last executing test programs:

54.250971548s ago: executing program 3 (id=270):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008420000005010000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000240)="afcbccac886eb5e3f6af091c00cf5e37bb5f0c5ea7098e048e73ad069c60a576ae804964a4046973a81337e9792af1eff9ad56", &(0x7f0000000240), 0x800, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d"}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7c", 0x5}, {0x0}], 0x2)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000280)=0x4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000001c00850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, 0x0, &(0x7f00000000c0)}, 0x1c)

49.447289926s ago: executing program 3 (id=289):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141040, 0xec)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, 0x0, 0x23) (async)
syz_emit_ethernet(0xa6, &(0x7f0000000000)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "081f20", 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000400000126000400"}]}}}}}}, 0x0) (async)
syz_usb_connect(0x5, 0x2fc, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0xfc, 0xd7, 0x55, 0x20, 0x44e, 0x3002, 0xc787, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2ea, 0x2, 0x5, 0x9, 0x0, 0x6, [{{0x9, 0x4, 0x42, 0x2, 0x0, 0x0, 0x79, 0x19, 0x5, [@cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "6c22f962"}, {0x5, 0x24, 0x0, 0x1000}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x9, 0x1, 0x8}, {0x6, 0x24, 0x1a, 0x846, 0x10}, [@mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x88, 0x8001}]}, @hid_hid={0x9, 0x21, 0x7, 0x6, 0x1, {0x22, 0xa80}}]}}, {{0x9, 0x4, 0xc, 0xa2, 0xb, 0xe, 0x1, 0x0, 0x6, [], [{{0x9, 0x5, 0xe, 0x10, 0x20, 0x3, 0xf8, 0x4}}, {{0x9, 0x5, 0xe, 0x1, 0x10, 0x0, 0x2, 0x4}}, {{0x9, 0x5, 0x4, 0x0, 0x8, 0x2, 0x8, 0x1}}, {{0x9, 0x5, 0x9, 0x0, 0x60, 0xf4, 0x9, 0x1, [@generic={0x44, 0xe, "184fa3f71e6c12c3ec0be41444d0a2716da24737b0474f47b9c701491abc38875f96e35340ee759e175056056611bb0475f5b2e5c29e2e7073e27682c828bf50b970"}, @generic={0xc1, 0x22, "4cf1a89b2520a956d2e9e276c388a74a513f40e5e07fc7b0b8fe912faa3bc21a468632a6e8e251a5b10ae17ebbed48825b3088bc330aee5c4f16a6529a37019aff334021e8f7c8e09dbb4f9e488b44f205afc5745cc468a5bd9f1802afd77ec6c4994164e254c1f368addb7d332c35b582091f3758a4074de23441dfc63c7c95de8464447adfd74980ff9c38391a9cb8ca92f123eec8b945b9f559fb30127b00f6fafc791702eeb9651157e00a17b4e81d29ae72823b433815048fbf83a4f0"}]}}, {{0x9, 0x5, 0x2, 0x0, 0x3af, 0x40, 0x3, 0x0, [@generic={0xca, 0x24, "9dbcb5c2e72cd672c0f9d399758d6b9c73ca8dc270c9d47f927d3082e4834e9399ecb85a574b8e631e506843a679163e9d0aa278942250ddad82d98de3876880941837701c1d2e6007c45cdcb6fa65546389c70e15c53096e34be4b409542c74040806d720c3078832d65f497ef9657d81be6e7d86209e4442f3af2bafeddc95068db25da88521dca5387d3e02c7a54b2c98d92ddcdf200577abd7ad14a82ba44afa7adf25be2cf8f68355b45730e594df3ee88dc37552604e76daa5337eec49e245ee6c99acbaeb"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0x1}]}}, {{0x9, 0x5, 0x81, 0x0, 0x0, 0xd3, 0x80, 0x4, [@generic={0x2, 0xf}]}}, {{0x9, 0x5, 0x4, 0x2, 0x400, 0xff, 0x6, 0x4}}, {{0x9, 0x5, 0x6, 0xc, 0x3ff, 0x6, 0x4d, 0x5a, [@generic={0x46, 0x10, "fddf68b41f1601fbfcc89924b15daa0aa57e4bba7eaa9abd394b5e00851f3685b2cdef7eb5ca713520837ee8df570eb367a0979280ff9a324f627e3686367df28672a0ae"}, @uac_iso={0x7, 0x25, 0x1, 0x42, 0x0, 0x2}]}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0xfa, 0xfa, 0x86, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x54, 0x9}]}}, {{0x9, 0x5, 0xc, 0x10, 0x3ff, 0x4, 0x9c, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x103, 0x6, 0xfff}]}}, {{0x9, 0x5, 0x8, 0x10, 0x400, 0x6e, 0x0, 0x2}}]}}]}}]}}, &(0x7f0000000940)={0xa, &(0x7f00000003c0)={0xa, 0x6, 0x200, 0xbd, 0x8, 0x67, 0x8, 0x12}, 0x1bb, &(0x7f0000000400)={0x5, 0xf, 0x1bb, 0x5, [@generic={0xad, 0x10, 0xb, "e9a7d147bf50a48e4662c6dfde94af68f6232e709c55447ae93c4a592c80306c7ecf95f0f28b6c9aa2af8b196390724c94e60f7bc764ba7e52431abba44a3b057b52b341a43c87e980ee23b8b028d62bccac5f505fb43e092154a8fe3d4c7abd42820ccf1d74a509771c2c318266dfbd55721ea27fe57adc6e642655f2fc2e5e1bdd0cea8103b631616ad725f2ccbcb34cb2e5786bdbaf7d1446ae2edeb885518c38adce7e7f2e7e2b78"}, @ptm_cap={0x3}, @ssp_cap={0x18, 0x10, 0xa, 0x3, 0x3, 0x0, 0xf1e, 0x4, [0x0, 0xf, 0xf]}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "09a2e79c33c16fbc8e9c672f7da93bf8"}, @generic={0xda, 0x10, 0x1, "07f0c4edc303b4fa204a66047b6be3789c7f58b361b7964ffd8ac2daafc9e0afbe36a263cf97bac1f09bef77ca4bbb81e062fd23f2f16f449d6538b483ef3dcedcbe0c52595f2691420f1ec175ab35be6232959e94d062d93645a653a9d1195abf92fd1db305cb759312f92f27e3a7fa53caaa43dc879dea270eebb04a9605dd7d10cecdd64de3ce04cd512916eb1fe3ce82251fc4e5a8a23eed975b72d52c936271de7c2a9014d9cd76730a78c5447e14bf96b3bc80fa89edab1cdcd9e8b714777e1416a4c562f3435aea352ff81653d461f96420b624"}]}, 0x9, [{0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0xc09}}, {0x52, &(0x7f0000000600)=@string={0x52, 0x3, "300a7c0f182b1ac8ba9bcb8be2a99e3a7875f4d004f949ff7f44f2e83edde27ee25a88e98b56e234b4425957a7911099fc5a87d168f9456e170053c0e4f1b6c1df17c1075e5b96db9c9064659609bbab"}}, {0xa0, &(0x7f0000000680)=@string={0xa0, 0x3, "302895efff7e3700c77d5dabab5caff4a7532b12707145d0e8bfdb91bc9901c75c88513e47ecc395e090e17e4565182229dad4edb670b0f8ee6ffbf441e17567cad78ce36c723cd37a8336291272778f7593a98d60d6af696def5c63b3e5c8aa32be4ca46d31a7c42e0988a07277274ddfc5d61749958ddcbc399dab288ae1738e0b7f955e20c482ca8e7cd836c94f17fe93b493f806193a7a563c6a88c2"}}, {0x8b, &(0x7f0000000740)=@string={0x8b, 0x3, "5899564e085002c015422ca1a588ebf8ac6e0ab2a45fc6076fe2f0f47bf4db97dc0049f96a9b2eefc7b122c34e8327c72bf7d97825bcbafe675a0a6db061f5e0962308fb6654b2a83e0a7ab0a94c3e5a259c74507e1dc7b765a5ce6ef0524b171bf081b28e7887ba00e9192699e2f197517e9ce6667e71b955389d7b8d8f0c06efb5c5834cc1acac9f"}}, {0x4, &(0x7f0000000800)=@lang_id={0x4, 0x3, 0x420}}, {0x36, &(0x7f0000000840)=@string={0x36, 0x3, "601438444235dbb415acecb583b797206f2e91d2ca8cfba26603ba4f572f27f31d3578a6281b82b614f5ae482d7d9da48c277a42"}}, {0x4, &(0x7f0000000880)=@lang_id={0x4, 0x3, 0x413}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4}}, {0x1a, &(0x7f0000000900)=@string={0x1a, 0x3, "a81c70d4515d92851980e863f04d6fb95751b0f3ff748587"}}]}) (async)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='ufs\x00', 0x8007, 0x0)

49.305861595s ago: executing program 3 (id=290):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008420000005010000", @ANYRES32=0x0, @ANYRES32], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2"}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7c", 0x5}, {0x0}], 0x2)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b1000000"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000280)=0x4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000001c00850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, 0x0, &(0x7f00000000c0)}, 0x1c)

43.896185629s ago: executing program 3 (id=301):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}}}, 0x32)
sendfile(r1, r0, 0x0, 0x80001d00c0d0)

43.668637796s ago: executing program 3 (id=302):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="444947a854414c3120274d696327203030303030b030303030303030303030303030300a494741494e20274361707475726520566f6c756d6527203030303030303430303030"], 0xcc)
r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r2, &(0x7f0000000140)=ANY=[@ANYRESHEX=r1, @ANYRES16=r0], 0x69)
close(r2)
dup3(r1, r0, 0x0)
r3 = openat$nvram(0xffffff9c, &(0x7f0000000080), 0x230200, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xdc2, 0x0)
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000000)={'bridge_slave_1\x00', 0x400})
ioctl$SNDCTL_SEQ_OUTOFBAND(r3, 0x40085112, &(0x7f0000000040)=@v={0x93, 0x6, 0x10, 0x11, @generic=0x5, 0xfe, 0x45a4})

43.569920668s ago: executing program 3 (id=303):
socket$pppoe(0x18, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket(0x10, 0x803, 0x0)
socket$netlink(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', '', [{0x20, '\x00'}]}, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
syz_usbip_server_init(0x2)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x2000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f00000000c0))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

28.216209301s ago: executing program 32 (id=303):
socket$pppoe(0x18, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket(0x10, 0x803, 0x0)
socket$netlink(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', '', [{0x20, '\x00'}]}, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
syz_usbip_server_init(0x2)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x2000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f00000000c0))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

9.405723434s ago: executing program 1 (id=387):
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0x0)
ppoll(0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0, 0x0)

9.24687999s ago: executing program 1 (id=388):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="67d890", 0x3}], 0x1, 0x0, 0x0, 0x1}, 0x0)
close(r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f0000000080)="d2", 0x1}], 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x49, 0xa}, {0xc, 0x3, 0x58e5, 0x1d57, 0x9}}}}, 0x17)

9.143395798s ago: executing program 0 (id=389):
timer_create(0x0, 0x0, 0x0)
timer_create(0x2, &(0x7f0000000140)={0x0, 0x1e, 0x1, @thr={&(0x7f0000000440)="ebb9404766b3938990705e7894d7fa8b61984856c180ddbc64c66c5a5e74773971e0bdbba355790f7ba9306463f1523667eb336e779202a8b8423daf77f074983c60beb5c13edfb011f31dc98a2c56ad91065321832311023aabc6aa6025fb6f3b25697d65b45f1aa870565116e45bdbe3922bdec1c1f5e59e827b56eaff63658f87bffefb8470ee7b207c358de9d3b18a872bea4965a100461707543d1c9453be0f787a2b70", 0x0}}, &(0x7f00000001c0)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
pwrite64(r1, &(0x7f00000000c0)="97", 0x1, 0x0)
ioperm(0x0, 0x6, 0x2da3b9f3)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000280))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0xe8)
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='virtiofs\x00', 0xd1, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r3 = syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0)
getsockopt(r1, 0x7ff, 0x9, &(0x7f0000000500)=""/250, &(0x7f0000000200)=0xfa)
syz_usb_disconnect(r3)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x2, 0x0, {0x0, 0x1}, {0x49, 0x2}, @period={0x58, 0xfffc, 0x0, 0xfffe, 0x4, {0x13, 0xaa, 0x1, 0x1}, 0x0, 0x0}})
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x12d8)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x88, &(0x7f0000000040)=ANY=[])
syz_open_dev$loop(&(0x7f0000000180), 0x7, 0xa2180)
read$char_usb(0xffffffffffffffff, &(0x7f0000000040)=""/44, 0x2c)

9.101179861s ago: executing program 1 (id=390):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
ftruncate(r0, 0x200002)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

8.483829406s ago: executing program 4 (id=391):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008420000005010000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000240)="afcbccac886eb5e3f6af091c00cf5e37bb5f0c5ea7098e048e73ad069c60a576ae804964a4046973a81337e9792af1eff9ad56", &(0x7f0000000240), 0x800, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d5512e72c"}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
writev(r3, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7c", 0x5}, {0x0}], 0x2)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bf"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000280)=0x4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000a000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000001c00850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r6}, 0x0, &(0x7f00000000c0)}, 0x1c)

8.396767581s ago: executing program 1 (id=392):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000000)=""/73, 0x49)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
flock(r2, 0x6)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="40217b0000007b31b784628e0c7f746ba4958f54d2e9a54dbfca03b956af5b015ae605a213e8633d3338ceb4f926e6f1a54d5aef3a40431a11e44586987392c40291c29f2baad48f9990b97326bcdee3b3f67561bf6c67cab0f93cf8d8f66cc1e7bc64dc4e27445c4deefba669265abb44f1381061c996f0bdb260a82981448aca"], &(0x7f00000002c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000280)={0x10, &(0x7f00000001c0)={0x20, 0xb, 0x21, "725dac55d2f595a60137bf37a58487f29f699f0f293cbf81941fdc8eff95422121"}, &(0x7f0000000200)={0x0, 0xa, 0x1, 0xd2}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x1}})
userfaultfd(0x180001)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
r5 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r5, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400})
sendmsg$key(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)

8.245779277s ago: executing program 0 (id=393):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}}}, 0x32)
sendfile(r1, r0, 0x0, 0x80001d00c0d0)

7.70972448s ago: executing program 0 (id=394):
socket$kcm(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=@newtaction={0x120, 0x30, 0x400, 0x0, 0x0, {}, [{0x10c, 0x1, [@m_skbmod={0xc0, 0x0, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0x1, 0x5, 0x3, 0x401, 0x6}, 0xd}}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x3, 0xffffffff, 0x5, 0x3}, 0x6}}]}, {0x52, 0x6, "e297a1228b84b1a1bf88297df7d3ebceb5667c511c7fb422886c21bc0d911f8dc6aa8cef10d580d7504e6d947084784cc27030215c36ee0993fa100e40a6ad52bc8b292cb854e6ec61b4e6efcee6"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x7ff, 0x5}}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000300)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @local}, 0x10)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x200000000000002)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8010, 0xffffffffffffffff, 0x5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROMVOLCTRL(r4, 0x31f, &(0x7f0000000080)={0xb0, 0x16, 0xa, 0x1})
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0xe5, &(0x7f0000000500)=ANY=[@ANYBLOB="e503a087393a90b20f5bd4aeacf39b0a2a8deb8d665138366e3239755defdbf4c35a1ddc760625038af7132660c80755fdcf051dfd381df0b09d9d5d456f327db8f9954c73b0d8f8161bdc46baf5d867d184b1ccca23bfa4046c7e2b2cddf0a9f6b147640ab48fc51be30ae4c99f16599711f7b6b901b4d4af654608c5407e0e521ef2d1695bec8688aa1895cb6fd3c4429e9095745b4e895a36b6f7f5b2cd9b1fa5f6549a9682e9773740a4cc1878e62c540bcef7b323960bd526c85c76a0c63ec1e2d9cc192b0c3cf0e88e1c1b7648040fca949bcbe16fadbd6efc640586a3c000000000"]}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x40)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r5, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x4}, 'port1\x00', 0x786520dbf34c80fe, 0x20a03, 0x20000003, 0x0, 0x0, 0xc, 0x400, 0x0, 0x0, 0x87})
r6 = openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x123482, 0x0)
dup3(r6, r5, 0x0)

7.23938995s ago: executing program 4 (id=395):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x62881, 0x19d)
open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

7.068488568s ago: executing program 4 (id=396):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00')
fchdir(r0)

6.957255048s ago: executing program 4 (id=397):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008420000005010000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000240)="afcbccac886eb5e3f6af091c00cf5e37bb5f0c5ea7098e048e73ad069c60a576ae804964a4046973a81337e9792af1eff9ad56", &(0x7f0000000240), 0x800, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d5512"}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7c", 0x5}, {0x0}], 0x2)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000280)=0x4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000001c00850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, 0x0, &(0x7f00000000c0)}, 0x1c)

6.351580648s ago: executing program 0 (id=398):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="67d890", 0x3}], 0x1, 0x0, 0x0, 0x1}, 0x0)
close(r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f0000000080)="d2", 0x1}], 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x49, 0xa}, {0xc, 0x3, 0x58e5, 0x1d57, 0x9}}}}, 0x17)

6.242833343s ago: executing program 0 (id=399):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r2}, 0x10)
migrate_pages(0x0, 0x40, &(0x7f0000000300)=0x80000001, &(0x7f0000000340)=0x912)

5.989361835s ago: executing program 0 (id=400):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x1c, 0x1}, 0xe)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000020240), 0x10010)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1f0, 0xc8, 0x8, 0x0, 0x5803, 0x344, 0x2e8, 0x2e8, 0x344, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [0xff], 'geneve0\x00', 'geneve1\x00', {0x80}}, 0x0, 0x188, 0x1f0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x1, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x11, 0x81, 0x8, 0x6, 'syz0\x00', 'syz1\x00', {0x33}}}}, {{@ipv6={@private0, @local, [0xffffff00, 0xff000000], [0x0, 0xff, 0xffffff00, 0xffffff00], 'nr0\x00', 'caif0\x00', {0xff}, {}, 0x1, 0x6, 0x4, 0x4}, 0x0, 0xc8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x444)
vmsplice(r1, &(0x7f0000001300)=[{&(0x7f0000000140)="84", 0x1}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x2, 0x2, [{}, {}, {}, {0x6}, {0x0, 0x4000}, {0x0, 0x1000000}, {0x80000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsopen(0x0, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
syz_io_uring_complete(0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0xe00)

4.789083684s ago: executing program 1 (id=403):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008420000005010000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000240)="afcbccac886eb5e3f6af091c00cf5e37bb5f0c5ea7098e048e73ad069c60a576ae804964a4046973a81337e9792af1eff9ad56", &(0x7f0000000240), 0x800, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d5512e72c"}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
writev(r3, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7c", 0x5}, {0x0}], 0x2)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000280)=0x4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000a000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000001c00850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r6}, 0x0, &(0x7f00000000c0)}, 0x1c)

3.114380711s ago: executing program 2 (id=404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r4 = syz_io_uring_setup(0x32c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
write$binfmt_misc(r9, &(0x7f00000000c0), 0xfdef)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r11=>0x0})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r12, r11, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000400)={@local, @random="bea73a3aca58", @void, {@ipv6={0x86dd, @dccp_packet={0x6, 0x6, '\tv.', 0x10, 0x21, 0xff, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[], {{0x4e22, 0x4e20, 0x4, 0x1, 0x9, 0x0, 0x0, 0xa, 0x4, "7f4035", 0x4, "e6923b"}}}}}}}, 0x0)
sendto$inet(r7, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)
io_uring_enter(r4, 0x2def, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf255a00000008000300", @ANYRES32=r3, @ANYBLOB="c3b9011e7e4b4d14424a52709b872cb9c7a475392b9b515ae4fe17551cb04be5031d7769cf0758ec53a3e2a5eb"], 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000000)

2.552003532s ago: executing program 2 (id=405):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x62881, 0x19d)
open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

2.476612526s ago: executing program 2 (id=406):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0x42)
socket$can_bcm(0x1d, 0x2, 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x1, r6})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000180)={0xfffffc}, 0x10)
write(r7, &(0x7f0000000000)="240000001a005f0214f9f407000901000000000000000005000000000800040001000000", 0x24)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x1, 0x80, &(0x7f0000000600)=""/128}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @remote}, {0x2, 0x4e21, @empty}, 0x303, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})

1.25743322s ago: executing program 2 (id=407):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="67d890", 0x3}], 0x1, 0x0, 0x0, 0x1}, 0x0)
close(r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f0000000080)="d2", 0x1}], 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x49, 0xa}, {0xc, 0x3, 0x58e5, 0x1d57, 0x9}}}}, 0x17)

1.178831915s ago: executing program 4 (id=408):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="0300000091400200200012800b00010067656e6576650000100002800500040009000000040006"], 0x40}, 0x1, 0x0, 0x0, 0x81}, 0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000001300)=""/241, 0xf1}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
semget$private(0x0, 0x207, 0x480)
keyctl$dh_compute(0x17, &(0x7f0000000200), &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}})
r5 = socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a001000000002800000", 0x2c}, {&(0x7f0000000640)="9abe48978fc9d6d504d0c9f79768e69abc0d908c4b7714017340a5321e2091ace2f33de355e62b927a1ab681a738f2e4e6d33ce721479d3f68ea12ef5aeb17d903d95cddeb4e2754b78802e05f584c7ab407fc85efe9ab6d650e5eccd789e1e414ab7501f7fb6fd6404b0afab9d4c2078d1030121824daf273d8c33dae1bc50bf1d39fb4f04a10d235dd987de873824c5f97fc33c2e3fde23491dd6d53930ce1c914bc1cc17642dffa0933942972a97ea96b886ad243f6d5378f5d70d8379f5a316ec6c623a6a08674f92554652a32193775938997cb6b24d8355b79860057ea077f62b64ffbd9a886bf7ec98453e6a4792ea0882f8c1e1be8a4b699f4560545c55002fc6f2039736619ffb2c30f946ad7ca29bb4dc823c771b85d812e3f1bee51b20cd8e365a88fda649df477f1f3a1a7c60d0a4c875973658fe25ecb5d45e95dc7cb07f79b0dc0a78bff47ad5ccd5ab5dfc8ba2a8a48572c840fbc134628f698ac267d0eb5d52d37b1927ea10a15efbe12a926e22be39c4c6431b528fca59208b192939f1a4167d613d1fef58e30363112dcef611692353615a2bda0af0bdd5884045f748771b7c8ea5d82d31d048832995615bf68b51370d41a7e4db8cb3970066b6f9e9a55a7c8e41bff4a436ad7b0631250af307a0af8d0d72d7394421f4de5ac2918583f07d92c32d17098f20834ac2ba6bb39d504af6fe664be4e436ba30c885680d58a4ae70c680d553e15ac6c3d1f6b7a6ef99358c948a6c1b1db07c40d2a0b5c7b3c420ee63ee66117175b12ff259783f4cfa8bf5110b96e8417180cd8a413c23659033f8f1857e00df8de16041101a8166411c893af3f00b0596718fe76578301604d27f67ba625fae0e404293872f523b7496ddde4b09f33b7f7e3fcf6fe0d0ebe5eb603e5d8ed1ae18c654498b3db3c59aa51e8022ce90d6834108df0c73e886b49be39f60116ec2ac0e5540af3491ff4d6c526b6350bb5021933a79b4e102f3ff65f7bced45210bf5849a0188493798dc87f8b22ca1b104f5caa5018029bbf03afe7904dbfa0f5e1a2b74a196e0d153b7498b69986657c79bb1df1c9ed1dfe19d00de2040fd668ccedd62c775a9976aac1d9447d4045f499461a320443111bf56d8d7e1dadd1f4ca137c5796c2d7c8a015786a5fc5e7b9021eda74b575925d9d55683e1a940c55299046ac60d49fe05141a7f5280cade653bd2f19018121e18aca2ac846734e941b313242b9c41fa7c8d2058577aae640e8319710021cd89eb291ae0ad15ba292d45ebef0074386668123ed9961b13633043f54314c8f4fe8fc0036512fb088b6671e13d8481b5286e098cdcdf509473ee3c36c0cd218a81f4c2b8758a5573f21a5c12cdcce7e79f4cc8b5a9030f7d0f8a2c809db34b89ed5e063db518a18584c46806f863f7a192df439c5894eed6facd33927bbaa8df57ecd045ef6386ca46a05ab5573068955d21289a4286152c8a2a13df3429b16f4ee1d73a6f544c784b0cc49aa2c83b3738c25ee3d64ac9142131318f82981ae1a17d07941aa3bd05dd9c136cb061a71ae67614dc44ea2d9e350c0cd9dce03e0aa292b384e0f037e4bc392bffb4e847cf01b74e394736f08242a9ce03e5c4e163f5cead6b8446bd9c1fe9bfb31bca88511a74671e2bec33fe0b9aae1376303c979df69c0b305f042bf2e111b446533f4a6b3fac594e5903061e21e7f1c8a30cc1cb3d3078e48741a032723e7eda57fc83c6068ba086b08448af61988bd22dbdb8c3752828f40691e12b284080da18f0ff5f87f324cde7d7325c181560e5f4e7e028476b372bb8b64da996db88e31aef3acea54932b152b4422a6833853f0c217b895c8710473fcb36288faeadd0bc72f8f81b79cffc9c05fd8d30c769ac22f1e72773b0c7e8b234d8624b6cb6311978ec4568b692fda31a04cd795de2794f3376fc7376e30c85d7942b03d97f915289c5754eb057dcb504872e409acf1ff929698e5890161b12140fdef3d1838d41e25dfe0716241170a5392c31d766fe6313ae2aefdaeaffd53d0940949f18d9737a2aacb2111b6dc129e2812eb403446e655d5317e258eda59dfc57d1351c2d64e5074e485d98c06f35b5aec59baf8efc15866eef217c5dac6aad75f55d779c56662420d5b401bf0f19f5217f2d9395931def8f1f8b5847c8f052a8cdf942f567ba004e21c448067c5d2a3bd5cdac560495712f916dcebd06d6b65c767af15216e3c0b84212202356accac045004c612c4660470e593ed89e219ac1f547cfdda3c484b67b00096cd7993fa5a5ddd860d9e8d0c915aea5f6847d50a5283ea522e1d490a8151dc96911a261be4ed30da952b1d8b74c891fac193d5f83f2eb3d974b20523bdd3c7660e42635410073642b983393caf59b20d7ce8682c54fae87d8a57dfa243fcc2fd52d7372155d7e7bf9078e1ccd5046f21b95a5d61bbd1e78fb9c3d6704a141298fde37d09615d51ad10ec8eac5ebb3d1df8e0b559f6e88a77a074d2ffad60d4d58819a76482408c3a7c8edf41abce0f450c33b1cd6432363e6c4ed892f2b78d9b14acf0e8490cfb1f60229753d8eaab8df582c9fac7a54980442985b87bb41e47f415f8617e5025d2f1fdfa745e07b0626b547c7f310d5da65522b95e84a231716afc07da2d7562dc4b583fcdc21a22bc2132532c6713ec0e35004b78612585ff8bac697c8e8ad6da1545d6dfd2f3564f92457dae15cfcb3ca1c4ba9f4210c75bba216ca805b6c8760892257d5ec95252895bc9870adb6b47da48478fc718898c3e1d353fc233227d71c2c7a7dab22c8a5acb19e75eecd1fce82dcf36b7da813b7102cd426a67c3e721505bbcfa4c76c4b93ee06c477a9526cc36cb6e1ec0fc55284c7379766d5771a8db5781fd5b10d22959aeb1ae73ce24721f39aa62bc84ec58ab5cc3b9a5677c25c2240911184667f4f3726efb9aced16eb0967bd9b177b18050dcb554829d38419c8f74aa9279f90e9fec58b755c9ea38533f07d09e23a1540ba794710a46b7d7341aab573a26ad01702794b9c2a5b957ec5d22ea079b8a81f4d6108941d84c588c13458e3d10556df61231e43ea0f84851515b00f4f68cb95ff182fe1a95dd0007c92a84d5fe503dd3cd8bfd81b3a2b351de8d2d5f6020cb1d5523e5e76278e66755d9e9b278f1d4142887c3ac85509abbcc49f8b649bda581e6fdd58fc7662705b843fe49d543cf46fb0c701e41379927731890c1b284071d92f1747dbc4fa906727bc8d0ce783d9079c7735eebe2c9887d9b7ebf5862a9607a038895325f9c54ec0faed2dd3d46b50c1795a1342140fc326e1e24b0434b72fdd3cc4d48dfbefd5df53716cf709235a9d39ddff93ead149c3cd57f680212b5036e99439046791795ead6dfe330d405d90bc6a849b305b0c60d62e4d53b5af25870a0b5e105dcee40360d9594900c4aef9db5d2c11d76de448ff9ad85046a655890820a1092f643c5af63b05762e036df228f5cc0ea00b9664dcdb647684d45aefa01605dfffbf31ea1a7501b82521f49bd36d1f5977932e0b6fe6eb2039e3d91b6129a879b96719a9f3c4e05dc02222ffccca0cb682be2a4fb54c5a590653cef00c2399449cabfa4d2e2e3143ce0d0a49dcddfc59697f0953a93515d0c9672d03bfa96db5ca4902f584eaa4ab32ec348d9f059921b8d6c8ba3e9300e4f4014f8777f588856729bb82dbb95e96a812bde444d62731415896c7cb6336cf8bc05ae1f40f550a21905969a98e551925bc167b1e267670266b3c2f8a75acb3cdb30c993b02e246e7629bad825a84cca2fcc60540a6f8750b6736a19e8854715e0e900431f530b03ba0552ef2272a693a357bd0fe64bf549e5354b954d8651ab6d87cb512dd613981e1a65bd87f36448d974d967bda619b5ec581508a842db9c77292fd2fe0f1e4d248c786ef40fc41ffab06f75f4b293cfece7cd9a9433dabf3cf4a42e16617ecc70f40d28d15316e26433c7ed8276db489ba94cd2314203e05936f48a842f57acfeecc97fec0c433121bef994e780e6761771d9280e9868f03415c11d68b7c0ba2046b089ecbf73de963b206895c090227ee6b348ee6d1af087141c52c109b11c1a8805344c84aca98835cc227e2bd8192a97a11559f048fbf3d6c5ef4714c7045652c271ca859812f1e8485e34e550646aa898d8fcd6ec973c2ca02da1524f454d1468a130b7f6da4a8abc9e221991b9185742276e8a75b949a7c6565276926f617b20217531b626b1479392f9768a1848e528c7a25d2fbe3a32e47a1d9eabf5a32c8e239e3cd3e8e666c6e5a5c02c942b691b721b79142f855240f18005458913b297304beb95bbf61c17348ad74c7f86d642dadf18bc6328122ec84de076d73bb94af4224cc556ffa3f32b5c7ac7d0dedea3c8ee9f0fe16fb2740b2e6e1b7de8b210167614756b1264118dbe3420eb9cc541054f914fd91a853be3a12a0a5be123b8962b02aafac12cb1e931879f480cb0c29885aa91421c5971c7b85a887ca95aefefbfa3a476be3bafb549d92f5471e1f6aca1d9d4d826ea5fc7b7bc3cc20023d6536ee5406ec21b71ed8f146765cfba901ed59cafb2dff9aafd9373bbabbfaff1da0dbf1dd07ab058a8beba78f9222373c87b416d92567ada44c01de4004202bd4d70ee285e8b9b86efeaa5ef62680e4676a8e651b3d1e6aae639b1c4e79a7e583de5c10db7864261273d754e2abf5e47e4b79c970243c16d440a9e6f6b99eb94c9ce436195d7017aeb6f6695622f51c2f237fee93c7f2f76f13a7bc8eb5d574c97d7b2be0a91de2869bec13e0765b54ca44951d4b15fb79228ef3d0090e0aaee13586674b40ce272be597d72a5042ef5ead82fe20331b5b6361889339e35d62fafa4c9dbb20016ed58479fd0a0ee8382fe872894d98b7f59186d0994509a216be36b15b76a134752f58748debaa9b36bc4c188d5c782df6d32f6403082edd4eedda2814638e8ac1b28286b8ce54360c44acb55bb10a73fa09fbd86bfcf4ce4943e4d14535f7a9fd80e2911824fa9dadbba245d85658a2bc827423aea", 0xe00}, {&(0x7f00000000c0)="26fc4bcf8b00c19cd0eed8a91f7c36de44eed2752c4d27ee2e10986d2b", 0x1d}, {&(0x7f0000000280)="507a820941f6d234a757b2de2fe516eb6857f51051e27bb99b33442507ee3dd395c93381abb5e6b9ff76eea128b6f395f74b64bc081efc463b192c1838538c8719738008a47502b4207297de026ed4ea30bef60af76f2b26e1a2768a7226f918253314511129725d", 0x68}, {&(0x7f0000000200)}, {&(0x7f0000000240)="be1ac182feb197b37fadc7e8ad4b3a9a9b791e900ba3d654bb44d4402987f407bdbcefe93f535279d99bb839a1", 0x2d}, {&(0x7f00000004c0)="91f0807b6afddf80750c5a560c2081f08de8a721aa5e3cfd5a6bc6cabda994bf8693656d03e1ecd9d468f2d4bb42292991d19fba6097597c9e6f16fdcb2b551f2bfeaaf98a60bc01df68984cf336e2d257b29840e3adfa847b5f420ea7b5e4d1545ae88f63dfbb3ecdfa6633997cbaaa79e2ada80941ed932cbd7a0b11325041f526151f6be00828495864ad9f61c009821728b246b5957891caf322b4a8c97874073ecf48e0cde8e05ba00619d7d90907550d123307265ef06a5ba4a640b82641a834e2684781e4b3e0a93e8d25795a7949e0864c40b8396a01a59b509e34ef484c938c3a677a072a4fba", 0xeb}, {0x0}], 0x8}, 0x0)
openat$btrfs_control(0xffffff9c, &(0x7f0000000380), 0x2001, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e12000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

1.102863433s ago: executing program 2 (id=409):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @empty}, 0x10)
sendfile(0xffffffffffffffff, r0, 0x0, 0x80001d00c0d0)

855.12025ms ago: executing program 2 (id=410):
timer_create(0x0, 0x0, 0x0)
timer_create(0x2, &(0x7f0000000140)={0x0, 0x1e, 0x1, @thr={&(0x7f0000000440)="ebb9404766b3938990705e7894d7fa8b61984856c180ddbc64c66c5a5e74773971e0bdbba355790f7ba9306463f1523667eb336e779202a8b8423daf77f074983c60beb5c13edfb011f31dc98a2c56ad91065321832311023aabc6aa6025fb6f3b25697d65b45f1aa870565116e45bdbe3922bdec1c1f5e59e827b56eaff63658f87bffefb8470ee7b207c358de9d3b18a872bea4965a100461707543d1c9453be0f787a2b70", 0x0}}, &(0x7f00000001c0)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
pwrite64(r1, &(0x7f00000000c0)="97", 0x1, 0x0)
ioperm(0x0, 0x6, 0x2da3b9f3)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000280))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0xe8)
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='virtiofs\x00', 0xd1, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r3 = syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0)
getsockopt(r1, 0x7ff, 0x9, 0x0, &(0x7f0000000200))
syz_usb_disconnect(r3)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x2, 0x0, {0x0, 0x1}, {0x49, 0x2}, @period={0x58, 0xfffc, 0x0, 0xfffe, 0x4, {0x13, 0xaa, 0x1, 0x1}, 0x0, 0x0}})
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x12d8)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x88, &(0x7f0000000040)=ANY=[])
syz_open_dev$loop(&(0x7f0000000180), 0x7, 0xa2180)
read$char_usb(0xffffffffffffffff, &(0x7f0000000040)=""/44, 0x2c)

854.307792ms ago: executing program 1 (id=411):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000000)=""/73, 0x49)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
flock(r2, 0x6)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="40217b0000007b31b784628e0c7f746ba4958f54d2e9a54dbfca03b956af5b015ae605a213e8633d3338ceb4f926e6f1a54d5aef3a40431a11e44586987392c40291c29f2baad48f9990b97326bcdee3b3f67561bf6c67cab0f93cf8d8f66cc1e7bc64dc4e27445c4deefba669265abb44f1381061c996f0bdb260a82981448aca"], &(0x7f00000002c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000280)={0x10, &(0x7f00000001c0)={0x20, 0xb, 0x21, "725dac55d2f595a60137bf37a58487f29f699f0f293cbf81941fdc8eff95422121"}, &(0x7f0000000200)={0x0, 0xa, 0x1, 0xd2}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x1}})
userfaultfd(0x180001)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
r4 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r4, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400})
sendmsg$key(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)

0s ago: executing program 4 (id=412):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}}}, 0x32)
sendfile(r1, r0, 0x0, 0x80001d00c0d0)

kernel console output (not intermixed with test programs):

 this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.036352][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.054060][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.056060][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.063510][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.087668][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.089833][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.096863][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.146368][ T5947] hsr_slave_0: entered promiscuous mode
[   45.149118][ T5947] hsr_slave_1: entered promiscuous mode
[   45.151967][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.154891][ T5947] Cannot create hsr debugfs directory
[   45.158554][ T5949] hsr_slave_0: entered promiscuous mode
[   45.162048][ T5949] hsr_slave_1: entered promiscuous mode
[   45.163900][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.166042][ T5949] Cannot create hsr debugfs directory
[   45.238685][ T5953] hsr_slave_0: entered promiscuous mode
[   45.240862][ T5953] hsr_slave_1: entered promiscuous mode
[   45.242868][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.245122][ T5953] Cannot create hsr debugfs directory
[   45.403423][ T5956] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   45.407711][ T5956] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   45.412646][ T5956] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   45.420785][ T5956] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   45.436066][ T5949] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   45.440488][ T5949] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   45.457187][ T5949] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   45.464998][ T5949] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   45.477221][ T5947] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   45.490148][ T5947] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   45.493999][ T5947] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   45.497227][ T5947] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   45.513329][ T5953] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   45.518425][ T5953] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   45.522115][ T5953] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   45.526745][ T5953] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   45.583848][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.587693][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.602156][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   45.608619][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[   45.622503][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.624634][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.627825][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.630271][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.636059][   T96] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.638107][   T96] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.643377][   T96] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.645399][   T96] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.660414][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.672535][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.688133][ T5947] 8021q: adding VLAN 0 to HW filter on device team0
[   45.698354][ T5953] 8021q: adding VLAN 0 to HW filter on device team0
[   45.707167][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.710000][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.713337][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.715706][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.724651][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.726790][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.740449][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.742561][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.772634][ T5947] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   45.798198][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.809016][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.830266][ T5956] veth0_vlan: entered promiscuous mode
[   45.847918][ T5949] veth0_vlan: entered promiscuous mode
[   45.851956][ T5956] veth1_vlan: entered promiscuous mode
[   45.867791][ T5949] veth1_vlan: entered promiscuous mode
[   45.875354][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.880322][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.889016][ T5956] veth0_macvtap: entered promiscuous mode
[   45.892895][ T5956] veth1_macvtap: entered promiscuous mode
[   45.898432][ T5949] veth0_macvtap: entered promiscuous mode
[   45.912147][ T5949] veth1_macvtap: entered promiscuous mode
[   45.918839][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.930091][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.934435][ T5956] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.937629][ T5956] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.940802][ T5956] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.943442][ T5956] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.959373][ T5953] veth0_vlan: entered promiscuous mode
[   45.961644][ T5947] veth0_vlan: entered promiscuous mode
[   45.965709][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.968734][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.973050][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.977854][ T5947] veth1_vlan: entered promiscuous mode
[   45.985283][ T5953] veth1_vlan: entered promiscuous mode
[   45.990434][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.993340][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.996631][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.014914][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.017243][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.018155][ T5949] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.022195][ T5949] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.024621][ T5949] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.027067][ T5949] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.037462][ T5947] veth0_macvtap: entered promiscuous mode
[   46.041162][ T5947] veth1_macvtap: entered promiscuous mode
[   46.047957][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.050697][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.057076][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.060503][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.063194][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.066047][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.069258][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.073435][ T5953] veth0_macvtap: entered promiscuous mode
[   46.078462][ T5953] veth1_macvtap: entered promiscuous mode
[   46.087988][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.091198][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.093904][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.096773][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.101387][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.111928][ T5947] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.114403][ T5947] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.117622][ T5947] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.121124][ T5947] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.128579][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.131058][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.132796][ T5956] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   46.150276][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.153225][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.155982][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.158860][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.160715][ T5959] Bluetooth: hci2: command tx timeout
[   46.161306][ T5950] Bluetooth: hci3: command tx timeout
[   46.162168][ T5950] Bluetooth: hci0: command tx timeout
[   46.162274][   T65] Bluetooth: hci1: command tx timeout
[   46.162907][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.162924][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.164010][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.177717][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.181025][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.181379][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.183249][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.186177][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.186189][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.194427][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.197301][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.200832][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.215155][ T5953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.217792][ T5953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.220476][ T5953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.221396][ T6011] dccp_invalid_packet: P.Data Offset(0) too small
[   46.222939][ T5953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.245800][   T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.249766][   T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.257183][   T39] audit: type=1804 audit(1740140226.406:2): pid=6011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4" name="/newroot/0/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   46.268274][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.274536][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.276395][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.279204][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.280663][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.281624][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.286924][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.290607][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.297829][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.300896][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.303191][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.303291][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   46.305357][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.318555][   T39] audit: type=1804 audit(1740140226.466:3): pid=6016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4" name="/newroot/0/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   46.324508][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.328308][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.863141][ T6048] =======================================================
[   47.863141][ T6048] WARNING: The mand mount option has been deprecated and
[   47.863141][ T6048]          and is ignored by this kernel. Remove the mand
[   47.863141][ T6048]          option from the mount to silence this warning.
[   47.863141][ T6048] =======================================================
[   47.874566][ T6048] virtio-fs: tag </dev/sr0> not found
[   48.119880][   T30] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   48.240778][ T5950] Bluetooth: hci2: command tx timeout
[   48.240828][ T5959] Bluetooth: hci1: command tx timeout
[   48.240856][ T5959] Bluetooth: hci0: command tx timeout
[   48.243084][ T5950] Bluetooth: hci3: command tx timeout
[   48.359502][   T30] usb 8-1: Using ep0 maxpacket: 32
[   48.372206][   T30] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   48.374487][   T30] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   48.376842][   T30] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   48.379330][   T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   48.385144][   T30] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   48.387962][   T30] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   48.393015][   T30] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   48.395543][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.403132][   T30] usb 8-1: config 0 descriptor??
[   48.443461][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.509769][ T6065] fuse: Bad value for 'fd'
[   48.672165][   T30] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   48.705886][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.711259][   T30] usb 8-1: USB disconnect, device number 2
[   48.734862][   T30] usblp0: removed
[   49.427200][ T6077] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.435828][ T6079] virtio-fs: tag </dev/sr0> not found
[   49.485222][   T39] audit: type=1326 audit(1740140229.636:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6075 comm="syz.1.17" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb0579 code=0x0
[   49.546267][ T6085] netdevsim netdevsim1: Direct firmware load for � failed with error -2
[   49.548743][ T6085] netdevsim netdevsim1: Falling back to sysfs fallback for: �
[   49.679671][   T30] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   49.829469][   T30] usb 8-1: Using ep0 maxpacket: 32
[   49.832271][   T30] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   49.834690][   T30] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   49.837114][   T30] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   49.839952][   T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   49.842700][   T30] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   49.845356][   T30] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   49.848961][   T30] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   49.851600][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.856862][   T30] usb 8-1: config 0 descriptor??
[   50.065733][   T30] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   50.070726][   T30] usb 8-1: USB disconnect, device number 3
[   50.073653][   T30] usblp0: removed
[   50.296530][ T6088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21'.
[   50.314504][ T6094] syz.1.23 (6094): /proc/6093/oom_adj is deprecated, please use /proc/6093/oom_score_adj instead.
[   50.320387][ T5950] Bluetooth: hci2: command tx timeout
[   50.321094][ T5959] Bluetooth: hci1: command tx timeout
[   50.322059][ T5950] Bluetooth: hci3: command tx timeout
[   50.325445][ T5299] Bluetooth: hci0: command tx timeout
[   50.331324][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   50.650300][   T39] audit: type=1326 audit(1740140230.806:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   50.656094][   T39] audit: type=1326 audit(1740140230.806:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   50.662114][   T39] audit: type=1326 audit(1740140230.806:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   50.669514][   T39] audit: type=1326 audit(1740140230.806:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   50.675385][   T39] audit: type=1326 audit(1740140230.806:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   50.685571][   T39] audit: type=1326 audit(1740140230.806:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   50.691548][   T39] audit: type=1326 audit(1740140230.806:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.0.25" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   50.937374][ T6108] fuse: Unknown parameter 'user_id00000000000000000000'
[   50.965972][ T6110] loop6: detected capacity change from 0 to 524287999
[   50.972942][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   50.976082][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[   50.980367][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   50.983731][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[   50.986313][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   50.988807][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   50.991233][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   50.993776][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   50.996176][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   50.998707][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   51.002043][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   51.004669][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   51.007048][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   51.009686][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   51.012033][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   51.014567][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   51.017031][ T6110] ldm_validate_partition_table(): Disk read failed.
[   51.019151][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   51.021763][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   51.025231][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   51.027520][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   51.030115][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   51.070701][ T6111] loop6: detected capacity change from 524287999 to 524288000
[   51.080451][ T6110]  loop6: unable to read partition table
[   51.104814][ T6110] loop_reread_partitions: partition scan of loop6 (�����ǴW�C@'O�Q��ҥ�) failed (rc=-5)
[   51.449890][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.515515][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   51.601001][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   51.617899][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   51.870284][    T0] NOHZ tick-stop error: local softirq work is pending, handler #290!!!
[   52.399618][ T5299] Bluetooth: hci1: command tx timeout
[   52.402620][ T5299] Bluetooth: hci2: command tx timeout
[   52.410135][ T5950] Bluetooth: hci0: command tx timeout
[   52.411696][ T5950] Bluetooth: hci3: command tx timeout
[   52.744314][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   52.846750][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   53.542949][ T6154] can0: slcan on ttyS3.
[   54.418893][ T6169] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.426520][ T6169] netlink: 36 bytes leftover after parsing attributes in process `syz.2.40'.
[   54.480617][ T6147] can0 (unregistered): slcan off ttyS3.
[   54.503489][ T6176] virtio-fs: tag </dev/sr0> not found
[   54.907907][ T1016] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   55.349533][ T1016] usb 6-1: Using ep0 maxpacket: 32
[   55.384770][ T1016] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[   55.391343][ T1016] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   55.396976][ T1016] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[   55.402764][ T1016] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   55.409036][ T1016] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   55.419295][ T1016] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   55.436282][ T1016] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   55.444188][ T1016] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.451639][ T1016] usb 6-1: config 0 descriptor??
[   55.652062][ T6195] fuse: Unknown parameter '0x0000000000000008'
[   55.997059][ T1016] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   56.017838][ T1016] usb 6-1: USB disconnect, device number 2
[   56.075735][ T1016] usblp0: removed
[   56.311731][ T6202] fuse: Unknown parameter 'user_i00000000000000000000'
[   57.234160][ T6217] netlink: 36 bytes leftover after parsing attributes in process `syz.3.50'.
[   58.176007][ T6227] Zero length message leads to an empty skb
[   58.361742][ T6227] netlink: 76 bytes leftover after parsing attributes in process `syz.0.52'.
[   58.983558][ T6242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.56'.
[   60.474772][ T6263] net_ratelimit: 17 callbacks suppressed
[   60.474785][ T6263] dccp_invalid_packet: P.Data Offset(0) too small
[   60.489603][   T39] kauditd_printk_skb: 995 callbacks suppressed
[   60.489620][   T39] audit: type=1804 audit(1740140240.636:1007): pid=6263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.62" name="/newroot/16/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   60.489942][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.501861][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.505759][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.507903][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.510652][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.512905][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.515511][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.517595][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.520310][    C0] IPv4: Oversized IP packet from 127.0.0.1
[   60.666892][ T6265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   60.669767][ T6265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   60.696943][ T6265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   60.699735][ T6265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   60.857052][ T6265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   60.859785][ T6265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   61.096118][ T6276] fuse: Unknown parameter 'fd0x0000000000000008'
[   62.219727][    T9] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[   62.396376][    T9] usb 6-1: not running at top speed; connect to a high speed hub
[   62.402196][    T9] usb 6-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 911, setting to 64
[   62.405146][    T9] usb 6-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   62.408580][    T9] usb 6-1: config 1 interface 0 has no altsetting 0
[   62.424781][    T9] usb 6-1: New USB device found, idVendor=056a, idProduct=010f, bcdDevice= 0.40
[   62.427292][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.429608][    T9] usb 6-1: Product: syz
[   62.430786][    T9] usb 6-1: Manufacturer: syz
[   62.432116][    T9] usb 6-1: SerialNumber: syz
[   62.437063][ T6287] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   62.459501][ T5991] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   62.609559][ T5991] usb 8-1: Using ep0 maxpacket: 8
[   62.615161][ T5991] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   62.618219][ T5991] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   62.621352][ T5991] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.625293][ T5991] usb 8-1: config 0 descriptor??
[   62.832929][ T5991] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   62.867788][ T6295] 9pnet_fd: Insufficient options for proto=fd
[   62.896606][ T6298] netlink: 'syz.0.70': attribute type 1 has an invalid length.
[   63.156439][   T39] audit: type=1804 audit(1740140243.306:1008): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.71" name="/newroot/16/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   63.174406][ T6306] syz.2.71 (6306) used greatest stack depth: 20336 bytes left
[   63.314851][   T39] audit: type=1804 audit(1740140243.466:1009): pid=6309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.72" name="/newroot/17/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   63.841132][ T5299] Bluetooth: hci0: command tx timeout
[   64.589996][    T9] usbhid 6-1:1.0: can't add hid device: -71
[   64.591774][    T9] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[   64.595628][    T9] usb 6-1: USB disconnect, device number 3
[   65.152679][ T6326] CIFS: VFS: Malformed UNC in devname
[   65.211992][ T6327] tmpfs: Bad value for 'nr_inodes'
[   65.591399][ T1016] usb 8-1: USB disconnect, device number 4
[   65.876873][   T39] audit: type=1804 audit(1740140246.026:1010): pid=6329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.78" name="/newroot/20/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   66.142269][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   66.717608][ T6353] CIFS: VFS: Malformed UNC in devname
[   66.832686][ T6356] tmpfs: Bad value for 'nr_inodes'
[   67.159718][ T5984] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   67.309575][ T5984] usb 8-1: Using ep0 maxpacket: 8
[   67.310950][ T5984] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   67.310973][ T5984] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   67.310986][ T5984] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.311922][ T5984] usb 8-1: config 0 descriptor??
[   67.520234][ T5984] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   67.853130][   T39] audit: type=1804 audit(1740140248.006:1011): pid=6369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.92" name="/newroot/23/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   69.172791][   T39] audit: type=1804 audit(1740140249.326:1012): pid=6386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.96" name="/newroot/26/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   69.331203][   T39] audit: type=1326 audit(1740140249.486:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   69.337213][   T39] audit: type=1326 audit(1740140249.486:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   69.343593][   T39] audit: type=1326 audit(1740140249.486:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   69.349825][   T39] audit: type=1326 audit(1740140249.486:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   69.355507][   T39] audit: type=1326 audit(1740140249.486:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   69.361528][   T39] audit: type=1326 audit(1740140249.486:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   69.367223][   T39] audit: type=1326 audit(1740140249.486:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   69.517973][ T6396] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   69.520745][ T6396] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   69.531180][ T6396] vhci_hcd vhci_hcd.0: Device attached
[   69.799542][ T5984] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[   69.801959][ T6402] mkiss: ax0: crc mode is auto.
[   69.811665][ T6402] process 'syz.0.100' launched './file0' with NULL argv: empty string added
[   69.850442][ T6397] vhci_hcd: connection reset by peer
[   69.854642][ T1171] vhci_hcd: stop threads
[   69.856348][ T1171] vhci_hcd: release socket
[   69.858446][ T1171] vhci_hcd: disconnect device
[   70.036767][ T6401] bridge0: port 3(syz_tun) entered blocking state
[   70.039875][ T6401] bridge0: port 3(syz_tun) entered disabled state
[   70.044157][ T6401] syz_tun: entered allmulticast mode
[   70.047006][ T6401] syz_tun: entered promiscuous mode
[   70.049841][ T6401] bridge0: port 3(syz_tun) entered blocking state
[   70.052139][ T6401] bridge0: port 3(syz_tun) entered forwarding state
[   70.084535][ T6401] netlink: 72 bytes leftover after parsing attributes in process `syz.1.99'.
[   70.962594][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[   70.964630][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[   71.237471][ T6416] fuse: Unknown parameter 'fd0x0000000000000008'
[   71.620495][ T5990] usb 8-1: USB disconnect, device number 5
[   71.732557][   T39] kauditd_printk_skb: 209 callbacks suppressed
[   71.732636][   T39] audit: type=1804 audit(1740140251.886:1229): pid=6422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.105" name="/newroot/27/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   71.756937][ T6424] capability: warning: `syz.3.106' uses deprecated v2 capabilities in a way that may be insecure
[   71.936814][ T6425] veth1_macvtap: left promiscuous mode
[   71.938976][ T6425] macsec0: entered promiscuous mode
[   71.955497][ T6425] netlink: 'syz.3.106': attribute type 10 has an invalid length.
[   72.074530][   T39] audit: type=1804 audit(1740140252.226:1230): pid=6430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.107" name="/newroot/28/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   72.288999][ T6427] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.291975][ T6427] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.294491][ T6427] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.559770][ T6441] FAULT_INJECTION: forcing a failure.
[   72.559770][ T6441] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   72.563506][ T6441] CPU: 3 UID: 0 PID: 6441 Comm: syz.1.112 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[   72.563520][ T6441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.563527][ T6441] Call Trace:
[   72.563566][ T6441]  <TASK>
[   72.563571][ T6441]  dump_stack_lvl+0x16c/0x1f0
[   72.563589][ T6441]  should_fail_ex+0x50a/0x650
[   72.563609][ T6441]  _copy_from_user+0x2e/0xd0
[   72.563621][ T6441]  copy_from_sockptr_offset.constprop.0+0x123/0x140
[   72.563639][ T6441]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[   72.563655][ T6441]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   72.563675][ T6441]  smc_setsockopt+0x29a/0xa00
[   72.563689][ T6441]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   72.563702][ T6441]  ? __pfx_smc_setsockopt+0x10/0x10
[   72.563718][ T6441]  ? find_held_lock+0x2d/0x110
[   72.563731][ T6441]  ? __pfx_smc_setsockopt+0x10/0x10
[   72.563746][ T6441]  do_sock_setsockopt+0x222/0x480
[   72.563756][ T6441]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   72.563775][ T6441]  ? lock_acquire+0x2f/0xb0
[   72.563796][ T6441]  __sys_setsockopt+0x1a0/0x230
[   72.563812][ T6441]  __ia32_sys_setsockopt+0xbc/0x160
[   72.563826][ T6441]  ? syscall_trace_enter+0xf0/0x260
[   72.563844][ T6441]  __do_fast_syscall_32+0x73/0x120
[   72.563860][ T6441]  do_fast_syscall_32+0x32/0x80
[   72.563873][ T6441]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   72.563891][ T6441] RIP: 0023:0xf7fb0579
[   72.563900][ T6441] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   72.563910][ T6441] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   72.563921][ T6441] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006
[   72.563927][ T6441] RDX: 0000000000000021 RSI: 0000000080000100 RDI: 0000000000000010
[   72.563933][ T6441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   72.563939][ T6441] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   72.563944][ T6441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   72.563956][ T6441]  </TASK>
[   72.773216][ T6445] Bluetooth: MGMT ver 1.23
[   72.775639][ T6445] FAULT_INJECTION: forcing a failure.
[   72.775639][ T6445] name failslab, interval 1, probability 0, space 0, times 1
[   72.781116][ T6445] CPU: 3 UID: 0 PID: 6445 Comm: syz.1.114 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[   72.781131][ T6445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.781138][ T6445] Call Trace:
[   72.781141][ T6445]  <TASK>
[   72.781146][ T6445]  dump_stack_lvl+0x16c/0x1f0
[   72.781165][ T6445]  should_fail_ex+0x50a/0x650
[   72.781185][ T6445]  should_failslab+0xc2/0x120
[   72.781196][ T6445]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[   72.781214][ T6445]  ? __alloc_skb+0x2b1/0x380
[   72.781232][ T6445]  __alloc_skb+0x2b1/0x380
[   72.781246][ T6445]  ? __pfx___alloc_skb+0x10/0x10
[   72.781259][ T6445]  ? __kmalloc_node_track_caller_noprof+0x240/0x510
[   72.781277][ T6445]  ? mgmt_pending_new+0x10b/0x290
[   72.781296][ T6445]  ? __asan_memcpy+0x3c/0x60
[   72.781312][ T6445]  hci_cmd_sync_alloc+0x39/0x3a0
[   72.781327][ T6445]  hci_send_cmd+0x43/0x1c0
[   72.781369][ T6445]  set_link_security+0x2bc/0x710
[   72.781383][ T6445]  ? __pfx_set_link_security+0x10/0x10
[   72.781393][ T6445]  ? lockdep_init_map_type+0x16d/0x7d0
[   72.781410][ T6445]  ? rcu_is_watching+0x12/0xc0
[   72.781423][ T6445]  ? do_init_timer+0xc9/0x110
[   72.781436][ T6445]  ? __pfx_mgmt_init_hdev+0x10/0x10
[   72.781454][ T6445]  hci_sock_sendmsg+0x1528/0x25e0
[   72.781473][ T6445]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[   72.781495][ T6445]  sock_write_iter+0x4fe/0x5b0
[   72.781507][ T6445]  ? __pfx_sock_write_iter+0x10/0x10
[   72.781525][ T6445]  ? bpf_lsm_file_permission+0x9/0x10
[   72.781542][ T6445]  ? security_file_permission+0x71/0x210
[   72.781557][ T6445]  ? rw_verify_area+0xcf/0x680
[   72.781577][ T6445]  vfs_write+0x5ae/0x1150
[   72.781592][ T6445]  ? __pfx_sock_write_iter+0x10/0x10
[   72.781605][ T6445]  ? __pfx_vfs_write+0x10/0x10
[   72.781620][ T6445]  ? __fget_files+0x40/0x3a0
[   72.781643][ T6445]  ksys_write+0x207/0x250
[   72.781658][ T6445]  ? __pfx_ksys_write+0x10/0x10
[   72.781671][ T6445]  ? __might_fault+0xe3/0x190
[   72.781684][ T6445]  ? rcu_is_watching+0x12/0xc0
[   72.781696][ T6445]  __do_fast_syscall_32+0x73/0x120
[   72.781712][ T6445]  do_fast_syscall_32+0x32/0x80
[   72.781725][ T6445]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   72.781743][ T6445] RIP: 0023:0xf7fb0579
[   72.781752][ T6445] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   72.781762][ T6445] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[   72.781772][ T6445] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000000
[   72.781778][ T6445] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[   72.781784][ T6445] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   72.781790][ T6445] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   72.781796][ T6445] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   72.781808][ T6445]  </TASK>
[   72.781813][ T6445] Bluetooth: hci0: no memory for command
[   72.961413][   T39] audit: type=1804 audit(1740140253.116:1231): pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.116" name="/newroot/31/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   73.198201][ T6462] virtio-fs: tag </dev/sr0> not found
[   73.279266][ T6456] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.284465][ T6456] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.286609][ T6456] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.459621][   T30] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   73.500814][ T6469] Invalid logical block size (-1)
[   73.607890][ T6472] net_ratelimit: 24 callbacks suppressed
[   73.607907][ T6472] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[   73.630235][   T30] usb 5-1: Using ep0 maxpacket: 32
[   73.649814][   T30] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[   73.653292][   T30] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   73.656526][   T30] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[   73.660099][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   73.663687][   T30] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   73.667210][   T30] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   73.672141][   T30] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   73.675751][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.691206][   T30] usb 5-1: config 0 descriptor??
[   73.861062][   T39] audit: type=1804 audit(1740140254.016:1232): pid=6479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.127" name="/newroot/36/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   73.913902][   T30] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   73.922453][   T30] usb 5-1: USB disconnect, device number 2
[   73.927581][   T30] usblp0: removed
[   73.989008][ T6486] misc userio: No port type given on /dev/userio
[   74.005903][ T6486] misc userio: The device must be registered before sending interrupts
[   74.055648][   T39] audit: type=1326 audit(1740140254.206:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.3.131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[   74.068289][   T39] audit: type=1326 audit(1740140254.206:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.3.131" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf740e598 code=0x7ffc0000
[   74.076628][   T39] audit: type=1326 audit(1740140254.206:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.3.131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[   74.084752][   T39] audit: type=1326 audit(1740140254.206:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.3.131" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf740e598 code=0x7ffc0000
[   74.092680][   T39] audit: type=1326 audit(1740140254.206:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.3.131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[   74.098605][   T39] audit: type=1326 audit(1740140254.206:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.3.131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[   74.138185][ T6484] netlink: 'syz.1.129': attribute type 10 has an invalid length.
[   74.141521][ T6484] netlink: 3671 bytes leftover after parsing attributes in process `syz.1.129'.
[   74.350299][ T6497] fuse: Unknown parameter 'fd0x0000000000000008'
[   74.372341][ T6491] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.374707][ T6491] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.376957][ T6491] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.884715][ T6499] netlink: 'syz.1.133': attribute type 9 has an invalid length.
[   74.949541][ T5984] vhci_hcd: vhci_device speed not set
[   75.285244][ T6510] FAULT_INJECTION: forcing a failure.
[   75.285244][ T6510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.289560][ T6510] CPU: 3 UID: 0 PID: 6510 Comm: syz.2.137 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[   75.289582][ T6510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.289589][ T6510] Call Trace:
[   75.289594][ T6510]  <TASK>
[   75.289599][ T6510]  dump_stack_lvl+0x16c/0x1f0
[   75.289618][ T6510]  should_fail_ex+0x50a/0x650
[   75.289638][ T6510]  _copy_from_user+0x2e/0xd0
[   75.289649][ T6510]  get_compat_msghdr+0xa8/0x170
[   75.289663][ T6510]  ? __pfx_get_compat_msghdr+0x10/0x10
[   75.289679][ T6510]  ___sys_sendmsg+0x1b0/0x1e0
[   75.289696][ T6510]  ? __pfx____sys_sendmsg+0x10/0x10
[   75.289716][ T6510]  ? __pfx_lock_release+0x10/0x10
[   75.289733][ T6510]  ? trace_lock_acquire+0x14e/0x1f0
[   75.289749][ T6510]  ? __fget_files+0x206/0x3a0
[   75.289768][ T6510]  __sys_sendmsg+0x16e/0x220
[   75.289783][ T6510]  ? __pfx___sys_sendmsg+0x10/0x10
[   75.289806][ T6510]  __do_fast_syscall_32+0x73/0x120
[   75.289821][ T6510]  do_fast_syscall_32+0x32/0x80
[   75.289835][ T6510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.289853][ T6510] RIP: 0023:0xf742e579
[   75.289862][ T6510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.289872][ T6510] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   75.289882][ T6510] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[   75.289889][ T6510] RDX: 0000000000040840 RSI: 0000000000000000 RDI: 0000000000000000
[   75.289895][ T6510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   75.289900][ T6510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   75.289906][ T6510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.289918][ T6510]  </TASK>
[   75.385683][ T6512] Invalid option length (1025206) for dns_resolver key
[   77.132371][ T6527] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.139847][ T6527] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.142502][ T6527] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.415201][   T39] kauditd_printk_skb: 162 callbacks suppressed
[   77.415213][   T39] audit: type=1804 audit(1740140257.566:1401): pid=6538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.147" name="/newroot/39/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[   77.499549][ T5991] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   77.539612][   T30] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   77.651263][ T5991] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.655623][ T5991] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[   77.661027][ T5991] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   77.663661][ T5991] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.666116][ T5991] usb 5-1: Product: syz
[   77.667614][ T5991] usb 5-1: Manufacturer: syz
[   77.668980][ T5991] usb 5-1: SerialNumber: syz
[   77.880522][ T6532] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   77.899696][   T30] usb 7-1: Using ep0 maxpacket: 16
[   77.906384][   T30] usb 7-1: unable to read config index 0 descriptor/start: -61
[   77.909102][   T30] usb 7-1: can't read configurations, error -61
[   78.049549][   T30] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   78.199978][   T30] usb 7-1: Using ep0 maxpacket: 16
[   78.206835][   T30] usb 7-1: unable to read config index 0 descriptor/start: -61
[   78.215321][   T30] usb 7-1: can't read configurations, error -61
[   78.229785][   T30] usb usb7-port1: attempt power cycle
[   78.579732][   T30] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   78.605188][   T30] usb 7-1: Using ep0 maxpacket: 16
[   78.610816][   T30] usb 7-1: unable to read config index 0 descriptor/start: -61
[   78.613264][   T30] usb 7-1: can't read configurations, error -61
[   78.729126][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   78.749515][   T30] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   78.771180][   T30] usb 7-1: Using ep0 maxpacket: 16
[   78.777090][   T30] usb 7-1: unable to read config index 0 descriptor/start: -61
[   78.778532][ T6553] misc userio: Invalid payload size
[   78.779862][   T30] usb 7-1: can't read configurations, error -61
[   78.784268][   T30] usb usb7-port1: unable to enumerate USB device
[   78.791150][ T6553] misc userio: The device must be registered before sending interrupts
[   78.999604][    T9] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   79.159595][    T9] usb 8-1: Using ep0 maxpacket: 8
[   79.163179][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   79.166696][    T9] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   79.169226][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.173730][    T9] usb 8-1: config 0 descriptor??
[   79.376641][ T6547] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   79.380440][    T9] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   79.581924][ T5991] cdc_mbim 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[   79.583799][ T5991] cdc_mbim 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   79.585932][ T5991] cdc_mbim 5-1:1.0: setting rx_max = 2048
[   79.783634][ T5991] cdc_mbim 5-1:1.0: setting tx_max = 184
[   79.786828][ T5991] cdc_mbim 5-1:1.0: cdc-wdm1: USB WDM device
[   79.792459][ T5991] wwan wwan0: port wwan0mbim0 attached
[   79.798615][ T5991] cdc_mbim 5-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 42:42:42:42:42:42
[   79.942312][ T5658] 8021q: adding VLAN 0 to HW filter on device wwan0
[   80.423948][ T6582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.156'.
[   80.429651][ T6582] netlink: 12 bytes leftover after parsing attributes in process `syz.2.156'.
[   80.616633][ T6584] virtio-fs: tag </dev/sr0> not found
[   80.807082][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   80.897650][   T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   80.996064][ T6593] fuse: Unknown parameter 'fd0x0000000000000008'
[   81.062732][   T30] usb 7-1: Using ep0 maxpacket: 32
[   81.087366][   T30] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   81.123247][   T30] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   81.156856][   T30] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   81.197717][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   81.215836][   T25] cfg80211: failed to load regulatory.db
[   81.265858][   T30] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   81.271540][   T30] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   81.280263][   T30] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   81.287470][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.336091][   T30] usb 7-1: config 0 descriptor??
[   81.711154][ T5990] usb 5-1: USB disconnect, device number 3
[   81.732566][   T30] usblp 7-1:0.0: usblp2: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   81.762014][ T5990] cdc_mbim 5-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[   81.787571][   T30] usb 7-1: USB disconnect, device number 6
[   81.824779][   T30] usblp2: removed
[   81.876325][ T5990] cdc_mbim 5-1:1.0 wwan0: failed to kill vid 0081/0
[   82.497459][ T5990] wwan wwan0: port wwan0mbim0 disconnected
[   82.510432][   T30] usb 8-1: USB disconnect, device number 6
[   82.954642][ T6621] virtio-fs: tag </dev/sr0> not found
[   83.219885][ T6089] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   83.425503][ T6089] usb 7-1: Using ep0 maxpacket: 32
[   83.449501][ T6089] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   83.452466][ T6089] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   83.455836][ T6089] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   83.478895][ T6089] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   83.482476][ T6089] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   83.504838][ T6089] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   83.511659][ T6089] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   83.515243][ T6089] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.535120][ T6089] usb 7-1: config 0 descriptor??
[   83.857888][ T6089] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   83.877159][ T6089] usb 7-1: USB disconnect, device number 7
[   83.901085][ T6089] usblp0: removed
[   84.593554][ T6635] capability: warning: `syz.1.164' uses 32-bit capabilities (legacy support in use)
[   84.677160][ T6637] x_tables: duplicate underflow at hook 1
[   84.970677][ T6639] serio: Serial port ptm0
[   85.571315][ T6651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.164'.
[   85.939281][ T6651] macsec0: entered promiscuous mode
[   86.538501][ T5990] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   86.710369][ T5990] usb 7-1: Using ep0 maxpacket: 32
[   86.732537][ T5990] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   86.738289][ T5990] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   86.749712][ T5990] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   86.756363][ T5990] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   86.806665][ T5990] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   86.846875][ T5990] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   86.886294][ T5990] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   86.889646][ T5990] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.897072][ T5990] usb 7-1: config 0 descriptor??
[   87.351931][ T5990] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   87.374476][ T5990] usb 7-1: USB disconnect, device number 8
[   87.379647][ T5990] usblp0: removed
[   88.966013][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   89.118313][ T6686] 9pnet_virtio: no channels available for device syz
[   89.191354][ T6682] netlink: 24 bytes leftover after parsing attributes in process `syz.0.177'.
[   90.214941][ T6709] 9pnet_virtio: no channels available for device syz
[   90.303302][ T6695] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[   90.318343][ T6695] overlayfs: overlapping lowerdir path
[   90.341065][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   90.841478][ T6720] FAULT_INJECTION: forcing a failure.
[   90.841478][ T6720] name failslab, interval 1, probability 0, space 0, times 0
[   90.853881][ T6720] CPU: 3 UID: 0 PID: 6720 Comm: syz.0.189 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[   90.853910][ T6720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.853920][ T6720] Call Trace:
[   90.853926][ T6720]  <TASK>
[   90.853934][ T6720]  dump_stack_lvl+0x16c/0x1f0
[   90.853961][ T6720]  should_fail_ex+0x50a/0x650
[   90.853986][ T6720]  ? fs_reclaim_acquire+0xae/0x150
[   90.854008][ T6720]  should_failslab+0xc2/0x120
[   90.854025][ T6720]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   90.854049][ T6720]  ? alloc_empty_file+0x73/0x1e0
[   90.854069][ T6720]  alloc_empty_file+0x73/0x1e0
[   90.854087][ T6720]  path_openat+0xe1/0x2d80
[   90.854109][ T6720]  ? hlock_class+0x4e/0x130
[   90.854127][ T6720]  ? __lock_acquire+0x15a9/0x3c40
[   90.854162][ T6720]  ? __pfx_path_openat+0x10/0x10
[   90.854184][ T6720]  ? __pfx___lock_acquire+0x10/0x10
[   90.854203][ T6720]  ? lock_acquire.part.0+0x11b/0x380
[   90.854225][ T6720]  ? find_held_lock+0x2d/0x110
[   90.854245][ T6720]  do_filp_open+0x20c/0x470
[   90.854268][ T6720]  ? __pfx_do_filp_open+0x10/0x10
[   90.854288][ T6720]  ? find_held_lock+0x2d/0x110
[   90.854321][ T6720]  ? alloc_fd+0x41f/0x760
[   90.854350][ T6720]  do_sys_openat2+0x17a/0x1e0
[   90.854368][ T6720]  ? __pfx_do_sys_openat2+0x10/0x10
[   90.854386][ T6720]  ? __fget_files+0x206/0x3a0
[   90.854413][ T6720]  __ia32_compat_sys_openat+0x16e/0x210
[   90.854432][ T6720]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[   90.854449][ T6720]  ? ksys_write+0x1ba/0x250
[   90.854478][ T6720]  __do_fast_syscall_32+0x73/0x120
[   90.854501][ T6720]  do_fast_syscall_32+0x32/0x80
[   90.854521][ T6720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   90.854548][ T6720] RIP: 0023:0xf7f40579
[   90.854563][ T6720] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   90.854579][ T6720] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[   90.854596][ T6720] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000340
[   90.854606][ T6720] RDX: 0000000000000000 RSI: 000000000000fffe RDI: 0000000000000000
[   90.854616][ T6720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   90.854625][ T6720] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   90.854636][ T6720] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   90.854656][ T6720]  </TASK>
[   91.077547][ T6724] 9pnet_virtio: no channels available for device syz
[   91.096196][ T6724] xt_cluster: node mask cannot exceed total number of nodes
[   91.359771][   T30] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[   91.517439][   T30] usb 7-1: device descriptor read/64, error -71
[   91.708157][   T39] audit: type=1326 audit(1740140271.856:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[   91.719857][   T39] audit: type=1326 audit(1740140271.876:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.731391][   T39] audit: type=1326 audit(1740140271.876:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.750969][   T39] audit: type=1326 audit(1740140271.876:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.760247][   T30] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[   91.763263][   T39] audit: type=1326 audit(1740140271.876:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.812073][   T39] audit: type=1326 audit(1740140271.876:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.841574][   T39] audit: type=1326 audit(1740140271.876:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.855474][   T39] audit: type=1326 audit(1740140271.876:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.868086][   T39] audit: type=1326 audit(1740140271.876:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.889238][   T39] audit: type=1326 audit(1740140271.876:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6728 comm="syz.0.192" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f40598 code=0x7ffc0000
[   91.927440][   T30] usb 7-1: device descriptor read/64, error -71
[   92.043600][   T30] usb usb7-port1: attempt power cycle
[   92.533852][   T30] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[   92.559306][   T30] usb 7-1: device descriptor read/8, error -71
[   92.799543][ T5950] Bluetooth: hci3: command 0x0405 tx timeout
[   92.819647][   T30] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[   93.034338][   T30] usb 7-1: device descriptor read/8, error -71
[   93.143432][   T30] usb usb7-port1: unable to enumerate USB device
[   94.087306][ T6743] 9pnet_virtio: no channels available for device syz
[   94.772482][ T6752] syz.2.199 uses obsolete (PF_INET,SOCK_PACKET)
[   94.890497][ T6748] trusted_key: syz.2.199 sent an empty control message without MSG_MORE.
[   95.375699][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[   95.939103][ T6767] 9pnet_fd: Insufficient options for proto=fd
[   96.645708][ T6771] misc userio: No port type given on /dev/userio
[   96.747404][ T6771] misc userio: The device must be registered before sending interrupts
[   96.749237][    C2] vkms_vblank_simulate: vblank timer overrun
[   97.003393][    C2] vkms_vblank_simulate: vblank timer overrun
[   97.300157][ T6787] syz.1.207: attempt to access beyond end of device
[   97.300157][ T6787] nbd1: rw=0, sector=6, nr_sectors = 2 limit=0
[   97.317850][ T6787] ADFS-fs (nbd1): error: unable to read block 3, try 0
[   99.032761][    C2] vkms_vblank_simulate: vblank timer overrun
[   99.838609][ T6805] Illegal XDP return value 954985975 on prog  (id 114) dev N/A, expect packet loss!
[   99.847917][ T6805] FAULT_INJECTION: forcing a failure.
[   99.847917][ T6805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.857831][ T6805] CPU: 3 UID: 0 PID: 6805 Comm: syz.1.215 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[   99.857864][ T6805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.857877][ T6805] Call Trace:
[   99.857884][ T6805]  <TASK>
[   99.857892][ T6805]  dump_stack_lvl+0x16c/0x1f0
[   99.857927][ T6805]  should_fail_ex+0x50a/0x650
[   99.857966][ T6805]  _copy_to_user+0x32/0xd0
[   99.857990][ T6805]  bpf_test_finish.isra.0+0x556/0x670
[   99.858021][ T6805]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[   99.858044][ T6805]  ? __might_fault+0xe3/0x190
[   99.858088][ T6805]  ? _copy_from_user+0x59/0xd0
[   99.858114][ T6805]  bpf_prog_test_run_xdp+0xa02/0x1560
[   99.858148][ T6805]  ? lock_acquire+0x2f/0xb0
[   99.858176][ T6805]  ? __fget_files+0x40/0x3a0
[   99.858207][ T6805]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.858234][ T6805]  ? __fget_files+0x206/0x3a0
[   99.858268][ T6805]  ? fput+0x67/0x440
[   99.858290][ T6805]  ? __bpf_prog_get+0xa0/0x290
[   99.858318][ T6805]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.858343][ T6805]  __sys_bpf+0xfc6/0x49c0
[   99.858375][ T6805]  ? __pfx_lock_release+0x10/0x10
[   99.858405][ T6805]  ? __pfx___sys_bpf+0x10/0x10
[   99.858434][ T6805]  ? vfs_write+0x306/0x1150
[   99.858466][ T6805]  ? __mutex_unlock_slowpath+0x164/0x6a0
[   99.858509][ T6805]  ? fput+0x67/0x440
[   99.858529][ T6805]  ? ksys_write+0x1ba/0x250
[   99.858556][ T6805]  ? __pfx_ksys_write+0x10/0x10
[   99.858590][ T6805]  __ia32_sys_bpf+0x76/0xe0
[   99.858701][ T6805]  __do_fast_syscall_32+0x73/0x120
[   99.858731][ T6805]  do_fast_syscall_32+0x32/0x80
[   99.858757][ T6805]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   99.858789][ T6805] RIP: 0023:0xf7fb0579
[   99.858808][ T6805] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   99.858828][ T6805] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   99.858848][ T6805] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[   99.858862][ T6805] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[   99.858874][ T6805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   99.858886][ T6805] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   99.858898][ T6805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   99.858925][ T6805]  </TASK>
[  100.188496][ T6807] misc userio: No port type given on /dev/userio
[  100.308541][ T6807] misc userio: The device must be registered before sending interrupts
[  100.509601][ T1322] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  100.669575][ T1322] usb 6-1: Using ep0 maxpacket: 8
[  100.674648][ T1322] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  100.679195][ T1322] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  100.683001][ T1322] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.687868][ T1322] usb 6-1: config 0 descriptor??
[  100.936252][ T1322] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  101.522592][    C2] vkms_vblank_simulate: vblank timer overrun
[  102.526877][   T39] kauditd_printk_skb: 47 callbacks suppressed
[  102.526893][   T39] audit: type=1326 audit(1740140282.676:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.554159][   T39] audit: type=1326 audit(1740140282.676:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.587190][   T39] audit: type=1326 audit(1740140282.696:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.608234][   T39] audit: type=1326 audit(1740140282.696:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.624456][   T39] audit: type=1326 audit(1740140282.706:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.648670][   T39] audit: type=1326 audit(1740140282.706:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.671232][   T39] audit: type=1326 audit(1740140282.706:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=133 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.686098][   T39] audit: type=1326 audit(1740140282.706:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.728941][   T39] audit: type=1326 audit(1740140282.706:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.0.224" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  102.741151][ T6834] misc userio: No port type given on /dev/userio
[  102.827201][ T6834] misc userio: The device must be registered before sending interrupts
[  102.976031][   T30] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  103.291230][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.295700][   T30] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  103.321352][   T30] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  103.326163][   T30] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.342391][   T30] usb 5-1: Product: syz
[  103.344398][   T30] usb 5-1: Manufacturer: syz
[  103.346674][   T30] usb 5-1: SerialNumber: syz
[  103.585560][ T6833] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  103.750336][ T1016] usb 6-1: USB disconnect, device number 4
[  104.221989][ T6833] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  104.302615][ T6852] netlink: 24 bytes leftover after parsing attributes in process `syz.1.233'.
[  104.426991][ T6860] misc userio: No port type given on /dev/userio
[  104.472652][   T30] cdc_mbim 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  104.491674][   T30] cdc_mbim 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  104.495448][   T30] cdc_mbim 5-1:1.0: setting rx_max = 2048
[  104.520627][ T6860] misc userio: The device must be registered before sending interrupts
[  104.635366][ T6863] netlink: 24 bytes leftover after parsing attributes in process `syz.1.237'.
[  104.674463][   T30] cdc_mbim 5-1:1.0: setting tx_max = 184
[  104.684456][   T30] cdc_mbim 5-1:1.0: cdc-wdm0: USB WDM device
[  104.709601][   T30] wwan wwan0: port wwan0mbim0 attached
[  104.727879][   T30] cdc_mbim 5-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 42:42:42:42:42:42
[  104.893501][    C0] cdc_mbim 5-1:1.0: nonzero urb status received: -71
[  104.897800][    C0] cdc_mbim 5-1:1.0: wdm_int_callback - 0 bytes
[  104.905830][    C0] cdc_mbim 5-1:1.0: nonzero urb status received: -71
[  104.910850][    C0] cdc_mbim 5-1:1.0: wdm_int_callback - 0 bytes
[  104.915506][    C0] cdc_mbim 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  104.951419][ T6008] usb 5-1: USB disconnect, device number 4
[  104.955384][ T6008] cdc_mbim 5-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[  105.245480][ T6008] wwan wwan0: port wwan0mbim0 disconnected
[  105.595550][ T6887] netlink: 'syz.0.242': attribute type 10 has an invalid length.
[  105.662681][ T6887] syz_tun: entered promiscuous mode
[  105.666711][ T6887] FAULT_INJECTION: forcing a failure.
[  105.666711][ T6887] name failslab, interval 1, probability 0, space 0, times 0
[  105.689292][ T6887] CPU: 1 UID: 0 PID: 6887 Comm: syz.0.242 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  105.689332][ T6887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.689343][ T6887] Call Trace:
[  105.689348][ T6887]  <TASK>
[  105.689356][ T6887]  dump_stack_lvl+0x16c/0x1f0
[  105.689397][ T6887]  should_fail_ex+0x50a/0x650
[  105.689428][ T6887]  ? nsim_fib_event_nb+0x1b6/0xec0
[  105.689451][ T6887]  should_failslab+0xc2/0x120
[  105.689469][ T6887]  __kmalloc_cache_noprof+0x68/0x410
[  105.689501][ T6887]  nsim_fib_event_nb+0x1b6/0xec0
[  105.689526][ T6887]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  105.689550][ T6887]  ? rcu_is_watching+0x12/0xc0
[  105.689570][ T6887]  notifier_call_chain+0xb7/0x410
[  105.689591][ T6887]  ? __pfx_nsim_fib_event_nb+0x10/0x10
[  105.689619][ T6887]  atomic_notifier_call_chain+0x71/0x1c0
[  105.689641][ T6887]  call_fib_notifiers+0x33/0x70
[  105.689667][ T6887]  fib_notify_alias_delete+0x2c0/0x390
[  105.689689][ T6887]  ? __pfx_fib_notify_alias_delete+0x10/0x10
[  105.689721][ T6887]  fib_table_flush+0x4b8/0xc80
[  105.689749][ T6887]  ? __pfx_fib_table_flush+0x10/0x10
[  105.689772][ T6887]  ? __pfx_fib_sync_down_dev+0x10/0x10
[  105.689806][ T6887]  fib_flush+0x9b/0x120
[  105.689832][ T6887]  fib_netdev_event+0x1ed/0x710
[  105.689859][ T6887]  notifier_call_chain+0xb7/0x410
[  105.689878][ T6887]  ? __pfx_fib_netdev_event+0x10/0x10
[  105.689907][ T6887]  call_netdevice_notifiers_info+0xbe/0x140
[  105.689928][ T6887]  __dev_notify_flags+0x1f9/0x2e0
[  105.689954][ T6887]  ? __pfx___dev_notify_flags+0x10/0x10
[  105.689980][ T6887]  ? __pfx___dev_change_flags+0x10/0x10
[  105.690003][ T6887]  ? __lock_acquire+0x15a9/0x3c40
[  105.690031][ T6887]  ? __pfx_validate_linkmsg+0x10/0x10
[  105.690066][ T6887]  dev_change_flags+0x10c/0x160
[  105.690094][ T6887]  do_setlink.constprop.0+0x699/0x3f80
[  105.690120][ T6887]  ? __pfx_mark_lock+0x10/0x10
[  105.690149][ T6887]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  105.690173][ T6887]  ? find_held_lock+0x2d/0x110
[  105.690195][ T6887]  ? __mutex_lock+0x2d0/0xb10
[  105.690218][ T6887]  ? __pfx_lock_release+0x10/0x10
[  105.690247][ T6887]  ? mark_held_locks+0x9f/0xe0
[  105.690273][ T6887]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  105.690292][ T6887]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.690316][ T6887]  ? __mutex_lock+0x1cc/0xb10
[  105.690336][ T6887]  ? __pfx_aa_get_newest_label+0x10/0x10
[  105.690356][ T6887]  ? rtnl_newlink+0x5d9/0x1d60
[  105.690382][ T6887]  ? __pfx___mutex_lock+0x10/0x10
[  105.690421][ T6887]  rtnl_newlink+0x1306/0x1d60
[  105.690452][ T6887]  ? __pfx_rtnl_newlink+0x10/0x10
[  105.690483][ T6887]  ? __pfx___lock_acquire+0x10/0x10
[  105.690506][ T6887]  ? kfree_skbmem+0x1a4/0x1f0
[  105.690528][ T6887]  ? aa_get_newest_label+0x376/0x680
[  105.690551][ T6887]  ? find_held_lock+0x2d/0x110
[  105.690573][ T6887]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  105.690594][ T6887]  ? __pfx_lock_release+0x10/0x10
[  105.690614][ T6887]  ? trace_lock_acquire+0x14e/0x1f0
[  105.690637][ T6887]  ? __pfx_rtnl_newlink+0x10/0x10
[  105.690658][ T6887]  rtnetlink_rcv_msg+0x95b/0xea0
[  105.690682][ T6887]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  105.690715][ T6887]  netlink_rcv_skb+0x16b/0x440
[  105.690736][ T6887]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  105.690758][ T6887]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  105.690791][ T6887]  ? netlink_deliver_tap+0x1ae/0xd30
[  105.690816][ T6887]  netlink_unicast+0x53c/0x7f0
[  105.690841][ T6887]  ? __pfx_netlink_unicast+0x10/0x10
[  105.690862][ T6887]  ? __phys_addr_symbol+0x30/0x80
[  105.690878][ T6887]  ? __check_object_size+0x488/0x710
[  105.690898][ T6887]  netlink_sendmsg+0x8b8/0xd70
[  105.690924][ T6887]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.690956][ T6887]  ____sys_sendmsg+0xaaf/0xc90
[  105.690975][ T6887]  ? __pfx_____sys_sendmsg+0x10/0x10
[  105.690990][ T6887]  ? get_compat_msghdr+0x11b/0x170
[  105.691020][ T6887]  ___sys_sendmsg+0x135/0x1e0
[  105.691050][ T6887]  ? __pfx____sys_sendmsg+0x10/0x10
[  105.691079][ T6887]  ? __pfx_lock_release+0x10/0x10
[  105.691097][ T6887]  ? trace_lock_acquire+0x14e/0x1f0
[  105.691118][ T6887]  ? __fget_files+0x206/0x3a0
[  105.691145][ T6887]  __sys_sendmsg+0x16e/0x220
[  105.691165][ T6887]  ? __pfx___sys_sendmsg+0x10/0x10
[  105.691196][ T6887]  __do_fast_syscall_32+0x73/0x120
[  105.691214][ T6887]  do_fast_syscall_32+0x32/0x80
[  105.691231][ T6887]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  105.691254][ T6887] RIP: 0023:0xf7f40579
[  105.691266][ T6887] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  105.691279][ T6887] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  105.691295][ T6887] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000600
[  105.691303][ T6887] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  105.691311][ T6887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  105.691319][ T6887] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  105.691328][ T6887] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  105.691346][ T6887]  </TASK>
[  105.963612][ T5984] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  106.046460][ T6887] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  106.254911][ T5984] usb 6-1: Using ep0 maxpacket: 8
[  106.275200][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  106.291246][ T5984] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  106.296269][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.330725][ T5984] usb 6-1: config 0 descriptor??
[  106.345219][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.548234][ T5984] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  106.797210][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.846307][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.944177][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.997179][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.201235][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.679053][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.923837][ T6907] misc userio: No port type given on /dev/userio
[  107.939855][ T1016] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  108.019238][ T6907] misc userio: The device must be registered before sending interrupts
[  108.109488][ T1016] usb 8-1: Using ep0 maxpacket: 8
[  108.151131][ T1016] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  108.151664][    C0] vkms_vblank_simulate: vblank timer overrun
[  108.181512][    C0] vkms_vblank_simulate: vblank timer overrun
[  108.198249][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  108.202555][ T1016] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  108.208047][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  108.254672][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  108.280351][ T1016] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  108.302146][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  108.317241][ T1016] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  108.326592][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  108.329649][    C0] vkms_vblank_simulate: vblank timer overrun
[  108.353137][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  108.409894][ T1016] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  108.493292][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  108.525557][   T39] audit: type=1804 audit(1740140288.676:1468): pid=6912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.248" name="/newroot/63/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  108.581323][ T1016] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  108.585990][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  108.590889][ T1016] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  108.676398][ T1016] usb 8-1: string descriptor 0 read error: -22
[  108.743677][ T1016] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  108.746805][ T1016] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.800417][ T1016] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  109.018089][ T6008] usb 8-1: USB disconnect, device number 7
[  109.101071][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.102359][   T30] usb 6-1: USB disconnect, device number 5
[  109.191821][ T6919] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  109.397204][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.599658][ T1322] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  109.661236][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.709737][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.733320][ T1322] usb 6-1: device descriptor read/64, error -71
[  109.861289][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.969603][ T1322] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  110.112513][ T1322] usb 6-1: device descriptor read/64, error -71
[  110.220226][ T1322] usb usb6-port1: attempt power cycle
[  110.400097][ T1016] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  110.559648][ T1016] usb 8-1: Using ep0 maxpacket: 32
[  110.579693][ T1322] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  110.585331][ T1016] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  110.600097][ T1016] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  110.609245][ T1322] usb 6-1: device descriptor read/8, error -71
[  110.616462][ T1016] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  110.634359][ T1016] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  110.661630][ T1016] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  110.687075][ T1016] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  110.730304][ T1016] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  110.741040][ T1016] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.760193][ T1016] usb 8-1: config 0 descriptor??
[  110.859805][ T1322] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  110.892335][ T1322] usb 6-1: device descriptor read/8, error -71
[  111.010687][ T1322] usb usb6-port1: unable to enumerate USB device
[  111.055058][ T1016] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  111.083418][ T1016] usb 8-1: USB disconnect, device number 8
[  111.106307][ T1016] usblp0: removed
[  112.601012][ T6935] misc userio: No port type given on /dev/userio
[  112.662596][ T6935] misc userio: The device must be registered before sending interrupts
[  112.841110][ T6937] FAULT_INJECTION: forcing a failure.
[  112.841110][ T6937] name failslab, interval 1, probability 0, space 0, times 0
[  112.861389][ T6937] CPU: 3 UID: 0 PID: 6937 Comm: syz.1.256 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  112.861413][ T6937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.861422][ T6937] Call Trace:
[  112.861428][ T6937]  <TASK>
[  112.861435][ T6937]  dump_stack_lvl+0x16c/0x1f0
[  112.861462][ T6937]  should_fail_ex+0x50a/0x650
[  112.861491][ T6937]  should_failslab+0xc2/0x120
[  112.861507][ T6937]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  112.861533][ T6937]  ? skb_clone+0x190/0x3f0
[  112.861562][ T6937]  skb_clone+0x190/0x3f0
[  112.861585][ T6937]  netlink_deliver_tap+0xabd/0xd30
[  112.861612][ T6937]  netlink_unicast+0x6b4/0x7f0
[  112.861636][ T6937]  ? __pfx_netlink_unicast+0x10/0x10
[  112.861665][ T6937]  netlink_ack+0x6ac/0xb80
[  112.861693][ T6937]  netlink_rcv_skb+0x348/0x440
[  112.861713][ T6937]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  112.861737][ T6937]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  112.861758][ T6937]  ? xfrm_netlink_rcv+0x62/0x90
[  112.861797][ T6937]  xfrm_netlink_rcv+0x71/0x90
[  112.861815][ T6937]  netlink_unicast+0x53c/0x7f0
[  112.861839][ T6937]  ? __pfx_netlink_unicast+0x10/0x10
[  112.861860][ T6937]  ? __phys_addr_symbol+0x30/0x80
[  112.861877][ T6937]  ? __check_object_size+0x488/0x710
[  112.861898][ T6937]  netlink_sendmsg+0x8b8/0xd70
[  112.861923][ T6937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.861952][ T6937]  ____sys_sendmsg+0xaaf/0xc90
[  112.861970][ T6937]  ? __pfx_____sys_sendmsg+0x10/0x10
[  112.861990][ T6937]  ? get_compat_msghdr+0x11b/0x170
[  112.862018][ T6937]  ___sys_sendmsg+0x135/0x1e0
[  112.862041][ T6937]  ? __pfx____sys_sendmsg+0x10/0x10
[  112.862073][ T6937]  ? __pfx_lock_release+0x10/0x10
[  112.862095][ T6937]  ? trace_lock_acquire+0x14e/0x1f0
[  112.862122][ T6937]  ? __fget_files+0x206/0x3a0
[  112.862152][ T6937]  __sys_sendmsg+0x16e/0x220
[  112.862174][ T6937]  ? __pfx___sys_sendmsg+0x10/0x10
[  112.862214][ T6937]  __do_fast_syscall_32+0x73/0x120
[  112.862237][ T6937]  do_fast_syscall_32+0x32/0x80
[  112.862257][ T6937]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  112.862283][ T6937] RIP: 0023:0xf7fb0579
[  112.862298][ T6937] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  112.862312][ T6937] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  112.862330][ T6937] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  112.862340][ T6937] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  112.862349][ T6937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  112.862359][ T6937] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  112.862369][ T6937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  112.862392][ T6937]  </TASK>
[  113.728082][ T6941] cgroup: No subsys list or none specified
[  114.066771][ T6951] [U] v�3��f��"S��/��4:�XTz�W�t��lW��=
[  114.091558][ T6951] netlink: 4 bytes leftover after parsing attributes in process `syz.1.260'.
[  114.100466][ T6951] syz_tun: left allmulticast mode
[  114.105639][ T6951] syz_tun: left promiscuous mode
[  114.109030][ T6951] bridge0: port 3(syz_tun) entered disabled state
[  114.196583][ T6951] bridge_slave_1: left allmulticast mode
[  114.198118][ T6953] netlink: 'syz.2.261': attribute type 1 has an invalid length.
[  114.198408][ T6951] bridge_slave_1: left promiscuous mode
[  114.198541][ T6951] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.203433][ T6953] netlink: 224 bytes leftover after parsing attributes in process `syz.2.261'.
[  114.250945][ T6951] bridge_slave_0: left allmulticast mode
[  114.253187][ T6951] bridge_slave_0: left promiscuous mode
[  114.297690][ T6951] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.306126][ T6953] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  115.171115][   T30] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  115.411891][   T30] usb 5-1: Using ep0 maxpacket: 32
[  115.459014][ T6963] misc userio: No port type given on /dev/userio
[  115.474845][   T30] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  115.478418][   T30] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  115.482127][   T30] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  115.492030][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  115.500025][ T6963] misc userio: The device must be registered before sending interrupts
[  115.507102][   T30] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  115.560011][   T30] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  115.582242][   T30] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  115.586173][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.606305][   T30] usb 5-1: config 0 descriptor??
[  115.853238][   T30] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  115.880853][   T30] usb 5-1: USB disconnect, device number 5
[  115.894996][   T30] usblp0: removed
[  116.423269][ T6960] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.443103][ T6960] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.447125][ T6960] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.704720][ T6973] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.268'.
[  116.766872][ T6973] openvswitch: netlink: Missing key (keys=40, expected=80)
[  117.584871][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[  118.517275][ T6990] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.520713][ T6990] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.523468][ T6990] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.039878][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.043912][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.061470][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.067690][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.086515][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.090811][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.094415][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.124232][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.133254][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.147794][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.152859][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.167216][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.177587][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.181958][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.194264][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.210132][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.216581][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  119.508119][ T7015] FAULT_INJECTION: forcing a failure.
[  119.508119][ T7015] name failslab, interval 1, probability 0, space 0, times 0
[  119.517026][ T7015] CPU: 3 UID: 0 PID: 7015 Comm: syz.2.284 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  119.517049][ T7015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.517060][ T7015] Call Trace:
[  119.517066][ T7015]  <TASK>
[  119.517073][ T7015]  dump_stack_lvl+0x16c/0x1f0
[  119.517101][ T7015]  should_fail_ex+0x50a/0x650
[  119.517125][ T7015]  ? fs_reclaim_acquire+0xae/0x150
[  119.517149][ T7015]  ? netdevice_event+0x367/0x9d0
[  119.517170][ T7015]  should_failslab+0xc2/0x120
[  119.517185][ T7015]  __kmalloc_cache_noprof+0x68/0x410
[  119.517208][ T7015]  ? find_held_lock+0x2d/0x110
[  119.517231][ T7015]  netdevice_event+0x367/0x9d0
[  119.517253][ T7015]  ? __pfx_netdevice_event+0x10/0x10
[  119.517273][ T7015]  ? __pfx_del_netdev_ips+0x10/0x10
[  119.517291][ T7015]  ? __pfx_pass_all_filter+0x10/0x10
[  119.517314][ T7015]  ? cfg802154_netdev_notifier_call+0x391/0xa00
[  119.517339][ T7015]  notifier_call_chain+0xb7/0x410
[  119.517358][ T7015]  ? __pfx_netdevice_event+0x10/0x10
[  119.517382][ T7015]  call_netdevice_notifiers_info+0xbe/0x140
[  119.517400][ T7015]  unregister_netdevice_many_notify+0xc8a/0x1f30
[  119.517432][ T7015]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  119.517464][ T7015]  ? __call_rcu_common.constprop.0+0x3ea/0x870
[  119.517489][ T7015]  ? lockdep_hardirqs_on+0x7c/0x110
[  119.517518][ T7015]  unregister_netdevice_queue+0x307/0x3f0
[  119.517543][ T7015]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  119.517566][ T7015]  ? sysfs_remove_group+0xc6/0x180
[  119.517591][ T7015]  ? br_dev_delete+0x116/0x1a0
[  119.517618][ T7015]  br_del_bridge+0xaa/0xf0
[  119.517641][ T7015]  br_ioctl_stub+0x3bc/0x8b0
[  119.517659][ T7015]  ? __pfx_br_ioctl_stub+0x10/0x10
[  119.517680][ T7015]  ? tomoyo_path_number_perm+0x46d/0x590
[  119.517706][ T7015]  ? __pfx_br_ioctl_stub+0x10/0x10
[  119.517720][ T7015]  br_ioctl_call+0x62/0xb0
[  119.517741][ T7015]  sock_ioctl+0x36a/0x6c0
[  119.517759][ T7015]  ? __pfx_sock_ioctl+0x10/0x10
[  119.517776][ T7015]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  119.517808][ T7015]  compat_sock_ioctl+0x505/0x7e0
[  119.517830][ T7015]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  119.517855][ T7015]  ? __fget_files+0x206/0x3a0
[  119.517880][ T7015]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  119.517899][ T7015]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  119.517919][ T7015]  __do_fast_syscall_32+0x73/0x120
[  119.517946][ T7015]  do_fast_syscall_32+0x32/0x80
[  119.517966][ T7015]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.517989][ T7015] RIP: 0023:0xf742e579
[  119.518003][ T7015] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.518018][ T7015] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  119.518034][ T7015] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000089a1
[  119.518045][ T7015] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  119.518054][ T7015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.518063][ T7015] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.518072][ T7015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.518093][ T7015]  </TASK>
[  119.933443][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[  121.854658][   T39] audit: type=1804 audit(1740140302.006:1469): pid=7030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.288" name="/newroot/83/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  123.681000][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[  124.499056][ T7055] warning: `syz.1.295' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  127.684244][ T7075] ALSA: mixer_oss: invalid OSS volume 'DIG�TAL1'
[  127.688377][ T7075] ALSA: mixer_oss: invalid index 40000
[  127.911473][ T7077] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  127.914586][ T7077] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  127.928748][ T7077] vhci_hcd vhci_hcd.0: Device attached
[  128.119596][ T1322] vhci_hcd: vhci_device speed not set
[  128.185730][ T1322] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[  128.616743][ T7090] tmpfs: Bad value for 'mpol'
[  128.631060][ T7080] vhci_hcd: connection reset by peer
[  128.634435][   T64] vhci_hcd: stop threads
[  128.637894][   T64] vhci_hcd: release socket
[  128.641667][   T64] vhci_hcd: disconnect device
[  129.355827][ T7094] virtio-fs: tag </dev/sr0> not found
[  129.601569][   T25] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  129.605725][   T39] audit: type=1326 audit(1740140309.756:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.660492][   T39] audit: type=1326 audit(1740140309.786:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.774509][   T39] audit: type=1326 audit(1740140309.786:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.802659][   T25] usb 6-1: Using ep0 maxpacket: 32
[  129.807784][   T39] audit: type=1326 audit(1740140309.786:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.807819][   T39] audit: type=1326 audit(1740140309.786:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.807857][   T39] audit: type=1326 audit(1740140309.786:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.807887][   T39] audit: type=1326 audit(1740140309.786:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=133 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.807916][   T39] audit: type=1326 audit(1740140309.786:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.807953][   T39] audit: type=1326 audit(1740140309.786:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  129.951180][   T25] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  129.958214][   T25] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  129.969283][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  129.972970][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  129.983507][   T25] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  129.993744][   T25] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  130.007600][   T25] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  130.025797][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.037802][   T25] usb 6-1: config 0 descriptor??
[  130.349588][   T25] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  130.450008][   T25] usb 6-1: USB disconnect, device number 10
[  130.454970][   T25] usblp0: removed
[  132.179739][ T5299] Bluetooth: Unexpected continuation frame (len 18)
[  132.405215][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  132.413178][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  132.633071][ T7118] misc userio: No port type given on /dev/userio
[  132.724236][ T7118] misc userio: The device must be registered before sending interrupts
[  133.278510][ T1322] vhci_hcd: vhci_device speed not set
[  133.330762][ T7120] __nla_validate_parse: 17 callbacks suppressed
[  133.330784][ T7120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.313'.
[  133.779308][ T7130] netlink: 60 bytes leftover after parsing attributes in process `syz.0.315'.
[  134.959621][ T7116] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  134.959705][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  135.056699][ T7146] netlink: 'syz.2.319': attribute type 7 has an invalid length.
[  135.062728][ T7146] netlink: 'syz.2.319': attribute type 1 has an invalid length.
[  135.537611][ T7116] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  135.540694][    C2] vkms_vblank_simulate: vblank timer overrun
[  135.637850][ T7116] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  135.726440][ T7116] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  135.733765][ T7116] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  135.757281][ T7116] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  135.787902][ T7116] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  135.810236][ T7116] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  135.828143][ T7116] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  135.846271][ T7116] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  135.853515][ T7116] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  135.904277][ T7116] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  135.956967][    C2] vkms_vblank_simulate: vblank timer overrun
[  136.262105][ T7156] misc userio: No port type given on /dev/userio
[  136.489433][ T7158] misc userio: The device must be registered before sending interrupts
[  136.696890][    C2] vkms_vblank_simulate: vblank timer overrun
[  136.733489][   T39] audit: type=1804 audit(1740140316.876:1479): pid=7165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.327" name="/newroot/90/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  137.049711][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  137.085553][ T7171] loop9: detected capacity change from 0 to 7
[  137.107781][ T7174] FAULT_INJECTION: forcing a failure.
[  137.107781][ T7174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.115004][ T7174] CPU: 1 UID: 0 PID: 7174 Comm: syz.2.330 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  137.115031][ T7174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.115043][ T7174] Call Trace:
[  137.115051][ T7174]  <TASK>
[  137.115059][ T7174]  dump_stack_lvl+0x16c/0x1f0
[  137.115090][ T7174]  should_fail_ex+0x50a/0x650
[  137.115124][ T7174]  _copy_to_user+0x32/0xd0
[  137.115145][ T7174]  simple_read_from_buffer+0xd0/0x160
[  137.115172][ T7174]  proc_fail_nth_read+0x198/0x270
[  137.115195][ T7174]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.115219][ T7174]  ? rw_verify_area+0xcf/0x680
[  137.115241][ T7174]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.115262][ T7174]  vfs_read+0x1df/0xbf0
[  137.115286][ T7174]  ? __fget_files+0x1fc/0x3a0
[  137.115313][ T7174]  ? __pfx___mutex_lock+0x10/0x10
[  137.115337][ T7174]  ? __pfx_vfs_read+0x10/0x10
[  137.115366][ T7174]  ? __fget_files+0x206/0x3a0
[  137.115398][ T7174]  ksys_read+0x12b/0x250
[  137.115421][ T7174]  ? __pfx_ksys_read+0x10/0x10
[  137.115453][ T7174]  __do_fast_syscall_32+0x73/0x120
[  137.115479][ T7174]  do_fast_syscall_32+0x32/0x80
[  137.118658][ T7171] Dev loop9: unable to read RDB block 7
[  137.123450][ T7174]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.123502][ T7174] RIP: 0023:0xf742e579
[  137.123520][ T7174] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.123540][ T7174] RSP: 002b:00000000f50b6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  137.123559][ T7174] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50b6620
[  137.123572][ T7174] RDX: 000000000000000f RSI: 00000000f741cff4 RDI: 0000000000000000
[  137.123583][ T7174] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  137.123594][ T7174] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  137.123605][ T7174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.123632][ T7174]  </TASK>
[  137.298311][ T7171]  loop9: unable to read partition table
[  137.300739][ T7171] loop9: partition table beyond EOD, truncated
[  137.305274][ T7171] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[  137.379360][ T5299] Bluetooth: hci0: unexpected event for opcode 0x0c03
[  137.521078][    C2] vkms_vblank_simulate: vblank timer overrun
[  137.629315][ T7184] misc userio: No port type given on /dev/userio
[  137.657751][ T7186] FAULT_INJECTION: forcing a failure.
[  137.657751][ T7186] name failslab, interval 1, probability 0, space 0, times 0
[  137.658302][ T7184] misc userio: The device must be registered before sending interrupts
[  137.665594][ T7186] CPU: 2 UID: 0 PID: 7186 Comm: syz.0.336 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  137.665623][ T7186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.665633][ T7186] Call Trace:
[  137.665639][ T7186]  <TASK>
[  137.665645][ T7186]  dump_stack_lvl+0x16c/0x1f0
[  137.665676][ T7186]  should_fail_ex+0x50a/0x650
[  137.665699][ T7186]  ? fs_reclaim_acquire+0xae/0x150
[  137.665721][ T7186]  ? tcf_chain_create+0x98/0x370
[  137.665736][ T7186]  should_failslab+0xc2/0x120
[  137.665751][ T7186]  __kmalloc_cache_noprof+0x68/0x410
[  137.665778][ T7186]  tcf_chain_create+0x98/0x370
[  137.665797][ T7186]  __tcf_chain_get+0x155/0x1b0
[  137.665828][ T7186]  tc_new_tfilter+0x6f1/0x2360
[  137.665857][ T7186]  ? __lock_acquire+0xcc5/0x3c40
[  137.665882][ T7186]  ? __pfx_tc_new_tfilter+0x10/0x10
[  137.665907][ T7186]  ? __pfx___lock_acquire+0x10/0x10
[  137.665925][ T7186]  ? kfree_skbmem+0x1a4/0x1f0
[  137.665943][ T7186]  ? aa_get_newest_label+0x376/0x680
[  137.665969][ T7186]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  137.665991][ T7186]  ? __pfx_lock_release+0x10/0x10
[  137.666011][ T7186]  ? trace_lock_acquire+0x14e/0x1f0
[  137.666033][ T7186]  ? __pfx_tc_new_tfilter+0x10/0x10
[  137.666055][ T7186]  rtnetlink_rcv_msg+0x95b/0xea0
[  137.666079][ T7186]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  137.666112][ T7186]  netlink_rcv_skb+0x16b/0x440
[  137.666134][ T7186]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  137.666156][ T7186]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  137.666185][ T7186]  ? netlink_deliver_tap+0x1ae/0xd30
[  137.666208][ T7186]  netlink_unicast+0x53c/0x7f0
[  137.666230][ T7186]  ? __pfx_netlink_unicast+0x10/0x10
[  137.666250][ T7186]  ? __phys_addr_symbol+0x30/0x80
[  137.666267][ T7186]  ? __check_object_size+0x488/0x710
[  137.666285][ T7186]  netlink_sendmsg+0x8b8/0xd70
[  137.666308][ T7186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  137.666335][ T7186]  ____sys_sendmsg+0xaaf/0xc90
[  137.666353][ T7186]  ? __pfx_____sys_sendmsg+0x10/0x10
[  137.666367][ T7186]  ? get_compat_msghdr+0x11b/0x170
[  137.666391][ T7186]  ___sys_sendmsg+0x135/0x1e0
[  137.666413][ T7186]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.666443][ T7186]  ? __pfx_lock_release+0x10/0x10
[  137.666462][ T7186]  ? trace_lock_acquire+0x14e/0x1f0
[  137.666488][ T7186]  ? __fget_files+0x206/0x3a0
[  137.666516][ T7186]  __sys_sendmsg+0x16e/0x220
[  137.666538][ T7186]  ? __pfx___sys_sendmsg+0x10/0x10
[  137.666572][ T7186]  __do_fast_syscall_32+0x73/0x120
[  137.666595][ T7186]  do_fast_syscall_32+0x32/0x80
[  137.666615][ T7186]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.666639][ T7186] RIP: 0023:0xf7f40579
[  137.666654][ T7186] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.666669][ T7186] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  137.666687][ T7186] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080006040
[  137.666698][ T7186] RDX: 0000000024040084 RSI: 0000000000000000 RDI: 0000000000000000
[  137.666708][ T7186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  137.666717][ T7186] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  137.666726][ T7186] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.666746][ T7186]  </TASK>
[  137.800182][ T5299] Bluetooth: hci1: command 0x0c1a tx timeout
[  137.840114][    C2] vkms_vblank_simulate: vblank timer overrun
[  137.952502][    C2] vkms_vblank_simulate: vblank timer overrun
[  137.968949][ T5299] Bluetooth: hci2: command 0x0c1a tx timeout
[  137.972770][ T5299] Bluetooth: hci3: command 0x0405 tx timeout
[  138.547466][ T7196] mmap: syz.0.338 (7196) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  139.088854][    C2] vkms_vblank_simulate: vblank timer overrun
[  139.188549][    C2] vkms_vblank_simulate: vblank timer overrun
[  139.849613][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  140.005886][    C2] vkms_vblank_simulate: vblank timer overrun
[  140.013358][ T5950] Bluetooth: hci3: command 0x0405 tx timeout
[  140.049034][    C2] vkms_vblank_simulate: vblank timer overrun
[  140.052160][ T5299] Bluetooth: hci2: command 0x0c1a tx timeout
[  140.123536][   T39] audit: type=1804 audit(1740140320.276:1480): pid=7202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.340" name="/newroot/94/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  140.495578][    C2] vkms_vblank_simulate: vblank timer overrun
[  141.925985][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  142.085306][ T5299] Bluetooth: hci2: command 0x0c1a tx timeout
[  142.087910][ T5950] Bluetooth: hci3: command 0x0405 tx timeout
[  142.491177][    C2] vkms_vblank_simulate: vblank timer overrun
[  143.119742][    C2] vkms_vblank_simulate: vblank timer overrun
[  143.236843][    C2] vkms_vblank_simulate: vblank timer overrun
[  143.506634][ T5299] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  143.538889][    C2] vkms_vblank_simulate: vblank timer overrun
[  143.559843][ T5299] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  143.593728][ T5299] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  143.606556][ T5299] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  143.669320][ T5299] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  143.673826][ T5299] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  143.738580][    C2] vkms_vblank_simulate: vblank timer overrun
[  144.250630][ T7237] virtio-fs: tag </dev/sr0> not found
[  144.443430][ T7231] chnl_net:caif_netlink_parms(): no params data found
[  144.504798][    C2] vkms_vblank_simulate: vblank timer overrun
[  144.519768][ T6067] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  144.691093][ T6067] usb 5-1: Using ep0 maxpacket: 32
[  144.706742][ T6067] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  144.710892][ T6067] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  144.715941][ T6067] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  144.732863][ T6067] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  144.736598][ T6067] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  144.746817][ T6067] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  144.795931][ T6067] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  144.799935][ T6067] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.867833][ T6067] usb 5-1: config 0 descriptor??
[  144.887311][ T7231] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.902325][ T7231] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.915331][ T7231] bridge_slave_0: entered allmulticast mode
[  144.927013][ T7231] bridge_slave_0: entered promiscuous mode
[  144.942516][ T7231] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.949928][ T7231] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.953798][ T7231] bridge_slave_1: entered allmulticast mode
[  144.959258][ T7231] bridge_slave_1: entered promiscuous mode
[  145.095063][ T6067] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  145.149068][ T6067] usb 5-1: USB disconnect, device number 6
[  145.154577][ T6067] usblp0: removed
[  145.210308][    C2] vkms_vblank_simulate: vblank timer overrun
[  145.219064][ T7231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.225005][ T7231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.343301][ T7231] team0: Port device team_slave_0 added
[  145.347474][ T7231] team0: Port device team_slave_1 added
[  145.528596][ T7231] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.559610][ T7231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.573645][ T7231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.596150][ T7231] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.610262][ T7231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.627964][ T7231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.774840][ T7231] hsr_slave_0: entered promiscuous mode
[  145.796594][ T7231] hsr_slave_1: entered promiscuous mode
[  145.801199][ T7231] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.804919][ T7231] Cannot create hsr debugfs directory
[  145.846364][ T5299] Bluetooth: hci4: command tx timeout
[  146.489625][   T30] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  146.686166][   T96] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.772311][   T30] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  146.775684][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.791651][   T30] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  146.795639][   T30] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  146.805966][   T30] usb 5-1: Manufacturer: syz
[  146.818952][   T30] usb 5-1: config 0 descriptor??
[  146.923013][   T30] rc_core: IR keymap rc-hauppauge not found
[  146.926213][   T30] Registered IR keymap rc-empty
[  146.939926][   T30] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  146.959735][   T30] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input7
[  146.971181][   T96] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.053280][ T7249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.058204][ T7249] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.094438][ T5991] usb 5-1: USB disconnect, device number 7
[  147.117958][   T96] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.281313][   T96] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.347575][ T7231] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  147.408209][ T7231] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  147.461000][ T7231] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  147.510214][ T7231] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  147.696779][   T96] bridge_slave_1: left allmulticast mode
[  147.703012][   T96] bridge_slave_1: left promiscuous mode
[  147.714732][   T96] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.739203][   T96] bridge_slave_0: left allmulticast mode
[  147.744464][   T96] bridge_slave_0: left promiscuous mode
[  147.782802][   T96] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.913872][ T7253] fuse: Unknown parameter 'fd0x0000000000000008'
[  147.936677][ T5299] Bluetooth: hci4: command tx timeout
[  149.533891][   T96] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.565933][   T96] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.593653][   T96] bond0 (unregistering): Released all slaves
[  149.692288][ T7268] virtio-fs: tag </dev/sr0> not found
[  149.816950][ T7231] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.988261][ T7231] 8021q: adding VLAN 0 to HW filter on device team0
[  150.009953][ T1016] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  150.020733][ T5299] Bluetooth: hci4: command tx timeout
[  150.051187][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.054328][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.067118][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.071207][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.173819][ T1016] usb 5-1: Using ep0 maxpacket: 32
[  150.177327][ T1016] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  150.191484][ T1016] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  150.195946][ T1016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  150.206205][ T1016] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  150.224729][ T1016] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  150.227974][ T1016] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  150.244471][ T1016] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  150.251152][ T1016] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.266482][ T1016] usb 5-1: config 0 descriptor??
[  150.339698][   T30] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  150.358715][ T7231] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  150.499931][   T30] usb 7-1: Using ep0 maxpacket: 16
[  150.503884][   T30] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 249, changing to 7
[  150.512174][   T30] usb 7-1: config 1 interface 1 has no altsetting 0
[  150.527878][   T30] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  150.533564][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.543689][ T1016] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  150.550079][   T30] usb 7-1: Product: 裿젦靈亹ᡬ죻辥썬灹弑溦⽕롡怏୤﹚삳Ꞷ쀎睨₃⫋홝д䑎洉క꾨뀷䋜촥썰ත蘳㸯ᲚⳄ烄犄哦့칊ꒅ욭ꪧẫ࣢䘜끚ㄾⷰ팶렟忲㳏ꑨ鏰平ꍎ녡刟㵓謃睘烬囼㽏ᡟࢠ蟙췚쬖⅖烳鬀￈
[  150.598888][   T30] usb 7-1: Manufacturer: 湽믤呓兏緅헨펣⚠艁嚧玡쯩樳뼞눔Õ뜭嗬땺龟▊ᰛ굻暬
[  150.603658][   T30] usb 7-1: SerialNumber: ь
[  150.646318][ T1016] usb 5-1: USB disconnect, device number 8
[  150.672134][ T1016] usblp0: removed
[  150.837118][   T96] hsr_slave_0: left promiscuous mode
[  150.861799][   T96] hsr_slave_1: left promiscuous mode
[  150.865993][   T96] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  150.872244][   T96] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.919135][   T96] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.921701][   T96] batman_adv: batadv0: Removing interface: batadv_slave_1
[  150.974832][   T96] veth0_macvtap: left promiscuous mode
[  150.977881][   T96] veth1_vlan: left promiscuous mode
[  150.985216][   T96] veth0_vlan: left promiscuous mode
[  151.379073][   T30] usb 7-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  151.500904][   T30] usb 7-1: USB disconnect, device number 13
[  151.579151][ T5299] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  151.808227][ T7101] udevd[7101]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  151.974329][ T7299] fuse: Unknown parameter 'fd0x0000000000000008'
[  152.085083][ T5299] Bluetooth: hci4: command tx timeout
[  153.249222][   T39] audit: type=1804 audit(1740140333.406:1481): pid=7302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.365" name="/newroot/109/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  154.736710][   T96] team0 (unregistering): Port device team_slave_1 removed
[  154.993570][   T96] team0 (unregistering): Port device team_slave_0 removed
[  155.530711][   T39] audit: type=1804 audit(1740140335.676:1482): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.369" name="/newroot/113/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  158.000190][ T7231] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.651352][ T7231] veth0_vlan: entered promiscuous mode
[  158.713759][ T7231] veth1_vlan: entered promiscuous mode
[  158.762953][ T7231] veth0_macvtap: entered promiscuous mode
[  158.797932][ T7231] veth1_macvtap: entered promiscuous mode
[  158.808700][ T7231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.817564][ T7231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.839578][ T7231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.848408][ T7231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.863839][ T7231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.873244][ T7231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.906380][ T7231] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.918267][ T7231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.933248][ T7231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.937574][ T7231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.955171][ T7231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.965315][ T7231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.970061][ T7231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.013360][ T7231] batman_adv: batadv0: Interface activated: batadv_slave_1
[  159.064120][ T7231] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.067034][ T7231] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.071057][ T7231] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.076458][ T7231] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  159.219598][   T39] audit: type=1804 audit(1740140339.366:1483): pid=7339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.373" name="/newroot/102/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  159.496445][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.513581][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.626836][   T96] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.640989][   T96] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.157172][ T7365] virtio-fs: tag </dev/sr0> not found
[  160.719561][ T5299] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  161.186961][ T7393] 9pnet_virtio: no channels available for device syz
[  162.093607][   T30] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  162.197672][ T5299] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  162.265017][ T7422] virtio-fs: tag </dev/sr0> not found
[  162.309594][   T30] usb 7-1: Using ep0 maxpacket: 8
[  162.348940][   T39] audit: type=1804 audit(1740140342.496:1484): pid=7425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.390" name="/newroot/110/file0/file0" dev="9p" ino=36050067 res=1 errno=0
[  162.355376][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  162.407631][   T30] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  162.413903][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.425943][   T30] usb 7-1: config 0 descriptor??
[  162.696305][   T30] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  163.299625][ T5991] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  163.449713][ T5991] usb 6-1: Using ep0 maxpacket: 8
[  163.453399][ T5991] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  163.459229][ T5991] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  163.465035][ T5991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.479264][ T5991] usb 6-1: config 0 descriptor??
[  163.843691][ T5991] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  165.050405][ T5299] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  165.411275][   T30] usb 7-1: USB disconnect, device number 14
[  165.547661][ T7464] virtio-fs: tag </dev/sr0> not found
[  166.372570][ T5991] usb 6-1: USB disconnect, device number 11
[  170.187248][ T5299] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  170.221696][ T7490] serio: Serial port ptm0
[  170.705488][ T7495] virtio-fs: tag </dev/sr0> not found
[  170.880219][ T7501] netlink: 'syz.4.408': attribute type 10 has an invalid length.
[  170.909017][ T7277] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  170.941328][ T7501] team0: Port device netdevsim0 added
[  171.188153][ T7277] usb 6-1: Using ep0 maxpacket: 8
[  171.198652][ T7277] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  171.203415][ T7277] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  171.206696][ T7277] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.222074][ T7277] usb 6-1: config 0 descriptor??
[  171.328539][    C0] ==================================================================
[  171.332537][    C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2d90/0x3c40
[  171.347028][    C0] Read of size 8 at addr ffff888028019818 by task swapper/0/0
[  171.357252][    C0] 
[  171.358551][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  171.358573][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.358582][    C0] Call Trace:
[  171.358589][    C0]  <IRQ>
[  171.358597][    C0]  dump_stack_lvl+0x116/0x1f0
[  171.358624][    C0]  print_report+0xc3/0x670
[  171.358645][    C0]  ? __virt_addr_valid+0x5e/0x590
[  171.358660][    C0]  ? __phys_addr+0xc6/0x150
[  171.358673][    C0]  kasan_report+0xd9/0x110
[  171.358685][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  171.358706][    C0]  ? __lock_acquire+0x2d90/0x3c40
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  171.358729][    C0]  __lock_acquire+0x2d90/0x3c40
[  171.358748][    C0]  ? __pfx_lock_release+0x10/0x10
[  171.358772][    C0]  ? rcu_is_watching+0x12/0xc0
[  171.358787][    C0]  ? ttwu_queue_wakelist+0x26d/0x400
[  171.358807][    C0]  ? __smp_call_single_queue+0x174/0x1e0
[  171.358823][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  171.358841][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  171.358856][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  171.358877][    C0]  lock_acquire.part.0+0x11b/0x380
[  171.358899][    C0]  ? p9_req_put+0xaf/0x250
[  171.358918][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  171.358941][    C0]  ? rcu_is_watching+0x12/0xc0
[  171.358957][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  171.358973][    C0]  ? p9_req_put+0xaf/0x250
[  171.358986][    C0]  ? lock_acquire+0x2f/0xb0
[  171.359003][    C0]  ? p9_req_put+0xaf/0x250
[  171.359018][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  171.359031][    C0]  ? p9_req_put+0xaf/0x250
[  171.359044][    C0]  p9_req_put+0xaf/0x250
[  171.359058][    C0]  req_done+0x1e7/0x2f0
[  171.359078][    C0]  ? __pfx_req_done+0x10/0x10
[  171.359098][    C0]  ? __pfx_req_done+0x10/0x10
[  171.359116][    C0]  vring_interrupt+0x31b/0x400
[  171.359131][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  171.359148][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  171.359167][    C0]  handle_irq_event+0xab/0x1e0
[  171.359182][    C0]  handle_edge_irq+0x263/0xd10
[  171.359197][    C0]  __common_interrupt+0xdf/0x250
[  171.359217][    C0]  common_interrupt+0xba/0xe0
[  171.359237][    C0]  </IRQ>
[  171.359242][    C0]  <TASK>
[  171.359248][    C0]  asm_common_interrupt+0x26/0x40
[  171.359267][    C0] RIP: 0010:default_idle+0xf/0x20
[  171.359287][    C0] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 6f 11 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  171.359302][    C0] RSP: 0018:ffffffff8de07e20 EFLAGS: 00000202
[  171.359317][    C0] RAX: 0000000000405867 RBX: 0000000000000000 RCX: ffffffff8b552469
[  171.359326][    C0] RDX: 0000000000000000 RSI: ffffffff8b6ceca0 RDI: ffffffff8bd345c0
[  171.359334][    C0] RBP: fffffbfff1bd2ee8 R08: 0000000000000001 R09: ffffed1005686f85
[  171.359342][    C0] R10: ffff88802b437c2b R11: 0000000000000000 R12: 0000000000000000
[  171.359351][    C0] R13: ffffffff8de97740 R14: ffffffff90627310 R15: 0000000000000000
[  171.359363][    C0]  ? ct_kernel_exit+0x139/0x190
[  171.359383][    C0]  default_idle_call+0x6d/0xb0
[  171.359403][    C0]  do_idle+0x329/0x3f0
[  171.359422][    C0]  ? __pfx_do_idle+0x10/0x10
[  171.359443][    C0]  cpu_startup_entry+0x4f/0x60
[  171.359461][    C0]  rest_init+0x16b/0x2b0
[  171.359481][    C0]  ? acpi_subsystem_init+0x133/0x180
[  171.359496][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  171.359517][    C0]  start_kernel+0x3e9/0x4d0
[  171.359537][    C0]  x86_64_start_reservations+0x18/0x30
[  171.359554][    C0]  x86_64_start_kernel+0xb2/0xc0
[  171.359572][    C0]  common_startup_64+0x13e/0x148
[  171.359599][    C0]  </TASK>
[  171.359604][    C0] 
[  171.616464][    C0] Allocated by task 7509:
[  171.619188][    C0]  kasan_save_stack+0x33/0x60
[  171.621784][    C0]  kasan_save_track+0x14/0x30
[  171.625027][    C0]  __kasan_kmalloc+0xaa/0xb0
[  171.627352][    C0]  p9_client_create+0xc8/0x1200
[  171.630426][    C0]  v9fs_session_init+0x1f8/0x1a80
[  171.634659][    C0]  v9fs_mount+0xc6/0xa30
[  171.637618][    C0]  legacy_get_tree+0x109/0x220
[  171.640625][    C0]  vfs_get_tree+0x8b/0x340
[  171.642436][    C0]  path_mount+0x14e6/0x1f10
[  171.644511][    C0]  __ia32_sys_mount+0x28d/0x310
[  171.647117][    C0]  __do_fast_syscall_32+0x73/0x120
[  171.649886][    C0]  do_fast_syscall_32+0x32/0x80
[  171.652623][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.655336][    C0] 
[  171.656317][    C0] Freed by task 7509:
[  171.657808][    C0]  kasan_save_stack+0x33/0x60
[  171.660103][    C0]  kasan_save_track+0x14/0x30
[  171.662079][    C0]  kasan_save_free_info+0x3b/0x60
[  171.664620][    C0]  __kasan_slab_free+0x51/0x70
[  171.667209][    C0]  kfree+0x2c4/0x4d0
[  171.671001][    C0]  p9_client_create+0xa58/0x1200
[  171.673406][    C0]  v9fs_session_init+0x1f8/0x1a80
[  171.676470][    C0]  v9fs_mount+0xc6/0xa30
[  171.678786][    C0]  legacy_get_tree+0x109/0x220
[  171.681237][    C0]  vfs_get_tree+0x8b/0x340
[  171.683868][    C0]  path_mount+0x14e6/0x1f10
[  171.687036][    C0]  __ia32_sys_mount+0x28d/0x310
[  171.688845][    C0]  __do_fast_syscall_32+0x73/0x120
[  171.690433][    C0]  do_fast_syscall_32+0x32/0x80
[  171.692246][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.695311][    C0] 
[  171.696593][    C0] The buggy address belongs to the object at ffff888028019800
[  171.696593][    C0]  which belongs to the cache kmalloc-512 of size 512
[  171.704344][    C0] The buggy address is located 24 bytes inside of
[  171.704344][    C0]  freed 512-byte region [ffff888028019800, ffff888028019a00)
[  171.709858][    C0] 
[  171.710865][    C0] The buggy address belongs to the physical page:
[  171.713549][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28018
[  171.717189][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  171.720780][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  171.723827][    C0] page_type: f5(slab)
[  171.726730][    C0] raw: 00fff00000000040 ffff88801b042c80 0000000000000000 dead000000000001
[  171.731892][    C0] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  171.735834][    C0] head: 00fff00000000040 ffff88801b042c80 0000000000000000 dead000000000001
[  171.766547][    C0] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  171.770794][    C0] head: 00fff00000000002 ffffea0000a00601 ffffffffffffffff 0000000000000000
[  171.774885][    C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  171.779892][    C0] page dumped because: kasan: bad access detected
[  171.782805][    C0] page_owner tracks the page as allocated
[  171.785819][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 16838744653, free_ts 16584178215
[  171.795884][    C0]  post_alloc_hook+0x181/0x1b0
[  171.798872][    C0]  get_page_from_freelist+0xfce/0x2f80
[  171.802659][    C0]  __alloc_frozen_pages_noprof+0x221/0x2470
[  171.806246][    C0]  alloc_pages_mpol+0x1fc/0x540
[  171.809037][    C0]  new_slab+0x23d/0x330
[  171.811832][    C0]  ___slab_alloc+0xc5d/0x1720
[  171.815095][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[  171.819134][    C0]  __kmalloc_node_track_caller_noprof+0x2f1/0x510
[  171.823032][    C0]  kmemdup_noprof+0x29/0x60
[  171.825427][    C0]  ima_queue_key+0x76/0x4e0
[  171.828148][    C0]  ima_post_key_create_or_update+0x9f/0x120
[  171.830499][    C0]  security_key_post_create_or_update+0x1e3/0x1f0
[  171.833726][    C0]  __key_create_or_update+0x798/0xe10
[  171.836527][    C0]  key_create_or_update+0x42/0x60
[  171.839207][    C0]  x509_load_certificate_list+0x1dd/0x280
[  171.841479][    C0]  integrity_init_keyring+0x2d7/0x4d0
[  171.843500][    C0] page last free pid 62 tgid 62 stack trace:
[  171.846731][    C0]  free_frozen_pages+0x6db/0xfb0
[  171.849485][    C0]  vfree+0x174/0x950
[  171.851319][    C0]  delayed_vfree_work+0x56/0x70
[  171.853289][    C0]  process_one_work+0x9c5/0x1ba0
[  171.855214][    C0]  worker_thread+0x6c8/0xf00
[  171.857046][    C0]  kthread+0x3af/0x750
[  171.858652][    C0]  ret_from_fork+0x45/0x80
[  171.860331][    C0]  ret_from_fork_asm+0x1a/0x30
[  171.863500][    C0] 
[  171.865437][    C0] Memory state around the buggy address:
[  171.869292][    C0]  ffff888028019700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  171.873443][    C0]  ffff888028019780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  171.879333][    C0] >ffff888028019800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  171.884551][    C0]                             ^
[  171.887259][    C0]  ffff888028019880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  171.891482][    C0]  ffff888028019900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  171.895328][    C0] ==================================================================
[  171.898847][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  171.902818][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.14.0-rc3-syzkaller-00166-g334426094588 #0
[  171.907914][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.916382][    C0] Call Trace:
[  171.919190][    C0]  <IRQ>
[  171.921417][    C0]  dump_stack_lvl+0x3d/0x1f0
[  171.924694][    C0]  panic+0x71d/0x800
[  171.927860][    C0]  ? __pfx_panic+0x10/0x10
[  171.930441][    C0]  ? rcu_is_watching+0x12/0xc0
[  171.932104][    C0]  ? __pfx_lock_release+0x10/0x10
[  171.933809][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  171.935662][    C0]  check_panic_on_warn+0xab/0xb0
[  171.937779][    C0]  end_report+0x117/0x180
[  171.940292][    C0]  kasan_report+0xe9/0x110
[  171.944634][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  171.948525][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  171.952791][    C0]  __lock_acquire+0x2d90/0x3c40
[  171.955500][    C0]  ? __pfx_lock_release+0x10/0x10
[  171.957720][    C0]  ? rcu_is_watching+0x12/0xc0
[  171.960171][    C0]  ? ttwu_queue_wakelist+0x26d/0x400
[  171.962870][    C0]  ? __smp_call_single_queue+0x174/0x1e0
[  171.967588][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  171.973557][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  171.975781][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  171.978653][    C0]  lock_acquire.part.0+0x11b/0x380
[  171.981292][    C0]  ? p9_req_put+0xaf/0x250
[  171.983533][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  171.986589][    C0]  ? rcu_is_watching+0x12/0xc0
[  171.990238][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  171.992573][    C0]  ? p9_req_put+0xaf/0x250
[  171.994417][    C0]  ? lock_acquire+0x2f/0xb0
[  171.996270][    C0]  ? p9_req_put+0xaf/0x250
[  171.997784][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  171.999576][    C0]  ? p9_req_put+0xaf/0x250
[  172.002090][    C0]  p9_req_put+0xaf/0x250
[  172.004970][    C0]  req_done+0x1e7/0x2f0
[  172.007393][    C0]  ? __pfx_req_done+0x10/0x10
[  172.010728][    C0]  ? __pfx_req_done+0x10/0x10
[  172.013517][    C0]  vring_interrupt+0x31b/0x400
[  172.015267][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  172.017564][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  172.021069][    C0]  handle_irq_event+0xab/0x1e0
[  172.023548][    C0]  handle_edge_irq+0x263/0xd10
[  172.026663][    C0]  __common_interrupt+0xdf/0x250
[  172.030343][    C0]  common_interrupt+0xba/0xe0
[  172.033334][    C0]  </IRQ>
[  172.034913][    C0]  <TASK>
[  172.036086][    C0]  asm_common_interrupt+0x26/0x40
[  172.038292][    C0] RIP: 0010:default_idle+0xf/0x20
[  172.041161][    C0] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 6f 11 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  172.055316][    C0] RSP: 0018:ffffffff8de07e20 EFLAGS: 00000202
[  172.059272][    C0] RAX: 0000000000405867 RBX: 0000000000000000 RCX: ffffffff8b552469
[  172.064388][    C0] RDX: 0000000000000000 RSI: ffffffff8b6ceca0 RDI: ffffffff8bd345c0
[  172.069924][    C0] RBP: fffffbfff1bd2ee8 R08: 0000000000000001 R09: ffffed1005686f85
[  172.074113][    C0] R10: ffff88802b437c2b R11: 0000000000000000 R12: 0000000000000000
[  172.079413][    C0] R13: ffffffff8de97740 R14: ffffffff90627310 R15: 0000000000000000
[  172.087831][    C0]  ? ct_kernel_exit+0x139/0x190
[  172.091711][    C0]  default_idle_call+0x6d/0xb0
[  172.095210][    C0]  do_idle+0x329/0x3f0
[  172.098929][    C0]  ? __pfx_do_idle+0x10/0x10
[  172.102810][    C0]  cpu_startup_entry+0x4f/0x60
[  172.106519][    C0]  rest_init+0x16b/0x2b0
[  172.112118][    C0]  ? acpi_subsystem_init+0x133/0x180
[  172.116544][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  172.120715][    C0]  start_kernel+0x3e9/0x4d0
[  172.123575][    C0]  x86_64_start_reservations+0x18/0x30
[  172.128283][    C0]  x86_64_start_kernel+0xb2/0xc0
[  172.132725][    C0]  common_startup_64+0x13e/0x148
[  172.135891][    C0]  </TASK>
[  172.148892][    C0] Kernel Offset: disabled
[  172.152052][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:19:11  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853e52d5 RDI=ffffffff9ab6ce20 RBP=ffffffff9ab6cde0 RSP=ffffc900000075b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ab6cde0 R15=0000000000000000
RIP=ffffffff853e52ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f0eaa28c CR3=000000004256a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=cd905a65fa6b3ca2 f1f964b19592a30a cd905a65fa6b3ca2 f1f964b19592a30a cd905a65fa6b3ca2 f1f964b19592a30a cd905a65fa6b3ca2 f1f964b19592a30a
ZMM18=42bc6e474510cdb5 5ae1a82d2f24883c 42bc6e474510cdb5 5ae1a82d2f24883c 42bc6e474510cdb5 5ae1a82d2f24883c 42bc6e474510cdb5 5ae1a82d2f24883c
ZMM19=6408000000000000 0000000000000203 6408000000000000 0000000000000202 6408000000000000 0000000000000201 6408000000000000 0000000000000200
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=f1f964b1f1f964b1 f1f964b1f1f964b1 f1f964b1f1f964b1 f1f964b1f1f964b1 f1f964b1f1f964b1 f1f964b1f1f964b1 f1f964b1f1f964b1 f1f964b1f1f964b1
ZMM22=fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2 fa6b3ca2fa6b3ca2
ZMM23=cd905a65cd905a65 cd905a65cd905a65 cd905a65cd905a65 cd905a65cd905a65 cd905a65cd905a65 cd905a65cd905a65 cd905a65cd905a65 cd905a65cd905a65
ZMM24=2f24883c2f24883c 2f24883c2f24883c 2f24883c2f24883c 2f24883c2f24883c 2f24883c2f24883c 2f24883c2f24883c 2f24883c2f24883c 2f24883c2f24883c
ZMM25=5ae1a82d5ae1a82d 5ae1a82d5ae1a82d 5ae1a82d5ae1a82d 5ae1a82d5ae1a82d 5ae1a82d5ae1a82d 5ae1a82d5ae1a82d 5ae1a82d5ae1a82d 5ae1a82d5ae1a82d
ZMM26=4510cdb54510cdb5 4510cdb54510cdb5 4510cdb54510cdb5 4510cdb54510cdb5 4510cdb54510cdb5 4510cdb54510cdb5 4510cdb54510cdb5 4510cdb54510cdb5
ZMM27=42bc6e4742bc6e47 42bc6e4742bc6e47 42bc6e4742bc6e47 42bc6e4742bc6e47 42bc6e4742bc6e47 42bc6e4742bc6e47 42bc6e4742bc6e47 42bc6e4742bc6e47
ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=6408000064080000 6408000064080000 6408000064080000 6408000064080000 6408000064080000 6408000064080000 6408000064080000 6408000064080000
info registers vcpu 1

CPU#1
RAX=fbfbfbfbfbfbfbfb RBX=ffff888021dc6000 RCX=0000000000000001 RDX=0000000000000200
RSI=00000000000000fb RDI=ffffed10043b8dc0 RBP=ffff88801b043040 RSP=ffffc90029a4f6c0
R8 =0000000000002000 R9 =0000000000000000 R10=ffffed10043b8c00 R11=0000000000000001
R12=ffffea0000877000 R13=0000000000212008 R14=ffff88801b043040 R15=0000000000000000
RIP=ffffffff8b5537b0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd5e5931280 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000c3c8ccd CR3=0000000022966000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=00000000100001ff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055f4da2cd990 000055f4da2cab10
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe62946060 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe62945680 0000003000000010
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffff00000000ff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f0353a8f6b1dcbb7 73732682f615b269
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 737373435c021e73
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f716d2f34706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f646e756f732f00 682e6c6974752f64 65726168732f6372 732f2e2e2f2e2e00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f716d2f34706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 0000000000000000 0000000000003375 70632f302f716d2f
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd5e55f1b70 00007fd5e55f1b70 0000000000000081 000000000000302e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 382433273f397b27 697a787c69303b7e 69305f474f5b647c 6930382433273f39
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a3a263d383a3a 263c383a3a263f38 3a3a263e383a3a26 39383a3a2638383a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b446740 RCX=ffffffff81adcf7a RDX=ffff88801ceba440
RSI=ffffffff81adcf54 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900001d7928
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006
R12=ffffed1005688ce9 R13=0000000000000001 R14=ffff88802b63ffc0 R15=ffff88802b446748
RIP=ffffffff81adcf56 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000800001c0 CR3=000000000df80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000d000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000016692f RBX=0000000000000003 RCX=ffffffff8b552469 RDX=0000000000000000
RSI=ffffffff8b6ceca0 RDI=ffffffff8bd345c0 RBP=ffffed1003a5e488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d2f2440 R14=ffffffff90627310 R15=0000000000000000
RIP=ffffffff8b55384f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802b700000 ffffffff 00000000
LDT=0000 0000000000000000 ffffffff 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000005668b4c0 CR3=0000000070e56000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000