  234.457466][ T5939] Bluetooth: hci0: connection err: -111
[  234.546260][T11033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1429'.
[  234.656742][T11032] input: syz0 as /devices/virtual/input/input48
[  234.964083][T11047] program syz.1.1441 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.029632][T11048] input: syz0 as /devices/virtual/input/input49
[  235.061401][T11049] netlink: 'syz.2.1432': attribute type 4 has an invalid length.
[  235.076078][   T35] lo speed is unknown, defaulting to 1000
[  235.088822][T11049] netlink: 'syz.2.1432': attribute type 4 has an invalid length.
[  235.106211][ T6105] lo speed is unknown, defaulting to 1000
[  235.585773][T11054] netlink: 'syz.1.1434': attribute type 10 has an invalid length.
[  235.590632][T11054] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1434'.
[  235.779920][T11069] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1440'.
[  236.625325][T11096] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1450'.
[  236.769339][T11100] fuse: Bad value for 'fd'
[  237.114626][T11104] netlink: 'syz.0.1452': attribute type 4 has an invalid length.
[  237.148557][T11104] netlink: 'syz.0.1452': attribute type 4 has an invalid length.
[  237.486932][ T6120] IPVS: starting estimator thread 0...
[  237.580920][T11112] IPVS: using max 39 ests per chain, 93600 per kthread
[  237.636405][ T5939] Bluetooth: unknown link type 193
[  237.637961][ T5939] Bluetooth: hci2: connection err: -111
[  237.707374][T11124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1461'.
[  237.719603][T11124] syz.2.1461: vmalloc error: size 6819840, failed to allocated page array size 13320, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  237.728076][T11124] CPU: 1 UID: 0 PID: 11124 Comm: syz.2.1461 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  237.732363][T11124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  237.736736][T11124] Call Trace:
[  237.738086][T11124]  <TASK>
[  237.739297][T11124]  dump_stack_lvl+0x16c/0x1f0
[  237.741285][T11124]  warn_alloc+0x24d/0x3a0
[  237.742913][T11124]  ? __pfx_warn_alloc+0x10/0x10
[  237.744757][T11124]  ? __get_vm_area_node+0x1b0/0x2f0
[  237.746694][T11124]  ? __get_vm_area_node+0x1dc/0x2f0
[  237.748672][T11124]  __vmalloc_node_range_noprof+0x1105/0x1530
[  237.750740][T11124]  ? compat_do_replace+0x1ae/0x750
[  237.752234][T11124]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  237.754072][T11124]  ? compat_do_replace+0x1ae/0x750
[  237.755605][T11124]  vmalloc_noprof+0x6b/0x90
[  237.757058][T11124]  ? compat_do_replace+0x1ae/0x750
[  237.758546][T11124]  compat_do_replace+0x1ae/0x750
[  237.760026][T11124]  ? lock_acquire.part.0+0x11b/0x380
[  237.761570][T11124]  ? __pfx_compat_do_replace+0x10/0x10
[  237.763144][T11124]  ? aa_get_newest_label+0x376/0x680
[  237.764697][T11124]  ? __pfx_aa_get_newest_label+0x10/0x10
[  237.766236][T11124]  ? bpf_lsm_capable+0x9/0x10
[  237.767605][T11124]  ? security_capable+0x7e/0x260
[  237.769050][T11124]  do_ebt_set_ctl+0x4af/0x580
[  237.770420][T11124]  ? sockopt_release_sock+0x52/0x60
[  237.771938][T11124]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  237.773460][T11124]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  237.775031][T11124]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  237.776767][T11124]  nf_setsockopt+0x8a/0xf0
[  237.778065][T11124]  ip_setsockopt+0xcb/0xf0
[  237.779369][T11124]  ipv6_setsockopt+0x155/0x170
[  237.780764][T11124]  udpv6_setsockopt+0x7d/0xd0
[  237.782142][T11124]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  237.783913][T11124]  do_sock_setsockopt+0x222/0x480
[  237.785394][T11124]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  237.786990][T11124]  ? lock_acquire+0x2f/0xb0
[  237.788313][T11124]  __sys_setsockopt+0x1a0/0x230
[  237.789737][T11124]  __ia32_sys_setsockopt+0xbc/0x160
[  237.791241][T11124]  ? lockdep_hardirqs_on+0x7c/0x110
[  237.792869][T11124]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  237.794765][T11124]  __do_fast_syscall_32+0x73/0x120
[  237.796249][T11124]  do_fast_syscall_32+0x32/0x80
[  237.797664][T11124]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  237.799483][T11124] RIP: 0023:0xf7fa6579
[  237.800676][T11124] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  237.806171][T11124] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  237.808613][T11124] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  237.810904][T11124] RDX: 0000000000000080 RSI: 0000000020000300 RDI: 0000000000000280
[  237.813180][T11124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  237.815473][T11124] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  237.817740][T11124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  237.820071][T11124]  </TASK>
[  237.826392][T11124] Mem-Info:
[  237.827376][T11124] active_anon:19640 inactive_anon:274 isolated_anon:0
[  237.827376][T11124]  active_file:19033 inactive_file:19400 isolated_file:0
[  237.827376][T11124]  unevictable:1768 dirty:399 writeback:0
[  237.827376][T11124]  slab_reclaimable:8121 slab_unreclaimable:58526
[  237.827376][T11124]  mapped:31874 shmem:14974 pagetables:934
[  237.827376][T11124]  sec_pagetables:308 bounce:0
[  237.827376][T11124]  kernel_misc_reclaimable:0
[  237.827376][T11124]  free:40697 free_pcp:3770 free_cma:0
[  237.840658][T11124] Node 0 active_anon:6092kB inactive_anon:1052kB active_file:240kB inactive_file:7964kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5200kB dirty:68kB writeback:0kB shmem:5692kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9992kB pagetables:1196kB sec_pagetables:1144kB all_unreclaimable? yes
[  237.850018][T11124] Node 1 active_anon:72468kB inactive_anon:44kB active_file:75892kB inactive_file:69636kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:122296kB dirty:1528kB writeback:0kB shmem:54204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2916kB pagetables:2540kB sec_pagetables:88kB all_unreclaimable? no
[  237.861185][T11124] Node 0 DMA free:2976kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:328kB inactive_anon:48kB active_file:100kB inactive_file:4kB unevictable:0kB writepending:64kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:208kB local_pcp:32kB free_cma:0kB
[  237.869243][T11124] lowmem_reserve[]: 0 273 0 0 0
[  237.870684][T11124] Node 0 DMA32 free:18260kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:5764kB inactive_anon:1004kB active_file:140kB inactive_file:7960kB unevictable:3536kB writepending:4kB present:1032196kB managed:306308kB mlocked:0kB bounce:0kB free_pcp:960kB local_pcp:460kB free_cma:0kB
[  237.879395][T11124] lowmem_reserve[]: 0 0 0 0 0
[  237.881009][T11124] Node 1 DMA32 free:139932kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:72368kB inactive_anon:44kB active_file:75892kB inactive_file:69636kB unevictable:3536kB writepending:1528kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:14352kB local_pcp:120kB free_cma:0kB
[  237.890022][T11124] lowmem_reserve[]: 0 0 0 0 0
[  237.891677][T11124] Node 0 DMA: 10*4kB (U) 29*8kB (UE) 34*16kB (UE) 67*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2960kB
[  237.895941][T11124] Node 0 DMA32: 192*4kB (UMEH) 30*8kB (UH) 11*16kB (UMEH) 98*32kB (UMH) 71*64kB (UMEH) 15*128kB (UME) 5*256kB (UM) 2*512kB (ME) 3*1024kB (M) 1*2048kB (M) 0*4096kB = 18208kB
[  237.901214][T11124] Node 1 DMA32: 13*4kB (UME) 53*8kB (UME) 42*16kB (UME) 237*32kB (UME) 195*64kB (UME) 43*128kB (UME) 47*256kB (UME) 16*512kB (UME) 16*1024kB (UM) 14*2048kB (UM) 12*4096kB (UM) = 141148kB
[  237.906562][T11124] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  237.909367][T11124] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  237.915538][T11124] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  237.919226][T11124] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  237.922148][T11124] 53409 total pagecache pages
[  237.923534][T11124] 0 pages in swap cache
[  237.924794][T11124] Free swap  = 124612kB
[  237.925994][T11124] Total swap = 124996kB
[  237.927199][T11124] 524155 pages RAM
[  237.928282][T11124] 0 pages HighMem/MovableOnly
[  237.929643][T11124] 206675 pages reserved
[  237.935089][T11124] 0 pages cma reserved
[  238.000977][T11137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1465'.
[  238.115086][ T5939] Bluetooth: unknown link type 193
[  238.116771][ T5939] Bluetooth: hci2: connection err: -111
[  238.394947][T11155] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  238.396905][T11155] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  238.399211][T11155] vhci_hcd vhci_hcd.0: Device attached
[  238.474912][T11168] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1473'.
[  238.601192][    T9] vhci_hcd: vhci_device speed not set
[  238.661270][    T9] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  238.990964][T11161] vhci_hcd: connection reset by peer
[  238.994121][ T8254] vhci_hcd: stop threads
[  238.995957][ T8254] vhci_hcd: release socket
[  239.000959][ T8254] vhci_hcd: disconnect device
[  239.024466][ T5939] Bluetooth: unknown link type 193
[  239.026548][ T5939] Bluetooth: hci2: connection err: -111
[  239.040304][T11178] overlay: Unknown parameter 'obj_type'
[  239.047189][T11178] fuse: Bad value for 'fd'
[  239.357060][T11190] netlink: 'syz.2.1482': attribute type 10 has an invalid length.
[  239.360134][T11190] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1482'.
[  239.893455][T11212] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1490'.
[  240.875818][   T39] audit: type=1326 audit(1737082318.689:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.884307][   T39] audit: type=1326 audit(1737082318.689:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.892851][   T39] audit: type=1326 audit(1737082318.689:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.902312][   T39] audit: type=1326 audit(1737082318.689:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.910448][   T39] audit: type=1326 audit(1737082318.689:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.919513][   T39] audit: type=1326 audit(1737082318.699:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.928777][   T39] audit: type=1326 audit(1737082318.699:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.937161][   T39] audit: type=1326 audit(1737082318.699:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.943309][   T39] audit: type=1326 audit(1737082318.709:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  240.949376][   T39] audit: type=1326 audit(1737082318.709:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11203 comm="syz.3.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000
[  243.074263][T11257] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1499'.
[  244.167107][T11271] fuse: Bad value for 'rootmode'
[  244.427731][T11286] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1509'.
[  245.562897][    T9] vhci_hcd: vhci_device speed not set
[  246.426242][T11322] fuse: Bad value for 'rootmode'
[  246.786833][ T6120] libceph: connect (1)[c::]:6789 error -13
[  246.881280][ T6120] libceph: mon0 (1)[c::]:6789 connect error
[  247.201739][T11324] ceph: No mds server is up or the cluster is laggy
[  247.222413][ T6120] libceph: connect (1)[c::]:6789 error -13
[  247.251435][ T6120] libceph: mon0 (1)[c::]:6789 connect error
[  247.490947][   T35] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  247.651986][   T35] usb 5-1: Using ep0 maxpacket: 8
[  247.656437][   T35] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  247.659511][   T35] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  247.663869][   T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  247.667687][   T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  247.672761][   T35] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  247.677743][   T35] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  247.681714][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.888936][   T35] usb 5-1: usb_control_msg returned -32
[  247.891614][   T35] usbtmc 5-1:16.0: can't read capabilities
[  248.314755][T11362] netlink: 372 bytes leftover after parsing attributes in process `syz.0.1525'.
[  250.241221][T11360] usbtmc 5-1:16.0: usb_control_msg returned -71
[  250.248266][   T35] usb 5-1: USB disconnect, device number 20
[  250.580958][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  250.580969][   T39] audit: type=1800 audit(1737082328.389:486): pid=11366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1531" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  251.068087][T11377] netlink: 288 bytes leftover after parsing attributes in process `syz.2.1535'.
[  252.011925][T11404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1543'.
[  252.035492][T11405] 
[  252.036245][T11405] ======================================================
[  252.038226][T11405] WARNING: possible circular locking dependency detected
[  252.040221][T11405] 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 Not tainted
[  252.042489][T11405] ------------------------------------------------------
[  252.045885][T11405] syz.0.1541/11405 is trying to acquire lock:
[  252.047615][T11405] ffff88805b751c68 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  252.049969][T11405] 
[  252.049969][T11405] but task is already holding lock:
[  252.052066][T11405] ffff8880686e4420 (sb_writers#5){.+.+}-{0:0}, at: __do_splice+0x327/0x360
[  252.054551][T11405] 
[  252.054551][T11405] which lock already depends on the new lock.
[  252.054551][T11405] 
[  252.057482][T11405] 
[  252.057482][T11405] the existing dependency chain (in reverse order) is:
[  252.060045][T11405] 
[  252.060045][T11405] -> #4 (sb_writers#5){.+.+}-{0:0}:
[  252.062153][T11405]        mnt_want_write+0x6f/0x450
[  252.063956][T11405]        ovl_create_object+0x12e/0x300
[  252.065556][T11405]        lookup_open.isra.0+0x1174/0x14c0
[  252.067173][T11405]        path_openat+0x904/0x2d60
[  252.068625][T11405]        do_filp_open+0x20c/0x470
[  252.070061][T11405]        do_sys_openat2+0x17a/0x1e0
[  252.071554][T11405]        __ia32_sys_creat+0xcc/0x120
[  252.073071][T11405]        __do_fast_syscall_32+0x73/0x120
[  252.074689][T11405]        do_fast_syscall_32+0x32/0x80
[  252.076235][T11405]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.078178][T11405] 
[  252.078178][T11405] -> #3 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}:
[  252.080565][T11405]        down_read+0x9a/0x330
[  252.081908][T11405]        walk_component+0x342/0x5b0
[  252.083409][T11405]        path_lookupat+0x17f/0x770
[  252.084880][T11405]        filename_lookup+0x221/0x5f0
[  252.086394][T11405]        kern_path+0x35/0x50
[  252.087707][T11405]        lookup_bdev+0xd9/0x280
[  252.089103][T11405]        resume_store+0x1d8/0x460
[  252.090545][T11405]        kobj_attr_store+0x55/0x80
[  252.092011][T11405]        sysfs_kf_write+0x117/0x170
[  252.093494][T11405]        kernfs_fop_write_iter+0x33d/0x500
[  252.095166][T11405]        vfs_write+0x5ae/0x1150
[  252.096555][T11405]        ksys_write+0x12b/0x250
[  252.098003][T11405]        __do_fast_syscall_32+0x73/0x120
[  252.099598][T11405]        do_fast_syscall_32+0x32/0x80
[  252.101140][T11405]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.103086][T11405] 
[  252.103086][T11405] -> #2 (&of->mutex){+.+.}-{4:4}:
[  252.105184][T11405]        __mutex_lock+0x19b/0xa60
[  252.106616][T11405]        kernfs_seq_start+0x4d/0x240
[  252.108113][T11405]        seq_read_iter+0x2ab/0x12b0
[  252.109615][T11405]        kernfs_fop_read_iter+0x414/0x580
[  252.111229][T11405]        vfs_read+0x87f/0xbe0
[  252.112578][T11405]        ksys_read+0x12b/0x250
[  252.113831][T11405]        __do_fast_syscall_32+0x73/0x120
[  252.115473][T11405]        do_fast_syscall_32+0x32/0x80
[  252.117010][T11405]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.118944][T11405] 
[  252.118944][T11405] -> #1 (&p->lock){+.+.}-{4:4}:
[  252.120933][T11405]        __mutex_lock+0x19b/0xa60
[  252.122419][T11405]        seq_read_iter+0xd8/0x12b0
[  252.123880][T11405]        proc_reg_read_iter+0x21d/0x310
[  252.125486][T11405]        copy_splice_read+0x620/0xb90
[  252.127007][T11405]        do_splice_read+0x282/0x370
[  252.128496][T11405]        splice_file_to_pipe+0x109/0x120
[  252.130088][T11405]        do_splice+0x1174/0x1f60
[  252.131504][T11405]        __do_splice+0x159/0x360
[  252.132898][T11405]        __ia32_sys_splice+0x189/0x250
[  252.134451][T11405]        __do_fast_syscall_32+0x73/0x120
[  252.136060][T11405]        do_fast_syscall_32+0x32/0x80
[  252.137594][T11405]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.139526][T11405] 
[  252.139526][T11405] -> #0 (&pipe->mutex){+.+.}-{4:4}:
[  252.141633][T11405]        __lock_acquire+0x249e/0x3c40
[  252.143158][T11405]        lock_acquire.part.0+0x11b/0x380
[  252.144751][T11405]        __mutex_lock+0x19b/0xa60
[  252.146188][T11405]        pipe_lock+0x64/0x80
[  252.147507][T11405]        iter_file_splice_write+0x1eb/0x10b0
[  252.149220][T11405]        do_splice+0x145c/0x1f60
[  252.150628][T11405]        __do_splice+0x327/0x360
[  252.152040][T11405]        __ia32_sys_splice+0x189/0x250
[  252.153596][T11405]        __do_fast_syscall_32+0x73/0x120
[  252.155205][T11405]        do_fast_syscall_32+0x32/0x80
[  252.156731][T11405]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.158663][T11405] 
[  252.158663][T11405] other info that might help us debug this:
[  252.158663][T11405] 
[  252.161513][T11405] Chain exists of:
[  252.161513][T11405]   &pipe->mutex --> &ovl_i_mutex_dir_key[depth] --> sb_writers#5
[  252.161513][T11405] 
[  252.165395][T11405]  Possible unsafe locking scenario:
[  252.165395][T11405] 
[  252.167497][T11405]        CPU0                    CPU1
[  252.169027][T11405]        ----                    ----
[  252.170545][T11405]   rlock(sb_writers#5);
[  252.171765][T11405]                                lock(&ovl_i_mutex_dir_key[depth]);
[  252.174017][T11405]                                lock(sb_writers#5);
[  252.175908][T11405]   lock(&pipe->mutex);
[  252.177114][T11405] 
[  252.177114][T11405]  *** DEADLOCK ***
[  252.177114][T11405] 
[  252.179648][T11405] 1 lock held by syz.0.1541/11405:
[  252.181160][T11405]  #0: ffff8880686e4420 (sb_writers#5){.+.+}-{0:0}, at: __do_splice+0x327/0x360
[  252.183745][T11405] 
[  252.183745][T11405] stack backtrace:
[  252.185446][T11405] CPU: 0 UID: 0 PID: 11405 Comm: syz.0.1541 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  252.188511][T11405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.191577][T11405] Call Trace:
[  252.192556][T11405]  <TASK>
[  252.193421][T11405]  dump_stack_lvl+0x116/0x1f0
[  252.194806][T11405]  print_circular_bug+0x41c/0x610
[  252.196287][T11405]  check_noncircular+0x31a/0x400
[  252.197739][T11405]  ? __pfx_check_noncircular+0x10/0x10
[  252.199320][T11405]  ? bpf_ksym_find+0x124/0x1c0
[  252.200716][T11405]  ? lockdep_lock+0xc6/0x200
[  252.202062][T11405]  ? __pfx_lockdep_lock+0x10/0x10
[  252.203524][T11405]  ? stack_depot_save_flags+0x36d/0x9e0
[  252.205173][T11405]  __lock_acquire+0x249e/0x3c40
[  252.206601][T11405]  ? __pfx___lock_acquire+0x10/0x10
[  252.208104][T11405]  ? find_held_lock+0x2d/0x110
[  252.209507][T11405]  lock_acquire.part.0+0x11b/0x380
[  252.210974][T11405]  ? pipe_lock+0x64/0x80
[  252.212218][T11405]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  252.213856][T11405]  ? rcu_is_watching+0x12/0xc0
[  252.215271][T11405]  ? trace_lock_acquire+0x14e/0x1f0
[  252.216808][T11405]  ? pipe_lock+0x64/0x80
[  252.218034][T11405]  ? lock_acquire+0x2f/0xb0
[  252.219343][T11405]  ? pipe_lock+0x64/0x80
[  252.220573][T11405]  __mutex_lock+0x19b/0xa60
[  252.221886][T11405]  ? pipe_lock+0x64/0x80
[  252.223110][T11405]  ? pipe_lock+0x64/0x80
[  252.224355][T11405]  ? __pfx___mutex_lock+0x10/0x10
[  252.225803][T11405]  ? rcu_is_watching+0x12/0xc0
[  252.227182][T11405]  ? trace_kmalloc+0x2d/0xd0
[  252.228514][T11405]  ? pipe_lock+0x64/0x80
[  252.229739][T11405]  pipe_lock+0x64/0x80
[  252.230916][T11405]  iter_file_splice_write+0x1eb/0x10b0
[  252.232484][T11405]  ? __pfx___lock_acquire+0x10/0x10
[  252.233967][T11405]  ? __pfx_aa_file_perm+0x10/0x10
[  252.235444][T11405]  ? __pfx_iter_file_splice_write+0x10/0x10
[  252.237157][T11405]  ? __pfx_lock_release+0x10/0x10
[  252.238607][T11405]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  252.240226][T11405]  ? __do_splice+0x327/0x360
[  252.241574][T11405]  ? __pfx_iter_file_splice_write+0x10/0x10
[  252.243311][T11405]  do_splice+0x145c/0x1f60
[  252.244658][T11405]  ? __pfx_do_splice+0x10/0x10
[  252.246039][T11405]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  252.247596][T11405]  ? __pfx_lock_release+0x10/0x10
[  252.249050][T11405]  ? trace_lock_acquire+0x14e/0x1f0
[  252.250541][T11405]  ? __pfx_do_sys_openat2+0x10/0x10
[  252.252058][T11405]  __do_splice+0x327/0x360
[  252.253374][T11405]  ? __pfx___do_splice+0x10/0x10
[  252.254828][T11405]  ? __fget_files+0x206/0x3a0
[  252.256192][T11405]  __ia32_sys_splice+0x189/0x250
[  252.257645][T11405]  __do_fast_syscall_32+0x73/0x120
[  252.259098][T11405]  do_fast_syscall_32+0x32/0x80
[  252.260520][T11405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.262337][T11405] RIP: 0023:0xf70be579
[  252.263512][T11405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  252.269144][T11405] RSP: 002b:00000000f4c4b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  252.271527][T11405] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000
[  252.273811][T11405] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000016
[  252.276108][T11405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  252.278367][T11405] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  252.280643][T11405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  252.282883][T11405]  </TASK>
[  252.330866][   T39] audit: type=1800 audit(1737082330.109:487): pid=11407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1542" name="memory.events" dev="9p" ino=42207056 res=0 errno=0
[  252.396160][T11401] overlayfs: statfs failed on './file0'
[  255.081783][ T1413] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
02:52:08  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85145f15 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc9000e6f70c0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000032 R14=ffffffff85145eb0 R15=0000000000000000
RIP=ffffffff85145f3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f10fffc CR3=000000006afd4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000099bcb0912e RBX=ffff88802b528400 RCX=00000000000006e0 RDX=0000000000000099
RSI=ffff88802b528400 RDI=00000000000fbedc RBP=00000000000fbedc RSP=ffffc900005a0ec0
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=ffffffff816b5e4e
R12=0000000000000000 R13=0000000000000019 R14=0000000000000000 R15=7fffffffffffffff
RIP=ffffffff814660c5 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f110ffc CR3=000000006e2ba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=ffffc9000051f7d8 RCX=ffffc90000520000 RDX=1ffff920000a3ddc
RSI=ffffc9000051f7a8 RDI=ffffc9000051eee0 RBP=ffff8880206fa140 RSP=ffffc9000051ee68
R8 =ffffc9000051ef0c R9 =ffffffff91411438 R10=ffffc9000051eed8 R11=00000000000850b8
R12=ffffc9000051ef28 R13=ffffc9000051eed8 R14=ffffc9000051f7d8 R15=ffffc9000051f7d0
RIP=ffffffff8148fcd3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2cf404 CR3=000000006e2ba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001b800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000002000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000002
RSI=00000000000000fb RDI=0000000000000002 RBP=0000000000000001 RSP=ffffc90007ba7610
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=ffff88802b53ed00 R15=ffff888024fd4c01
RIP=ffffffff8147a098 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f4c4bda4 CR3=000000006e2ba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001b800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000