last executing test programs:

4m35.962534263s ago: executing program 3 (id=1605):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r2})
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001200010a000000000000000080"], 0x26}}, 0x0)

4m35.845824674s ago: executing program 3 (id=1606):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x10000000)

4m35.734769282s ago: executing program 3 (id=1607):
pipe2$watch_queue(&(0x7f0000001180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r0, 0x36)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x19)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0xffffffffffffffff)

4m35.722647425s ago: executing program 3 (id=1608):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x20000, 0x0)

4m35.554674077s ago: executing program 3 (id=1611):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x2000877d, &(0x7f0000000180)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0xff28)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f0000000780)=""/4108, 0x437aba2}], 0x1, 0x0, 0xfffffdee, 0x407006}, 0x104)

4m34.756274937s ago: executing program 3 (id=1622):
r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000180)='.\x00', 0x10000, 0x2)
flock(r1, 0x1)
flock(r0, 0x5)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000004100)={0x2020}, 0x545)

4m34.561839873s ago: executing program 32 (id=1622):
r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000180)='.\x00', 0x10000, 0x2)
flock(r1, 0x1)
flock(r0, 0x5)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000004100)={0x2020}, 0x545)

3m17.321558344s ago: executing program 1 (id=2587):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='syz_tun\x00', 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0x10004)
sendfile(r0, r1, 0x0, 0x7ffff004)

3m17.271546719s ago: executing program 1 (id=2588):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000004c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m17.076134077s ago: executing program 1 (id=2592):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
syz_usb_connect(0x5, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x56, 0x7b, 0x57, 0x20, 0x2a39, 0x3fa0, 0x4b70, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x4e, 0x50, 0xbb}}]}}, 0x0)
connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "5bebd250addb1b29", "0fe52ccf5ae523f0d36375dedff0d425", "5cccf758", "9340f2307faa6431"}, 0x28)
setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000040), 0x44)

3m15.734489508s ago: executing program 1 (id=2615):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1ec)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10010, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)

3m15.662254369s ago: executing program 1 (id=2617):
r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0xc)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f00000001c0)=""/46, 0x2e)
getdents(r2, 0xfffffffffffffffd, 0x58)

3m14.605922268s ago: executing program 1 (id=2624):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x4043000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

3m14.360154541s ago: executing program 33 (id=2624):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x4043000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

2m44.704323052s ago: executing program 0 (id=2877):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x4000)
setresuid(r4, r4, 0x0)
sendmmsg$unix(r3, &(0x7f0000008c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20, 0x24044000}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001880)=[@rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x14, 0x1, 0x1, [r0]}}], 0x30, 0x20008010}}], 0x2, 0x0)

2m44.511112506s ago: executing program 0 (id=2881):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="db", 0x1}], 0x1}}], 0x1, 0x40040)
sendmmsg(r0, &(0x7f0000010280)=[{{0x0, 0x0, &(0x7f0000004780)=[{&(0x7f0000000380)="cdca", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000006100)=[{&(0x7f0000005d40)='u.', 0x2}], 0x1}}], 0x2, 0x4044044)

2m44.368976739s ago: executing program 0 (id=2883):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008041}, 0xc000041)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000e80)=@gcm_256={{0x303, 0x36}, "437e509e2d2800", "8b3de2aabceef2a0640000d5a66fd32f419e59f3000000000400", "7d939a3c"}, 0x38)

2m44.121363932s ago: executing program 0 (id=2894):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2243005, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)

2m43.9894481s ago: executing program 0 (id=2887):
r0 = socket(0x10, 0x3, 0x0)
socket(0x9, 0x3, 0x9)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000040)={0x7, 'wlan0\x00', {0xffff}, 0xf284})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'bridge0\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x28, 0x2, 0x3, 0x101, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x9}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1a}}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

2m43.554112505s ago: executing program 0 (id=2890):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
sendmsg$unix(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x400c0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x4c, &(0x7f000002eff0)={0x133, &(0x7f0000000000)=[{}]}, 0x10)
prlimit64(0x0, 0x7, &(0x7f0000000180)={0x1, 0x8}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvmmsg(r1, &(0x7f00000051c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/61, 0x3d}}], 0x1, 0x0, 0x0)

2m43.154115407s ago: executing program 34 (id=2890):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
sendmsg$unix(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x400c0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x4c, &(0x7f000002eff0)={0x133, &(0x7f0000000000)=[{}]}, 0x10)
prlimit64(0x0, 0x7, &(0x7f0000000180)={0x1, 0x8}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvmmsg(r1, &(0x7f00000051c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/61, 0x3d}}], 0x1, 0x0, 0x0)

8.576570781s ago: executing program 4 (id=4323):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x12, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x6e22, 0x9, @empty, 0x6}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r3, 0x0)
listen(r1, 0x0)
read$FUSE(r0, &(0x7f00000007c0)={0x2020}, 0x14ab)

8.510407925s ago: executing program 4 (id=4325):
r0 = semget$private(0x0, 0x6, 0x0)
semtimedop(r0, &(0x7f0000000040)=[{0x3, 0x1bf6, 0x1800}, {0x3}], 0x2, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000000ec17105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0022220000009623130600000b53743ff62a9000670900be0083f4ffffff57a90da1f60b"], 0x0}, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0xa0000)
write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000100)={<r3=>0xffffffffffffffff, 0x0, 0x517a20f7, 0x6})
close_range(r3, 0xffffffffffffffff, 0x0)
semctl$GETNCNT(r0, 0x3, 0xe, 0x0)

5.590924325s ago: executing program 6 (id=4344):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
write$cgroup_type(r1, 0x0, 0x0)
unlink(0x0)
link(&(0x7f00000000c0)='./file0/file1\x00', 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0x0, 0x51, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000010f000/0x3000)=nil)
unshare(0x6a040000)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e", 0x24}], 0x1}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xa)
sendmsg$nl_xfrm(r3, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f00000017c0)=ANY=[@ANYBLOB="500000002100200029bd7000fbdbdf25ac1414bb000000f7ffffff"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x800)

5.396894159s ago: executing program 4 (id=4346):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000001c00), 0x400000000000159, 0x40840)

4.31479968s ago: executing program 4 (id=4350):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="580000000206030000000000000000000300000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f7274"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(r3)

2.117004834s ago: executing program 6 (id=4358):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1800, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000540), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000240)={0x7, 0x1fd, 0x101c3c})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000340)={0x8, 0x5, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x3, 0x8001, 0x9})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x2, 0x6, 0xbc0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
close_range(r0, 0xffffffffffffffff, 0x0)

1.891535943s ago: executing program 6 (id=4359):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000300)=0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c03000017"], 0x34c}, 0x1, 0x0, 0x0, 0x404c831}, 0x44)

1.700633947s ago: executing program 5 (id=4361):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
pipe2(&(0x7f0000000580)={<r0=>0xffffffffffffffff}, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close_range(r0, 0xffffffffffffffff, 0x0)

1.696769391s ago: executing program 6 (id=4362):
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, r3)
setpgid(0x0, r3)
fchdir(r2)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x80, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)

1.587525419s ago: executing program 4 (id=4363):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r2=>0x0})
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000180)=0x80, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x1, r2, 0x0, r3}, 0x10)

1.576233777s ago: executing program 2 (id=4364):
r0 = socket$inet(0xa, 0x801, 0x84)
listen(r0, 0xfffffffd)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0xfffffffd)
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0x8)
r3 = socket$inet(0xa, 0x801, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r4, 0xfff)
listen(r3, 0x1)
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r6, &(0x7f0000000140)="c2", 0x1, 0x4004012, &(0x7f00000000c0)={0xa, 0x0, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

1.420051183s ago: executing program 2 (id=4365):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
creat(&(0x7f0000001380)='./file0\x00', 0x4)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$can_j1939(0x1d, 0x2, 0x7)
pipe2(&(0x7f00000003c0), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$igmp6(0xa, 0x3, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r0], 0xc4}}, 0x0)

1.337421319s ago: executing program 2 (id=4366):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4000100c, r0, 0x0)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000005c0)='fd', 0x0, r2)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x2)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r5, r5)
setpgid(0x0, r5)
fchdir(r4)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)

1.148992274s ago: executing program 4 (id=4367):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
close(r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r2, 0x400, 0x1)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r4 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5', 0x2)
write$binfmt_misc(r4, &(0x7f0000000180)="e502", 0x2)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

938.73884ms ago: executing program 5 (id=4368):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000080), &(0x7f00000000c0), 0x0)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000100), &(0x7f0000000140), 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
write(r2, &(0x7f0000000180)="01010101", 0x4)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000280), &(0x7f00000002c0), 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340), &(0x7f0000000380), 0x0)

861.511624ms ago: executing program 5 (id=4369):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x5, &(0x7f00000000c0), 0x106, 0x5}}, 0x20)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r0, 0x235}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000300), 0x2, 0x4}}, 0x20)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

765.102263ms ago: executing program 6 (id=4370):
fchdir(0xffffffffffffffff)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400)
mount$9p_fd(0x0, 0x0, 0x0, 0x100400, &(0x7f00000023c0))
mount(0x0, 0x0, 0x0, 0x189, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
syz_open_dev$hiddev(0x0, 0x7, 0x204080)
clock_gettime(0x0, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, 0x4000})

736.093128ms ago: executing program 5 (id=4371):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, 0x0, 0x0)
connect$bt_l2cap(r0, 0x0, 0x0)
writev(r0, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xff, 0x7fff0000}]})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000040080000800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x40)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

654.613728ms ago: executing program 5 (id=4372):
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x8, 0x0, 0xfffffffe}})
write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x69, 0x2, {0x1, 0x1, 0x8}}, 0x14)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan3\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000440)=@ethtool_ringparam={0xe, 0x0, 0xffffffff, 0x0, 0x0, 0x1202, 0x80, 0x400e}})

624.171154ms ago: executing program 6 (id=4373):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
getrlimit(0xa, &(0x7f0000000100))

507.621323ms ago: executing program 5 (id=4374):
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r0, 0x0)
r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x2da8}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000000)={0x19a1, 0x2, 0x3}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
bind$unix(r4, &(0x7f0000000240)=@file={0x1}, 0x6e)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000640)=@file={0x1}, 0x6e)

402.93315ms ago: executing program 2 (id=4375):
ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000040)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
memfd_secret(0x80000)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'lo\x00'})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x0, @private}})

324.419291ms ago: executing program 2 (id=4376):
syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2, 0xa8d4}}, './file0\x00'})
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0, 0x3a}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

0s ago: executing program 2 (id=4377):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x15, 0x800000000004, @thr={0x0, 0x0}}, &(0x7f0000bbdffc))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054)

kernel console output (not intermixed with test programs):

][T10481] bond0: (slave batadv0): Releasing backup interface
[  233.708205][T10506] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  234.547645][   T29] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  234.596367][T10546] netlink: 'syz.2.1910': attribute type 29 has an invalid length.
[  234.608202][T10546] netlink: 'syz.2.1910': attribute type 29 has an invalid length.
[  234.620723][T10546] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1910'.
[  234.717740][   T29] usb 5-1: Using ep0 maxpacket: 32
[  234.724839][   T29] usb 5-1: config 2 has an invalid interface number: 88 but max is 0
[  234.738659][   T29] usb 5-1: config 2 has no interface number 0
[  234.753920][   T29] usb 5-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  234.767050][   T29] usb 5-1: config 2 interface 88 has no altsetting 0
[  234.776977][   T29] usb 5-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  234.788060][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.797720][   T29] usb 5-1: Product: syz
[  234.802070][   T29] usb 5-1: Manufacturer: syz
[  234.806865][   T29] usb 5-1: SerialNumber: syz
[  234.816028][T10535] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  235.045275][T10535] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  235.549961][T10576] syz_tun: entered allmulticast mode
[  235.561502][T10576] syz_tun: left allmulticast mode
[  236.003179][T10590] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1928'.
[  236.019463][ T5148] Bluetooth: hci1: command 0x0406 tx timeout
[  236.073105][   T29] asix 5-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  236.087951][   T29] asix 5-1:2.88: probe with driver asix failed with error -71
[  236.101443][   T29] usb 5-1: USB disconnect, device number 6
[  236.267248][T10596] netlink: 642 bytes leftover after parsing attributes in process `syz.2.1931'.
[  236.699290][    T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  236.869717][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  236.893378][    T9] usb 1-1: config 1 interface 0 has no altsetting 0
[  236.910729][    T9] usb 1-1: string descriptor 0 read error: -22
[  236.917299][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.40
[  236.937479][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.307532][ T1218] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  237.437590][    T9] hid_parser_main: 8024 callbacks suppressed
[  237.437612][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.460176][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.467122][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.476325][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.486276][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.494094][ T1218] usb 5-1: config 1 interface 0 has no altsetting 0
[  237.507465][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.516354][ T1218] usb 5-1: string descriptor 0 read error: -22
[  237.520481][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.528570][ T1218] usb 5-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.40
[  237.537752][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.555012][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.557768][ T1218] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.566769][    T9] wacom 0003:056A:0094.0013: unknown main item tag 0x0
[  237.616545][    T9] wacom 0003:056A:0094.0013: Using device in hidraw-only mode
[  237.645191][    T9] wacom 0003:056A:0094.0013: hidraw0: USB HID v0.02 Device [HID 056a:0094] on usb-dummy_hcd.0-1/input0
[  237.679105][    T9] usb 1-1: USB disconnect, device number 12
[  237.814005][T10650] fido_id[10650]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  238.097733][ T5835] Bluetooth: hci1: command 0x0406 tx timeout
[  238.134813][ T1218] bigben 0003:146B:0902.0014: unexpected rdesc, please submit for review
[  238.236567][ T1218] bigben 0003:146B:0902.0014: hidraw0: USB HID vff.7f Device [HID 146b:0902] on usb-dummy_hcd.4-1/input0
[  238.257550][ T1218] bigben 0003:146B:0902.0014: missing HID_OUTPUT_REPORT 0
[  238.264890][ T1218] bigben 0003:146B:0902.0014: no output report found
[  238.291227][ T1218] usb 5-1: USB disconnect, device number 7
[  238.434777][T10656] fido_id[10656]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  239.016583][T10678] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  239.032589][T10676] kvm: apic: phys broadcast and lowest prio
[  239.038908][T10676] kvm: Disabled LAPIC found during irq injection
[  239.728156][T10702] netlink: 'syz.2.1973': attribute type 9 has an invalid length.
[  239.750869][T10702] netlink: 'syz.2.1973': attribute type 11 has an invalid length.
[  239.773206][T10702] netlink: 'syz.2.1973': attribute type 12 has an invalid length.
[  239.789316][T10702] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.1973'.
[  239.803636][T10702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1973'.
[  240.529670][    T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  240.687748][    T9] usb 5-1: Using ep0 maxpacket: 8
[  240.704535][    T9] usb 5-1: config index 0 descriptor too short (expected 74, got 45)
[  240.722443][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  240.743666][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  240.755040][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  240.766713][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  240.777793][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  240.791393][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  240.804283][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.867332][T10743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1992'.
[  240.876947][T10743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1992'.
[  241.025369][T10748] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 2, id = 0
[  241.057187][    T9] usb 5-1: usb_control_msg returned -32
[  241.068883][    T9] usbtmc 5-1:16.0: can't read capabilities
[  241.110763][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  241.469319][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  241.493995][T10766] usbtmc 5-1:16.0: Unable to send data, error -71
[  242.573360][T10804] netlink: 'syz.1.2016': attribute type 9 has an invalid length.
[  242.599374][T10804] netlink: 'syz.1.2016': attribute type 11 has an invalid length.
[  242.623013][T10804] netlink: 'syz.1.2016': attribute type 12 has an invalid length.
[  242.640491][T10804] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2016'.
[  242.667807][T10804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2016'.
[  242.707158][T10807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2018'.
[  242.718352][T10807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2018'.
[  243.326327][ T1218] usb 5-1: USB disconnect, device number 8
[  243.485717][T10832] IPv4: Oversized IP packet from 127.202.26.0
[  243.788043][ T1218] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  243.881146][T10844] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  243.950194][ T1218] usb 2-1: config 1 interface 0 has no altsetting 0
[  243.976694][ T1218] usb 2-1: string descriptor 0 read error: -22
[  243.987641][ T1218] usb 2-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.40
[  244.008235][ T1218] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.357772][  T803] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  244.518694][  T803] usb 1-1: Using ep0 maxpacket: 8
[  244.525152][ T1218] bigben 0003:146B:0902.0015: unexpected rdesc, please submit for review
[  244.537130][ T1218] hid_parser_main: 5013 callbacks suppressed
[  244.537150][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.543631][  T803] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[  244.553470][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.566288][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.573967][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.582489][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.587856][  T803] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  244.590695][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.608150][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.615264][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.624328][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.625047][  T803] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  244.632320][ T1218] bigben 0003:146B:0902.0015: unknown main item tag 0x0
[  244.654924][  T803] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  244.688541][  T803] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  244.710128][  T803] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  244.742241][ T1218] bigben 0003:146B:0902.0015: hidraw0: USB HID vff.7f Device [HID 146b:0902] on usb-dummy_hcd.1-1/input0
[  244.745094][  T803] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  244.760432][ T1218] bigben 0003:146B:0902.0015: missing HID_OUTPUT_REPORT 0
[  244.773823][ T1218] bigben 0003:146B:0902.0015: no output report found
[  244.789330][ T1218] usb 2-1: USB disconnect, device number 21
[  244.806919][  T803] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.923126][T10870] fido_id[10870]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  245.040935][  T803] usb 1-1: usb_control_msg returned -32
[  245.046708][  T803] usbtmc 1-1:16.0: can't read capabilities
[  245.412428][    C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  245.422798][T10883] usbtmc 1-1:16.0: Unable to send data, error -71
[  245.832139][T10899] netlink: 'syz.4.2060': attribute type 3 has an invalid length.
[  246.624022][T10933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2075'.
[  247.142305][   T29] usb 1-1: USB disconnect, device number 13
[  248.791627][T11010] kvm: kvm [11009]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  249.131349][T11024] netlink: 'syz.0.2113': attribute type 9 has an invalid length.
[  249.140512][T11024] netlink: 'syz.0.2113': attribute type 11 has an invalid length.
[  249.148933][T11024] netlink: 'syz.0.2113': attribute type 12 has an invalid length.
[  249.156995][T11024] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.2113'.
[  249.166643][T11024] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2113'.
[  250.507519][   T10] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  250.679635][   T10] usb 2-1: config 1 interface 0 has no altsetting 0
[  250.691674][   T10] usb 2-1: string descriptor 0 read error: -22
[  250.698533][   T10] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.40
[  250.707942][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.150925][   T10] hid_parser_main: 4007 callbacks suppressed
[  251.150949][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.182868][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.202897][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.210827][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.219530][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.226502][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.233701][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.241633][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.249174][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.256928][   T10] lua 0003:1E7D:2C2E.0016: unknown main item tag 0x0
[  251.332077][   T10] lua 0003:1E7D:2C2E.0016: hidraw0: USB HID vff.7f Device [HID 1e7d:2c2e] on usb-dummy_hcd.1-1/input0
[  251.365583][   T10] usb 2-1: USB disconnect, device number 22
[  251.516418][T11076] fido_id[11076]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  251.546938][   T29] libceph: connect (1)[c::]:6789 error -101
[  251.564060][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  251.592334][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  251.797730][T11097] netlink: 'syz.0.2141': attribute type 39 has an invalid length.
[  251.849044][   T29] libceph: connect (1)[c::]:6789 error -101
[  251.864355][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  252.312296][T11080] ceph: No mds server is up or the cluster is laggy
[  252.537952][T11134] netlink: 'syz.1.2156': attribute type 3 has an invalid length.
[  252.620654][T11140] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2159'.
[  253.861654][T11165] syz.1.2169 (11165) used greatest stack depth: 17408 bytes left
[  254.036243][T11180] netlink: 'syz.0.2178': attribute type 3 has an invalid length.
[  254.410521][ T5148] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  254.420766][ T5148] CPU: 1 UID: 0 PID: 5148 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  254.420809][ T5148] Tainted: [L]=SOFTLOCKUP
[  254.420819][ T5148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  254.420832][ T5148] Workqueue: hci1 hci_rx_work
[  254.420871][ T5148] Call Trace:
[  254.420880][ T5148]  <TASK>
[  254.420889][ T5148]  dump_stack_lvl+0xe8/0x150
[  254.420925][ T5148]  sysfs_create_dir_ns+0x271/0x2a0
[  254.420955][ T5148]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  254.420983][ T5148]  ? do_raw_spin_unlock+0xf5/0x210
[  254.421014][ T5148]  kobject_add_internal+0x62b/0xd00
[  254.421052][ T5148]  kobject_add+0x163/0x240
[  254.421085][ T5148]  ? __pfx_kobject_add+0x10/0x10
[  254.421114][ T5148]  ? _raw_spin_unlock+0x28/0x50
[  254.421139][ T5148]  ? get_device_parent+0x366/0x3a0
[  254.421177][ T5148]  device_add+0x408/0xb70
[  254.421214][ T5148]  hci_conn_add_sysfs+0xd5/0x210
[  254.421240][ T5148]  le_conn_complete_evt+0xf1d/0x1430
[  254.421280][ T5148]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  254.421308][ T5148]  ? irqentry_exit+0x61a/0x700
[  254.421331][ T5148]  ? trace_irq_disable+0x3b/0x150
[  254.421368][ T5148]  hci_le_enh_conn_complete_evt+0x189/0x490
[  254.421406][ T5148]  hci_event_packet+0x7af/0x12c0
[  254.421436][ T5148]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  254.421464][ T5148]  ? __pfx_hci_event_packet+0x10/0x10
[  254.421493][ T5148]  ? kcov_remote_start+0x49a/0x7a0
[  254.421519][ T5148]  ? hci_send_to_monitor+0xe2/0x590
[  254.421553][ T5148]  hci_rx_work+0x3ee/0x1040
[  254.421587][ T5148]  ? process_one_work+0x870/0x1720
[  254.421615][ T5148]  process_one_work+0x963/0x1720
[  254.421668][ T5148]  ? __pfx_process_one_work+0x10/0x10
[  254.421696][ T5148]  ? do_raw_spin_lock+0x12b/0x2f0
[  254.421738][ T5148]  worker_thread+0xb46/0x1140
[  254.421783][ T5148]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  254.421829][ T5148]  kthread+0x388/0x470
[  254.421853][ T5148]  ? __pfx_worker_thread+0x10/0x10
[  254.421881][ T5148]  ? __pfx_kthread+0x10/0x10
[  254.421906][ T5148]  ret_from_fork+0x51e/0xb90
[  254.421939][ T5148]  ? __pfx_ret_from_fork+0x10/0x10
[  254.421966][ T5148]  ? __switch_to+0xc7d/0x1450
[  254.421996][ T5148]  ? __pfx_kthread+0x10/0x10
[  254.422021][ T5148]  ret_from_fork_asm+0x1a/0x30
[  254.422059][ T5148]  </TASK>
[  254.422166][ T5148] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  254.663249][ T5148] Bluetooth: hci1: failed to register connection device
[  255.566580][T11237] 9p: Unknown uid 00000000004294967295
[  255.694389][T11240] 9pnet: p9_errstr2errno: server reported unknown error -tun
[  255.708038][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  255.717900][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  256.397603][   T10] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  256.507536][  T803] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  256.547491][   T10] usb 1-1: Using ep0 maxpacket: 16
[  256.554360][   T10] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  256.562665][   T10] usb 1-1: config 1 has no interface number 0
[  256.569382][   T10] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  256.580066][   T10] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  256.590194][   T10] usb 1-1: config 1 interface 105 has no altsetting 0
[  256.599347][   T10] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  256.609764][   T10] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  256.618152][   T10] usb 1-1: Product: syz
[  256.623036][   T10] usb 1-1: Manufacturer: syz
[  256.627765][   T10] usb 1-1: SerialNumber: syz
[  256.635400][T11261] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  256.643195][T11261] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  256.657502][  T803] usb 2-1: Using ep0 maxpacket: 32
[  256.664625][  T803] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  256.672995][  T803] usb 2-1: config 0 has no interface number 0
[  256.679330][  T803] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  256.692880][  T803] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  256.703392][  T803] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.711497][  T803] usb 2-1: Product: syz
[  256.715698][  T803] usb 2-1: Manufacturer: syz
[  256.720415][  T803] usb 2-1: SerialNumber: syz
[  256.728935][  T803] usb 2-1: config 0 descriptor??
[  256.735103][T11266] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  256.954417][T11266] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  257.028754][T11276] netlink: 'syz.2.2214': attribute type 3 has an invalid length.
[  257.064677][T11261] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  257.079034][T11261] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  257.705170][   T10] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  257.734929][   T10] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  257.781142][   T10] aqc111 1-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, b4:17:dc:b1:bf:b1
[  257.815178][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  257.829635][   T10] usb 1-1: USB disconnect, device number 14
[  257.851653][   T10] aqc111 1-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  257.938896][   T10] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  257.960778][   T10] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  257.977715][  T803] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  257.990712][   T10] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  258.007753][  T803] asix 2-1:0.188: probe with driver asix failed with error -71
[  258.030849][  T803] usb 2-1: USB disconnect, device number 23
[  258.117849][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  258.165690][T11295] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2223'.
[  258.176829][T11295] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2223'.
[  258.323731][T11299] netlink: 'syz.0.2225': attribute type 1 has an invalid length.
[  258.333987][T11299] netlink: 16110 bytes leftover after parsing attributes in process `syz.0.2225'.
[  258.563446][T11307] overlayfs: failed to clone upperpath
[  258.586205][T11307] overlayfs: failed to clone upperpath
[  258.663458][T11309] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2231'.
[  259.011725][T11326] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2239'.
[  259.187569][   T29] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  259.255454][T11343] netlink: 'syz.4.2246': attribute type 29 has an invalid length.
[  259.273009][T11343] netlink: 'syz.4.2246': attribute type 29 has an invalid length.
[  259.282835][T11343] netlink: 500 bytes leftover after parsing attributes in process `syz.4.2246'.
[  259.349368][   T29] usb 1-1: unable to get BOS descriptor or descriptor too short
[  259.369047][   T29] usb 1-1: config 1 interface 0 has no altsetting 0
[  259.385900][   T29] usb 1-1: string descriptor 0 read error: -22
[  259.393186][   T29] usb 1-1: New USB device found, idVendor=045e, idProduct=00f9, bcdDevice= 0.40
[  259.402456][   T29] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.682575][T11352] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2250'.
[  259.834865][   T29] hid_parser_main: 4007 callbacks suppressed
[  259.834890][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.860689][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.869349][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.881652][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.889117][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.896860][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.905186][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.912714][T11356] syz_tun: entered allmulticast mode
[  259.918477][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.927120][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.937002][   T29] microsoft 0003:045E:00F9.0017: unknown main item tag 0x0
[  259.948187][T11356] syz_tun: left allmulticast mode
[  259.956942][T11358] netlink: 'syz.1.2252': attribute type 10 has an invalid length.
[  259.988169][T11358] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.010489][T11358] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  260.023570][T11359] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.037946][T11359] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.047165][T11359] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.055127][T11359] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.107821][   T29] microsoft 0003:045E:00F9.0017: hidraw0: USB HID vff.7f Device [HID 045e:00f9] on usb-dummy_hcd.0-1/input0
[  260.120520][   T29] microsoft 0003:045E:00F9.0017: no inputs found
[  260.126946][   T29] microsoft 0003:045E:00F9.0017: could not initialize ff, continuing anyway
[  260.144692][   T29] usb 1-1: USB disconnect, device number 15
[  260.169812][T11359] bond0: (slave batadv0): Releasing backup interface
[  260.278389][T11362] fido_id[11362]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  260.540786][T11376] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2259'.
[  260.804048][T11392] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  260.934165][T11398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2270'.
[  261.333366][T11420] bridge_slave_1: entered promiscuous mode
[  261.593196][T11415] bridge_slave_1: left promiscuous mode
[  261.940116][T11442] netlink: 642 bytes leftover after parsing attributes in process `syz.1.2291'.
[  263.760498][T11490] netlink: 'syz.0.2311': attribute type 9 has an invalid length.
[  263.780188][T11490] netlink: 'syz.0.2311': attribute type 11 has an invalid length.
[  263.788248][T11490] netlink: 'syz.0.2311': attribute type 12 has an invalid length.
[  263.796901][T11490] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.2311'.
[  263.806733][T11490] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2311'.
[  266.544034][T11570] Invalid ELF header magic: != ELF
[  266.581777][T11570] Invalid ELF header magic: != ELF
[  266.714760][T11576] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2349'.
[  268.110441][   T30] audit: type=1326 audit(2000000119.100:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.2.2374" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x0
[  268.602837][T11652] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2379'.
[  269.653654][T11686] fuse: Bad value for 'fd'
[  269.723859][T11688] netlink: 1335 bytes leftover after parsing attributes in process `syz.4.2395'.
[  270.380975][T11712] netlink: 1335 bytes leftover after parsing attributes in process `syz.2.2405'.
[  270.680457][T11726] netlink: 'syz.4.2418': attribute type 11 has an invalid length.
[  270.779085][   T29] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  270.987849][   T29] usb 2-1: config 1 interface 0 has no altsetting 0
[  271.022299][   T29] usb 2-1: string descriptor 0 read error: -22
[  271.035775][   T29] usb 2-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.40
[  271.053964][   T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.559801][   T29] hid_parser_main: 4007 callbacks suppressed
[  271.559826][   T29] belkin 0003:050D:3201.0018: unknown main item tag 0x1
[  271.608132][   T29] belkin 0003:050D:3201.0018: report_id 34933 is invalid
[  271.620877][   T29] belkin 0003:050D:3201.0018: item 0 2 1 8 parsing failed
[  271.643492][   T29] belkin 0003:050D:3201.0018: parse failed
[  271.667698][   T29] belkin 0003:050D:3201.0018: probe with driver belkin failed with error -22
[  271.799544][    T9] usb 2-1: USB disconnect, device number 24
[  272.981333][T11802] netlink: 'syz.1.2440': attribute type 9 has an invalid length.
[  272.997612][T11802] netlink: 'syz.1.2440': attribute type 11 has an invalid length.
[  273.017326][T11802] netlink: 'syz.1.2440': attribute type 12 has an invalid length.
[  273.032725][T11802] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2440'.
[  273.057947][T11802] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2440'.
[  273.396104][T11808] VFS: Mount too revealing
[  273.618176][    T9] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  273.698785][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  273.793176][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.818699][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  273.828236][    T9] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  273.839582][    T9] usb 1-1: Product: syz
[  273.848704][    T9] usb 1-1: SerialNumber: syz
[  274.011610][   T30] audit: type=1326 audit(2000000125.000:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11820 comm="syz.2.2451" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x0
[  274.893116][    T9] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  274.915194][    T9] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  274.947559][    T9] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  274.985083][   T30] audit: type=1326 audit(2000000125.970:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.051188][   T30] audit: type=1326 audit(2000000125.970:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.112496][   T30] audit: type=1326 audit(2000000126.010:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.179716][   T30] audit: type=1326 audit(2000000126.030:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.212777][    T9] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  275.245862][   T30] audit: type=1326 audit(2000000126.030:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.304385][   T30] audit: type=1326 audit(2000000126.040:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.376351][   T30] audit: type=1326 audit(2000000126.040:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.442855][    T9] usb 1-1: USB disconnect, device number 16
[  275.456900][   T30] audit: type=1326 audit(2000000126.040:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  275.479912][    T9] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  275.583950][   T30] audit: type=1326 audit(2000000126.100:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1f0b99c799 code=0x7ffc0000
[  276.834874][T11883] KVM: debugfs: duplicate directory 11883-4
[  277.527472][   T10] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  277.690927][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.729674][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.755808][   T10] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  277.772182][T11903] KVM: debugfs: duplicate directory 11903-4
[  277.776016][   T10] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  277.809147][   T10] usb 2-1: Manufacturer: syz
[  277.823056][   T10] usb 2-1: config 0 descriptor??
[  278.130123][T11916] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2491'.
[  278.874518][   T10] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0019/input/input14
[  278.972235][   T10] uclogic 0003:256C:006D.0019: input,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  279.104151][   T29] usb 2-1: USB disconnect, device number 25
[  279.137358][T11929] fido_id[11929]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  279.278788][ T1218] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  279.449378][ T1218] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  279.458787][ T1218] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.469212][ T1218] usb 1-1: config 0 descriptor??
[  279.774278][   T30] kauditd_printk_skb: 83 callbacks suppressed
[  279.774297][   T30] audit: type=1804 audit(2000000130.760:154): pid=11943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2501" name="file1" dev="tmpfs" ino=1023 res=1 errno=0
[  279.955525][T11948] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2503'.
[  279.980813][T11950] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2504'.
[  280.719340][T11963] evm: overlay not supported
[  280.908381][ T1218] usb 1-1: Cannot set autoneg
[  280.914091][ T1218] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  280.933150][ T1218] usb 1-1: USB disconnect, device number 17
[  281.199331][T11976] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2516'.
[  281.317329][T11978] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2517'.
[  281.500521][T11982] netlink: 'syz.0.2518': attribute type 1 has an invalid length.
[  281.508575][T11982] netlink: 'syz.0.2518': attribute type 4 has an invalid length.
[  281.516337][T11982] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.2518'.
[  281.697609][T11967] overlayfs: statfs failed on './file0'
[  281.744504][T11995] fuse: Bad value for 'fd'
[  282.004850][T12011] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  282.011404][T12011] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  282.124780][T12017] overlayfs: failed to clone lowerpath
[  282.839103][ T5912] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  282.933510][T12049] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  282.941776][T12049] overlayfs: failed to set xattr on upper
[  282.950406][T12049] overlayfs: ...falling back to redirect_dir=nofollow.
[  282.957300][T12049] overlayfs: ...falling back to index=off.
[  282.997471][ T5912] usb 2-1: Using ep0 maxpacket: 32
[  283.010410][ T5912] usb 2-1: config 2 has an invalid interface number: 88 but max is 0
[  283.022347][ T5912] usb 2-1: config 2 has no interface number 0
[  283.029831][ T5912] usb 2-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  283.042324][ T5912] usb 2-1: config 2 interface 88 has no altsetting 0
[  283.053279][ T5912] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  283.064267][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.072695][ T5912] usb 2-1: Product: syz
[  283.077735][ T5912] usb 2-1: Manufacturer: syz
[  283.082469][ T5912] usb 2-1: SerialNumber: syz
[  283.095475][T12042] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  283.317883][T12042] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  283.602990][T12068] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  283.609607][T12068] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  283.836579][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  284.077548][   T24] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  284.239724][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  284.253141][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  284.266793][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  284.280627][   T24] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  284.290483][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.303612][   T24] usb 1-1: config 0 descriptor??
[  284.333188][ T5912] asix 2-1:2.88 (unnamed net_device) (uninitialized): invalid hw address, using random
[  284.534051][ T5912] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  284.556784][ T5912] asix 2-1:2.88 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  284.572305][ T5912] asix 2-1:2.88: probe with driver asix failed with error -71
[  284.595984][ T5912] usb 2-1: USB disconnect, device number 26
[  284.698500][T12101] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2559'.
[  284.756006][   T24] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  285.319705][T12131] overlayfs: failed to clone upperpath
[  285.910388][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  285.919643][   T24] usb 1-1: USB disconnect, device number 18
[  286.897578][ T5883] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  287.061364][ T5883] usb 2-1: Using ep0 maxpacket: 32
[  287.071997][ T5883] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  287.094047][ T5883] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  287.116862][ T5883] usb 2-1: New USB device found, idVendor=2a39, idProduct=3fa0, bcdDevice=4b.70
[  287.137782][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.154440][ T5883] usb 2-1: Product: syz
[  287.163510][ T5883] usb 2-1: Manufacturer: syz
[  287.171476][ T5883] usb 2-1: SerialNumber: syz
[  287.180984][ T5883] usb 2-1: config 0 descriptor??
[  287.412467][ T5883] usb 2-1: USB disconnect, device number 27
[  287.613102][T12217] netlink: 'syz.2.2608': attribute type 9 has an invalid length.
[  287.621598][T12217] netlink: 'syz.2.2608': attribute type 11 has an invalid length.
[  287.634081][T12217] netlink: 'syz.2.2608': attribute type 12 has an invalid length.
[  287.642528][T12217] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.2608'.
[  287.654825][T12217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2608'.
[  287.890291][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  287.957566][    T9] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  287.999164][ T5148] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  288.131145][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  288.149327][    T9] usb 1-1: not running at top speed; connect to a high speed hub
[  288.159884][    T9] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  288.168819][    T9] usb 1-1: config 4 has an invalid descriptor of length 61, skipping remainder of the config
[  288.179635][    T9] usb 1-1: config 4 has no interface number 0
[  288.189091][    T9] usb 1-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  288.198501][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.206655][    T9] usb 1-1: Product: syz
[  288.211506][    T9] usb 1-1: Manufacturer: syz
[  288.216231][    T9] usb 1-1: SerialNumber: syz
[  288.457583][    T9] uvcvideo 1-1:4.147: Found UVC 0.00 device syz (04f2:b746)
[  288.465294][    T9] uvcvideo 1-1:4.147: No valid video chain found.
[  288.478881][    T9] usb 1-1: USB disconnect, device number 19
[  289.605518][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  289.625087][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  289.634074][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  289.653528][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  289.664207][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  289.763118][T12262] lo speed is unknown, defaulting to 1000
[  289.925437][ T1218] libceph: connect (1)[c::]:6789 error -101
[  289.931830][ T1218] libceph: mon0 (1)[c::]:6789 connect error
[  289.990672][    T9] libceph: connect (1)[c::]:6789 error -101
[  290.000266][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  290.207084][ T1218] libceph: connect (1)[c::]:6789 error -101
[  290.213328][ T1218] libceph: mon0 (1)[c::]:6789 connect error
[  290.259607][    T9] libceph: connect (1)[c::]:6789 error -101
[  290.266640][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  290.274614][T12262] chnl_net:caif_netlink_parms(): no params data found
[  290.383083][T12262] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.390647][T12262] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.399848][T12262] bridge_slave_0: entered allmulticast mode
[  290.408277][T12262] bridge_slave_0: entered promiscuous mode
[  290.422452][T12262] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.429946][T12262] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.437327][T12262] bridge_slave_1: entered allmulticast mode
[  290.446302][T12262] bridge_slave_1: entered promiscuous mode
[  290.493145][T12262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.509710][T12262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  290.551953][T12262] team0: Port device team_slave_0 added
[  290.561622][T12262] team0: Port device team_slave_1 added
[  290.601537][T12262] batman_adv: batadv0: Adding interface: batadv_slave_0
[  290.608638][T12262] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  290.635010][T12262] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  290.649538][T12262] batman_adv: batadv0: Adding interface: batadv_slave_1
[  290.656562][T12262] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  290.687795][T12262] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  290.738541][   T24] libceph: connect (1)[c::]:6789 error -101
[  290.747179][T12279] ceph: No mds server is up or the cluster is laggy
[  290.748824][T12276] ceph: No mds server is up or the cluster is laggy
[  290.763166][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  290.777823][ T5883] libceph: connect (1)[c::]:6789 error -101
[  290.789240][ T5883] libceph: mon0 (1)[c::]:6789 connect error
[  290.851678][T12262] hsr_slave_0: entered promiscuous mode
[  290.869613][T12262] hsr_slave_1: entered promiscuous mode
[  290.876870][T12262] debugfs: 'hsr0' already exists in 'hsr'
[  290.897100][T12262] Cannot create hsr debugfs directory
[  291.181989][T12308] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2644'.
[  291.409279][T12262] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  291.422601][T12262] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  291.435730][T12262] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  291.448548][T12262] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  291.568228][ T1218] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  291.582941][T12262] 8021q: adding VLAN 0 to HW filter on device bond0
[  291.609907][T12262] 8021q: adding VLAN 0 to HW filter on device team0
[  291.626054][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.633401][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.651564][  T113] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.658832][  T113] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.707797][ T5148] Bluetooth: hci3: command tx timeout
[  291.748010][ T1218] usb 1-1: Using ep0 maxpacket: 32
[  291.759287][ T1218] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  291.790197][ T1218] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  291.819092][ T1218] usb 1-1: New USB device found, idVendor=2a39, idProduct=3fa0, bcdDevice=4b.70
[  291.850045][ T1218] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.875621][ T1218] usb 1-1: Product: syz
[  291.898706][ T1218] usb 1-1: Manufacturer: syz
[  291.908844][ T1218] usb 1-1: SerialNumber: syz
[  291.940892][ T1218] usb 1-1: config 0 descriptor??
[  292.084813][T12262] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.171209][ T1218] usb 1-1: USB disconnect, device number 20
[  292.393604][T12262] veth0_vlan: entered promiscuous mode
[  292.410712][T12262] veth1_vlan: entered promiscuous mode
[  292.457870][T12262] veth0_macvtap: entered promiscuous mode
[  292.473529][T12262] veth1_macvtap: entered promiscuous mode
[  292.504560][T12262] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.524931][T12262] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.545047][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.553998][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.566743][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.576544][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.715018][  T113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.739356][  T113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.846773][  T113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.864282][  T113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.777969][ T5148] Bluetooth: hci3: command tx timeout
[  293.937694][T12360] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2659'.
[  293.947339][T12360] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2659'.
[  294.976260][T12397] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2672'.
[  295.013020][T12399] netlink: 'syz.0.2674': attribute type 4 has an invalid length.
[  295.025242][T12399] netlink: 'syz.0.2674': attribute type 1 has an invalid length.
[  295.045024][T12399] netlink: 15314 bytes leftover after parsing attributes in process `syz.0.2674'.
[  295.858069][ T5148] Bluetooth: hci3: command tx timeout
[  296.122542][T12426] netlink: 'syz.4.2685': attribute type 4 has an invalid length.
[  296.143383][T12426] netlink: 'syz.4.2685': attribute type 1 has an invalid length.
[  296.152803][T12426] netlink: 15314 bytes leftover after parsing attributes in process `syz.4.2685'.
[  296.435572][T12442] netlink: 'syz.4.2691': attribute type 5 has an invalid length.
[  296.449021][T12442] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2691'.
[  296.774617][T12453] netlink: 'syz.2.2703': attribute type 6 has an invalid length.
[  296.944270][  T113] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.104673][  T113] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.227013][  T113] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.352390][  T113] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.752795][  T113] bridge_slave_1: left allmulticast mode
[  297.759257][  T113] bridge_slave_1: left promiscuous mode
[  297.770445][  T113] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.823334][  T113] bridge_slave_0: left allmulticast mode
[  297.833584][  T113] bridge_slave_0: left promiscuous mode
[  297.844265][  T113] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.940903][ T5148] Bluetooth: hci3: command tx timeout
[  300.256207][T12529] netlink: 'syz.2.2719': attribute type 5 has an invalid length.
[  300.287007][T12529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2719'.
[  300.426619][T12536] syzkaller1: entered promiscuous mode
[  300.452232][T12536] syzkaller1: entered allmulticast mode
[  300.835033][  T113] hsr_slave_0: left promiscuous mode
[  300.868856][  T113] hsr_slave_1: left promiscuous mode
[  300.888641][  T113] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  300.902075][  T113] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.922625][  T113] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  300.950437][  T113] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.012320][  T113] veth1_macvtap: left promiscuous mode
[  301.033719][  T113] veth0_macvtap: left promiscuous mode
[  301.048604][  T113] veth1_vlan: left promiscuous mode
[  301.061418][  T113] veth0_vlan: left promiscuous mode
[  301.259185][ T5912] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  301.422497][T12570] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  301.429147][T12570] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  301.448125][ T5912] usb 6-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  301.467486][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.484391][ T5912] usb 6-1: Product: syz
[  301.500656][ T5912] usb 6-1: Manufacturer: syz
[  301.511988][ T5912] usb 6-1: SerialNumber: syz
[  301.528836][ T5912] usb 6-1: config 0 descriptor??
[  301.566473][ T5912] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  301.747337][T12574] netlink: 'syz.0.2744': attribute type 9 has an invalid length.
[  301.772035][T12574] netlink: 'syz.0.2744': attribute type 11 has an invalid length.
[  301.782990][  T113] team0 (unregistering): Port device team_slave_1 removed
[  301.787799][T12574] netlink: 'syz.0.2744': attribute type 12 has an invalid length.
[  301.798505][T12574] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.2744'.
[  301.808106][T12574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2744'.
[  301.833139][  T113] team0 (unregistering): Port device team_slave_0 removed
[  302.759308][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  302.788737][  T113] IPVS: stop unused estimator thread 0...
[  302.837847][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  302.917533][   T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  302.931645][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  302.972597][ T5912] gspca_sunplus: reg_w_riv err -71
[  302.983878][ T5912] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  303.001068][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  303.015610][ T5912] usb 6-1: USB disconnect, device number 2
[  303.098969][   T24] usb 1-1: Using ep0 maxpacket: 32
[  303.113923][   T24] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  303.130472][   T24] usb 1-1: config 0 has no interface number 0
[  303.147138][   T24] usb 1-1: config 0 interface 184 has no altsetting 0
[  303.165289][   T24] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  303.175099][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.184977][   T24] usb 1-1: Product: syz
[  303.197130][   T24] usb 1-1: Manufacturer: syz
[  303.202728][   T24] usb 1-1: SerialNumber: syz
[  303.213054][   T24] usb 1-1: config 0 descriptor??
[  304.645140][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  304.665986][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  304.685892][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  304.701215][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  304.712402][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  304.723336][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  304.735518][   T24] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  304.756874][   T24] usb 1-1: USB disconnect, device number 21
[  305.762658][   T10] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  305.934587][   T10] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  305.958867][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.967952][   T10] usb 1-1: Product: syz
[  305.972248][   T10] usb 1-1: Manufacturer: syz
[  305.976956][   T10] usb 1-1: SerialNumber: syz
[  305.996132][   T10] usb 1-1: config 0 descriptor??
[  306.228330][   T10] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  307.073103][   T30] audit: type=1326 audit(2000000158.060:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.5.2777" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f111859c799 code=0x0
[  307.453253][   T10] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  307.469247][   T10] usb 1-1: USB disconnect, device number 22
[  309.000049][   T30] audit: type=1326 audit(2000000159.990:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12745 comm="syz.2.2789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x0
[  309.648535][   T30] audit: type=1800 audit(2000000160.630:157): pid=12753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2792" name="file0" dev="ramfs" ino=35637 res=0 errno=0
[  310.237669][  T803] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  310.409408][  T803] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  310.435964][  T803] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  310.445422][  T803] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.457462][  T803] usb 1-1: Product: syz
[  310.465714][  T803] usb 1-1: Manufacturer: syz
[  310.472064][  T803] usb 1-1: SerialNumber: syz
[  310.488944][  T803] usb 1-1: config 0 descriptor??
[  310.502641][  T803] ims_pcu 1-1:0.0: Union descriptor too short (2 vs 5)
[  310.505039][T12783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2804'.
[  310.518180][  T803] ims_pcu 1-1:0.0: probe with driver ims_pcu failed with error -22
[  310.529089][T12783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2804'.
[  310.540496][T12785] syzkaller0: entered allmulticast mode
[  310.569519][T12784] syzkaller0: entered promiscuous mode
[  310.583155][T12784] syzkaller0 (unregistering): left allmulticast mode
[  310.591195][T12784] syzkaller0 (unregistering): left promiscuous mode
[  310.714231][T12764] netlink: 'syz.0.2797': attribute type 25 has an invalid length.
[  310.744609][   T24] usb 1-1: USB disconnect, device number 23
[  312.210469][T12802] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  314.248670][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  314.409087][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  314.432521][   T24] usb 6-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  314.457481][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.467075][   T24] usb 6-1: Product: syz
[  314.478022][   T24] usb 6-1: Manufacturer: syz
[  314.483836][   T24] usb 6-1: SerialNumber: syz
[  314.501068][   T24] usb 6-1: config 0 descriptor??
[  314.516596][   T24] ims_pcu 6-1:0.0: Union descriptor too short (2 vs 5)
[  314.537507][   T24] ims_pcu 6-1:0.0: probe with driver ims_pcu failed with error -22
[  314.736931][T12880] netlink: 'syz.5.2839': attribute type 25 has an invalid length.
[  314.749728][   T24] usb 6-1: USB disconnect, device number 3
[  317.142986][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  317.151763][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  320.686155][T13063] netlink: 'syz.4.2897': attribute type 9 has an invalid length.
[  320.707760][T13063] netlink: 'syz.4.2897': attribute type 11 has an invalid length.
[  320.725906][T13063] netlink: 'syz.4.2897': attribute type 12 has an invalid length.
[  320.738442][T13063] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.2897'.
[  320.762523][T13063] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2897'.
[  320.864889][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  320.886087][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  320.894618][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  320.917861][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  320.927128][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  320.994635][T13066] lo speed is unknown, defaulting to 1000
[  321.669504][T13066] chnl_net:caif_netlink_parms(): no params data found
[  322.001051][T13066] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.009840][T13066] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.017298][T13066] bridge_slave_0: entered allmulticast mode
[  322.029749][T13066] bridge_slave_0: entered promiscuous mode
[  322.051928][T13066] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.067792][T13066] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.075314][T13066] bridge_slave_1: entered allmulticast mode
[  322.084335][T13066] bridge_slave_1: entered promiscuous mode
[  322.200563][T13066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.241657][T13066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.355017][T13066] team0: Port device team_slave_0 added
[  322.367211][T13066] team0: Port device team_slave_1 added
[  322.453099][T13066] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.467445][T13066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  322.496264][T13066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.519536][T13066] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.535181][T13066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  322.596586][T13066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.703068][T13066] hsr_slave_0: entered promiscuous mode
[  322.720347][T13066] hsr_slave_1: entered promiscuous mode
[  322.728615][T13066] debugfs: 'hsr0' already exists in 'hsr'
[  322.738109][T13066] Cannot create hsr debugfs directory
[  322.977840][ T5835] Bluetooth: hci1: command tx timeout
[  323.101344][T13066] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  323.114296][T13066] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  323.128345][T13066] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  323.144377][T13066] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  323.289615][T13066] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.356015][T13066] 8021q: adding VLAN 0 to HW filter on device team0
[  323.391021][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.398285][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.461470][  T113] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.468711][  T113] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.113843][T13066] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.866919][T13066] veth0_vlan: entered promiscuous mode
[  324.928207][T13066] veth1_vlan: entered promiscuous mode
[  325.057795][ T5835] Bluetooth: hci1: command tx timeout
[  325.095793][T13066] veth0_macvtap: entered promiscuous mode
[  325.129256][T13066] veth1_macvtap: entered promiscuous mode
[  325.179894][T13066] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.233189][T13066] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.280743][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.293596][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.316401][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.359047][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.585415][ T1048] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.607199][ T1048] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.682872][  T113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.705842][  T113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.138424][ T5835] Bluetooth: hci1: command tx timeout
[  327.302507][ T5912] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  327.468350][ T5912] usb 7-1: Using ep0 maxpacket: 16
[  327.484344][ T5912] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  327.510601][ T5912] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  327.534607][ T5912] usb 7-1: config 0 interface 0 has no altsetting 0
[  327.560160][ T5912] usb 7-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  327.578560][ T5912] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.599376][ T5912] usb 7-1: Product: syz
[  327.613394][ T5912] usb 7-1: Manufacturer: syz
[  327.627673][ T5912] usb 7-1: SerialNumber: syz
[  327.644333][ T5912] usb 7-1: config 0 descriptor??
[  327.883153][T13208] syz.6.2945: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  327.918998][T13208] CPU: 0 UID: 0 PID: 13208 Comm: syz.6.2945 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  327.919036][T13208] Tainted: [L]=SOFTLOCKUP
[  327.919045][T13208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  327.919060][T13208] Call Trace:
[  327.919069][T13208]  <TASK>
[  327.919077][T13208]  dump_stack_lvl+0xe8/0x150
[  327.919118][T13208]  warn_alloc+0x249/0x340
[  327.919151][T13208]  ? lockdep_hardirqs_on+0x7a/0x110
[  327.919183][T13208]  ? __pfx_warn_alloc+0x10/0x10
[  327.919221][T13208]  ? __kasan_kmalloc+0x93/0xb0
[  327.919250][T13208]  ? __kmalloc_cache_noprof+0x31c/0x660
[  327.919278][T13208]  ? xskq_create+0x56/0x170
[  327.919297][T13208]  ? xsk_init_queue+0x8a/0xe0
[  327.919316][T13208]  ? xsk_setsockopt+0x54c/0x990
[  327.919346][T13208]  ? do_sock_setsockopt+0x17c/0x1b0
[  327.919368][T13208]  ? __x64_sys_setsockopt+0x13d/0x1b0
[  327.919392][T13208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.919422][T13208]  __vmalloc_node_range_noprof+0x12d/0x1a80
[  327.919483][T13208]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  327.919521][T13208]  ? __kasan_kmalloc+0x93/0xb0
[  327.919557][T13208]  vmalloc_user_noprof+0xad/0xe0
[  327.919586][T13208]  ? xskq_create+0xbf/0x170
[  327.919609][T13208]  xskq_create+0xbf/0x170
[  327.919635][T13208]  xsk_init_queue+0x8a/0xe0
[  327.919659][T13208]  xsk_setsockopt+0x54c/0x990
[  327.919699][T13208]  ? __pfx_xsk_setsockopt+0x10/0x10
[  327.919732][T13208]  ? __pfx_aa_sk_perm+0x10/0x10
[  327.919762][T13208]  ? aa_sock_opt_perm+0xff/0x1a0
[  327.919792][T13208]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  327.919821][T13208]  ? __pfx_xsk_setsockopt+0x10/0x10
[  327.919855][T13208]  do_sock_setsockopt+0x17c/0x1b0
[  327.919885][T13208]  __x64_sys_setsockopt+0x13d/0x1b0
[  327.919925][T13208]  do_syscall_64+0x14d/0xf80
[  327.919948][T13208]  ? trace_irq_disable+0x3b/0x150
[  327.919971][T13208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.919993][T13208]  ? clear_bhb_loop+0x40/0x90
[  327.920020][T13208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.920043][T13208] RIP: 0033:0x7f94ae99c799
[  327.920077][T13208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  327.920096][T13208] RSP: 002b:00007f94af7c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  327.920120][T13208] RAX: ffffffffffffffda RBX: 00007f94aec15fa0 RCX: 00007f94ae99c799
[  327.920136][T13208] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  327.920149][T13208] RBP: 00007f94aea32bd9 R08: 0000000000000004 R09: 0000000000000000
[  327.920162][T13208] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.920176][T13208] R13: 00007f94aec16038 R14: 00007f94aec15fa0 R15: 00007ffcd18c3ef8
[  327.920209][T13208]  </TASK>
[  327.921800][T13208] Mem-Info:
[  328.215158][T13208] active_anon:37685 inactive_anon:0 isolated_anon:0
[  328.215158][T13208]  active_file:16547 inactive_file:40484 isolated_file:0
[  328.215158][T13208]  unevictable:768 dirty:210 writeback:0
[  328.215158][T13208]  slab_reclaimable:11627 slab_unreclaimable:100823
[  328.215158][T13208]  mapped:37640 shmem:32820 pagetables:1599
[  328.215158][T13208]  sec_pagetables:3 bounce:0
[  328.215158][T13208]  kernel_misc_reclaimable:0
[  328.215158][T13208]  free:1284070 free_pcp:12505 free_cma:0
[  328.298580][T13208] Node 0 active_anon:151140kB inactive_anon:0kB active_file:66188kB inactive_file:161736kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:150760kB dirty:820kB writeback:0kB shmem:130144kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12740kB pagetables:6252kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB
[  328.383226][T13208] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:20kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  328.468314][T13208] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  328.537423][T13208] lowmem_reserve[]: 0 2481 2483 2483 2483
[  328.546785][T13208] Node 0 DMA32 free:1175688kB boost:0kB min:34088kB low:42608kB high:51128kB reserved_highatomic:0KB free_highatomic:0KB active_anon:151840kB inactive_anon:0kB active_file:66188kB inactive_file:161736kB unevictable:1536kB writepending:820kB zspages:92kB present:3129332kB managed:2541392kB mlocked:0kB bounce:0kB free_pcp:51048kB local_pcp:26892kB free_cma:0kB
[  328.634157][T13208] lowmem_reserve[]: 0 0 1 1 1
[  328.643104][T13208] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1560kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  328.706588][T13208] lowmem_reserve[]: 0 0 0 0 0
[  328.716796][T13208] Node 1 Normal free:3943032kB boost:0kB min:55792kB low:69740kB high:83688kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:20kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  328.757152][T13208] lowmem_reserve[]: 0 0 0 0 0
[  328.788595][T13208] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  328.807554][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  328.832043][T13208] Node 0 DMA32: 13*4kB (E) 1278*8kB (UME) 562*16kB (UME) 161*32kB (UE) 125*64kB (UM) 231*128kB (UME) 167*256kB (UME) 111*512kB (UM) 80*1024kB (UM) 39*2048kB (UM) 208*4096kB (UM) = 1175332kB
[  328.851740][T13208] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  328.864921][T13208] Node 1 Normal: 0*4kB 3*8kB (UM) 8*16kB (UM) 5*32kB (UM) 9*64kB (UM) 6*128kB (UM) 4*256kB (UM) 4*512kB (UM) 2*1024kB (UM) 4*2048kB (UM) 959*4096kB (M) = 3943032kB
[  328.883940][T13208] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  328.945054][T13208] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  328.965838][T13208] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  328.975911][   T24] usb 6-1: Using ep0 maxpacket: 32
[  328.989625][   T24] usb 6-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  329.000070][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.010001][T13208] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  329.034174][   T24] usb 6-1: config 0 descriptor??
[  329.041325][T13208] 89817 total pagecache pages
[  329.049181][T13208] 13 pages in swap cache
[  329.062621][   T24] gspca_main: sunplus-2.14.0 probing 041e:400b
[  329.070622][T13208] Free swap  = 124944kB
[  329.074927][T13208] Total swap = 124996kB
[  329.080551][T13208] 2097051 pages RAM
[  329.084474][T13208] 0 pages HighMem/MovableOnly
[  329.104658][T13208] 429698 pages reserved
[  329.119521][T13208] 0 pages cma reserved
[  329.217657][ T5835] Bluetooth: hci1: command tx timeout
[  329.226540][ T5912] imon:imon_init_intf0: usb_submit_urb failed for intf0 (-90)
[  329.258640][ T5912] imon 7-1:0.0: unable to initialize intf0, err -90
[  329.277521][ T5912] imon:imon_probe: failed to initialize context!
[  329.296061][ T5912] imon 7-1:0.0: unable to register, err -19
[  329.317019][ T5912] usb 7-1: USB disconnect, device number 2
[  329.448850][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  329.538132][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  329.549185][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  329.896830][T13243] overlayfs: failed to clone upperpath
[  330.035074][T13248] lo speed is unknown, defaulting to 1000
[  330.129623][T13251] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2963'.
[  330.371220][T13254] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2963'.
[  330.383160][T11835] block nbd64: NBD_DISCONNECT
[  330.396543][T13254] nbd: device at index 64 is going down
[  330.474349][   T24] gspca_sunplus: reg_w_riv err -110
[  330.491358][   T24] sunplus 6-1:0.0: probe with driver sunplus failed with error -110
[  330.544417][T13260] netlink: 'syz.2.2966': attribute type 1 has an invalid length.
[  330.575117][T13260] netlink: 'syz.2.2966': attribute type 4 has an invalid length.
[  330.591899][T13260] netlink: 15294 bytes leftover after parsing attributes in process `syz.2.2966'.
[  331.185389][T13280] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2974'.
[  331.270085][T13282] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2974'.
[  331.337168][T13282] nbd: device at index 64 is going down
[  331.642749][T11721] udevd[11721]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  332.160866][   T10] IPVS: starting estimator thread 0...
[  332.250297][T13300] IPVS: using max 29 ests per chain, 69600 per kthread
[  333.202090][ T5912] libceph: connect (1)[c::]:6789 error -101
[  333.236859][ T5912] libceph: mon0 (1)[c::]:6789 connect error
[  333.267656][T13328] ceph: No mds server is up or the cluster is laggy
[  334.460730][T13358] sctp: [Deprecated]: syz.4.3005 (pid 13358) Use of int in maxseg socket option.
[  334.460730][T13358] Use struct sctp_assoc_value instead
[  334.577520][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[  335.677492][ T5912] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  335.827472][ T5912] usb 7-1: Using ep0 maxpacket: 32
[  335.836206][ T5912] usb 7-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  335.845846][ T5912] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.860601][ T5912] usb 7-1: config 0 descriptor??
[  335.874987][ T5912] gspca_main: sq930x-2.14.0 probing 041e:403c
[  336.887625][ T5912] gspca_sq930x: ucbus_write failed -71
[  336.893342][ T5912] sq930x 7-1:0.0: probe with driver sq930x failed with error -71
[  336.925901][ T5912] usb 7-1: USB disconnect, device number 3
[  337.494741][T13411] overlayfs: failed to resolve './file2': -2
[  338.669838][T13461] tipc: Started in network mode
[  338.683079][T13461] tipc: Node identity ac14140f, cluster identity 4711
[  338.698103][T13461] tipc: New replicast peer: 10.1.1.0
[  338.713397][T13461] tipc: Enabled bearer <udp:syz2>, priority 10
[  338.745830][T13461] tipc: New replicast peer: 100.1.1.2
[  339.061263][T13474] tipc: Failed to remove unknown binding: 66,1,1/0:717870294/717870296
[  339.084848][T13474] tipc: Failed to remove unknown binding: 66,1,1/0:717870294/717870296
[  339.507538][ T1218] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  339.618461][ T5883] libceph: connect (1)[c::]:6789 error -101
[  339.624737][ T5883] libceph: mon0 (1)[c::]:6789 connect error
[  339.667476][ T1218] usb 7-1: Using ep0 maxpacket: 16
[  339.684627][ T1218] usb 7-1: config 0 has an invalid interface number: 251 but max is 0
[  339.703772][ T1218] usb 7-1: config 0 has no interface number 0
[  339.719284][ T1218] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  339.745389][ T1218] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  339.784911][ T1218] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  339.808608][ T1218] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.830435][ T1218] usb 7-1: Product: syz
[  339.830716][ T5883] tipc: Node number set to 2886997007
[  339.842518][ T1218] usb 7-1: Manufacturer: syz
[  339.864593][ T1218] usb 7-1: SerialNumber: syz
[  339.890358][ T1218] usb 7-1: config 0 descriptor??
[  339.891193][ T5883] libceph: connect (1)[c::]:6789 error -101
[  339.909833][T13481] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  339.920935][ T5883] libceph: mon0 (1)[c::]:6789 connect error
[  339.926684][T13481] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  340.151681][T13481] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  340.192415][T13481] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  340.395933][T13486] ceph: No mds server is up or the cluster is laggy
[  340.634161][ T1218] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  340.651841][ T1218] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71
[  340.690545][ T1218] asix 7-1:0.251: probe with driver asix failed with error -71
[  340.736764][ T1218] usb 7-1: USB disconnect, device number 4
[  341.014883][T13520] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  341.810497][T13554] netlink: 'syz.5.3087': attribute type 29 has an invalid length.
[  341.821386][T13554] netlink: 'syz.5.3087': attribute type 29 has an invalid length.
[  341.834303][T13554] netlink: 500 bytes leftover after parsing attributes in process `syz.5.3087'.
[  341.897777][T13556] tipc: Failed to remove unknown binding: 66,1,1/0:652128811/652128813
[  341.937456][T13556] tipc: Failed to remove unknown binding: 66,1,1/0:652128811/652128813
[  342.000402][T13560] overlayfs: failed to clone upperpath
[  343.870415][T13609] fuse: root generation should be zero
[  343.944442][    T9] libceph: connect (1)[c::]:6789 error -101
[  343.954775][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  344.217929][    T9] libceph: connect (1)[c::]:6789 error -101
[  344.224944][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  344.314880][T13619] overlayfs: failed to clone upperpath
[  344.738962][    T9] libceph: connect (1)[c::]:6789 error -101
[  344.746152][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  344.762073][T13613] ceph: No mds server is up or the cluster is laggy
[  345.374803][T13576] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  345.485900][   T30] audit: type=1800 audit(2000000196.470:158): pid=13651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3122" name="file0" dev="overlay" ino=676 res=0 errno=0
[  345.660601][T13660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  345.685242][T13660] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.877644][    T9] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  346.057448][    T9] usb 7-1: Using ep0 maxpacket: 32
[  346.071678][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.105895][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  346.137420][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  346.167421][    T9] usb 7-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  346.186935][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.213141][    T9] usb 7-1: config 0 descriptor??
[  346.544547][T13671] overlayfs: failed to clone upperpath
[  346.677279][    T9] input: HID 0458:5011 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0458:5011.001B/input/input15
[  346.819737][    T9] input: HID 0458:5011 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0458:5011.001B/input/input16
[  346.988868][    T9] kye 0003:0458:5011.001B: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.6-1/input0
[  347.435900][T13688] kvm: kvm [13687]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  347.459461][T13688] kvm: kvm [13687]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  347.737601][    C0] kye 0003:0458:5011.001B: usb_submit_urb(ctrl) failed: -1
[  348.187753][T13713] netlink: 566 bytes leftover after parsing attributes in process `syz.5.3147'.
[  348.345881][T13720] loop7: detected capacity change from 0 to 16384
[  348.566443][    T9] usb 7-1: USB disconnect, device number 5
[  348.871146][T13739] netlink: 566 bytes leftover after parsing attributes in process `syz.2.3159'.
[  353.418068][T13818] netlink: 'syz.2.3190': attribute type 10 has an invalid length.
[  353.431120][T13818] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3190'.
[  353.491552][T13818] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3190'.
[  353.556179][T13818] : entered promiscuous mode
[  356.115613][T13921] batadv_slave_1: entered promiscuous mode
[  356.139638][T13921] batadv_slave_1: left promiscuous mode
[  356.485900][T13930] pimreg: entered allmulticast mode
[  356.499781][T13939] pimreg: left allmulticast mode
[  356.746234][   T30] audit: type=1800 audit(2000000207.730:159): pid=13948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3238" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  357.018761][T13958] netlink: 'syz.5.3242': attribute type 10 has an invalid length.
[  357.037192][T13958] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3242'.
[  357.294450][T13958] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3242'.
[  357.344346][T13958] : entered promiscuous mode
[  357.500085][T13978] batadv_slave_1: entered promiscuous mode
[  357.517091][T13978] batadv_slave_1: left promiscuous mode
[  357.740014][T13987] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3254'.
[  358.042373][T13996] netlink: 156 bytes leftover after parsing attributes in process `syz.6.3257'.
[  358.913520][   T30] audit: type=1800 audit(2000000209.900:160): pid=14025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3265" name="SYSV00000000" dev="tmpfs" ino=4 res=0 errno=0
[  359.399040][T14042] IPv4: Oversized IP packet from 172.20.20.24
[  359.407743][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  359.415156][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  360.551605][T14090] kvm: kvm [14087]: vcpu2, guest rIP: 0x9138 Unhandled WRMSR(0x11e) = 0x0
[  360.963566][T14099] IPv4: Oversized IP packet from 172.20.20.24
[  360.971025][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  360.978162][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  361.128563][T14104] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3294'.
[  361.401732][T14112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3299'.
[  363.472064][T14166] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  363.530887][T14166] overlayfs: failed to set xattr on upper
[  363.562102][T14166] overlayfs: ...falling back to redirect_dir=nofollow.
[  363.585455][T14166] overlayfs: ...falling back to uuid=null.
[  363.611771][T14166] overlayfs: conflicting lowerdir path
[  363.773017][T14175] netlink: 'syz.6.3322': attribute type 9 has an invalid length.
[  363.799283][T14175] netlink: 'syz.6.3322': attribute type 11 has an invalid length.
[  363.826190][T14175] netlink: 'syz.6.3322': attribute type 12 has an invalid length.
[  363.851932][T14175] netlink: 210020 bytes leftover after parsing attributes in process `syz.6.3322'.
[  363.885797][T14175] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3322'.
[  366.115881][T14215] netlink: 'syz.2.3338': attribute type 1 has an invalid length.
[  366.148869][T14215] netlink: 'syz.2.3338': attribute type 4 has an invalid length.
[  366.186450][T14215] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3338'.
[  366.229049][T14216] netlink: 'syz.2.3338': attribute type 1 has an invalid length.
[  366.254211][T14216] netlink: 'syz.2.3338': attribute type 4 has an invalid length.
[  366.283896][T14216] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3338'.
[  367.570640][T14236] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.266781][T14236] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.670737][T14236] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.036115][T14236] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.315976][T14269] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  369.328450][T14269] overlayfs: failed to set xattr on upper
[  369.339287][T14269] overlayfs: ...falling back to index=off.
[  369.351024][T14269] overlayfs: ...falling back to uuid=null.
[  369.498948][T14271] overlayfs: failed to clone upperpath
[  369.719856][T14273] tmpfs: Turning off swap in unprivileged tmpfs mounts unsupported
[  370.139793][  T142] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.309789][T14287] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3368'.
[  370.379667][ T1048] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.551460][T14289] sctp: [Deprecated]: syz.6.3369 (pid 14289) Use of struct sctp_assoc_value in delayed_ack socket option.
[  370.551460][T14289] Use struct sctp_sack_info instead
[  370.755009][   T12] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.015730][  T142] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.421246][T14299] futex_wake_op: syz.4.3373 tries to shift op by -1; fix this program
[  373.187516][ T5912] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  373.282503][T14337] overlayfs: failed to clone upperpath
[  373.363432][ T5912] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  373.411020][ T5912] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  373.447419][ T5912] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.490791][T14340] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3390'.
[  373.493543][ T5912] usb 7-1: config 0 descriptor??
[  373.597607][T14342] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3390'.
[  373.971313][ T5912] keytouch 0003:0926:3333.001C: fixing up Keytouch IEC report descriptor
[  374.072015][ T5912] input: HID 0926:3333 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0926:3333.001C/input/input17
[  374.356217][ T5912] keytouch 0003:0926:3333.001C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.6-1/input0
[  374.593165][ T5912] usb 7-1: USB disconnect, device number 6
[  374.923031][T14362] overlayfs: failed to clone upperpath
[  374.945452][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  376.146463][T14399] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  376.162245][T14399] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  376.181097][T14400] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3413'.
[  376.195313][T14399] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  376.287148][T14399] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  376.337096][T14400] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  376.386201][T14406] netlink: 'syz.5.3416': attribute type 2 has an invalid length.
[  376.400013][T14406] netlink: 'syz.5.3416': attribute type 2 has an invalid length.
[  376.458707][T14399] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  376.483995][T14400] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  376.546939][T14400] bond0 (unregistering): Released all slaves
[  376.629210][ T5912] syz1: Port: 1 Link DOWN
[  376.934084][T14325] smbdirect: ib_dev[syz1] removed
[  376.991822][T14423] overlayfs: failed to clone upperpath
[  377.004261][T14423] overlayfs: failed to clone lowerpath
[  377.258581][T14434] netlink: 'syz.5.3429': attribute type 4 has an invalid length.
[  377.328587][T14434] netlink: 'syz.5.3429': attribute type 4 has an invalid length.
[  377.590084][T14444] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  377.601425][T14444] overlayfs: failed to set xattr on upper
[  377.614154][T14444] overlayfs: ...falling back to redirect_dir=nofollow.
[  377.633314][T14444] overlayfs: ...falling back to index=off.
[  377.643544][T14444] overlayfs: ...falling back to uuid=null.
[  377.657851][T14444] overlayfs: ...falling back to xino=off.
[  378.474030][T14468] lo speed is unknown, defaulting to 1000
[  378.593850][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  378.600705][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  379.462598][T14475] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  380.078853][T14502] binder: 14497:14502 unknown command 0
[  380.156726][T14502] binder: 14497:14502 ioctl c0306201 200000000640 returned -22
[  380.635460][T14512] tipc: Failed to remove unknown binding: 66,1,1/0:4241999866/4241999868
[  381.955541][T14540] overlayfs: failed to clone upperpath
[  382.018049][   T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  382.188097][   T10] usb 7-1: Using ep0 maxpacket: 32
[  382.206464][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.234185][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  382.262100][   T10] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  382.290349][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.314461][   T10] usb 7-1: config 0 descriptor??
[  382.360196][   T10] hub 7-1:0.0: USB hub found
[  382.568650][   T10] hub 7-1:0.0: 1 port detected
[  382.631002][T14553] cgroup: Setting release_agent not allowed
[  383.199207][   T10] hub 7-1:0.0: activate --> -90
[  383.580229][T14584] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  383.587413][T14584] overlayfs: failed to set xattr on upper
[  383.593942][T14584] overlayfs: ...falling back to redirect_dir=nofollow.
[  383.603668][T14584] overlayfs: ...falling back to index=off.
[  383.612503][    T9] usb 7-1: USB disconnect, device number 7
[  383.622052][T14584] overlayfs: ...falling back to uuid=null.
[  383.635950][T14584] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  383.695077][T14587] tipc: Can't bind to reserved service type 1
[  383.847520][   T10] usb 7-1-port1: config error
[  384.684845][T14612] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  385.813030][T14632] lo speed is unknown, defaulting to 1000
[  386.641843][T14642] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3507'.
[  387.384730][T14650] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3509'.
[  387.574627][T14654] overlayfs: failed to clone upperpath
[  387.600809][   T30] audit: type=1326 audit(2000000238.590:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14655 comm="syz.6.3513" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f94ae996517 code=0x0
[  389.913013][T14719] netlink: 176 bytes leftover after parsing attributes in process `syz.2.3540'.
[  389.938201][T14719] ip6gretap0: entered promiscuous mode
[  389.949571][T14719] netlink: 176 bytes leftover after parsing attributes in process `syz.2.3540'.
[  390.749933][T14732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3546'.
[  392.370327][T14769] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3561'.
[  392.393152][T14769] unsupported nlmsg_type 40
[  393.505403][T14800] netlink: 703 bytes leftover after parsing attributes in process `syz.5.3574'.
[  394.287604][T14827] 9pnet: p9_errstr2errno: server reported unknown error 0x000000
[  396.347248][T14881] overlayfs: failed lookup in upper (155/file1, name='file0', err=-40): overlapping layers
[  396.797480][ T5883] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  396.957632][ T5883] usb 7-1: Using ep0 maxpacket: 32
[  397.016078][ T5883] usb 7-1: unable to get BOS descriptor or descriptor too short
[  397.034179][ T5883] usb 7-1: unable to read config index 0 descriptor/start: -71
[  397.046943][ T5883] usb 7-1: can't read configurations, error -71
[  397.238418][T14895] debugfs: 'netdev:nicvf0' already exists in 'phy5'
[  397.685600][T14900] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.926313][T14900] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.131449][T14900] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.268972][T14900] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.536052][ T7418] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  398.604034][ T7416] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  398.628087][ T7416] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  398.662848][ T7416] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.777594][T14910] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  398.787814][T14910] overlayfs: failed to set xattr on upper
[  398.794812][T14910] overlayfs: ...falling back to redirect_dir=nofollow.
[  398.803977][T14910] overlayfs: ...falling back to metacopy=off.
[  398.814995][T14910] overlayfs: ...falling back to index=off.
[  398.829187][T14910] overlayfs: ...falling back to uuid=null.
[  399.093518][T14924] overlayfs: failed to clone upperpath
[  401.031207][T14958] netlink: 168 bytes leftover after parsing attributes in process `syz.6.3637'.
[  402.354573][T15001] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3654'.
[  404.580504][T15054] overlayfs: failed to clone lowerpath
[  404.619148][T15054] overlayfs: failed to clone upperpath
[  405.013979][T15068] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000
[  405.463438][T15088] overlayfs: failed to clone upperpath
[  405.763805][T15097] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3694'.
[  405.773491][T15097] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3694'.
[  405.875499][T15102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3695'.
[  405.895548][T15102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3695'.
[  406.377784][ T5883] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  406.403212][T15119] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3702'.
[  406.416568][T15119] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3702'.
[  406.539110][ T5883] usb 7-1: Using ep0 maxpacket: 32
[  406.561804][ T5883] usb 7-1: config 0 has no interfaces?
[  406.605958][ T5883] usb 7-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  406.625075][ T5883] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.654255][ T5883] usb 7-1: Product: syz
[  406.660808][ T5883] usb 7-1: Manufacturer: syz
[  406.675690][ T5883] usb 7-1: SerialNumber: syz
[  406.703030][ T5883] usb 7-1: config 0 descriptor??
[  406.812051][T15134] netlink: 'syz.2.3707': attribute type 83 has an invalid length.
[  406.880176][T15138] netlink: 'syz.2.3707': attribute type 83 has an invalid length.
[  406.977809][ T5883] usb 7-1: USB disconnect, device number 10
[  407.324451][T15143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3711'.
[  407.341093][T15143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3711'.
[  407.645179][T15155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.671056][T15155] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  408.187445][ T5883] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  408.277833][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  408.367932][ T5883] usb 7-1: Using ep0 maxpacket: 32
[  408.376370][ T5883] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.399774][ T5883] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  408.492902][ T5883] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  408.533711][ T5883] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.564648][ T5883] usb 7-1: Product: syz
[  408.587584][ T5883] usb 7-1: Manufacturer: syz
[  408.605158][ T5883] usb 7-1: SerialNumber: syz
[  408.646710][ T5883] usb 7-1: config 0 descriptor??
[  409.371559][ T5912] usb 7-1: USB disconnect, device number 11
[  409.600308][T15185] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3728'.
[  412.054647][   T30] audit: type=1804 audit(2000000263.040:162): pid=15246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.3750" name="bus" dev="ramfs" ino=49196 res=1 errno=0
[  412.804857][T15275] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3760'.
[  415.918785][T15352] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3793'.
[  416.114364][   T30] audit: type=1800 audit(2000000267.100:163): pid=15354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3794" name="bus" dev="ramfs" ino=49317 res=0 errno=0
[  416.497687][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[  418.260556][T15396] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  418.298722][T15396] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  419.110218][   T30] audit: type=1800 audit(2000000270.090:164): pid=15411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3817" name="bus" dev="overlay" ino=1114 res=0 errno=0
[  420.216802][T15434] netlink: 703 bytes leftover after parsing attributes in process `syz.5.3826'.
[  422.118766][T15459] lo speed is unknown, defaulting to 1000
[  423.355298][T15499] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3852'.
[  423.901864][T15512] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3858'.
[  423.922994][T15512] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3858'.
[  424.275511][   T30] audit: type=1326 audit(2000000275.260:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15519 comm="syz.5.3862" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f111859c799 code=0x0
[  424.302310][T15523] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3863'.
[  424.311857][T15523] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3863'.
[  424.947471][   T24] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  425.103332][   T24] usb 7-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  425.112850][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.124889][   T24] usb 7-1: Product: syz
[  425.129207][   T24] usb 7-1: Manufacturer: syz
[  425.134044][   T24] usb 7-1: SerialNumber: syz
[  425.148032][   T24] usb 7-1: config 0 descriptor??
[  425.165129][   T24] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  425.194422][   T30] audit: type=1800 audit(2000000276.180:166): pid=15540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3870" name="bus" dev="overlay" ino=1542 res=0 errno=0
[  425.349766][T15544] netlink: 'syz.2.3872': attribute type 10 has an invalid length.
[  425.832722][T15564] overlayfs: failed to clone upperpath
[  427.002660][   T24] gspca_stk1135: reg_w 0x200 err -71
[  427.017561][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.027418][   T24] gspca_stk1135: Sensor write failed
[  427.035026][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.041930][   T24] gspca_stk1135: Sensor write failed
[  427.048475][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.061010][   T24] gspca_stk1135: Sensor read failed
[  427.066405][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.076086][   T24] gspca_stk1135: Sensor read failed
[  427.090077][   T24] gspca_stk1135: Detected sensor type unknown (0x0)
[  427.108233][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.117004][   T24] gspca_stk1135: Sensor read failed
[  427.136022][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.145492][   T24] gspca_stk1135: Sensor read failed
[  427.151778][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.168088][   T24] gspca_stk1135: Sensor write failed
[  427.174915][   T24] gspca_stk1135: serial bus timeout: status=0x00
[  427.182212][   T24] gspca_stk1135: Sensor write failed
[  427.188984][   T24] stk1135 7-1:0.0: probe with driver stk1135 failed with error -71
[  427.206999][   T24] usb 7-1: USB disconnect, device number 12
[  427.356820][T15586] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3889'.
[  427.464675][T15588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  427.475966][T15588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.828995][T15636] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3912'.
[  429.849189][T15636] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3912'.
[  430.410092][T15647] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3917'.
[  431.557681][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.586748][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.619304][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.655395][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.680996][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.711565][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.743537][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.764360][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.785359][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  431.821092][T15667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  432.284524][T15678] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3930'.
[  433.047847][T15705] binder: 15704:15705 ioctl c0306201 2000000003c0 returned -14
[  433.357543][  T803] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  433.527681][  T803] usb 7-1: Using ep0 maxpacket: 16
[  433.561436][  T803] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  433.597772][  T803] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  433.621850][  T803] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  433.637683][  T803] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.659575][  T803] usb 7-1: Product: syz
[  433.679300][  T803] usb 7-1: Manufacturer: syz
[  433.694176][  T803] usb 7-1: SerialNumber: syz
[  433.711355][  T803] usb 7-1: config 0 descriptor??
[  433.732174][  T803] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  433.748101][  T803] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  434.335933][  T803] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  434.357246][  T803] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[  434.977681][  T803] em28xx 7-1:0.0: Unknown AC97 audio processor detected!
[  435.212822][  T803] em28xx 7-1:0.0: couldn't setup AC97 register 2
[  435.235918][  T803] em28xx 7-1:0.0: couldn't setup AC97 register 4
[  435.258335][  T803] em28xx 7-1:0.0: couldn't setup AC97 register 6
[  435.271078][  T803] em28xx 7-1:0.0: couldn't setup AC97 register 54
[  435.279430][  T803] em28xx 7-1:0.0: couldn't setup AC97 register 56
[  435.302792][  T803] usb 7-1: USB disconnect, device number 13
[  435.615729][   T30] audit: type=1800 audit(2000000286.600:167): pid=15785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3973" name="bus" dev="overlay" ino=1683 res=0 errno=0
[  435.889674][T15797] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  435.896951][T15797] overlayfs: failed to set xattr on upper
[  435.903753][T15797] overlayfs: ...falling back to redirect_dir=nofollow.
[  435.924404][T15797] overlayfs: ...falling back to index=off.
[  435.936704][T15800] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  435.944819][T15797] overlayfs: ...falling back to uuid=null.
[  436.084912][   T30] audit: type=1800 audit(2000000287.070:168): pid=15807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3982" name="bus" dev="overlay" ino=1375 res=0 errno=0
[  437.993702][T15850] netlink: 'syz.2.3997': attribute type 12 has an invalid length.
[  438.330245][T15858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  438.410812][T15858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  438.510430][T15858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  439.096373][T15884] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4010'.
[  440.027798][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  440.034245][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  440.596302][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.625770][T15916] net_ratelimit: 74 callbacks suppressed
[  440.625790][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.643279][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.653005][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.670236][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.687558][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.696939][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.709156][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.719628][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.728806][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.739259][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.748927][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.758362][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.767579][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.777059][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.786524][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.796791][T15916] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4021'.
[  440.806295][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  440.833651][T15916] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  443.108887][T15979] netlink: 'syz.2.4042': attribute type 83 has an invalid length.
[  443.172190][T15980] netlink: 'syz.2.4042': attribute type 83 has an invalid length.
[  443.925623][T15993] kvm: pic: non byte write
[  443.998529][T16003] netlink: 'syz.2.4052': attribute type 29 has an invalid length.
[  446.158034][ T5835] Bluetooth: hci2: adv larger than maximum supported
[  446.158113][ T5835] Bluetooth: hci2: Malformed LE Event: 0x0d
[  446.524423][T16071] net_ratelimit: 114 callbacks suppressed
[  446.524438][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.538900][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.547431][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.556792][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.574734][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.583806][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.593255][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.604610][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.618278][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  446.627081][T16071] openvswitch: netlink: Flow actions attr not present in new flow.
[  447.238926][ T5835] Bluetooth: hci1: command 0x0406 tx timeout
[  447.416094][T16090] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  447.865990][   T49] wlan1: Trigger new scan to find an IBSS to join
[  448.643361][T16125] __nla_validate_parse: 55 callbacks suppressed
[  448.643384][T16125] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4099'.
[  448.678112][T16127] binder: 16126:16127 ioctl c0306201 2000000001c0 returned -14
[  448.815923][T16132] netlink: 'syz.5.4102': attribute type 11 has an invalid length.
[  449.393836][T16153] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4110'.
[  449.405812][T16153] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4110'.
[  449.766482][T16168] overlayfs: failed to clone upperpath
[  449.888738][T16179] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  449.888738][T16179] The task syz.2.4118 (16179) triggered the difference, watch for misbehavior.
[  449.972522][T16182] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4121'.
[  450.046414][T16185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.058956][T16185] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.107180][T16182] nbd: socks must be embedded in a SOCK_ITEM attr
[  450.115447][T16186] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4121'.
[  450.132362][T11721] block nbd64: NBD_DISCONNECT
[  450.149348][T16186] nbd: nbd64 already in use
[  450.325992][T11721] udevd[11721]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  450.904116][ T7421] wlan1: Trigger new scan to find an IBSS to join
[  451.133484][T16218] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  451.157486][T16218] overlayfs: failed to set xattr on upper
[  451.176469][T16218] overlayfs: ...falling back to redirect_dir=nofollow.
[  451.197438][T16218] overlayfs: ...falling back to index=off.
[  451.211170][T16218] overlayfs: ...falling back to uuid=null.
[  451.220945][T16218] overlayfs: failed to clone lowerpath
[  451.511806][T16227] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4138'.
[  451.523846][T16227] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4138'.
[  452.027457][T16244] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4145'.
[  452.036696][T16244] net_ratelimit: 47 callbacks suppressed
[  452.036714][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.054558][T16244] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4145'.
[  452.064182][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.074333][T16244] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4145'.
[  452.087852][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.106906][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.118218][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.132444][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.146988][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.156782][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.168286][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.198068][T16244] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  452.360986][   T30] audit: type=1326 audit(2000000303.350:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16250 comm="syz.2.4147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x7fc00000
[  452.384562][   T30] audit: type=1326 audit(2000000303.380:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16250 comm="syz.2.4147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1f0b99c799 code=0x7fc00000
[  453.857963][ T7416] wlan1: Trigger new scan to find an IBSS to join
[  454.763642][ T7421] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00
[  455.435495][T16301] tipc: Started in network mode
[  455.469147][T16301] tipc: Node identity ac1414aa, cluster identity 4711
[  455.499819][T16301] tipc: Enabled bearer <udp:syz2>, priority 10
[  455.560468][T16301] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  456.387219][T16342] __nla_validate_parse: 15 callbacks suppressed
[  456.387241][T16342] netlink: 14 bytes leftover after parsing attributes in process `syz.6.4180'.
[  456.439166][T16342] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  456.452182][ T5912] IPVS: starting estimator thread 0...
[  456.465357][T16342] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  456.496563][T16342] bond0 (unregistering): Released all slaves
[  456.568861][T16346] IPVS: using max 25 ests per chain, 60000 per kthread
[  456.617524][   T29] tipc: Node number set to 2886997162
[  457.282628][T16380] pimreg: entered allmulticast mode
[  457.338452][T16380] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4195'.
[  457.344438][T16382] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  457.600437][   T30] audit: type=1800 audit(2000000308.590:171): pid=16393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4201" name="bus" dev="overlay" ino=1627 res=0 errno=0
[  458.153904][T16409] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  458.160788][T16409] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  458.226648][T16409] vhci_hcd vhci_hcd.0: Device attached
[  458.397586][  T803] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  458.467432][  T803] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[  458.950762][T16410] vhci_hcd: connection reset by peer
[  458.986026][  T142] vhci_hcd vhci_hcd.5: stop threads
[  458.999257][  T142] vhci_hcd vhci_hcd.5: release socket
[  459.014592][  T142] vhci_hcd vhci_hcd.5: disconnect device
[  460.455485][T16466] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  460.462066][T16466] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  460.493058][T16466] vhci_hcd vhci_hcd.0: Device attached
[  460.667485][   T29] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  460.731734][   T29] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  461.285221][T16467] vhci_hcd: connection reset by peer
[  461.303215][T14325] vhci_hcd vhci_hcd.6: stop threads
[  461.311514][T14325] vhci_hcd vhci_hcd.6: release socket
[  461.322834][T14325] vhci_hcd vhci_hcd.6: disconnect device
[  461.366305][T16482] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4232'.
[  461.477581][T16484] binder: 16483:16484 ioctl c0306201 2000000003c0 returned -14
[  462.412796][T16496] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4236'.
[  462.991480][T16484] syz.5.4233 (16484): drop_caches: 2
[  463.269623][T16504] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  463.607468][  T803] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  464.100937][T16521] could not allocate digest TFM handle cryptd(blake2b-160)
[  464.331734][   T30] audit: type=1326 audit(2000000315.320:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.2.4250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f0b99c799 code=0x0
[  464.737490][  T803] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  464.900369][  T803] usb 7-1: unable to get BOS descriptor or descriptor too short
[  464.915969][  T803] usb 7-1: config 63 has an invalid interface number: 66 but max is 0
[  464.935353][  T803] usb 7-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config
[  464.947561][  T803] usb 7-1: config 63 has no interface number 0
[  464.953877][  T803] usb 7-1: config 63 interface 66 has no altsetting 0
[  464.965048][  T803] usb 7-1: New USB device found, idVendor=174f, idProduct=8acf, bcdDevice=39.f4
[  464.974918][  T803] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.999586][  T803] usb 7-1: Product: syz
[  465.013421][  T803] usb 7-1: Manufacturer: syz
[  465.025171][  T803] usb 7-1: SerialNumber: syz
[  465.058242][T16551] pimreg: entered allmulticast mode
[  465.181334][T16553] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4257'.
[  465.213045][T16553] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4257'.
[  465.260395][  T803] uvcvideo 7-1:63.66: Found UVC 0.07 device syz (174f:8acf)
[  465.273395][T16556] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4259'.
[  465.279684][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 6 on unit 1: -71 (exp. 1).
[  465.287661][T16556] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4259'.
[  465.323808][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 9 on unit 1: -71 (exp. 1).
[  465.350114][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 1 on unit 1: -71 (exp. 1).
[  465.369945][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 4 on unit 1: -71 (exp. 1).
[  465.394837][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 17 on unit 1: -71 (exp. 1).
[  465.413450][T16558] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4258'.
[  465.423628][  T803] uvcvideo 7-1:63.66: No streaming interface found for terminal 29.
[  465.433428][  T803] uvcvideo 7-1:63.66: Entity type for entity Output 32773 was not initialized!
[  465.462069][  T803] usb 7-1: USB disconnect, device number 14
[  465.510882][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  465.520136][    T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!!
[  465.713706][T16565] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4262'.
[  465.837935][T16569] lo speed is unknown, defaulting to 1000
[  465.847496][   T29] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  465.857656][  T803] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  466.021670][  T803] usb 7-1: unable to get BOS descriptor or descriptor too short
[  466.047503][  T803] usb 7-1: not running at top speed; connect to a high speed hub
[  466.061178][  T803] usb 7-1: config 63 has an invalid interface number: 66 but max is 0
[  466.072244][  T803] usb 7-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config
[  466.118370][  T803] usb 7-1: config 63 has no interface number 0
[  466.128178][  T803] usb 7-1: config 63 interface 66 has no altsetting 0
[  466.152799][  T803] usb 7-1: string descriptor 0 read error: -22
[  466.162057][  T803] usb 7-1: New USB device found, idVendor=174f, idProduct=8acf, bcdDevice=39.f4
[  466.188568][  T803] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.257271][  T803] uvcvideo 7-1:63.66: Found UVC 0.07 device <unnamed> (174f:8acf)
[  466.454360][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC error code control 6 on unit 1: -32 (exp. 1).
[  466.487780][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 9 on unit 1: -71 (exp. 1).
[  466.508459][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 1 on unit 1: -71 (exp. 1).
[  466.541263][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 4 on unit 1: -71 (exp. 1).
[  466.556193][T16585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  466.585461][  T803] uvcvideo 7-1:63.66: Failed to query (GET_INFO) UVC control 17 on unit 1: -71 (exp. 1).
[  466.618442][  T803] uvcvideo 7-1:63.66: No streaming interface found for terminal 29.
[  466.637390][  T803] uvcvideo 7-1:63.66: Entity type for entity Output 32773 was not initialized!
[  466.661011][T16587] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4268'.
[  466.677029][  T803] usb 7-1: USB disconnect, device number 15
[  466.709887][T16585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  466.815665][ T5148] Bluetooth: hci2: unexpected cc 0x1004 length: 6 < 11
[  466.823689][ T5148] Bluetooth: hci2: unexpected event for opcode 0x1004
[  467.145908][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  467.161125][T16599] tipc: Started in network mode
[  467.166124][T16599] tipc: Node identity 7f000001, cluster identity 4711
[  467.174004][T16599] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  467.192812][T16599] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  467.202208][T16599] tipc: Enabled bearer <udp:syz0>, priority 10
[  467.249518][   T30] audit: type=1326 audit(2000000318.240:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.2.4275" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f0b99c799 code=0x0
[  467.407516][   T29] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  467.564975][   T29] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  467.590531][   T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.607152][   T29] usb 7-1: Product: syz
[  467.619137][   T29] usb 7-1: Manufacturer: syz
[  467.633810][   T29] usb 7-1: SerialNumber: syz
[  467.660689][   T29] usb 7-1: config 0 descriptor??
[  467.735057][ T5148] Bluetooth: hci3: unexpected cc 0x1004 length: 6 < 11
[  467.896997][   T29] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  468.197519][ T1218] tipc: Node number set to 2130706433
[  469.134395][T16638] lo speed is unknown, defaulting to 1000
[  469.315230][   T29] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  469.335073][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  469.345978][   T29] usb 7-1: USB disconnect, device number 16
[  469.389683][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  469.759986][T16643] netlink: 'syz.4.4288': attribute type 4 has an invalid length.
[  469.794483][T16643] netlink: 'syz.4.4288': attribute type 4 has an invalid length.
[  469.811450][T16645] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4289'.
[  469.824049][T16645] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4289'.
[  470.900165][ T5148] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  470.909795][ T5148] Bluetooth: hci2: Injecting HCI hardware error event
[  470.924843][ T5835] Bluetooth: hci2: hardware error 0x00
[  471.782977][ T5148] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  471.792336][ T5148] Bluetooth: hci3: Injecting HCI hardware error event
[  471.804974][ T5148] Bluetooth: hci3: hardware error 0x00
[  472.337467][   T30] audit: type=1326 audit(2000000323.320:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.398626][   T30] audit: type=1326 audit(2000000323.320:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.426782][   T30] audit: type=1326 audit(2000000323.360:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.450161][   T30] audit: type=1326 audit(2000000323.360:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.473455][   T30] audit: type=1326 audit(2000000323.360:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.517579][   T30] audit: type=1326 audit(2000000323.360:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.570945][   T30] audit: type=1326 audit(2000000323.360:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.649037][   T30] audit: type=1326 audit(2000000323.360:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.710246][   T30] audit: type=1326 audit(2000000323.360:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.736155][T16700] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4308'.
[  472.746077][   T30] audit: type=1326 audit(2000000323.360:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16694 comm="syz.6.4305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94ae99c799 code=0x7ffc0000
[  472.977536][ T5835] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  473.427442][   T10] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  473.611478][   T10] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  473.625339][   T10] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  473.653688][   T10] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  473.672298][   T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  473.693070][   T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  473.713816][   T10] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  473.728464][   T10] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  473.747097][   T10] usb 7-1: Product: syz
[  473.761360][   T10] usb 7-1: Manufacturer: syz
[  473.779609][   T10] cdc_wdm 7-1:1.0: skipping garbage
[  473.787155][   T10] cdc_wdm 7-1:1.0: skipping garbage
[  473.813805][   T10] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  473.821472][   T10] cdc_wdm 7-1:1.0: Unknown control protocol
[  473.860469][ T5148] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  475.812885][T16747] netlink: 'syz.2.4326': attribute type 11 has an invalid length.
[  476.207450][ T5912] usb 7-1: USB disconnect, device number 17
[  476.447154][T16758] netlink: 'syz.6.4331': attribute type 4 has an invalid length.
[  477.027824][T16768] kvm: pic: single mode not supported
[  477.027982][T16768] kvm: pic: level sensitive irq not supported
[  477.034074][T16768] kvm: pic: single mode not supported
[  478.181061][T16792] lo speed is unknown, defaulting to 1000
[  481.881331][T16840] netlink: 'syz.6.4359': attribute type 29 has an invalid length.
[  481.891258][T16840] netlink: 'syz.6.4359': attribute type 29 has an invalid length.
[  481.901249][T16840] netlink: 500 bytes leftover after parsing attributes in process `syz.6.4359'.
[  588.517755][    C1] ------------[ cut here ]------------
[  588.524481][    C1] 1
[  588.524509][    C1] WARNING: kernel/rcu/tree_stall.h:1049 at rcu_check_gp_start_stall+0x2e4/0x470, CPU#1: syz.6.4373/16873
[  588.538277][    C1] Modules linked in:
[  588.543069][    C1] CPU: 1 UID: 0 PID: 16873 Comm: syz.6.4373 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.554226][    C1] Tainted: [L]=SOFTLOCKUP
[  588.558584][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  588.568668][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2e4/0x470
[  588.575038][    C1] Code: ff ff 48 c7 c7 c0 b4 72 9a be 04 00 00 00 e8 13 f2 84 00 4c 89 f7 b8 01 00 00 00 87 05 c5 2e c6 18 85 c0 0f 85 17 ff ff ff 90 <0f> 0b 90 48 81 ff 40 62 b6 8e 74 47 48 c7 c0 f0 28 54 90 48 c1 e8
[  588.594705][    C1] RSP: 0018:ffffc90000a08d98 EFLAGS: 00010046
[  588.600828][    C1] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff81ac85ed
[  588.608821][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8eb66240
[  588.616835][    C1] RBP: ffffc90000a08f18 R08: 0000000000000003 R09: 0000000000000004
[  588.624826][    C1] R10: dffffc0000000000 R11: fffffbfff34e5698 R12: 0000000000002904
[  588.632905][    C1] R13: dffffc0000000000 R14: ffffffff8eb66240 R15: dffffc0000000000
[  588.640898][    C1] FS:  00007f94af7c06c0(0000) GS:ffff888124eee000(0000) knlGS:0000000000000000
[  588.649845][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  588.656445][    C1] CR2: 00002000000bd038 CR3: 00000000580e6000 CR4: 00000000003526f0
[  588.664436][    C1] DR0: 0000000040000005 DR1: 0000000100000000 DR2: 0000000000000898
[  588.672431][    C1] DR3: 0000000000000006 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  588.680429][    C1] Call Trace:
[  588.683725][    C1]  <IRQ>
[  588.686599][    C1]  rcu_core+0x3fe/0x1070
[  588.690880][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  588.696020][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  588.701331][    C1]  ? __pfx_rcu_core+0x10/0x10
[  588.706071][    C1]  handle_softirqs+0x22a/0x870
[  588.710866][    C1]  ? __irq_exit_rcu+0xca/0x220
[  588.715660][    C1]  __irq_exit_rcu+0xca/0x220
[  588.720277][    C1]  irq_exit_rcu+0x9/0x30
[  588.725065][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  588.730725][    C1]  </IRQ>
[  588.733675][    C1]  <TASK>
[  588.736638][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  588.742638][    C1] RIP: 0010:smp_call_function_single+0x399/0x580
[  588.748993][    C1] Code: 33 44 89 f6 83 e6 01 31 ff e8 e3 fb 0b 00 41 83 e6 01 75 11 e8 98 f7 0b 00 4d 89 fe eb 3f e8 8e f7 0b 00 eb 3c 4d 89 fe f3 90 <43> 0f b6 04 2c 84 c0 75 0f f7 03 01 00 00 00 74 1d e8 71 f7 0b 00
[  588.768622][    C1] RSP: 0018:ffffc90005a26ea0 EFLAGS: 00000246
[  588.774722][    C1] RAX: ffffffff81baca2f RBX: ffffc90005a26ee8 RCX: 0000000000080000
[  588.782804][    C1] RDX: ffffc90006652000 RSI: 000000000007ffff RDI: 0000000000080000
[  588.790800][    C1] RBP: ffffc90005a26f78 R08: ffffffff9053f5f7 R09: 1ffffffff20a7ebe
[  588.798826][    C1] R10: dffffc0000000000 R11: ffffffff8174f030 R12: 1ffff92000b44ddd
[  588.806842][    C1] R13: dffffc0000000000 R14: 1ffff92000b44dd8 R15: 1ffff92000b44dd8
[  588.814886][    C1]  ? __pfx_native_send_call_func_single_ipi+0x10/0x10
[  588.821691][    C1]  ? smp_call_function_single+0x3af/0x580
[  588.827473][    C1]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  588.833157][    C1]  ? __pfx_smp_call_function_single+0x10/0x10
[  588.839282][    C1]  ? update_load_avg+0x1b0/0x1ec0
[  588.844381][    C1]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  588.850073][    C1]  vmx_vcpu_load_vmcs+0xcd/0x5d0
[  588.855069][    C1]  vmx_vcpu_load+0x1b0/0x260
[  588.859710][    C1]  ? kvm_arch_vcpu_load+0x1f6/0xa50
[  588.864951][    C1]  kvm_arch_vcpu_load+0x25d/0xa50
[  588.870030][    C1]  ? __perf_event_task_sched_in+0xf2/0x1800
[  588.875974][    C1]  ? __pfx_kvm_arch_vcpu_load+0x10/0x10
[  588.881566][    C1]  kvm_sched_in+0x7c/0xe0
[  588.885928][    C1]  finish_task_switch+0xb14/0xbe0
[  588.890988][    C1]  __schedule+0x166d/0x5590
[  588.895518][    C1]  ? ktime_get+0x45/0x220
[  588.899881][    C1]  ? lapic_next_event+0x11/0x20
[  588.904771][    C1]  ? clockevents_program_event+0x3ba/0x4b0
[  588.910610][    C1]  ? __pfx_clockevents_program_event+0x10/0x10
[  588.916799][    C1]  ? __pfx___schedule+0x10/0x10
[  588.921670][    C1]  ? lockdep_hardirqs_on+0x7a/0x110
[  588.926906][    C1]  ? irqentry_exit+0x61a/0x700
[  588.931710][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  588.937148][    C1]  preempt_schedule_common+0x82/0xd0
[  588.942479][    C1]  preempt_schedule_thunk+0x16/0x30
[  588.947720][    C1]  ? copy_shadow_to_vmcs12+0x4ca/0x5a0
[  588.953251][    C1]  copy_shadow_to_vmcs12+0x4cf/0x5a0
[  588.958672][    C1]  nested_vmx_run+0x3d1/0xc30
[  588.963379][    C1]  ? __pfx_handle_vmlaunch+0x10/0x10
[  588.968699][    C1]  vmx_handle_exit+0xfc4/0x16c0
[  588.973625][    C1]  vcpu_run+0x5dee/0x7990
[  588.978092][    C1]  ? vcpu_run+0x4ad8/0x7990
[  588.982918][    C1]  ? __pfx_vcpu_run+0x10/0x10
[  588.987622][    C1]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  588.992942][    C1]  ? rcu_is_watching+0x15/0xb0
[  588.997747][    C1]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  589.003413][    C1]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  589.009153][    C1]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  589.015160][    C1]  ? register_lock_class+0x31/0x2e0
[  589.020391][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  589.025368][    C1]  ? kasan_quarantine_put+0xbb/0x1f0
[  589.030690][    C1]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  589.035579][    C1]  ? do_raw_write_lock+0x11d/0x260
[  589.040730][    C1]  kvm_vcpu_ioctl+0xa62/0xfd0
[  589.045436][    C1]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  589.050663][    C1]  ? do_futex+0x333/0x420
[  589.055024][    C1]  ? call_rcu+0x644/0x890
[  589.059394][    C1]  ? __fget_files+0x2a/0x420
[  589.064023][    C1]  ? __fget_files+0x2a/0x420
[  589.068633][    C1]  ? __fget_files+0x3a0/0x420
[  589.073331][    C1]  ? __fget_files+0x2a/0x420
[  589.077947][    C1]  ? bpf_lsm_file_ioctl+0x9/0x20
[  589.083013][    C1]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  589.088228][    C1]  __se_sys_ioctl+0xfc/0x170
[  589.092854][    C1]  do_syscall_64+0x14d/0xf80
[  589.097462][    C1]  ? trace_irq_disable+0x3b/0x150
[  589.102511][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.108596][    C1]  ? clear_bhb_loop+0x40/0x90
[  589.113297][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.119408][    C1] RIP: 0033:0x7f94ae99c799
[  589.123846][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  589.143487][    C1] RSP: 002b:00007f94af7c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  589.152093][    C1] RAX: ffffffffffffffda RBX: 00007f94aec15fa0 RCX: 00007f94ae99c799
[  589.160086][    C1] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  589.168081][    C1] RBP: 00007f94aea32bd9 R08: 0000000000000000 R09: 0000000000000000
[  589.176073][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  589.184063][    C1] R13: 00007f94aec16038 R14: 00007f94aec15fa0 R15: 00007ffcd18c3ef8
[  589.192065][    C1]  </TASK>
[  589.195124][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  589.202421][    C1] CPU: 1 UID: 0 PID: 16873 Comm: syz.6.4373 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  589.213384][    C1] Tainted: [L]=SOFTLOCKUP
[  589.217721][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  589.227862][    C1] Call Trace:
[  589.231162][    C1]  <IRQ>
[  589.234033][    C1]  vpanic+0x56c/0xa60
[  589.238046][    C1]  ? __pfx__printk+0x10/0x10
[  589.242662][    C1]  ? __pfx_vpanic+0x10/0x10
[  589.247185][    C1]  ? is_bpf_text_address+0x292/0x2b0
[  589.252528][    C1]  ? is_bpf_text_address+0x26/0x2b0
[  589.257845][    C1]  panic+0xc5/0xd0
[  589.261586][    C1]  ? __pfx_panic+0x10/0x10
[  589.266033][    C1]  __warn+0x315/0x4f0
[  589.270033][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  589.275777][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  589.281518][    C1]  __report_bug+0x29a/0x540
[  589.286046][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  589.291786][    C1]  ? __pfx___report_bug+0x10/0x10
[  589.296830][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  589.301835][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  589.307598][    C1]  report_bug+0x16a/0x220
[  589.311946][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  589.317691][    C1]  ? rcu_check_gp_start_stall+0x2e6/0x470
[  589.323438][    C1]  handle_bug+0x9c/0x200
[  589.327701][    C1]  exc_invalid_op+0x1a/0x50
[  589.332236][    C1]  asm_exc_invalid_op+0x1a/0x20
[  589.337105][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2e4/0x470
[  589.343459][    C1] Code: ff ff 48 c7 c7 c0 b4 72 9a be 04 00 00 00 e8 13 f2 84 00 4c 89 f7 b8 01 00 00 00 87 05 c5 2e c6 18 85 c0 0f 85 17 ff ff ff 90 <0f> 0b 90 48 81 ff 40 62 b6 8e 74 47 48 c7 c0 f0 28 54 90 48 c1 e8
[  589.363083][    C1] RSP: 0018:ffffc90000a08d98 EFLAGS: 00010046
[  589.369174][    C1] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff81ac85ed
[  589.377177][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8eb66240
[  589.385177][    C1] RBP: ffffc90000a08f18 R08: 0000000000000003 R09: 0000000000000004
[  589.393162][    C1] R10: dffffc0000000000 R11: fffffbfff34e5698 R12: 0000000000002904
[  589.401160][    C1] R13: dffffc0000000000 R14: ffffffff8eb66240 R15: dffffc0000000000
[  589.409158][    C1]  ? rcu_check_gp_start_stall+0x2cd/0x470
[  589.414904][    C1]  ? rcu_check_gp_start_stall+0x2cd/0x470
[  589.420641][    C1]  rcu_core+0x3fe/0x1070
[  589.424912][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  589.430050][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  589.435364][    C1]  ? __pfx_rcu_core+0x10/0x10
[  589.440084][    C1]  handle_softirqs+0x22a/0x870
[  589.444894][    C1]  ? __irq_exit_rcu+0xca/0x220
[  589.449722][    C1]  __irq_exit_rcu+0xca/0x220
[  589.454361][    C1]  irq_exit_rcu+0x9/0x30
[  589.458651][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  589.464308][    C1]  </IRQ>
[  589.467249][    C1]  <TASK>
[  589.470198][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  589.476213][    C1] RIP: 0010:smp_call_function_single+0x399/0x580
[  589.482569][    C1] Code: 33 44 89 f6 83 e6 01 31 ff e8 e3 fb 0b 00 41 83 e6 01 75 11 e8 98 f7 0b 00 4d 89 fe eb 3f e8 8e f7 0b 00 eb 3c 4d 89 fe f3 90 <43> 0f b6 04 2c 84 c0 75 0f f7 03 01 00 00 00 74 1d e8 71 f7 0b 00
[  589.502219][    C1] RSP: 0018:ffffc90005a26ea0 EFLAGS: 00000246
[  589.508324][    C1] RAX: ffffffff81baca2f RBX: ffffc90005a26ee8 RCX: 0000000000080000
[  589.516326][    C1] RDX: ffffc90006652000 RSI: 000000000007ffff RDI: 0000000000080000
[  589.524320][    C1] RBP: ffffc90005a26f78 R08: ffffffff9053f5f7 R09: 1ffffffff20a7ebe
[  589.532311][    C1] R10: dffffc0000000000 R11: ffffffff8174f030 R12: 1ffff92000b44ddd
[  589.540305][    C1] R13: dffffc0000000000 R14: 1ffff92000b44dd8 R15: 1ffff92000b44dd8
[  589.548306][    C1]  ? __pfx_native_send_call_func_single_ipi+0x10/0x10
[  589.555107][    C1]  ? smp_call_function_single+0x3af/0x580
[  589.560857][    C1]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  589.566522][    C1]  ? __pfx_smp_call_function_single+0x10/0x10
[  589.572614][    C1]  ? update_load_avg+0x1b0/0x1ec0
[  589.577668][    C1]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  589.583342][    C1]  vmx_vcpu_load_vmcs+0xcd/0x5d0
[  589.588318][    C1]  vmx_vcpu_load+0x1b0/0x260
[  589.592939][    C1]  ? kvm_arch_vcpu_load+0x1f6/0xa50
[  589.598166][    C1]  kvm_arch_vcpu_load+0x25d/0xa50
[  589.603215][    C1]  ? __perf_event_task_sched_in+0xf2/0x1800
[  589.609142][    C1]  ? __pfx_kvm_arch_vcpu_load+0x10/0x10
[  589.614722][    C1]  kvm_sched_in+0x7c/0xe0
[  589.619104][    C1]  finish_task_switch+0xb14/0xbe0
[  589.624174][    C1]  __schedule+0x166d/0x5590
[  589.628695][    C1]  ? ktime_get+0x45/0x220
[  589.633078][    C1]  ? lapic_next_event+0x11/0x20
[  589.637952][    C1]  ? clockevents_program_event+0x3ba/0x4b0
[  589.643816][    C1]  ? __pfx_clockevents_program_event+0x10/0x10
[  589.650016][    C1]  ? __pfx___schedule+0x10/0x10
[  589.654893][    C1]  ? lockdep_hardirqs_on+0x7a/0x110
[  589.660109][    C1]  ? irqentry_exit+0x61a/0x700
[  589.664897][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  589.670292][    C1]  preempt_schedule_common+0x82/0xd0
[  589.675603][    C1]  preempt_schedule_thunk+0x16/0x30
[  589.680835][    C1]  ? copy_shadow_to_vmcs12+0x4ca/0x5a0
[  589.686357][    C1]  copy_shadow_to_vmcs12+0x4cf/0x5a0
[  589.691680][    C1]  nested_vmx_run+0x3d1/0xc30
[  589.696373][    C1]  ? __pfx_handle_vmlaunch+0x10/0x10
[  589.701684][    C1]  vmx_handle_exit+0xfc4/0x16c0
[  589.706573][    C1]  vcpu_run+0x5dee/0x7990
[  589.710961][    C1]  ? vcpu_run+0x4ad8/0x7990
[  589.715521][    C1]  ? __pfx_vcpu_run+0x10/0x10
[  589.720225][    C1]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  589.725539][    C1]  ? rcu_is_watching+0x15/0xb0
[  589.730343][    C1]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  589.736011][    C1]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  589.741753][    C1]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  589.747753][    C1]  ? register_lock_class+0x31/0x2e0
[  589.752984][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  589.757953][    C1]  ? kasan_quarantine_put+0xbb/0x1f0
[  589.763271][    C1]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  589.768154][    C1]  ? do_raw_write_lock+0x11d/0x260
[  589.773313][    C1]  kvm_vcpu_ioctl+0xa62/0xfd0
[  589.778027][    C1]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  589.783256][    C1]  ? do_futex+0x333/0x420
[  589.787619][    C1]  ? call_rcu+0x644/0x890
[  589.791985][    C1]  ? __fget_files+0x2a/0x420
[  589.796603][    C1]  ? __fget_files+0x2a/0x420
[  589.801245][    C1]  ? __fget_files+0x3a0/0x420
[  589.805950][    C1]  ? __fget_files+0x2a/0x420
[  589.810566][    C1]  ? bpf_lsm_file_ioctl+0x9/0x20
[  589.815536][    C1]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  589.820772][    C1]  __se_sys_ioctl+0xfc/0x170
[  589.825400][    C1]  do_syscall_64+0x14d/0xf80
[  589.830028][    C1]  ? trace_irq_disable+0x3b/0x150
[  589.835083][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.841172][    C1]  ? clear_bhb_loop+0x40/0x90
[  589.845877][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.851886][    C1] RIP: 0033:0x7f94ae99c799
[  589.856339][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  589.875964][    C1] RSP: 002b:00007f94af7c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  589.884413][    C1] RAX: ffffffffffffffda RBX: 00007f94aec15fa0 RCX: 00007f94ae99c799
[  589.892420][    C1] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  589.900419][    C1] RBP: 00007f94aea32bd9 R08: 0000000000000000 R09: 0000000000000000
[  589.908435][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  589.916426][    C1] R13: 00007f94aec16038 R14: 00007f94aec15fa0 R15: 00007ffcd18c3ef8
[  589.924441][    C1]  </TASK>
[  591.091039][    C1] Shutting down cpus with NMI
[  591.096413][    C1] Kernel Offset: disabled
[  591.100743][    C1] Rebooting in 86400 seconds..