last executing test programs:

16.742677947s ago: executing program 1 (id=3025):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x1)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_NODELAY(r3, 0x84, 0x3, 0x0, &(0x7f00000001c0))
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000580)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)='\x00', 0x1}], 0x1}}, {{0x0, 0x3f, &(0x7f0000000040)=[{&(0x7f00000002c0)="a6", 0x3f}], 0x1}}], 0x2, 0x40448c0)
shutdown(r0, 0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
unshare(0x22020600)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
sendfile(r6, r4, 0x0, 0x7ffffffd)
getsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8)

16.507897235s ago: executing program 0 (id=3029):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

16.436640921s ago: executing program 0 (id=3030):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0xf5, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0x4e6f, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{0x0, 0xdd12}], 0x1, 0x0, 0x0, 0x4000}, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
setgid(0x0)
fcntl$setpipe(r4, 0x407, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000600), &(0x7f0000001780))
write$FUSE_INIT(r4, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x50)
vmsplice(r4, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
bind$alg(r4, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-aes-ce\x00'}, 0x58)
syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="6664a01a3fd357d58130ff3f203d", @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x72, 0x3dd6eec60296b24a)
ioctl$EVIOCGMTSLOTS(r6, 0x8040450a, &(0x7f0000000780)=""/4096)
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r7, {0x7, 0x1f, 0x80000, 0x2f0c07f996e5f8c, 0xc, 0x0, 0x0, 0x1000}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd0ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)=<r9=>0x0)
open$dir(&(0x7f0000000240)='./file0/file0\x00', 0x41, 0x2)
timer_settime(r9, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)

16.433102044s ago: executing program 3 (id=3031):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x10e)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000000)={'syztnl2\x00', <r1=>0x0, 0x2f, 0x6, 0x8, 0xe4c, 0x0, @local, @loopback, 0x1, 0x20, 0x219, 0x1}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000009c0)={'sit0\x00', &(0x7f0000000940)={'erspan0\x00', <r2=>0x0, 0x40, 0x8, 0x2, 0x8, {{0xd, 0x4, 0x3, 0x2c, 0x34, 0x67, 0x0, 0x2e, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x1b, 0x2b, [@broadcast, @dev={0xac, 0x14, 0x14, 0xf}, @local, @broadcast, @private=0xa010101, @loopback]}, @ra={0x94, 0x4}]}}}}})
sendmmsg$sock(r0, &(0x7f0000000fc0)=[{{&(0x7f00000001c0)=@ll={0x11, 0x19, r1, 0x1, 0xa, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2f}}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000280)="a955be37056977632019dd1efdb520d7020b772d25eff3e6401eea8310ad145a649d", 0x22}], 0x1}}, {{&(0x7f0000000380)=@rxrpc=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x40000000, @private1={0xfc, 0x1, '\x00', 0x1}, 0xc4d3}}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000400)="16406633319d79506395c083c1f588c71c4742f0f8823e4f4415c7840b4663bb4577679f419e34bf164dc119f914f8f21dcf477e64f56a2018a18c284660dac754e8be41ce735223041b1e146050c46ebfe5d5410a62981958c6332378ee1a3d3a3411a40046914f44649491313ae41ddc700cc9de2b95c8f0f56ad15e3f7c11958ec5903aa599a45cf1c08a9e", 0x8d}, {&(0x7f00000004c0)="698514e3b1f13b65e40a33c5cda2c5c9bc3648a57c5ca54bb5980fc569140a232e8d4a3b4632460f5830211d02f2daf0947865062a2bacdfb51772da92ebfd5a09823ffb2c8f82243234e6a132e950a79393a010acfc4bb3c8c67a3762292094be7d5df65eb78681a2d765007fd486376214dac92043dbb29d337b9d658d8cd754a2bd436925aae71f374d954d6906624afc26c56478885cb72ffac4472c44ae11cb041bb0299d4d9aaa473d74b76775dbede45f1570ad53f124903d83c644d0bcd33f5ca8", 0xc5}, {&(0x7f00000005c0)="1e29728e7b2b1a1726c05773935fc764466d0dcaee91b07b3c5f82ac06b3761cf34d8b665e4d7d4044eefd5101f147442dc2918d6e3085d4a01f2d8e0209bec4f84e585502e9af2bebfad5b8c804f4159178343a5bb047173875f04b5fb779c75ab8735b4d4828b21552cf378ff01281f66eea74c9c47c20753b59396fab001d98a45004b1353d4a62c2e2f71c", 0x8d}, {&(0x7f0000000680)="683750de62961e02554faefb3b8f08a52fbcb36dfeaa6df76b6194451d8351ecf4d562490ea17edcf59a", 0x2a}], 0x4}}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000700)="bb3031bd3c8f974f81c8ad375066c8d1a248fbaaa7cea49450748c39b77c9a7256aed8298fad088b4fa568d26ca6cf46fbc5458f074af16c29ec84b1566bba7ae883fdd9c8535a10230771fa21931823dfac338404f3375e68b04ff6d2ae0b790df21911524cf6f2a3fec34a3b728c69b566857a57409a0f8c6d61476b1260e6b9ead8ee48f8d9bc5e61fc02552dc3e0", 0x90}, {&(0x7f00000007c0)="a6c7586e11c13ce01b611e4cdbc49cac2976ed814c4919f192f007bd2bee4aa49532650423211cad6225b90276613f49b345d511af3acc93de08505c0f592fee93befaa7cf77a593e9589bd2349cfc1d81285fdb399df52b58e1dabd3e3e821c8208ce9c85b69cdb786392a91c15f3653ce89212545ba0446fed63190b0296c31dba97981a8f7df43db97498fcb8447be5fa4f613735602088856a4460ec8d100249236c85e945042058ed49a6abfc4519153fad0647f20cc7", 0xb9}, {&(0x7f0000000880)="edf585e88a65a0a8", 0x8}], 0x3, &(0x7f0000000900)=[@mark={{0x10, 0x1, 0x24, 0x4}}], 0x10}}, {{&(0x7f0000000a00)=@can={0x1d, r2}, 0x80, &(0x7f0000000d80), 0x0, &(0x7f0000000dc0)=[@txtime={{0x14, 0x1, 0x3d, 0x8}}, @mark={{0x10, 0x1, 0x24, 0xce}}, @mark={{0x10, 0x1, 0x24, 0xab32}}, @txtime={{0x14, 0x1, 0x3d, 0x1800000}}, @mark={{0x10, 0x1, 0x24, 0x9}}, @mark={{0x10, 0x1, 0x24, 0x80}}, @timestamping={{0x10, 0x1, 0x25, 0x8}}, @timestamping={{0x10, 0x1, 0x25, 0x38f7}}, @timestamping={{0x10, 0x1, 0x25, 0x100}}, @mark={{0x10, 0x1, 0x24, 0x2b96}}], 0xa8}}, {{0x0, 0xfff9, &(0x7f0000000f80)=[{&(0x7f0000000e80)="42255517967d4d628a782c17d08a8ee8d5b5bd857c2dfda456f4f22deafa68701027a78a567bfb0c69", 0x29}, {&(0x7f0000000ec0)="7a0abb56b4151933c7c45172dde702c60fdcb6e4bf358ce545a4d5d57cc1c4c3721012fe3eb03c546a97fb3a1da813e0b32ec61c263000870894a9edbebe905e81a0973c6555709e36ff734145c7ea500c42e58533cee00e1595c11c0950b41bd38e92342251dfaaa4b309ed18e6d718ca950dc8496c7beef5a9047f31b152050d0b0245b6fb3c87f44a8f6ed60eaa7094ea83a659185390eb808201ec40df79aae332984ef3f42b9beb9b", 0xab}], 0x2}}], 0x5, 0x10)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)

16.401578414s ago: executing program 3 (id=3032):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b986000000f0ffffffffffff", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

16.359161531s ago: executing program 3 (id=3033):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000240)='./file1\x00')
chdir(&(0x7f00000001c0)='./bus\x00')
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2000, 0x11)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x400, 0x2c)
renameat2(r3, &(0x7f0000000080)='./file0\x00', r4, &(0x7f0000000100)='./file1\x00', 0x0)
r5 = socket(0x10, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x9)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, 0x0, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)

15.714976494s ago: executing program 1 (id=3042):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000240)='./file1\x00')
chdir(&(0x7f00000001c0)='./bus\x00')
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2000, 0x11)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x400, 0x2c)
renameat2(r3, &(0x7f0000000080)='./file0\x00', r4, &(0x7f0000000100)='./file1\x00', 0x0)
r5 = socket(0x10, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x9)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, 0x0, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)

15.616693256s ago: executing program 0 (id=3035):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x1)
socket$inet_sctp(0x2, 0x1, 0x84)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r3)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000580)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)='\x00', 0x1}], 0x1}}, {{0x0, 0x3f, &(0x7f0000000040)=[{&(0x7f00000002c0)="a6", 0x3f}], 0x1}}], 0x2, 0x40448c0)
shutdown(r0, 0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
unshare(0x22020600)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
sendfile(r6, r4, 0x0, 0x7ffffffd)
getsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8)

15.298572654s ago: executing program 3 (id=3036):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xf8, 0x30, 0x1, 0x0, 0x0, {}, [{0xe4, 0x1, [@m_ct={0x98, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x44, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x56, 0x6, "8f4f6bdc23b5217b3ca37eee39c01c7077e561d8e80c2bb0a34ccc8c5fbfc2bcdd5ced1a04a5d59f00402eec50cfb40330e158a4c5fc6b2d3081a7774427a16c6122d04dc125dc50b208c504e688b7d58af1"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f00000003c0)}, 0xffffff75)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x3c}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_clone3(&(0x7f0000000100)={0x801400, &(0x7f00000000c0)=<r5=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r6)
r7 = eventfd(0x4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="7472614b42047f87ff5741646e6f3d", @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',\x00'])
write$eventfd(r7, &(0x7f0000000a80)=0x7, 0x8)
r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r8, 0xc0585605, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x101c, 0x3, 0xc, 0x2, 0x0, 0x5}})
ioctl$sock_ifreq(r4, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r4, 0x8949, &(0x7f0000000000))

1.274214048s ago: executing program 1 (id=3040):
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './mnt\x00'}, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
openat$comedi(0xffffff9c, &(0x7f0000000280)='/dev/comedi2\x00', 0x1c1880, 0x0) (async)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r2, 0x40045567, 0x0) (async)
ioctl$UI_ABS_SETUP(r2, 0x401c5504, &(0x7f00000002c0)={0x3f}) (async)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3) (async)
write$uinput_user_dev(r2, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c) (async)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, 0x0) (async)
r4 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8)
add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, &(0x7f00000001c0)={0x2, 0x0, @c}, 0x29, r4) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_tree(0xffffffffffffffff, &(0x7f00000002c0)='./mnt\x00', 0x800) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$inet6(0xa, 0x3, 0xff) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x4, 0xffffffff, 0xfffffff8, 0xfffffffc}, 0x10) (async)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=@ipv6_getnetconf={0x1c, 0x52, 0x7a48b044cfa237d, 0x70bd29, 0x25dfdbfc, {}, [@NETCONFA_FORWARDING={0x8, 0x2, 0x5}]}, 0x1c}}, 0x48010) (async)
connect$inet6(r5, &(0x7f0000000480)={0xa, 0x0, 0x3c000, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x5}, 0x1c) (async)
r7 = dup2(r5, r5)
sendmmsg$unix(r7, &(0x7f0000008380), 0x400000000000174, 0x4008890)

1.274004114s ago: executing program 1 (id=3041):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000740)=0xe)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000340)=0xff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f00000020c0)={0x2020}, 0x2020)
openat$fb0(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)

1.272001606s ago: executing program 1 (id=3043):
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000002000)=ANY=[@ANYRES8], 0x44}}, 0x2000c800)
mprotect(&(0x7f0000436000/0x4000)=nil, 0x4000, 0x2000002)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x40580, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
r4 = userfaultfd(0x80801)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x10000}, 0x1c)
close(r5)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, 0x0)
ptrace$setregset(0x4205, r0, 0x201, &(0x7f00000001c0)={0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x24181, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r6, 0xc008ae05, &(0x7f0000000140)={0x28729f328c68897})
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa2280, 0x0)
ioctl$FS_IOC_GETFLAGS(r7, 0x5437, 0x0)
close(r7)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r8, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0)

1.269475752s ago: executing program 2 (id=3044):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x1)
socket$inet_sctp(0x2, 0x1, 0x84)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r3)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000580)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)='\x00', 0x1}], 0x1}}, {{0x0, 0x3f, &(0x7f0000000040)=[{&(0x7f00000002c0)="a6", 0x3f}], 0x1}}], 0x2, 0x40448c0)
shutdown(r0, 0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
unshare(0x22020600)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
sendfile(r6, r4, 0x0, 0x7ffffffd)
getsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8)

1.263815977s ago: executing program 0 (id=3045):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000002640)=0x1, 0x4)
r2 = io_uring_setup(0x4505, &(0x7f0000000840)={0x0, 0x9a3d, 0x40, 0x1, 0x151, 0x0, r1})
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000002400)={0x1, 0xa07591455de6853f, 0x0, &(0x7f0000002340)=[{0x0}], 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x8, @remote}, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="34000000120001000700"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000001400350077673000"/28], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f00000003c0)=[@mss={0x2, 0x8}, @window={0x3, 0xe, 0x7ff}, @timestamp, @sack_perm, @window={0x3, 0x8000, 0xfffc}, @sack_perm, @sack_perm, @window={0x3, 0xfff, 0x4}, @window={0x3, 0x5}], 0x9)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x30301)
sendto$inet(r5, &(0x7f0000000100)="4697814a9c2f848d9da6136a982d6b91d3f768490d1ad0e7e44412ef4baf6eb1e87b5a5bbf9c9772dbedb60f924c5dac0b18", 0x32, 0x20040800, 0x0, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000140)={0x8, 0x2, 0x0, "2115beba7af972a16fd06e6b5694848119e1a8bc94b6871c7f46690000000011"})
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

1.237926133s ago: executing program 0 (id=3046):
r0 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r0, &(0x7f0000000740), 0xffffffffffffffbc)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
accept4$rose(r1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var={0x0, 0x0, 0x0, 0xe, 0xf00}, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x96}, 0x20)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x11}, 0x8f)
fcntl$addseals(r0, 0x409, 0x8)

1.237770596s ago: executing program 1 (id=3047):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227b34775700b697e42d713e397b2eaf4120001000000"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
socket(0x10, 0x80002, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000009c0)=@bridge_getlink={0x20, 0x12, 0x101, 0x20000000, 0xfffffffe, {0x7, 0x0, 0x0, 0x0, 0x4140, 0x8200}}, 0x20}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
rt_sigpending(0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)

1.237651803s ago: executing program 2 (id=3048):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000240)='./file1\x00')
chdir(&(0x7f00000001c0)='./bus\x00')
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2000, 0x11)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x400, 0x2c)
renameat2(r3, &(0x7f0000000080)='./file0\x00', r4, &(0x7f0000000100)='./file1\x00', 0x0)
r5 = socket(0x10, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x9)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
socket(0x2, 0x80805, 0x0)
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, 0x0, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)

1.237514062s ago: executing program 3 (id=3049):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r3=>0x0})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x54, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x88c7}, @NL80211_ATTR_FRAME={0x22, 0x33, @data_frame={@a_msdu=@type11={{0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1}, {0xff}, @broadcast, @broadcast, @random="21b5c38e4497", {0xe}}}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x54}}, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x19, 0x2, 0x0, "b43d70dde5dbbbe40f00f401bbe6c9000000c67f00"})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000040)={&(0x7f0000000100)="d8f637d9b68d9b943ac710589134615928a2db0e956b9e89cdb1bb78b761b68c657d9ee949b14398904cf9d4424ee70c2fdc9dcfd1b8997215b63a123c7f5d6e8b9b21fc5739856285e79c02f5000d219db9cc531e9b935492aced5dcd5f4dccc59f22", &(0x7f0000000180)=""/195, &(0x7f0000000280)="e91775f7cd6ec8fd08381674d57588e096ab2d51c64b264a24567756a9cb570f3575c0e207ae1d6214cdf933e5532a517b13b996692f9eab02f7a9f0a33bcc0e8dcc0eea5a213ad36beb03ae5feabe48fdcbf884e6c5b621366d7282a59b241d7d83de6744b1cd161aa628b5fbf4b5f84b34", &(0x7f0000000300)="c7fd1964ba5f30a823d602b83bbbb7ee84c246e537ef332d8ff08b24781b4b4551e7a4373ef66f718b4ff63160fae55d19d683cf22d67b079c09d6b5f6b75966cab4440fbb47e502085f821fdabf12ee3ef99d14b9bf07c5f968cd2e1b46f87de6938da705eb6abc3d8558926d7fd3fc51afffaed6d63e3005615eae160f7f888d395f699ac521b24ac24adc631ac80fd09e2ddbe2d2659d8add54261e7b3dc73ece43abefaea4980db0326c8565046f5d16c1ea5bc65e8287b8957b13720040d1f4757a5b0356232cb57ad6e167ce07c51a15422e5be7e72382ff1e1ea9c2f575c494c58832454ef7452b16771d6ab888ad11a34b1a5ed53a1c3546d960543c9875ec9195b847d53dcfa8d795ebc1f01aa01743a671e9840ec71b10dd199f1aa23e200667ddfd87baaddd1e85d0a930d262159d014bfbd85612bc05521bd38b414fe6cd0673f6bdb6ac37d68fd45dce6518ebcc42483f2930ec17ad6995ac67a66bb3b1dde6de15021e58ea946d3835ecac8a48c9301f99b07e299cff70e85f5f29a537888c64dac440296e06a743e1e2b5dc3a783031c03b187305541a7b7e9c351ccbc52b83a9361a2a4efa60c925d36eabe07ac0673d0a22676c7ec1e561dde8b1e2e7b200e4e40c9f317e09720e626fae41cd799fea78bf626734afc61bd38bb937c53f1ffcd1956c1793167630be72cdccdbfd07bad6d8dbd744c9e3b6dfd3d1671aa1c32a2d4951ab07bb67035afb8ab98ac89d9a008f4abc912c54f08fc6a20fec971425501c55e71ec874c05475a90c0a163ce74602aaa81709b76ee7f398831084f096fc738f3fe4ba5f855857698cf5bc6feb73aef86c260a9225cc7f7da62b72f1630033a552682084312aed50eba111146e068d42d006dfb3891c90e4c93f39a2aae9a7af8a97e4cd0236e2f9c70d039401e49bf51f26600e0e9526c597815e333a20be374dc56709ba77394ad58acdf17d1204494594f3deb0b96115b0cbe47da4c263b4d4eb51be3610dd9687b926e3064643bab640fe920047c1d84907ee2ce9acc29bc582fcbe96ba00679b0a2bdda9d926bc8a92d1ddb4ff011dbd7b7f95146b0844613d483841cca0be2d2e78244ae2c2c5651d08fc39f8cf75e5bde1ebc9507a652b235f341a0aa408d06bd47f38a8503b7390e1beea85e93a323e4f64342c721921c582c2401cf997e49d6f592bb332ba699f39f7f8fa44e9ff453c91acba1c868d58e7fbadc6e4c2241815f7ff2b1b43826c073b266f4bf4b7c99e99ce1be3acc7a1b01085ec322ee5143a11f9bca5ad02a56a6f0e511cb0003b04c14aad1c7285f4842f742781f207e0c1886326376ba0e371cfb0252aeb27bc69e2f39b6aeeddb3cd29ca5c44aadfe1ea7e2e23ec00b345d4b01d60b6141e141e00a7466fb1c15d84df74b623fb517a39af67011fc7f0e0fd7a5accd6cc2cc78ed413c40374b7ea5cf7b122aae1987ee2bda037d275c22322aa16297e82a5e02e5c085782f4446f90165ea8a711425f5dcb6388b3e299daea7a08a5c3dcce108ad050ce1467cf8907117c5c53b61530460a3b0c08495deaa938a113ee60b1866099867505ddc124073c51f384fe74c7e2d7913b04d817baacd78b7368f4afbb2d3a471c8003614ae1c88f9b1957fecd0585dfd1c68bc3d1581ff87985b53e6a05d10e6d4ce591bd05efc766bba9a5bcaaef34f9a588989087aafcf3a4281e7ad1258896cb89d3c068a3fa9e76168c39d0d7e981dd3af5bd6657465b400de918849568d5d377979813d7e600597e2222a81fe5433c8fd8226c92759b7bba7dafad73cf25396d8d58eab7f19416ac57f9b80be7170d4909aac80cb012385bad7dfb878004eba76114e159bbf3c0063cccc334a24c1138354201905d2081f119318c46772623786496998035080c5fe6f9ed34aa778a9ff9a066bc117d7a103195c65b7644506987a623ea0442d11b8f2aaaab7c483a6bfbca21403520696abb55b3ac280ba130fc77eec7e22f7c395f843b65e29757f3944209cb4d78d54c964e3239b251eae8514593983bf1116a53aec330854127b585cab4feea0c4fbaeee14d56a9508033e07f8c3470e0b6c9403371d150a3d94ef6dbfb8e1245922ddf2bd29ff3cc2ea5dba5cdec43798a2622242a7d520d82d61c0207222803b05ab926e3f3cc01b5c1835c51e0b9f68e839a3f3710990690d951fe279adc1c803e68c1dcaca75106eafdd6d49368f5bc183c98fb2aaa6d059fec36c5ffb97107df1a5acc6b7b12fdd396b9217647811cd26b52e0f34897ee14596210f34d0cd5382774ce01f8adeb418a559818dfbc5f128e1452679249b9138da950391483c577fcbe87b302fe3d7fda8ce080e9dc32abca18211734dbee3b0ae6f2f66ca60c4a49e9558c34f7ff267c9b548528a02feb7ddc586d46ba9b47d3fa7e35ac2a52c3f0b44749a58a1ee9da8c0705f26f0ac482d0b9df92ae2998ee8d5717a8d9d465856d6eb9edd0a63b99d7a38b292c9d90fbe5b1b270ba58f27734c4c666c92ec99027f539ea9ef3139322f2cf88e3ac5616631518ed728a4e520a064dd35e1eacfd6c64c0a66490649ab9a1223852330c773999c52e858cfba7642d1aefa802a630c02d63ff7ee49d37000dac0013f02902c379b2aeb7a1d6f6034c9611c23c9a8218c5af1982057b6c4319028863b82d32e080b51805f7f4ec5261482a18170d8f8a9bd36c7df01b276e030c2cd4890143bff32aff143772c1dc1d3da06acd4bdc565f993d585452d1a46727ff7805f244371eff03be97f8c7e3586603a2b160804337ceb1962422eef6e582777d46e1ed9a5fc392e0f61ab3fccd3d265bdac619367ce1eb34de250fdd543946251234eac0d3515145c33a7ea2a3f104ff7934de2e1f63035ba2aa380bcd00b77733817753587a7a125478de4721dddbd89e9a3864babf696da66acdde3f772e89275fe06f3db46380b3863f9648b468cb8013374ad98c925d2a67a17550719379ce25ca5b3e7f718154019f3f2235afb16da950e6b746b36479253247e3058d9f46d7d9ba285eb6aa5b577a94def61f08a221ee0f8c27071ff0f4cac0e6ca3de73053a58bb44640711ddd51ed6ebc7e34b4a45c102a6e3cfde8ce2be25264bfbd3d389dbd4aa8312c6cadb4e297b433d5b12d67123916acee00214e5ffc372263b44074d3abca186baab2cc3f2ff9063cf442a0754e62c2cf5fd1a6947cb6195807a4de3b4db1bdd96fe90c01d3c1df536f5c1e3f4c0749506c40d6d228cb9133eaf610379b651e9fa375a5b640792a0a3a2435be9dfe0599fc2f05e64d134ce59c206bf1434c6d930594f825f6e85003efaccc4f282b840abb4c5ee32172e1055c7cf8e8fc4a47eb4fa29c663bb73ac2435e4cbf94281e6595e823920eab195b07840c66fea4b93db2cc2f3995b664ac4c43433d7acfc3460ef6111bb6174952151a5b87d4bbac931b9758f8dad672408d6013d2efb4c4240e54dd5f996ecf6e5eb667d6c2d926ded3ded178796327fb57bf51636d632a36a7d9f1cee42017ec02e40de7c8521ba4e3ec74b0a8274f397044ca10a617470887d221cf4b5bce8f3d3801939f4d77fa4221adc3d21d21e7a4e3fb3ed48b0a112c418d7329d33ae545b3943c3e50c6e04834242e382b6d43936b3948064dfb43c2916c8a39b7f770eb28bf95822fdffbb3b02bd223746e27abb656e8d32f804cb814714d5f3d0d6337d96da0a0797148453aee01d425715a393bab174c00a5e99588ad6966f32e6e44bab2a5390e3b72dd732f446fe984b8f640e8c625681160a880ab6fb1c4408c0b2cb381f1de4f76cd4e8c59d01ee2ca654d6434146718d6fbbc0da9696e50406657bc515261351925ae94009548203d17ae9c1e1c753da0030626b47e06026dd3307979c1230d868e216dcfc50329b90df0f39a0ecf710b99aeac5a7ae60e808c15cf7f56e68965e6d9bf8f8cca9082339a482c01dc4a5fc86e04ff2891da5f2042a145e705b777bfe12325275da9ec13adc6cd52eb3fc601979420665b8e2283083ee5121eb9a6f58ed09b843ff4ebb38b9d0df844ff3fcc5a44a8893dcd75cc8af1a49a9008f035c516450e3f907dc05619baa7e9c9de891c0d16cd66595c514a72467c6aa0485f3b3eede390fd69927a794fa33fa738a2e25a7d58bccf21d962312c1393fb16f4a0a5a15702c72f38d87cdbad76e80bc32c31adcbb2243e475d36617f5b52687997224960a430939fb216507a70c6ca014940a2acafa327c124149bc2d6b3ef6d323fbb6be2b24eb1176df348856a1c7c9f3d23e60f563ed46978c855ba628ca3f2a68730ec279be0a0e8bf331b0b97bac43858fe5c38ee399b700a0528ba1d3e9ae67d624f8d321e71a50ea9123b5f50b0b008453f49abd020948e1f6e8f22b275473c47b694fe664d18e5fc5a274078165e1cf752ce3224b41f3d5a6f3f4260791e17c6ab247159c7c9c530a5a23531c23840194824d6305592570a6eca1212ae4b46423aa9edc88b93799478ad62daccc578a5da01e992520ffb7f823a5be8cdb57df1c7e37bd8304a055b94dfb42b66ed05de6566ff09a6781c551ebf2e45b22e05d33d0d5e79f27582622445e8f02601893c8f13754d5158505fb6e3a43e318eb08c30679a68aaeb3a03d3365b7018a2f17fab6ebe7b64985fd198fc376b09f80d42c9dabb8c399e8c2f6d915d49b09b0ff6802d8df39cf23a20693431464ec4cda01e99509cd6b98c8043c9bd23644f648465bc606298eb6732b798ca80be80750c6ff9579cc4baa35d917a28d05fd0c1235636201436cd6ecc85c00e1937a5eae687d502cc6ce12119a4cf07b0647946a8a10a45b3fb0db0cbe71c611655e75f9dc2343783f722e5434a34cba9a6ceb1a1d05c2cf50670a6984d1fa3f0ab6749b79ac6b4752f5f07407fc107b52d763ebbbe3caf06c9d4e5966485147941acfc446ee32655226020061efc484a52c8fb6b2c995ea8ec39f2ed026da5232f14e41a3af9a6efc7a0fb8f06ee858798aee66c5b5240fc99d7fecdffea2bfc15b9faf347dba796f73f46d6baa4bf649cb6c4c066082219c29a1de782d50af56cfafcb42714cc4009ed6daae733367b87f0707c44465b74b1727c63333336f06320ba4637b46d77d08c34ec9cd31569bde2678562adcdc1148c0f5dc01e1d1b77e701ae4af117c1fcf6018ad81d7ad2528fa4461f760f9d3c76e749d3c20da296e2dc9536d328b65909b7c207476d11c65d2d9ee76e055817854254d26ce741f1e3166835cfc3790eec6c00bf8e97b94fc75f9c86ccea69946cb97780c12280d3443ceae0309677cf8f058a389ab6d7b181c5456944147ce87a6b8ed1310ff695980b36141961e93b65ce6b9b654871e9a7babe1b248bf8ffc31f7eca62d7533c15a0ad50d62a70479f3393adb31592ea1b98605946e54d0e14946495e9e97192a28a01cdc481148e44fd422c6bc631f6f5378cc79c621d985a4c238e8b71670a377ca1e3deae055feb76509a8fa34f9354a066b5f530d210305ecce9d43f1e62cb2430601d39065fa0bc7def1d67ceb787dd82dbd8e5b4b336166abe0963c8971f30c2e06f13e556c9f72a1391e672f1fa6741519636c1a2c03b6e5bd1c72b913c6a9c973f0ac912bae3d3cefb3d4711b2066c9f55e3fa477cb8f2c0cda8ce5f39ade6728899564bb5865e47877186f91aedddf425e39284805aeca699b00cbf111f887aa1c80b9fcebdb5c39cdbb5c54739dc93400f6859e2fd1c8a3e56f3d8335e5485d0", 0xffff8000, 0x1}, 0x38)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r4, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r5, 0xfffffffd, 0x0, 0x30, 0x0, @in={0x2, 0x4e23, @loopback}, @ib={0x1b, 0x0, 0x9, {"7d0300"}, 0x0, 0x0, 0x2}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {r5, 0xffffffef}}, 0x10)
close(r4)
r6 = syz_open_dev$usbmon(&(0x7f0000000080), 0x80000001, 0x400)
syz_open_dev$usbfs(&(0x7f0000000000), 0x476, 0x189242)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDFONTOP_GET(r7, 0x4b72, &(0x7f00000003c0)={0x1, 0xfffffffc, 0x11, 0x20, 0x111, 0x0})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_int(r8, 0x11a, 0x3, &(0x7f0000001080), 0xc6)
ioctl$MON_IOCG_STATS(r6, 0x80089203, &(0x7f00000000c0))

1.194011936s ago: executing program 3 (id=3050):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227b34775700b697e42d713e397b2eaf4120001000000"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
socket(0x10, 0x80002, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000009c0)=@bridge_getlink={0x20, 0x12, 0x101, 0x20000000, 0xfffffffe, {0x7, 0x0, 0x0, 0x0, 0x4140, 0x8200}}, 0x20}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
rt_sigpending(0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)

262.985216ms ago: executing program 0 (id=3051):
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x108}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r4 = dup(0xffffffffffffffff)
ioctl$SCSI_IOCTL_DOORUNLOCK(r4, 0x5381)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x30, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1ff}]}, 0x30}}, 0x0)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000c80)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffc]}})
dup(r5)
r7 = socket(0x8000000010, 0x2, 0x0)
write(r7, &(0x7f00000002c0)="7e0000001c000704ab5b2509b86803000aab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5b", 0x7e)
r8 = socket(0x840000000002, 0x3, 0x100)
sendmmsg$inet(r8, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
syz_emit_ethernet(0x52, &(0x7f00000000c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fbff00", 0x1c, 0x2c, 0x0, @remote, @local, {[@routing={0x3a, 0x0, 0x0, 0xe}], {{0x8000, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

130.985704ms ago: executing program 2 (id=3052):
r0 = openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x10201, 0x0)
mmap(&(0x7f0000471000/0x3000)=nil, 0x3000, 0x1000000, 0x8031, r0, 0x0)
r1 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
wait4(r1, 0x0, 0x20000002, 0x0)

106.356899ms ago: executing program 2 (id=3053):
openat$drirender128(0xffffff9c, &(0x7f00000000c0), 0x80, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file0\x00'})
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030033000b12d25a80648c2594f90124fc60100c03400f000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

1.045256ms ago: executing program 2 (id=3054):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030033000b12d25a80648c2594f90124fc60100c03400f000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

0s ago: executing program 2 (id=3055):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r0, 0x1000)
read(r0, &(0x7f0000000000)=""/124, 0x7c)
futex(0x0, 0x1, 0x800001, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'c6xdigio\x00', [0x4f2b, 0x5, 0x3, 0x4, 0x5, 0xcc7, 0xf, 0xb, 0xa, 0x100, 0x2, 0x1, 0xfffffffd, 0x40, 0x6, 0x101, 0x0, 0x1a449, 0x2, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0xa, 0xe69, 0x3f, 0x8, 0x2, 0x0, 0xfffffff8]})

kernel console output (not intermixed with test programs):

g interface: batadv_slave_0
[  400.566152][T13302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.583185][T13302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.601468][T13302] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.604451][T13302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.614660][T13302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.648933][T13302] hsr_slave_0: entered promiscuous mode
[  400.651101][T13302] hsr_slave_1: entered promiscuous mode
[  400.653244][T13302] debugfs: 'hsr0' already exists in 'hsr'
[  400.655586][T13302] Cannot create hsr debugfs directory
[  400.787065][   T13] IPVS: stop unused estimator thread 0...
[  400.806025][   T40] audit: type=1326 audit(1755714071.970:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13352 comm="syz.1.2062" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703e579 code=0x0
[  401.096346][T13302] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  401.101664][T13302] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  401.106342][T13302] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  401.115453][T13302] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  401.156866][T13302] 8021q: adding VLAN 0 to HW filter on device bond0
[  401.164807][T13302] 8021q: adding VLAN 0 to HW filter on device team0
[  401.169125][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.171360][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.176796][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.179624][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.256546][T13302] 8021q: adding VLAN 0 to HW filter on device batadv0
[  401.271840][T13302] veth0_vlan: entered promiscuous mode
[  401.273727][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  401.278849][T13302] veth1_vlan: entered promiscuous mode
[  401.289928][T13302] veth0_macvtap: entered promiscuous mode
[  401.295321][T13302] veth1_macvtap: entered promiscuous mode
[  401.304855][T13302] batman_adv: batadv0: Interface activated: batadv_slave_0
[  401.311857][T13302] batman_adv: batadv0: Interface activated: batadv_slave_1
[  401.319717][   T46] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  401.322874][   T46] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  401.325544][   T46] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  401.329449][   T46] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  401.344685][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.347327][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.356841][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.359380][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.753573][ T5981] Bluetooth: hci0: command tx timeout
[  402.313583][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  402.349609][T13442] netlink: 'syz.0.2073': attribute type 3 has an invalid length.
[  402.352766][T13442] netlink: 'syz.0.2073': attribute type 1 has an invalid length.
[  402.356621][T13442] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.2073'.
[  402.389221][T13444] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2075'.
[  402.969757][T13456] netlink: 'syz.2.2078': attribute type 1 has an invalid length.
[  402.973092][T13456] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2078'.
[  403.353469][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  403.626862][T13467] netlink: 'syz.2.2089': attribute type 1 has an invalid length.
[  403.629453][T13467] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2089'.
[  403.668238][T13473] netlink: 'syz.2.2083': attribute type 3 has an invalid length.
[  403.671626][T13473] netlink: 'syz.2.2083': attribute type 1 has an invalid length.
[  403.677035][T13473] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.2083'.
[  403.843426][ T5981] Bluetooth: hci0: command tx timeout
[  404.025905][T13462] Set syz1 is full, maxelem 65536 reached
[  404.393376][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  405.113837][T13502] FAULT_INJECTION: forcing a failure.
[  405.113837][T13502] name failslab, interval 1, probability 0, space 0, times 0
[  405.118524][T13502] CPU: 3 UID: 0 PID: 13502 Comm: syz.3.2091 Not tainted syzkaller #0 PREEMPT(full) 
[  405.118540][T13502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.118547][T13502] Call Trace:
[  405.118552][T13502]  <TASK>
[  405.118558][T13502]  dump_stack_lvl+0x16c/0x1f0
[  405.118575][T13502]  should_fail_ex+0x512/0x640
[  405.118591][T13502]  ? input_ff_create+0x84/0x350
[  405.118604][T13502]  should_failslab+0xc2/0x120
[  405.118618][T13502]  __kmalloc_noprof+0xd2/0x510
[  405.118630][T13502]  ? input_alloc_absinfo+0x111/0x140
[  405.118646][T13502]  input_ff_create+0x84/0x350
[  405.118659][T13502]  uinput_ioctl_handler.isra.0+0x1181/0x1df0
[  405.118674][T13502]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  405.118688][T13502]  ? rcu_is_watching+0x12/0xc0
[  405.118699][T13502]  ? __fget_files+0x204/0x3c0
[  405.118712][T13502]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  405.118728][T13502]  ? __pfx_uinput_compat_ioctl+0x10/0x10
[  405.118742][T13502]  __ia32_compat_sys_ioctl+0x23f/0x370
[  405.118758][T13502]  __do_fast_syscall_32+0x7c/0x3a0
[  405.118773][T13502]  do_fast_syscall_32+0x32/0x80
[  405.118786][T13502]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.118800][T13502] RIP: 0023:0xf7f57579
[  405.118809][T13502] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.118820][T13502] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  405.118830][T13502] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000005501
[  405.118837][T13502] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  405.118842][T13502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.118848][T13502] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.118854][T13502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.118863][T13502]  </TASK>
[  405.119217][T13502] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2091'.
[  405.170867][T13504] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2091'.
[  405.187294][T13504] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2091'.
[  405.212490][T13506] netlink: 'syz.3.2092': attribute type 1 has an invalid length.
[  405.215678][T13506] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2092'.
[  405.262781][T13510] netlink: 'syz.3.2094': attribute type 3 has an invalid length.
[  405.267118][T13510] netlink: 'syz.3.2094': attribute type 1 has an invalid length.
[  405.269991][T13510] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.2094'.
[  405.443298][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  405.645737][T13523] netlink: 'syz.2.2098': attribute type 4 has an invalid length.
[  405.913370][ T5981] Bluetooth: hci0: command tx timeout
[  406.234560][T13540] netlink: 'syz.2.2102': attribute type 1 has an invalid length.
[  406.237050][T13540] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2102'.
[  406.255841][T13542] netlink: 'syz.2.2103': attribute type 3 has an invalid length.
[  406.258368][T13542] netlink: 'syz.2.2103': attribute type 1 has an invalid length.
[  406.260831][T13542] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.2103'.
[  406.473304][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  406.642746][T13564] netlink: 'syz.1.2112': attribute type 1 has an invalid length.
[  406.645319][T13564] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2112'.
[  406.666234][T13566] netlink: 'syz.1.2113': attribute type 3 has an invalid length.
[  406.668808][T13566] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2113'.
[  407.343887][T13597] netlink: 'syz.3.2122': attribute type 1 has an invalid length.
[  407.402644][T13604] bond0: (slave bond_slave_1): Releasing backup interface
[  407.513300][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  407.621780][T13611] vxfs: WRONG superblock magic 00000000 at 1
[  407.623889][T13611] vxfs: WRONG superblock magic 00000000 at 8
[  407.625813][T13611] vxfs: can't find superblock.
[  407.993237][ T5981] Bluetooth: hci0: command tx timeout
[  408.072710][T13631] FAULT_INJECTION: forcing a failure.
[  408.072710][T13631] name failslab, interval 1, probability 0, space 0, times 0
[  408.076715][T13631] CPU: 1 UID: 0 PID: 13631 Comm: syz.1.2134 Not tainted syzkaller #0 PREEMPT(full) 
[  408.076730][T13631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  408.076737][T13631] Call Trace:
[  408.076741][T13631]  <TASK>
[  408.076745][T13631]  dump_stack_lvl+0x16c/0x1f0
[  408.076761][T13631]  should_fail_ex+0x512/0x640
[  408.076788][T13631]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  408.076804][T13631]  should_failslab+0xc2/0x120
[  408.076818][T13631]  __kmalloc_noprof+0xd2/0x510
[  408.076831][T13631]  tomoyo_realpath_from_path+0xc2/0x6e0
[  408.076846][T13631]  ? tomoyo_profile+0x47/0x60
[  408.076856][T13631]  tomoyo_path_number_perm+0x245/0x580
[  408.076867][T13631]  ? tomoyo_path_number_perm+0x237/0x580
[  408.076880][T13631]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  408.076894][T13631]  ? preempt_count_add+0x76/0x150
[  408.076912][T13631]  ? rcu_is_watching+0x12/0xc0
[  408.076924][T13631]  ? __fget_files+0x204/0x3c0
[  408.076934][T13631]  ? hook_file_ioctl_common+0x145/0x410
[  408.076948][T13631]  ? lock_release+0x201/0x2f0
[  408.076963][T13631]  ? __fget_files+0x20e/0x3c0
[  408.076974][T13631]  security_file_ioctl_compat+0x9b/0x240
[  408.076987][T13631]  __ia32_compat_sys_ioctl+0xc3/0x370
[  408.077004][T13631]  __do_fast_syscall_32+0x7c/0x3a0
[  408.077019][T13631]  do_fast_syscall_32+0x32/0x80
[  408.077032][T13631]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  408.077045][T13631] RIP: 0023:0xf703e579
[  408.077053][T13631] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  408.077064][T13631] RSP: 002b:00000000f53db55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  408.077074][T13631] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000005452
[  408.077081][T13631] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  408.077087][T13631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  408.077092][T13631] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  408.077098][T13631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  408.077108][T13631]  </TASK>
[  408.077275][T13631] ERROR: Out of memory at tomoyo_realpath_from_path.
[  408.553184][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  408.864623][T13637] kernel read not supported for file /bus (pid: 13637 comm: syz.0.2136)
[  408.868118][   T40] audit: type=1800 audit(1755714080.030:434): pid=13637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2136" name="bus" dev="mqueue" ino=52233 res=0 errno=0
[  409.593058][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  409.846374][T13657] __nla_validate_parse: 6 callbacks suppressed
[  409.846386][T13657] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2142'.
[  410.633033][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  410.761078][T13686] validate_nla: 5 callbacks suppressed
[  410.761090][T13686] netlink: 'syz.0.2151': attribute type 1 has an invalid length.
[  410.765470][T13686] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2151'.
[  410.975826][T13695] netlink: 'syz.1.2150': attribute type 10 has an invalid length.
[  410.982008][T13695] batman_adv: batadv0: Adding interface: team0
[  410.984851][T13695] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  410.995392][T13695] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  411.007242][T13695] netlink: 'syz.1.2150': attribute type 10 has an invalid length.
[  411.009574][T13695] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2150'.
[  411.012440][T13695] team0: entered promiscuous mode
[  411.015316][T13695] team_slave_0: entered promiscuous mode
[  411.017374][T13695] team_slave_1: entered promiscuous mode
[  411.019317][T13695] dummy0: entered promiscuous mode
[  411.025262][T13695] 8021q: adding VLAN 0 to HW filter on device team0
[  411.029956][T13695] batman_adv: batadv0: Interface activated: team0
[  411.032181][T13695] batman_adv: batadv0: Interface deactivated: team0
[  411.034677][T13695] batman_adv: batadv0: Removing interface: team0
[  411.059580][T13709] hub 6-0:1.0: USB hub found
[  411.061239][T13709] hub 6-0:1.0: 1 port detected
[  411.629577][T13719] netlink: 'syz.1.2161': attribute type 1 has an invalid length.
[  411.632985][T13719] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2161'.
[  411.673030][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  411.698160][T13723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2163'.
[  411.829868][T13740] netlink: 'syz.3.2170': attribute type 3 has an invalid length.
[  411.832448][T13740] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2170'.
[  411.883193][T13747] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2172'.
[  412.021475][T13755] netlink: 'syz.2.2176': attribute type 3 has an invalid length.
[  412.024192][T13755] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2176'.
[  412.544537][T13778] syzkaller1: entered promiscuous mode
[  412.546310][T13778] syzkaller1: entered allmulticast mode
[  412.549052][T13778] program syz.1.2183 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  412.553075][T13778] nfs: Unknown parameter 'fscCntext'
[  412.712927][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  413.406351][T13794] netlink: 'syz.0.2189': attribute type 3 has an invalid length.
[  413.409413][T13794] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2189'.
[  413.610120][T13803] bond0: (slave wlan1): Releasing backup interface
[  413.762870][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  413.885324][T13807] kernel read not supported for file /bus (pid: 13807 comm: syz.3.2192)
[  413.888144][   T40] audit: type=1800 audit(1755714085.050:435): pid=13807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2192" name="bus" dev="mqueue" ino=50064 res=0 errno=0
[  414.497839][T13825] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2197'.
[  414.571832][T13829] netlink: 'syz.1.2199': attribute type 3 has an invalid length.
[  414.802752][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  415.250295][T13840] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  415.258584][T13840] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  415.261455][T13840] overlayfs: missing 'lowerdir'
[  415.270188][T13840] overlayfs: failed lookup in lower (newroot/37, name='bus', err=-40): overlapping layers
[  415.397064][T13849] __nla_validate_parse: 1 callbacks suppressed
[  415.397075][T13849] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2206'.
[  415.493098][   T40] audit: type=1326 audit(1755714086.651:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.499897][   T40] audit: type=1326 audit(1755714086.651:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.518287][   T40] audit: type=1326 audit(1755714086.681:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.525499][   T40] audit: type=1326 audit(1755714086.681:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.532314][   T40] audit: type=1326 audit(1755714086.681:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.539447][   T40] audit: type=1326 audit(1755714086.691:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.547335][   T40] audit: type=1326 audit(1755714086.691:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.554929][   T40] audit: type=1326 audit(1755714086.691:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.561979][   T40] audit: type=1326 audit(1755714086.691:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13845 comm="syz.2.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  415.586532][T13851] random: crng reseeded on system resumption
[  415.832973][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  416.858847][T13864] netlink: 'syz.3.2212': attribute type 10 has an invalid length.
[  416.863024][T13864] syz_tun: entered promiscuous mode
[  416.866811][T13864] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  416.882631][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  417.013300][T13860] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  417.242831][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.246707][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.249470][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.252000][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.252021][T13880] Invalid ELF header magic: != ELF
[  417.255521][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.259350][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.261952][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.264778][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.267484][T13881] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  417.313317][T13891] pimreg: entered allmulticast mode
[  417.316013][T13891] pimreg: left allmulticast mode
[  417.349022][T13884] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  417.360350][T13884] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  417.363426][T13884] overlayfs: missing 'lowerdir'
[  417.369297][T13884] overlayfs: failed lookup in lower (newroot/582, name='bus', err=-40): overlapping layers
[  417.544896][T13900] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  417.693550][T13900] /dev/sr0: Can't open blockdev
[  417.792146][ T5981] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  417.792197][ T5981] Bluetooth: hci1: adv larger than maximum supported
[  417.794721][ T5981] Bluetooth: hci1: Malformed LE Event: 0x0d
[  417.912705][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  418.344051][T13918] fuse: Bad value for 'fd'
[  418.753441][T13928] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  418.787972][T13928] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  418.791842][T13928] overlayfs: missing 'lowerdir'
[  418.799207][T13928] overlayfs: failed lookup in lower (newroot/559, name='bus', err=-40): overlapping layers
[  418.952596][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  419.768765][T13959] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2242'.
[  419.886642][T13961] random: crng reseeded on system resumption
[  419.992567][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  420.337967][T13977] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2255'.
[  421.032525][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  421.399669][T14001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2254'.
[  421.429025][T13996] syz.2.2253 (13996): drop_caches: 1
[  421.432780][T13997] syz.2.2253 (13997): drop_caches: 1
[  421.530619][T14018] random: crng reseeded on system resumption
[  421.580786][T14017] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2262'.
[  421.618375][T14017] bond0: (slave syz_tun): Releasing backup interface
[  421.625497][T14017] bridge_slave_0: left allmulticast mode
[  421.627373][T14017] bridge_slave_0: left promiscuous mode
[  421.629127][T14017] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.637159][T14017] bridge_slave_1: left allmulticast mode
[  421.639018][T14017] bridge_slave_1: left promiscuous mode
[  421.641684][T14017] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.674891][T14017] bond0: (slave bond_slave_0): Releasing backup interface
[  421.677964][T14017] team0: Port device team_slave_0 removed
[  421.719444][T14017] team0: Port device team_slave_1 removed
[  421.719739][T14017] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.719748][T14017] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.778318][T14017] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.778331][T14017] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.821781][T14017] team0: Mode changed to "loadbalance"
[  421.914259][T14020] syz.1.2263 (14020): drop_caches: 2
[  422.072380][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  422.457736][T14025] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  422.601421][T14036] FAULT_INJECTION: forcing a failure.
[  422.601421][T14036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.605585][T14036] CPU: 2 UID: 0 PID: 14036 Comm: syz.1.2268 Not tainted syzkaller #0 PREEMPT(full) 
[  422.605599][T14036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.605606][T14036] Call Trace:
[  422.605610][T14036]  <TASK>
[  422.605614][T14036]  dump_stack_lvl+0x16c/0x1f0
[  422.605630][T14036]  should_fail_ex+0x512/0x640
[  422.605646][T14036]  _copy_to_user+0x32/0xd0
[  422.605656][T14036]  store_msg+0x44/0x160
[  422.605671][T14036]  compat_do_msg_fill+0xa5/0xf0
[  422.605687][T14036]  do_msgrcv+0x101e/0x16c0
[  422.605695][T14036]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  422.605709][T14036]  ? __pfx_compat_do_msg_fill+0x10/0x10
[  422.605726][T14036]  ? __pfx_do_msgrcv+0x10/0x10
[  422.605736][T14036]  ? __pfx_ksys_write+0x10/0x10
[  422.605750][T14036]  ? __do_fast_syscall_32+0x7c/0x3a0
[  422.605764][T14036]  __do_fast_syscall_32+0x7c/0x3a0
[  422.605777][T14036]  do_fast_syscall_32+0x32/0x80
[  422.605791][T14036]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.605804][T14036] RIP: 0023:0xf703e579
[  422.605812][T14036] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.605822][T14036] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000191
[  422.605832][T14036] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800004c0
[  422.605839][T14036] RDX: 000000000000005c RSI: 000000009dc29567 RDI: 0000000000002000
[  422.605845][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.605851][T14036] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  422.605857][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.605866][T14036]  </TASK>
[  422.937826][T14044] 9pnet_fd: Insufficient options for proto=fd
[  422.952021][T14044] bridge0: port 1(erspan0) entered disabled state
[  422.967657][T14044] team0: left promiscuous mode
[  422.969283][T14044] team_slave_0: left promiscuous mode
[  422.971257][T14044] team_slave_1: left promiscuous mode
[  422.973887][T14044] dummy0: left promiscuous mode
[  422.982056][T14044] macsec0: left allmulticast mode
[  422.984316][T14044] macsec1: left allmulticast mode
[  422.987555][T14044] pim6reg1: left promiscuous mode
[  422.989251][T14044] pim6reg1: left allmulticast mode
[  422.992950][T14044] bridge0: left promiscuous mode
[  423.112426][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  423.516362][T14062] validate_nla: 8 callbacks suppressed
[  423.516374][T14062] netlink: 'syz.3.2282': attribute type 3 has an invalid length.
[  423.520558][T14062] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2282'.
[  423.652908][T14067] netlink: 'syz.3.2285': attribute type 3 has an invalid length.
[  423.655365][T14067] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2285'.
[  423.772921][T14065] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  423.812974][T14072] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2278'.
[  423.922803][   T59] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  424.152443][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  424.168532][T14081] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2279'.
[  424.762019][T14100] netlink: 'syz.1.2287': attribute type 3 has an invalid length.
[  424.764648][T14100] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2287'.
[  425.192214][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  425.954453][T14127] fuse: Bad value for 'fd'
[  425.975590][T14129] netlink: 'syz.2.2297': attribute type 3 has an invalid length.
[  425.978237][T14129] netlink: 199644 bytes leftover after parsing attributes in process `syz.2.2297'.
[  426.128781][ T5987] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  426.132015][ T5987] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  426.135483][ T5987] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  426.138916][ T5987] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  426.141623][ T5987] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  426.150472][T10014] syz_tun (unregistering): left promiscuous mode
[  426.293970][T14137] chnl_net:caif_netlink_parms(): no params data found
[  426.342504][T14137] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.345259][T14137] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.347747][T14137] bridge_slave_0: entered allmulticast mode
[  426.350842][T14137] bridge_slave_0: entered promiscuous mode
[  426.354204][T14137] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.356559][T14137] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.359556][T14137] bridge_slave_1: entered allmulticast mode
[  426.363004][T14137] bridge_slave_1: entered promiscuous mode
[  426.399893][T14137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  426.405030][T14137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.430327][T14137] team0: Port device team_slave_0 added
[  426.433864][T14137] team0: Port device team_slave_1 added
[  426.459576][T14137] batman_adv: batadv0: Adding interface: batadv_slave_0
[  426.461876][T14137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.470124][T14137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  426.475470][T14137] batman_adv: batadv0: Adding interface: batadv_slave_1
[  426.477696][T14137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.487063][T14137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  426.512728][T14137] hsr_slave_0: entered promiscuous mode
[  426.515139][T14137] hsr_slave_1: entered promiscuous mode
[  426.517113][T14137] debugfs: 'hsr0' already exists in 'hsr'
[  426.518970][T14137] Cannot create hsr debugfs directory
[  426.567640][ T1179] erspan0: left allmulticast mode
[  426.569632][ T1179] erspan0: left promiscuous mode
[  426.571725][ T1179] bridge0: port 1(erspan0) entered disabled state
[  426.716907][ T1179] bond1 (unregistering): Released all slaves
[  426.722224][ T1179] bond2 (unregistering): Released all slaves
[  426.777818][ T1179] tipc: Disabling bearer <udp:s>
[  426.779517][ T1179] tipc: Left network mode
[  427.214524][ T1179] batadv_slave_0: left promiscuous mode
[  427.219252][ T1179] hsr_slave_0: left promiscuous mode
[  427.221428][ T1179] hsr_slave_1: left promiscuous mode
[  427.231617][ T1179] batman_adv: batadv0: Removing interface: batadv_slave_0
[  427.234256][ T1179] batman_adv: batadv0: Removing interface: batadv_slave_1
[  427.360108][ T1179] team0 (unregistering): Port device team_slave_1 removed
[  427.369039][ T1179] team0 (unregistering): Port device team_slave_0 removed
[  427.411080][ T1179] team0 (unregistering): Port device dummy0 removed
[  427.434046][T14137] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  427.438043][T14137] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  427.443628][T14137] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  427.449033][T14137] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  427.482953][T14137] 8021q: adding VLAN 0 to HW filter on device bond0
[  427.492353][T14137] 8021q: adding VLAN 0 to HW filter on device team0
[  427.499708][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.501981][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  427.507917][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.510224][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  427.591249][T14196] netlink: 'syz.0.2306': attribute type 3 has an invalid length.
[  427.594504][T14196] netlink: 199644 bytes leftover after parsing attributes in process `syz.0.2306'.
[  427.607098][T14137] 8021q: adding VLAN 0 to HW filter on device batadv0
[  427.627698][T14137] veth0_vlan: entered promiscuous mode
[  427.633901][T14137] veth1_vlan: entered promiscuous mode
[  427.645422][T14137] veth0_macvtap: entered promiscuous mode
[  427.649264][T14137] veth1_macvtap: entered promiscuous mode
[  427.657106][T14137] batman_adv: batadv0: Interface activated: batadv_slave_0
[  427.665314][T14137] batman_adv: batadv0: Interface activated: batadv_slave_1
[  427.671773][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  427.674985][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  427.675091][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  427.677132][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  427.697642][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  427.700170][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  427.707428][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  427.710205][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  427.722106][ T1179] IPVS: stop unused estimator thread 0...
[  427.802475][T14204] netlink: 'syz.2.2308': attribute type 3 has an invalid length.
[  427.805836][T14204] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2308'.
[  428.132104][ T6165] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  428.162109][ T5987] Bluetooth: hci4: command tx timeout
[  428.293905][ T6165] usb 7-1: config index 0 descriptor too short (expected 45863, got 27)
[  428.297159][ T6165] usb 7-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  428.301271][ T6165] usb 7-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  428.305632][ T6165] usb 7-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  428.310753][ T6165] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  428.314633][ T6165] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  428.317850][ T6165] usb 7-1: Product: syz
[  428.319504][ T6165] usb 7-1: Manufacturer: syz
[  428.321367][ T6165] usb 7-1: SerialNumber: syz
[  429.153572][T14228] netlink: 'syz.3.2314': attribute type 3 has an invalid length.
[  429.156115][T14228] netlink: 199644 bytes leftover after parsing attributes in process `syz.3.2314'.
[  429.204948][T14232] netlink: 'syz.3.2318': attribute type 3 has an invalid length.
[  429.207587][T14232] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2318'.
[  430.232001][ T5987] Bluetooth: hci4: command tx timeout
[  430.893236][ T6165] usb 7-1: USB disconnect, device number 26
[  431.016952][T14265] netlink: 320 bytes leftover after parsing attributes in process `syz.3.2330'.
[  431.021555][T14265] : entered promiscuous mode
[  431.291978][ T6165] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  431.443535][ T6165] usb 7-1: config index 0 descriptor too short (expected 45863, got 27)
[  431.446314][ T6165] usb 7-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  431.449152][ T6165] usb 7-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  431.453004][ T6165] usb 7-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  431.459410][ T6165] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  431.462422][ T6165] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  431.464975][ T6165] usb 7-1: Product: syz
[  431.466295][ T6165] usb 7-1: Manufacturer: syz
[  431.467831][ T6165] usb 7-1: SerialNumber: syz
[  432.314490][ T5987] Bluetooth: hci4: command tx timeout
[  432.383879][T14294] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  432.386452][T14294] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  432.390137][T14294] vhci_hcd vhci_hcd.0: Device attached
[  432.681904][ T8102] usb 38-1: SetAddress Request (10) to port 0
[  432.684720][ T8102] usb 38-1: new SuperSpeed USB device number 10 using vhci_hcd
[  433.062678][T14295] vhci_hcd: connection reset by peer
[  433.065337][   T13] vhci_hcd: stop threads
[  433.067146][   T13] vhci_hcd: release socket
[  433.069029][   T13] vhci_hcd: disconnect device
[  433.382010][   T24] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  433.531892][   T24] usb 8-1: Using ep0 maxpacket: 16
[  433.536102][   T24] usb 8-1: config 33 has 0 interfaces, different from the descriptor's value: 9
[  433.539924][   T24] usb 8-1: New USB device found, idVendor=1fd2, idProduct=6006, bcdDevice= 0.00
[  433.543745][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.712901][T14327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2345'.
[  433.758258][T13781] usb 8-1: USB disconnect, device number 29
[  433.975550][ T6165] usb 7-1: USB disconnect, device number 27
[  434.092420][T14334] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  434.392196][ T5987] Bluetooth: hci4: command tx timeout
[  435.843730][T14379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2361'.
[  437.771529][ T8102] usb 38-1: device descriptor read/8, error -110
[  438.156754][T14422] tmpfs: Unknown parameter '�'
[  438.171882][ T8102] usb usb38-port1: attempt power cycle
[  438.345687][T14433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2375'.
[  438.369341][T14435] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  438.381737][T14435] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  438.732102][ T8102] usb usb38-port1: unable to enumerate USB device
[  439.350455][T14454] pim6reg1: entered promiscuous mode
[  439.353123][T14454] pim6reg1: entered allmulticast mode
[  439.513549][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  439.636211][T14459] overlayfs: overlapping lowerdir path
[  440.107854][T14468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2389'.
[  440.115279][T14468] macsec2: entered promiscuous mode
[  440.117344][T14468] veth1_to_hsr: entered promiscuous mode
[  440.119327][T14468] macsec2: entered allmulticast mode
[  440.121801][T14468] veth1_to_hsr: entered allmulticast mode
[  440.124969][T14468] veth1_to_hsr: left allmulticast mode
[  440.126690][T14468] veth1_to_hsr: left promiscuous mode
[  440.319047][T14470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2390'.
[  442.026175][T14527] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2399'.
[  442.291327][   T72] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  442.461499][   T72] usb 6-1: Using ep0 maxpacket: 32
[  442.465696][   T72] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  442.469435][   T72] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  442.472630][   T72] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  442.476009][   T72] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  442.479933][   T72] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  442.483341][   T72] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  442.488063][   T72] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  442.491699][   T72] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.495324][   T72] usb 6-1: config 0 descriptor??
[  442.708011][   T72] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  442.715000][   T72] usb 6-1: USB disconnect, device number 26
[  442.718990][   T72] usblp0: removed
[  442.991274][T13781] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  443.154299][T13781] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  443.157848][T13781] usb 7-1: config 0 has no interfaces?
[  443.161099][T13781] usb 7-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  443.164955][T13781] usb 7-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  443.167698][T13781] usb 7-1: Product: syz
[  443.169242][T13781] usb 7-1: SerialNumber: syz
[  443.171906][T13781] usb 7-1: config 0 descriptor??
[  443.191305][   T72] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  443.341246][   T72] usb 6-1: Using ep0 maxpacket: 32
[  443.352389][   T72] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  443.355884][   T72] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  443.359482][   T72] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  443.363642][   T72] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  443.367761][   T72] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  443.371847][   T72] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  443.376140][ T8102] usb 7-1: USB disconnect, device number 28
[  443.377280][   T72] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  443.383052][   T72] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.388375][   T72] usb 6-1: config 0 descriptor??
[  443.593712][   T72] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  443.899059][    C1] usblp0: nonzero read bulk status received: -71
[  443.899456][   T72] usb 6-1: USB disconnect, device number 27
[  443.901529][T14529] usblp0: error -71 reading from printer
[  443.905704][T14561] usblp0: error -19 reading from printer
[  443.967803][T14565] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  443.972578][T14565] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  444.074404][T14566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2412'.
[  444.100590][T14528] usblp0: removed
[  444.231307][T14580] tipc: Started in network mode
[  444.232956][T14580] tipc: Node identity , cluster identity 4711
[  444.235421][T14580] tipc: Failed to obtain node identity
[  444.237775][T14580] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  444.256345][T14580] syzkaller0: entered promiscuous mode
[  444.258264][T14580] syzkaller0: entered allmulticast mode
[  444.789159][T14588] overlay: Unknown parameter '/'
[  444.831936][T14604] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2422'.
[  444.952851][T14609] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  444.955478][T14609] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  444.957915][T14609] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  444.960764][T14609] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  444.963492][T14609] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  444.969457][   T13] smc: removing ib device syz1
[  444.973209][T12510] syz1: Port: 1 Link DOWN
[  445.334783][T14607] chnl_net:caif_netlink_parms(): no params data found
[  445.454961][T14607] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.457492][T14607] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.459911][T14607] bridge_slave_0: entered allmulticast mode
[  445.463135][T14607] bridge_slave_0: entered promiscuous mode
[  445.466016][T14607] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.468332][T14607] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.470600][T14607] bridge_slave_1: entered allmulticast mode
[  445.473708][T14607] bridge_slave_1: entered promiscuous mode
[  445.520866][T14607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.525119][T14607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  445.556724][T14607] team0: Port device team_slave_0 added
[  445.559441][T14607] team0: Port device team_slave_1 added
[  445.614923][T14607] batman_adv: batadv0: Adding interface: batadv_slave_0
[  445.617153][T14607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  445.625609][T14607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  445.629502][T14607] batman_adv: batadv0: Adding interface: batadv_slave_1
[  445.631931][T14607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  445.639871][T14607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  445.667232][T14607] hsr_slave_0: entered promiscuous mode
[  445.669328][T14607] hsr_slave_1: entered promiscuous mode
[  445.671433][T14607] debugfs: 'hsr0' already exists in 'hsr'
[  445.673270][T14607] Cannot create hsr debugfs directory
[  445.992713][T14607] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  445.997388][T14607] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  446.001239][T14607] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  446.004765][T14607] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  446.015768][T14607] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.018297][T14607] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.020713][T14607] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.023148][T14607] bridge0: port 1(bridge_slave_0) entered forwarding state
[  446.042970][T14607] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.049375][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.052215][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.057118][T14607] 8021q: adding VLAN 0 to HW filter on device team0
[  446.061861][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.064090][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[  446.068525][ T1179] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.070845][ T1179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.156559][T14607] 8021q: adding VLAN 0 to HW filter on device batadv0
[  446.174709][T14607] veth0_vlan: entered promiscuous mode
[  446.178490][T14607] veth1_vlan: entered promiscuous mode
[  446.187832][T14607] veth0_macvtap: entered promiscuous mode
[  446.192558][T14607] veth1_macvtap: entered promiscuous mode
[  446.203960][T14607] batman_adv: batadv0: Interface activated: batadv_slave_0
[  446.208866][T14607] batman_adv: batadv0: Interface activated: batadv_slave_1
[  446.213545][ T1140] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  446.217015][ T1140] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  446.220586][ T1140] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  446.225663][ T1140] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  446.247819][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  446.251360][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  446.265243][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  446.268718][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  446.697341][T14663] sch_tbf: peakrate 8 is lower than or equals to rate 16 !
[  446.700427][T14663] overlayfs: failed to resolve './file0': -2
[  447.041124][T14609] Bluetooth: hci1: command tx timeout
[  447.249281][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  447.249292][   T40] audit: type=1326 audit(1755714118.412:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14674 comm="syz.3.2439" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  449.022837][T14708] syzkaller0: entered promiscuous mode
[  449.024810][T14708] syzkaller0: entered allmulticast mode
[  449.120988][T14609] Bluetooth: hci1: command tx timeout
[  449.206087][T14713] overlayfs: failed to resolve './file0': -2
[  449.839131][T14727] bridge0: entered promiscuous mode
[  449.842102][T14727] bridge0: port 4(macsec2) entered blocking state
[  449.844265][T14727] bridge0: port 4(macsec2) entered disabled state
[  449.846445][T14727] macsec2: entered allmulticast mode
[  449.848225][T14727] bridge0: entered allmulticast mode
[  449.851198][T14727] macsec2: left allmulticast mode
[  449.853318][T14727] bridge0: left allmulticast mode
[  449.855752][T14727] bridge0: left promiscuous mode
[  450.080902][   T10] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  450.242317][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.246116][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.249653][   T10] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  450.253175][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.256479][   T10] usb 7-1: config 0 descriptor??
[  450.865976][   T10] usb 7-1: string descriptor 0 read error: -22
[  451.068099][   T10] uclogic 0003:256C:006D.0006: failed retrieving string descriptor #200: -71
[  451.070962][   T10] uclogic 0003:256C:006D.0006: failed retrieving pen parameters: -71
[  451.073550][   T10] uclogic 0003:256C:006D.0006: failed probing pen v2 parameters: -71
[  451.076051][   T10] uclogic 0003:256C:006D.0006: failed probing parameters: -71
[  451.078357][   T10] uclogic 0003:256C:006D.0006: probe with driver uclogic failed with error -71
[  451.082013][   T10] usb 7-1: USB disconnect, device number 29
[  451.190998][T14609] Bluetooth: hci1: command tx timeout
[  451.614041][T14770] kvm: pic: non byte read
[  451.616407][T14770] kvm: pic: non byte read
[  451.619304][T14770] kvm: pic: non byte read
[  451.940833][   T10] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  452.100745][   T10] usb 7-1: Using ep0 maxpacket: 16
[  452.103992][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  452.108425][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  452.112369][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[  452.114483][   T10] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  452.117374][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.120584][   T10] usb 7-1: config 0 descriptor??
[  452.529185][   T10] hid (null): nested delimiters
[  452.729771][ T6165] usb 7-1: USB disconnect, device number 30
[  452.846646][   T40] audit: type=1800 audit(1755714124.013:473): pid=14785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.1.2472" name="/" dev="sockfs" ino=56008 res=0 errno=0
[  453.282261][T14609] Bluetooth: hci1: command tx timeout
[  453.321124][ T5987] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  453.325341][ T5987] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  453.326323][T12299] bridge0: port 5(syz_tun) entered disabled state
[  453.330280][ T5987] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  453.336861][ T5987] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  453.337274][T12299] syz_tun (unregistering): left allmulticast mode
[  453.340821][ T5987] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  453.342184][T12299] syz_tun (unregistering): left promiscuous mode
[  453.346382][T12299] bridge0: port 5(syz_tun) entered disabled state
[  453.352161][   T40] audit: type=1326 audit(1755714124.523:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.359354][   T40] audit: type=1326 audit(1755714124.523:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.366657][   T40] audit: type=1326 audit(1755714124.523:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.373494][   T40] audit: type=1326 audit(1755714124.523:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.380462][   T40] audit: type=1326 audit(1755714124.523:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.387637][   T40] audit: type=1326 audit(1755714124.523:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.394819][   T40] audit: type=1326 audit(1755714124.523:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.401890][   T40] audit: type=1326 audit(1755714124.523:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14789 comm="syz.2.2474" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  453.414391][ T1140] Bluetooth: hci2: Frame reassembly failed (-84)
[  453.419868][T14791] chnl_net:caif_netlink_parms(): no params data found
[  453.456176][T14791] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.458484][T14791] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.461022][T14791] bridge_slave_0: entered allmulticast mode
[  453.463481][T14791] bridge_slave_0: entered promiscuous mode
[  453.466276][T14791] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.468600][T14791] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.471363][T14791] bridge_slave_1: entered allmulticast mode
[  453.473702][T14791] bridge_slave_1: entered promiscuous mode
[  453.492302][T14791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  453.496112][T14791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.515781][T14791] team0: Port device team_slave_0 added
[  453.518458][T14791] team0: Port device team_slave_1 added
[  453.540261][T14791] batman_adv: batadv0: Adding interface: batadv_slave_0
[  453.543205][T14791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  453.551748][T14791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  453.555592][T14791] batman_adv: batadv0: Adding interface: batadv_slave_1
[  453.557731][T14791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  453.565845][T14791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  453.587224][T14791] hsr_slave_0: entered promiscuous mode
[  453.589336][T14791] hsr_slave_1: entered promiscuous mode
[  453.591858][T14791] debugfs: 'hsr0' already exists in 'hsr'
[  453.593661][T14791] Cannot create hsr debugfs directory
[  453.637690][T14791] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  453.640835][T14791] netdevsim netdevsim0 eth3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  453.692903][T14791] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  453.695982][T14791] netdevsim netdevsim0 eth2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  453.743307][T14791] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  453.746698][T14791] netdevsim netdevsim0 eth1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  453.803887][T14791] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  453.807321][T14791] netdevsim netdevsim0 eth0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  453.899305][T14791] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  453.904250][T14791] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  453.907566][T14791] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  453.912031][T14791] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  453.923207][T14791] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.925447][T14791] bridge0: port 2(bridge_slave_1) entered forwarding state
[  453.927767][T14791] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.929929][T14791] bridge0: port 1(bridge_slave_0) entered forwarding state
[  453.948244][T14791] 8021q: adding VLAN 0 to HW filter on device bond0
[  453.953907][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.956696][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.961653][T14791] 8021q: adding VLAN 0 to HW filter on device team0
[  453.966064][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.968318][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  453.972820][ T1179] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.975053][ T1179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  454.044031][T14791] 8021q: adding VLAN 0 to HW filter on device batadv0
[  454.057939][T14791] veth0_vlan: entered promiscuous mode
[  454.062191][T14791] veth1_vlan: entered promiscuous mode
[  454.072448][T14791] veth0_macvtap: entered promiscuous mode
[  454.075477][T14791] veth1_macvtap: entered promiscuous mode
[  454.081743][T14791] batman_adv: batadv0: Interface activated: batadv_slave_0
[  454.087701][T14791] batman_adv: batadv0: Interface activated: batadv_slave_1
[  454.093610][ T1140] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  454.096359][ T1140] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  454.099528][ T1140] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  454.102510][ T1179] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  454.119206][ T1179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  454.122429][ T1179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.131581][ T1179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  454.134735][ T1179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.401562][T14822] hub 6-0:1.0: USB hub found
[  454.403303][T14822] hub 6-0:1.0: 1 port detected
[  454.550020][T14831] syzkaller0: entered promiscuous mode
[  454.552737][T14831] syzkaller0: entered allmulticast mode
[  454.830458][ T1179] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.893299][ T1179] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.963556][ T1179] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.980329][T14838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  454.982906][T14838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  454.985380][T14838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  454.988059][T14838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  454.991425][T14838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  455.039184][ T1179] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.048825][T14836] chnl_net:caif_netlink_parms(): no params data found
[  455.084393][T14836] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.086703][T14836] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.089036][T14836] bridge_slave_0: entered allmulticast mode
[  455.092542][T14836] bridge_slave_0: entered promiscuous mode
[  455.095287][T14836] bridge0: port 2(bridge_slave_1) entered blocking state
[  455.097551][T14836] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.099911][T14836] bridge_slave_1: entered allmulticast mode
[  455.102973][T14836] bridge_slave_1: entered promiscuous mode
[  455.123847][T14836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  455.127960][T14836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  455.147318][T14836] team0: Port device team_slave_0 added
[  455.150996][T14836] team0: Port device team_slave_1 added
[  455.179856][T14836] batman_adv: batadv0: Adding interface: batadv_slave_0
[  455.182930][T14836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.193292][T14836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  455.197309][T14836] batman_adv: batadv0: Adding interface: batadv_slave_1
[  455.199536][T14836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.207944][T14836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  455.236445][T14836] hsr_slave_0: entered promiscuous mode
[  455.238610][T14836] hsr_slave_1: entered promiscuous mode
[  455.240792][T14836] debugfs: 'hsr0' already exists in 'hsr'
[  455.242607][T14836] Cannot create hsr debugfs directory
[  455.334881][ T1179] bond0 (unregistering): Released all slaves
[  455.351017][T14609] Bluetooth: hci3: command tx timeout
[  455.414595][ T1179] : left promiscuous mode
[  455.430677][T14609] Bluetooth: hci2: command 0x1003 tx timeout
[  455.433219][ T5987] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  455.743725][ T1179] hsr_slave_0: left promiscuous mode
[  455.745827][ T1179] hsr_slave_1: left promiscuous mode
[  455.749648][ T1179] veth1_macvtap: left promiscuous mode
[  455.753912][ T1179] veth0_macvtap: left promiscuous mode
[  455.755813][ T1179] veth1_vlan: left promiscuous mode
[  455.757599][ T1179] veth0_vlan: left promiscuous mode
[  455.895810][T14836] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  455.901794][T14836] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  455.908451][T14836] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  455.914636][T14836] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  455.940117][T14836] 8021q: adding VLAN 0 to HW filter on device bond0
[  455.946324][T14836] 8021q: adding VLAN 0 to HW filter on device team0
[  455.950062][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.952436][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  455.957520][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  455.959829][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  456.031537][T14836] 8021q: adding VLAN 0 to HW filter on device batadv0
[  456.046954][T14836] veth0_vlan: entered promiscuous mode
[  456.054484][T14836] veth1_vlan: entered promiscuous mode
[  456.064100][T14836] veth0_macvtap: entered promiscuous mode
[  456.067226][T14836] veth1_macvtap: entered promiscuous mode
[  456.074038][T14836] batman_adv: batadv0: Interface activated: batadv_slave_0
[  456.078926][T14836] batman_adv: batadv0: Interface activated: batadv_slave_1
[  456.085204][ T1140] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  456.089010][ T1140] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  456.094951][ T1140] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  456.098623][ T1140] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  456.117346][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.122358][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.129675][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.133402][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.444079][T14916] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2495'.
[  456.448697][T14916] veth1_to_hsr: entered promiscuous mode
[  456.450825][T14916] macsec1: entered promiscuous mode
[  456.452970][T14916] macsec1: entered allmulticast mode
[  456.454645][T14916] veth1_to_hsr: entered allmulticast mode
[  456.457295][T14916] veth1_to_hsr: left allmulticast mode
[  456.459593][T14916] veth1_to_hsr: left promiscuous mode
[  456.695173][T14920] overlay: Unknown parameter '/'
[  457.040479][ T5987] Bluetooth: hci0: command tx timeout
[  457.179645][T14926] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2498'.
[  457.430925][ T5987] Bluetooth: hci3: command tx timeout
[  457.520417][T14837] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  457.690646][T14837] usb 7-1: Using ep0 maxpacket: 32
[  457.701637][T14837] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  457.705050][T14837] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  457.708192][T14837] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  457.714493][T14837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  457.718395][T14837] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  457.723036][T14837] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  457.728374][T14837] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  457.734518][T14837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.738949][T14837] usb 7-1: config 0 descriptor??
[  457.948391][T14837] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 31 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  457.952587][T14837] usb 7-1: USB disconnect, device number 31
[  457.955419][T14837] usblp0: removed
[  458.390407][T14837] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  458.390459][   T10] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  458.540461][T14837] usb 7-1: Using ep0 maxpacket: 32
[  458.541301][   T10] usb 8-1: Using ep0 maxpacket: 32
[  458.543309][T14837] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  458.545625][   T10] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  458.547006][T14837] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  458.550623][   T10] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  458.553225][T14837] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  458.556340][   T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  458.559167][T14837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  458.562052][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  458.565078][T14837] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  458.567939][   T10] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  458.570999][T14837] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  458.573994][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  458.577975][T14837] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  458.582023][   T10] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  458.584861][T14837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.585630][T14837] usb 7-1: config 0 descriptor??
[  458.587701][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.589502][   T10] usb 8-1: config 0 descriptor??
[  458.800485][   T10] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  458.802420][T14837] usblp 7-1:0.0: usblp1: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  458.804855][   T10] usb 8-1: USB disconnect, device number 30
[  458.810752][   T10] usblp0: removed
[  459.001257][ T6165] usb 7-1: USB disconnect, device number 32
[  459.004802][ T6165] usblp1: removed
[  459.094365][T14971] pim6reg1: entered promiscuous mode
[  459.096148][T14971] pim6reg1: entered allmulticast mode
[  459.120482][ T5987] Bluetooth: hci0: command tx timeout
[  459.250427][T14837] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  459.410340][T14837] usb 8-1: Using ep0 maxpacket: 32
[  459.413269][T14837] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  459.415856][T14837] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  459.418467][T14837] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  459.421687][T14837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  459.424684][T14837] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  459.427617][T14837] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  459.431832][T14837] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  459.434612][T14837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.437786][T14837] usb 8-1: config 0 descriptor??
[  459.520523][ T5987] Bluetooth: hci3: command tx timeout
[  459.642351][T14958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  459.645273][T14958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  459.649130][T14837] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 31 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  459.892618][T14982] overlay: Unknown parameter '/'
[  459.900807][    C1] usblp0: nonzero read bulk status received: -71
[  459.901085][   T59] usb 8-1: USB disconnect, device number 31
[  459.904861][T14958] usblp0: error -71 reading from printer
[  460.340533][   T59] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  460.490251][   T59] usb 8-1: Using ep0 maxpacket: 32
[  460.493042][   T59] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  460.495782][   T59] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  460.498451][   T59] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  460.501559][   T59] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  460.504569][   T59] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  460.507663][   T59] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  460.511833][   T59] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  460.514582][   T59] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  460.517837][   T59] usb 8-1: config 0 descriptor??
[  460.721217][T14957] usblp0: removed
[  460.721817][   T59] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  460.729207][   T59] usb 8-1: USB disconnect, device number 32
[  460.732447][   T59] usblp0: removed
[  460.840256][ T6165] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  460.991539][ T6165] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  460.995039][ T6165] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  460.997987][ T6165] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.001556][ T6165] usb 7-1: config 0 descriptor??
[  461.190247][ T5987] Bluetooth: hci0: command tx timeout
[  461.407075][ T6165] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor
[  461.411956][ T6165] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0926:3333.0008/input/input32
[  461.478457][ T6165] keytouch 0003:0926:3333.0008: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  461.590313][ T5987] Bluetooth: hci3: command tx timeout
[  461.813617][ T8102] usb 7-1: USB disconnect, device number 33
[  462.388701][T15017] pim6reg1: entered promiscuous mode
[  462.390685][T15017] pim6reg1: entered allmulticast mode
[  462.536747][T15024] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2533'.
[  463.024612][T15042] pim6reg1: entered promiscuous mode
[  463.025381][T15046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2540'.
[  463.027478][T15042] pim6reg1: entered allmulticast mode
[  463.270257][ T5987] Bluetooth: hci0: command tx timeout
[  464.446617][T15090] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2551'.
[  464.675914][T15100] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2554'.
[  464.857869][T15102] vlan2: entered allmulticast mode
[  465.553625][T15122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2559'.
[  465.559842][T15122] veth1_to_hsr: entered promiscuous mode
[  465.561751][T15122] macsec1: entered promiscuous mode
[  465.563489][T15122] macsec1: entered allmulticast mode
[  465.565581][T15122] veth1_to_hsr: entered allmulticast mode
[  465.569228][T15122] veth1_to_hsr: left allmulticast mode
[  465.571751][T15122] veth1_to_hsr: left promiscuous mode
[  467.876023][T15182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2578'.
[  467.881497][   T10] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  467.885180][   T10] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  469.019469][T15218] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2587'.
[  469.772901][T15237] hub 8-0:1.0: USB hub found
[  469.774540][T15237] hub 8-0:1.0: 1 port detected
[  471.538277][T15277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2605'.
[  471.547703][T15277] veth1_to_hsr: entered promiscuous mode
[  471.550167][T15277] macsec1: entered promiscuous mode
[  471.552557][T15277] macsec1: entered allmulticast mode
[  471.554917][T15277] veth1_to_hsr: entered allmulticast mode
[  471.558716][T15277] veth1_to_hsr: left allmulticast mode
[  471.562367][T15277] veth1_to_hsr: left promiscuous mode
[  473.101012][T15296] hub 8-0:1.0: USB hub found
[  473.102968][T15296] hub 8-0:1.0: 1 port detected
[  474.841029][T15323] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  475.696510][T15341] hub 8-0:1.0: USB hub found
[  475.698175][T15341] hub 8-0:1.0: 1 port detected
[  476.367433][T15346] netlink: 'syz.2.2626': attribute type 3 has an invalid length.
[  476.370189][T15346] netlink: 199644 bytes leftover after parsing attributes in process `syz.2.2626'.
[  477.074606][T15371] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2633'.
[  479.179916][T15412] netlink: 'syz.2.2645': attribute type 3 has an invalid length.
[  479.182436][T15412] netlink: 199644 bytes leftover after parsing attributes in process `syz.2.2645'.
[  480.787632][T15441] netlink: 'syz.3.2654': attribute type 3 has an invalid length.
[  480.791075][T15441] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.2654'.
[  480.921433][T15453] comedi comedi3: rti800: I/O port conflict (0x4f27,16)
[  481.718523][T15469] FAULT_INJECTION: forcing a failure.
[  481.718523][T15469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.722737][T15469] CPU: 2 UID: 0 PID: 15469 Comm: syz.0.2662 Not tainted syzkaller #0 PREEMPT(full) 
[  481.722752][T15469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  481.722759][T15469] Call Trace:
[  481.722762][T15469]  <TASK>
[  481.722766][T15469]  dump_stack_lvl+0x16c/0x1f0
[  481.722801][T15469]  should_fail_ex+0x512/0x640
[  481.722822][T15469]  _copy_to_user+0x32/0xd0
[  481.722831][T15469]  bpf_test_finish.isra.0+0x4b4/0x6e0
[  481.722845][T15469]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  481.722858][T15469]  ? _copy_from_user+0x59/0xd0
[  481.722874][T15469]  bpf_prog_test_run_xdp+0xa0d/0x1590
[  481.722889][T15469]  ? lock_release+0x201/0x2f0
[  481.722903][T15469]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  481.722917][T15469]  ? __might_fault+0xb0/0x190
[  481.722929][T15469]  ? fput+0x9b/0xd0
[  481.722943][T15469]  ? __bpf_prog_get+0x97/0x2a0
[  481.722955][T15469]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  481.722968][T15469]  __sys_bpf+0x1050/0x4de0
[  481.722982][T15469]  ? lock_release+0x201/0x2f0
[  481.722995][T15469]  ? __pfx___sys_bpf+0x10/0x10
[  481.723009][T15469]  ? ksys_write+0x190/0x250
[  481.723020][T15469]  ? rcu_is_watching+0x12/0xc0
[  481.723031][T15469]  ? lock_release+0x201/0x2f0
[  481.723044][T15469]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  481.723060][T15469]  ? fput+0x9b/0xd0
[  481.723074][T15469]  ? ksys_write+0x1ac/0x250
[  481.723085][T15469]  ? __pfx_ksys_write+0x10/0x10
[  481.723097][T15469]  __ia32_sys_bpf+0x76/0xe0
[  481.723112][T15469]  __do_fast_syscall_32+0x7c/0x3a0
[  481.723126][T15469]  do_fast_syscall_32+0x32/0x80
[  481.723139][T15469]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  481.723152][T15469] RIP: 0023:0xf709e579
[  481.723161][T15469] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  481.723171][T15469] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  481.723188][T15469] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[  481.723194][T15469] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  481.723200][T15469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  481.723206][T15469] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  481.723212][T15469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.723221][T15469]  </TASK>
[  481.818501][T15473] netlink: 'syz.0.2663': attribute type 3 has an invalid length.
[  481.821742][T15473] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.2663'.
[  481.866995][T15484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2668'.
[  481.890346][T15486] fuse: Unknown parameter 'grYup_id'
[  481.897476][T15486] tipc: Started in network mode
[  481.899419][T15486] tipc: Node identity ac14140f, cluster identity 4711
[  481.901739][T15486] tipc: New replicast peer: 255.255.255.255
[  481.903848][T15486] tipc: Enabled bearer <udp:s>, priority 10
[  482.040276][T15490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2671'.
[  482.079016][ T6065] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  482.252928][ T6065] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  482.255737][ T6065] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.258706][ T6065] usb 7-1: Product: syz
[  482.261737][ T6065] usb 7-1: Manufacturer: syz
[  482.264517][ T6065] usb 7-1: SerialNumber: syz
[  482.270652][ T6065] usb 7-1: config 0 descriptor??
[  482.364852][T15506] netlink: 'syz.1.2676': attribute type 3 has an invalid length.
[  482.367456][T15506] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.2676'.
[  482.393980][T15509] tipc: Started in network mode
[  482.395967][T15509] tipc: Node identity 5ab30874a52c, cluster identity 4711
[  482.399895][T15509] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  482.415473][T15508] tipc: Disabling bearer <eth:syzkaller0>
[  482.478271][ T6165] usb 7-1: USB disconnect, device number 34
[  482.618256][   T59] libceph: connect (1)[c::]:6789 error -101
[  482.620558][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  482.879716][   T59] libceph: connect (1)[c::]:6789 error -101
[  482.882203][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  482.935630][T15526] netlink: 'syz.3.2681': attribute type 3 has an invalid length.
[  482.938033][T15526] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2681'.
[  483.019503][   T10] tipc: Node number set to 2886997007
[  483.042711][T15530] UHID_CREATE from different security context by process 177 (syz.0.2683), this is not allowed.
[  483.043711][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.047186][T15530] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  483.050975][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.054739][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.057305][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.060495][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.063074][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.065528][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.068002][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.071744][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.074140][   T10] hid-generic 0000:0000:FFFFFFFE.000A: unknown main item tag 0x0
[  483.083893][   T10] hid-generic 0000:0000:FFFFFFFE.000A: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  483.389363][   T59] libceph: connect (1)[c::]:6789 error -101
[  483.394736][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  483.424718][T15519] ceph: No mds server is up or the cluster is laggy
[  483.904496][T15558] netlink: 'syz.3.2690': attribute type 3 has an invalid length.
[  483.907525][T15558] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2690'.
[  484.542822][T15574] netlink: 'syz.1.2696': attribute type 3 has an invalid length.
[  484.547555][T15574] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2696'.
[  484.634840][T15580] netlink: 'syz.1.2699': attribute type 3 has an invalid length.
[  484.637450][T15580] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2699'.
[  484.795362][T15590] xt_time: unknown flags 0xf4
[  484.899703][T15602] netlink: 'syz.1.2708': attribute type 3 has an invalid length.
[  484.902457][T15602] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2708'.
[  485.116099][T15616] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2712'.
[  485.840671][T15624] Bluetooth: MGMT ver 1.23
[  486.013588][T15634] FAULT_INJECTION: forcing a failure.
[  486.013588][T15634] name failslab, interval 1, probability 0, space 0, times 0
[  486.018267][T15634] CPU: 2 UID: 0 PID: 15634 Comm: syz.1.2718 Not tainted syzkaller #0 PREEMPT(full) 
[  486.018296][T15634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.018303][T15634] Call Trace:
[  486.018307][T15634]  <TASK>
[  486.018311][T15634]  dump_stack_lvl+0x16c/0x1f0
[  486.018328][T15634]  should_fail_ex+0x512/0x640
[  486.018345][T15634]  should_failslab+0xc2/0x120
[  486.018359][T15634]  __kmalloc_cache_noprof+0x6a/0x3e0
[  486.018369][T15634]  ? __pfx___debug_object_init+0x10/0x10
[  486.018380][T15634]  ? __pfx___debug_object_init+0x10/0x10
[  486.018391][T15634]  ? device_add+0xccc/0x1aa0
[  486.018402][T15634]  device_add+0xccc/0x1aa0
[  486.018411][T15634]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  486.018426][T15634]  ? lockdep_init_map_type+0x5c/0x280
[  486.018440][T15634]  ? __pfx_device_add+0x10/0x10
[  486.018449][T15634]  ? lockdep_init_map_type+0x5c/0x280
[  486.018462][T15634]  ? __init_waitqueue_head+0xca/0x150
[  486.018479][T15634]  tty_register_device_attr+0x38e/0x7c0
[  486.018493][T15634]  ? lockdep_init_map_type+0x5c/0x280
[  486.018506][T15634]  ? __pfx_tty_register_device_attr+0x10/0x10
[  486.018520][T15634]  ? tty_port_init+0x156/0x1c0
[  486.018534][T15634]  gsm_activate_mux+0x157/0x2e0
[  486.018548][T15634]  gsmld_ioctl+0x8cb/0x1550
[  486.018558][T15634]  ? __pfx_gsmld_ioctl+0x10/0x10
[  486.018570][T15634]  ? rcu_is_watching+0x12/0xc0
[  486.018583][T15634]  ? __pfx_gsmld_ioctl+0x10/0x10
[  486.018591][T15634]  tty_compat_ioctl+0x427/0x4d0
[  486.018604][T15634]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  486.018618][T15634]  __ia32_compat_sys_ioctl+0x23f/0x370
[  486.018635][T15634]  __do_fast_syscall_32+0x7c/0x3a0
[  486.018649][T15634]  do_fast_syscall_32+0x32/0x80
[  486.018662][T15634]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.018676][T15634] RIP: 0023:0xf7f11579
[  486.018684][T15634] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.018694][T15634] RSP: 002b:00000000f541555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  486.018710][T15634] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000404c4701
[  486.018728][T15634] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  486.018735][T15634] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.018740][T15634] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  486.018746][T15634] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.018755][T15634]  </TASK>
[  486.113002][T15633] netlink: 'syz.3.2719': attribute type 3 has an invalid length.
[  486.865019][T15638] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  487.077714][T15657] __nla_validate_parse: 1 callbacks suppressed
[  487.077725][T15657] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2726'.
[  487.209104][T15668] netlink: 'syz.3.2730': attribute type 3 has an invalid length.
[  487.211757][T15668] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2730'.
[  487.691588][T15676] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2732'.
[  488.431082][T15695] serio: Serial port ptm0
[  490.225303][T15728] mkiss: ax0: crc mode is auto.
[  490.327327][T15733] netlink: 'syz.3.2749': attribute type 3 has an invalid length.
[  490.330790][T15733] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2749'.
[  490.550194][T15748] netlink: 'syz.2.2754': attribute type 3 has an invalid length.
[  490.552799][T15748] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2754'.
[  490.586935][T15750] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  491.269078][T15766] netlink: 'syz.0.2760': attribute type 3 has an invalid length.
[  491.272814][T15766] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2760'.
[  491.435419][T15772] mkiss: ax0: crc mode is auto.
[  491.775901][T15779] infiniband syz1: set active
[  491.777558][T15779] infiniband syz1: added syz_tun
[  491.786861][T15779] RDS/IB: syz1: added
[  491.788235][T15779] smc: adding ib device syz1 with port count 1
[  491.792008][T15779] smc:    ib device syz1 port 1 has pnetid 
[  493.029981][T15810] netlink: 'syz.1.2769': attribute type 3 has an invalid length.
[  493.032575][T15810] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2769'.
[  493.253202][T15815] overlayfs: failed lookup in lower (newroot/76, name='file1', err=-40): overlapping layers
[  493.298430][T15814] overlayfs: failed lookup in lower (newroot/76, name='file1', err=-40): overlapping layers
[  493.988912][T15834] can: request_module (can-proto-4) failed.
[  494.015432][T15841] netlink: 'syz.1.2779': attribute type 3 has an invalid length.
[  494.018030][T15841] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2779'.
[  494.900604][T15861] rdma_rxe: rxe_newlink: failed to add syz_tun
[  495.013019][T15861] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.064645][T15861] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.161210][T15861] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.232262][T15861] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.303694][   T61] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  495.334937][   T61] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  495.338954][   T61] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  495.345274][   T61] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.290617][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.292591][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.294642][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.299551][T15890] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  496.316338][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.320401][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.323787][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.329422][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.332354][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.335640][T15890] wlan1 speed is unknown, defaulting to 1000
[  496.386078][T15888] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2795'.
[  496.729416][T15893] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  497.006900][T15912] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  497.050658][T15912] netlink: 'syz.0.2799': attribute type 10 has an invalid length.
[  497.867064][   T40] audit: type=1326 audit(1755714169.025:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.874189][   T40] audit: type=1326 audit(1755714169.025:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  497.881855][   T40] audit: type=1326 audit(1755714169.025:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.885517][T15930] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  497.888864][   T40] audit: type=1326 audit(1755714169.025:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.902834][   T40] audit: type=1326 audit(1755714169.025:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.910860][   T40] audit: type=1326 audit(1755714169.025:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.917784][   T40] audit: type=1326 audit(1755714169.025:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.925638][   T40] audit: type=1326 audit(1755714169.025:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.934492][   T40] audit: type=1326 audit(1755714169.025:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  497.942196][   T40] audit: type=1326 audit(1755714169.025:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  498.202874][T15952] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2813'.
[  498.211768][T15952] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  498.234336][T15954] sp0: Synchronizing with TNC
[  498.251212][T15953] [U] �``````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
[  498.423575][T15960] netlink: 'syz.2.2816': attribute type 3 has an invalid length.
[  498.423589][T15960] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2816'.
[  498.553986][T15973] netlink: 'syz.1.2822': attribute type 6 has an invalid length.
[  498.556732][T15973] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2822'.
[  499.138049][   T60] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  499.298191][   T60] usb 7-1: Using ep0 maxpacket: 16
[  499.301324][   T60] usb 7-1: config 33 has 0 interfaces, different from the descriptor's value: 9
[  499.304326][   T60] usb 7-1: New USB device found, idVendor=1fd2, idProduct=6006, bcdDevice= 0.00
[  499.307150][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.537735][   T60] usb 7-1: USB disconnect, device number 35
[  499.538971][T16015] netlink: 'syz.0.2832': attribute type 3 has an invalid length.
[  499.542250][T16015] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2832'.
[  500.524867][T16043] netlink: 'syz.3.2841': attribute type 3 has an invalid length.
[  500.528469][T16043] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2841'.
[  500.698804][T16054] FAULT_INJECTION: forcing a failure.
[  500.698804][T16054] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.703105][T16054] CPU: 0 UID: 0 PID: 16054 Comm: syz.3.2846 Not tainted syzkaller #0 PREEMPT(full) 
[  500.703123][T16054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  500.703129][T16054] Call Trace:
[  500.703134][T16054]  <TASK>
[  500.703139][T16054]  dump_stack_lvl+0x16c/0x1f0
[  500.703155][T16054]  should_fail_ex+0x512/0x640
[  500.703171][T16054]  _copy_from_user+0x2e/0xd0
[  500.703187][T16054]  cec_ioctl+0xf02/0x2970
[  500.703199][T16054]  ? lock_release+0x201/0x2f0
[  500.703213][T16054]  ? __pfx_cec_ioctl+0x10/0x10
[  500.703226][T16054]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  500.703241][T16054]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  500.703257][T16054]  ? do_vfs_ioctl+0x128/0x14f0
[  500.703273][T16054]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  500.703289][T16054]  ? rcu_is_watching+0x12/0xc0
[  500.703301][T16054]  ? __fget_files+0x204/0x3c0
[  500.703313][T16054]  ? hook_file_ioctl_common+0x145/0x410
[  500.703328][T16054]  ? __fget_files+0x20e/0x3c0
[  500.703339][T16054]  ? __pfx_cec_ioctl+0x10/0x10
[  500.703351][T16054]  __ia32_compat_sys_ioctl+0x23f/0x370
[  500.703367][T16054]  __do_fast_syscall_32+0x7c/0x3a0
[  500.703382][T16054]  do_fast_syscall_32+0x32/0x80
[  500.703395][T16054]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  500.703408][T16054] RIP: 0023:0xf7f77579
[  500.703416][T16054] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  500.703426][T16054] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  500.703437][T16054] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0386105
[  500.703443][T16054] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  500.703449][T16054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  500.703455][T16054] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  500.703461][T16054] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  500.703469][T16054]  </TASK>
[  500.949154][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  501.048004][   T10] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  501.089905][T16047] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  501.120974][T16069] netlink: 'syz.0.2851': attribute type 3 has an invalid length.
[  501.123470][T16069] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2851'.
[  501.145415][T16071] netlink: 'syz.0.2852': attribute type 3 has an invalid length.
[  501.148271][T16071] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2852'.
[  501.201042][   T10] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  501.205069][   T10] usb 8-1: config 0 interface 0 has no altsetting 0
[  501.210364][   T10] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  501.218274][   T10] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  501.221035][   T10] usb 8-1: Product: syz
[  501.222343][   T10] usb 8-1: Manufacturer: syz
[  501.223794][   T10] usb 8-1: SerialNumber: syz
[  501.235902][   T10] usb 8-1: config 0 descriptor??
[  501.243262][   T10] usb 8-1: selecting invalid altsetting 0
[  501.495644][   T59] usb 8-1: USB disconnect, device number 33
[  502.128017][ T6165] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  502.262117][   T10] IPVS: starting estimator thread 0...
[  502.277911][ T6165] usb 6-1: Using ep0 maxpacket: 16
[  502.280102][T16105] netlink: 'syz.3.2860': attribute type 3 has an invalid length.
[  502.281475][ T6165] usb 6-1: config 33 has 0 interfaces, different from the descriptor's value: 9
[  502.282618][T16105] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2860'.
[  502.292260][ T6165] usb 6-1: New USB device found, idVendor=1fd2, idProduct=6006, bcdDevice= 0.00
[  502.296185][ T6165] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.347931][T16103] IPVS: using max 57 ests per chain, 136800 per kthread
[  502.386070][T16109] netlink: 'syz.2.2862': attribute type 3 has an invalid length.
[  502.398000][T16109] netlink: 199556 bytes leftover after parsing attributes in process `syz.2.2862'.
[  502.455240][T16107] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  502.531303][   T59] usb 6-1: USB disconnect, device number 28
[  503.101443][T16128] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  503.111411][   T10] IPVS: starting estimator thread 0...
[  503.140051][T16132] netlink: 'syz.1.2870': attribute type 3 has an invalid length.
[  503.142580][T16132] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2870'.
[  503.181765][T16137] netlink: 'syz.1.2872': attribute type 3 has an invalid length.
[  503.207972][T16129] IPVS: using max 42 ests per chain, 100800 per kthread
[  503.253360][T16139] batadv_slave_1: entered promiscuous mode
[  503.738043][ T6065] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  503.887865][ T6065] usb 7-1: Using ep0 maxpacket: 32
[  503.890814][ T6065] usb 7-1: config 0 has an invalid interface number: 247 but max is 0
[  503.893588][ T6065] usb 7-1: config 0 has no interface number 0
[  503.896773][ T6065] usb 7-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  503.901350][ T6065] usb 7-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  503.904948][ T6065] usb 7-1: Product: syz
[  503.906622][ T6065] usb 7-1: Manufacturer: syz
[  503.909643][ T6065] usb 7-1: config 0 descriptor??
[  504.281108][ T6165] usb 7-1: USB disconnect, device number 36
[  504.655574][ T6165] IPVS: starting estimator thread 0...
[  504.656015][T16173] FAULT_INJECTION: forcing a failure.
[  504.656015][T16173] name failslab, interval 1, probability 0, space 0, times 0
[  504.662391][T16173] CPU: 2 UID: 0 PID: 16173 Comm: syz.0.2884 Not tainted syzkaller #0 PREEMPT(full) 
[  504.662407][T16173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  504.662413][T16173] Call Trace:
[  504.662417][T16173]  <TASK>
[  504.662421][T16173]  dump_stack_lvl+0x16c/0x1f0
[  504.662438][T16173]  should_fail_ex+0x512/0x640
[  504.662454][T16173]  should_failslab+0xc2/0x120
[  504.662468][T16173]  __kvmalloc_node_noprof+0x137/0x620
[  504.662480][T16173]  ? __pfx___mutex_lock+0x10/0x10
[  504.662493][T16173]  ? nf_hook_entries_grow+0x285/0x860
[  504.662506][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662518][T16173]  ? nf_hook_entries_grow+0x285/0x860
[  504.662534][T16173]  nf_hook_entries_grow+0x285/0x860
[  504.662546][T16173]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  504.662561][T16173]  __nf_register_net_hook+0x1cd/0x730
[  504.662574][T16173]  nf_register_net_hook+0x109/0x160
[  504.662587][T16173]  nf_register_net_hooks+0x5d/0xd0
[  504.662600][T16173]  nf_ct_netns_do_get+0x389/0x620
[  504.662614][T16173]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  504.662627][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662637][T16173]  ? pcpu_memcg_post_alloc_hook+0x1e/0x690
[  504.662651][T16173]  nf_ct_netns_get+0x39/0x150
[  504.662663][T16173]  __ip_vs_update_dest+0x1276/0x18b0
[  504.662680][T16173]  ip_vs_new_dest+0x6b2/0xc50
[  504.662690][T16173]  ? __pfx_ip_vs_new_dest+0x10/0x10
[  504.662699][T16173]  ? __pfx___mutex_trylock_common+0x10/0x10
[  504.662714][T16173]  ? do_raw_spin_lock+0x12c/0x2b0
[  504.662729][T16173]  ? ip_vs_add_dest+0x52d/0x10b0
[  504.662738][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662748][T16173]  ? ip_vs_add_dest+0x52d/0x10b0
[  504.662756][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662766][T16173]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  504.662784][T16173]  ip_vs_add_dest+0x545/0x10b0
[  504.662793][T16173]  ? __pfx___mutex_lock+0x10/0x10
[  504.662806][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662817][T16173]  ? __pfx_ip_vs_add_dest+0x10/0x10
[  504.662825][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662835][T16173]  ? do_ip_vs_set_ctl+0xbff/0x11d0
[  504.662844][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662855][T16173]  ? do_ip_vs_set_ctl+0x1059/0x11d0
[  504.662863][T16173]  do_ip_vs_set_ctl+0x1059/0x11d0
[  504.662874][T16173]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[  504.662884][T16173]  ? __pfx___might_resched+0x10/0x10
[  504.662894][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662905][T16173]  ? rcu_is_watching+0x12/0xc0
[  504.662915][T16173]  ? lock_release+0x201/0x2f0
[  504.662928][T16173]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  504.662946][T16173]  ? nf_setsockopt+0x8d/0xf0
[  504.662959][T16173]  nf_setsockopt+0x8d/0xf0
[  504.662973][T16173]  ip_setsockopt+0xcb/0xf0
[  504.662984][T16173]  tcp_setsockopt+0xa4/0x100
[  504.662995][T16173]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  504.663011][T16173]  do_sock_setsockopt+0xf3/0x1d0
[  504.663026][T16173]  __sys_setsockopt+0x120/0x1a0
[  504.663057][T16173]  __ia32_sys_setsockopt+0xbc/0x160
[  504.663072][T16173]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  504.663086][T16173]  __do_fast_syscall_32+0x7c/0x3a0
[  504.663101][T16173]  do_fast_syscall_32+0x32/0x80
[  504.663114][T16173]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  504.663127][T16173] RIP: 0023:0xf709e579
[  504.663136][T16173] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  504.663147][T16173] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  504.663157][T16173] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  504.663164][T16173] RDX: 0000000000000487 RSI: 0000000080000000 RDI: 0000000000000044
[  504.663170][T16173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  504.663176][T16173] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  504.663182][T16173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  504.663191][T16173]  </TASK>
[  504.747875][T16174] IPVS: using max 58 ests per chain, 139200 per kthread
[  505.369851][T16190] netlink: 'syz.3.2889': attribute type 3 has an invalid length.
[  505.373008][T16190] __nla_validate_parse: 1 callbacks suppressed
[  505.373023][T16190] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2889'.
[  506.148786][T16204] fuse: Bad value for 'fd'
[  506.231889][T16142] batadv_slave_1: left promiscuous mode
[  506.447055][T16216] FAULT_INJECTION: forcing a failure.
[  506.447055][T16216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  506.451679][T16216] CPU: 1 UID: 0 PID: 16216 Comm: syz.3.2896 Not tainted syzkaller #0 PREEMPT(full) 
[  506.451695][T16216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  506.451712][T16216] Call Trace:
[  506.451718][T16216]  <TASK>
[  506.451722][T16216]  dump_stack_lvl+0x16c/0x1f0
[  506.451739][T16216]  should_fail_ex+0x512/0x640
[  506.451755][T16216]  _copy_from_user+0x2e/0xd0
[  506.451771][T16216]  kstrtouint_from_user+0xd6/0x1d0
[  506.451783][T16216]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  506.451799][T16216]  proc_fail_nth_write+0x83/0x220
[  506.451810][T16216]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  506.451821][T16216]  ? __pfx___might_resched+0x10/0x10
[  506.451834][T16216]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  506.451845][T16216]  vfs_write+0x29d/0x11d0
[  506.451858][T16216]  ? __pfx_vfs_write+0x10/0x10
[  506.451869][T16216]  ? rcu_is_watching+0x12/0xc0
[  506.451881][T16216]  ? __fget_files+0x20e/0x3c0
[  506.451892][T16216]  ? __bpf_trace_sched_pi_setprio+0x90/0xf0
[  506.451909][T16216]  ksys_write+0x12a/0x250
[  506.451921][T16216]  ? __pfx_ksys_write+0x10/0x10
[  506.451933][T16216]  ? rcu_is_watching+0x12/0xc0
[  506.451944][T16216]  __do_fast_syscall_32+0x7c/0x3a0
[  506.451958][T16216]  do_fast_syscall_32+0x32/0x80
[  506.451971][T16216]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  506.451985][T16216] RIP: 0023:0xf7f77579
[  506.451993][T16216] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  506.452003][T16216] RSP: 002b:00000000f5475590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  506.452013][T16216] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5475620
[  506.452020][T16216] RDX: 0000000000000001 RSI: 00000000f7404ff4 RDI: 0000000000000000
[  506.452026][T16216] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  506.452032][T16216] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  506.452038][T16216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  506.452047][T16216]  </TASK>
[  506.999811][T16237] fuse: Bad value for 'fd'
[  507.668246][T16254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2910'.
[  507.672043][T16254] netlink: 'syz.1.2910': attribute type 3 has an invalid length.
[  507.682630][T16254] 9pnet_fd: Insufficient options for proto=fd
[  507.705482][T16260] netlink: 'syz.1.2913': attribute type 3 has an invalid length.
[  507.708439][T16260] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2913'.
[  507.757924][T16264] netlink: 'syz.1.2915': attribute type 3 has an invalid length.
[  507.760190][T16264] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2915'.
[  507.841543][T16267] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  507.844084][T16267] batadv_slave_0: entered promiscuous mode
[  508.805069][T16275] ./cgroup: Can't lookup blockdev
[  508.913724][T16291] netlink: 'syz.2.2924': attribute type 3 has an invalid length.
[  508.916689][T16291] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2924'.
[  508.937384][T16293] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2925'.
[  508.943955][T16296] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2926'.
[  508.946052][T16293] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2925'.
[  508.950480][T16293] FAULT_INJECTION: forcing a failure.
[  508.950480][T16293] name failslab, interval 1, probability 0, space 0, times 0
[  508.954384][T16293] CPU: 3 UID: 0 PID: 16293 Comm: syz.1.2925 Not tainted syzkaller #0 PREEMPT(full) 
[  508.954399][T16293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  508.954406][T16293] Call Trace:
[  508.954410][T16293]  <TASK>
[  508.954414][T16293]  dump_stack_lvl+0x16c/0x1f0
[  508.954432][T16293]  should_fail_ex+0x512/0x640
[  508.954448][T16293]  should_failslab+0xc2/0x120
[  508.954462][T16293]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  508.954475][T16293]  ? __alloc_skb+0x2b2/0x380
[  508.954489][T16293]  __alloc_skb+0x2b2/0x380
[  508.954500][T16293]  ? __pfx___alloc_skb+0x10/0x10
[  508.954513][T16293]  ? rcu_is_watching+0x12/0xc0
[  508.954525][T16293]  hwsim_mcast_del_radio+0x82/0x230
[  508.954539][T16293]  ? __pfx_hwsim_mcast_del_radio+0x10/0x10
[  508.954552][T16293]  ? hwsim_del_radio_nl+0x3d9/0x7f0
[  508.954567][T16293]  ? rcu_is_watching+0x12/0xc0
[  508.954577][T16293]  ? hwsim_del_radio_nl+0x3d9/0x7f0
[  508.954591][T16293]  ? rcu_is_watching+0x12/0xc0
[  508.954601][T16293]  ? hwsim_del_radio_nl+0x3d9/0x7f0
[  508.954616][T16293]  hwsim_del_radio_nl+0x494/0x7f0
[  508.954632][T16293]  genl_family_rcv_msg_doit+0x206/0x2f0
[  508.954648][T16293]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  508.954666][T16293]  ? bpf_lsm_capable+0x9/0x10
[  508.954676][T16293]  ? security_capable+0x7e/0x260
[  508.954688][T16293]  ? ns_capable+0xd7/0x110
[  508.954699][T16293]  genl_rcv_msg+0x55c/0x800
[  508.954715][T16293]  ? __pfx_genl_rcv_msg+0x10/0x10
[  508.954730][T16293]  ? __pfx_hwsim_del_radio_nl+0x10/0x10
[  508.954746][T16293]  netlink_rcv_skb+0x155/0x420
[  508.954760][T16293]  ? __pfx_genl_rcv_msg+0x10/0x10
[  508.954775][T16293]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  508.954791][T16293]  ? netlink_deliver_tap+0x1ae/0xd30
[  508.954803][T16293]  ? is_vmalloc_addr+0x86/0xa0
[  508.954815][T16293]  genl_rcv+0x28/0x40
[  508.954829][T16293]  netlink_unicast+0x5aa/0x870
[  508.954843][T16293]  ? __pfx_netlink_unicast+0x10/0x10
[  508.954856][T16293]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  508.954871][T16293]  netlink_sendmsg+0x8d1/0xdd0
[  508.954885][T16293]  ? __pfx_netlink_sendmsg+0x10/0x10
[  508.954899][T16293]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  508.954911][T16293]  ____sys_sendmsg+0xa95/0xc70
[  508.954928][T16293]  ? __pfx_____sys_sendmsg+0x10/0x10
[  508.954943][T16293]  ? get_compat_msghdr+0x11a/0x170
[  508.954957][T16293]  ? kstrtouint_from_user+0x13c/0x1d0
[  508.954970][T16293]  ___sys_sendmsg+0x134/0x1d0
[  508.954982][T16293]  ? get_pid_task+0xfc/0x250
[  508.954997][T16293]  ? __pfx____sys_sendmsg+0x10/0x10
[  508.955030][T16293]  ? rcu_is_watching+0x12/0xc0
[  508.955044][T16293]  __sys_sendmsg+0x16d/0x220
[  508.955057][T16293]  ? __pfx___sys_sendmsg+0x10/0x10
[  508.955072][T16293]  ? rcu_is_watching+0x12/0xc0
[  508.955083][T16293]  __do_fast_syscall_32+0x7c/0x3a0
[  508.955097][T16293]  do_fast_syscall_32+0x32/0x80
[  508.955110][T16293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  508.955124][T16293] RIP: 0023:0xf7f11579
[  508.955133][T16293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  508.955143][T16293] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  508.955153][T16293] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 0000000080000100
[  508.955159][T16293] RDX: 0000000020000086 RSI: 0000000000000000 RDI: 0000000000000000
[  508.955166][T16293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  508.955172][T16293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  508.955177][T16293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  508.955186][T16293]  </TASK>
[  509.162844][T16315] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  509.167347][T16315] batadv_slave_0: entered promiscuous mode
[  509.468789][   T60] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  509.637534][   T60] usb 6-1: Using ep0 maxpacket: 32
[  509.641166][   T60] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  509.657577][   T60] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  509.661365][   T60] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  509.665206][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  509.670613][   T60] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  509.675078][   T60] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  509.685222][   T60] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  509.690449][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.694938][   T60] usb 6-1: config 0 descriptor??
[  509.846225][T16345] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2934'.
[  509.867295][T16347] netlink: 'syz.3.2935': attribute type 3 has an invalid length.
[  509.877560][T16347] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2935'.
[  509.904418][   T60] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 29 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  509.914963][   T60] usb 6-1: USB disconnect, device number 29
[  509.919129][   T60] usblp0: removed
[  510.337452][   T60] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  510.577474][   T60] usb 6-1: Using ep0 maxpacket: 32
[  510.583919][   T60] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  510.586541][   T60] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  510.589570][   T60] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  510.592995][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  510.596220][   T60] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  510.599311][   T60] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  510.603189][   T60] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  510.605859][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.613540][   T60] usb 6-1: config 0 descriptor??
[  510.637460][ T5987] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  510.637490][ T5987] Bluetooth: hci0: adv larger than maximum supported
[  510.640069][ T5987] Bluetooth: hci0: Malformed LE Event: 0x0d
[  510.653579][T16372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2942'.
[  510.980897][T16374] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer.
[  511.039440][   T60] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  511.364541][   T60] usb 6-1: USB disconnect, device number 30
[  511.366959][   T60] usblp0: removed
[  511.554522][T16384] netlink: 'syz.2.2945': attribute type 3 has an invalid length.
[  511.564781][T16384] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2945'.
[  511.827843][   T60] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  511.946337][T16396] netlink: 'syz.3.2949': attribute type 3 has an invalid length.
[  511.948738][T16396] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2949'.
[  511.998764][   T60] usb 7-1: config index 0 descriptor too short (expected 45863, got 27)
[  512.001368][   T60] usb 7-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  512.004110][   T60] usb 7-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  512.008207][   T60] usb 7-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  512.012658][   T60] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  512.015481][   T60] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  512.018051][   T60] usb 7-1: Product: syz
[  512.019347][   T60] usb 7-1: Manufacturer: syz
[  512.020803][   T60] usb 7-1: SerialNumber: syz
[  512.132828][T16398] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  512.135381][T16398] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  512.139940][T16398] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  512.143480][T16398] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  512.145908][T16398] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  512.148785][T16398] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  512.151705][T16398] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  512.153743][T16398] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  512.156260][T16398] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  512.158768][T16398] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  512.160840][T16398] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  512.164660][T16398] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  512.212632][T16402] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2951'.
[  512.215507][T16402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2951'.
[  512.322830][T16406] netlink: 'syz.0.2952': attribute type 1 has an invalid length.
[  512.325351][T16406] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2952'.
[  512.407331][   T59] usb 8-1: new full-speed USB device number 34 using dummy_hcd
[  512.560078][   T59] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  512.564345][   T59] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  512.569655][   T59] usb 8-1: New USB device found, idVendor=0480, idProduct=fd88, bcdDevice= 0.85
[  512.573317][   T59] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.577529][   T59] usb 8-1: config 0 descriptor??
[  512.580289][T16400] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  512.849386][T16400] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2950'.
[  514.067295][ T5987] Bluetooth: hci4: command 0x0c1a tx timeout
[  514.147365][ T5987] Bluetooth: hci1: command 0x0c1a tx timeout
[  514.227353][ T5987] Bluetooth: hci0: command 0x0c1a tx timeout
[  514.227363][T14609] Bluetooth: hci3: command 0x0c1a tx timeout
[  514.504026][  T841] hid_parser_main: 73 callbacks suppressed
[  514.504038][  T841] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  514.510638][  T841] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  514.593312][T16435] comedi comedi3: c6xdigio: I/O port conflict (0x4f2b,3)
[  514.600216][T16435] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2959'.
[  514.620106][   T60] usb 7-1: USB disconnect, device number 37
[  515.674836][T16466] netlink: 'syz.1.2967': attribute type 3 has an invalid length.
[  515.677612][T16466] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2967'.
[  515.800209][T16469] binder: 16468:16469 ioctl c0306201 80000080 returned -14
[  515.805107][T16469] binder: 16468:16469 ioctl c0306201 80000180 returned -14
[  516.067263][   T60] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  516.132127][T16483] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  516.147225][T14609] Bluetooth: hci4: command 0x0c1a tx timeout
[  516.219258][   T60] usb 6-1: config index 0 descriptor too short (expected 45863, got 27)
[  516.221944][   T60] usb 6-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  516.225386][   T60] usb 6-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  516.227734][T14609] Bluetooth: hci1: command 0x0c1a tx timeout
[  516.230182][   T60] usb 6-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  516.243941][   T60] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  516.248964][   T60] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  516.251562][   T60] usb 6-1: Product: syz
[  516.252885][   T60] usb 6-1: Manufacturer: syz
[  516.259639][   T60] usb 6-1: SerialNumber: syz
[  516.307330][T14609] Bluetooth: hci0: command 0x0c1a tx timeout
[  516.318023][T14609] Bluetooth: hci3: command 0x0c1a tx timeout
[  517.589247][   T59] usbhid 8-1:0.0: can't add hid device: -32
[  517.591347][   T59] usbhid 8-1:0.0: probe with driver usbhid failed with error -32
[  517.810749][T16517] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  518.227114][T14609] Bluetooth: hci4: command 0x0c1a tx timeout
[  518.272973][T16522] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  518.307423][T14609] Bluetooth: hci1: command 0x0c1a tx timeout
[  518.321367][T16528] netlink: 'syz.2.2988': attribute type 3 has an invalid length.
[  518.324141][T16528] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2988'.
[  518.387036][T14609] Bluetooth: hci3: command 0x0c1a tx timeout
[  518.387058][ T5987] Bluetooth: hci0: command 0x0c1a tx timeout
[  518.855976][   T60] usb 6-1: USB disconnect, device number 31
[  518.859707][   T59] usb 8-1: USB disconnect, device number 34
[  519.143932][T16550] batadv_slave_1: entered promiscuous mode
[  519.229067][T16549] batadv_slave_1: left promiscuous mode
[  519.406790][T16559] netlink: 'syz.1.2998': attribute type 3 has an invalid length.
[  519.409462][T16559] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2998'.
[  520.041403][T16576] fuse: Bad value for 'fd'
[  520.086441][T16569] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  520.088682][T16569] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  520.090776][T16569] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  520.092752][T16569] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  520.207018][   T60] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  520.416853][   T60] usb 7-1: config index 0 descriptor too short (expected 45863, got 27)
[  520.419512][   T60] usb 7-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  520.422289][   T60] usb 7-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  520.425580][   T60] usb 7-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  520.550283][   T60] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  520.553178][   T60] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  520.555743][   T60] usb 7-1: Product: syz
[  520.560438][   T60] usb 7-1: Manufacturer: syz
[  520.561967][   T60] usb 7-1: SerialNumber: syz
[  522.067310][ T5987] Bluetooth: hci4: command 0x0c1a tx timeout
[  522.156986][ T5987] Bluetooth: hci0: command 0x0c1a tx timeout
[  522.157135][T14609] Bluetooth: hci3: command 0x0c1a tx timeout
[  522.157149][T14838] Bluetooth: hci1: command 0x0c1a tx timeout
[  522.416111][T16617] fuse: Bad value for 'group_id'
[  522.417832][T16617] fuse: Bad value for 'group_id'
[  522.983687][   T60] usb 7-1: USB disconnect, device number 38
[  523.552249][T16639] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3021'.
[  523.980971][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.983462][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.093031][T16652] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3024'.
[  524.096007][T16652] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  524.889955][T16671] fuse: Unknown parameter 'fd�?�WՁ0�? '
[  526.927967][T16738] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3045'.
[  528.387511][   T29] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  540.265805][   T29] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  540.335830][ T8102] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  540.416807][   T29] usb 6-1: config index 0 descriptor too short (expected 45863, got 27)
[  540.419518][   T29] usb 6-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  540.422320][   T29] usb 6-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  540.425628][   T29] usb 6-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  540.430011][   T29] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  540.432901][   T29] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  540.435536][   T29] usb 6-1: Product: syz
[  540.437016][   T29] usb 6-1: Manufacturer: syz
[  540.438538][   T29] usb 6-1: SerialNumber: syz
[  540.487109][ T8102] usb 8-1: config index 0 descriptor too short (expected 45863, got 27)
[  540.489837][ T8102] usb 8-1: config 117 has too many interfaces: 71, using maximum allowed: 32
[  540.492715][ T8102] usb 8-1: config 117 has an invalid descriptor of length 126, skipping remainder of the config
[  540.496122][ T8102] usb 8-1: config 117 has 0 interfaces, different from the descriptor's value: 71
[  540.500626][ T8102] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  540.503568][ T8102] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  540.506262][ T8102] usb 8-1: Product: syz
[  540.507651][ T8102] usb 8-1: Manufacturer: syz
[  540.509182][ T8102] usb 8-1: SerialNumber: syz
[  541.237877][T16789] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3051'.
[  541.237986][T16788] netlink: 'syz.2.3053': attribute type 3 has an invalid length.
[  541.243320][T16788] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3053'.
[  541.263941][T16791] netlink: 'syz.2.3054': attribute type 3 has an invalid length.
[  541.267131][T16791] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3054'.
[  541.287430][   T59] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  541.294213][   T59] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  541.367655][T16793] comedi comedi3: c6xdigio: I/O port conflict (0x4f2b,3)
[  541.369902][T16793] ------------[ cut here ]------------
[  541.371641][T16793] kernfs: can not remove 'bind', no directory
[  541.373682][T16793] WARNING: CPU: 0 PID: 16793 at fs/kernfs/dir.c:1706 kernfs_remove_by_name_ns+0xff/0x110
[  541.376787][T16793] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  541.378088][T16793] CPU: 0 UID: 0 PID: 16793 Comm: syz.2.3055 Not tainted syzkaller #0 PREEMPT(full) 
[  541.381432][T16793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.386460][T16793] RIP: 0010:kernfs_remove_by_name_ns+0xff/0x110
[  541.388459][T16793] Code: 48 89 df 31 db e8 61 a2 ff ff 48 89 ef e8 59 0c 37 ff eb b1 e8 42 7d 5b ff 90 48 c7 c7 80 56 c3 8b 4c 89 e6 e8 82 70 1a ff 90 <0f> 0b 90 90 eb b4 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  541.394510][T16793] RSP: 0018:ffffc9000396f700 EFLAGS: 00010282
[  541.396617][T16793] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90033804000
[  541.399240][T16793] RDX: 0000000000080000 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  541.401735][T16793] RBP: ffffffff8f503ba0 R08: 0000000000000001 R09: 0000000000000000
[  541.404241][T16793] R10: 0000000000000000 R11: 203a73666e72656b R12: ffffffff8c426de0
[  541.406892][T16793] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888044801800
[  541.409614][T16793] FS:  0000000000000000(0000) GS:ffff8880974c4000(0063) knlGS:00000000f5516b40
[  541.412423][T16793] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  541.414618][T16793] CR2: 000000002de13ff8 CR3: 000000005c9f0000 CR4: 0000000000352ef0
[  541.417263][T16793] Call Trace:
[  541.418338][T16793]  <TASK>
[  541.419303][T16793]  driver_remove_file+0x4a/0x60
[  541.420853][T16793]  bus_remove_driver+0x224/0x2c0
[  541.422428][T16793]  driver_unregister+0x76/0xb0
[  541.423986][T16793]  comedi_device_detach_locked+0x12c/0xa50
[  541.425982][T16793]  comedi_device_detach+0x67/0xb0
[  541.427709][T16793]  comedi_device_attach+0x43d/0x900
[  541.429358][T16793]  do_devconfig_ioctl+0x1b1/0x710
[  541.430965][T16793]  ? __mutex_lock+0x1c5/0x1060
[  541.432492][T16793]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  541.434272][T16793]  ? kasan_save_stack+0x42/0x60
[  541.435886][T16793]  ? kasan_save_stack+0x33/0x60
[  541.437468][T16793]  ? kasan_save_track+0x14/0x30
[  541.439034][T16793]  ? kasan_save_free_info+0x3b/0x60
[  541.440816][T16793]  ? __kasan_slab_free+0x60/0x70
[  541.442418][T16793]  ? kfree+0x2b4/0x4d0
[  541.443777][T16793]  ? tomoyo_path_number_perm+0x470/0x580
[  541.445556][T16793]  comedi_unlocked_ioctl+0x165d/0x2f00
[  541.447353][T16793]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  541.449193][T16793]  ? rcu_is_watching+0x12/0xc0
[  541.450731][T16793]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  541.452608][T16793]  ? tomoyo_path_number_perm+0x295/0x580
[  541.454422][T16793]  ? rcu_is_watching+0x12/0xc0
[  541.456011][T16793]  ? lock_release+0x201/0x2f0
[  541.457531][T16793]  ? tomoyo_path_number_perm+0x18d/0x580
[  541.459317][T16793]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  541.461215][T16793]  comedi_compat_ioctl+0x1d0/0x990
[  541.462835][T16793]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  541.464622][T16793]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  541.466529][T16793]  ? do_vfs_ioctl+0x128/0x14f0
[  541.468037][T16793]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  541.469629][T16793]  ? rcu_is_watching+0x12/0xc0
[  541.471202][T16793]  ? __fget_files+0x204/0x3c0
[  541.472684][T16793]  ? hook_file_ioctl_common+0x145/0x410
[  541.474433][T16793]  ? __fget_files+0x20e/0x3c0
[  541.476016][T16793]  ? __ia32_compat_sys_openat+0xf0/0x210
[  541.477765][T16793]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  541.479745][T16793]  __ia32_compat_sys_ioctl+0x23f/0x370
[  541.481446][T16793]  __do_fast_syscall_32+0x7c/0x3a0
[  541.483094][T16793]  do_fast_syscall_32+0x32/0x80
[  541.484775][T16793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  541.487298][T16793] RIP: 0023:0xf7ff8579
[  541.488619][T16793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  541.494901][T16793] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  541.497564][T16793] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040946400
[  541.500009][T16793] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  541.502488][T16793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  541.504993][T16793] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  541.507580][T16793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  541.510065][T16793]  </TASK>
[  541.511102][T16793] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  541.513364][T16793] CPU: 0 UID: 0 PID: 16793 Comm: syz.2.3055 Not tainted syzkaller #0 PREEMPT(full) 
[  541.516231][T16793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.519553][T16793] Call Trace:
[  541.520652][T16793]  <TASK>
[  541.521597][T16793]  dump_stack_lvl+0x3d/0x1f0
[  541.523141][T16793]  vpanic+0x6e8/0x7a0
[  541.524435][T16793]  ? __pfx_vpanic+0x10/0x10
[  541.525854][T16793]  ? kernfs_remove_by_name_ns+0xff/0x110
[  541.527615][T16793]  panic+0xca/0xd0
[  541.528791][T16793]  ? __pfx_panic+0x10/0x10
[  541.530188][T16793]  check_panic_on_warn+0xab/0xb0
[  541.531761][T16793]  __warn+0xf6/0x3c0
[  541.533020][T16793]  ? __pfx_vprintk_emit+0x10/0x10
[  541.534613][T16793]  ? kernfs_remove_by_name_ns+0xff/0x110
[  541.536363][T16793]  report_bug+0x3c3/0x580
[  541.537722][T16793]  ? kernfs_remove_by_name_ns+0xff/0x110
[  541.539502][T16793]  handle_bug+0x184/0x210
[  541.540903][T16793]  exc_invalid_op+0x17/0x50
[  541.542329][T16793]  asm_exc_invalid_op+0x1a/0x20
[  541.544034][T16793] RIP: 0010:kernfs_remove_by_name_ns+0xff/0x110
[  541.546067][T16793] Code: 48 89 df 31 db e8 61 a2 ff ff 48 89 ef e8 59 0c 37 ff eb b1 e8 42 7d 5b ff 90 48 c7 c7 80 56 c3 8b 4c 89 e6 e8 82 70 1a ff 90 <0f> 0b 90 90 eb b4 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  541.552165][T16793] RSP: 0018:ffffc9000396f700 EFLAGS: 00010282
[  541.554106][T16793] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90033804000
[  541.556572][T16793] RDX: 0000000000080000 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  541.559026][T16793] RBP: ffffffff8f503ba0 R08: 0000000000000001 R09: 0000000000000000
[  541.561510][T16793] R10: 0000000000000000 R11: 203a73666e72656b R12: ffffffff8c426de0
[  541.564030][T16793] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888044801800
[  541.566466][T16793]  ? __warn_printk+0x1a5/0x350
[  541.567994][T16793]  driver_remove_file+0x4a/0x60
[  541.569545][T16793]  bus_remove_driver+0x224/0x2c0
[  541.571139][T16793]  driver_unregister+0x76/0xb0
[  541.572626][T16793]  comedi_device_detach_locked+0x12c/0xa50
[  541.574449][T16793]  comedi_device_detach+0x67/0xb0
[  541.576079][T16793]  comedi_device_attach+0x43d/0x900
[  541.577729][T16793]  do_devconfig_ioctl+0x1b1/0x710
[  541.579283][T16793]  ? __mutex_lock+0x1c5/0x1060
[  541.580761][T16793]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  541.582461][T16793]  ? kasan_save_stack+0x42/0x60
[  541.583994][T16793]  ? kasan_save_stack+0x33/0x60
[  541.585483][T16793]  ? kasan_save_track+0x14/0x30
[  541.587023][T16793]  ? kasan_save_free_info+0x3b/0x60
[  541.588619][T16793]  ? __kasan_slab_free+0x60/0x70
[  541.590181][T16793]  ? kfree+0x2b4/0x4d0
[  541.591467][T16793]  ? tomoyo_path_number_perm+0x470/0x580
[  541.593198][T16793]  comedi_unlocked_ioctl+0x165d/0x2f00
[  541.594857][T16793]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  541.596696][T16793]  ? rcu_is_watching+0x12/0xc0
[  541.598221][T16793]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  541.600137][T16793]  ? tomoyo_path_number_perm+0x295/0x580
[  541.601909][T16793]  ? rcu_is_watching+0x12/0xc0
[  541.603440][T16793]  ? lock_release+0x201/0x2f0
[  541.604916][T16793]  ? tomoyo_path_number_perm+0x18d/0x580
[  541.606661][T16793]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  541.608528][T16793]  comedi_compat_ioctl+0x1d0/0x990
[  541.610147][T16793]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  541.611896][T16793]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  541.613731][T16793]  ? do_vfs_ioctl+0x128/0x14f0
[  541.615240][T16793]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  541.616813][T16793]  ? rcu_is_watching+0x12/0xc0
[  541.618310][T16793]  ? __fget_files+0x204/0x3c0
[  541.619785][T16793]  ? hook_file_ioctl_common+0x145/0x410
[  541.621531][T16793]  ? __fget_files+0x20e/0x3c0
[  541.622989][T16793]  ? __ia32_compat_sys_openat+0xf0/0x210
[  541.624862][T16793]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  541.626676][T16793]  __ia32_compat_sys_ioctl+0x23f/0x370
[  541.628474][T16793]  __do_fast_syscall_32+0x7c/0x3a0
[  541.630104][T16793]  do_fast_syscall_32+0x32/0x80
[  541.631622][T16793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  541.633576][T16793] RIP: 0023:0xf7ff8579
[  541.634847][T16793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  541.640810][T16793] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  541.643433][T16793] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040946400
[  541.645895][T16793] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  541.648281][T16793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  541.650642][T16793] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  541.653029][T16793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  541.655425][T16793]  </TASK>
[  541.657121][T16793] Kernel Offset: disabled
[  541.658444][T16793] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:23:32  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616b45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc9000396f0a8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=5128204350206148
R12=0000000000000000 R13=0000000000000037 R14=ffffffff9b0f8640 R15=ffffffff85616ae0
RIP=ffffffff85616b6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002de13ff8 CR3=000000005c9f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffffffff8e5c1060 RCX=ffffc90003280001 RDX=ffffc9000327f320
RSI=ffffffff816ab8a4 RDI=ffffffff8e5c1060 RBP=0000000000000001 RSP=ffffc9000327f020
R8 =0000000000000001 R9 =0000000000000000 R10=ffffc9000327f0d8 R11=0000000000012a65
R12=ffffffff816ab8a4 R13=ffffc9000327f0d8 R14=ffffc9000327f318 R15=ffffc9000327f10c
RIP=ffffffff819759e2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f16e40 CR3=000000006845f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000b86614 RBX=0000000000000002 RCX=ffffffff8b908bf9 RDX=ffffed1005686656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bdf910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000001
R12=0000000000000002 R13=ffff88801defc880 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055dba93561f8 CR3=000000004c7a4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000bf7 0000001800000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0302880800020800 140800060070ea3a 0000039600000013 0000000100000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c010dfa0008000f ffffffff02010800 06015ca80008000f ffffffff02340800
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060102ba38080000 0201000000080606 0101bc0008003003 0204900020030004
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9000100300048800 080302b8c6048400 0403140400000318 080009800201e408
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002880800010000 0008060a016dca40 0400099003000800 0988030008000980
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000201778a000800 0fffffffff0201c0 0800000800010800 0a0169e604800200
ZMM25=9bc09a1c9bc09a1c 9bc09a1c9bc09a1c 9bc09a1c9bc09a1c 9bc09a1c9bc09a1c 9bc09a1c9bc09a1c 9bc09a1c9bc09a1c 9bc09a1c9bc09a1c 9bc09a1c9bc09a1c
ZMM26=f7651140f7651140 f7651140f7651140 f7651140f7651140 f7651140f7651140 f7651140f7651140 f7651140f7651140 f7651140f7651140 f7651140f7651140
ZMM27=4f09416a4f09416a 4f09416a4f09416a 4f09416a4f09416a 4f09416a4f09416a 4f09416a4f09416a 4f09416a4f09416a 4f09416a4f09416a 4f09416a4f09416a
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=5418000054180000 5418000054180000 5418000054180000 5418000054180000 5418000054180000 5418000054180000 5418000054180000 5418000054180000
info registers vcpu 3

CPU#3
RAX=000000000094e78c RBX=0000000000000003 RCX=ffffffff8b908bf9 RDX=ffffed10056a6656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003863000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801c318000 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002de16ff8 CR3=0000000059e5b000 CR4=00352ef0
DR0=0000040000000000 DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000